Loading...
1/*
2 * drivers/net/wireless/mwl8k.c
3 * Driver for Marvell TOPDOG 802.11 Wireless cards
4 *
5 * Copyright (C) 2008, 2009, 2010 Marvell Semiconductor Inc.
6 *
7 * This file is licensed under the terms of the GNU General Public
8 * License version 2. This program is licensed "as is" without any
9 * warranty of any kind, whether express or implied.
10 */
11
12#include <linux/init.h>
13#include <linux/interrupt.h>
14#include <linux/module.h>
15#include <linux/kernel.h>
16#include <linux/sched.h>
17#include <linux/spinlock.h>
18#include <linux/list.h>
19#include <linux/pci.h>
20#include <linux/delay.h>
21#include <linux/completion.h>
22#include <linux/etherdevice.h>
23#include <linux/slab.h>
24#include <net/mac80211.h>
25#include <linux/moduleparam.h>
26#include <linux/firmware.h>
27#include <linux/workqueue.h>
28
29#define MWL8K_DESC "Marvell TOPDOG(R) 802.11 Wireless Network Driver"
30#define MWL8K_NAME KBUILD_MODNAME
31#define MWL8K_VERSION "0.12"
32
33/* Module parameters */
34static unsigned ap_mode_default;
35module_param(ap_mode_default, bool, 0);
36MODULE_PARM_DESC(ap_mode_default,
37 "Set to 1 to make ap mode the default instead of sta mode");
38
39/* Register definitions */
40#define MWL8K_HIU_GEN_PTR 0x00000c10
41#define MWL8K_MODE_STA 0x0000005a
42#define MWL8K_MODE_AP 0x000000a5
43#define MWL8K_HIU_INT_CODE 0x00000c14
44#define MWL8K_FWSTA_READY 0xf0f1f2f4
45#define MWL8K_FWAP_READY 0xf1f2f4a5
46#define MWL8K_INT_CODE_CMD_FINISHED 0x00000005
47#define MWL8K_HIU_SCRATCH 0x00000c40
48
49/* Host->device communications */
50#define MWL8K_HIU_H2A_INTERRUPT_EVENTS 0x00000c18
51#define MWL8K_HIU_H2A_INTERRUPT_STATUS 0x00000c1c
52#define MWL8K_HIU_H2A_INTERRUPT_MASK 0x00000c20
53#define MWL8K_HIU_H2A_INTERRUPT_CLEAR_SEL 0x00000c24
54#define MWL8K_HIU_H2A_INTERRUPT_STATUS_MASK 0x00000c28
55#define MWL8K_H2A_INT_DUMMY (1 << 20)
56#define MWL8K_H2A_INT_RESET (1 << 15)
57#define MWL8K_H2A_INT_DOORBELL (1 << 1)
58#define MWL8K_H2A_INT_PPA_READY (1 << 0)
59
60/* Device->host communications */
61#define MWL8K_HIU_A2H_INTERRUPT_EVENTS 0x00000c2c
62#define MWL8K_HIU_A2H_INTERRUPT_STATUS 0x00000c30
63#define MWL8K_HIU_A2H_INTERRUPT_MASK 0x00000c34
64#define MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL 0x00000c38
65#define MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK 0x00000c3c
66#define MWL8K_A2H_INT_DUMMY (1 << 20)
67#define MWL8K_A2H_INT_BA_WATCHDOG (1 << 14)
68#define MWL8K_A2H_INT_CHNL_SWITCHED (1 << 11)
69#define MWL8K_A2H_INT_QUEUE_EMPTY (1 << 10)
70#define MWL8K_A2H_INT_RADAR_DETECT (1 << 7)
71#define MWL8K_A2H_INT_RADIO_ON (1 << 6)
72#define MWL8K_A2H_INT_RADIO_OFF (1 << 5)
73#define MWL8K_A2H_INT_MAC_EVENT (1 << 3)
74#define MWL8K_A2H_INT_OPC_DONE (1 << 2)
75#define MWL8K_A2H_INT_RX_READY (1 << 1)
76#define MWL8K_A2H_INT_TX_DONE (1 << 0)
77
78/* HW micro second timer register
79 * located at offset 0xA600. This
80 * will be used to timestamp tx
81 * packets.
82 */
83
84#define MWL8K_HW_TIMER_REGISTER 0x0000a600
85
86#define MWL8K_A2H_EVENTS (MWL8K_A2H_INT_DUMMY | \
87 MWL8K_A2H_INT_CHNL_SWITCHED | \
88 MWL8K_A2H_INT_QUEUE_EMPTY | \
89 MWL8K_A2H_INT_RADAR_DETECT | \
90 MWL8K_A2H_INT_RADIO_ON | \
91 MWL8K_A2H_INT_RADIO_OFF | \
92 MWL8K_A2H_INT_MAC_EVENT | \
93 MWL8K_A2H_INT_OPC_DONE | \
94 MWL8K_A2H_INT_RX_READY | \
95 MWL8K_A2H_INT_TX_DONE | \
96 MWL8K_A2H_INT_BA_WATCHDOG)
97
98#define MWL8K_RX_QUEUES 1
99#define MWL8K_TX_WMM_QUEUES 4
100#define MWL8K_MAX_AMPDU_QUEUES 8
101#define MWL8K_MAX_TX_QUEUES (MWL8K_TX_WMM_QUEUES + MWL8K_MAX_AMPDU_QUEUES)
102#define mwl8k_tx_queues(priv) (MWL8K_TX_WMM_QUEUES + (priv)->num_ampdu_queues)
103
104struct rxd_ops {
105 int rxd_size;
106 void (*rxd_init)(void *rxd, dma_addr_t next_dma_addr);
107 void (*rxd_refill)(void *rxd, dma_addr_t addr, int len);
108 int (*rxd_process)(void *rxd, struct ieee80211_rx_status *status,
109 __le16 *qos, s8 *noise);
110};
111
112struct mwl8k_device_info {
113 char *part_name;
114 char *helper_image;
115 char *fw_image_sta;
116 char *fw_image_ap;
117 struct rxd_ops *ap_rxd_ops;
118 u32 fw_api_ap;
119};
120
121struct mwl8k_rx_queue {
122 int rxd_count;
123
124 /* hw receives here */
125 int head;
126
127 /* refill descs here */
128 int tail;
129
130 void *rxd;
131 dma_addr_t rxd_dma;
132 struct {
133 struct sk_buff *skb;
134 DEFINE_DMA_UNMAP_ADDR(dma);
135 } *buf;
136};
137
138struct mwl8k_tx_queue {
139 /* hw transmits here */
140 int head;
141
142 /* sw appends here */
143 int tail;
144
145 unsigned int len;
146 struct mwl8k_tx_desc *txd;
147 dma_addr_t txd_dma;
148 struct sk_buff **skb;
149};
150
151enum {
152 AMPDU_NO_STREAM,
153 AMPDU_STREAM_NEW,
154 AMPDU_STREAM_IN_PROGRESS,
155 AMPDU_STREAM_ACTIVE,
156};
157
158struct mwl8k_ampdu_stream {
159 struct ieee80211_sta *sta;
160 u8 tid;
161 u8 state;
162 u8 idx;
163 u8 txq_idx; /* index of this stream in priv->txq */
164};
165
166struct mwl8k_priv {
167 struct ieee80211_hw *hw;
168 struct pci_dev *pdev;
169 int irq;
170
171 struct mwl8k_device_info *device_info;
172
173 void __iomem *sram;
174 void __iomem *regs;
175
176 /* firmware */
177 const struct firmware *fw_helper;
178 const struct firmware *fw_ucode;
179
180 /* hardware/firmware parameters */
181 bool ap_fw;
182 struct rxd_ops *rxd_ops;
183 struct ieee80211_supported_band band_24;
184 struct ieee80211_channel channels_24[14];
185 struct ieee80211_rate rates_24[14];
186 struct ieee80211_supported_band band_50;
187 struct ieee80211_channel channels_50[4];
188 struct ieee80211_rate rates_50[9];
189 u32 ap_macids_supported;
190 u32 sta_macids_supported;
191
192 /* Ampdu stream information */
193 u8 num_ampdu_queues;
194 spinlock_t stream_lock;
195 struct mwl8k_ampdu_stream ampdu[MWL8K_MAX_AMPDU_QUEUES];
196 struct work_struct watchdog_ba_handle;
197
198 /* firmware access */
199 struct mutex fw_mutex;
200 struct task_struct *fw_mutex_owner;
201 int fw_mutex_depth;
202 struct completion *hostcmd_wait;
203
204 /* lock held over TX and TX reap */
205 spinlock_t tx_lock;
206
207 /* TX quiesce completion, protected by fw_mutex and tx_lock */
208 struct completion *tx_wait;
209
210 /* List of interfaces. */
211 u32 macids_used;
212 struct list_head vif_list;
213
214 /* power management status cookie from firmware */
215 u32 *cookie;
216 dma_addr_t cookie_dma;
217
218 u16 num_mcaddrs;
219 u8 hw_rev;
220 u32 fw_rev;
221
222 /*
223 * Running count of TX packets in flight, to avoid
224 * iterating over the transmit rings each time.
225 */
226 int pending_tx_pkts;
227
228 struct mwl8k_rx_queue rxq[MWL8K_RX_QUEUES];
229 struct mwl8k_tx_queue txq[MWL8K_MAX_TX_QUEUES];
230 u32 txq_offset[MWL8K_MAX_TX_QUEUES];
231
232 bool radio_on;
233 bool radio_short_preamble;
234 bool sniffer_enabled;
235 bool wmm_enabled;
236
237 /* XXX need to convert this to handle multiple interfaces */
238 bool capture_beacon;
239 u8 capture_bssid[ETH_ALEN];
240 struct sk_buff *beacon_skb;
241
242 /*
243 * This FJ worker has to be global as it is scheduled from the
244 * RX handler. At this point we don't know which interface it
245 * belongs to until the list of bssids waiting to complete join
246 * is checked.
247 */
248 struct work_struct finalize_join_worker;
249
250 /* Tasklet to perform TX reclaim. */
251 struct tasklet_struct poll_tx_task;
252
253 /* Tasklet to perform RX. */
254 struct tasklet_struct poll_rx_task;
255
256 /* Most recently reported noise in dBm */
257 s8 noise;
258
259 /*
260 * preserve the queue configurations so they can be restored if/when
261 * the firmware image is swapped.
262 */
263 struct ieee80211_tx_queue_params wmm_params[MWL8K_TX_WMM_QUEUES];
264
265 /* async firmware loading state */
266 unsigned fw_state;
267 char *fw_pref;
268 char *fw_alt;
269 struct completion firmware_loading_complete;
270};
271
272#define MAX_WEP_KEY_LEN 13
273#define NUM_WEP_KEYS 4
274
275/* Per interface specific private data */
276struct mwl8k_vif {
277 struct list_head list;
278 struct ieee80211_vif *vif;
279
280 /* Firmware macid for this vif. */
281 int macid;
282
283 /* Non AMPDU sequence number assigned by driver. */
284 u16 seqno;
285
286 /* Saved WEP keys */
287 struct {
288 u8 enabled;
289 u8 key[sizeof(struct ieee80211_key_conf) + MAX_WEP_KEY_LEN];
290 } wep_key_conf[NUM_WEP_KEYS];
291
292 /* BSSID */
293 u8 bssid[ETH_ALEN];
294
295 /* A flag to indicate is HW crypto is enabled for this bssid */
296 bool is_hw_crypto_enabled;
297};
298#define MWL8K_VIF(_vif) ((struct mwl8k_vif *)&((_vif)->drv_priv))
299#define IEEE80211_KEY_CONF(_u8) ((struct ieee80211_key_conf *)(_u8))
300
301struct tx_traffic_info {
302 u32 start_time;
303 u32 pkts;
304};
305
306#define MWL8K_MAX_TID 8
307struct mwl8k_sta {
308 /* Index into station database. Returned by UPDATE_STADB. */
309 u8 peer_id;
310 u8 is_ampdu_allowed;
311 struct tx_traffic_info tx_stats[MWL8K_MAX_TID];
312};
313#define MWL8K_STA(_sta) ((struct mwl8k_sta *)&((_sta)->drv_priv))
314
315static const struct ieee80211_channel mwl8k_channels_24[] = {
316 { .center_freq = 2412, .hw_value = 1, },
317 { .center_freq = 2417, .hw_value = 2, },
318 { .center_freq = 2422, .hw_value = 3, },
319 { .center_freq = 2427, .hw_value = 4, },
320 { .center_freq = 2432, .hw_value = 5, },
321 { .center_freq = 2437, .hw_value = 6, },
322 { .center_freq = 2442, .hw_value = 7, },
323 { .center_freq = 2447, .hw_value = 8, },
324 { .center_freq = 2452, .hw_value = 9, },
325 { .center_freq = 2457, .hw_value = 10, },
326 { .center_freq = 2462, .hw_value = 11, },
327 { .center_freq = 2467, .hw_value = 12, },
328 { .center_freq = 2472, .hw_value = 13, },
329 { .center_freq = 2484, .hw_value = 14, },
330};
331
332static const struct ieee80211_rate mwl8k_rates_24[] = {
333 { .bitrate = 10, .hw_value = 2, },
334 { .bitrate = 20, .hw_value = 4, },
335 { .bitrate = 55, .hw_value = 11, },
336 { .bitrate = 110, .hw_value = 22, },
337 { .bitrate = 220, .hw_value = 44, },
338 { .bitrate = 60, .hw_value = 12, },
339 { .bitrate = 90, .hw_value = 18, },
340 { .bitrate = 120, .hw_value = 24, },
341 { .bitrate = 180, .hw_value = 36, },
342 { .bitrate = 240, .hw_value = 48, },
343 { .bitrate = 360, .hw_value = 72, },
344 { .bitrate = 480, .hw_value = 96, },
345 { .bitrate = 540, .hw_value = 108, },
346 { .bitrate = 720, .hw_value = 144, },
347};
348
349static const struct ieee80211_channel mwl8k_channels_50[] = {
350 { .center_freq = 5180, .hw_value = 36, },
351 { .center_freq = 5200, .hw_value = 40, },
352 { .center_freq = 5220, .hw_value = 44, },
353 { .center_freq = 5240, .hw_value = 48, },
354};
355
356static const struct ieee80211_rate mwl8k_rates_50[] = {
357 { .bitrate = 60, .hw_value = 12, },
358 { .bitrate = 90, .hw_value = 18, },
359 { .bitrate = 120, .hw_value = 24, },
360 { .bitrate = 180, .hw_value = 36, },
361 { .bitrate = 240, .hw_value = 48, },
362 { .bitrate = 360, .hw_value = 72, },
363 { .bitrate = 480, .hw_value = 96, },
364 { .bitrate = 540, .hw_value = 108, },
365 { .bitrate = 720, .hw_value = 144, },
366};
367
368/* Set or get info from Firmware */
369#define MWL8K_CMD_GET 0x0000
370#define MWL8K_CMD_SET 0x0001
371#define MWL8K_CMD_SET_LIST 0x0002
372
373/* Firmware command codes */
374#define MWL8K_CMD_CODE_DNLD 0x0001
375#define MWL8K_CMD_GET_HW_SPEC 0x0003
376#define MWL8K_CMD_SET_HW_SPEC 0x0004
377#define MWL8K_CMD_MAC_MULTICAST_ADR 0x0010
378#define MWL8K_CMD_GET_STAT 0x0014
379#define MWL8K_CMD_RADIO_CONTROL 0x001c
380#define MWL8K_CMD_RF_TX_POWER 0x001e
381#define MWL8K_CMD_TX_POWER 0x001f
382#define MWL8K_CMD_RF_ANTENNA 0x0020
383#define MWL8K_CMD_SET_BEACON 0x0100 /* per-vif */
384#define MWL8K_CMD_SET_PRE_SCAN 0x0107
385#define MWL8K_CMD_SET_POST_SCAN 0x0108
386#define MWL8K_CMD_SET_RF_CHANNEL 0x010a
387#define MWL8K_CMD_SET_AID 0x010d
388#define MWL8K_CMD_SET_RATE 0x0110
389#define MWL8K_CMD_SET_FINALIZE_JOIN 0x0111
390#define MWL8K_CMD_RTS_THRESHOLD 0x0113
391#define MWL8K_CMD_SET_SLOT 0x0114
392#define MWL8K_CMD_SET_EDCA_PARAMS 0x0115
393#define MWL8K_CMD_SET_WMM_MODE 0x0123
394#define MWL8K_CMD_MIMO_CONFIG 0x0125
395#define MWL8K_CMD_USE_FIXED_RATE 0x0126
396#define MWL8K_CMD_ENABLE_SNIFFER 0x0150
397#define MWL8K_CMD_SET_MAC_ADDR 0x0202 /* per-vif */
398#define MWL8K_CMD_SET_RATEADAPT_MODE 0x0203
399#define MWL8K_CMD_GET_WATCHDOG_BITMAP 0x0205
400#define MWL8K_CMD_BSS_START 0x1100 /* per-vif */
401#define MWL8K_CMD_SET_NEW_STN 0x1111 /* per-vif */
402#define MWL8K_CMD_UPDATE_ENCRYPTION 0x1122 /* per-vif */
403#define MWL8K_CMD_UPDATE_STADB 0x1123
404#define MWL8K_CMD_BASTREAM 0x1125
405
406static const char *mwl8k_cmd_name(__le16 cmd, char *buf, int bufsize)
407{
408 u16 command = le16_to_cpu(cmd);
409
410#define MWL8K_CMDNAME(x) case MWL8K_CMD_##x: do {\
411 snprintf(buf, bufsize, "%s", #x);\
412 return buf;\
413 } while (0)
414 switch (command & ~0x8000) {
415 MWL8K_CMDNAME(CODE_DNLD);
416 MWL8K_CMDNAME(GET_HW_SPEC);
417 MWL8K_CMDNAME(SET_HW_SPEC);
418 MWL8K_CMDNAME(MAC_MULTICAST_ADR);
419 MWL8K_CMDNAME(GET_STAT);
420 MWL8K_CMDNAME(RADIO_CONTROL);
421 MWL8K_CMDNAME(RF_TX_POWER);
422 MWL8K_CMDNAME(TX_POWER);
423 MWL8K_CMDNAME(RF_ANTENNA);
424 MWL8K_CMDNAME(SET_BEACON);
425 MWL8K_CMDNAME(SET_PRE_SCAN);
426 MWL8K_CMDNAME(SET_POST_SCAN);
427 MWL8K_CMDNAME(SET_RF_CHANNEL);
428 MWL8K_CMDNAME(SET_AID);
429 MWL8K_CMDNAME(SET_RATE);
430 MWL8K_CMDNAME(SET_FINALIZE_JOIN);
431 MWL8K_CMDNAME(RTS_THRESHOLD);
432 MWL8K_CMDNAME(SET_SLOT);
433 MWL8K_CMDNAME(SET_EDCA_PARAMS);
434 MWL8K_CMDNAME(SET_WMM_MODE);
435 MWL8K_CMDNAME(MIMO_CONFIG);
436 MWL8K_CMDNAME(USE_FIXED_RATE);
437 MWL8K_CMDNAME(ENABLE_SNIFFER);
438 MWL8K_CMDNAME(SET_MAC_ADDR);
439 MWL8K_CMDNAME(SET_RATEADAPT_MODE);
440 MWL8K_CMDNAME(BSS_START);
441 MWL8K_CMDNAME(SET_NEW_STN);
442 MWL8K_CMDNAME(UPDATE_ENCRYPTION);
443 MWL8K_CMDNAME(UPDATE_STADB);
444 MWL8K_CMDNAME(BASTREAM);
445 MWL8K_CMDNAME(GET_WATCHDOG_BITMAP);
446 default:
447 snprintf(buf, bufsize, "0x%x", cmd);
448 }
449#undef MWL8K_CMDNAME
450
451 return buf;
452}
453
454/* Hardware and firmware reset */
455static void mwl8k_hw_reset(struct mwl8k_priv *priv)
456{
457 iowrite32(MWL8K_H2A_INT_RESET,
458 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
459 iowrite32(MWL8K_H2A_INT_RESET,
460 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
461 msleep(20);
462}
463
464/* Release fw image */
465static void mwl8k_release_fw(const struct firmware **fw)
466{
467 if (*fw == NULL)
468 return;
469 release_firmware(*fw);
470 *fw = NULL;
471}
472
473static void mwl8k_release_firmware(struct mwl8k_priv *priv)
474{
475 mwl8k_release_fw(&priv->fw_ucode);
476 mwl8k_release_fw(&priv->fw_helper);
477}
478
479/* states for asynchronous f/w loading */
480static void mwl8k_fw_state_machine(const struct firmware *fw, void *context);
481enum {
482 FW_STATE_INIT = 0,
483 FW_STATE_LOADING_PREF,
484 FW_STATE_LOADING_ALT,
485 FW_STATE_ERROR,
486};
487
488/* Request fw image */
489static int mwl8k_request_fw(struct mwl8k_priv *priv,
490 const char *fname, const struct firmware **fw,
491 bool nowait)
492{
493 /* release current image */
494 if (*fw != NULL)
495 mwl8k_release_fw(fw);
496
497 if (nowait)
498 return request_firmware_nowait(THIS_MODULE, 1, fname,
499 &priv->pdev->dev, GFP_KERNEL,
500 priv, mwl8k_fw_state_machine);
501 else
502 return request_firmware(fw, fname, &priv->pdev->dev);
503}
504
505static int mwl8k_request_firmware(struct mwl8k_priv *priv, char *fw_image,
506 bool nowait)
507{
508 struct mwl8k_device_info *di = priv->device_info;
509 int rc;
510
511 if (di->helper_image != NULL) {
512 if (nowait)
513 rc = mwl8k_request_fw(priv, di->helper_image,
514 &priv->fw_helper, true);
515 else
516 rc = mwl8k_request_fw(priv, di->helper_image,
517 &priv->fw_helper, false);
518 if (rc)
519 printk(KERN_ERR "%s: Error requesting helper fw %s\n",
520 pci_name(priv->pdev), di->helper_image);
521
522 if (rc || nowait)
523 return rc;
524 }
525
526 if (nowait) {
527 /*
528 * if we get here, no helper image is needed. Skip the
529 * FW_STATE_INIT state.
530 */
531 priv->fw_state = FW_STATE_LOADING_PREF;
532 rc = mwl8k_request_fw(priv, fw_image,
533 &priv->fw_ucode,
534 true);
535 } else
536 rc = mwl8k_request_fw(priv, fw_image,
537 &priv->fw_ucode, false);
538 if (rc) {
539 printk(KERN_ERR "%s: Error requesting firmware file %s\n",
540 pci_name(priv->pdev), fw_image);
541 mwl8k_release_fw(&priv->fw_helper);
542 return rc;
543 }
544
545 return 0;
546}
547
548struct mwl8k_cmd_pkt {
549 __le16 code;
550 __le16 length;
551 __u8 seq_num;
552 __u8 macid;
553 __le16 result;
554 char payload[0];
555} __packed;
556
557/*
558 * Firmware loading.
559 */
560static int
561mwl8k_send_fw_load_cmd(struct mwl8k_priv *priv, void *data, int length)
562{
563 void __iomem *regs = priv->regs;
564 dma_addr_t dma_addr;
565 int loops;
566
567 dma_addr = pci_map_single(priv->pdev, data, length, PCI_DMA_TODEVICE);
568 if (pci_dma_mapping_error(priv->pdev, dma_addr))
569 return -ENOMEM;
570
571 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR);
572 iowrite32(0, regs + MWL8K_HIU_INT_CODE);
573 iowrite32(MWL8K_H2A_INT_DOORBELL,
574 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
575 iowrite32(MWL8K_H2A_INT_DUMMY,
576 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
577
578 loops = 1000;
579 do {
580 u32 int_code;
581
582 int_code = ioread32(regs + MWL8K_HIU_INT_CODE);
583 if (int_code == MWL8K_INT_CODE_CMD_FINISHED) {
584 iowrite32(0, regs + MWL8K_HIU_INT_CODE);
585 break;
586 }
587
588 cond_resched();
589 udelay(1);
590 } while (--loops);
591
592 pci_unmap_single(priv->pdev, dma_addr, length, PCI_DMA_TODEVICE);
593
594 return loops ? 0 : -ETIMEDOUT;
595}
596
597static int mwl8k_load_fw_image(struct mwl8k_priv *priv,
598 const u8 *data, size_t length)
599{
600 struct mwl8k_cmd_pkt *cmd;
601 int done;
602 int rc = 0;
603
604 cmd = kmalloc(sizeof(*cmd) + 256, GFP_KERNEL);
605 if (cmd == NULL)
606 return -ENOMEM;
607
608 cmd->code = cpu_to_le16(MWL8K_CMD_CODE_DNLD);
609 cmd->seq_num = 0;
610 cmd->macid = 0;
611 cmd->result = 0;
612
613 done = 0;
614 while (length) {
615 int block_size = length > 256 ? 256 : length;
616
617 memcpy(cmd->payload, data + done, block_size);
618 cmd->length = cpu_to_le16(block_size);
619
620 rc = mwl8k_send_fw_load_cmd(priv, cmd,
621 sizeof(*cmd) + block_size);
622 if (rc)
623 break;
624
625 done += block_size;
626 length -= block_size;
627 }
628
629 if (!rc) {
630 cmd->length = 0;
631 rc = mwl8k_send_fw_load_cmd(priv, cmd, sizeof(*cmd));
632 }
633
634 kfree(cmd);
635
636 return rc;
637}
638
639static int mwl8k_feed_fw_image(struct mwl8k_priv *priv,
640 const u8 *data, size_t length)
641{
642 unsigned char *buffer;
643 int may_continue, rc = 0;
644 u32 done, prev_block_size;
645
646 buffer = kmalloc(1024, GFP_KERNEL);
647 if (buffer == NULL)
648 return -ENOMEM;
649
650 done = 0;
651 prev_block_size = 0;
652 may_continue = 1000;
653 while (may_continue > 0) {
654 u32 block_size;
655
656 block_size = ioread32(priv->regs + MWL8K_HIU_SCRATCH);
657 if (block_size & 1) {
658 block_size &= ~1;
659 may_continue--;
660 } else {
661 done += prev_block_size;
662 length -= prev_block_size;
663 }
664
665 if (block_size > 1024 || block_size > length) {
666 rc = -EOVERFLOW;
667 break;
668 }
669
670 if (length == 0) {
671 rc = 0;
672 break;
673 }
674
675 if (block_size == 0) {
676 rc = -EPROTO;
677 may_continue--;
678 udelay(1);
679 continue;
680 }
681
682 prev_block_size = block_size;
683 memcpy(buffer, data + done, block_size);
684
685 rc = mwl8k_send_fw_load_cmd(priv, buffer, block_size);
686 if (rc)
687 break;
688 }
689
690 if (!rc && length != 0)
691 rc = -EREMOTEIO;
692
693 kfree(buffer);
694
695 return rc;
696}
697
698static int mwl8k_load_firmware(struct ieee80211_hw *hw)
699{
700 struct mwl8k_priv *priv = hw->priv;
701 const struct firmware *fw = priv->fw_ucode;
702 int rc;
703 int loops;
704
705 if (!memcmp(fw->data, "\x01\x00\x00\x00", 4)) {
706 const struct firmware *helper = priv->fw_helper;
707
708 if (helper == NULL) {
709 printk(KERN_ERR "%s: helper image needed but none "
710 "given\n", pci_name(priv->pdev));
711 return -EINVAL;
712 }
713
714 rc = mwl8k_load_fw_image(priv, helper->data, helper->size);
715 if (rc) {
716 printk(KERN_ERR "%s: unable to load firmware "
717 "helper image\n", pci_name(priv->pdev));
718 return rc;
719 }
720 msleep(20);
721
722 rc = mwl8k_feed_fw_image(priv, fw->data, fw->size);
723 } else {
724 rc = mwl8k_load_fw_image(priv, fw->data, fw->size);
725 }
726
727 if (rc) {
728 printk(KERN_ERR "%s: unable to load firmware image\n",
729 pci_name(priv->pdev));
730 return rc;
731 }
732
733 iowrite32(MWL8K_MODE_STA, priv->regs + MWL8K_HIU_GEN_PTR);
734
735 loops = 500000;
736 do {
737 u32 ready_code;
738
739 ready_code = ioread32(priv->regs + MWL8K_HIU_INT_CODE);
740 if (ready_code == MWL8K_FWAP_READY) {
741 priv->ap_fw = 1;
742 break;
743 } else if (ready_code == MWL8K_FWSTA_READY) {
744 priv->ap_fw = 0;
745 break;
746 }
747
748 cond_resched();
749 udelay(1);
750 } while (--loops);
751
752 return loops ? 0 : -ETIMEDOUT;
753}
754
755
756/* DMA header used by firmware and hardware. */
757struct mwl8k_dma_data {
758 __le16 fwlen;
759 struct ieee80211_hdr wh;
760 char data[0];
761} __packed;
762
763/* Routines to add/remove DMA header from skb. */
764static inline void mwl8k_remove_dma_header(struct sk_buff *skb, __le16 qos)
765{
766 struct mwl8k_dma_data *tr;
767 int hdrlen;
768
769 tr = (struct mwl8k_dma_data *)skb->data;
770 hdrlen = ieee80211_hdrlen(tr->wh.frame_control);
771
772 if (hdrlen != sizeof(tr->wh)) {
773 if (ieee80211_is_data_qos(tr->wh.frame_control)) {
774 memmove(tr->data - hdrlen, &tr->wh, hdrlen - 2);
775 *((__le16 *)(tr->data - 2)) = qos;
776 } else {
777 memmove(tr->data - hdrlen, &tr->wh, hdrlen);
778 }
779 }
780
781 if (hdrlen != sizeof(*tr))
782 skb_pull(skb, sizeof(*tr) - hdrlen);
783}
784
785#define REDUCED_TX_HEADROOM 8
786
787static void
788mwl8k_add_dma_header(struct mwl8k_priv *priv, struct sk_buff *skb,
789 int head_pad, int tail_pad)
790{
791 struct ieee80211_hdr *wh;
792 int hdrlen;
793 int reqd_hdrlen;
794 struct mwl8k_dma_data *tr;
795
796 /*
797 * Add a firmware DMA header; the firmware requires that we
798 * present a 2-byte payload length followed by a 4-address
799 * header (without QoS field), followed (optionally) by any
800 * WEP/ExtIV header (but only filled in for CCMP).
801 */
802 wh = (struct ieee80211_hdr *)skb->data;
803
804 hdrlen = ieee80211_hdrlen(wh->frame_control);
805
806 /*
807 * Check if skb_resize is required because of
808 * tx_headroom adjustment.
809 */
810 if (priv->ap_fw && (hdrlen < (sizeof(struct ieee80211_cts)
811 + REDUCED_TX_HEADROOM))) {
812 if (pskb_expand_head(skb, REDUCED_TX_HEADROOM, 0, GFP_ATOMIC)) {
813
814 wiphy_err(priv->hw->wiphy,
815 "Failed to reallocate TX buffer\n");
816 return;
817 }
818 skb->truesize += REDUCED_TX_HEADROOM;
819 }
820
821 reqd_hdrlen = sizeof(*tr) + head_pad;
822
823 if (hdrlen != reqd_hdrlen)
824 skb_push(skb, reqd_hdrlen - hdrlen);
825
826 if (ieee80211_is_data_qos(wh->frame_control))
827 hdrlen -= IEEE80211_QOS_CTL_LEN;
828
829 tr = (struct mwl8k_dma_data *)skb->data;
830 if (wh != &tr->wh)
831 memmove(&tr->wh, wh, hdrlen);
832 if (hdrlen != sizeof(tr->wh))
833 memset(((void *)&tr->wh) + hdrlen, 0, sizeof(tr->wh) - hdrlen);
834
835 /*
836 * Firmware length is the length of the fully formed "802.11
837 * payload". That is, everything except for the 802.11 header.
838 * This includes all crypto material including the MIC.
839 */
840 tr->fwlen = cpu_to_le16(skb->len - sizeof(*tr) + tail_pad);
841}
842
843static void mwl8k_encapsulate_tx_frame(struct mwl8k_priv *priv,
844 struct sk_buff *skb)
845{
846 struct ieee80211_hdr *wh;
847 struct ieee80211_tx_info *tx_info;
848 struct ieee80211_key_conf *key_conf;
849 int data_pad;
850 int head_pad = 0;
851
852 wh = (struct ieee80211_hdr *)skb->data;
853
854 tx_info = IEEE80211_SKB_CB(skb);
855
856 key_conf = NULL;
857 if (ieee80211_is_data(wh->frame_control))
858 key_conf = tx_info->control.hw_key;
859
860 /*
861 * Make sure the packet header is in the DMA header format (4-address
862 * without QoS), and add head & tail padding when HW crypto is enabled.
863 *
864 * We have the following trailer padding requirements:
865 * - WEP: 4 trailer bytes (ICV)
866 * - TKIP: 12 trailer bytes (8 MIC + 4 ICV)
867 * - CCMP: 8 trailer bytes (MIC)
868 */
869 data_pad = 0;
870 if (key_conf != NULL) {
871 head_pad = key_conf->iv_len;
872 switch (key_conf->cipher) {
873 case WLAN_CIPHER_SUITE_WEP40:
874 case WLAN_CIPHER_SUITE_WEP104:
875 data_pad = 4;
876 break;
877 case WLAN_CIPHER_SUITE_TKIP:
878 data_pad = 12;
879 break;
880 case WLAN_CIPHER_SUITE_CCMP:
881 data_pad = 8;
882 break;
883 }
884 }
885 mwl8k_add_dma_header(priv, skb, head_pad, data_pad);
886}
887
888/*
889 * Packet reception for 88w8366 AP firmware.
890 */
891struct mwl8k_rxd_8366_ap {
892 __le16 pkt_len;
893 __u8 sq2;
894 __u8 rate;
895 __le32 pkt_phys_addr;
896 __le32 next_rxd_phys_addr;
897 __le16 qos_control;
898 __le16 htsig2;
899 __le32 hw_rssi_info;
900 __le32 hw_noise_floor_info;
901 __u8 noise_floor;
902 __u8 pad0[3];
903 __u8 rssi;
904 __u8 rx_status;
905 __u8 channel;
906 __u8 rx_ctrl;
907} __packed;
908
909#define MWL8K_8366_AP_RATE_INFO_MCS_FORMAT 0x80
910#define MWL8K_8366_AP_RATE_INFO_40MHZ 0x40
911#define MWL8K_8366_AP_RATE_INFO_RATEID(x) ((x) & 0x3f)
912
913#define MWL8K_8366_AP_RX_CTRL_OWNED_BY_HOST 0x80
914
915/* 8366 AP rx_status bits */
916#define MWL8K_8366_AP_RXSTAT_DECRYPT_ERR_MASK 0x80
917#define MWL8K_8366_AP_RXSTAT_GENERAL_DECRYPT_ERR 0xFF
918#define MWL8K_8366_AP_RXSTAT_TKIP_DECRYPT_MIC_ERR 0x02
919#define MWL8K_8366_AP_RXSTAT_WEP_DECRYPT_ICV_ERR 0x04
920#define MWL8K_8366_AP_RXSTAT_TKIP_DECRYPT_ICV_ERR 0x08
921
922static void mwl8k_rxd_8366_ap_init(void *_rxd, dma_addr_t next_dma_addr)
923{
924 struct mwl8k_rxd_8366_ap *rxd = _rxd;
925
926 rxd->next_rxd_phys_addr = cpu_to_le32(next_dma_addr);
927 rxd->rx_ctrl = MWL8K_8366_AP_RX_CTRL_OWNED_BY_HOST;
928}
929
930static void mwl8k_rxd_8366_ap_refill(void *_rxd, dma_addr_t addr, int len)
931{
932 struct mwl8k_rxd_8366_ap *rxd = _rxd;
933
934 rxd->pkt_len = cpu_to_le16(len);
935 rxd->pkt_phys_addr = cpu_to_le32(addr);
936 wmb();
937 rxd->rx_ctrl = 0;
938}
939
940static int
941mwl8k_rxd_8366_ap_process(void *_rxd, struct ieee80211_rx_status *status,
942 __le16 *qos, s8 *noise)
943{
944 struct mwl8k_rxd_8366_ap *rxd = _rxd;
945
946 if (!(rxd->rx_ctrl & MWL8K_8366_AP_RX_CTRL_OWNED_BY_HOST))
947 return -1;
948 rmb();
949
950 memset(status, 0, sizeof(*status));
951
952 status->signal = -rxd->rssi;
953 *noise = -rxd->noise_floor;
954
955 if (rxd->rate & MWL8K_8366_AP_RATE_INFO_MCS_FORMAT) {
956 status->flag |= RX_FLAG_HT;
957 if (rxd->rate & MWL8K_8366_AP_RATE_INFO_40MHZ)
958 status->flag |= RX_FLAG_40MHZ;
959 status->rate_idx = MWL8K_8366_AP_RATE_INFO_RATEID(rxd->rate);
960 } else {
961 int i;
962
963 for (i = 0; i < ARRAY_SIZE(mwl8k_rates_24); i++) {
964 if (mwl8k_rates_24[i].hw_value == rxd->rate) {
965 status->rate_idx = i;
966 break;
967 }
968 }
969 }
970
971 if (rxd->channel > 14) {
972 status->band = IEEE80211_BAND_5GHZ;
973 if (!(status->flag & RX_FLAG_HT))
974 status->rate_idx -= 5;
975 } else {
976 status->band = IEEE80211_BAND_2GHZ;
977 }
978 status->freq = ieee80211_channel_to_frequency(rxd->channel,
979 status->band);
980
981 *qos = rxd->qos_control;
982
983 if ((rxd->rx_status != MWL8K_8366_AP_RXSTAT_GENERAL_DECRYPT_ERR) &&
984 (rxd->rx_status & MWL8K_8366_AP_RXSTAT_DECRYPT_ERR_MASK) &&
985 (rxd->rx_status & MWL8K_8366_AP_RXSTAT_TKIP_DECRYPT_MIC_ERR))
986 status->flag |= RX_FLAG_MMIC_ERROR;
987
988 return le16_to_cpu(rxd->pkt_len);
989}
990
991static struct rxd_ops rxd_8366_ap_ops = {
992 .rxd_size = sizeof(struct mwl8k_rxd_8366_ap),
993 .rxd_init = mwl8k_rxd_8366_ap_init,
994 .rxd_refill = mwl8k_rxd_8366_ap_refill,
995 .rxd_process = mwl8k_rxd_8366_ap_process,
996};
997
998/*
999 * Packet reception for STA firmware.
1000 */
1001struct mwl8k_rxd_sta {
1002 __le16 pkt_len;
1003 __u8 link_quality;
1004 __u8 noise_level;
1005 __le32 pkt_phys_addr;
1006 __le32 next_rxd_phys_addr;
1007 __le16 qos_control;
1008 __le16 rate_info;
1009 __le32 pad0[4];
1010 __u8 rssi;
1011 __u8 channel;
1012 __le16 pad1;
1013 __u8 rx_ctrl;
1014 __u8 rx_status;
1015 __u8 pad2[2];
1016} __packed;
1017
1018#define MWL8K_STA_RATE_INFO_SHORTPRE 0x8000
1019#define MWL8K_STA_RATE_INFO_ANTSELECT(x) (((x) >> 11) & 0x3)
1020#define MWL8K_STA_RATE_INFO_RATEID(x) (((x) >> 3) & 0x3f)
1021#define MWL8K_STA_RATE_INFO_40MHZ 0x0004
1022#define MWL8K_STA_RATE_INFO_SHORTGI 0x0002
1023#define MWL8K_STA_RATE_INFO_MCS_FORMAT 0x0001
1024
1025#define MWL8K_STA_RX_CTRL_OWNED_BY_HOST 0x02
1026#define MWL8K_STA_RX_CTRL_DECRYPT_ERROR 0x04
1027/* ICV=0 or MIC=1 */
1028#define MWL8K_STA_RX_CTRL_DEC_ERR_TYPE 0x08
1029/* Key is uploaded only in failure case */
1030#define MWL8K_STA_RX_CTRL_KEY_INDEX 0x30
1031
1032static void mwl8k_rxd_sta_init(void *_rxd, dma_addr_t next_dma_addr)
1033{
1034 struct mwl8k_rxd_sta *rxd = _rxd;
1035
1036 rxd->next_rxd_phys_addr = cpu_to_le32(next_dma_addr);
1037 rxd->rx_ctrl = MWL8K_STA_RX_CTRL_OWNED_BY_HOST;
1038}
1039
1040static void mwl8k_rxd_sta_refill(void *_rxd, dma_addr_t addr, int len)
1041{
1042 struct mwl8k_rxd_sta *rxd = _rxd;
1043
1044 rxd->pkt_len = cpu_to_le16(len);
1045 rxd->pkt_phys_addr = cpu_to_le32(addr);
1046 wmb();
1047 rxd->rx_ctrl = 0;
1048}
1049
1050static int
1051mwl8k_rxd_sta_process(void *_rxd, struct ieee80211_rx_status *status,
1052 __le16 *qos, s8 *noise)
1053{
1054 struct mwl8k_rxd_sta *rxd = _rxd;
1055 u16 rate_info;
1056
1057 if (!(rxd->rx_ctrl & MWL8K_STA_RX_CTRL_OWNED_BY_HOST))
1058 return -1;
1059 rmb();
1060
1061 rate_info = le16_to_cpu(rxd->rate_info);
1062
1063 memset(status, 0, sizeof(*status));
1064
1065 status->signal = -rxd->rssi;
1066 *noise = -rxd->noise_level;
1067 status->antenna = MWL8K_STA_RATE_INFO_ANTSELECT(rate_info);
1068 status->rate_idx = MWL8K_STA_RATE_INFO_RATEID(rate_info);
1069
1070 if (rate_info & MWL8K_STA_RATE_INFO_SHORTPRE)
1071 status->flag |= RX_FLAG_SHORTPRE;
1072 if (rate_info & MWL8K_STA_RATE_INFO_40MHZ)
1073 status->flag |= RX_FLAG_40MHZ;
1074 if (rate_info & MWL8K_STA_RATE_INFO_SHORTGI)
1075 status->flag |= RX_FLAG_SHORT_GI;
1076 if (rate_info & MWL8K_STA_RATE_INFO_MCS_FORMAT)
1077 status->flag |= RX_FLAG_HT;
1078
1079 if (rxd->channel > 14) {
1080 status->band = IEEE80211_BAND_5GHZ;
1081 if (!(status->flag & RX_FLAG_HT))
1082 status->rate_idx -= 5;
1083 } else {
1084 status->band = IEEE80211_BAND_2GHZ;
1085 }
1086 status->freq = ieee80211_channel_to_frequency(rxd->channel,
1087 status->band);
1088
1089 *qos = rxd->qos_control;
1090 if ((rxd->rx_ctrl & MWL8K_STA_RX_CTRL_DECRYPT_ERROR) &&
1091 (rxd->rx_ctrl & MWL8K_STA_RX_CTRL_DEC_ERR_TYPE))
1092 status->flag |= RX_FLAG_MMIC_ERROR;
1093
1094 return le16_to_cpu(rxd->pkt_len);
1095}
1096
1097static struct rxd_ops rxd_sta_ops = {
1098 .rxd_size = sizeof(struct mwl8k_rxd_sta),
1099 .rxd_init = mwl8k_rxd_sta_init,
1100 .rxd_refill = mwl8k_rxd_sta_refill,
1101 .rxd_process = mwl8k_rxd_sta_process,
1102};
1103
1104
1105#define MWL8K_RX_DESCS 256
1106#define MWL8K_RX_MAXSZ 3800
1107
1108static int mwl8k_rxq_init(struct ieee80211_hw *hw, int index)
1109{
1110 struct mwl8k_priv *priv = hw->priv;
1111 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1112 int size;
1113 int i;
1114
1115 rxq->rxd_count = 0;
1116 rxq->head = 0;
1117 rxq->tail = 0;
1118
1119 size = MWL8K_RX_DESCS * priv->rxd_ops->rxd_size;
1120
1121 rxq->rxd = pci_alloc_consistent(priv->pdev, size, &rxq->rxd_dma);
1122 if (rxq->rxd == NULL) {
1123 wiphy_err(hw->wiphy, "failed to alloc RX descriptors\n");
1124 return -ENOMEM;
1125 }
1126 memset(rxq->rxd, 0, size);
1127
1128 rxq->buf = kcalloc(MWL8K_RX_DESCS, sizeof(*rxq->buf), GFP_KERNEL);
1129 if (rxq->buf == NULL) {
1130 wiphy_err(hw->wiphy, "failed to alloc RX skbuff list\n");
1131 pci_free_consistent(priv->pdev, size, rxq->rxd, rxq->rxd_dma);
1132 return -ENOMEM;
1133 }
1134
1135 for (i = 0; i < MWL8K_RX_DESCS; i++) {
1136 int desc_size;
1137 void *rxd;
1138 int nexti;
1139 dma_addr_t next_dma_addr;
1140
1141 desc_size = priv->rxd_ops->rxd_size;
1142 rxd = rxq->rxd + (i * priv->rxd_ops->rxd_size);
1143
1144 nexti = i + 1;
1145 if (nexti == MWL8K_RX_DESCS)
1146 nexti = 0;
1147 next_dma_addr = rxq->rxd_dma + (nexti * desc_size);
1148
1149 priv->rxd_ops->rxd_init(rxd, next_dma_addr);
1150 }
1151
1152 return 0;
1153}
1154
1155static int rxq_refill(struct ieee80211_hw *hw, int index, int limit)
1156{
1157 struct mwl8k_priv *priv = hw->priv;
1158 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1159 int refilled;
1160
1161 refilled = 0;
1162 while (rxq->rxd_count < MWL8K_RX_DESCS && limit--) {
1163 struct sk_buff *skb;
1164 dma_addr_t addr;
1165 int rx;
1166 void *rxd;
1167
1168 skb = dev_alloc_skb(MWL8K_RX_MAXSZ);
1169 if (skb == NULL)
1170 break;
1171
1172 addr = pci_map_single(priv->pdev, skb->data,
1173 MWL8K_RX_MAXSZ, DMA_FROM_DEVICE);
1174
1175 rxq->rxd_count++;
1176 rx = rxq->tail++;
1177 if (rxq->tail == MWL8K_RX_DESCS)
1178 rxq->tail = 0;
1179 rxq->buf[rx].skb = skb;
1180 dma_unmap_addr_set(&rxq->buf[rx], dma, addr);
1181
1182 rxd = rxq->rxd + (rx * priv->rxd_ops->rxd_size);
1183 priv->rxd_ops->rxd_refill(rxd, addr, MWL8K_RX_MAXSZ);
1184
1185 refilled++;
1186 }
1187
1188 return refilled;
1189}
1190
1191/* Must be called only when the card's reception is completely halted */
1192static void mwl8k_rxq_deinit(struct ieee80211_hw *hw, int index)
1193{
1194 struct mwl8k_priv *priv = hw->priv;
1195 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1196 int i;
1197
1198 if (rxq->rxd == NULL)
1199 return;
1200
1201 for (i = 0; i < MWL8K_RX_DESCS; i++) {
1202 if (rxq->buf[i].skb != NULL) {
1203 pci_unmap_single(priv->pdev,
1204 dma_unmap_addr(&rxq->buf[i], dma),
1205 MWL8K_RX_MAXSZ, PCI_DMA_FROMDEVICE);
1206 dma_unmap_addr_set(&rxq->buf[i], dma, 0);
1207
1208 kfree_skb(rxq->buf[i].skb);
1209 rxq->buf[i].skb = NULL;
1210 }
1211 }
1212
1213 kfree(rxq->buf);
1214 rxq->buf = NULL;
1215
1216 pci_free_consistent(priv->pdev,
1217 MWL8K_RX_DESCS * priv->rxd_ops->rxd_size,
1218 rxq->rxd, rxq->rxd_dma);
1219 rxq->rxd = NULL;
1220}
1221
1222
1223/*
1224 * Scan a list of BSSIDs to process for finalize join.
1225 * Allows for extension to process multiple BSSIDs.
1226 */
1227static inline int
1228mwl8k_capture_bssid(struct mwl8k_priv *priv, struct ieee80211_hdr *wh)
1229{
1230 return priv->capture_beacon &&
1231 ieee80211_is_beacon(wh->frame_control) &&
1232 !compare_ether_addr(wh->addr3, priv->capture_bssid);
1233}
1234
1235static inline void mwl8k_save_beacon(struct ieee80211_hw *hw,
1236 struct sk_buff *skb)
1237{
1238 struct mwl8k_priv *priv = hw->priv;
1239
1240 priv->capture_beacon = false;
1241 memset(priv->capture_bssid, 0, ETH_ALEN);
1242
1243 /*
1244 * Use GFP_ATOMIC as rxq_process is called from
1245 * the primary interrupt handler, memory allocation call
1246 * must not sleep.
1247 */
1248 priv->beacon_skb = skb_copy(skb, GFP_ATOMIC);
1249 if (priv->beacon_skb != NULL)
1250 ieee80211_queue_work(hw, &priv->finalize_join_worker);
1251}
1252
1253static inline struct mwl8k_vif *mwl8k_find_vif_bss(struct list_head *vif_list,
1254 u8 *bssid)
1255{
1256 struct mwl8k_vif *mwl8k_vif;
1257
1258 list_for_each_entry(mwl8k_vif,
1259 vif_list, list) {
1260 if (memcmp(bssid, mwl8k_vif->bssid,
1261 ETH_ALEN) == 0)
1262 return mwl8k_vif;
1263 }
1264
1265 return NULL;
1266}
1267
1268static int rxq_process(struct ieee80211_hw *hw, int index, int limit)
1269{
1270 struct mwl8k_priv *priv = hw->priv;
1271 struct mwl8k_vif *mwl8k_vif = NULL;
1272 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1273 int processed;
1274
1275 processed = 0;
1276 while (rxq->rxd_count && limit--) {
1277 struct sk_buff *skb;
1278 void *rxd;
1279 int pkt_len;
1280 struct ieee80211_rx_status status;
1281 struct ieee80211_hdr *wh;
1282 __le16 qos;
1283
1284 skb = rxq->buf[rxq->head].skb;
1285 if (skb == NULL)
1286 break;
1287
1288 rxd = rxq->rxd + (rxq->head * priv->rxd_ops->rxd_size);
1289
1290 pkt_len = priv->rxd_ops->rxd_process(rxd, &status, &qos,
1291 &priv->noise);
1292 if (pkt_len < 0)
1293 break;
1294
1295 rxq->buf[rxq->head].skb = NULL;
1296
1297 pci_unmap_single(priv->pdev,
1298 dma_unmap_addr(&rxq->buf[rxq->head], dma),
1299 MWL8K_RX_MAXSZ, PCI_DMA_FROMDEVICE);
1300 dma_unmap_addr_set(&rxq->buf[rxq->head], dma, 0);
1301
1302 rxq->head++;
1303 if (rxq->head == MWL8K_RX_DESCS)
1304 rxq->head = 0;
1305
1306 rxq->rxd_count--;
1307
1308 wh = &((struct mwl8k_dma_data *)skb->data)->wh;
1309
1310 /*
1311 * Check for a pending join operation. Save a
1312 * copy of the beacon and schedule a tasklet to
1313 * send a FINALIZE_JOIN command to the firmware.
1314 */
1315 if (mwl8k_capture_bssid(priv, (void *)skb->data))
1316 mwl8k_save_beacon(hw, skb);
1317
1318 if (ieee80211_has_protected(wh->frame_control)) {
1319
1320 /* Check if hw crypto has been enabled for
1321 * this bss. If yes, set the status flags
1322 * accordingly
1323 */
1324 mwl8k_vif = mwl8k_find_vif_bss(&priv->vif_list,
1325 wh->addr1);
1326
1327 if (mwl8k_vif != NULL &&
1328 mwl8k_vif->is_hw_crypto_enabled == true) {
1329 /*
1330 * When MMIC ERROR is encountered
1331 * by the firmware, payload is
1332 * dropped and only 32 bytes of
1333 * mwl8k Firmware header is sent
1334 * to the host.
1335 *
1336 * We need to add four bytes of
1337 * key information. In it
1338 * MAC80211 expects keyidx set to
1339 * 0 for triggering Counter
1340 * Measure of MMIC failure.
1341 */
1342 if (status.flag & RX_FLAG_MMIC_ERROR) {
1343 struct mwl8k_dma_data *tr;
1344 tr = (struct mwl8k_dma_data *)skb->data;
1345 memset((void *)&(tr->data), 0, 4);
1346 pkt_len += 4;
1347 }
1348
1349 if (!ieee80211_is_auth(wh->frame_control))
1350 status.flag |= RX_FLAG_IV_STRIPPED |
1351 RX_FLAG_DECRYPTED |
1352 RX_FLAG_MMIC_STRIPPED;
1353 }
1354 }
1355
1356 skb_put(skb, pkt_len);
1357 mwl8k_remove_dma_header(skb, qos);
1358 memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status));
1359 ieee80211_rx_irqsafe(hw, skb);
1360
1361 processed++;
1362 }
1363
1364 return processed;
1365}
1366
1367
1368/*
1369 * Packet transmission.
1370 */
1371
1372#define MWL8K_TXD_STATUS_OK 0x00000001
1373#define MWL8K_TXD_STATUS_OK_RETRY 0x00000002
1374#define MWL8K_TXD_STATUS_OK_MORE_RETRY 0x00000004
1375#define MWL8K_TXD_STATUS_MULTICAST_TX 0x00000008
1376#define MWL8K_TXD_STATUS_FW_OWNED 0x80000000
1377
1378#define MWL8K_QOS_QLEN_UNSPEC 0xff00
1379#define MWL8K_QOS_ACK_POLICY_MASK 0x0060
1380#define MWL8K_QOS_ACK_POLICY_NORMAL 0x0000
1381#define MWL8K_QOS_ACK_POLICY_BLOCKACK 0x0060
1382#define MWL8K_QOS_EOSP 0x0010
1383
1384struct mwl8k_tx_desc {
1385 __le32 status;
1386 __u8 data_rate;
1387 __u8 tx_priority;
1388 __le16 qos_control;
1389 __le32 pkt_phys_addr;
1390 __le16 pkt_len;
1391 __u8 dest_MAC_addr[ETH_ALEN];
1392 __le32 next_txd_phys_addr;
1393 __le32 timestamp;
1394 __le16 rate_info;
1395 __u8 peer_id;
1396 __u8 tx_frag_cnt;
1397} __packed;
1398
1399#define MWL8K_TX_DESCS 128
1400
1401static int mwl8k_txq_init(struct ieee80211_hw *hw, int index)
1402{
1403 struct mwl8k_priv *priv = hw->priv;
1404 struct mwl8k_tx_queue *txq = priv->txq + index;
1405 int size;
1406 int i;
1407
1408 txq->len = 0;
1409 txq->head = 0;
1410 txq->tail = 0;
1411
1412 size = MWL8K_TX_DESCS * sizeof(struct mwl8k_tx_desc);
1413
1414 txq->txd = pci_alloc_consistent(priv->pdev, size, &txq->txd_dma);
1415 if (txq->txd == NULL) {
1416 wiphy_err(hw->wiphy, "failed to alloc TX descriptors\n");
1417 return -ENOMEM;
1418 }
1419 memset(txq->txd, 0, size);
1420
1421 txq->skb = kcalloc(MWL8K_TX_DESCS, sizeof(*txq->skb), GFP_KERNEL);
1422 if (txq->skb == NULL) {
1423 wiphy_err(hw->wiphy, "failed to alloc TX skbuff list\n");
1424 pci_free_consistent(priv->pdev, size, txq->txd, txq->txd_dma);
1425 return -ENOMEM;
1426 }
1427
1428 for (i = 0; i < MWL8K_TX_DESCS; i++) {
1429 struct mwl8k_tx_desc *tx_desc;
1430 int nexti;
1431
1432 tx_desc = txq->txd + i;
1433 nexti = (i + 1) % MWL8K_TX_DESCS;
1434
1435 tx_desc->status = 0;
1436 tx_desc->next_txd_phys_addr =
1437 cpu_to_le32(txq->txd_dma + nexti * sizeof(*tx_desc));
1438 }
1439
1440 return 0;
1441}
1442
1443static inline void mwl8k_tx_start(struct mwl8k_priv *priv)
1444{
1445 iowrite32(MWL8K_H2A_INT_PPA_READY,
1446 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
1447 iowrite32(MWL8K_H2A_INT_DUMMY,
1448 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
1449 ioread32(priv->regs + MWL8K_HIU_INT_CODE);
1450}
1451
1452static void mwl8k_dump_tx_rings(struct ieee80211_hw *hw)
1453{
1454 struct mwl8k_priv *priv = hw->priv;
1455 int i;
1456
1457 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
1458 struct mwl8k_tx_queue *txq = priv->txq + i;
1459 int fw_owned = 0;
1460 int drv_owned = 0;
1461 int unused = 0;
1462 int desc;
1463
1464 for (desc = 0; desc < MWL8K_TX_DESCS; desc++) {
1465 struct mwl8k_tx_desc *tx_desc = txq->txd + desc;
1466 u32 status;
1467
1468 status = le32_to_cpu(tx_desc->status);
1469 if (status & MWL8K_TXD_STATUS_FW_OWNED)
1470 fw_owned++;
1471 else
1472 drv_owned++;
1473
1474 if (tx_desc->pkt_len == 0)
1475 unused++;
1476 }
1477
1478 wiphy_err(hw->wiphy,
1479 "txq[%d] len=%d head=%d tail=%d "
1480 "fw_owned=%d drv_owned=%d unused=%d\n",
1481 i,
1482 txq->len, txq->head, txq->tail,
1483 fw_owned, drv_owned, unused);
1484 }
1485}
1486
1487/*
1488 * Must be called with priv->fw_mutex held and tx queues stopped.
1489 */
1490#define MWL8K_TX_WAIT_TIMEOUT_MS 5000
1491
1492static int mwl8k_tx_wait_empty(struct ieee80211_hw *hw)
1493{
1494 struct mwl8k_priv *priv = hw->priv;
1495 DECLARE_COMPLETION_ONSTACK(tx_wait);
1496 int retry;
1497 int rc;
1498
1499 might_sleep();
1500
1501 /*
1502 * The TX queues are stopped at this point, so this test
1503 * doesn't need to take ->tx_lock.
1504 */
1505 if (!priv->pending_tx_pkts)
1506 return 0;
1507
1508 retry = 0;
1509 rc = 0;
1510
1511 spin_lock_bh(&priv->tx_lock);
1512 priv->tx_wait = &tx_wait;
1513 while (!rc) {
1514 int oldcount;
1515 unsigned long timeout;
1516
1517 oldcount = priv->pending_tx_pkts;
1518
1519 spin_unlock_bh(&priv->tx_lock);
1520 timeout = wait_for_completion_timeout(&tx_wait,
1521 msecs_to_jiffies(MWL8K_TX_WAIT_TIMEOUT_MS));
1522 spin_lock_bh(&priv->tx_lock);
1523
1524 if (timeout) {
1525 WARN_ON(priv->pending_tx_pkts);
1526 if (retry)
1527 wiphy_notice(hw->wiphy, "tx rings drained\n");
1528 break;
1529 }
1530
1531 if (priv->pending_tx_pkts < oldcount) {
1532 wiphy_notice(hw->wiphy,
1533 "waiting for tx rings to drain (%d -> %d pkts)\n",
1534 oldcount, priv->pending_tx_pkts);
1535 retry = 1;
1536 continue;
1537 }
1538
1539 priv->tx_wait = NULL;
1540
1541 wiphy_err(hw->wiphy, "tx rings stuck for %d ms\n",
1542 MWL8K_TX_WAIT_TIMEOUT_MS);
1543 mwl8k_dump_tx_rings(hw);
1544
1545 rc = -ETIMEDOUT;
1546 }
1547 spin_unlock_bh(&priv->tx_lock);
1548
1549 return rc;
1550}
1551
1552#define MWL8K_TXD_SUCCESS(status) \
1553 ((status) & (MWL8K_TXD_STATUS_OK | \
1554 MWL8K_TXD_STATUS_OK_RETRY | \
1555 MWL8K_TXD_STATUS_OK_MORE_RETRY))
1556
1557static int mwl8k_tid_queue_mapping(u8 tid)
1558{
1559 BUG_ON(tid > 7);
1560
1561 switch (tid) {
1562 case 0:
1563 case 3:
1564 return IEEE80211_AC_BE;
1565 break;
1566 case 1:
1567 case 2:
1568 return IEEE80211_AC_BK;
1569 break;
1570 case 4:
1571 case 5:
1572 return IEEE80211_AC_VI;
1573 break;
1574 case 6:
1575 case 7:
1576 return IEEE80211_AC_VO;
1577 break;
1578 default:
1579 return -1;
1580 break;
1581 }
1582}
1583
1584/* The firmware will fill in the rate information
1585 * for each packet that gets queued in the hardware
1586 * and these macros will interpret that info.
1587 */
1588
1589#define RI_FORMAT(a) (a & 0x0001)
1590#define RI_RATE_ID_MCS(a) ((a & 0x01f8) >> 3)
1591
1592static int
1593mwl8k_txq_reclaim(struct ieee80211_hw *hw, int index, int limit, int force)
1594{
1595 struct mwl8k_priv *priv = hw->priv;
1596 struct mwl8k_tx_queue *txq = priv->txq + index;
1597 int processed;
1598
1599 processed = 0;
1600 while (txq->len > 0 && limit--) {
1601 int tx;
1602 struct mwl8k_tx_desc *tx_desc;
1603 unsigned long addr;
1604 int size;
1605 struct sk_buff *skb;
1606 struct ieee80211_tx_info *info;
1607 u32 status;
1608 struct ieee80211_sta *sta;
1609 struct mwl8k_sta *sta_info = NULL;
1610 u16 rate_info;
1611 struct ieee80211_hdr *wh;
1612
1613 tx = txq->head;
1614 tx_desc = txq->txd + tx;
1615
1616 status = le32_to_cpu(tx_desc->status);
1617
1618 if (status & MWL8K_TXD_STATUS_FW_OWNED) {
1619 if (!force)
1620 break;
1621 tx_desc->status &=
1622 ~cpu_to_le32(MWL8K_TXD_STATUS_FW_OWNED);
1623 }
1624
1625 txq->head = (tx + 1) % MWL8K_TX_DESCS;
1626 BUG_ON(txq->len == 0);
1627 txq->len--;
1628 priv->pending_tx_pkts--;
1629
1630 addr = le32_to_cpu(tx_desc->pkt_phys_addr);
1631 size = le16_to_cpu(tx_desc->pkt_len);
1632 skb = txq->skb[tx];
1633 txq->skb[tx] = NULL;
1634
1635 BUG_ON(skb == NULL);
1636 pci_unmap_single(priv->pdev, addr, size, PCI_DMA_TODEVICE);
1637
1638 mwl8k_remove_dma_header(skb, tx_desc->qos_control);
1639
1640 wh = (struct ieee80211_hdr *) skb->data;
1641
1642 /* Mark descriptor as unused */
1643 tx_desc->pkt_phys_addr = 0;
1644 tx_desc->pkt_len = 0;
1645
1646 info = IEEE80211_SKB_CB(skb);
1647 if (ieee80211_is_data(wh->frame_control)) {
1648 sta = info->control.sta;
1649 if (sta) {
1650 sta_info = MWL8K_STA(sta);
1651 BUG_ON(sta_info == NULL);
1652 rate_info = le16_to_cpu(tx_desc->rate_info);
1653 /* If rate is < 6.5 Mpbs for an ht station
1654 * do not form an ampdu. If the station is a
1655 * legacy station (format = 0), do not form an
1656 * ampdu
1657 */
1658 if (RI_RATE_ID_MCS(rate_info) < 1 ||
1659 RI_FORMAT(rate_info) == 0) {
1660 sta_info->is_ampdu_allowed = false;
1661 } else {
1662 sta_info->is_ampdu_allowed = true;
1663 }
1664 }
1665 }
1666
1667 ieee80211_tx_info_clear_status(info);
1668
1669 /* Rate control is happening in the firmware.
1670 * Ensure no tx rate is being reported.
1671 */
1672 info->status.rates[0].idx = -1;
1673 info->status.rates[0].count = 1;
1674
1675 if (MWL8K_TXD_SUCCESS(status))
1676 info->flags |= IEEE80211_TX_STAT_ACK;
1677
1678 ieee80211_tx_status_irqsafe(hw, skb);
1679
1680 processed++;
1681 }
1682
1683 return processed;
1684}
1685
1686/* must be called only when the card's transmit is completely halted */
1687static void mwl8k_txq_deinit(struct ieee80211_hw *hw, int index)
1688{
1689 struct mwl8k_priv *priv = hw->priv;
1690 struct mwl8k_tx_queue *txq = priv->txq + index;
1691
1692 if (txq->txd == NULL)
1693 return;
1694
1695 mwl8k_txq_reclaim(hw, index, INT_MAX, 1);
1696
1697 kfree(txq->skb);
1698 txq->skb = NULL;
1699
1700 pci_free_consistent(priv->pdev,
1701 MWL8K_TX_DESCS * sizeof(struct mwl8k_tx_desc),
1702 txq->txd, txq->txd_dma);
1703 txq->txd = NULL;
1704}
1705
1706/* caller must hold priv->stream_lock when calling the stream functions */
1707static struct mwl8k_ampdu_stream *
1708mwl8k_add_stream(struct ieee80211_hw *hw, struct ieee80211_sta *sta, u8 tid)
1709{
1710 struct mwl8k_ampdu_stream *stream;
1711 struct mwl8k_priv *priv = hw->priv;
1712 int i;
1713
1714 for (i = 0; i < priv->num_ampdu_queues; i++) {
1715 stream = &priv->ampdu[i];
1716 if (stream->state == AMPDU_NO_STREAM) {
1717 stream->sta = sta;
1718 stream->state = AMPDU_STREAM_NEW;
1719 stream->tid = tid;
1720 stream->idx = i;
1721 stream->txq_idx = MWL8K_TX_WMM_QUEUES + i;
1722 wiphy_debug(hw->wiphy, "Added a new stream for %pM %d",
1723 sta->addr, tid);
1724 return stream;
1725 }
1726 }
1727 return NULL;
1728}
1729
1730static int
1731mwl8k_start_stream(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream)
1732{
1733 int ret;
1734
1735 /* if the stream has already been started, don't start it again */
1736 if (stream->state != AMPDU_STREAM_NEW)
1737 return 0;
1738 ret = ieee80211_start_tx_ba_session(stream->sta, stream->tid, 0);
1739 if (ret)
1740 wiphy_debug(hw->wiphy, "Failed to start stream for %pM %d: "
1741 "%d\n", stream->sta->addr, stream->tid, ret);
1742 else
1743 wiphy_debug(hw->wiphy, "Started stream for %pM %d\n",
1744 stream->sta->addr, stream->tid);
1745 return ret;
1746}
1747
1748static void
1749mwl8k_remove_stream(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream)
1750{
1751 wiphy_debug(hw->wiphy, "Remove stream for %pM %d\n", stream->sta->addr,
1752 stream->tid);
1753 memset(stream, 0, sizeof(*stream));
1754}
1755
1756static struct mwl8k_ampdu_stream *
1757mwl8k_lookup_stream(struct ieee80211_hw *hw, u8 *addr, u8 tid)
1758{
1759 struct mwl8k_priv *priv = hw->priv;
1760 int i;
1761
1762 for (i = 0 ; i < priv->num_ampdu_queues; i++) {
1763 struct mwl8k_ampdu_stream *stream;
1764 stream = &priv->ampdu[i];
1765 if (stream->state == AMPDU_NO_STREAM)
1766 continue;
1767 if (!memcmp(stream->sta->addr, addr, ETH_ALEN) &&
1768 stream->tid == tid)
1769 return stream;
1770 }
1771 return NULL;
1772}
1773
1774#define MWL8K_AMPDU_PACKET_THRESHOLD 64
1775static inline bool mwl8k_ampdu_allowed(struct ieee80211_sta *sta, u8 tid)
1776{
1777 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
1778 struct tx_traffic_info *tx_stats;
1779
1780 BUG_ON(tid >= MWL8K_MAX_TID);
1781 tx_stats = &sta_info->tx_stats[tid];
1782
1783 return sta_info->is_ampdu_allowed &&
1784 tx_stats->pkts > MWL8K_AMPDU_PACKET_THRESHOLD;
1785}
1786
1787static inline void mwl8k_tx_count_packet(struct ieee80211_sta *sta, u8 tid)
1788{
1789 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
1790 struct tx_traffic_info *tx_stats;
1791
1792 BUG_ON(tid >= MWL8K_MAX_TID);
1793 tx_stats = &sta_info->tx_stats[tid];
1794
1795 if (tx_stats->start_time == 0)
1796 tx_stats->start_time = jiffies;
1797
1798 /* reset the packet count after each second elapses. If the number of
1799 * packets ever exceeds the ampdu_min_traffic threshold, we will allow
1800 * an ampdu stream to be started.
1801 */
1802 if (jiffies - tx_stats->start_time > HZ) {
1803 tx_stats->pkts = 0;
1804 tx_stats->start_time = 0;
1805 } else
1806 tx_stats->pkts++;
1807}
1808
1809static void
1810mwl8k_txq_xmit(struct ieee80211_hw *hw, int index, struct sk_buff *skb)
1811{
1812 struct mwl8k_priv *priv = hw->priv;
1813 struct ieee80211_tx_info *tx_info;
1814 struct mwl8k_vif *mwl8k_vif;
1815 struct ieee80211_sta *sta;
1816 struct ieee80211_hdr *wh;
1817 struct mwl8k_tx_queue *txq;
1818 struct mwl8k_tx_desc *tx;
1819 dma_addr_t dma;
1820 u32 txstatus;
1821 u8 txdatarate;
1822 u16 qos;
1823 int txpriority;
1824 u8 tid = 0;
1825 struct mwl8k_ampdu_stream *stream = NULL;
1826 bool start_ba_session = false;
1827 bool mgmtframe = false;
1828 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
1829
1830 wh = (struct ieee80211_hdr *)skb->data;
1831 if (ieee80211_is_data_qos(wh->frame_control))
1832 qos = le16_to_cpu(*((__le16 *)ieee80211_get_qos_ctl(wh)));
1833 else
1834 qos = 0;
1835
1836 if (ieee80211_is_mgmt(wh->frame_control))
1837 mgmtframe = true;
1838
1839 if (priv->ap_fw)
1840 mwl8k_encapsulate_tx_frame(priv, skb);
1841 else
1842 mwl8k_add_dma_header(priv, skb, 0, 0);
1843
1844 wh = &((struct mwl8k_dma_data *)skb->data)->wh;
1845
1846 tx_info = IEEE80211_SKB_CB(skb);
1847 sta = tx_info->control.sta;
1848 mwl8k_vif = MWL8K_VIF(tx_info->control.vif);
1849
1850 if (tx_info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) {
1851 wh->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
1852 wh->seq_ctrl |= cpu_to_le16(mwl8k_vif->seqno);
1853 mwl8k_vif->seqno += 0x10;
1854 }
1855
1856 /* Setup firmware control bit fields for each frame type. */
1857 txstatus = 0;
1858 txdatarate = 0;
1859 if (ieee80211_is_mgmt(wh->frame_control) ||
1860 ieee80211_is_ctl(wh->frame_control)) {
1861 txdatarate = 0;
1862 qos |= MWL8K_QOS_QLEN_UNSPEC | MWL8K_QOS_EOSP;
1863 } else if (ieee80211_is_data(wh->frame_control)) {
1864 txdatarate = 1;
1865 if (is_multicast_ether_addr(wh->addr1))
1866 txstatus |= MWL8K_TXD_STATUS_MULTICAST_TX;
1867
1868 qos &= ~MWL8K_QOS_ACK_POLICY_MASK;
1869 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
1870 qos |= MWL8K_QOS_ACK_POLICY_BLOCKACK;
1871 else
1872 qos |= MWL8K_QOS_ACK_POLICY_NORMAL;
1873 }
1874
1875 /* Queue ADDBA request in the respective data queue. While setting up
1876 * the ampdu stream, mac80211 queues further packets for that
1877 * particular ra/tid pair. However, packets piled up in the hardware
1878 * for that ra/tid pair will still go out. ADDBA request and the
1879 * related data packets going out from different queues asynchronously
1880 * will cause a shift in the receiver window which might result in
1881 * ampdu packets getting dropped at the receiver after the stream has
1882 * been setup.
1883 */
1884 if (unlikely(ieee80211_is_action(wh->frame_control) &&
1885 mgmt->u.action.category == WLAN_CATEGORY_BACK &&
1886 mgmt->u.action.u.addba_req.action_code == WLAN_ACTION_ADDBA_REQ &&
1887 priv->ap_fw)) {
1888 u16 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1889 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1890 index = mwl8k_tid_queue_mapping(tid);
1891 }
1892
1893 txpriority = index;
1894
1895 if (priv->ap_fw && sta && sta->ht_cap.ht_supported
1896 && skb->protocol != cpu_to_be16(ETH_P_PAE)
1897 && ieee80211_is_data_qos(wh->frame_control)) {
1898 tid = qos & 0xf;
1899 mwl8k_tx_count_packet(sta, tid);
1900 spin_lock(&priv->stream_lock);
1901 stream = mwl8k_lookup_stream(hw, sta->addr, tid);
1902 if (stream != NULL) {
1903 if (stream->state == AMPDU_STREAM_ACTIVE) {
1904 txpriority = stream->txq_idx;
1905 index = stream->txq_idx;
1906 } else if (stream->state == AMPDU_STREAM_NEW) {
1907 /* We get here if the driver sends us packets
1908 * after we've initiated a stream, but before
1909 * our ampdu_action routine has been called
1910 * with IEEE80211_AMPDU_TX_START to get the SSN
1911 * for the ADDBA request. So this packet can
1912 * go out with no risk of sequence number
1913 * mismatch. No special handling is required.
1914 */
1915 } else {
1916 /* Drop packets that would go out after the
1917 * ADDBA request was sent but before the ADDBA
1918 * response is received. If we don't do this,
1919 * the recipient would probably receive it
1920 * after the ADDBA request with SSN 0. This
1921 * will cause the recipient's BA receive window
1922 * to shift, which would cause the subsequent
1923 * packets in the BA stream to be discarded.
1924 * mac80211 queues our packets for us in this
1925 * case, so this is really just a safety check.
1926 */
1927 wiphy_warn(hw->wiphy,
1928 "Cannot send packet while ADDBA "
1929 "dialog is underway.\n");
1930 spin_unlock(&priv->stream_lock);
1931 dev_kfree_skb(skb);
1932 return;
1933 }
1934 } else {
1935 /* Defer calling mwl8k_start_stream so that the current
1936 * skb can go out before the ADDBA request. This
1937 * prevents sequence number mismatch at the recepient
1938 * as described above.
1939 */
1940 if (mwl8k_ampdu_allowed(sta, tid)) {
1941 stream = mwl8k_add_stream(hw, sta, tid);
1942 if (stream != NULL)
1943 start_ba_session = true;
1944 }
1945 }
1946 spin_unlock(&priv->stream_lock);
1947 }
1948
1949 dma = pci_map_single(priv->pdev, skb->data,
1950 skb->len, PCI_DMA_TODEVICE);
1951
1952 if (pci_dma_mapping_error(priv->pdev, dma)) {
1953 wiphy_debug(hw->wiphy,
1954 "failed to dma map skb, dropping TX frame.\n");
1955 if (start_ba_session) {
1956 spin_lock(&priv->stream_lock);
1957 mwl8k_remove_stream(hw, stream);
1958 spin_unlock(&priv->stream_lock);
1959 }
1960 dev_kfree_skb(skb);
1961 return;
1962 }
1963
1964 spin_lock_bh(&priv->tx_lock);
1965
1966 txq = priv->txq + index;
1967
1968 /* Mgmt frames that go out frequently are probe
1969 * responses. Other mgmt frames got out relatively
1970 * infrequently. Hence reserve 2 buffers so that
1971 * other mgmt frames do not get dropped due to an
1972 * already queued probe response in one of the
1973 * reserved buffers.
1974 */
1975
1976 if (txq->len >= MWL8K_TX_DESCS - 2) {
1977 if (mgmtframe == false ||
1978 txq->len == MWL8K_TX_DESCS) {
1979 if (start_ba_session) {
1980 spin_lock(&priv->stream_lock);
1981 mwl8k_remove_stream(hw, stream);
1982 spin_unlock(&priv->stream_lock);
1983 }
1984 spin_unlock_bh(&priv->tx_lock);
1985 dev_kfree_skb(skb);
1986 return;
1987 }
1988 }
1989
1990 BUG_ON(txq->skb[txq->tail] != NULL);
1991 txq->skb[txq->tail] = skb;
1992
1993 tx = txq->txd + txq->tail;
1994 tx->data_rate = txdatarate;
1995 tx->tx_priority = txpriority;
1996 tx->qos_control = cpu_to_le16(qos);
1997 tx->pkt_phys_addr = cpu_to_le32(dma);
1998 tx->pkt_len = cpu_to_le16(skb->len);
1999 tx->rate_info = 0;
2000 if (!priv->ap_fw && tx_info->control.sta != NULL)
2001 tx->peer_id = MWL8K_STA(tx_info->control.sta)->peer_id;
2002 else
2003 tx->peer_id = 0;
2004
2005 if (priv->ap_fw)
2006 tx->timestamp = cpu_to_le32(ioread32(priv->regs +
2007 MWL8K_HW_TIMER_REGISTER));
2008
2009 wmb();
2010 tx->status = cpu_to_le32(MWL8K_TXD_STATUS_FW_OWNED | txstatus);
2011
2012 txq->len++;
2013 priv->pending_tx_pkts++;
2014
2015 txq->tail++;
2016 if (txq->tail == MWL8K_TX_DESCS)
2017 txq->tail = 0;
2018
2019 mwl8k_tx_start(priv);
2020
2021 spin_unlock_bh(&priv->tx_lock);
2022
2023 /* Initiate the ampdu session here */
2024 if (start_ba_session) {
2025 spin_lock(&priv->stream_lock);
2026 if (mwl8k_start_stream(hw, stream))
2027 mwl8k_remove_stream(hw, stream);
2028 spin_unlock(&priv->stream_lock);
2029 }
2030}
2031
2032
2033/*
2034 * Firmware access.
2035 *
2036 * We have the following requirements for issuing firmware commands:
2037 * - Some commands require that the packet transmit path is idle when
2038 * the command is issued. (For simplicity, we'll just quiesce the
2039 * transmit path for every command.)
2040 * - There are certain sequences of commands that need to be issued to
2041 * the hardware sequentially, with no other intervening commands.
2042 *
2043 * This leads to an implementation of a "firmware lock" as a mutex that
2044 * can be taken recursively, and which is taken by both the low-level
2045 * command submission function (mwl8k_post_cmd) as well as any users of
2046 * that function that require issuing of an atomic sequence of commands,
2047 * and quiesces the transmit path whenever it's taken.
2048 */
2049static int mwl8k_fw_lock(struct ieee80211_hw *hw)
2050{
2051 struct mwl8k_priv *priv = hw->priv;
2052
2053 if (priv->fw_mutex_owner != current) {
2054 int rc;
2055
2056 mutex_lock(&priv->fw_mutex);
2057 ieee80211_stop_queues(hw);
2058
2059 rc = mwl8k_tx_wait_empty(hw);
2060 if (rc) {
2061 ieee80211_wake_queues(hw);
2062 mutex_unlock(&priv->fw_mutex);
2063
2064 return rc;
2065 }
2066
2067 priv->fw_mutex_owner = current;
2068 }
2069
2070 priv->fw_mutex_depth++;
2071
2072 return 0;
2073}
2074
2075static void mwl8k_fw_unlock(struct ieee80211_hw *hw)
2076{
2077 struct mwl8k_priv *priv = hw->priv;
2078
2079 if (!--priv->fw_mutex_depth) {
2080 ieee80211_wake_queues(hw);
2081 priv->fw_mutex_owner = NULL;
2082 mutex_unlock(&priv->fw_mutex);
2083 }
2084}
2085
2086
2087/*
2088 * Command processing.
2089 */
2090
2091/* Timeout firmware commands after 10s */
2092#define MWL8K_CMD_TIMEOUT_MS 10000
2093
2094static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2095{
2096 DECLARE_COMPLETION_ONSTACK(cmd_wait);
2097 struct mwl8k_priv *priv = hw->priv;
2098 void __iomem *regs = priv->regs;
2099 dma_addr_t dma_addr;
2100 unsigned int dma_size;
2101 int rc;
2102 unsigned long timeout = 0;
2103 u8 buf[32];
2104
2105 cmd->result = (__force __le16) 0xffff;
2106 dma_size = le16_to_cpu(cmd->length);
2107 dma_addr = pci_map_single(priv->pdev, cmd, dma_size,
2108 PCI_DMA_BIDIRECTIONAL);
2109 if (pci_dma_mapping_error(priv->pdev, dma_addr))
2110 return -ENOMEM;
2111
2112 rc = mwl8k_fw_lock(hw);
2113 if (rc) {
2114 pci_unmap_single(priv->pdev, dma_addr, dma_size,
2115 PCI_DMA_BIDIRECTIONAL);
2116 return rc;
2117 }
2118
2119 priv->hostcmd_wait = &cmd_wait;
2120 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR);
2121 iowrite32(MWL8K_H2A_INT_DOORBELL,
2122 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
2123 iowrite32(MWL8K_H2A_INT_DUMMY,
2124 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
2125
2126 timeout = wait_for_completion_timeout(&cmd_wait,
2127 msecs_to_jiffies(MWL8K_CMD_TIMEOUT_MS));
2128
2129 priv->hostcmd_wait = NULL;
2130
2131 mwl8k_fw_unlock(hw);
2132
2133 pci_unmap_single(priv->pdev, dma_addr, dma_size,
2134 PCI_DMA_BIDIRECTIONAL);
2135
2136 if (!timeout) {
2137 wiphy_err(hw->wiphy, "Command %s timeout after %u ms\n",
2138 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)),
2139 MWL8K_CMD_TIMEOUT_MS);
2140 rc = -ETIMEDOUT;
2141 } else {
2142 int ms;
2143
2144 ms = MWL8K_CMD_TIMEOUT_MS - jiffies_to_msecs(timeout);
2145
2146 rc = cmd->result ? -EINVAL : 0;
2147 if (rc)
2148 wiphy_err(hw->wiphy, "Command %s error 0x%x\n",
2149 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)),
2150 le16_to_cpu(cmd->result));
2151 else if (ms > 2000)
2152 wiphy_notice(hw->wiphy, "Command %s took %d ms\n",
2153 mwl8k_cmd_name(cmd->code,
2154 buf, sizeof(buf)),
2155 ms);
2156 }
2157
2158 return rc;
2159}
2160
2161static int mwl8k_post_pervif_cmd(struct ieee80211_hw *hw,
2162 struct ieee80211_vif *vif,
2163 struct mwl8k_cmd_pkt *cmd)
2164{
2165 if (vif != NULL)
2166 cmd->macid = MWL8K_VIF(vif)->macid;
2167 return mwl8k_post_cmd(hw, cmd);
2168}
2169
2170/*
2171 * Setup code shared between STA and AP firmware images.
2172 */
2173static void mwl8k_setup_2ghz_band(struct ieee80211_hw *hw)
2174{
2175 struct mwl8k_priv *priv = hw->priv;
2176
2177 BUILD_BUG_ON(sizeof(priv->channels_24) != sizeof(mwl8k_channels_24));
2178 memcpy(priv->channels_24, mwl8k_channels_24, sizeof(mwl8k_channels_24));
2179
2180 BUILD_BUG_ON(sizeof(priv->rates_24) != sizeof(mwl8k_rates_24));
2181 memcpy(priv->rates_24, mwl8k_rates_24, sizeof(mwl8k_rates_24));
2182
2183 priv->band_24.band = IEEE80211_BAND_2GHZ;
2184 priv->band_24.channels = priv->channels_24;
2185 priv->band_24.n_channels = ARRAY_SIZE(mwl8k_channels_24);
2186 priv->band_24.bitrates = priv->rates_24;
2187 priv->band_24.n_bitrates = ARRAY_SIZE(mwl8k_rates_24);
2188
2189 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &priv->band_24;
2190}
2191
2192static void mwl8k_setup_5ghz_band(struct ieee80211_hw *hw)
2193{
2194 struct mwl8k_priv *priv = hw->priv;
2195
2196 BUILD_BUG_ON(sizeof(priv->channels_50) != sizeof(mwl8k_channels_50));
2197 memcpy(priv->channels_50, mwl8k_channels_50, sizeof(mwl8k_channels_50));
2198
2199 BUILD_BUG_ON(sizeof(priv->rates_50) != sizeof(mwl8k_rates_50));
2200 memcpy(priv->rates_50, mwl8k_rates_50, sizeof(mwl8k_rates_50));
2201
2202 priv->band_50.band = IEEE80211_BAND_5GHZ;
2203 priv->band_50.channels = priv->channels_50;
2204 priv->band_50.n_channels = ARRAY_SIZE(mwl8k_channels_50);
2205 priv->band_50.bitrates = priv->rates_50;
2206 priv->band_50.n_bitrates = ARRAY_SIZE(mwl8k_rates_50);
2207
2208 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &priv->band_50;
2209}
2210
2211/*
2212 * CMD_GET_HW_SPEC (STA version).
2213 */
2214struct mwl8k_cmd_get_hw_spec_sta {
2215 struct mwl8k_cmd_pkt header;
2216 __u8 hw_rev;
2217 __u8 host_interface;
2218 __le16 num_mcaddrs;
2219 __u8 perm_addr[ETH_ALEN];
2220 __le16 region_code;
2221 __le32 fw_rev;
2222 __le32 ps_cookie;
2223 __le32 caps;
2224 __u8 mcs_bitmap[16];
2225 __le32 rx_queue_ptr;
2226 __le32 num_tx_queues;
2227 __le32 tx_queue_ptrs[MWL8K_TX_WMM_QUEUES];
2228 __le32 caps2;
2229 __le32 num_tx_desc_per_queue;
2230 __le32 total_rxd;
2231} __packed;
2232
2233#define MWL8K_CAP_MAX_AMSDU 0x20000000
2234#define MWL8K_CAP_GREENFIELD 0x08000000
2235#define MWL8K_CAP_AMPDU 0x04000000
2236#define MWL8K_CAP_RX_STBC 0x01000000
2237#define MWL8K_CAP_TX_STBC 0x00800000
2238#define MWL8K_CAP_SHORTGI_40MHZ 0x00400000
2239#define MWL8K_CAP_SHORTGI_20MHZ 0x00200000
2240#define MWL8K_CAP_RX_ANTENNA_MASK 0x000e0000
2241#define MWL8K_CAP_TX_ANTENNA_MASK 0x0001c000
2242#define MWL8K_CAP_DELAY_BA 0x00003000
2243#define MWL8K_CAP_MIMO 0x00000200
2244#define MWL8K_CAP_40MHZ 0x00000100
2245#define MWL8K_CAP_BAND_MASK 0x00000007
2246#define MWL8K_CAP_5GHZ 0x00000004
2247#define MWL8K_CAP_2GHZ4 0x00000001
2248
2249static void
2250mwl8k_set_ht_caps(struct ieee80211_hw *hw,
2251 struct ieee80211_supported_band *band, u32 cap)
2252{
2253 int rx_streams;
2254 int tx_streams;
2255
2256 band->ht_cap.ht_supported = 1;
2257
2258 if (cap & MWL8K_CAP_MAX_AMSDU)
2259 band->ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
2260 if (cap & MWL8K_CAP_GREENFIELD)
2261 band->ht_cap.cap |= IEEE80211_HT_CAP_GRN_FLD;
2262 if (cap & MWL8K_CAP_AMPDU) {
2263 hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
2264 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
2265 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_NONE;
2266 }
2267 if (cap & MWL8K_CAP_RX_STBC)
2268 band->ht_cap.cap |= IEEE80211_HT_CAP_RX_STBC;
2269 if (cap & MWL8K_CAP_TX_STBC)
2270 band->ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
2271 if (cap & MWL8K_CAP_SHORTGI_40MHZ)
2272 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
2273 if (cap & MWL8K_CAP_SHORTGI_20MHZ)
2274 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
2275 if (cap & MWL8K_CAP_DELAY_BA)
2276 band->ht_cap.cap |= IEEE80211_HT_CAP_DELAY_BA;
2277 if (cap & MWL8K_CAP_40MHZ)
2278 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
2279
2280 rx_streams = hweight32(cap & MWL8K_CAP_RX_ANTENNA_MASK);
2281 tx_streams = hweight32(cap & MWL8K_CAP_TX_ANTENNA_MASK);
2282
2283 band->ht_cap.mcs.rx_mask[0] = 0xff;
2284 if (rx_streams >= 2)
2285 band->ht_cap.mcs.rx_mask[1] = 0xff;
2286 if (rx_streams >= 3)
2287 band->ht_cap.mcs.rx_mask[2] = 0xff;
2288 band->ht_cap.mcs.rx_mask[4] = 0x01;
2289 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2290
2291 if (rx_streams != tx_streams) {
2292 band->ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_RX_DIFF;
2293 band->ht_cap.mcs.tx_params |= (tx_streams - 1) <<
2294 IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
2295 }
2296}
2297
2298static void
2299mwl8k_set_caps(struct ieee80211_hw *hw, u32 caps)
2300{
2301 struct mwl8k_priv *priv = hw->priv;
2302
2303 if ((caps & MWL8K_CAP_2GHZ4) || !(caps & MWL8K_CAP_BAND_MASK)) {
2304 mwl8k_setup_2ghz_band(hw);
2305 if (caps & MWL8K_CAP_MIMO)
2306 mwl8k_set_ht_caps(hw, &priv->band_24, caps);
2307 }
2308
2309 if (caps & MWL8K_CAP_5GHZ) {
2310 mwl8k_setup_5ghz_band(hw);
2311 if (caps & MWL8K_CAP_MIMO)
2312 mwl8k_set_ht_caps(hw, &priv->band_50, caps);
2313 }
2314}
2315
2316static int mwl8k_cmd_get_hw_spec_sta(struct ieee80211_hw *hw)
2317{
2318 struct mwl8k_priv *priv = hw->priv;
2319 struct mwl8k_cmd_get_hw_spec_sta *cmd;
2320 int rc;
2321 int i;
2322
2323 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2324 if (cmd == NULL)
2325 return -ENOMEM;
2326
2327 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_HW_SPEC);
2328 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2329
2330 memset(cmd->perm_addr, 0xff, sizeof(cmd->perm_addr));
2331 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2332 cmd->rx_queue_ptr = cpu_to_le32(priv->rxq[0].rxd_dma);
2333 cmd->num_tx_queues = cpu_to_le32(mwl8k_tx_queues(priv));
2334 for (i = 0; i < mwl8k_tx_queues(priv); i++)
2335 cmd->tx_queue_ptrs[i] = cpu_to_le32(priv->txq[i].txd_dma);
2336 cmd->num_tx_desc_per_queue = cpu_to_le32(MWL8K_TX_DESCS);
2337 cmd->total_rxd = cpu_to_le32(MWL8K_RX_DESCS);
2338
2339 rc = mwl8k_post_cmd(hw, &cmd->header);
2340
2341 if (!rc) {
2342 SET_IEEE80211_PERM_ADDR(hw, cmd->perm_addr);
2343 priv->num_mcaddrs = le16_to_cpu(cmd->num_mcaddrs);
2344 priv->fw_rev = le32_to_cpu(cmd->fw_rev);
2345 priv->hw_rev = cmd->hw_rev;
2346 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps));
2347 priv->ap_macids_supported = 0x00000000;
2348 priv->sta_macids_supported = 0x00000001;
2349 }
2350
2351 kfree(cmd);
2352 return rc;
2353}
2354
2355/*
2356 * CMD_GET_HW_SPEC (AP version).
2357 */
2358struct mwl8k_cmd_get_hw_spec_ap {
2359 struct mwl8k_cmd_pkt header;
2360 __u8 hw_rev;
2361 __u8 host_interface;
2362 __le16 num_wcb;
2363 __le16 num_mcaddrs;
2364 __u8 perm_addr[ETH_ALEN];
2365 __le16 region_code;
2366 __le16 num_antenna;
2367 __le32 fw_rev;
2368 __le32 wcbbase0;
2369 __le32 rxwrptr;
2370 __le32 rxrdptr;
2371 __le32 ps_cookie;
2372 __le32 wcbbase1;
2373 __le32 wcbbase2;
2374 __le32 wcbbase3;
2375 __le32 fw_api_version;
2376 __le32 caps;
2377 __le32 num_of_ampdu_queues;
2378 __le32 wcbbase_ampdu[MWL8K_MAX_AMPDU_QUEUES];
2379} __packed;
2380
2381static int mwl8k_cmd_get_hw_spec_ap(struct ieee80211_hw *hw)
2382{
2383 struct mwl8k_priv *priv = hw->priv;
2384 struct mwl8k_cmd_get_hw_spec_ap *cmd;
2385 int rc, i;
2386 u32 api_version;
2387
2388 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2389 if (cmd == NULL)
2390 return -ENOMEM;
2391
2392 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_HW_SPEC);
2393 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2394
2395 memset(cmd->perm_addr, 0xff, sizeof(cmd->perm_addr));
2396 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2397
2398 rc = mwl8k_post_cmd(hw, &cmd->header);
2399
2400 if (!rc) {
2401 int off;
2402
2403 api_version = le32_to_cpu(cmd->fw_api_version);
2404 if (priv->device_info->fw_api_ap != api_version) {
2405 printk(KERN_ERR "%s: Unsupported fw API version for %s."
2406 " Expected %d got %d.\n", MWL8K_NAME,
2407 priv->device_info->part_name,
2408 priv->device_info->fw_api_ap,
2409 api_version);
2410 rc = -EINVAL;
2411 goto done;
2412 }
2413 SET_IEEE80211_PERM_ADDR(hw, cmd->perm_addr);
2414 priv->num_mcaddrs = le16_to_cpu(cmd->num_mcaddrs);
2415 priv->fw_rev = le32_to_cpu(cmd->fw_rev);
2416 priv->hw_rev = cmd->hw_rev;
2417 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps));
2418 priv->ap_macids_supported = 0x000000ff;
2419 priv->sta_macids_supported = 0x00000000;
2420 priv->num_ampdu_queues = le32_to_cpu(cmd->num_of_ampdu_queues);
2421 if (priv->num_ampdu_queues > MWL8K_MAX_AMPDU_QUEUES) {
2422 wiphy_warn(hw->wiphy, "fw reported %d ampdu queues"
2423 " but we only support %d.\n",
2424 priv->num_ampdu_queues,
2425 MWL8K_MAX_AMPDU_QUEUES);
2426 priv->num_ampdu_queues = MWL8K_MAX_AMPDU_QUEUES;
2427 }
2428 off = le32_to_cpu(cmd->rxwrptr) & 0xffff;
2429 iowrite32(priv->rxq[0].rxd_dma, priv->sram + off);
2430
2431 off = le32_to_cpu(cmd->rxrdptr) & 0xffff;
2432 iowrite32(priv->rxq[0].rxd_dma, priv->sram + off);
2433
2434 priv->txq_offset[0] = le32_to_cpu(cmd->wcbbase0) & 0xffff;
2435 priv->txq_offset[1] = le32_to_cpu(cmd->wcbbase1) & 0xffff;
2436 priv->txq_offset[2] = le32_to_cpu(cmd->wcbbase2) & 0xffff;
2437 priv->txq_offset[3] = le32_to_cpu(cmd->wcbbase3) & 0xffff;
2438
2439 for (i = 0; i < priv->num_ampdu_queues; i++)
2440 priv->txq_offset[i + MWL8K_TX_WMM_QUEUES] =
2441 le32_to_cpu(cmd->wcbbase_ampdu[i]) & 0xffff;
2442 }
2443
2444done:
2445 kfree(cmd);
2446 return rc;
2447}
2448
2449/*
2450 * CMD_SET_HW_SPEC.
2451 */
2452struct mwl8k_cmd_set_hw_spec {
2453 struct mwl8k_cmd_pkt header;
2454 __u8 hw_rev;
2455 __u8 host_interface;
2456 __le16 num_mcaddrs;
2457 __u8 perm_addr[ETH_ALEN];
2458 __le16 region_code;
2459 __le32 fw_rev;
2460 __le32 ps_cookie;
2461 __le32 caps;
2462 __le32 rx_queue_ptr;
2463 __le32 num_tx_queues;
2464 __le32 tx_queue_ptrs[MWL8K_MAX_TX_QUEUES];
2465 __le32 flags;
2466 __le32 num_tx_desc_per_queue;
2467 __le32 total_rxd;
2468} __packed;
2469
2470/* If enabled, MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY will cause
2471 * packets to expire 500 ms after the timestamp in the tx descriptor. That is,
2472 * the packets that are queued for more than 500ms, will be dropped in the
2473 * hardware. This helps minimizing the issues caused due to head-of-line
2474 * blocking where a slow client can hog the bandwidth and affect traffic to a
2475 * faster client.
2476 */
2477#define MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY 0x00000400
2478#define MWL8K_SET_HW_SPEC_FLAG_GENERATE_CCMP_HDR 0x00000200
2479#define MWL8K_SET_HW_SPEC_FLAG_HOST_DECR_MGMT 0x00000080
2480#define MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_PROBERESP 0x00000020
2481#define MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_BEACON 0x00000010
2482
2483static int mwl8k_cmd_set_hw_spec(struct ieee80211_hw *hw)
2484{
2485 struct mwl8k_priv *priv = hw->priv;
2486 struct mwl8k_cmd_set_hw_spec *cmd;
2487 int rc;
2488 int i;
2489
2490 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2491 if (cmd == NULL)
2492 return -ENOMEM;
2493
2494 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_HW_SPEC);
2495 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2496
2497 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2498 cmd->rx_queue_ptr = cpu_to_le32(priv->rxq[0].rxd_dma);
2499 cmd->num_tx_queues = cpu_to_le32(mwl8k_tx_queues(priv));
2500
2501 /*
2502 * Mac80211 stack has Q0 as highest priority and Q3 as lowest in
2503 * that order. Firmware has Q3 as highest priority and Q0 as lowest
2504 * in that order. Map Q3 of mac80211 to Q0 of firmware so that the
2505 * priority is interpreted the right way in firmware.
2506 */
2507 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
2508 int j = mwl8k_tx_queues(priv) - 1 - i;
2509 cmd->tx_queue_ptrs[i] = cpu_to_le32(priv->txq[j].txd_dma);
2510 }
2511
2512 cmd->flags = cpu_to_le32(MWL8K_SET_HW_SPEC_FLAG_HOST_DECR_MGMT |
2513 MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_PROBERESP |
2514 MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_BEACON |
2515 MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY |
2516 MWL8K_SET_HW_SPEC_FLAG_GENERATE_CCMP_HDR);
2517 cmd->num_tx_desc_per_queue = cpu_to_le32(MWL8K_TX_DESCS);
2518 cmd->total_rxd = cpu_to_le32(MWL8K_RX_DESCS);
2519
2520 rc = mwl8k_post_cmd(hw, &cmd->header);
2521 kfree(cmd);
2522
2523 return rc;
2524}
2525
2526/*
2527 * CMD_MAC_MULTICAST_ADR.
2528 */
2529struct mwl8k_cmd_mac_multicast_adr {
2530 struct mwl8k_cmd_pkt header;
2531 __le16 action;
2532 __le16 numaddr;
2533 __u8 addr[0][ETH_ALEN];
2534};
2535
2536#define MWL8K_ENABLE_RX_DIRECTED 0x0001
2537#define MWL8K_ENABLE_RX_MULTICAST 0x0002
2538#define MWL8K_ENABLE_RX_ALL_MULTICAST 0x0004
2539#define MWL8K_ENABLE_RX_BROADCAST 0x0008
2540
2541static struct mwl8k_cmd_pkt *
2542__mwl8k_cmd_mac_multicast_adr(struct ieee80211_hw *hw, int allmulti,
2543 struct netdev_hw_addr_list *mc_list)
2544{
2545 struct mwl8k_priv *priv = hw->priv;
2546 struct mwl8k_cmd_mac_multicast_adr *cmd;
2547 int size;
2548 int mc_count = 0;
2549
2550 if (mc_list)
2551 mc_count = netdev_hw_addr_list_count(mc_list);
2552
2553 if (allmulti || mc_count > priv->num_mcaddrs) {
2554 allmulti = 1;
2555 mc_count = 0;
2556 }
2557
2558 size = sizeof(*cmd) + mc_count * ETH_ALEN;
2559
2560 cmd = kzalloc(size, GFP_ATOMIC);
2561 if (cmd == NULL)
2562 return NULL;
2563
2564 cmd->header.code = cpu_to_le16(MWL8K_CMD_MAC_MULTICAST_ADR);
2565 cmd->header.length = cpu_to_le16(size);
2566 cmd->action = cpu_to_le16(MWL8K_ENABLE_RX_DIRECTED |
2567 MWL8K_ENABLE_RX_BROADCAST);
2568
2569 if (allmulti) {
2570 cmd->action |= cpu_to_le16(MWL8K_ENABLE_RX_ALL_MULTICAST);
2571 } else if (mc_count) {
2572 struct netdev_hw_addr *ha;
2573 int i = 0;
2574
2575 cmd->action |= cpu_to_le16(MWL8K_ENABLE_RX_MULTICAST);
2576 cmd->numaddr = cpu_to_le16(mc_count);
2577 netdev_hw_addr_list_for_each(ha, mc_list) {
2578 memcpy(cmd->addr[i], ha->addr, ETH_ALEN);
2579 }
2580 }
2581
2582 return &cmd->header;
2583}
2584
2585/*
2586 * CMD_GET_STAT.
2587 */
2588struct mwl8k_cmd_get_stat {
2589 struct mwl8k_cmd_pkt header;
2590 __le32 stats[64];
2591} __packed;
2592
2593#define MWL8K_STAT_ACK_FAILURE 9
2594#define MWL8K_STAT_RTS_FAILURE 12
2595#define MWL8K_STAT_FCS_ERROR 24
2596#define MWL8K_STAT_RTS_SUCCESS 11
2597
2598static int mwl8k_cmd_get_stat(struct ieee80211_hw *hw,
2599 struct ieee80211_low_level_stats *stats)
2600{
2601 struct mwl8k_cmd_get_stat *cmd;
2602 int rc;
2603
2604 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2605 if (cmd == NULL)
2606 return -ENOMEM;
2607
2608 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_STAT);
2609 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2610
2611 rc = mwl8k_post_cmd(hw, &cmd->header);
2612 if (!rc) {
2613 stats->dot11ACKFailureCount =
2614 le32_to_cpu(cmd->stats[MWL8K_STAT_ACK_FAILURE]);
2615 stats->dot11RTSFailureCount =
2616 le32_to_cpu(cmd->stats[MWL8K_STAT_RTS_FAILURE]);
2617 stats->dot11FCSErrorCount =
2618 le32_to_cpu(cmd->stats[MWL8K_STAT_FCS_ERROR]);
2619 stats->dot11RTSSuccessCount =
2620 le32_to_cpu(cmd->stats[MWL8K_STAT_RTS_SUCCESS]);
2621 }
2622 kfree(cmd);
2623
2624 return rc;
2625}
2626
2627/*
2628 * CMD_RADIO_CONTROL.
2629 */
2630struct mwl8k_cmd_radio_control {
2631 struct mwl8k_cmd_pkt header;
2632 __le16 action;
2633 __le16 control;
2634 __le16 radio_on;
2635} __packed;
2636
2637static int
2638mwl8k_cmd_radio_control(struct ieee80211_hw *hw, bool enable, bool force)
2639{
2640 struct mwl8k_priv *priv = hw->priv;
2641 struct mwl8k_cmd_radio_control *cmd;
2642 int rc;
2643
2644 if (enable == priv->radio_on && !force)
2645 return 0;
2646
2647 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2648 if (cmd == NULL)
2649 return -ENOMEM;
2650
2651 cmd->header.code = cpu_to_le16(MWL8K_CMD_RADIO_CONTROL);
2652 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2653 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
2654 cmd->control = cpu_to_le16(priv->radio_short_preamble ? 3 : 1);
2655 cmd->radio_on = cpu_to_le16(enable ? 0x0001 : 0x0000);
2656
2657 rc = mwl8k_post_cmd(hw, &cmd->header);
2658 kfree(cmd);
2659
2660 if (!rc)
2661 priv->radio_on = enable;
2662
2663 return rc;
2664}
2665
2666static int mwl8k_cmd_radio_disable(struct ieee80211_hw *hw)
2667{
2668 return mwl8k_cmd_radio_control(hw, 0, 0);
2669}
2670
2671static int mwl8k_cmd_radio_enable(struct ieee80211_hw *hw)
2672{
2673 return mwl8k_cmd_radio_control(hw, 1, 0);
2674}
2675
2676static int
2677mwl8k_set_radio_preamble(struct ieee80211_hw *hw, bool short_preamble)
2678{
2679 struct mwl8k_priv *priv = hw->priv;
2680
2681 priv->radio_short_preamble = short_preamble;
2682
2683 return mwl8k_cmd_radio_control(hw, 1, 1);
2684}
2685
2686/*
2687 * CMD_RF_TX_POWER.
2688 */
2689#define MWL8K_RF_TX_POWER_LEVEL_TOTAL 8
2690
2691struct mwl8k_cmd_rf_tx_power {
2692 struct mwl8k_cmd_pkt header;
2693 __le16 action;
2694 __le16 support_level;
2695 __le16 current_level;
2696 __le16 reserved;
2697 __le16 power_level_list[MWL8K_RF_TX_POWER_LEVEL_TOTAL];
2698} __packed;
2699
2700static int mwl8k_cmd_rf_tx_power(struct ieee80211_hw *hw, int dBm)
2701{
2702 struct mwl8k_cmd_rf_tx_power *cmd;
2703 int rc;
2704
2705 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2706 if (cmd == NULL)
2707 return -ENOMEM;
2708
2709 cmd->header.code = cpu_to_le16(MWL8K_CMD_RF_TX_POWER);
2710 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2711 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
2712 cmd->support_level = cpu_to_le16(dBm);
2713
2714 rc = mwl8k_post_cmd(hw, &cmd->header);
2715 kfree(cmd);
2716
2717 return rc;
2718}
2719
2720/*
2721 * CMD_TX_POWER.
2722 */
2723#define MWL8K_TX_POWER_LEVEL_TOTAL 12
2724
2725struct mwl8k_cmd_tx_power {
2726 struct mwl8k_cmd_pkt header;
2727 __le16 action;
2728 __le16 band;
2729 __le16 channel;
2730 __le16 bw;
2731 __le16 sub_ch;
2732 __le16 power_level_list[MWL8K_TX_POWER_LEVEL_TOTAL];
2733} __packed;
2734
2735static int mwl8k_cmd_tx_power(struct ieee80211_hw *hw,
2736 struct ieee80211_conf *conf,
2737 unsigned short pwr)
2738{
2739 struct ieee80211_channel *channel = conf->channel;
2740 struct mwl8k_cmd_tx_power *cmd;
2741 int rc;
2742 int i;
2743
2744 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2745 if (cmd == NULL)
2746 return -ENOMEM;
2747
2748 cmd->header.code = cpu_to_le16(MWL8K_CMD_TX_POWER);
2749 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2750 cmd->action = cpu_to_le16(MWL8K_CMD_SET_LIST);
2751
2752 if (channel->band == IEEE80211_BAND_2GHZ)
2753 cmd->band = cpu_to_le16(0x1);
2754 else if (channel->band == IEEE80211_BAND_5GHZ)
2755 cmd->band = cpu_to_le16(0x4);
2756
2757 cmd->channel = channel->hw_value;
2758
2759 if (conf->channel_type == NL80211_CHAN_NO_HT ||
2760 conf->channel_type == NL80211_CHAN_HT20) {
2761 cmd->bw = cpu_to_le16(0x2);
2762 } else {
2763 cmd->bw = cpu_to_le16(0x4);
2764 if (conf->channel_type == NL80211_CHAN_HT40MINUS)
2765 cmd->sub_ch = cpu_to_le16(0x3);
2766 else if (conf->channel_type == NL80211_CHAN_HT40PLUS)
2767 cmd->sub_ch = cpu_to_le16(0x1);
2768 }
2769
2770 for (i = 0; i < MWL8K_TX_POWER_LEVEL_TOTAL; i++)
2771 cmd->power_level_list[i] = cpu_to_le16(pwr);
2772
2773 rc = mwl8k_post_cmd(hw, &cmd->header);
2774 kfree(cmd);
2775
2776 return rc;
2777}
2778
2779/*
2780 * CMD_RF_ANTENNA.
2781 */
2782struct mwl8k_cmd_rf_antenna {
2783 struct mwl8k_cmd_pkt header;
2784 __le16 antenna;
2785 __le16 mode;
2786} __packed;
2787
2788#define MWL8K_RF_ANTENNA_RX 1
2789#define MWL8K_RF_ANTENNA_TX 2
2790
2791static int
2792mwl8k_cmd_rf_antenna(struct ieee80211_hw *hw, int antenna, int mask)
2793{
2794 struct mwl8k_cmd_rf_antenna *cmd;
2795 int rc;
2796
2797 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2798 if (cmd == NULL)
2799 return -ENOMEM;
2800
2801 cmd->header.code = cpu_to_le16(MWL8K_CMD_RF_ANTENNA);
2802 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2803 cmd->antenna = cpu_to_le16(antenna);
2804 cmd->mode = cpu_to_le16(mask);
2805
2806 rc = mwl8k_post_cmd(hw, &cmd->header);
2807 kfree(cmd);
2808
2809 return rc;
2810}
2811
2812/*
2813 * CMD_SET_BEACON.
2814 */
2815struct mwl8k_cmd_set_beacon {
2816 struct mwl8k_cmd_pkt header;
2817 __le16 beacon_len;
2818 __u8 beacon[0];
2819};
2820
2821static int mwl8k_cmd_set_beacon(struct ieee80211_hw *hw,
2822 struct ieee80211_vif *vif, u8 *beacon, int len)
2823{
2824 struct mwl8k_cmd_set_beacon *cmd;
2825 int rc;
2826
2827 cmd = kzalloc(sizeof(*cmd) + len, GFP_KERNEL);
2828 if (cmd == NULL)
2829 return -ENOMEM;
2830
2831 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_BEACON);
2832 cmd->header.length = cpu_to_le16(sizeof(*cmd) + len);
2833 cmd->beacon_len = cpu_to_le16(len);
2834 memcpy(cmd->beacon, beacon, len);
2835
2836 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
2837 kfree(cmd);
2838
2839 return rc;
2840}
2841
2842/*
2843 * CMD_SET_PRE_SCAN.
2844 */
2845struct mwl8k_cmd_set_pre_scan {
2846 struct mwl8k_cmd_pkt header;
2847} __packed;
2848
2849static int mwl8k_cmd_set_pre_scan(struct ieee80211_hw *hw)
2850{
2851 struct mwl8k_cmd_set_pre_scan *cmd;
2852 int rc;
2853
2854 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2855 if (cmd == NULL)
2856 return -ENOMEM;
2857
2858 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_PRE_SCAN);
2859 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2860
2861 rc = mwl8k_post_cmd(hw, &cmd->header);
2862 kfree(cmd);
2863
2864 return rc;
2865}
2866
2867/*
2868 * CMD_SET_POST_SCAN.
2869 */
2870struct mwl8k_cmd_set_post_scan {
2871 struct mwl8k_cmd_pkt header;
2872 __le32 isibss;
2873 __u8 bssid[ETH_ALEN];
2874} __packed;
2875
2876static int
2877mwl8k_cmd_set_post_scan(struct ieee80211_hw *hw, const __u8 *mac)
2878{
2879 struct mwl8k_cmd_set_post_scan *cmd;
2880 int rc;
2881
2882 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2883 if (cmd == NULL)
2884 return -ENOMEM;
2885
2886 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_POST_SCAN);
2887 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2888 cmd->isibss = 0;
2889 memcpy(cmd->bssid, mac, ETH_ALEN);
2890
2891 rc = mwl8k_post_cmd(hw, &cmd->header);
2892 kfree(cmd);
2893
2894 return rc;
2895}
2896
2897/*
2898 * CMD_SET_RF_CHANNEL.
2899 */
2900struct mwl8k_cmd_set_rf_channel {
2901 struct mwl8k_cmd_pkt header;
2902 __le16 action;
2903 __u8 current_channel;
2904 __le32 channel_flags;
2905} __packed;
2906
2907static int mwl8k_cmd_set_rf_channel(struct ieee80211_hw *hw,
2908 struct ieee80211_conf *conf)
2909{
2910 struct ieee80211_channel *channel = conf->channel;
2911 struct mwl8k_cmd_set_rf_channel *cmd;
2912 int rc;
2913
2914 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2915 if (cmd == NULL)
2916 return -ENOMEM;
2917
2918 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RF_CHANNEL);
2919 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2920 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
2921 cmd->current_channel = channel->hw_value;
2922
2923 if (channel->band == IEEE80211_BAND_2GHZ)
2924 cmd->channel_flags |= cpu_to_le32(0x00000001);
2925 else if (channel->band == IEEE80211_BAND_5GHZ)
2926 cmd->channel_flags |= cpu_to_le32(0x00000004);
2927
2928 if (conf->channel_type == NL80211_CHAN_NO_HT ||
2929 conf->channel_type == NL80211_CHAN_HT20)
2930 cmd->channel_flags |= cpu_to_le32(0x00000080);
2931 else if (conf->channel_type == NL80211_CHAN_HT40MINUS)
2932 cmd->channel_flags |= cpu_to_le32(0x000001900);
2933 else if (conf->channel_type == NL80211_CHAN_HT40PLUS)
2934 cmd->channel_flags |= cpu_to_le32(0x000000900);
2935
2936 rc = mwl8k_post_cmd(hw, &cmd->header);
2937 kfree(cmd);
2938
2939 return rc;
2940}
2941
2942/*
2943 * CMD_SET_AID.
2944 */
2945#define MWL8K_FRAME_PROT_DISABLED 0x00
2946#define MWL8K_FRAME_PROT_11G 0x07
2947#define MWL8K_FRAME_PROT_11N_HT_40MHZ_ONLY 0x02
2948#define MWL8K_FRAME_PROT_11N_HT_ALL 0x06
2949
2950struct mwl8k_cmd_update_set_aid {
2951 struct mwl8k_cmd_pkt header;
2952 __le16 aid;
2953
2954 /* AP's MAC address (BSSID) */
2955 __u8 bssid[ETH_ALEN];
2956 __le16 protection_mode;
2957 __u8 supp_rates[14];
2958} __packed;
2959
2960static void legacy_rate_mask_to_array(u8 *rates, u32 mask)
2961{
2962 int i;
2963 int j;
2964
2965 /*
2966 * Clear nonstandard rates 4 and 13.
2967 */
2968 mask &= 0x1fef;
2969
2970 for (i = 0, j = 0; i < 14; i++) {
2971 if (mask & (1 << i))
2972 rates[j++] = mwl8k_rates_24[i].hw_value;
2973 }
2974}
2975
2976static int
2977mwl8k_cmd_set_aid(struct ieee80211_hw *hw,
2978 struct ieee80211_vif *vif, u32 legacy_rate_mask)
2979{
2980 struct mwl8k_cmd_update_set_aid *cmd;
2981 u16 prot_mode;
2982 int rc;
2983
2984 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2985 if (cmd == NULL)
2986 return -ENOMEM;
2987
2988 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_AID);
2989 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2990 cmd->aid = cpu_to_le16(vif->bss_conf.aid);
2991 memcpy(cmd->bssid, vif->bss_conf.bssid, ETH_ALEN);
2992
2993 if (vif->bss_conf.use_cts_prot) {
2994 prot_mode = MWL8K_FRAME_PROT_11G;
2995 } else {
2996 switch (vif->bss_conf.ht_operation_mode &
2997 IEEE80211_HT_OP_MODE_PROTECTION) {
2998 case IEEE80211_HT_OP_MODE_PROTECTION_20MHZ:
2999 prot_mode = MWL8K_FRAME_PROT_11N_HT_40MHZ_ONLY;
3000 break;
3001 case IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED:
3002 prot_mode = MWL8K_FRAME_PROT_11N_HT_ALL;
3003 break;
3004 default:
3005 prot_mode = MWL8K_FRAME_PROT_DISABLED;
3006 break;
3007 }
3008 }
3009 cmd->protection_mode = cpu_to_le16(prot_mode);
3010
3011 legacy_rate_mask_to_array(cmd->supp_rates, legacy_rate_mask);
3012
3013 rc = mwl8k_post_cmd(hw, &cmd->header);
3014 kfree(cmd);
3015
3016 return rc;
3017}
3018
3019/*
3020 * CMD_SET_RATE.
3021 */
3022struct mwl8k_cmd_set_rate {
3023 struct mwl8k_cmd_pkt header;
3024 __u8 legacy_rates[14];
3025
3026 /* Bitmap for supported MCS codes. */
3027 __u8 mcs_set[16];
3028 __u8 reserved[16];
3029} __packed;
3030
3031static int
3032mwl8k_cmd_set_rate(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
3033 u32 legacy_rate_mask, u8 *mcs_rates)
3034{
3035 struct mwl8k_cmd_set_rate *cmd;
3036 int rc;
3037
3038 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3039 if (cmd == NULL)
3040 return -ENOMEM;
3041
3042 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RATE);
3043 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3044 legacy_rate_mask_to_array(cmd->legacy_rates, legacy_rate_mask);
3045 memcpy(cmd->mcs_set, mcs_rates, 16);
3046
3047 rc = mwl8k_post_cmd(hw, &cmd->header);
3048 kfree(cmd);
3049
3050 return rc;
3051}
3052
3053/*
3054 * CMD_FINALIZE_JOIN.
3055 */
3056#define MWL8K_FJ_BEACON_MAXLEN 128
3057
3058struct mwl8k_cmd_finalize_join {
3059 struct mwl8k_cmd_pkt header;
3060 __le32 sleep_interval; /* Number of beacon periods to sleep */
3061 __u8 beacon_data[MWL8K_FJ_BEACON_MAXLEN];
3062} __packed;
3063
3064static int mwl8k_cmd_finalize_join(struct ieee80211_hw *hw, void *frame,
3065 int framelen, int dtim)
3066{
3067 struct mwl8k_cmd_finalize_join *cmd;
3068 struct ieee80211_mgmt *payload = frame;
3069 int payload_len;
3070 int rc;
3071
3072 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3073 if (cmd == NULL)
3074 return -ENOMEM;
3075
3076 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_FINALIZE_JOIN);
3077 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3078 cmd->sleep_interval = cpu_to_le32(dtim ? dtim : 1);
3079
3080 payload_len = framelen - ieee80211_hdrlen(payload->frame_control);
3081 if (payload_len < 0)
3082 payload_len = 0;
3083 else if (payload_len > MWL8K_FJ_BEACON_MAXLEN)
3084 payload_len = MWL8K_FJ_BEACON_MAXLEN;
3085
3086 memcpy(cmd->beacon_data, &payload->u.beacon, payload_len);
3087
3088 rc = mwl8k_post_cmd(hw, &cmd->header);
3089 kfree(cmd);
3090
3091 return rc;
3092}
3093
3094/*
3095 * CMD_SET_RTS_THRESHOLD.
3096 */
3097struct mwl8k_cmd_set_rts_threshold {
3098 struct mwl8k_cmd_pkt header;
3099 __le16 action;
3100 __le16 threshold;
3101} __packed;
3102
3103static int
3104mwl8k_cmd_set_rts_threshold(struct ieee80211_hw *hw, int rts_thresh)
3105{
3106 struct mwl8k_cmd_set_rts_threshold *cmd;
3107 int rc;
3108
3109 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3110 if (cmd == NULL)
3111 return -ENOMEM;
3112
3113 cmd->header.code = cpu_to_le16(MWL8K_CMD_RTS_THRESHOLD);
3114 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3115 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3116 cmd->threshold = cpu_to_le16(rts_thresh);
3117
3118 rc = mwl8k_post_cmd(hw, &cmd->header);
3119 kfree(cmd);
3120
3121 return rc;
3122}
3123
3124/*
3125 * CMD_SET_SLOT.
3126 */
3127struct mwl8k_cmd_set_slot {
3128 struct mwl8k_cmd_pkt header;
3129 __le16 action;
3130 __u8 short_slot;
3131} __packed;
3132
3133static int mwl8k_cmd_set_slot(struct ieee80211_hw *hw, bool short_slot_time)
3134{
3135 struct mwl8k_cmd_set_slot *cmd;
3136 int rc;
3137
3138 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3139 if (cmd == NULL)
3140 return -ENOMEM;
3141
3142 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_SLOT);
3143 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3144 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3145 cmd->short_slot = short_slot_time;
3146
3147 rc = mwl8k_post_cmd(hw, &cmd->header);
3148 kfree(cmd);
3149
3150 return rc;
3151}
3152
3153/*
3154 * CMD_SET_EDCA_PARAMS.
3155 */
3156struct mwl8k_cmd_set_edca_params {
3157 struct mwl8k_cmd_pkt header;
3158
3159 /* See MWL8K_SET_EDCA_XXX below */
3160 __le16 action;
3161
3162 /* TX opportunity in units of 32 us */
3163 __le16 txop;
3164
3165 union {
3166 struct {
3167 /* Log exponent of max contention period: 0...15 */
3168 __le32 log_cw_max;
3169
3170 /* Log exponent of min contention period: 0...15 */
3171 __le32 log_cw_min;
3172
3173 /* Adaptive interframe spacing in units of 32us */
3174 __u8 aifs;
3175
3176 /* TX queue to configure */
3177 __u8 txq;
3178 } ap;
3179 struct {
3180 /* Log exponent of max contention period: 0...15 */
3181 __u8 log_cw_max;
3182
3183 /* Log exponent of min contention period: 0...15 */
3184 __u8 log_cw_min;
3185
3186 /* Adaptive interframe spacing in units of 32us */
3187 __u8 aifs;
3188
3189 /* TX queue to configure */
3190 __u8 txq;
3191 } sta;
3192 };
3193} __packed;
3194
3195#define MWL8K_SET_EDCA_CW 0x01
3196#define MWL8K_SET_EDCA_TXOP 0x02
3197#define MWL8K_SET_EDCA_AIFS 0x04
3198
3199#define MWL8K_SET_EDCA_ALL (MWL8K_SET_EDCA_CW | \
3200 MWL8K_SET_EDCA_TXOP | \
3201 MWL8K_SET_EDCA_AIFS)
3202
3203static int
3204mwl8k_cmd_set_edca_params(struct ieee80211_hw *hw, __u8 qnum,
3205 __u16 cw_min, __u16 cw_max,
3206 __u8 aifs, __u16 txop)
3207{
3208 struct mwl8k_priv *priv = hw->priv;
3209 struct mwl8k_cmd_set_edca_params *cmd;
3210 int rc;
3211
3212 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3213 if (cmd == NULL)
3214 return -ENOMEM;
3215
3216 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_EDCA_PARAMS);
3217 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3218 cmd->action = cpu_to_le16(MWL8K_SET_EDCA_ALL);
3219 cmd->txop = cpu_to_le16(txop);
3220 if (priv->ap_fw) {
3221 cmd->ap.log_cw_max = cpu_to_le32(ilog2(cw_max + 1));
3222 cmd->ap.log_cw_min = cpu_to_le32(ilog2(cw_min + 1));
3223 cmd->ap.aifs = aifs;
3224 cmd->ap.txq = qnum;
3225 } else {
3226 cmd->sta.log_cw_max = (u8)ilog2(cw_max + 1);
3227 cmd->sta.log_cw_min = (u8)ilog2(cw_min + 1);
3228 cmd->sta.aifs = aifs;
3229 cmd->sta.txq = qnum;
3230 }
3231
3232 rc = mwl8k_post_cmd(hw, &cmd->header);
3233 kfree(cmd);
3234
3235 return rc;
3236}
3237
3238/*
3239 * CMD_SET_WMM_MODE.
3240 */
3241struct mwl8k_cmd_set_wmm_mode {
3242 struct mwl8k_cmd_pkt header;
3243 __le16 action;
3244} __packed;
3245
3246static int mwl8k_cmd_set_wmm_mode(struct ieee80211_hw *hw, bool enable)
3247{
3248 struct mwl8k_priv *priv = hw->priv;
3249 struct mwl8k_cmd_set_wmm_mode *cmd;
3250 int rc;
3251
3252 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3253 if (cmd == NULL)
3254 return -ENOMEM;
3255
3256 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_WMM_MODE);
3257 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3258 cmd->action = cpu_to_le16(!!enable);
3259
3260 rc = mwl8k_post_cmd(hw, &cmd->header);
3261 kfree(cmd);
3262
3263 if (!rc)
3264 priv->wmm_enabled = enable;
3265
3266 return rc;
3267}
3268
3269/*
3270 * CMD_MIMO_CONFIG.
3271 */
3272struct mwl8k_cmd_mimo_config {
3273 struct mwl8k_cmd_pkt header;
3274 __le32 action;
3275 __u8 rx_antenna_map;
3276 __u8 tx_antenna_map;
3277} __packed;
3278
3279static int mwl8k_cmd_mimo_config(struct ieee80211_hw *hw, __u8 rx, __u8 tx)
3280{
3281 struct mwl8k_cmd_mimo_config *cmd;
3282 int rc;
3283
3284 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3285 if (cmd == NULL)
3286 return -ENOMEM;
3287
3288 cmd->header.code = cpu_to_le16(MWL8K_CMD_MIMO_CONFIG);
3289 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3290 cmd->action = cpu_to_le32((u32)MWL8K_CMD_SET);
3291 cmd->rx_antenna_map = rx;
3292 cmd->tx_antenna_map = tx;
3293
3294 rc = mwl8k_post_cmd(hw, &cmd->header);
3295 kfree(cmd);
3296
3297 return rc;
3298}
3299
3300/*
3301 * CMD_USE_FIXED_RATE (STA version).
3302 */
3303struct mwl8k_cmd_use_fixed_rate_sta {
3304 struct mwl8k_cmd_pkt header;
3305 __le32 action;
3306 __le32 allow_rate_drop;
3307 __le32 num_rates;
3308 struct {
3309 __le32 is_ht_rate;
3310 __le32 enable_retry;
3311 __le32 rate;
3312 __le32 retry_count;
3313 } rate_entry[8];
3314 __le32 rate_type;
3315 __le32 reserved1;
3316 __le32 reserved2;
3317} __packed;
3318
3319#define MWL8K_USE_AUTO_RATE 0x0002
3320#define MWL8K_UCAST_RATE 0
3321
3322static int mwl8k_cmd_use_fixed_rate_sta(struct ieee80211_hw *hw)
3323{
3324 struct mwl8k_cmd_use_fixed_rate_sta *cmd;
3325 int rc;
3326
3327 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3328 if (cmd == NULL)
3329 return -ENOMEM;
3330
3331 cmd->header.code = cpu_to_le16(MWL8K_CMD_USE_FIXED_RATE);
3332 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3333 cmd->action = cpu_to_le32(MWL8K_USE_AUTO_RATE);
3334 cmd->rate_type = cpu_to_le32(MWL8K_UCAST_RATE);
3335
3336 rc = mwl8k_post_cmd(hw, &cmd->header);
3337 kfree(cmd);
3338
3339 return rc;
3340}
3341
3342/*
3343 * CMD_USE_FIXED_RATE (AP version).
3344 */
3345struct mwl8k_cmd_use_fixed_rate_ap {
3346 struct mwl8k_cmd_pkt header;
3347 __le32 action;
3348 __le32 allow_rate_drop;
3349 __le32 num_rates;
3350 struct mwl8k_rate_entry_ap {
3351 __le32 is_ht_rate;
3352 __le32 enable_retry;
3353 __le32 rate;
3354 __le32 retry_count;
3355 } rate_entry[4];
3356 u8 multicast_rate;
3357 u8 multicast_rate_type;
3358 u8 management_rate;
3359} __packed;
3360
3361static int
3362mwl8k_cmd_use_fixed_rate_ap(struct ieee80211_hw *hw, int mcast, int mgmt)
3363{
3364 struct mwl8k_cmd_use_fixed_rate_ap *cmd;
3365 int rc;
3366
3367 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3368 if (cmd == NULL)
3369 return -ENOMEM;
3370
3371 cmd->header.code = cpu_to_le16(MWL8K_CMD_USE_FIXED_RATE);
3372 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3373 cmd->action = cpu_to_le32(MWL8K_USE_AUTO_RATE);
3374 cmd->multicast_rate = mcast;
3375 cmd->management_rate = mgmt;
3376
3377 rc = mwl8k_post_cmd(hw, &cmd->header);
3378 kfree(cmd);
3379
3380 return rc;
3381}
3382
3383/*
3384 * CMD_ENABLE_SNIFFER.
3385 */
3386struct mwl8k_cmd_enable_sniffer {
3387 struct mwl8k_cmd_pkt header;
3388 __le32 action;
3389} __packed;
3390
3391static int mwl8k_cmd_enable_sniffer(struct ieee80211_hw *hw, bool enable)
3392{
3393 struct mwl8k_cmd_enable_sniffer *cmd;
3394 int rc;
3395
3396 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3397 if (cmd == NULL)
3398 return -ENOMEM;
3399
3400 cmd->header.code = cpu_to_le16(MWL8K_CMD_ENABLE_SNIFFER);
3401 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3402 cmd->action = cpu_to_le32(!!enable);
3403
3404 rc = mwl8k_post_cmd(hw, &cmd->header);
3405 kfree(cmd);
3406
3407 return rc;
3408}
3409
3410/*
3411 * CMD_SET_MAC_ADDR.
3412 */
3413struct mwl8k_cmd_set_mac_addr {
3414 struct mwl8k_cmd_pkt header;
3415 union {
3416 struct {
3417 __le16 mac_type;
3418 __u8 mac_addr[ETH_ALEN];
3419 } mbss;
3420 __u8 mac_addr[ETH_ALEN];
3421 };
3422} __packed;
3423
3424#define MWL8K_MAC_TYPE_PRIMARY_CLIENT 0
3425#define MWL8K_MAC_TYPE_SECONDARY_CLIENT 1
3426#define MWL8K_MAC_TYPE_PRIMARY_AP 2
3427#define MWL8K_MAC_TYPE_SECONDARY_AP 3
3428
3429static int mwl8k_cmd_set_mac_addr(struct ieee80211_hw *hw,
3430 struct ieee80211_vif *vif, u8 *mac)
3431{
3432 struct mwl8k_priv *priv = hw->priv;
3433 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
3434 struct mwl8k_cmd_set_mac_addr *cmd;
3435 int mac_type;
3436 int rc;
3437
3438 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP;
3439 if (vif != NULL && vif->type == NL80211_IFTYPE_STATION) {
3440 if (mwl8k_vif->macid + 1 == ffs(priv->sta_macids_supported))
3441 mac_type = MWL8K_MAC_TYPE_PRIMARY_CLIENT;
3442 else
3443 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT;
3444 } else if (vif != NULL && vif->type == NL80211_IFTYPE_AP) {
3445 if (mwl8k_vif->macid + 1 == ffs(priv->ap_macids_supported))
3446 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP;
3447 else
3448 mac_type = MWL8K_MAC_TYPE_SECONDARY_AP;
3449 }
3450
3451 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3452 if (cmd == NULL)
3453 return -ENOMEM;
3454
3455 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_MAC_ADDR);
3456 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3457 if (priv->ap_fw) {
3458 cmd->mbss.mac_type = cpu_to_le16(mac_type);
3459 memcpy(cmd->mbss.mac_addr, mac, ETH_ALEN);
3460 } else {
3461 memcpy(cmd->mac_addr, mac, ETH_ALEN);
3462 }
3463
3464 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3465 kfree(cmd);
3466
3467 return rc;
3468}
3469
3470/*
3471 * CMD_SET_RATEADAPT_MODE.
3472 */
3473struct mwl8k_cmd_set_rate_adapt_mode {
3474 struct mwl8k_cmd_pkt header;
3475 __le16 action;
3476 __le16 mode;
3477} __packed;
3478
3479static int mwl8k_cmd_set_rateadapt_mode(struct ieee80211_hw *hw, __u16 mode)
3480{
3481 struct mwl8k_cmd_set_rate_adapt_mode *cmd;
3482 int rc;
3483
3484 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3485 if (cmd == NULL)
3486 return -ENOMEM;
3487
3488 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RATEADAPT_MODE);
3489 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3490 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3491 cmd->mode = cpu_to_le16(mode);
3492
3493 rc = mwl8k_post_cmd(hw, &cmd->header);
3494 kfree(cmd);
3495
3496 return rc;
3497}
3498
3499/*
3500 * CMD_GET_WATCHDOG_BITMAP.
3501 */
3502struct mwl8k_cmd_get_watchdog_bitmap {
3503 struct mwl8k_cmd_pkt header;
3504 u8 bitmap;
3505} __packed;
3506
3507static int mwl8k_cmd_get_watchdog_bitmap(struct ieee80211_hw *hw, u8 *bitmap)
3508{
3509 struct mwl8k_cmd_get_watchdog_bitmap *cmd;
3510 int rc;
3511
3512 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3513 if (cmd == NULL)
3514 return -ENOMEM;
3515
3516 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_WATCHDOG_BITMAP);
3517 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3518
3519 rc = mwl8k_post_cmd(hw, &cmd->header);
3520 if (!rc)
3521 *bitmap = cmd->bitmap;
3522
3523 kfree(cmd);
3524
3525 return rc;
3526}
3527
3528#define INVALID_BA 0xAA
3529static void mwl8k_watchdog_ba_events(struct work_struct *work)
3530{
3531 int rc;
3532 u8 bitmap = 0, stream_index;
3533 struct mwl8k_ampdu_stream *streams;
3534 struct mwl8k_priv *priv =
3535 container_of(work, struct mwl8k_priv, watchdog_ba_handle);
3536
3537 rc = mwl8k_cmd_get_watchdog_bitmap(priv->hw, &bitmap);
3538 if (rc)
3539 return;
3540
3541 if (bitmap == INVALID_BA)
3542 return;
3543
3544 /* the bitmap is the hw queue number. Map it to the ampdu queue. */
3545 stream_index = bitmap - MWL8K_TX_WMM_QUEUES;
3546
3547 BUG_ON(stream_index >= priv->num_ampdu_queues);
3548
3549 streams = &priv->ampdu[stream_index];
3550
3551 if (streams->state == AMPDU_STREAM_ACTIVE)
3552 ieee80211_stop_tx_ba_session(streams->sta, streams->tid);
3553
3554 return;
3555}
3556
3557
3558/*
3559 * CMD_BSS_START.
3560 */
3561struct mwl8k_cmd_bss_start {
3562 struct mwl8k_cmd_pkt header;
3563 __le32 enable;
3564} __packed;
3565
3566static int mwl8k_cmd_bss_start(struct ieee80211_hw *hw,
3567 struct ieee80211_vif *vif, int enable)
3568{
3569 struct mwl8k_cmd_bss_start *cmd;
3570 int rc;
3571
3572 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3573 if (cmd == NULL)
3574 return -ENOMEM;
3575
3576 cmd->header.code = cpu_to_le16(MWL8K_CMD_BSS_START);
3577 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3578 cmd->enable = cpu_to_le32(enable);
3579
3580 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3581 kfree(cmd);
3582
3583 return rc;
3584}
3585
3586/*
3587 * CMD_BASTREAM.
3588 */
3589
3590/*
3591 * UPSTREAM is tx direction
3592 */
3593#define BASTREAM_FLAG_DIRECTION_UPSTREAM 0x00
3594#define BASTREAM_FLAG_IMMEDIATE_TYPE 0x01
3595
3596enum ba_stream_action_type {
3597 MWL8K_BA_CREATE,
3598 MWL8K_BA_UPDATE,
3599 MWL8K_BA_DESTROY,
3600 MWL8K_BA_FLUSH,
3601 MWL8K_BA_CHECK,
3602};
3603
3604
3605struct mwl8k_create_ba_stream {
3606 __le32 flags;
3607 __le32 idle_thrs;
3608 __le32 bar_thrs;
3609 __le32 window_size;
3610 u8 peer_mac_addr[6];
3611 u8 dialog_token;
3612 u8 tid;
3613 u8 queue_id;
3614 u8 param_info;
3615 __le32 ba_context;
3616 u8 reset_seq_no_flag;
3617 __le16 curr_seq_no;
3618 u8 sta_src_mac_addr[6];
3619} __packed;
3620
3621struct mwl8k_destroy_ba_stream {
3622 __le32 flags;
3623 __le32 ba_context;
3624} __packed;
3625
3626struct mwl8k_cmd_bastream {
3627 struct mwl8k_cmd_pkt header;
3628 __le32 action;
3629 union {
3630 struct mwl8k_create_ba_stream create_params;
3631 struct mwl8k_destroy_ba_stream destroy_params;
3632 };
3633} __packed;
3634
3635static int
3636mwl8k_check_ba(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream)
3637{
3638 struct mwl8k_cmd_bastream *cmd;
3639 int rc;
3640
3641 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3642 if (cmd == NULL)
3643 return -ENOMEM;
3644
3645 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
3646 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3647
3648 cmd->action = cpu_to_le32(MWL8K_BA_CHECK);
3649
3650 cmd->create_params.queue_id = stream->idx;
3651 memcpy(&cmd->create_params.peer_mac_addr[0], stream->sta->addr,
3652 ETH_ALEN);
3653 cmd->create_params.tid = stream->tid;
3654
3655 cmd->create_params.flags =
3656 cpu_to_le32(BASTREAM_FLAG_IMMEDIATE_TYPE) |
3657 cpu_to_le32(BASTREAM_FLAG_DIRECTION_UPSTREAM);
3658
3659 rc = mwl8k_post_cmd(hw, &cmd->header);
3660
3661 kfree(cmd);
3662
3663 return rc;
3664}
3665
3666static int
3667mwl8k_create_ba(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream,
3668 u8 buf_size)
3669{
3670 struct mwl8k_cmd_bastream *cmd;
3671 int rc;
3672
3673 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3674 if (cmd == NULL)
3675 return -ENOMEM;
3676
3677
3678 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
3679 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3680
3681 cmd->action = cpu_to_le32(MWL8K_BA_CREATE);
3682
3683 cmd->create_params.bar_thrs = cpu_to_le32((u32)buf_size);
3684 cmd->create_params.window_size = cpu_to_le32((u32)buf_size);
3685 cmd->create_params.queue_id = stream->idx;
3686
3687 memcpy(cmd->create_params.peer_mac_addr, stream->sta->addr, ETH_ALEN);
3688 cmd->create_params.tid = stream->tid;
3689 cmd->create_params.curr_seq_no = cpu_to_le16(0);
3690 cmd->create_params.reset_seq_no_flag = 1;
3691
3692 cmd->create_params.param_info =
3693 (stream->sta->ht_cap.ampdu_factor &
3694 IEEE80211_HT_AMPDU_PARM_FACTOR) |
3695 ((stream->sta->ht_cap.ampdu_density << 2) &
3696 IEEE80211_HT_AMPDU_PARM_DENSITY);
3697
3698 cmd->create_params.flags =
3699 cpu_to_le32(BASTREAM_FLAG_IMMEDIATE_TYPE |
3700 BASTREAM_FLAG_DIRECTION_UPSTREAM);
3701
3702 rc = mwl8k_post_cmd(hw, &cmd->header);
3703
3704 wiphy_debug(hw->wiphy, "Created a BA stream for %pM : tid %d\n",
3705 stream->sta->addr, stream->tid);
3706 kfree(cmd);
3707
3708 return rc;
3709}
3710
3711static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
3712 struct mwl8k_ampdu_stream *stream)
3713{
3714 struct mwl8k_cmd_bastream *cmd;
3715
3716 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3717 if (cmd == NULL)
3718 return;
3719
3720 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
3721 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3722 cmd->action = cpu_to_le32(MWL8K_BA_DESTROY);
3723
3724 cmd->destroy_params.ba_context = cpu_to_le32(stream->idx);
3725 mwl8k_post_cmd(hw, &cmd->header);
3726
3727 wiphy_debug(hw->wiphy, "Deleted BA stream index %d\n", stream->idx);
3728
3729 kfree(cmd);
3730}
3731
3732/*
3733 * CMD_SET_NEW_STN.
3734 */
3735struct mwl8k_cmd_set_new_stn {
3736 struct mwl8k_cmd_pkt header;
3737 __le16 aid;
3738 __u8 mac_addr[6];
3739 __le16 stn_id;
3740 __le16 action;
3741 __le16 rsvd;
3742 __le32 legacy_rates;
3743 __u8 ht_rates[4];
3744 __le16 cap_info;
3745 __le16 ht_capabilities_info;
3746 __u8 mac_ht_param_info;
3747 __u8 rev;
3748 __u8 control_channel;
3749 __u8 add_channel;
3750 __le16 op_mode;
3751 __le16 stbc;
3752 __u8 add_qos_info;
3753 __u8 is_qos_sta;
3754 __le32 fw_sta_ptr;
3755} __packed;
3756
3757#define MWL8K_STA_ACTION_ADD 0
3758#define MWL8K_STA_ACTION_REMOVE 2
3759
3760static int mwl8k_cmd_set_new_stn_add(struct ieee80211_hw *hw,
3761 struct ieee80211_vif *vif,
3762 struct ieee80211_sta *sta)
3763{
3764 struct mwl8k_cmd_set_new_stn *cmd;
3765 u32 rates;
3766 int rc;
3767
3768 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3769 if (cmd == NULL)
3770 return -ENOMEM;
3771
3772 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
3773 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3774 cmd->aid = cpu_to_le16(sta->aid);
3775 memcpy(cmd->mac_addr, sta->addr, ETH_ALEN);
3776 cmd->stn_id = cpu_to_le16(sta->aid);
3777 cmd->action = cpu_to_le16(MWL8K_STA_ACTION_ADD);
3778 if (hw->conf.channel->band == IEEE80211_BAND_2GHZ)
3779 rates = sta->supp_rates[IEEE80211_BAND_2GHZ];
3780 else
3781 rates = sta->supp_rates[IEEE80211_BAND_5GHZ] << 5;
3782 cmd->legacy_rates = cpu_to_le32(rates);
3783 if (sta->ht_cap.ht_supported) {
3784 cmd->ht_rates[0] = sta->ht_cap.mcs.rx_mask[0];
3785 cmd->ht_rates[1] = sta->ht_cap.mcs.rx_mask[1];
3786 cmd->ht_rates[2] = sta->ht_cap.mcs.rx_mask[2];
3787 cmd->ht_rates[3] = sta->ht_cap.mcs.rx_mask[3];
3788 cmd->ht_capabilities_info = cpu_to_le16(sta->ht_cap.cap);
3789 cmd->mac_ht_param_info = (sta->ht_cap.ampdu_factor & 3) |
3790 ((sta->ht_cap.ampdu_density & 7) << 2);
3791 cmd->is_qos_sta = 1;
3792 }
3793
3794 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3795 kfree(cmd);
3796
3797 return rc;
3798}
3799
3800static int mwl8k_cmd_set_new_stn_add_self(struct ieee80211_hw *hw,
3801 struct ieee80211_vif *vif)
3802{
3803 struct mwl8k_cmd_set_new_stn *cmd;
3804 int rc;
3805
3806 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3807 if (cmd == NULL)
3808 return -ENOMEM;
3809
3810 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
3811 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3812 memcpy(cmd->mac_addr, vif->addr, ETH_ALEN);
3813
3814 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3815 kfree(cmd);
3816
3817 return rc;
3818}
3819
3820static int mwl8k_cmd_set_new_stn_del(struct ieee80211_hw *hw,
3821 struct ieee80211_vif *vif, u8 *addr)
3822{
3823 struct mwl8k_cmd_set_new_stn *cmd;
3824 int rc;
3825
3826 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3827 if (cmd == NULL)
3828 return -ENOMEM;
3829
3830 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
3831 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3832 memcpy(cmd->mac_addr, addr, ETH_ALEN);
3833 cmd->action = cpu_to_le16(MWL8K_STA_ACTION_REMOVE);
3834
3835 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3836 kfree(cmd);
3837
3838 return rc;
3839}
3840
3841/*
3842 * CMD_UPDATE_ENCRYPTION.
3843 */
3844
3845#define MAX_ENCR_KEY_LENGTH 16
3846#define MIC_KEY_LENGTH 8
3847
3848struct mwl8k_cmd_update_encryption {
3849 struct mwl8k_cmd_pkt header;
3850
3851 __le32 action;
3852 __le32 reserved;
3853 __u8 mac_addr[6];
3854 __u8 encr_type;
3855
3856} __packed;
3857
3858struct mwl8k_cmd_set_key {
3859 struct mwl8k_cmd_pkt header;
3860
3861 __le32 action;
3862 __le32 reserved;
3863 __le16 length;
3864 __le16 key_type_id;
3865 __le32 key_info;
3866 __le32 key_id;
3867 __le16 key_len;
3868 __u8 key_material[MAX_ENCR_KEY_LENGTH];
3869 __u8 tkip_tx_mic_key[MIC_KEY_LENGTH];
3870 __u8 tkip_rx_mic_key[MIC_KEY_LENGTH];
3871 __le16 tkip_rsc_low;
3872 __le32 tkip_rsc_high;
3873 __le16 tkip_tsc_low;
3874 __le32 tkip_tsc_high;
3875 __u8 mac_addr[6];
3876} __packed;
3877
3878enum {
3879 MWL8K_ENCR_ENABLE,
3880 MWL8K_ENCR_SET_KEY,
3881 MWL8K_ENCR_REMOVE_KEY,
3882 MWL8K_ENCR_SET_GROUP_KEY,
3883};
3884
3885#define MWL8K_UPDATE_ENCRYPTION_TYPE_WEP 0
3886#define MWL8K_UPDATE_ENCRYPTION_TYPE_DISABLE 1
3887#define MWL8K_UPDATE_ENCRYPTION_TYPE_TKIP 4
3888#define MWL8K_UPDATE_ENCRYPTION_TYPE_MIXED 7
3889#define MWL8K_UPDATE_ENCRYPTION_TYPE_AES 8
3890
3891enum {
3892 MWL8K_ALG_WEP,
3893 MWL8K_ALG_TKIP,
3894 MWL8K_ALG_CCMP,
3895};
3896
3897#define MWL8K_KEY_FLAG_TXGROUPKEY 0x00000004
3898#define MWL8K_KEY_FLAG_PAIRWISE 0x00000008
3899#define MWL8K_KEY_FLAG_TSC_VALID 0x00000040
3900#define MWL8K_KEY_FLAG_WEP_TXKEY 0x01000000
3901#define MWL8K_KEY_FLAG_MICKEY_VALID 0x02000000
3902
3903static int mwl8k_cmd_update_encryption_enable(struct ieee80211_hw *hw,
3904 struct ieee80211_vif *vif,
3905 u8 *addr,
3906 u8 encr_type)
3907{
3908 struct mwl8k_cmd_update_encryption *cmd;
3909 int rc;
3910
3911 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3912 if (cmd == NULL)
3913 return -ENOMEM;
3914
3915 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_ENCRYPTION);
3916 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3917 cmd->action = cpu_to_le32(MWL8K_ENCR_ENABLE);
3918 memcpy(cmd->mac_addr, addr, ETH_ALEN);
3919 cmd->encr_type = encr_type;
3920
3921 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3922 kfree(cmd);
3923
3924 return rc;
3925}
3926
3927static int mwl8k_encryption_set_cmd_info(struct mwl8k_cmd_set_key *cmd,
3928 u8 *addr,
3929 struct ieee80211_key_conf *key)
3930{
3931 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_ENCRYPTION);
3932 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3933 cmd->length = cpu_to_le16(sizeof(*cmd) -
3934 offsetof(struct mwl8k_cmd_set_key, length));
3935 cmd->key_id = cpu_to_le32(key->keyidx);
3936 cmd->key_len = cpu_to_le16(key->keylen);
3937 memcpy(cmd->mac_addr, addr, ETH_ALEN);
3938
3939 switch (key->cipher) {
3940 case WLAN_CIPHER_SUITE_WEP40:
3941 case WLAN_CIPHER_SUITE_WEP104:
3942 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_WEP);
3943 if (key->keyidx == 0)
3944 cmd->key_info = cpu_to_le32(MWL8K_KEY_FLAG_WEP_TXKEY);
3945
3946 break;
3947 case WLAN_CIPHER_SUITE_TKIP:
3948 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_TKIP);
3949 cmd->key_info = (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
3950 ? cpu_to_le32(MWL8K_KEY_FLAG_PAIRWISE)
3951 : cpu_to_le32(MWL8K_KEY_FLAG_TXGROUPKEY);
3952 cmd->key_info |= cpu_to_le32(MWL8K_KEY_FLAG_MICKEY_VALID
3953 | MWL8K_KEY_FLAG_TSC_VALID);
3954 break;
3955 case WLAN_CIPHER_SUITE_CCMP:
3956 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_CCMP);
3957 cmd->key_info = (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
3958 ? cpu_to_le32(MWL8K_KEY_FLAG_PAIRWISE)
3959 : cpu_to_le32(MWL8K_KEY_FLAG_TXGROUPKEY);
3960 break;
3961 default:
3962 return -ENOTSUPP;
3963 }
3964
3965 return 0;
3966}
3967
3968static int mwl8k_cmd_encryption_set_key(struct ieee80211_hw *hw,
3969 struct ieee80211_vif *vif,
3970 u8 *addr,
3971 struct ieee80211_key_conf *key)
3972{
3973 struct mwl8k_cmd_set_key *cmd;
3974 int rc;
3975 int keymlen;
3976 u32 action;
3977 u8 idx;
3978 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
3979
3980 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3981 if (cmd == NULL)
3982 return -ENOMEM;
3983
3984 rc = mwl8k_encryption_set_cmd_info(cmd, addr, key);
3985 if (rc < 0)
3986 goto done;
3987
3988 idx = key->keyidx;
3989
3990 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
3991 action = MWL8K_ENCR_SET_KEY;
3992 else
3993 action = MWL8K_ENCR_SET_GROUP_KEY;
3994
3995 switch (key->cipher) {
3996 case WLAN_CIPHER_SUITE_WEP40:
3997 case WLAN_CIPHER_SUITE_WEP104:
3998 if (!mwl8k_vif->wep_key_conf[idx].enabled) {
3999 memcpy(mwl8k_vif->wep_key_conf[idx].key, key,
4000 sizeof(*key) + key->keylen);
4001 mwl8k_vif->wep_key_conf[idx].enabled = 1;
4002 }
4003
4004 keymlen = key->keylen;
4005 action = MWL8K_ENCR_SET_KEY;
4006 break;
4007 case WLAN_CIPHER_SUITE_TKIP:
4008 keymlen = MAX_ENCR_KEY_LENGTH + 2 * MIC_KEY_LENGTH;
4009 break;
4010 case WLAN_CIPHER_SUITE_CCMP:
4011 keymlen = key->keylen;
4012 break;
4013 default:
4014 rc = -ENOTSUPP;
4015 goto done;
4016 }
4017
4018 memcpy(cmd->key_material, key->key, keymlen);
4019 cmd->action = cpu_to_le32(action);
4020
4021 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4022done:
4023 kfree(cmd);
4024
4025 return rc;
4026}
4027
4028static int mwl8k_cmd_encryption_remove_key(struct ieee80211_hw *hw,
4029 struct ieee80211_vif *vif,
4030 u8 *addr,
4031 struct ieee80211_key_conf *key)
4032{
4033 struct mwl8k_cmd_set_key *cmd;
4034 int rc;
4035 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4036
4037 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4038 if (cmd == NULL)
4039 return -ENOMEM;
4040
4041 rc = mwl8k_encryption_set_cmd_info(cmd, addr, key);
4042 if (rc < 0)
4043 goto done;
4044
4045 if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
4046 WLAN_CIPHER_SUITE_WEP104)
4047 mwl8k_vif->wep_key_conf[key->keyidx].enabled = 0;
4048
4049 cmd->action = cpu_to_le32(MWL8K_ENCR_REMOVE_KEY);
4050
4051 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4052done:
4053 kfree(cmd);
4054
4055 return rc;
4056}
4057
4058static int mwl8k_set_key(struct ieee80211_hw *hw,
4059 enum set_key_cmd cmd_param,
4060 struct ieee80211_vif *vif,
4061 struct ieee80211_sta *sta,
4062 struct ieee80211_key_conf *key)
4063{
4064 int rc = 0;
4065 u8 encr_type;
4066 u8 *addr;
4067 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4068
4069 if (vif->type == NL80211_IFTYPE_STATION)
4070 return -EOPNOTSUPP;
4071
4072 if (sta == NULL)
4073 addr = hw->wiphy->perm_addr;
4074 else
4075 addr = sta->addr;
4076
4077 if (cmd_param == SET_KEY) {
4078 rc = mwl8k_cmd_encryption_set_key(hw, vif, addr, key);
4079 if (rc)
4080 goto out;
4081
4082 if ((key->cipher == WLAN_CIPHER_SUITE_WEP40)
4083 || (key->cipher == WLAN_CIPHER_SUITE_WEP104))
4084 encr_type = MWL8K_UPDATE_ENCRYPTION_TYPE_WEP;
4085 else
4086 encr_type = MWL8K_UPDATE_ENCRYPTION_TYPE_MIXED;
4087
4088 rc = mwl8k_cmd_update_encryption_enable(hw, vif, addr,
4089 encr_type);
4090 if (rc)
4091 goto out;
4092
4093 mwl8k_vif->is_hw_crypto_enabled = true;
4094
4095 } else {
4096 rc = mwl8k_cmd_encryption_remove_key(hw, vif, addr, key);
4097
4098 if (rc)
4099 goto out;
4100
4101 mwl8k_vif->is_hw_crypto_enabled = false;
4102
4103 }
4104out:
4105 return rc;
4106}
4107
4108/*
4109 * CMD_UPDATE_STADB.
4110 */
4111struct ewc_ht_info {
4112 __le16 control1;
4113 __le16 control2;
4114 __le16 control3;
4115} __packed;
4116
4117struct peer_capability_info {
4118 /* Peer type - AP vs. STA. */
4119 __u8 peer_type;
4120
4121 /* Basic 802.11 capabilities from assoc resp. */
4122 __le16 basic_caps;
4123
4124 /* Set if peer supports 802.11n high throughput (HT). */
4125 __u8 ht_support;
4126
4127 /* Valid if HT is supported. */
4128 __le16 ht_caps;
4129 __u8 extended_ht_caps;
4130 struct ewc_ht_info ewc_info;
4131
4132 /* Legacy rate table. Intersection of our rates and peer rates. */
4133 __u8 legacy_rates[12];
4134
4135 /* HT rate table. Intersection of our rates and peer rates. */
4136 __u8 ht_rates[16];
4137 __u8 pad[16];
4138
4139 /* If set, interoperability mode, no proprietary extensions. */
4140 __u8 interop;
4141 __u8 pad2;
4142 __u8 station_id;
4143 __le16 amsdu_enabled;
4144} __packed;
4145
4146struct mwl8k_cmd_update_stadb {
4147 struct mwl8k_cmd_pkt header;
4148
4149 /* See STADB_ACTION_TYPE */
4150 __le32 action;
4151
4152 /* Peer MAC address */
4153 __u8 peer_addr[ETH_ALEN];
4154
4155 __le32 reserved;
4156
4157 /* Peer info - valid during add/update. */
4158 struct peer_capability_info peer_info;
4159} __packed;
4160
4161#define MWL8K_STA_DB_MODIFY_ENTRY 1
4162#define MWL8K_STA_DB_DEL_ENTRY 2
4163
4164/* Peer Entry flags - used to define the type of the peer node */
4165#define MWL8K_PEER_TYPE_ACCESSPOINT 2
4166
4167static int mwl8k_cmd_update_stadb_add(struct ieee80211_hw *hw,
4168 struct ieee80211_vif *vif,
4169 struct ieee80211_sta *sta)
4170{
4171 struct mwl8k_cmd_update_stadb *cmd;
4172 struct peer_capability_info *p;
4173 u32 rates;
4174 int rc;
4175
4176 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4177 if (cmd == NULL)
4178 return -ENOMEM;
4179
4180 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_STADB);
4181 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4182 cmd->action = cpu_to_le32(MWL8K_STA_DB_MODIFY_ENTRY);
4183 memcpy(cmd->peer_addr, sta->addr, ETH_ALEN);
4184
4185 p = &cmd->peer_info;
4186 p->peer_type = MWL8K_PEER_TYPE_ACCESSPOINT;
4187 p->basic_caps = cpu_to_le16(vif->bss_conf.assoc_capability);
4188 p->ht_support = sta->ht_cap.ht_supported;
4189 p->ht_caps = cpu_to_le16(sta->ht_cap.cap);
4190 p->extended_ht_caps = (sta->ht_cap.ampdu_factor & 3) |
4191 ((sta->ht_cap.ampdu_density & 7) << 2);
4192 if (hw->conf.channel->band == IEEE80211_BAND_2GHZ)
4193 rates = sta->supp_rates[IEEE80211_BAND_2GHZ];
4194 else
4195 rates = sta->supp_rates[IEEE80211_BAND_5GHZ] << 5;
4196 legacy_rate_mask_to_array(p->legacy_rates, rates);
4197 memcpy(p->ht_rates, sta->ht_cap.mcs.rx_mask, 16);
4198 p->interop = 1;
4199 p->amsdu_enabled = 0;
4200
4201 rc = mwl8k_post_cmd(hw, &cmd->header);
4202 kfree(cmd);
4203
4204 return rc ? rc : p->station_id;
4205}
4206
4207static int mwl8k_cmd_update_stadb_del(struct ieee80211_hw *hw,
4208 struct ieee80211_vif *vif, u8 *addr)
4209{
4210 struct mwl8k_cmd_update_stadb *cmd;
4211 int rc;
4212
4213 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4214 if (cmd == NULL)
4215 return -ENOMEM;
4216
4217 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_STADB);
4218 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4219 cmd->action = cpu_to_le32(MWL8K_STA_DB_DEL_ENTRY);
4220 memcpy(cmd->peer_addr, addr, ETH_ALEN);
4221
4222 rc = mwl8k_post_cmd(hw, &cmd->header);
4223 kfree(cmd);
4224
4225 return rc;
4226}
4227
4228
4229/*
4230 * Interrupt handling.
4231 */
4232static irqreturn_t mwl8k_interrupt(int irq, void *dev_id)
4233{
4234 struct ieee80211_hw *hw = dev_id;
4235 struct mwl8k_priv *priv = hw->priv;
4236 u32 status;
4237
4238 status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4239 if (!status)
4240 return IRQ_NONE;
4241
4242 if (status & MWL8K_A2H_INT_TX_DONE) {
4243 status &= ~MWL8K_A2H_INT_TX_DONE;
4244 tasklet_schedule(&priv->poll_tx_task);
4245 }
4246
4247 if (status & MWL8K_A2H_INT_RX_READY) {
4248 status &= ~MWL8K_A2H_INT_RX_READY;
4249 tasklet_schedule(&priv->poll_rx_task);
4250 }
4251
4252 if (status & MWL8K_A2H_INT_BA_WATCHDOG) {
4253 status &= ~MWL8K_A2H_INT_BA_WATCHDOG;
4254 ieee80211_queue_work(hw, &priv->watchdog_ba_handle);
4255 }
4256
4257 if (status)
4258 iowrite32(~status, priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4259
4260 if (status & MWL8K_A2H_INT_OPC_DONE) {
4261 if (priv->hostcmd_wait != NULL)
4262 complete(priv->hostcmd_wait);
4263 }
4264
4265 if (status & MWL8K_A2H_INT_QUEUE_EMPTY) {
4266 if (!mutex_is_locked(&priv->fw_mutex) &&
4267 priv->radio_on && priv->pending_tx_pkts)
4268 mwl8k_tx_start(priv);
4269 }
4270
4271 return IRQ_HANDLED;
4272}
4273
4274static void mwl8k_tx_poll(unsigned long data)
4275{
4276 struct ieee80211_hw *hw = (struct ieee80211_hw *)data;
4277 struct mwl8k_priv *priv = hw->priv;
4278 int limit;
4279 int i;
4280
4281 limit = 32;
4282
4283 spin_lock_bh(&priv->tx_lock);
4284
4285 for (i = 0; i < mwl8k_tx_queues(priv); i++)
4286 limit -= mwl8k_txq_reclaim(hw, i, limit, 0);
4287
4288 if (!priv->pending_tx_pkts && priv->tx_wait != NULL) {
4289 complete(priv->tx_wait);
4290 priv->tx_wait = NULL;
4291 }
4292
4293 spin_unlock_bh(&priv->tx_lock);
4294
4295 if (limit) {
4296 writel(~MWL8K_A2H_INT_TX_DONE,
4297 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4298 } else {
4299 tasklet_schedule(&priv->poll_tx_task);
4300 }
4301}
4302
4303static void mwl8k_rx_poll(unsigned long data)
4304{
4305 struct ieee80211_hw *hw = (struct ieee80211_hw *)data;
4306 struct mwl8k_priv *priv = hw->priv;
4307 int limit;
4308
4309 limit = 32;
4310 limit -= rxq_process(hw, 0, limit);
4311 limit -= rxq_refill(hw, 0, limit);
4312
4313 if (limit) {
4314 writel(~MWL8K_A2H_INT_RX_READY,
4315 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4316 } else {
4317 tasklet_schedule(&priv->poll_rx_task);
4318 }
4319}
4320
4321
4322/*
4323 * Core driver operations.
4324 */
4325static void mwl8k_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
4326{
4327 struct mwl8k_priv *priv = hw->priv;
4328 int index = skb_get_queue_mapping(skb);
4329
4330 if (!priv->radio_on) {
4331 wiphy_debug(hw->wiphy,
4332 "dropped TX frame since radio disabled\n");
4333 dev_kfree_skb(skb);
4334 return;
4335 }
4336
4337 mwl8k_txq_xmit(hw, index, skb);
4338}
4339
4340static int mwl8k_start(struct ieee80211_hw *hw)
4341{
4342 struct mwl8k_priv *priv = hw->priv;
4343 int rc;
4344
4345 rc = request_irq(priv->pdev->irq, mwl8k_interrupt,
4346 IRQF_SHARED, MWL8K_NAME, hw);
4347 if (rc) {
4348 priv->irq = -1;
4349 wiphy_err(hw->wiphy, "failed to register IRQ handler\n");
4350 return -EIO;
4351 }
4352 priv->irq = priv->pdev->irq;
4353
4354 /* Enable TX reclaim and RX tasklets. */
4355 tasklet_enable(&priv->poll_tx_task);
4356 tasklet_enable(&priv->poll_rx_task);
4357
4358 /* Enable interrupts */
4359 iowrite32(MWL8K_A2H_EVENTS, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4360 iowrite32(MWL8K_A2H_EVENTS,
4361 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
4362
4363 rc = mwl8k_fw_lock(hw);
4364 if (!rc) {
4365 rc = mwl8k_cmd_radio_enable(hw);
4366
4367 if (!priv->ap_fw) {
4368 if (!rc)
4369 rc = mwl8k_cmd_enable_sniffer(hw, 0);
4370
4371 if (!rc)
4372 rc = mwl8k_cmd_set_pre_scan(hw);
4373
4374 if (!rc)
4375 rc = mwl8k_cmd_set_post_scan(hw,
4376 "\x00\x00\x00\x00\x00\x00");
4377 }
4378
4379 if (!rc)
4380 rc = mwl8k_cmd_set_rateadapt_mode(hw, 0);
4381
4382 if (!rc)
4383 rc = mwl8k_cmd_set_wmm_mode(hw, 0);
4384
4385 mwl8k_fw_unlock(hw);
4386 }
4387
4388 if (rc) {
4389 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4390 free_irq(priv->pdev->irq, hw);
4391 priv->irq = -1;
4392 tasklet_disable(&priv->poll_tx_task);
4393 tasklet_disable(&priv->poll_rx_task);
4394 }
4395
4396 return rc;
4397}
4398
4399static void mwl8k_stop(struct ieee80211_hw *hw)
4400{
4401 struct mwl8k_priv *priv = hw->priv;
4402 int i;
4403
4404 mwl8k_cmd_radio_disable(hw);
4405
4406 ieee80211_stop_queues(hw);
4407
4408 /* Disable interrupts */
4409 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4410 if (priv->irq != -1) {
4411 free_irq(priv->pdev->irq, hw);
4412 priv->irq = -1;
4413 }
4414
4415 /* Stop finalize join worker */
4416 cancel_work_sync(&priv->finalize_join_worker);
4417 cancel_work_sync(&priv->watchdog_ba_handle);
4418 if (priv->beacon_skb != NULL)
4419 dev_kfree_skb(priv->beacon_skb);
4420
4421 /* Stop TX reclaim and RX tasklets. */
4422 tasklet_disable(&priv->poll_tx_task);
4423 tasklet_disable(&priv->poll_rx_task);
4424
4425 /* Return all skbs to mac80211 */
4426 for (i = 0; i < mwl8k_tx_queues(priv); i++)
4427 mwl8k_txq_reclaim(hw, i, INT_MAX, 1);
4428}
4429
4430static int mwl8k_reload_firmware(struct ieee80211_hw *hw, char *fw_image);
4431
4432static int mwl8k_add_interface(struct ieee80211_hw *hw,
4433 struct ieee80211_vif *vif)
4434{
4435 struct mwl8k_priv *priv = hw->priv;
4436 struct mwl8k_vif *mwl8k_vif;
4437 u32 macids_supported;
4438 int macid, rc;
4439 struct mwl8k_device_info *di;
4440
4441 /*
4442 * Reject interface creation if sniffer mode is active, as
4443 * STA operation is mutually exclusive with hardware sniffer
4444 * mode. (Sniffer mode is only used on STA firmware.)
4445 */
4446 if (priv->sniffer_enabled) {
4447 wiphy_info(hw->wiphy,
4448 "unable to create STA interface because sniffer mode is enabled\n");
4449 return -EINVAL;
4450 }
4451
4452 di = priv->device_info;
4453 switch (vif->type) {
4454 case NL80211_IFTYPE_AP:
4455 if (!priv->ap_fw && di->fw_image_ap) {
4456 /* we must load the ap fw to meet this request */
4457 if (!list_empty(&priv->vif_list))
4458 return -EBUSY;
4459 rc = mwl8k_reload_firmware(hw, di->fw_image_ap);
4460 if (rc)
4461 return rc;
4462 }
4463 macids_supported = priv->ap_macids_supported;
4464 break;
4465 case NL80211_IFTYPE_STATION:
4466 if (priv->ap_fw && di->fw_image_sta) {
4467 /* we must load the sta fw to meet this request */
4468 if (!list_empty(&priv->vif_list))
4469 return -EBUSY;
4470 rc = mwl8k_reload_firmware(hw, di->fw_image_sta);
4471 if (rc)
4472 return rc;
4473 }
4474 macids_supported = priv->sta_macids_supported;
4475 break;
4476 default:
4477 return -EINVAL;
4478 }
4479
4480 macid = ffs(macids_supported & ~priv->macids_used);
4481 if (!macid--)
4482 return -EBUSY;
4483
4484 /* Setup driver private area. */
4485 mwl8k_vif = MWL8K_VIF(vif);
4486 memset(mwl8k_vif, 0, sizeof(*mwl8k_vif));
4487 mwl8k_vif->vif = vif;
4488 mwl8k_vif->macid = macid;
4489 mwl8k_vif->seqno = 0;
4490 memcpy(mwl8k_vif->bssid, vif->addr, ETH_ALEN);
4491 mwl8k_vif->is_hw_crypto_enabled = false;
4492
4493 /* Set the mac address. */
4494 mwl8k_cmd_set_mac_addr(hw, vif, vif->addr);
4495
4496 if (priv->ap_fw)
4497 mwl8k_cmd_set_new_stn_add_self(hw, vif);
4498
4499 priv->macids_used |= 1 << mwl8k_vif->macid;
4500 list_add_tail(&mwl8k_vif->list, &priv->vif_list);
4501
4502 return 0;
4503}
4504
4505static void mwl8k_remove_interface(struct ieee80211_hw *hw,
4506 struct ieee80211_vif *vif)
4507{
4508 struct mwl8k_priv *priv = hw->priv;
4509 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4510
4511 if (priv->ap_fw)
4512 mwl8k_cmd_set_new_stn_del(hw, vif, vif->addr);
4513
4514 mwl8k_cmd_set_mac_addr(hw, vif, "\x00\x00\x00\x00\x00\x00");
4515
4516 priv->macids_used &= ~(1 << mwl8k_vif->macid);
4517 list_del(&mwl8k_vif->list);
4518}
4519
4520static int mwl8k_config(struct ieee80211_hw *hw, u32 changed)
4521{
4522 struct ieee80211_conf *conf = &hw->conf;
4523 struct mwl8k_priv *priv = hw->priv;
4524 int rc;
4525
4526 if (conf->flags & IEEE80211_CONF_IDLE) {
4527 mwl8k_cmd_radio_disable(hw);
4528 return 0;
4529 }
4530
4531 rc = mwl8k_fw_lock(hw);
4532 if (rc)
4533 return rc;
4534
4535 rc = mwl8k_cmd_radio_enable(hw);
4536 if (rc)
4537 goto out;
4538
4539 rc = mwl8k_cmd_set_rf_channel(hw, conf);
4540 if (rc)
4541 goto out;
4542
4543 if (conf->power_level > 18)
4544 conf->power_level = 18;
4545
4546 if (priv->ap_fw) {
4547
4548 if (conf->flags & IEEE80211_CONF_CHANGE_POWER) {
4549 rc = mwl8k_cmd_tx_power(hw, conf, conf->power_level);
4550 if (rc)
4551 goto out;
4552 }
4553
4554 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_RX, 0x3);
4555 if (rc)
4556 wiphy_warn(hw->wiphy, "failed to set # of RX antennas");
4557 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_TX, 0x7);
4558 if (rc)
4559 wiphy_warn(hw->wiphy, "failed to set # of TX antennas");
4560
4561 } else {
4562 rc = mwl8k_cmd_rf_tx_power(hw, conf->power_level);
4563 if (rc)
4564 goto out;
4565 rc = mwl8k_cmd_mimo_config(hw, 0x7, 0x7);
4566 }
4567
4568out:
4569 mwl8k_fw_unlock(hw);
4570
4571 return rc;
4572}
4573
4574static void
4575mwl8k_bss_info_changed_sta(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4576 struct ieee80211_bss_conf *info, u32 changed)
4577{
4578 struct mwl8k_priv *priv = hw->priv;
4579 u32 ap_legacy_rates = 0;
4580 u8 ap_mcs_rates[16];
4581 int rc;
4582
4583 if (mwl8k_fw_lock(hw))
4584 return;
4585
4586 /*
4587 * No need to capture a beacon if we're no longer associated.
4588 */
4589 if ((changed & BSS_CHANGED_ASSOC) && !vif->bss_conf.assoc)
4590 priv->capture_beacon = false;
4591
4592 /*
4593 * Get the AP's legacy and MCS rates.
4594 */
4595 if (vif->bss_conf.assoc) {
4596 struct ieee80211_sta *ap;
4597
4598 rcu_read_lock();
4599
4600 ap = ieee80211_find_sta(vif, vif->bss_conf.bssid);
4601 if (ap == NULL) {
4602 rcu_read_unlock();
4603 goto out;
4604 }
4605
4606 if (hw->conf.channel->band == IEEE80211_BAND_2GHZ) {
4607 ap_legacy_rates = ap->supp_rates[IEEE80211_BAND_2GHZ];
4608 } else {
4609 ap_legacy_rates =
4610 ap->supp_rates[IEEE80211_BAND_5GHZ] << 5;
4611 }
4612 memcpy(ap_mcs_rates, ap->ht_cap.mcs.rx_mask, 16);
4613
4614 rcu_read_unlock();
4615 }
4616
4617 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc) {
4618 rc = mwl8k_cmd_set_rate(hw, vif, ap_legacy_rates, ap_mcs_rates);
4619 if (rc)
4620 goto out;
4621
4622 rc = mwl8k_cmd_use_fixed_rate_sta(hw);
4623 if (rc)
4624 goto out;
4625 }
4626
4627 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
4628 rc = mwl8k_set_radio_preamble(hw,
4629 vif->bss_conf.use_short_preamble);
4630 if (rc)
4631 goto out;
4632 }
4633
4634 if (changed & BSS_CHANGED_ERP_SLOT) {
4635 rc = mwl8k_cmd_set_slot(hw, vif->bss_conf.use_short_slot);
4636 if (rc)
4637 goto out;
4638 }
4639
4640 if (vif->bss_conf.assoc &&
4641 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_ERP_CTS_PROT |
4642 BSS_CHANGED_HT))) {
4643 rc = mwl8k_cmd_set_aid(hw, vif, ap_legacy_rates);
4644 if (rc)
4645 goto out;
4646 }
4647
4648 if (vif->bss_conf.assoc &&
4649 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_BEACON_INT))) {
4650 /*
4651 * Finalize the join. Tell rx handler to process
4652 * next beacon from our BSSID.
4653 */
4654 memcpy(priv->capture_bssid, vif->bss_conf.bssid, ETH_ALEN);
4655 priv->capture_beacon = true;
4656 }
4657
4658out:
4659 mwl8k_fw_unlock(hw);
4660}
4661
4662static void
4663mwl8k_bss_info_changed_ap(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4664 struct ieee80211_bss_conf *info, u32 changed)
4665{
4666 int rc;
4667
4668 if (mwl8k_fw_lock(hw))
4669 return;
4670
4671 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
4672 rc = mwl8k_set_radio_preamble(hw,
4673 vif->bss_conf.use_short_preamble);
4674 if (rc)
4675 goto out;
4676 }
4677
4678 if (changed & BSS_CHANGED_BASIC_RATES) {
4679 int idx;
4680 int rate;
4681
4682 /*
4683 * Use lowest supported basic rate for multicasts
4684 * and management frames (such as probe responses --
4685 * beacons will always go out at 1 Mb/s).
4686 */
4687 idx = ffs(vif->bss_conf.basic_rates);
4688 if (idx)
4689 idx--;
4690
4691 if (hw->conf.channel->band == IEEE80211_BAND_2GHZ)
4692 rate = mwl8k_rates_24[idx].hw_value;
4693 else
4694 rate = mwl8k_rates_50[idx].hw_value;
4695
4696 mwl8k_cmd_use_fixed_rate_ap(hw, rate, rate);
4697 }
4698
4699 if (changed & (BSS_CHANGED_BEACON_INT | BSS_CHANGED_BEACON)) {
4700 struct sk_buff *skb;
4701
4702 skb = ieee80211_beacon_get(hw, vif);
4703 if (skb != NULL) {
4704 mwl8k_cmd_set_beacon(hw, vif, skb->data, skb->len);
4705 kfree_skb(skb);
4706 }
4707 }
4708
4709 if (changed & BSS_CHANGED_BEACON_ENABLED)
4710 mwl8k_cmd_bss_start(hw, vif, info->enable_beacon);
4711
4712out:
4713 mwl8k_fw_unlock(hw);
4714}
4715
4716static void
4717mwl8k_bss_info_changed(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4718 struct ieee80211_bss_conf *info, u32 changed)
4719{
4720 struct mwl8k_priv *priv = hw->priv;
4721
4722 if (!priv->ap_fw)
4723 mwl8k_bss_info_changed_sta(hw, vif, info, changed);
4724 else
4725 mwl8k_bss_info_changed_ap(hw, vif, info, changed);
4726}
4727
4728static u64 mwl8k_prepare_multicast(struct ieee80211_hw *hw,
4729 struct netdev_hw_addr_list *mc_list)
4730{
4731 struct mwl8k_cmd_pkt *cmd;
4732
4733 /*
4734 * Synthesize and return a command packet that programs the
4735 * hardware multicast address filter. At this point we don't
4736 * know whether FIF_ALLMULTI is being requested, but if it is,
4737 * we'll end up throwing this packet away and creating a new
4738 * one in mwl8k_configure_filter().
4739 */
4740 cmd = __mwl8k_cmd_mac_multicast_adr(hw, 0, mc_list);
4741
4742 return (unsigned long)cmd;
4743}
4744
4745static int
4746mwl8k_configure_filter_sniffer(struct ieee80211_hw *hw,
4747 unsigned int changed_flags,
4748 unsigned int *total_flags)
4749{
4750 struct mwl8k_priv *priv = hw->priv;
4751
4752 /*
4753 * Hardware sniffer mode is mutually exclusive with STA
4754 * operation, so refuse to enable sniffer mode if a STA
4755 * interface is active.
4756 */
4757 if (!list_empty(&priv->vif_list)) {
4758 if (net_ratelimit())
4759 wiphy_info(hw->wiphy,
4760 "not enabling sniffer mode because STA interface is active\n");
4761 return 0;
4762 }
4763
4764 if (!priv->sniffer_enabled) {
4765 if (mwl8k_cmd_enable_sniffer(hw, 1))
4766 return 0;
4767 priv->sniffer_enabled = true;
4768 }
4769
4770 *total_flags &= FIF_PROMISC_IN_BSS | FIF_ALLMULTI |
4771 FIF_BCN_PRBRESP_PROMISC | FIF_CONTROL |
4772 FIF_OTHER_BSS;
4773
4774 return 1;
4775}
4776
4777static struct mwl8k_vif *mwl8k_first_vif(struct mwl8k_priv *priv)
4778{
4779 if (!list_empty(&priv->vif_list))
4780 return list_entry(priv->vif_list.next, struct mwl8k_vif, list);
4781
4782 return NULL;
4783}
4784
4785static void mwl8k_configure_filter(struct ieee80211_hw *hw,
4786 unsigned int changed_flags,
4787 unsigned int *total_flags,
4788 u64 multicast)
4789{
4790 struct mwl8k_priv *priv = hw->priv;
4791 struct mwl8k_cmd_pkt *cmd = (void *)(unsigned long)multicast;
4792
4793 /*
4794 * AP firmware doesn't allow fine-grained control over
4795 * the receive filter.
4796 */
4797 if (priv->ap_fw) {
4798 *total_flags &= FIF_ALLMULTI | FIF_BCN_PRBRESP_PROMISC;
4799 kfree(cmd);
4800 return;
4801 }
4802
4803 /*
4804 * Enable hardware sniffer mode if FIF_CONTROL or
4805 * FIF_OTHER_BSS is requested.
4806 */
4807 if (*total_flags & (FIF_CONTROL | FIF_OTHER_BSS) &&
4808 mwl8k_configure_filter_sniffer(hw, changed_flags, total_flags)) {
4809 kfree(cmd);
4810 return;
4811 }
4812
4813 /* Clear unsupported feature flags */
4814 *total_flags &= FIF_ALLMULTI | FIF_BCN_PRBRESP_PROMISC;
4815
4816 if (mwl8k_fw_lock(hw)) {
4817 kfree(cmd);
4818 return;
4819 }
4820
4821 if (priv->sniffer_enabled) {
4822 mwl8k_cmd_enable_sniffer(hw, 0);
4823 priv->sniffer_enabled = false;
4824 }
4825
4826 if (changed_flags & FIF_BCN_PRBRESP_PROMISC) {
4827 if (*total_flags & FIF_BCN_PRBRESP_PROMISC) {
4828 /*
4829 * Disable the BSS filter.
4830 */
4831 mwl8k_cmd_set_pre_scan(hw);
4832 } else {
4833 struct mwl8k_vif *mwl8k_vif;
4834 const u8 *bssid;
4835
4836 /*
4837 * Enable the BSS filter.
4838 *
4839 * If there is an active STA interface, use that
4840 * interface's BSSID, otherwise use a dummy one
4841 * (where the OUI part needs to be nonzero for
4842 * the BSSID to be accepted by POST_SCAN).
4843 */
4844 mwl8k_vif = mwl8k_first_vif(priv);
4845 if (mwl8k_vif != NULL)
4846 bssid = mwl8k_vif->vif->bss_conf.bssid;
4847 else
4848 bssid = "\x01\x00\x00\x00\x00\x00";
4849
4850 mwl8k_cmd_set_post_scan(hw, bssid);
4851 }
4852 }
4853
4854 /*
4855 * If FIF_ALLMULTI is being requested, throw away the command
4856 * packet that ->prepare_multicast() built and replace it with
4857 * a command packet that enables reception of all multicast
4858 * packets.
4859 */
4860 if (*total_flags & FIF_ALLMULTI) {
4861 kfree(cmd);
4862 cmd = __mwl8k_cmd_mac_multicast_adr(hw, 1, NULL);
4863 }
4864
4865 if (cmd != NULL) {
4866 mwl8k_post_cmd(hw, cmd);
4867 kfree(cmd);
4868 }
4869
4870 mwl8k_fw_unlock(hw);
4871}
4872
4873static int mwl8k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
4874{
4875 return mwl8k_cmd_set_rts_threshold(hw, value);
4876}
4877
4878static int mwl8k_sta_remove(struct ieee80211_hw *hw,
4879 struct ieee80211_vif *vif,
4880 struct ieee80211_sta *sta)
4881{
4882 struct mwl8k_priv *priv = hw->priv;
4883
4884 if (priv->ap_fw)
4885 return mwl8k_cmd_set_new_stn_del(hw, vif, sta->addr);
4886 else
4887 return mwl8k_cmd_update_stadb_del(hw, vif, sta->addr);
4888}
4889
4890static int mwl8k_sta_add(struct ieee80211_hw *hw,
4891 struct ieee80211_vif *vif,
4892 struct ieee80211_sta *sta)
4893{
4894 struct mwl8k_priv *priv = hw->priv;
4895 int ret;
4896 int i;
4897 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4898 struct ieee80211_key_conf *key;
4899
4900 if (!priv->ap_fw) {
4901 ret = mwl8k_cmd_update_stadb_add(hw, vif, sta);
4902 if (ret >= 0) {
4903 MWL8K_STA(sta)->peer_id = ret;
4904 if (sta->ht_cap.ht_supported)
4905 MWL8K_STA(sta)->is_ampdu_allowed = true;
4906 ret = 0;
4907 }
4908
4909 } else {
4910 ret = mwl8k_cmd_set_new_stn_add(hw, vif, sta);
4911 }
4912
4913 for (i = 0; i < NUM_WEP_KEYS; i++) {
4914 key = IEEE80211_KEY_CONF(mwl8k_vif->wep_key_conf[i].key);
4915 if (mwl8k_vif->wep_key_conf[i].enabled)
4916 mwl8k_set_key(hw, SET_KEY, vif, sta, key);
4917 }
4918 return ret;
4919}
4920
4921static int mwl8k_conf_tx(struct ieee80211_hw *hw, u16 queue,
4922 const struct ieee80211_tx_queue_params *params)
4923{
4924 struct mwl8k_priv *priv = hw->priv;
4925 int rc;
4926
4927 rc = mwl8k_fw_lock(hw);
4928 if (!rc) {
4929 BUG_ON(queue > MWL8K_TX_WMM_QUEUES - 1);
4930 memcpy(&priv->wmm_params[queue], params, sizeof(*params));
4931
4932 if (!priv->wmm_enabled)
4933 rc = mwl8k_cmd_set_wmm_mode(hw, 1);
4934
4935 if (!rc) {
4936 int q = MWL8K_TX_WMM_QUEUES - 1 - queue;
4937 rc = mwl8k_cmd_set_edca_params(hw, q,
4938 params->cw_min,
4939 params->cw_max,
4940 params->aifs,
4941 params->txop);
4942 }
4943
4944 mwl8k_fw_unlock(hw);
4945 }
4946
4947 return rc;
4948}
4949
4950static int mwl8k_get_stats(struct ieee80211_hw *hw,
4951 struct ieee80211_low_level_stats *stats)
4952{
4953 return mwl8k_cmd_get_stat(hw, stats);
4954}
4955
4956static int mwl8k_get_survey(struct ieee80211_hw *hw, int idx,
4957 struct survey_info *survey)
4958{
4959 struct mwl8k_priv *priv = hw->priv;
4960 struct ieee80211_conf *conf = &hw->conf;
4961
4962 if (idx != 0)
4963 return -ENOENT;
4964
4965 survey->channel = conf->channel;
4966 survey->filled = SURVEY_INFO_NOISE_DBM;
4967 survey->noise = priv->noise;
4968
4969 return 0;
4970}
4971
4972#define MAX_AMPDU_ATTEMPTS 5
4973
4974static int
4975mwl8k_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4976 enum ieee80211_ampdu_mlme_action action,
4977 struct ieee80211_sta *sta, u16 tid, u16 *ssn,
4978 u8 buf_size)
4979{
4980
4981 int i, rc = 0;
4982 struct mwl8k_priv *priv = hw->priv;
4983 struct mwl8k_ampdu_stream *stream;
4984 u8 *addr = sta->addr;
4985
4986 if (!(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
4987 return -ENOTSUPP;
4988
4989 spin_lock(&priv->stream_lock);
4990 stream = mwl8k_lookup_stream(hw, addr, tid);
4991
4992 switch (action) {
4993 case IEEE80211_AMPDU_RX_START:
4994 case IEEE80211_AMPDU_RX_STOP:
4995 break;
4996 case IEEE80211_AMPDU_TX_START:
4997 /* By the time we get here the hw queues may contain outgoing
4998 * packets for this RA/TID that are not part of this BA
4999 * session. The hw will assign sequence numbers to these
5000 * packets as they go out. So if we query the hw for its next
5001 * sequence number and use that for the SSN here, it may end up
5002 * being wrong, which will lead to sequence number mismatch at
5003 * the recipient. To avoid this, we reset the sequence number
5004 * to O for the first MPDU in this BA stream.
5005 */
5006 *ssn = 0;
5007 if (stream == NULL) {
5008 /* This means that somebody outside this driver called
5009 * ieee80211_start_tx_ba_session. This is unexpected
5010 * because we do our own rate control. Just warn and
5011 * move on.
5012 */
5013 wiphy_warn(hw->wiphy, "Unexpected call to %s. "
5014 "Proceeding anyway.\n", __func__);
5015 stream = mwl8k_add_stream(hw, sta, tid);
5016 }
5017 if (stream == NULL) {
5018 wiphy_debug(hw->wiphy, "no free AMPDU streams\n");
5019 rc = -EBUSY;
5020 break;
5021 }
5022 stream->state = AMPDU_STREAM_IN_PROGRESS;
5023
5024 /* Release the lock before we do the time consuming stuff */
5025 spin_unlock(&priv->stream_lock);
5026 for (i = 0; i < MAX_AMPDU_ATTEMPTS; i++) {
5027 rc = mwl8k_check_ba(hw, stream);
5028
5029 if (!rc)
5030 break;
5031 /*
5032 * HW queues take time to be flushed, give them
5033 * sufficient time
5034 */
5035
5036 msleep(1000);
5037 }
5038 spin_lock(&priv->stream_lock);
5039 if (rc) {
5040 wiphy_err(hw->wiphy, "Stream for tid %d busy after %d"
5041 " attempts\n", tid, MAX_AMPDU_ATTEMPTS);
5042 mwl8k_remove_stream(hw, stream);
5043 rc = -EBUSY;
5044 break;
5045 }
5046 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid);
5047 break;
5048 case IEEE80211_AMPDU_TX_STOP:
5049 if (stream == NULL)
5050 break;
5051 if (stream->state == AMPDU_STREAM_ACTIVE) {
5052 spin_unlock(&priv->stream_lock);
5053 mwl8k_destroy_ba(hw, stream);
5054 spin_lock(&priv->stream_lock);
5055 }
5056 mwl8k_remove_stream(hw, stream);
5057 ieee80211_stop_tx_ba_cb_irqsafe(vif, addr, tid);
5058 break;
5059 case IEEE80211_AMPDU_TX_OPERATIONAL:
5060 BUG_ON(stream == NULL);
5061 BUG_ON(stream->state != AMPDU_STREAM_IN_PROGRESS);
5062 spin_unlock(&priv->stream_lock);
5063 rc = mwl8k_create_ba(hw, stream, buf_size);
5064 spin_lock(&priv->stream_lock);
5065 if (!rc)
5066 stream->state = AMPDU_STREAM_ACTIVE;
5067 else {
5068 spin_unlock(&priv->stream_lock);
5069 mwl8k_destroy_ba(hw, stream);
5070 spin_lock(&priv->stream_lock);
5071 wiphy_debug(hw->wiphy,
5072 "Failed adding stream for sta %pM tid %d\n",
5073 addr, tid);
5074 mwl8k_remove_stream(hw, stream);
5075 }
5076 break;
5077
5078 default:
5079 rc = -ENOTSUPP;
5080 }
5081
5082 spin_unlock(&priv->stream_lock);
5083 return rc;
5084}
5085
5086static const struct ieee80211_ops mwl8k_ops = {
5087 .tx = mwl8k_tx,
5088 .start = mwl8k_start,
5089 .stop = mwl8k_stop,
5090 .add_interface = mwl8k_add_interface,
5091 .remove_interface = mwl8k_remove_interface,
5092 .config = mwl8k_config,
5093 .bss_info_changed = mwl8k_bss_info_changed,
5094 .prepare_multicast = mwl8k_prepare_multicast,
5095 .configure_filter = mwl8k_configure_filter,
5096 .set_key = mwl8k_set_key,
5097 .set_rts_threshold = mwl8k_set_rts_threshold,
5098 .sta_add = mwl8k_sta_add,
5099 .sta_remove = mwl8k_sta_remove,
5100 .conf_tx = mwl8k_conf_tx,
5101 .get_stats = mwl8k_get_stats,
5102 .get_survey = mwl8k_get_survey,
5103 .ampdu_action = mwl8k_ampdu_action,
5104};
5105
5106static void mwl8k_finalize_join_worker(struct work_struct *work)
5107{
5108 struct mwl8k_priv *priv =
5109 container_of(work, struct mwl8k_priv, finalize_join_worker);
5110 struct sk_buff *skb = priv->beacon_skb;
5111 struct ieee80211_mgmt *mgmt = (void *)skb->data;
5112 int len = skb->len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
5113 const u8 *tim = cfg80211_find_ie(WLAN_EID_TIM,
5114 mgmt->u.beacon.variable, len);
5115 int dtim_period = 1;
5116
5117 if (tim && tim[1] >= 2)
5118 dtim_period = tim[3];
5119
5120 mwl8k_cmd_finalize_join(priv->hw, skb->data, skb->len, dtim_period);
5121
5122 dev_kfree_skb(skb);
5123 priv->beacon_skb = NULL;
5124}
5125
5126enum {
5127 MWL8363 = 0,
5128 MWL8687,
5129 MWL8366,
5130};
5131
5132#define MWL8K_8366_AP_FW_API 2
5133#define _MWL8K_8366_AP_FW(api) "mwl8k/fmimage_8366_ap-" #api ".fw"
5134#define MWL8K_8366_AP_FW(api) _MWL8K_8366_AP_FW(api)
5135
5136static struct mwl8k_device_info mwl8k_info_tbl[] __devinitdata = {
5137 [MWL8363] = {
5138 .part_name = "88w8363",
5139 .helper_image = "mwl8k/helper_8363.fw",
5140 .fw_image_sta = "mwl8k/fmimage_8363.fw",
5141 },
5142 [MWL8687] = {
5143 .part_name = "88w8687",
5144 .helper_image = "mwl8k/helper_8687.fw",
5145 .fw_image_sta = "mwl8k/fmimage_8687.fw",
5146 },
5147 [MWL8366] = {
5148 .part_name = "88w8366",
5149 .helper_image = "mwl8k/helper_8366.fw",
5150 .fw_image_sta = "mwl8k/fmimage_8366.fw",
5151 .fw_image_ap = MWL8K_8366_AP_FW(MWL8K_8366_AP_FW_API),
5152 .fw_api_ap = MWL8K_8366_AP_FW_API,
5153 .ap_rxd_ops = &rxd_8366_ap_ops,
5154 },
5155};
5156
5157MODULE_FIRMWARE("mwl8k/helper_8363.fw");
5158MODULE_FIRMWARE("mwl8k/fmimage_8363.fw");
5159MODULE_FIRMWARE("mwl8k/helper_8687.fw");
5160MODULE_FIRMWARE("mwl8k/fmimage_8687.fw");
5161MODULE_FIRMWARE("mwl8k/helper_8366.fw");
5162MODULE_FIRMWARE("mwl8k/fmimage_8366.fw");
5163MODULE_FIRMWARE(MWL8K_8366_AP_FW(MWL8K_8366_AP_FW_API));
5164
5165static DEFINE_PCI_DEVICE_TABLE(mwl8k_pci_id_table) = {
5166 { PCI_VDEVICE(MARVELL, 0x2a0a), .driver_data = MWL8363, },
5167 { PCI_VDEVICE(MARVELL, 0x2a0c), .driver_data = MWL8363, },
5168 { PCI_VDEVICE(MARVELL, 0x2a24), .driver_data = MWL8363, },
5169 { PCI_VDEVICE(MARVELL, 0x2a2b), .driver_data = MWL8687, },
5170 { PCI_VDEVICE(MARVELL, 0x2a30), .driver_data = MWL8687, },
5171 { PCI_VDEVICE(MARVELL, 0x2a40), .driver_data = MWL8366, },
5172 { PCI_VDEVICE(MARVELL, 0x2a43), .driver_data = MWL8366, },
5173 { },
5174};
5175MODULE_DEVICE_TABLE(pci, mwl8k_pci_id_table);
5176
5177static int mwl8k_request_alt_fw(struct mwl8k_priv *priv)
5178{
5179 int rc;
5180 printk(KERN_ERR "%s: Error requesting preferred fw %s.\n"
5181 "Trying alternative firmware %s\n", pci_name(priv->pdev),
5182 priv->fw_pref, priv->fw_alt);
5183 rc = mwl8k_request_fw(priv, priv->fw_alt, &priv->fw_ucode, true);
5184 if (rc) {
5185 printk(KERN_ERR "%s: Error requesting alt fw %s\n",
5186 pci_name(priv->pdev), priv->fw_alt);
5187 return rc;
5188 }
5189 return 0;
5190}
5191
5192static int mwl8k_firmware_load_success(struct mwl8k_priv *priv);
5193static void mwl8k_fw_state_machine(const struct firmware *fw, void *context)
5194{
5195 struct mwl8k_priv *priv = context;
5196 struct mwl8k_device_info *di = priv->device_info;
5197 int rc;
5198
5199 switch (priv->fw_state) {
5200 case FW_STATE_INIT:
5201 if (!fw) {
5202 printk(KERN_ERR "%s: Error requesting helper fw %s\n",
5203 pci_name(priv->pdev), di->helper_image);
5204 goto fail;
5205 }
5206 priv->fw_helper = fw;
5207 rc = mwl8k_request_fw(priv, priv->fw_pref, &priv->fw_ucode,
5208 true);
5209 if (rc && priv->fw_alt) {
5210 rc = mwl8k_request_alt_fw(priv);
5211 if (rc)
5212 goto fail;
5213 priv->fw_state = FW_STATE_LOADING_ALT;
5214 } else if (rc)
5215 goto fail;
5216 else
5217 priv->fw_state = FW_STATE_LOADING_PREF;
5218 break;
5219
5220 case FW_STATE_LOADING_PREF:
5221 if (!fw) {
5222 if (priv->fw_alt) {
5223 rc = mwl8k_request_alt_fw(priv);
5224 if (rc)
5225 goto fail;
5226 priv->fw_state = FW_STATE_LOADING_ALT;
5227 } else
5228 goto fail;
5229 } else {
5230 priv->fw_ucode = fw;
5231 rc = mwl8k_firmware_load_success(priv);
5232 if (rc)
5233 goto fail;
5234 else
5235 complete(&priv->firmware_loading_complete);
5236 }
5237 break;
5238
5239 case FW_STATE_LOADING_ALT:
5240 if (!fw) {
5241 printk(KERN_ERR "%s: Error requesting alt fw %s\n",
5242 pci_name(priv->pdev), di->helper_image);
5243 goto fail;
5244 }
5245 priv->fw_ucode = fw;
5246 rc = mwl8k_firmware_load_success(priv);
5247 if (rc)
5248 goto fail;
5249 else
5250 complete(&priv->firmware_loading_complete);
5251 break;
5252
5253 default:
5254 printk(KERN_ERR "%s: Unexpected firmware loading state: %d\n",
5255 MWL8K_NAME, priv->fw_state);
5256 BUG_ON(1);
5257 }
5258
5259 return;
5260
5261fail:
5262 priv->fw_state = FW_STATE_ERROR;
5263 complete(&priv->firmware_loading_complete);
5264 device_release_driver(&priv->pdev->dev);
5265 mwl8k_release_firmware(priv);
5266}
5267
5268static int mwl8k_init_firmware(struct ieee80211_hw *hw, char *fw_image,
5269 bool nowait)
5270{
5271 struct mwl8k_priv *priv = hw->priv;
5272 int rc;
5273
5274 /* Reset firmware and hardware */
5275 mwl8k_hw_reset(priv);
5276
5277 /* Ask userland hotplug daemon for the device firmware */
5278 rc = mwl8k_request_firmware(priv, fw_image, nowait);
5279 if (rc) {
5280 wiphy_err(hw->wiphy, "Firmware files not found\n");
5281 return rc;
5282 }
5283
5284 if (nowait)
5285 return rc;
5286
5287 /* Load firmware into hardware */
5288 rc = mwl8k_load_firmware(hw);
5289 if (rc)
5290 wiphy_err(hw->wiphy, "Cannot start firmware\n");
5291
5292 /* Reclaim memory once firmware is successfully loaded */
5293 mwl8k_release_firmware(priv);
5294
5295 return rc;
5296}
5297
5298static int mwl8k_init_txqs(struct ieee80211_hw *hw)
5299{
5300 struct mwl8k_priv *priv = hw->priv;
5301 int rc = 0;
5302 int i;
5303
5304 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
5305 rc = mwl8k_txq_init(hw, i);
5306 if (rc)
5307 break;
5308 if (priv->ap_fw)
5309 iowrite32(priv->txq[i].txd_dma,
5310 priv->sram + priv->txq_offset[i]);
5311 }
5312 return rc;
5313}
5314
5315/* initialize hw after successfully loading a firmware image */
5316static int mwl8k_probe_hw(struct ieee80211_hw *hw)
5317{
5318 struct mwl8k_priv *priv = hw->priv;
5319 int rc = 0;
5320 int i;
5321
5322 if (priv->ap_fw) {
5323 priv->rxd_ops = priv->device_info->ap_rxd_ops;
5324 if (priv->rxd_ops == NULL) {
5325 wiphy_err(hw->wiphy,
5326 "Driver does not have AP firmware image support for this hardware\n");
5327 goto err_stop_firmware;
5328 }
5329 } else {
5330 priv->rxd_ops = &rxd_sta_ops;
5331 }
5332
5333 priv->sniffer_enabled = false;
5334 priv->wmm_enabled = false;
5335 priv->pending_tx_pkts = 0;
5336
5337 rc = mwl8k_rxq_init(hw, 0);
5338 if (rc)
5339 goto err_stop_firmware;
5340 rxq_refill(hw, 0, INT_MAX);
5341
5342 /* For the sta firmware, we need to know the dma addresses of tx queues
5343 * before sending MWL8K_CMD_GET_HW_SPEC. So we must initialize them
5344 * prior to issuing this command. But for the AP case, we learn the
5345 * total number of queues from the result CMD_GET_HW_SPEC, so for this
5346 * case we must initialize the tx queues after.
5347 */
5348 priv->num_ampdu_queues = 0;
5349 if (!priv->ap_fw) {
5350 rc = mwl8k_init_txqs(hw);
5351 if (rc)
5352 goto err_free_queues;
5353 }
5354
5355 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
5356 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5357 iowrite32(MWL8K_A2H_INT_TX_DONE|MWL8K_A2H_INT_RX_READY|
5358 MWL8K_A2H_INT_BA_WATCHDOG,
5359 priv->regs + MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL);
5360 iowrite32(MWL8K_A2H_INT_OPC_DONE,
5361 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
5362
5363 rc = request_irq(priv->pdev->irq, mwl8k_interrupt,
5364 IRQF_SHARED, MWL8K_NAME, hw);
5365 if (rc) {
5366 wiphy_err(hw->wiphy, "failed to register IRQ handler\n");
5367 goto err_free_queues;
5368 }
5369
5370 memset(priv->ampdu, 0, sizeof(priv->ampdu));
5371
5372 /*
5373 * Temporarily enable interrupts. Initial firmware host
5374 * commands use interrupts and avoid polling. Disable
5375 * interrupts when done.
5376 */
5377 iowrite32(MWL8K_A2H_EVENTS, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5378
5379 /* Get config data, mac addrs etc */
5380 if (priv->ap_fw) {
5381 rc = mwl8k_cmd_get_hw_spec_ap(hw);
5382 if (!rc)
5383 rc = mwl8k_init_txqs(hw);
5384 if (!rc)
5385 rc = mwl8k_cmd_set_hw_spec(hw);
5386 } else {
5387 rc = mwl8k_cmd_get_hw_spec_sta(hw);
5388 }
5389 if (rc) {
5390 wiphy_err(hw->wiphy, "Cannot initialise firmware\n");
5391 goto err_free_irq;
5392 }
5393
5394 /* Turn radio off */
5395 rc = mwl8k_cmd_radio_disable(hw);
5396 if (rc) {
5397 wiphy_err(hw->wiphy, "Cannot disable\n");
5398 goto err_free_irq;
5399 }
5400
5401 /* Clear MAC address */
5402 rc = mwl8k_cmd_set_mac_addr(hw, NULL, "\x00\x00\x00\x00\x00\x00");
5403 if (rc) {
5404 wiphy_err(hw->wiphy, "Cannot clear MAC address\n");
5405 goto err_free_irq;
5406 }
5407
5408 /* Disable interrupts */
5409 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5410 free_irq(priv->pdev->irq, hw);
5411
5412 wiphy_info(hw->wiphy, "%s v%d, %pm, %s firmware %u.%u.%u.%u\n",
5413 priv->device_info->part_name,
5414 priv->hw_rev, hw->wiphy->perm_addr,
5415 priv->ap_fw ? "AP" : "STA",
5416 (priv->fw_rev >> 24) & 0xff, (priv->fw_rev >> 16) & 0xff,
5417 (priv->fw_rev >> 8) & 0xff, priv->fw_rev & 0xff);
5418
5419 return 0;
5420
5421err_free_irq:
5422 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5423 free_irq(priv->pdev->irq, hw);
5424
5425err_free_queues:
5426 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5427 mwl8k_txq_deinit(hw, i);
5428 mwl8k_rxq_deinit(hw, 0);
5429
5430err_stop_firmware:
5431 mwl8k_hw_reset(priv);
5432
5433 return rc;
5434}
5435
5436/*
5437 * invoke mwl8k_reload_firmware to change the firmware image after the device
5438 * has already been registered
5439 */
5440static int mwl8k_reload_firmware(struct ieee80211_hw *hw, char *fw_image)
5441{
5442 int i, rc = 0;
5443 struct mwl8k_priv *priv = hw->priv;
5444
5445 mwl8k_stop(hw);
5446 mwl8k_rxq_deinit(hw, 0);
5447
5448 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5449 mwl8k_txq_deinit(hw, i);
5450
5451 rc = mwl8k_init_firmware(hw, fw_image, false);
5452 if (rc)
5453 goto fail;
5454
5455 rc = mwl8k_probe_hw(hw);
5456 if (rc)
5457 goto fail;
5458
5459 rc = mwl8k_start(hw);
5460 if (rc)
5461 goto fail;
5462
5463 rc = mwl8k_config(hw, ~0);
5464 if (rc)
5465 goto fail;
5466
5467 for (i = 0; i < MWL8K_TX_WMM_QUEUES; i++) {
5468 rc = mwl8k_conf_tx(hw, i, &priv->wmm_params[i]);
5469 if (rc)
5470 goto fail;
5471 }
5472
5473 return rc;
5474
5475fail:
5476 printk(KERN_WARNING "mwl8k: Failed to reload firmware image.\n");
5477 return rc;
5478}
5479
5480static int mwl8k_firmware_load_success(struct mwl8k_priv *priv)
5481{
5482 struct ieee80211_hw *hw = priv->hw;
5483 int i, rc;
5484
5485 rc = mwl8k_load_firmware(hw);
5486 mwl8k_release_firmware(priv);
5487 if (rc) {
5488 wiphy_err(hw->wiphy, "Cannot start firmware\n");
5489 return rc;
5490 }
5491
5492 /*
5493 * Extra headroom is the size of the required DMA header
5494 * minus the size of the smallest 802.11 frame (CTS frame).
5495 */
5496 hw->extra_tx_headroom =
5497 sizeof(struct mwl8k_dma_data) - sizeof(struct ieee80211_cts);
5498
5499 hw->extra_tx_headroom -= priv->ap_fw ? REDUCED_TX_HEADROOM : 0;
5500
5501 hw->channel_change_time = 10;
5502
5503 hw->queues = MWL8K_TX_WMM_QUEUES;
5504
5505 /* Set rssi values to dBm */
5506 hw->flags |= IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_HAS_RATE_CONTROL;
5507 hw->vif_data_size = sizeof(struct mwl8k_vif);
5508 hw->sta_data_size = sizeof(struct mwl8k_sta);
5509
5510 priv->macids_used = 0;
5511 INIT_LIST_HEAD(&priv->vif_list);
5512
5513 /* Set default radio state and preamble */
5514 priv->radio_on = 0;
5515 priv->radio_short_preamble = 0;
5516
5517 /* Finalize join worker */
5518 INIT_WORK(&priv->finalize_join_worker, mwl8k_finalize_join_worker);
5519 /* Handle watchdog ba events */
5520 INIT_WORK(&priv->watchdog_ba_handle, mwl8k_watchdog_ba_events);
5521
5522 /* TX reclaim and RX tasklets. */
5523 tasklet_init(&priv->poll_tx_task, mwl8k_tx_poll, (unsigned long)hw);
5524 tasklet_disable(&priv->poll_tx_task);
5525 tasklet_init(&priv->poll_rx_task, mwl8k_rx_poll, (unsigned long)hw);
5526 tasklet_disable(&priv->poll_rx_task);
5527
5528 /* Power management cookie */
5529 priv->cookie = pci_alloc_consistent(priv->pdev, 4, &priv->cookie_dma);
5530 if (priv->cookie == NULL)
5531 return -ENOMEM;
5532
5533 mutex_init(&priv->fw_mutex);
5534 priv->fw_mutex_owner = NULL;
5535 priv->fw_mutex_depth = 0;
5536 priv->hostcmd_wait = NULL;
5537
5538 spin_lock_init(&priv->tx_lock);
5539
5540 spin_lock_init(&priv->stream_lock);
5541
5542 priv->tx_wait = NULL;
5543
5544 rc = mwl8k_probe_hw(hw);
5545 if (rc)
5546 goto err_free_cookie;
5547
5548 hw->wiphy->interface_modes = 0;
5549 if (priv->ap_macids_supported || priv->device_info->fw_image_ap)
5550 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP);
5551 if (priv->sta_macids_supported || priv->device_info->fw_image_sta)
5552 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_STATION);
5553
5554 rc = ieee80211_register_hw(hw);
5555 if (rc) {
5556 wiphy_err(hw->wiphy, "Cannot register device\n");
5557 goto err_unprobe_hw;
5558 }
5559
5560 return 0;
5561
5562err_unprobe_hw:
5563 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5564 mwl8k_txq_deinit(hw, i);
5565 mwl8k_rxq_deinit(hw, 0);
5566
5567err_free_cookie:
5568 if (priv->cookie != NULL)
5569 pci_free_consistent(priv->pdev, 4,
5570 priv->cookie, priv->cookie_dma);
5571
5572 return rc;
5573}
5574static int __devinit mwl8k_probe(struct pci_dev *pdev,
5575 const struct pci_device_id *id)
5576{
5577 static int printed_version;
5578 struct ieee80211_hw *hw;
5579 struct mwl8k_priv *priv;
5580 struct mwl8k_device_info *di;
5581 int rc;
5582
5583 if (!printed_version) {
5584 printk(KERN_INFO "%s version %s\n", MWL8K_DESC, MWL8K_VERSION);
5585 printed_version = 1;
5586 }
5587
5588
5589 rc = pci_enable_device(pdev);
5590 if (rc) {
5591 printk(KERN_ERR "%s: Cannot enable new PCI device\n",
5592 MWL8K_NAME);
5593 return rc;
5594 }
5595
5596 rc = pci_request_regions(pdev, MWL8K_NAME);
5597 if (rc) {
5598 printk(KERN_ERR "%s: Cannot obtain PCI resources\n",
5599 MWL8K_NAME);
5600 goto err_disable_device;
5601 }
5602
5603 pci_set_master(pdev);
5604
5605
5606 hw = ieee80211_alloc_hw(sizeof(*priv), &mwl8k_ops);
5607 if (hw == NULL) {
5608 printk(KERN_ERR "%s: ieee80211 alloc failed\n", MWL8K_NAME);
5609 rc = -ENOMEM;
5610 goto err_free_reg;
5611 }
5612
5613 SET_IEEE80211_DEV(hw, &pdev->dev);
5614 pci_set_drvdata(pdev, hw);
5615
5616 priv = hw->priv;
5617 priv->hw = hw;
5618 priv->pdev = pdev;
5619 priv->device_info = &mwl8k_info_tbl[id->driver_data];
5620
5621
5622 priv->sram = pci_iomap(pdev, 0, 0x10000);
5623 if (priv->sram == NULL) {
5624 wiphy_err(hw->wiphy, "Cannot map device SRAM\n");
5625 goto err_iounmap;
5626 }
5627
5628 /*
5629 * If BAR0 is a 32 bit BAR, the register BAR will be BAR1.
5630 * If BAR0 is a 64 bit BAR, the register BAR will be BAR2.
5631 */
5632 priv->regs = pci_iomap(pdev, 1, 0x10000);
5633 if (priv->regs == NULL) {
5634 priv->regs = pci_iomap(pdev, 2, 0x10000);
5635 if (priv->regs == NULL) {
5636 wiphy_err(hw->wiphy, "Cannot map device registers\n");
5637 goto err_iounmap;
5638 }
5639 }
5640
5641 /*
5642 * Choose the initial fw image depending on user input. If a second
5643 * image is available, make it the alternative image that will be
5644 * loaded if the first one fails.
5645 */
5646 init_completion(&priv->firmware_loading_complete);
5647 di = priv->device_info;
5648 if (ap_mode_default && di->fw_image_ap) {
5649 priv->fw_pref = di->fw_image_ap;
5650 priv->fw_alt = di->fw_image_sta;
5651 } else if (!ap_mode_default && di->fw_image_sta) {
5652 priv->fw_pref = di->fw_image_sta;
5653 priv->fw_alt = di->fw_image_ap;
5654 } else if (ap_mode_default && !di->fw_image_ap && di->fw_image_sta) {
5655 printk(KERN_WARNING "AP fw is unavailable. Using STA fw.");
5656 priv->fw_pref = di->fw_image_sta;
5657 } else if (!ap_mode_default && !di->fw_image_sta && di->fw_image_ap) {
5658 printk(KERN_WARNING "STA fw is unavailable. Using AP fw.");
5659 priv->fw_pref = di->fw_image_ap;
5660 }
5661 rc = mwl8k_init_firmware(hw, priv->fw_pref, true);
5662 if (rc)
5663 goto err_stop_firmware;
5664 return rc;
5665
5666err_stop_firmware:
5667 mwl8k_hw_reset(priv);
5668
5669err_iounmap:
5670 if (priv->regs != NULL)
5671 pci_iounmap(pdev, priv->regs);
5672
5673 if (priv->sram != NULL)
5674 pci_iounmap(pdev, priv->sram);
5675
5676 pci_set_drvdata(pdev, NULL);
5677 ieee80211_free_hw(hw);
5678
5679err_free_reg:
5680 pci_release_regions(pdev);
5681
5682err_disable_device:
5683 pci_disable_device(pdev);
5684
5685 return rc;
5686}
5687
5688static void __devexit mwl8k_shutdown(struct pci_dev *pdev)
5689{
5690 printk(KERN_ERR "===>%s(%u)\n", __func__, __LINE__);
5691}
5692
5693static void __devexit mwl8k_remove(struct pci_dev *pdev)
5694{
5695 struct ieee80211_hw *hw = pci_get_drvdata(pdev);
5696 struct mwl8k_priv *priv;
5697 int i;
5698
5699 if (hw == NULL)
5700 return;
5701 priv = hw->priv;
5702
5703 wait_for_completion(&priv->firmware_loading_complete);
5704
5705 if (priv->fw_state == FW_STATE_ERROR) {
5706 mwl8k_hw_reset(priv);
5707 goto unmap;
5708 }
5709
5710 ieee80211_stop_queues(hw);
5711
5712 ieee80211_unregister_hw(hw);
5713
5714 /* Remove TX reclaim and RX tasklets. */
5715 tasklet_kill(&priv->poll_tx_task);
5716 tasklet_kill(&priv->poll_rx_task);
5717
5718 /* Stop hardware */
5719 mwl8k_hw_reset(priv);
5720
5721 /* Return all skbs to mac80211 */
5722 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5723 mwl8k_txq_reclaim(hw, i, INT_MAX, 1);
5724
5725 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5726 mwl8k_txq_deinit(hw, i);
5727
5728 mwl8k_rxq_deinit(hw, 0);
5729
5730 pci_free_consistent(priv->pdev, 4, priv->cookie, priv->cookie_dma);
5731
5732unmap:
5733 pci_iounmap(pdev, priv->regs);
5734 pci_iounmap(pdev, priv->sram);
5735 pci_set_drvdata(pdev, NULL);
5736 ieee80211_free_hw(hw);
5737 pci_release_regions(pdev);
5738 pci_disable_device(pdev);
5739}
5740
5741static struct pci_driver mwl8k_driver = {
5742 .name = MWL8K_NAME,
5743 .id_table = mwl8k_pci_id_table,
5744 .probe = mwl8k_probe,
5745 .remove = __devexit_p(mwl8k_remove),
5746 .shutdown = __devexit_p(mwl8k_shutdown),
5747};
5748
5749static int __init mwl8k_init(void)
5750{
5751 return pci_register_driver(&mwl8k_driver);
5752}
5753
5754static void __exit mwl8k_exit(void)
5755{
5756 pci_unregister_driver(&mwl8k_driver);
5757}
5758
5759module_init(mwl8k_init);
5760module_exit(mwl8k_exit);
5761
5762MODULE_DESCRIPTION(MWL8K_DESC);
5763MODULE_VERSION(MWL8K_VERSION);
5764MODULE_AUTHOR("Lennert Buytenhek <buytenh@marvell.com>");
5765MODULE_LICENSE("GPL");
1/*
2 * drivers/net/wireless/mwl8k.c
3 * Driver for Marvell TOPDOG 802.11 Wireless cards
4 *
5 * Copyright (C) 2008, 2009, 2010 Marvell Semiconductor Inc.
6 *
7 * This file is licensed under the terms of the GNU General Public
8 * License version 2. This program is licensed "as is" without any
9 * warranty of any kind, whether express or implied.
10 */
11
12#include <linux/interrupt.h>
13#include <linux/module.h>
14#include <linux/kernel.h>
15#include <linux/sched.h>
16#include <linux/spinlock.h>
17#include <linux/list.h>
18#include <linux/pci.h>
19#include <linux/delay.h>
20#include <linux/completion.h>
21#include <linux/etherdevice.h>
22#include <linux/slab.h>
23#include <net/mac80211.h>
24#include <linux/moduleparam.h>
25#include <linux/firmware.h>
26#include <linux/workqueue.h>
27
28#define MWL8K_DESC "Marvell TOPDOG(R) 802.11 Wireless Network Driver"
29#define MWL8K_NAME KBUILD_MODNAME
30#define MWL8K_VERSION "0.13"
31
32/* Module parameters */
33static bool ap_mode_default;
34module_param(ap_mode_default, bool, 0);
35MODULE_PARM_DESC(ap_mode_default,
36 "Set to 1 to make ap mode the default instead of sta mode");
37
38/* Register definitions */
39#define MWL8K_HIU_GEN_PTR 0x00000c10
40#define MWL8K_MODE_STA 0x0000005a
41#define MWL8K_MODE_AP 0x000000a5
42#define MWL8K_HIU_INT_CODE 0x00000c14
43#define MWL8K_FWSTA_READY 0xf0f1f2f4
44#define MWL8K_FWAP_READY 0xf1f2f4a5
45#define MWL8K_INT_CODE_CMD_FINISHED 0x00000005
46#define MWL8K_HIU_SCRATCH 0x00000c40
47
48/* Host->device communications */
49#define MWL8K_HIU_H2A_INTERRUPT_EVENTS 0x00000c18
50#define MWL8K_HIU_H2A_INTERRUPT_STATUS 0x00000c1c
51#define MWL8K_HIU_H2A_INTERRUPT_MASK 0x00000c20
52#define MWL8K_HIU_H2A_INTERRUPT_CLEAR_SEL 0x00000c24
53#define MWL8K_HIU_H2A_INTERRUPT_STATUS_MASK 0x00000c28
54#define MWL8K_H2A_INT_DUMMY (1 << 20)
55#define MWL8K_H2A_INT_RESET (1 << 15)
56#define MWL8K_H2A_INT_DOORBELL (1 << 1)
57#define MWL8K_H2A_INT_PPA_READY (1 << 0)
58
59/* Device->host communications */
60#define MWL8K_HIU_A2H_INTERRUPT_EVENTS 0x00000c2c
61#define MWL8K_HIU_A2H_INTERRUPT_STATUS 0x00000c30
62#define MWL8K_HIU_A2H_INTERRUPT_MASK 0x00000c34
63#define MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL 0x00000c38
64#define MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK 0x00000c3c
65#define MWL8K_A2H_INT_DUMMY (1 << 20)
66#define MWL8K_A2H_INT_BA_WATCHDOG (1 << 14)
67#define MWL8K_A2H_INT_CHNL_SWITCHED (1 << 11)
68#define MWL8K_A2H_INT_QUEUE_EMPTY (1 << 10)
69#define MWL8K_A2H_INT_RADAR_DETECT (1 << 7)
70#define MWL8K_A2H_INT_RADIO_ON (1 << 6)
71#define MWL8K_A2H_INT_RADIO_OFF (1 << 5)
72#define MWL8K_A2H_INT_MAC_EVENT (1 << 3)
73#define MWL8K_A2H_INT_OPC_DONE (1 << 2)
74#define MWL8K_A2H_INT_RX_READY (1 << 1)
75#define MWL8K_A2H_INT_TX_DONE (1 << 0)
76
77/* HW micro second timer register
78 * located at offset 0xA600. This
79 * will be used to timestamp tx
80 * packets.
81 */
82
83#define MWL8K_HW_TIMER_REGISTER 0x0000a600
84#define BBU_RXRDY_CNT_REG 0x0000a860
85#define NOK_CCA_CNT_REG 0x0000a6a0
86#define BBU_AVG_NOISE_VAL 0x67
87
88#define MWL8K_A2H_EVENTS (MWL8K_A2H_INT_DUMMY | \
89 MWL8K_A2H_INT_CHNL_SWITCHED | \
90 MWL8K_A2H_INT_QUEUE_EMPTY | \
91 MWL8K_A2H_INT_RADAR_DETECT | \
92 MWL8K_A2H_INT_RADIO_ON | \
93 MWL8K_A2H_INT_RADIO_OFF | \
94 MWL8K_A2H_INT_MAC_EVENT | \
95 MWL8K_A2H_INT_OPC_DONE | \
96 MWL8K_A2H_INT_RX_READY | \
97 MWL8K_A2H_INT_TX_DONE | \
98 MWL8K_A2H_INT_BA_WATCHDOG)
99
100#define MWL8K_RX_QUEUES 1
101#define MWL8K_TX_WMM_QUEUES 4
102#define MWL8K_MAX_AMPDU_QUEUES 8
103#define MWL8K_MAX_TX_QUEUES (MWL8K_TX_WMM_QUEUES + MWL8K_MAX_AMPDU_QUEUES)
104#define mwl8k_tx_queues(priv) (MWL8K_TX_WMM_QUEUES + (priv)->num_ampdu_queues)
105
106/* txpriorities are mapped with hw queues.
107 * Each hw queue has a txpriority.
108 */
109#define TOTAL_HW_TX_QUEUES 8
110
111/* Each HW queue can have one AMPDU stream.
112 * But, because one of the hw queue is reserved,
113 * maximum AMPDU queues that can be created are
114 * one short of total tx queues.
115 */
116#define MWL8K_NUM_AMPDU_STREAMS (TOTAL_HW_TX_QUEUES - 1)
117
118#define MWL8K_NUM_CHANS 18
119
120struct rxd_ops {
121 int rxd_size;
122 void (*rxd_init)(void *rxd, dma_addr_t next_dma_addr);
123 void (*rxd_refill)(void *rxd, dma_addr_t addr, int len);
124 int (*rxd_process)(void *rxd, struct ieee80211_rx_status *status,
125 __le16 *qos, s8 *noise);
126};
127
128struct mwl8k_device_info {
129 char *part_name;
130 char *helper_image;
131 char *fw_image_sta;
132 char *fw_image_ap;
133 struct rxd_ops *ap_rxd_ops;
134 u32 fw_api_ap;
135};
136
137struct mwl8k_rx_queue {
138 int rxd_count;
139
140 /* hw receives here */
141 int head;
142
143 /* refill descs here */
144 int tail;
145
146 void *rxd;
147 dma_addr_t rxd_dma;
148 struct {
149 struct sk_buff *skb;
150 DEFINE_DMA_UNMAP_ADDR(dma);
151 } *buf;
152};
153
154struct mwl8k_tx_queue {
155 /* hw transmits here */
156 int head;
157
158 /* sw appends here */
159 int tail;
160
161 unsigned int len;
162 struct mwl8k_tx_desc *txd;
163 dma_addr_t txd_dma;
164 struct sk_buff **skb;
165};
166
167enum {
168 AMPDU_NO_STREAM,
169 AMPDU_STREAM_NEW,
170 AMPDU_STREAM_IN_PROGRESS,
171 AMPDU_STREAM_ACTIVE,
172};
173
174struct mwl8k_ampdu_stream {
175 struct ieee80211_sta *sta;
176 u8 tid;
177 u8 state;
178 u8 idx;
179};
180
181struct mwl8k_priv {
182 struct ieee80211_hw *hw;
183 struct pci_dev *pdev;
184 int irq;
185
186 struct mwl8k_device_info *device_info;
187
188 void __iomem *sram;
189 void __iomem *regs;
190
191 /* firmware */
192 const struct firmware *fw_helper;
193 const struct firmware *fw_ucode;
194
195 /* hardware/firmware parameters */
196 bool ap_fw;
197 struct rxd_ops *rxd_ops;
198 struct ieee80211_supported_band band_24;
199 struct ieee80211_channel channels_24[14];
200 struct ieee80211_rate rates_24[13];
201 struct ieee80211_supported_band band_50;
202 struct ieee80211_channel channels_50[4];
203 struct ieee80211_rate rates_50[8];
204 u32 ap_macids_supported;
205 u32 sta_macids_supported;
206
207 /* Ampdu stream information */
208 u8 num_ampdu_queues;
209 spinlock_t stream_lock;
210 struct mwl8k_ampdu_stream ampdu[MWL8K_MAX_AMPDU_QUEUES];
211 struct work_struct watchdog_ba_handle;
212
213 /* firmware access */
214 struct mutex fw_mutex;
215 struct task_struct *fw_mutex_owner;
216 struct task_struct *hw_restart_owner;
217 int fw_mutex_depth;
218 struct completion *hostcmd_wait;
219
220 atomic_t watchdog_event_pending;
221
222 /* lock held over TX and TX reap */
223 spinlock_t tx_lock;
224
225 /* TX quiesce completion, protected by fw_mutex and tx_lock */
226 struct completion *tx_wait;
227
228 /* List of interfaces. */
229 u32 macids_used;
230 struct list_head vif_list;
231
232 /* power management status cookie from firmware */
233 u32 *cookie;
234 dma_addr_t cookie_dma;
235
236 u16 num_mcaddrs;
237 u8 hw_rev;
238 u32 fw_rev;
239 u32 caps;
240
241 /*
242 * Running count of TX packets in flight, to avoid
243 * iterating over the transmit rings each time.
244 */
245 int pending_tx_pkts;
246
247 struct mwl8k_rx_queue rxq[MWL8K_RX_QUEUES];
248 struct mwl8k_tx_queue txq[MWL8K_MAX_TX_QUEUES];
249 u32 txq_offset[MWL8K_MAX_TX_QUEUES];
250
251 bool radio_on;
252 bool radio_short_preamble;
253 bool sniffer_enabled;
254 bool wmm_enabled;
255
256 /* XXX need to convert this to handle multiple interfaces */
257 bool capture_beacon;
258 u8 capture_bssid[ETH_ALEN];
259 struct sk_buff *beacon_skb;
260
261 /*
262 * This FJ worker has to be global as it is scheduled from the
263 * RX handler. At this point we don't know which interface it
264 * belongs to until the list of bssids waiting to complete join
265 * is checked.
266 */
267 struct work_struct finalize_join_worker;
268
269 /* Tasklet to perform TX reclaim. */
270 struct tasklet_struct poll_tx_task;
271
272 /* Tasklet to perform RX. */
273 struct tasklet_struct poll_rx_task;
274
275 /* Most recently reported noise in dBm */
276 s8 noise;
277
278 /*
279 * preserve the queue configurations so they can be restored if/when
280 * the firmware image is swapped.
281 */
282 struct ieee80211_tx_queue_params wmm_params[MWL8K_TX_WMM_QUEUES];
283
284 /* To perform the task of reloading the firmware */
285 struct work_struct fw_reload;
286 bool hw_restart_in_progress;
287
288 /* async firmware loading state */
289 unsigned fw_state;
290 char *fw_pref;
291 char *fw_alt;
292 bool is_8764;
293 struct completion firmware_loading_complete;
294
295 /* bitmap of running BSSes */
296 u32 running_bsses;
297
298 /* ACS related */
299 bool sw_scan_start;
300 struct ieee80211_channel *acs_chan;
301 unsigned long channel_time;
302 struct survey_info survey[MWL8K_NUM_CHANS];
303};
304
305#define MAX_WEP_KEY_LEN 13
306#define NUM_WEP_KEYS 4
307
308/* Per interface specific private data */
309struct mwl8k_vif {
310 struct list_head list;
311 struct ieee80211_vif *vif;
312
313 /* Firmware macid for this vif. */
314 int macid;
315
316 /* Non AMPDU sequence number assigned by driver. */
317 u16 seqno;
318
319 /* Saved WEP keys */
320 struct {
321 u8 enabled;
322 u8 key[sizeof(struct ieee80211_key_conf) + MAX_WEP_KEY_LEN];
323 } wep_key_conf[NUM_WEP_KEYS];
324
325 /* BSSID */
326 u8 bssid[ETH_ALEN];
327
328 /* A flag to indicate is HW crypto is enabled for this bssid */
329 bool is_hw_crypto_enabled;
330};
331#define MWL8K_VIF(_vif) ((struct mwl8k_vif *)&((_vif)->drv_priv))
332#define IEEE80211_KEY_CONF(_u8) ((struct ieee80211_key_conf *)(_u8))
333
334struct tx_traffic_info {
335 u32 start_time;
336 u32 pkts;
337};
338
339#define MWL8K_MAX_TID 8
340struct mwl8k_sta {
341 /* Index into station database. Returned by UPDATE_STADB. */
342 u8 peer_id;
343 u8 is_ampdu_allowed;
344 struct tx_traffic_info tx_stats[MWL8K_MAX_TID];
345};
346#define MWL8K_STA(_sta) ((struct mwl8k_sta *)&((_sta)->drv_priv))
347
348static const struct ieee80211_channel mwl8k_channels_24[] = {
349 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2412, .hw_value = 1, },
350 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2417, .hw_value = 2, },
351 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2422, .hw_value = 3, },
352 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2427, .hw_value = 4, },
353 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2432, .hw_value = 5, },
354 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2437, .hw_value = 6, },
355 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2442, .hw_value = 7, },
356 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2447, .hw_value = 8, },
357 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2452, .hw_value = 9, },
358 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2457, .hw_value = 10, },
359 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2462, .hw_value = 11, },
360 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2467, .hw_value = 12, },
361 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2472, .hw_value = 13, },
362 { .band = IEEE80211_BAND_2GHZ, .center_freq = 2484, .hw_value = 14, },
363};
364
365static const struct ieee80211_rate mwl8k_rates_24[] = {
366 { .bitrate = 10, .hw_value = 2, },
367 { .bitrate = 20, .hw_value = 4, },
368 { .bitrate = 55, .hw_value = 11, },
369 { .bitrate = 110, .hw_value = 22, },
370 { .bitrate = 220, .hw_value = 44, },
371 { .bitrate = 60, .hw_value = 12, },
372 { .bitrate = 90, .hw_value = 18, },
373 { .bitrate = 120, .hw_value = 24, },
374 { .bitrate = 180, .hw_value = 36, },
375 { .bitrate = 240, .hw_value = 48, },
376 { .bitrate = 360, .hw_value = 72, },
377 { .bitrate = 480, .hw_value = 96, },
378 { .bitrate = 540, .hw_value = 108, },
379};
380
381static const struct ieee80211_channel mwl8k_channels_50[] = {
382 { .band = IEEE80211_BAND_5GHZ, .center_freq = 5180, .hw_value = 36, },
383 { .band = IEEE80211_BAND_5GHZ, .center_freq = 5200, .hw_value = 40, },
384 { .band = IEEE80211_BAND_5GHZ, .center_freq = 5220, .hw_value = 44, },
385 { .band = IEEE80211_BAND_5GHZ, .center_freq = 5240, .hw_value = 48, },
386};
387
388static const struct ieee80211_rate mwl8k_rates_50[] = {
389 { .bitrate = 60, .hw_value = 12, },
390 { .bitrate = 90, .hw_value = 18, },
391 { .bitrate = 120, .hw_value = 24, },
392 { .bitrate = 180, .hw_value = 36, },
393 { .bitrate = 240, .hw_value = 48, },
394 { .bitrate = 360, .hw_value = 72, },
395 { .bitrate = 480, .hw_value = 96, },
396 { .bitrate = 540, .hw_value = 108, },
397};
398
399/* Set or get info from Firmware */
400#define MWL8K_CMD_GET 0x0000
401#define MWL8K_CMD_SET 0x0001
402#define MWL8K_CMD_SET_LIST 0x0002
403
404/* Firmware command codes */
405#define MWL8K_CMD_CODE_DNLD 0x0001
406#define MWL8K_CMD_GET_HW_SPEC 0x0003
407#define MWL8K_CMD_SET_HW_SPEC 0x0004
408#define MWL8K_CMD_MAC_MULTICAST_ADR 0x0010
409#define MWL8K_CMD_GET_STAT 0x0014
410#define MWL8K_CMD_BBP_REG_ACCESS 0x001a
411#define MWL8K_CMD_RADIO_CONTROL 0x001c
412#define MWL8K_CMD_RF_TX_POWER 0x001e
413#define MWL8K_CMD_TX_POWER 0x001f
414#define MWL8K_CMD_RF_ANTENNA 0x0020
415#define MWL8K_CMD_SET_BEACON 0x0100 /* per-vif */
416#define MWL8K_CMD_SET_PRE_SCAN 0x0107
417#define MWL8K_CMD_SET_POST_SCAN 0x0108
418#define MWL8K_CMD_SET_RF_CHANNEL 0x010a
419#define MWL8K_CMD_SET_AID 0x010d
420#define MWL8K_CMD_SET_RATE 0x0110
421#define MWL8K_CMD_SET_FINALIZE_JOIN 0x0111
422#define MWL8K_CMD_RTS_THRESHOLD 0x0113
423#define MWL8K_CMD_SET_SLOT 0x0114
424#define MWL8K_CMD_SET_EDCA_PARAMS 0x0115
425#define MWL8K_CMD_SET_WMM_MODE 0x0123
426#define MWL8K_CMD_MIMO_CONFIG 0x0125
427#define MWL8K_CMD_USE_FIXED_RATE 0x0126
428#define MWL8K_CMD_ENABLE_SNIFFER 0x0150
429#define MWL8K_CMD_SET_MAC_ADDR 0x0202 /* per-vif */
430#define MWL8K_CMD_SET_RATEADAPT_MODE 0x0203
431#define MWL8K_CMD_GET_WATCHDOG_BITMAP 0x0205
432#define MWL8K_CMD_DEL_MAC_ADDR 0x0206 /* per-vif */
433#define MWL8K_CMD_BSS_START 0x1100 /* per-vif */
434#define MWL8K_CMD_SET_NEW_STN 0x1111 /* per-vif */
435#define MWL8K_CMD_UPDATE_ENCRYPTION 0x1122 /* per-vif */
436#define MWL8K_CMD_UPDATE_STADB 0x1123
437#define MWL8K_CMD_BASTREAM 0x1125
438
439static const char *mwl8k_cmd_name(__le16 cmd, char *buf, int bufsize)
440{
441 u16 command = le16_to_cpu(cmd);
442
443#define MWL8K_CMDNAME(x) case MWL8K_CMD_##x: do {\
444 snprintf(buf, bufsize, "%s", #x);\
445 return buf;\
446 } while (0)
447 switch (command & ~0x8000) {
448 MWL8K_CMDNAME(CODE_DNLD);
449 MWL8K_CMDNAME(GET_HW_SPEC);
450 MWL8K_CMDNAME(SET_HW_SPEC);
451 MWL8K_CMDNAME(MAC_MULTICAST_ADR);
452 MWL8K_CMDNAME(GET_STAT);
453 MWL8K_CMDNAME(RADIO_CONTROL);
454 MWL8K_CMDNAME(RF_TX_POWER);
455 MWL8K_CMDNAME(TX_POWER);
456 MWL8K_CMDNAME(RF_ANTENNA);
457 MWL8K_CMDNAME(SET_BEACON);
458 MWL8K_CMDNAME(SET_PRE_SCAN);
459 MWL8K_CMDNAME(SET_POST_SCAN);
460 MWL8K_CMDNAME(SET_RF_CHANNEL);
461 MWL8K_CMDNAME(SET_AID);
462 MWL8K_CMDNAME(SET_RATE);
463 MWL8K_CMDNAME(SET_FINALIZE_JOIN);
464 MWL8K_CMDNAME(RTS_THRESHOLD);
465 MWL8K_CMDNAME(SET_SLOT);
466 MWL8K_CMDNAME(SET_EDCA_PARAMS);
467 MWL8K_CMDNAME(SET_WMM_MODE);
468 MWL8K_CMDNAME(MIMO_CONFIG);
469 MWL8K_CMDNAME(USE_FIXED_RATE);
470 MWL8K_CMDNAME(ENABLE_SNIFFER);
471 MWL8K_CMDNAME(SET_MAC_ADDR);
472 MWL8K_CMDNAME(SET_RATEADAPT_MODE);
473 MWL8K_CMDNAME(BSS_START);
474 MWL8K_CMDNAME(SET_NEW_STN);
475 MWL8K_CMDNAME(UPDATE_ENCRYPTION);
476 MWL8K_CMDNAME(UPDATE_STADB);
477 MWL8K_CMDNAME(BASTREAM);
478 MWL8K_CMDNAME(GET_WATCHDOG_BITMAP);
479 default:
480 snprintf(buf, bufsize, "0x%x", cmd);
481 }
482#undef MWL8K_CMDNAME
483
484 return buf;
485}
486
487/* Hardware and firmware reset */
488static void mwl8k_hw_reset(struct mwl8k_priv *priv)
489{
490 iowrite32(MWL8K_H2A_INT_RESET,
491 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
492 iowrite32(MWL8K_H2A_INT_RESET,
493 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
494 msleep(20);
495}
496
497/* Release fw image */
498static void mwl8k_release_fw(const struct firmware **fw)
499{
500 if (*fw == NULL)
501 return;
502 release_firmware(*fw);
503 *fw = NULL;
504}
505
506static void mwl8k_release_firmware(struct mwl8k_priv *priv)
507{
508 mwl8k_release_fw(&priv->fw_ucode);
509 mwl8k_release_fw(&priv->fw_helper);
510}
511
512/* states for asynchronous f/w loading */
513static void mwl8k_fw_state_machine(const struct firmware *fw, void *context);
514enum {
515 FW_STATE_INIT = 0,
516 FW_STATE_LOADING_PREF,
517 FW_STATE_LOADING_ALT,
518 FW_STATE_ERROR,
519};
520
521/* Request fw image */
522static int mwl8k_request_fw(struct mwl8k_priv *priv,
523 const char *fname, const struct firmware **fw,
524 bool nowait)
525{
526 /* release current image */
527 if (*fw != NULL)
528 mwl8k_release_fw(fw);
529
530 if (nowait)
531 return request_firmware_nowait(THIS_MODULE, 1, fname,
532 &priv->pdev->dev, GFP_KERNEL,
533 priv, mwl8k_fw_state_machine);
534 else
535 return request_firmware(fw, fname, &priv->pdev->dev);
536}
537
538static int mwl8k_request_firmware(struct mwl8k_priv *priv, char *fw_image,
539 bool nowait)
540{
541 struct mwl8k_device_info *di = priv->device_info;
542 int rc;
543
544 if (di->helper_image != NULL) {
545 if (nowait)
546 rc = mwl8k_request_fw(priv, di->helper_image,
547 &priv->fw_helper, true);
548 else
549 rc = mwl8k_request_fw(priv, di->helper_image,
550 &priv->fw_helper, false);
551 if (rc)
552 printk(KERN_ERR "%s: Error requesting helper fw %s\n",
553 pci_name(priv->pdev), di->helper_image);
554
555 if (rc || nowait)
556 return rc;
557 }
558
559 if (nowait) {
560 /*
561 * if we get here, no helper image is needed. Skip the
562 * FW_STATE_INIT state.
563 */
564 priv->fw_state = FW_STATE_LOADING_PREF;
565 rc = mwl8k_request_fw(priv, fw_image,
566 &priv->fw_ucode,
567 true);
568 } else
569 rc = mwl8k_request_fw(priv, fw_image,
570 &priv->fw_ucode, false);
571 if (rc) {
572 printk(KERN_ERR "%s: Error requesting firmware file %s\n",
573 pci_name(priv->pdev), fw_image);
574 mwl8k_release_fw(&priv->fw_helper);
575 return rc;
576 }
577
578 return 0;
579}
580
581struct mwl8k_cmd_pkt {
582 __le16 code;
583 __le16 length;
584 __u8 seq_num;
585 __u8 macid;
586 __le16 result;
587 char payload[0];
588} __packed;
589
590/*
591 * Firmware loading.
592 */
593static int
594mwl8k_send_fw_load_cmd(struct mwl8k_priv *priv, void *data, int length)
595{
596 void __iomem *regs = priv->regs;
597 dma_addr_t dma_addr;
598 int loops;
599
600 dma_addr = pci_map_single(priv->pdev, data, length, PCI_DMA_TODEVICE);
601 if (pci_dma_mapping_error(priv->pdev, dma_addr))
602 return -ENOMEM;
603
604 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR);
605 iowrite32(0, regs + MWL8K_HIU_INT_CODE);
606 iowrite32(MWL8K_H2A_INT_DOORBELL,
607 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
608 iowrite32(MWL8K_H2A_INT_DUMMY,
609 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
610
611 loops = 1000;
612 do {
613 u32 int_code;
614 if (priv->is_8764) {
615 int_code = ioread32(regs +
616 MWL8K_HIU_H2A_INTERRUPT_STATUS);
617 if (int_code == 0)
618 break;
619 } else {
620 int_code = ioread32(regs + MWL8K_HIU_INT_CODE);
621 if (int_code == MWL8K_INT_CODE_CMD_FINISHED) {
622 iowrite32(0, regs + MWL8K_HIU_INT_CODE);
623 break;
624 }
625 }
626 cond_resched();
627 udelay(1);
628 } while (--loops);
629
630 pci_unmap_single(priv->pdev, dma_addr, length, PCI_DMA_TODEVICE);
631
632 return loops ? 0 : -ETIMEDOUT;
633}
634
635static int mwl8k_load_fw_image(struct mwl8k_priv *priv,
636 const u8 *data, size_t length)
637{
638 struct mwl8k_cmd_pkt *cmd;
639 int done;
640 int rc = 0;
641
642 cmd = kmalloc(sizeof(*cmd) + 256, GFP_KERNEL);
643 if (cmd == NULL)
644 return -ENOMEM;
645
646 cmd->code = cpu_to_le16(MWL8K_CMD_CODE_DNLD);
647 cmd->seq_num = 0;
648 cmd->macid = 0;
649 cmd->result = 0;
650
651 done = 0;
652 while (length) {
653 int block_size = length > 256 ? 256 : length;
654
655 memcpy(cmd->payload, data + done, block_size);
656 cmd->length = cpu_to_le16(block_size);
657
658 rc = mwl8k_send_fw_load_cmd(priv, cmd,
659 sizeof(*cmd) + block_size);
660 if (rc)
661 break;
662
663 done += block_size;
664 length -= block_size;
665 }
666
667 if (!rc) {
668 cmd->length = 0;
669 rc = mwl8k_send_fw_load_cmd(priv, cmd, sizeof(*cmd));
670 }
671
672 kfree(cmd);
673
674 return rc;
675}
676
677static int mwl8k_feed_fw_image(struct mwl8k_priv *priv,
678 const u8 *data, size_t length)
679{
680 unsigned char *buffer;
681 int may_continue, rc = 0;
682 u32 done, prev_block_size;
683
684 buffer = kmalloc(1024, GFP_KERNEL);
685 if (buffer == NULL)
686 return -ENOMEM;
687
688 done = 0;
689 prev_block_size = 0;
690 may_continue = 1000;
691 while (may_continue > 0) {
692 u32 block_size;
693
694 block_size = ioread32(priv->regs + MWL8K_HIU_SCRATCH);
695 if (block_size & 1) {
696 block_size &= ~1;
697 may_continue--;
698 } else {
699 done += prev_block_size;
700 length -= prev_block_size;
701 }
702
703 if (block_size > 1024 || block_size > length) {
704 rc = -EOVERFLOW;
705 break;
706 }
707
708 if (length == 0) {
709 rc = 0;
710 break;
711 }
712
713 if (block_size == 0) {
714 rc = -EPROTO;
715 may_continue--;
716 udelay(1);
717 continue;
718 }
719
720 prev_block_size = block_size;
721 memcpy(buffer, data + done, block_size);
722
723 rc = mwl8k_send_fw_load_cmd(priv, buffer, block_size);
724 if (rc)
725 break;
726 }
727
728 if (!rc && length != 0)
729 rc = -EREMOTEIO;
730
731 kfree(buffer);
732
733 return rc;
734}
735
736static int mwl8k_load_firmware(struct ieee80211_hw *hw)
737{
738 struct mwl8k_priv *priv = hw->priv;
739 const struct firmware *fw = priv->fw_ucode;
740 int rc;
741 int loops;
742
743 if (!memcmp(fw->data, "\x01\x00\x00\x00", 4) && !priv->is_8764) {
744 const struct firmware *helper = priv->fw_helper;
745
746 if (helper == NULL) {
747 printk(KERN_ERR "%s: helper image needed but none "
748 "given\n", pci_name(priv->pdev));
749 return -EINVAL;
750 }
751
752 rc = mwl8k_load_fw_image(priv, helper->data, helper->size);
753 if (rc) {
754 printk(KERN_ERR "%s: unable to load firmware "
755 "helper image\n", pci_name(priv->pdev));
756 return rc;
757 }
758 msleep(20);
759
760 rc = mwl8k_feed_fw_image(priv, fw->data, fw->size);
761 } else {
762 if (priv->is_8764)
763 rc = mwl8k_feed_fw_image(priv, fw->data, fw->size);
764 else
765 rc = mwl8k_load_fw_image(priv, fw->data, fw->size);
766 }
767
768 if (rc) {
769 printk(KERN_ERR "%s: unable to load firmware image\n",
770 pci_name(priv->pdev));
771 return rc;
772 }
773
774 iowrite32(MWL8K_MODE_STA, priv->regs + MWL8K_HIU_GEN_PTR);
775
776 loops = 500000;
777 do {
778 u32 ready_code;
779
780 ready_code = ioread32(priv->regs + MWL8K_HIU_INT_CODE);
781 if (ready_code == MWL8K_FWAP_READY) {
782 priv->ap_fw = true;
783 break;
784 } else if (ready_code == MWL8K_FWSTA_READY) {
785 priv->ap_fw = false;
786 break;
787 }
788
789 cond_resched();
790 udelay(1);
791 } while (--loops);
792
793 return loops ? 0 : -ETIMEDOUT;
794}
795
796
797/* DMA header used by firmware and hardware. */
798struct mwl8k_dma_data {
799 __le16 fwlen;
800 struct ieee80211_hdr wh;
801 char data[0];
802} __packed;
803
804/* Routines to add/remove DMA header from skb. */
805static inline void mwl8k_remove_dma_header(struct sk_buff *skb, __le16 qos)
806{
807 struct mwl8k_dma_data *tr;
808 int hdrlen;
809
810 tr = (struct mwl8k_dma_data *)skb->data;
811 hdrlen = ieee80211_hdrlen(tr->wh.frame_control);
812
813 if (hdrlen != sizeof(tr->wh)) {
814 if (ieee80211_is_data_qos(tr->wh.frame_control)) {
815 memmove(tr->data - hdrlen, &tr->wh, hdrlen - 2);
816 *((__le16 *)(tr->data - 2)) = qos;
817 } else {
818 memmove(tr->data - hdrlen, &tr->wh, hdrlen);
819 }
820 }
821
822 if (hdrlen != sizeof(*tr))
823 skb_pull(skb, sizeof(*tr) - hdrlen);
824}
825
826#define REDUCED_TX_HEADROOM 8
827
828static void
829mwl8k_add_dma_header(struct mwl8k_priv *priv, struct sk_buff *skb,
830 int head_pad, int tail_pad)
831{
832 struct ieee80211_hdr *wh;
833 int hdrlen;
834 int reqd_hdrlen;
835 struct mwl8k_dma_data *tr;
836
837 /*
838 * Add a firmware DMA header; the firmware requires that we
839 * present a 2-byte payload length followed by a 4-address
840 * header (without QoS field), followed (optionally) by any
841 * WEP/ExtIV header (but only filled in for CCMP).
842 */
843 wh = (struct ieee80211_hdr *)skb->data;
844
845 hdrlen = ieee80211_hdrlen(wh->frame_control);
846
847 /*
848 * Check if skb_resize is required because of
849 * tx_headroom adjustment.
850 */
851 if (priv->ap_fw && (hdrlen < (sizeof(struct ieee80211_cts)
852 + REDUCED_TX_HEADROOM))) {
853 if (pskb_expand_head(skb, REDUCED_TX_HEADROOM, 0, GFP_ATOMIC)) {
854
855 wiphy_err(priv->hw->wiphy,
856 "Failed to reallocate TX buffer\n");
857 return;
858 }
859 skb->truesize += REDUCED_TX_HEADROOM;
860 }
861
862 reqd_hdrlen = sizeof(*tr) + head_pad;
863
864 if (hdrlen != reqd_hdrlen)
865 skb_push(skb, reqd_hdrlen - hdrlen);
866
867 if (ieee80211_is_data_qos(wh->frame_control))
868 hdrlen -= IEEE80211_QOS_CTL_LEN;
869
870 tr = (struct mwl8k_dma_data *)skb->data;
871 if (wh != &tr->wh)
872 memmove(&tr->wh, wh, hdrlen);
873 if (hdrlen != sizeof(tr->wh))
874 memset(((void *)&tr->wh) + hdrlen, 0, sizeof(tr->wh) - hdrlen);
875
876 /*
877 * Firmware length is the length of the fully formed "802.11
878 * payload". That is, everything except for the 802.11 header.
879 * This includes all crypto material including the MIC.
880 */
881 tr->fwlen = cpu_to_le16(skb->len - sizeof(*tr) + tail_pad);
882}
883
884static void mwl8k_encapsulate_tx_frame(struct mwl8k_priv *priv,
885 struct sk_buff *skb)
886{
887 struct ieee80211_hdr *wh;
888 struct ieee80211_tx_info *tx_info;
889 struct ieee80211_key_conf *key_conf;
890 int data_pad;
891 int head_pad = 0;
892
893 wh = (struct ieee80211_hdr *)skb->data;
894
895 tx_info = IEEE80211_SKB_CB(skb);
896
897 key_conf = NULL;
898 if (ieee80211_is_data(wh->frame_control))
899 key_conf = tx_info->control.hw_key;
900
901 /*
902 * Make sure the packet header is in the DMA header format (4-address
903 * without QoS), and add head & tail padding when HW crypto is enabled.
904 *
905 * We have the following trailer padding requirements:
906 * - WEP: 4 trailer bytes (ICV)
907 * - TKIP: 12 trailer bytes (8 MIC + 4 ICV)
908 * - CCMP: 8 trailer bytes (MIC)
909 */
910 data_pad = 0;
911 if (key_conf != NULL) {
912 head_pad = key_conf->iv_len;
913 switch (key_conf->cipher) {
914 case WLAN_CIPHER_SUITE_WEP40:
915 case WLAN_CIPHER_SUITE_WEP104:
916 data_pad = 4;
917 break;
918 case WLAN_CIPHER_SUITE_TKIP:
919 data_pad = 12;
920 break;
921 case WLAN_CIPHER_SUITE_CCMP:
922 data_pad = 8;
923 break;
924 }
925 }
926 mwl8k_add_dma_header(priv, skb, head_pad, data_pad);
927}
928
929/*
930 * Packet reception for 88w8366/88w8764 AP firmware.
931 */
932struct mwl8k_rxd_ap {
933 __le16 pkt_len;
934 __u8 sq2;
935 __u8 rate;
936 __le32 pkt_phys_addr;
937 __le32 next_rxd_phys_addr;
938 __le16 qos_control;
939 __le16 htsig2;
940 __le32 hw_rssi_info;
941 __le32 hw_noise_floor_info;
942 __u8 noise_floor;
943 __u8 pad0[3];
944 __u8 rssi;
945 __u8 rx_status;
946 __u8 channel;
947 __u8 rx_ctrl;
948} __packed;
949
950#define MWL8K_AP_RATE_INFO_MCS_FORMAT 0x80
951#define MWL8K_AP_RATE_INFO_40MHZ 0x40
952#define MWL8K_AP_RATE_INFO_RATEID(x) ((x) & 0x3f)
953
954#define MWL8K_AP_RX_CTRL_OWNED_BY_HOST 0x80
955
956/* 8366/8764 AP rx_status bits */
957#define MWL8K_AP_RXSTAT_DECRYPT_ERR_MASK 0x80
958#define MWL8K_AP_RXSTAT_GENERAL_DECRYPT_ERR 0xFF
959#define MWL8K_AP_RXSTAT_TKIP_DECRYPT_MIC_ERR 0x02
960#define MWL8K_AP_RXSTAT_WEP_DECRYPT_ICV_ERR 0x04
961#define MWL8K_AP_RXSTAT_TKIP_DECRYPT_ICV_ERR 0x08
962
963static void mwl8k_rxd_ap_init(void *_rxd, dma_addr_t next_dma_addr)
964{
965 struct mwl8k_rxd_ap *rxd = _rxd;
966
967 rxd->next_rxd_phys_addr = cpu_to_le32(next_dma_addr);
968 rxd->rx_ctrl = MWL8K_AP_RX_CTRL_OWNED_BY_HOST;
969}
970
971static void mwl8k_rxd_ap_refill(void *_rxd, dma_addr_t addr, int len)
972{
973 struct mwl8k_rxd_ap *rxd = _rxd;
974
975 rxd->pkt_len = cpu_to_le16(len);
976 rxd->pkt_phys_addr = cpu_to_le32(addr);
977 wmb();
978 rxd->rx_ctrl = 0;
979}
980
981static int
982mwl8k_rxd_ap_process(void *_rxd, struct ieee80211_rx_status *status,
983 __le16 *qos, s8 *noise)
984{
985 struct mwl8k_rxd_ap *rxd = _rxd;
986
987 if (!(rxd->rx_ctrl & MWL8K_AP_RX_CTRL_OWNED_BY_HOST))
988 return -1;
989 rmb();
990
991 memset(status, 0, sizeof(*status));
992
993 status->signal = -rxd->rssi;
994 *noise = -rxd->noise_floor;
995
996 if (rxd->rate & MWL8K_AP_RATE_INFO_MCS_FORMAT) {
997 status->flag |= RX_FLAG_HT;
998 if (rxd->rate & MWL8K_AP_RATE_INFO_40MHZ)
999 status->flag |= RX_FLAG_40MHZ;
1000 status->rate_idx = MWL8K_AP_RATE_INFO_RATEID(rxd->rate);
1001 } else {
1002 int i;
1003
1004 for (i = 0; i < ARRAY_SIZE(mwl8k_rates_24); i++) {
1005 if (mwl8k_rates_24[i].hw_value == rxd->rate) {
1006 status->rate_idx = i;
1007 break;
1008 }
1009 }
1010 }
1011
1012 if (rxd->channel > 14) {
1013 status->band = IEEE80211_BAND_5GHZ;
1014 if (!(status->flag & RX_FLAG_HT))
1015 status->rate_idx -= 5;
1016 } else {
1017 status->band = IEEE80211_BAND_2GHZ;
1018 }
1019 status->freq = ieee80211_channel_to_frequency(rxd->channel,
1020 status->band);
1021
1022 *qos = rxd->qos_control;
1023
1024 if ((rxd->rx_status != MWL8K_AP_RXSTAT_GENERAL_DECRYPT_ERR) &&
1025 (rxd->rx_status & MWL8K_AP_RXSTAT_DECRYPT_ERR_MASK) &&
1026 (rxd->rx_status & MWL8K_AP_RXSTAT_TKIP_DECRYPT_MIC_ERR))
1027 status->flag |= RX_FLAG_MMIC_ERROR;
1028
1029 return le16_to_cpu(rxd->pkt_len);
1030}
1031
1032static struct rxd_ops rxd_ap_ops = {
1033 .rxd_size = sizeof(struct mwl8k_rxd_ap),
1034 .rxd_init = mwl8k_rxd_ap_init,
1035 .rxd_refill = mwl8k_rxd_ap_refill,
1036 .rxd_process = mwl8k_rxd_ap_process,
1037};
1038
1039/*
1040 * Packet reception for STA firmware.
1041 */
1042struct mwl8k_rxd_sta {
1043 __le16 pkt_len;
1044 __u8 link_quality;
1045 __u8 noise_level;
1046 __le32 pkt_phys_addr;
1047 __le32 next_rxd_phys_addr;
1048 __le16 qos_control;
1049 __le16 rate_info;
1050 __le32 pad0[4];
1051 __u8 rssi;
1052 __u8 channel;
1053 __le16 pad1;
1054 __u8 rx_ctrl;
1055 __u8 rx_status;
1056 __u8 pad2[2];
1057} __packed;
1058
1059#define MWL8K_STA_RATE_INFO_SHORTPRE 0x8000
1060#define MWL8K_STA_RATE_INFO_ANTSELECT(x) (((x) >> 11) & 0x3)
1061#define MWL8K_STA_RATE_INFO_RATEID(x) (((x) >> 3) & 0x3f)
1062#define MWL8K_STA_RATE_INFO_40MHZ 0x0004
1063#define MWL8K_STA_RATE_INFO_SHORTGI 0x0002
1064#define MWL8K_STA_RATE_INFO_MCS_FORMAT 0x0001
1065
1066#define MWL8K_STA_RX_CTRL_OWNED_BY_HOST 0x02
1067#define MWL8K_STA_RX_CTRL_DECRYPT_ERROR 0x04
1068/* ICV=0 or MIC=1 */
1069#define MWL8K_STA_RX_CTRL_DEC_ERR_TYPE 0x08
1070/* Key is uploaded only in failure case */
1071#define MWL8K_STA_RX_CTRL_KEY_INDEX 0x30
1072
1073static void mwl8k_rxd_sta_init(void *_rxd, dma_addr_t next_dma_addr)
1074{
1075 struct mwl8k_rxd_sta *rxd = _rxd;
1076
1077 rxd->next_rxd_phys_addr = cpu_to_le32(next_dma_addr);
1078 rxd->rx_ctrl = MWL8K_STA_RX_CTRL_OWNED_BY_HOST;
1079}
1080
1081static void mwl8k_rxd_sta_refill(void *_rxd, dma_addr_t addr, int len)
1082{
1083 struct mwl8k_rxd_sta *rxd = _rxd;
1084
1085 rxd->pkt_len = cpu_to_le16(len);
1086 rxd->pkt_phys_addr = cpu_to_le32(addr);
1087 wmb();
1088 rxd->rx_ctrl = 0;
1089}
1090
1091static int
1092mwl8k_rxd_sta_process(void *_rxd, struct ieee80211_rx_status *status,
1093 __le16 *qos, s8 *noise)
1094{
1095 struct mwl8k_rxd_sta *rxd = _rxd;
1096 u16 rate_info;
1097
1098 if (!(rxd->rx_ctrl & MWL8K_STA_RX_CTRL_OWNED_BY_HOST))
1099 return -1;
1100 rmb();
1101
1102 rate_info = le16_to_cpu(rxd->rate_info);
1103
1104 memset(status, 0, sizeof(*status));
1105
1106 status->signal = -rxd->rssi;
1107 *noise = -rxd->noise_level;
1108 status->antenna = MWL8K_STA_RATE_INFO_ANTSELECT(rate_info);
1109 status->rate_idx = MWL8K_STA_RATE_INFO_RATEID(rate_info);
1110
1111 if (rate_info & MWL8K_STA_RATE_INFO_SHORTPRE)
1112 status->flag |= RX_FLAG_SHORTPRE;
1113 if (rate_info & MWL8K_STA_RATE_INFO_40MHZ)
1114 status->flag |= RX_FLAG_40MHZ;
1115 if (rate_info & MWL8K_STA_RATE_INFO_SHORTGI)
1116 status->flag |= RX_FLAG_SHORT_GI;
1117 if (rate_info & MWL8K_STA_RATE_INFO_MCS_FORMAT)
1118 status->flag |= RX_FLAG_HT;
1119
1120 if (rxd->channel > 14) {
1121 status->band = IEEE80211_BAND_5GHZ;
1122 if (!(status->flag & RX_FLAG_HT))
1123 status->rate_idx -= 5;
1124 } else {
1125 status->band = IEEE80211_BAND_2GHZ;
1126 }
1127 status->freq = ieee80211_channel_to_frequency(rxd->channel,
1128 status->band);
1129
1130 *qos = rxd->qos_control;
1131 if ((rxd->rx_ctrl & MWL8K_STA_RX_CTRL_DECRYPT_ERROR) &&
1132 (rxd->rx_ctrl & MWL8K_STA_RX_CTRL_DEC_ERR_TYPE))
1133 status->flag |= RX_FLAG_MMIC_ERROR;
1134
1135 return le16_to_cpu(rxd->pkt_len);
1136}
1137
1138static struct rxd_ops rxd_sta_ops = {
1139 .rxd_size = sizeof(struct mwl8k_rxd_sta),
1140 .rxd_init = mwl8k_rxd_sta_init,
1141 .rxd_refill = mwl8k_rxd_sta_refill,
1142 .rxd_process = mwl8k_rxd_sta_process,
1143};
1144
1145
1146#define MWL8K_RX_DESCS 256
1147#define MWL8K_RX_MAXSZ 3800
1148
1149static int mwl8k_rxq_init(struct ieee80211_hw *hw, int index)
1150{
1151 struct mwl8k_priv *priv = hw->priv;
1152 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1153 int size;
1154 int i;
1155
1156 rxq->rxd_count = 0;
1157 rxq->head = 0;
1158 rxq->tail = 0;
1159
1160 size = MWL8K_RX_DESCS * priv->rxd_ops->rxd_size;
1161
1162 rxq->rxd = pci_alloc_consistent(priv->pdev, size, &rxq->rxd_dma);
1163 if (rxq->rxd == NULL) {
1164 wiphy_err(hw->wiphy, "failed to alloc RX descriptors\n");
1165 return -ENOMEM;
1166 }
1167 memset(rxq->rxd, 0, size);
1168
1169 rxq->buf = kcalloc(MWL8K_RX_DESCS, sizeof(*rxq->buf), GFP_KERNEL);
1170 if (rxq->buf == NULL) {
1171 pci_free_consistent(priv->pdev, size, rxq->rxd, rxq->rxd_dma);
1172 return -ENOMEM;
1173 }
1174
1175 for (i = 0; i < MWL8K_RX_DESCS; i++) {
1176 int desc_size;
1177 void *rxd;
1178 int nexti;
1179 dma_addr_t next_dma_addr;
1180
1181 desc_size = priv->rxd_ops->rxd_size;
1182 rxd = rxq->rxd + (i * priv->rxd_ops->rxd_size);
1183
1184 nexti = i + 1;
1185 if (nexti == MWL8K_RX_DESCS)
1186 nexti = 0;
1187 next_dma_addr = rxq->rxd_dma + (nexti * desc_size);
1188
1189 priv->rxd_ops->rxd_init(rxd, next_dma_addr);
1190 }
1191
1192 return 0;
1193}
1194
1195static int rxq_refill(struct ieee80211_hw *hw, int index, int limit)
1196{
1197 struct mwl8k_priv *priv = hw->priv;
1198 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1199 int refilled;
1200
1201 refilled = 0;
1202 while (rxq->rxd_count < MWL8K_RX_DESCS && limit--) {
1203 struct sk_buff *skb;
1204 dma_addr_t addr;
1205 int rx;
1206 void *rxd;
1207
1208 skb = dev_alloc_skb(MWL8K_RX_MAXSZ);
1209 if (skb == NULL)
1210 break;
1211
1212 addr = pci_map_single(priv->pdev, skb->data,
1213 MWL8K_RX_MAXSZ, DMA_FROM_DEVICE);
1214
1215 rxq->rxd_count++;
1216 rx = rxq->tail++;
1217 if (rxq->tail == MWL8K_RX_DESCS)
1218 rxq->tail = 0;
1219 rxq->buf[rx].skb = skb;
1220 dma_unmap_addr_set(&rxq->buf[rx], dma, addr);
1221
1222 rxd = rxq->rxd + (rx * priv->rxd_ops->rxd_size);
1223 priv->rxd_ops->rxd_refill(rxd, addr, MWL8K_RX_MAXSZ);
1224
1225 refilled++;
1226 }
1227
1228 return refilled;
1229}
1230
1231/* Must be called only when the card's reception is completely halted */
1232static void mwl8k_rxq_deinit(struct ieee80211_hw *hw, int index)
1233{
1234 struct mwl8k_priv *priv = hw->priv;
1235 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1236 int i;
1237
1238 if (rxq->rxd == NULL)
1239 return;
1240
1241 for (i = 0; i < MWL8K_RX_DESCS; i++) {
1242 if (rxq->buf[i].skb != NULL) {
1243 pci_unmap_single(priv->pdev,
1244 dma_unmap_addr(&rxq->buf[i], dma),
1245 MWL8K_RX_MAXSZ, PCI_DMA_FROMDEVICE);
1246 dma_unmap_addr_set(&rxq->buf[i], dma, 0);
1247
1248 kfree_skb(rxq->buf[i].skb);
1249 rxq->buf[i].skb = NULL;
1250 }
1251 }
1252
1253 kfree(rxq->buf);
1254 rxq->buf = NULL;
1255
1256 pci_free_consistent(priv->pdev,
1257 MWL8K_RX_DESCS * priv->rxd_ops->rxd_size,
1258 rxq->rxd, rxq->rxd_dma);
1259 rxq->rxd = NULL;
1260}
1261
1262
1263/*
1264 * Scan a list of BSSIDs to process for finalize join.
1265 * Allows for extension to process multiple BSSIDs.
1266 */
1267static inline int
1268mwl8k_capture_bssid(struct mwl8k_priv *priv, struct ieee80211_hdr *wh)
1269{
1270 return priv->capture_beacon &&
1271 ieee80211_is_beacon(wh->frame_control) &&
1272 ether_addr_equal_64bits(wh->addr3, priv->capture_bssid);
1273}
1274
1275static inline void mwl8k_save_beacon(struct ieee80211_hw *hw,
1276 struct sk_buff *skb)
1277{
1278 struct mwl8k_priv *priv = hw->priv;
1279
1280 priv->capture_beacon = false;
1281 memset(priv->capture_bssid, 0, ETH_ALEN);
1282
1283 /*
1284 * Use GFP_ATOMIC as rxq_process is called from
1285 * the primary interrupt handler, memory allocation call
1286 * must not sleep.
1287 */
1288 priv->beacon_skb = skb_copy(skb, GFP_ATOMIC);
1289 if (priv->beacon_skb != NULL)
1290 ieee80211_queue_work(hw, &priv->finalize_join_worker);
1291}
1292
1293static inline struct mwl8k_vif *mwl8k_find_vif_bss(struct list_head *vif_list,
1294 u8 *bssid)
1295{
1296 struct mwl8k_vif *mwl8k_vif;
1297
1298 list_for_each_entry(mwl8k_vif,
1299 vif_list, list) {
1300 if (memcmp(bssid, mwl8k_vif->bssid,
1301 ETH_ALEN) == 0)
1302 return mwl8k_vif;
1303 }
1304
1305 return NULL;
1306}
1307
1308static int rxq_process(struct ieee80211_hw *hw, int index, int limit)
1309{
1310 struct mwl8k_priv *priv = hw->priv;
1311 struct mwl8k_vif *mwl8k_vif = NULL;
1312 struct mwl8k_rx_queue *rxq = priv->rxq + index;
1313 int processed;
1314
1315 processed = 0;
1316 while (rxq->rxd_count && limit--) {
1317 struct sk_buff *skb;
1318 void *rxd;
1319 int pkt_len;
1320 struct ieee80211_rx_status status;
1321 struct ieee80211_hdr *wh;
1322 __le16 qos;
1323
1324 skb = rxq->buf[rxq->head].skb;
1325 if (skb == NULL)
1326 break;
1327
1328 rxd = rxq->rxd + (rxq->head * priv->rxd_ops->rxd_size);
1329
1330 pkt_len = priv->rxd_ops->rxd_process(rxd, &status, &qos,
1331 &priv->noise);
1332 if (pkt_len < 0)
1333 break;
1334
1335 rxq->buf[rxq->head].skb = NULL;
1336
1337 pci_unmap_single(priv->pdev,
1338 dma_unmap_addr(&rxq->buf[rxq->head], dma),
1339 MWL8K_RX_MAXSZ, PCI_DMA_FROMDEVICE);
1340 dma_unmap_addr_set(&rxq->buf[rxq->head], dma, 0);
1341
1342 rxq->head++;
1343 if (rxq->head == MWL8K_RX_DESCS)
1344 rxq->head = 0;
1345
1346 rxq->rxd_count--;
1347
1348 wh = &((struct mwl8k_dma_data *)skb->data)->wh;
1349
1350 /*
1351 * Check for a pending join operation. Save a
1352 * copy of the beacon and schedule a tasklet to
1353 * send a FINALIZE_JOIN command to the firmware.
1354 */
1355 if (mwl8k_capture_bssid(priv, (void *)skb->data))
1356 mwl8k_save_beacon(hw, skb);
1357
1358 if (ieee80211_has_protected(wh->frame_control)) {
1359
1360 /* Check if hw crypto has been enabled for
1361 * this bss. If yes, set the status flags
1362 * accordingly
1363 */
1364 mwl8k_vif = mwl8k_find_vif_bss(&priv->vif_list,
1365 wh->addr1);
1366
1367 if (mwl8k_vif != NULL &&
1368 mwl8k_vif->is_hw_crypto_enabled) {
1369 /*
1370 * When MMIC ERROR is encountered
1371 * by the firmware, payload is
1372 * dropped and only 32 bytes of
1373 * mwl8k Firmware header is sent
1374 * to the host.
1375 *
1376 * We need to add four bytes of
1377 * key information. In it
1378 * MAC80211 expects keyidx set to
1379 * 0 for triggering Counter
1380 * Measure of MMIC failure.
1381 */
1382 if (status.flag & RX_FLAG_MMIC_ERROR) {
1383 struct mwl8k_dma_data *tr;
1384 tr = (struct mwl8k_dma_data *)skb->data;
1385 memset((void *)&(tr->data), 0, 4);
1386 pkt_len += 4;
1387 }
1388
1389 if (!ieee80211_is_auth(wh->frame_control))
1390 status.flag |= RX_FLAG_IV_STRIPPED |
1391 RX_FLAG_DECRYPTED |
1392 RX_FLAG_MMIC_STRIPPED;
1393 }
1394 }
1395
1396 skb_put(skb, pkt_len);
1397 mwl8k_remove_dma_header(skb, qos);
1398 memcpy(IEEE80211_SKB_RXCB(skb), &status, sizeof(status));
1399 ieee80211_rx_irqsafe(hw, skb);
1400
1401 processed++;
1402 }
1403
1404 return processed;
1405}
1406
1407
1408/*
1409 * Packet transmission.
1410 */
1411
1412#define MWL8K_TXD_STATUS_OK 0x00000001
1413#define MWL8K_TXD_STATUS_OK_RETRY 0x00000002
1414#define MWL8K_TXD_STATUS_OK_MORE_RETRY 0x00000004
1415#define MWL8K_TXD_STATUS_MULTICAST_TX 0x00000008
1416#define MWL8K_TXD_STATUS_FW_OWNED 0x80000000
1417
1418#define MWL8K_QOS_QLEN_UNSPEC 0xff00
1419#define MWL8K_QOS_ACK_POLICY_MASK 0x0060
1420#define MWL8K_QOS_ACK_POLICY_NORMAL 0x0000
1421#define MWL8K_QOS_ACK_POLICY_BLOCKACK 0x0060
1422#define MWL8K_QOS_EOSP 0x0010
1423
1424struct mwl8k_tx_desc {
1425 __le32 status;
1426 __u8 data_rate;
1427 __u8 tx_priority;
1428 __le16 qos_control;
1429 __le32 pkt_phys_addr;
1430 __le16 pkt_len;
1431 __u8 dest_MAC_addr[ETH_ALEN];
1432 __le32 next_txd_phys_addr;
1433 __le32 timestamp;
1434 __le16 rate_info;
1435 __u8 peer_id;
1436 __u8 tx_frag_cnt;
1437} __packed;
1438
1439#define MWL8K_TX_DESCS 128
1440
1441static int mwl8k_txq_init(struct ieee80211_hw *hw, int index)
1442{
1443 struct mwl8k_priv *priv = hw->priv;
1444 struct mwl8k_tx_queue *txq = priv->txq + index;
1445 int size;
1446 int i;
1447
1448 txq->len = 0;
1449 txq->head = 0;
1450 txq->tail = 0;
1451
1452 size = MWL8K_TX_DESCS * sizeof(struct mwl8k_tx_desc);
1453
1454 txq->txd = pci_alloc_consistent(priv->pdev, size, &txq->txd_dma);
1455 if (txq->txd == NULL) {
1456 wiphy_err(hw->wiphy, "failed to alloc TX descriptors\n");
1457 return -ENOMEM;
1458 }
1459 memset(txq->txd, 0, size);
1460
1461 txq->skb = kcalloc(MWL8K_TX_DESCS, sizeof(*txq->skb), GFP_KERNEL);
1462 if (txq->skb == NULL) {
1463 pci_free_consistent(priv->pdev, size, txq->txd, txq->txd_dma);
1464 return -ENOMEM;
1465 }
1466
1467 for (i = 0; i < MWL8K_TX_DESCS; i++) {
1468 struct mwl8k_tx_desc *tx_desc;
1469 int nexti;
1470
1471 tx_desc = txq->txd + i;
1472 nexti = (i + 1) % MWL8K_TX_DESCS;
1473
1474 tx_desc->status = 0;
1475 tx_desc->next_txd_phys_addr =
1476 cpu_to_le32(txq->txd_dma + nexti * sizeof(*tx_desc));
1477 }
1478
1479 return 0;
1480}
1481
1482static inline void mwl8k_tx_start(struct mwl8k_priv *priv)
1483{
1484 iowrite32(MWL8K_H2A_INT_PPA_READY,
1485 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
1486 iowrite32(MWL8K_H2A_INT_DUMMY,
1487 priv->regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
1488 ioread32(priv->regs + MWL8K_HIU_INT_CODE);
1489}
1490
1491static void mwl8k_dump_tx_rings(struct ieee80211_hw *hw)
1492{
1493 struct mwl8k_priv *priv = hw->priv;
1494 int i;
1495
1496 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
1497 struct mwl8k_tx_queue *txq = priv->txq + i;
1498 int fw_owned = 0;
1499 int drv_owned = 0;
1500 int unused = 0;
1501 int desc;
1502
1503 for (desc = 0; desc < MWL8K_TX_DESCS; desc++) {
1504 struct mwl8k_tx_desc *tx_desc = txq->txd + desc;
1505 u32 status;
1506
1507 status = le32_to_cpu(tx_desc->status);
1508 if (status & MWL8K_TXD_STATUS_FW_OWNED)
1509 fw_owned++;
1510 else
1511 drv_owned++;
1512
1513 if (tx_desc->pkt_len == 0)
1514 unused++;
1515 }
1516
1517 wiphy_err(hw->wiphy,
1518 "txq[%d] len=%d head=%d tail=%d "
1519 "fw_owned=%d drv_owned=%d unused=%d\n",
1520 i,
1521 txq->len, txq->head, txq->tail,
1522 fw_owned, drv_owned, unused);
1523 }
1524}
1525
1526/*
1527 * Must be called with priv->fw_mutex held and tx queues stopped.
1528 */
1529#define MWL8K_TX_WAIT_TIMEOUT_MS 5000
1530
1531static int mwl8k_tx_wait_empty(struct ieee80211_hw *hw)
1532{
1533 struct mwl8k_priv *priv = hw->priv;
1534 DECLARE_COMPLETION_ONSTACK(tx_wait);
1535 int retry;
1536 int rc;
1537
1538 might_sleep();
1539
1540 /* Since fw restart is in progress, allow only the firmware
1541 * commands from the restart code and block the other
1542 * commands since they are going to fail in any case since
1543 * the firmware has crashed
1544 */
1545 if (priv->hw_restart_in_progress) {
1546 if (priv->hw_restart_owner == current)
1547 return 0;
1548 else
1549 return -EBUSY;
1550 }
1551
1552 if (atomic_read(&priv->watchdog_event_pending))
1553 return 0;
1554
1555 /*
1556 * The TX queues are stopped at this point, so this test
1557 * doesn't need to take ->tx_lock.
1558 */
1559 if (!priv->pending_tx_pkts)
1560 return 0;
1561
1562 retry = 1;
1563 rc = 0;
1564
1565 spin_lock_bh(&priv->tx_lock);
1566 priv->tx_wait = &tx_wait;
1567 while (!rc) {
1568 int oldcount;
1569 unsigned long timeout;
1570
1571 oldcount = priv->pending_tx_pkts;
1572
1573 spin_unlock_bh(&priv->tx_lock);
1574 timeout = wait_for_completion_timeout(&tx_wait,
1575 msecs_to_jiffies(MWL8K_TX_WAIT_TIMEOUT_MS));
1576
1577 if (atomic_read(&priv->watchdog_event_pending)) {
1578 spin_lock_bh(&priv->tx_lock);
1579 priv->tx_wait = NULL;
1580 spin_unlock_bh(&priv->tx_lock);
1581 return 0;
1582 }
1583
1584 spin_lock_bh(&priv->tx_lock);
1585
1586 if (timeout || !priv->pending_tx_pkts) {
1587 WARN_ON(priv->pending_tx_pkts);
1588 if (retry)
1589 wiphy_notice(hw->wiphy, "tx rings drained\n");
1590 break;
1591 }
1592
1593 if (retry) {
1594 mwl8k_tx_start(priv);
1595 retry = 0;
1596 continue;
1597 }
1598
1599 if (priv->pending_tx_pkts < oldcount) {
1600 wiphy_notice(hw->wiphy,
1601 "waiting for tx rings to drain (%d -> %d pkts)\n",
1602 oldcount, priv->pending_tx_pkts);
1603 retry = 1;
1604 continue;
1605 }
1606
1607 priv->tx_wait = NULL;
1608
1609 wiphy_err(hw->wiphy, "tx rings stuck for %d ms\n",
1610 MWL8K_TX_WAIT_TIMEOUT_MS);
1611 mwl8k_dump_tx_rings(hw);
1612 priv->hw_restart_in_progress = true;
1613 ieee80211_queue_work(hw, &priv->fw_reload);
1614
1615 rc = -ETIMEDOUT;
1616 }
1617 priv->tx_wait = NULL;
1618 spin_unlock_bh(&priv->tx_lock);
1619
1620 return rc;
1621}
1622
1623#define MWL8K_TXD_SUCCESS(status) \
1624 ((status) & (MWL8K_TXD_STATUS_OK | \
1625 MWL8K_TXD_STATUS_OK_RETRY | \
1626 MWL8K_TXD_STATUS_OK_MORE_RETRY))
1627
1628static int mwl8k_tid_queue_mapping(u8 tid)
1629{
1630 BUG_ON(tid > 7);
1631
1632 switch (tid) {
1633 case 0:
1634 case 3:
1635 return IEEE80211_AC_BE;
1636 break;
1637 case 1:
1638 case 2:
1639 return IEEE80211_AC_BK;
1640 break;
1641 case 4:
1642 case 5:
1643 return IEEE80211_AC_VI;
1644 break;
1645 case 6:
1646 case 7:
1647 return IEEE80211_AC_VO;
1648 break;
1649 default:
1650 return -1;
1651 break;
1652 }
1653}
1654
1655/* The firmware will fill in the rate information
1656 * for each packet that gets queued in the hardware
1657 * and these macros will interpret that info.
1658 */
1659
1660#define RI_FORMAT(a) (a & 0x0001)
1661#define RI_RATE_ID_MCS(a) ((a & 0x01f8) >> 3)
1662
1663static int
1664mwl8k_txq_reclaim(struct ieee80211_hw *hw, int index, int limit, int force)
1665{
1666 struct mwl8k_priv *priv = hw->priv;
1667 struct mwl8k_tx_queue *txq = priv->txq + index;
1668 int processed;
1669
1670 processed = 0;
1671 while (txq->len > 0 && limit--) {
1672 int tx;
1673 struct mwl8k_tx_desc *tx_desc;
1674 unsigned long addr;
1675 int size;
1676 struct sk_buff *skb;
1677 struct ieee80211_tx_info *info;
1678 u32 status;
1679 struct ieee80211_sta *sta;
1680 struct mwl8k_sta *sta_info = NULL;
1681 u16 rate_info;
1682 struct ieee80211_hdr *wh;
1683
1684 tx = txq->head;
1685 tx_desc = txq->txd + tx;
1686
1687 status = le32_to_cpu(tx_desc->status);
1688
1689 if (status & MWL8K_TXD_STATUS_FW_OWNED) {
1690 if (!force)
1691 break;
1692 tx_desc->status &=
1693 ~cpu_to_le32(MWL8K_TXD_STATUS_FW_OWNED);
1694 }
1695
1696 txq->head = (tx + 1) % MWL8K_TX_DESCS;
1697 BUG_ON(txq->len == 0);
1698 txq->len--;
1699 priv->pending_tx_pkts--;
1700
1701 addr = le32_to_cpu(tx_desc->pkt_phys_addr);
1702 size = le16_to_cpu(tx_desc->pkt_len);
1703 skb = txq->skb[tx];
1704 txq->skb[tx] = NULL;
1705
1706 BUG_ON(skb == NULL);
1707 pci_unmap_single(priv->pdev, addr, size, PCI_DMA_TODEVICE);
1708
1709 mwl8k_remove_dma_header(skb, tx_desc->qos_control);
1710
1711 wh = (struct ieee80211_hdr *) skb->data;
1712
1713 /* Mark descriptor as unused */
1714 tx_desc->pkt_phys_addr = 0;
1715 tx_desc->pkt_len = 0;
1716
1717 info = IEEE80211_SKB_CB(skb);
1718 if (ieee80211_is_data(wh->frame_control)) {
1719 rcu_read_lock();
1720 sta = ieee80211_find_sta_by_ifaddr(hw, wh->addr1,
1721 wh->addr2);
1722 if (sta) {
1723 sta_info = MWL8K_STA(sta);
1724 BUG_ON(sta_info == NULL);
1725 rate_info = le16_to_cpu(tx_desc->rate_info);
1726 /* If rate is < 6.5 Mpbs for an ht station
1727 * do not form an ampdu. If the station is a
1728 * legacy station (format = 0), do not form an
1729 * ampdu
1730 */
1731 if (RI_RATE_ID_MCS(rate_info) < 1 ||
1732 RI_FORMAT(rate_info) == 0) {
1733 sta_info->is_ampdu_allowed = false;
1734 } else {
1735 sta_info->is_ampdu_allowed = true;
1736 }
1737 }
1738 rcu_read_unlock();
1739 }
1740
1741 ieee80211_tx_info_clear_status(info);
1742
1743 /* Rate control is happening in the firmware.
1744 * Ensure no tx rate is being reported.
1745 */
1746 info->status.rates[0].idx = -1;
1747 info->status.rates[0].count = 1;
1748
1749 if (MWL8K_TXD_SUCCESS(status))
1750 info->flags |= IEEE80211_TX_STAT_ACK;
1751
1752 ieee80211_tx_status_irqsafe(hw, skb);
1753
1754 processed++;
1755 }
1756
1757 return processed;
1758}
1759
1760/* must be called only when the card's transmit is completely halted */
1761static void mwl8k_txq_deinit(struct ieee80211_hw *hw, int index)
1762{
1763 struct mwl8k_priv *priv = hw->priv;
1764 struct mwl8k_tx_queue *txq = priv->txq + index;
1765
1766 if (txq->txd == NULL)
1767 return;
1768
1769 mwl8k_txq_reclaim(hw, index, INT_MAX, 1);
1770
1771 kfree(txq->skb);
1772 txq->skb = NULL;
1773
1774 pci_free_consistent(priv->pdev,
1775 MWL8K_TX_DESCS * sizeof(struct mwl8k_tx_desc),
1776 txq->txd, txq->txd_dma);
1777 txq->txd = NULL;
1778}
1779
1780/* caller must hold priv->stream_lock when calling the stream functions */
1781static struct mwl8k_ampdu_stream *
1782mwl8k_add_stream(struct ieee80211_hw *hw, struct ieee80211_sta *sta, u8 tid)
1783{
1784 struct mwl8k_ampdu_stream *stream;
1785 struct mwl8k_priv *priv = hw->priv;
1786 int i;
1787
1788 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
1789 stream = &priv->ampdu[i];
1790 if (stream->state == AMPDU_NO_STREAM) {
1791 stream->sta = sta;
1792 stream->state = AMPDU_STREAM_NEW;
1793 stream->tid = tid;
1794 stream->idx = i;
1795 wiphy_debug(hw->wiphy, "Added a new stream for %pM %d",
1796 sta->addr, tid);
1797 return stream;
1798 }
1799 }
1800 return NULL;
1801}
1802
1803static int
1804mwl8k_start_stream(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream)
1805{
1806 int ret;
1807
1808 /* if the stream has already been started, don't start it again */
1809 if (stream->state != AMPDU_STREAM_NEW)
1810 return 0;
1811 ret = ieee80211_start_tx_ba_session(stream->sta, stream->tid, 0);
1812 if (ret)
1813 wiphy_debug(hw->wiphy, "Failed to start stream for %pM %d: "
1814 "%d\n", stream->sta->addr, stream->tid, ret);
1815 else
1816 wiphy_debug(hw->wiphy, "Started stream for %pM %d\n",
1817 stream->sta->addr, stream->tid);
1818 return ret;
1819}
1820
1821static void
1822mwl8k_remove_stream(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream)
1823{
1824 wiphy_debug(hw->wiphy, "Remove stream for %pM %d\n", stream->sta->addr,
1825 stream->tid);
1826 memset(stream, 0, sizeof(*stream));
1827}
1828
1829static struct mwl8k_ampdu_stream *
1830mwl8k_lookup_stream(struct ieee80211_hw *hw, u8 *addr, u8 tid)
1831{
1832 struct mwl8k_priv *priv = hw->priv;
1833 int i;
1834
1835 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
1836 struct mwl8k_ampdu_stream *stream;
1837 stream = &priv->ampdu[i];
1838 if (stream->state == AMPDU_NO_STREAM)
1839 continue;
1840 if (!memcmp(stream->sta->addr, addr, ETH_ALEN) &&
1841 stream->tid == tid)
1842 return stream;
1843 }
1844 return NULL;
1845}
1846
1847#define MWL8K_AMPDU_PACKET_THRESHOLD 64
1848static inline bool mwl8k_ampdu_allowed(struct ieee80211_sta *sta, u8 tid)
1849{
1850 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
1851 struct tx_traffic_info *tx_stats;
1852
1853 BUG_ON(tid >= MWL8K_MAX_TID);
1854 tx_stats = &sta_info->tx_stats[tid];
1855
1856 return sta_info->is_ampdu_allowed &&
1857 tx_stats->pkts > MWL8K_AMPDU_PACKET_THRESHOLD;
1858}
1859
1860static inline void mwl8k_tx_count_packet(struct ieee80211_sta *sta, u8 tid)
1861{
1862 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
1863 struct tx_traffic_info *tx_stats;
1864
1865 BUG_ON(tid >= MWL8K_MAX_TID);
1866 tx_stats = &sta_info->tx_stats[tid];
1867
1868 if (tx_stats->start_time == 0)
1869 tx_stats->start_time = jiffies;
1870
1871 /* reset the packet count after each second elapses. If the number of
1872 * packets ever exceeds the ampdu_min_traffic threshold, we will allow
1873 * an ampdu stream to be started.
1874 */
1875 if (jiffies - tx_stats->start_time > HZ) {
1876 tx_stats->pkts = 0;
1877 tx_stats->start_time = 0;
1878 } else
1879 tx_stats->pkts++;
1880}
1881
1882/* The hardware ampdu queues start from 5.
1883 * txpriorities for ampdu queues are
1884 * 5 6 7 0 1 2 3 4 ie., queue 5 is highest
1885 * and queue 3 is lowest (queue 4 is reserved)
1886 */
1887#define BA_QUEUE 5
1888
1889static void
1890mwl8k_txq_xmit(struct ieee80211_hw *hw,
1891 int index,
1892 struct ieee80211_sta *sta,
1893 struct sk_buff *skb)
1894{
1895 struct mwl8k_priv *priv = hw->priv;
1896 struct ieee80211_tx_info *tx_info;
1897 struct mwl8k_vif *mwl8k_vif;
1898 struct ieee80211_hdr *wh;
1899 struct mwl8k_tx_queue *txq;
1900 struct mwl8k_tx_desc *tx;
1901 dma_addr_t dma;
1902 u32 txstatus;
1903 u8 txdatarate;
1904 u16 qos;
1905 int txpriority;
1906 u8 tid = 0;
1907 struct mwl8k_ampdu_stream *stream = NULL;
1908 bool start_ba_session = false;
1909 bool mgmtframe = false;
1910 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)skb->data;
1911 bool eapol_frame = false;
1912
1913 wh = (struct ieee80211_hdr *)skb->data;
1914 if (ieee80211_is_data_qos(wh->frame_control))
1915 qos = le16_to_cpu(*((__le16 *)ieee80211_get_qos_ctl(wh)));
1916 else
1917 qos = 0;
1918
1919 if (skb->protocol == cpu_to_be16(ETH_P_PAE))
1920 eapol_frame = true;
1921
1922 if (ieee80211_is_mgmt(wh->frame_control))
1923 mgmtframe = true;
1924
1925 if (priv->ap_fw)
1926 mwl8k_encapsulate_tx_frame(priv, skb);
1927 else
1928 mwl8k_add_dma_header(priv, skb, 0, 0);
1929
1930 wh = &((struct mwl8k_dma_data *)skb->data)->wh;
1931
1932 tx_info = IEEE80211_SKB_CB(skb);
1933 mwl8k_vif = MWL8K_VIF(tx_info->control.vif);
1934
1935 if (tx_info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) {
1936 wh->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
1937 wh->seq_ctrl |= cpu_to_le16(mwl8k_vif->seqno);
1938 mwl8k_vif->seqno += 0x10;
1939 }
1940
1941 /* Setup firmware control bit fields for each frame type. */
1942 txstatus = 0;
1943 txdatarate = 0;
1944 if (ieee80211_is_mgmt(wh->frame_control) ||
1945 ieee80211_is_ctl(wh->frame_control)) {
1946 txdatarate = 0;
1947 qos |= MWL8K_QOS_QLEN_UNSPEC | MWL8K_QOS_EOSP;
1948 } else if (ieee80211_is_data(wh->frame_control)) {
1949 txdatarate = 1;
1950 if (is_multicast_ether_addr(wh->addr1))
1951 txstatus |= MWL8K_TXD_STATUS_MULTICAST_TX;
1952
1953 qos &= ~MWL8K_QOS_ACK_POLICY_MASK;
1954 if (tx_info->flags & IEEE80211_TX_CTL_AMPDU)
1955 qos |= MWL8K_QOS_ACK_POLICY_BLOCKACK;
1956 else
1957 qos |= MWL8K_QOS_ACK_POLICY_NORMAL;
1958 }
1959
1960 /* Queue ADDBA request in the respective data queue. While setting up
1961 * the ampdu stream, mac80211 queues further packets for that
1962 * particular ra/tid pair. However, packets piled up in the hardware
1963 * for that ra/tid pair will still go out. ADDBA request and the
1964 * related data packets going out from different queues asynchronously
1965 * will cause a shift in the receiver window which might result in
1966 * ampdu packets getting dropped at the receiver after the stream has
1967 * been setup.
1968 */
1969 if (unlikely(ieee80211_is_action(wh->frame_control) &&
1970 mgmt->u.action.category == WLAN_CATEGORY_BACK &&
1971 mgmt->u.action.u.addba_req.action_code == WLAN_ACTION_ADDBA_REQ &&
1972 priv->ap_fw)) {
1973 u16 capab = le16_to_cpu(mgmt->u.action.u.addba_req.capab);
1974 tid = (capab & IEEE80211_ADDBA_PARAM_TID_MASK) >> 2;
1975 index = mwl8k_tid_queue_mapping(tid);
1976 }
1977
1978 txpriority = index;
1979
1980 if (priv->ap_fw && sta && sta->ht_cap.ht_supported && !eapol_frame &&
1981 ieee80211_is_data_qos(wh->frame_control)) {
1982 tid = qos & 0xf;
1983 mwl8k_tx_count_packet(sta, tid);
1984 spin_lock(&priv->stream_lock);
1985 stream = mwl8k_lookup_stream(hw, sta->addr, tid);
1986 if (stream != NULL) {
1987 if (stream->state == AMPDU_STREAM_ACTIVE) {
1988 WARN_ON(!(qos & MWL8K_QOS_ACK_POLICY_BLOCKACK));
1989 txpriority = (BA_QUEUE + stream->idx) %
1990 TOTAL_HW_TX_QUEUES;
1991 if (stream->idx <= 1)
1992 index = stream->idx +
1993 MWL8K_TX_WMM_QUEUES;
1994
1995 } else if (stream->state == AMPDU_STREAM_NEW) {
1996 /* We get here if the driver sends us packets
1997 * after we've initiated a stream, but before
1998 * our ampdu_action routine has been called
1999 * with IEEE80211_AMPDU_TX_START to get the SSN
2000 * for the ADDBA request. So this packet can
2001 * go out with no risk of sequence number
2002 * mismatch. No special handling is required.
2003 */
2004 } else {
2005 /* Drop packets that would go out after the
2006 * ADDBA request was sent but before the ADDBA
2007 * response is received. If we don't do this,
2008 * the recipient would probably receive it
2009 * after the ADDBA request with SSN 0. This
2010 * will cause the recipient's BA receive window
2011 * to shift, which would cause the subsequent
2012 * packets in the BA stream to be discarded.
2013 * mac80211 queues our packets for us in this
2014 * case, so this is really just a safety check.
2015 */
2016 wiphy_warn(hw->wiphy,
2017 "Cannot send packet while ADDBA "
2018 "dialog is underway.\n");
2019 spin_unlock(&priv->stream_lock);
2020 dev_kfree_skb(skb);
2021 return;
2022 }
2023 } else {
2024 /* Defer calling mwl8k_start_stream so that the current
2025 * skb can go out before the ADDBA request. This
2026 * prevents sequence number mismatch at the recepient
2027 * as described above.
2028 */
2029 if (mwl8k_ampdu_allowed(sta, tid)) {
2030 stream = mwl8k_add_stream(hw, sta, tid);
2031 if (stream != NULL)
2032 start_ba_session = true;
2033 }
2034 }
2035 spin_unlock(&priv->stream_lock);
2036 } else {
2037 qos &= ~MWL8K_QOS_ACK_POLICY_MASK;
2038 qos |= MWL8K_QOS_ACK_POLICY_NORMAL;
2039 }
2040
2041 dma = pci_map_single(priv->pdev, skb->data,
2042 skb->len, PCI_DMA_TODEVICE);
2043
2044 if (pci_dma_mapping_error(priv->pdev, dma)) {
2045 wiphy_debug(hw->wiphy,
2046 "failed to dma map skb, dropping TX frame.\n");
2047 if (start_ba_session) {
2048 spin_lock(&priv->stream_lock);
2049 mwl8k_remove_stream(hw, stream);
2050 spin_unlock(&priv->stream_lock);
2051 }
2052 dev_kfree_skb(skb);
2053 return;
2054 }
2055
2056 spin_lock_bh(&priv->tx_lock);
2057
2058 txq = priv->txq + index;
2059
2060 /* Mgmt frames that go out frequently are probe
2061 * responses. Other mgmt frames got out relatively
2062 * infrequently. Hence reserve 2 buffers so that
2063 * other mgmt frames do not get dropped due to an
2064 * already queued probe response in one of the
2065 * reserved buffers.
2066 */
2067
2068 if (txq->len >= MWL8K_TX_DESCS - 2) {
2069 if (!mgmtframe || txq->len == MWL8K_TX_DESCS) {
2070 if (start_ba_session) {
2071 spin_lock(&priv->stream_lock);
2072 mwl8k_remove_stream(hw, stream);
2073 spin_unlock(&priv->stream_lock);
2074 }
2075 mwl8k_tx_start(priv);
2076 spin_unlock_bh(&priv->tx_lock);
2077 pci_unmap_single(priv->pdev, dma, skb->len,
2078 PCI_DMA_TODEVICE);
2079 dev_kfree_skb(skb);
2080 return;
2081 }
2082 }
2083
2084 BUG_ON(txq->skb[txq->tail] != NULL);
2085 txq->skb[txq->tail] = skb;
2086
2087 tx = txq->txd + txq->tail;
2088 tx->data_rate = txdatarate;
2089 tx->tx_priority = txpriority;
2090 tx->qos_control = cpu_to_le16(qos);
2091 tx->pkt_phys_addr = cpu_to_le32(dma);
2092 tx->pkt_len = cpu_to_le16(skb->len);
2093 tx->rate_info = 0;
2094 if (!priv->ap_fw && sta != NULL)
2095 tx->peer_id = MWL8K_STA(sta)->peer_id;
2096 else
2097 tx->peer_id = 0;
2098
2099 if (priv->ap_fw && ieee80211_is_data(wh->frame_control) && !eapol_frame)
2100 tx->timestamp = cpu_to_le32(ioread32(priv->regs +
2101 MWL8K_HW_TIMER_REGISTER));
2102 else
2103 tx->timestamp = 0;
2104
2105 wmb();
2106 tx->status = cpu_to_le32(MWL8K_TXD_STATUS_FW_OWNED | txstatus);
2107
2108 txq->len++;
2109 priv->pending_tx_pkts++;
2110
2111 txq->tail++;
2112 if (txq->tail == MWL8K_TX_DESCS)
2113 txq->tail = 0;
2114
2115 mwl8k_tx_start(priv);
2116
2117 spin_unlock_bh(&priv->tx_lock);
2118
2119 /* Initiate the ampdu session here */
2120 if (start_ba_session) {
2121 spin_lock(&priv->stream_lock);
2122 if (mwl8k_start_stream(hw, stream))
2123 mwl8k_remove_stream(hw, stream);
2124 spin_unlock(&priv->stream_lock);
2125 }
2126}
2127
2128
2129/*
2130 * Firmware access.
2131 *
2132 * We have the following requirements for issuing firmware commands:
2133 * - Some commands require that the packet transmit path is idle when
2134 * the command is issued. (For simplicity, we'll just quiesce the
2135 * transmit path for every command.)
2136 * - There are certain sequences of commands that need to be issued to
2137 * the hardware sequentially, with no other intervening commands.
2138 *
2139 * This leads to an implementation of a "firmware lock" as a mutex that
2140 * can be taken recursively, and which is taken by both the low-level
2141 * command submission function (mwl8k_post_cmd) as well as any users of
2142 * that function that require issuing of an atomic sequence of commands,
2143 * and quiesces the transmit path whenever it's taken.
2144 */
2145static int mwl8k_fw_lock(struct ieee80211_hw *hw)
2146{
2147 struct mwl8k_priv *priv = hw->priv;
2148
2149 if (priv->fw_mutex_owner != current) {
2150 int rc;
2151
2152 mutex_lock(&priv->fw_mutex);
2153 ieee80211_stop_queues(hw);
2154
2155 rc = mwl8k_tx_wait_empty(hw);
2156 if (rc) {
2157 if (!priv->hw_restart_in_progress)
2158 ieee80211_wake_queues(hw);
2159
2160 mutex_unlock(&priv->fw_mutex);
2161
2162 return rc;
2163 }
2164
2165 priv->fw_mutex_owner = current;
2166 }
2167
2168 priv->fw_mutex_depth++;
2169
2170 return 0;
2171}
2172
2173static void mwl8k_fw_unlock(struct ieee80211_hw *hw)
2174{
2175 struct mwl8k_priv *priv = hw->priv;
2176
2177 if (!--priv->fw_mutex_depth) {
2178 if (!priv->hw_restart_in_progress)
2179 ieee80211_wake_queues(hw);
2180
2181 priv->fw_mutex_owner = NULL;
2182 mutex_unlock(&priv->fw_mutex);
2183 }
2184}
2185
2186static void mwl8k_enable_bsses(struct ieee80211_hw *hw, bool enable,
2187 u32 bitmap);
2188
2189/*
2190 * Command processing.
2191 */
2192
2193/* Timeout firmware commands after 10s */
2194#define MWL8K_CMD_TIMEOUT_MS 10000
2195
2196static int mwl8k_post_cmd(struct ieee80211_hw *hw, struct mwl8k_cmd_pkt *cmd)
2197{
2198 DECLARE_COMPLETION_ONSTACK(cmd_wait);
2199 struct mwl8k_priv *priv = hw->priv;
2200 void __iomem *regs = priv->regs;
2201 dma_addr_t dma_addr;
2202 unsigned int dma_size;
2203 int rc;
2204 unsigned long timeout = 0;
2205 u8 buf[32];
2206 u32 bitmap = 0;
2207
2208 wiphy_dbg(hw->wiphy, "Posting %s [%d]\n",
2209 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)), cmd->macid);
2210
2211 /* Before posting firmware commands that could change the hardware
2212 * characteristics, make sure that all BSSes are stopped temporary.
2213 * Enable these stopped BSSes after completion of the commands
2214 */
2215
2216 rc = mwl8k_fw_lock(hw);
2217 if (rc)
2218 return rc;
2219
2220 if (priv->ap_fw && priv->running_bsses) {
2221 switch (le16_to_cpu(cmd->code)) {
2222 case MWL8K_CMD_SET_RF_CHANNEL:
2223 case MWL8K_CMD_RADIO_CONTROL:
2224 case MWL8K_CMD_RF_TX_POWER:
2225 case MWL8K_CMD_TX_POWER:
2226 case MWL8K_CMD_RF_ANTENNA:
2227 case MWL8K_CMD_RTS_THRESHOLD:
2228 case MWL8K_CMD_MIMO_CONFIG:
2229 bitmap = priv->running_bsses;
2230 mwl8k_enable_bsses(hw, false, bitmap);
2231 break;
2232 }
2233 }
2234
2235 cmd->result = (__force __le16) 0xffff;
2236 dma_size = le16_to_cpu(cmd->length);
2237 dma_addr = pci_map_single(priv->pdev, cmd, dma_size,
2238 PCI_DMA_BIDIRECTIONAL);
2239 if (pci_dma_mapping_error(priv->pdev, dma_addr))
2240 return -ENOMEM;
2241
2242 priv->hostcmd_wait = &cmd_wait;
2243 iowrite32(dma_addr, regs + MWL8K_HIU_GEN_PTR);
2244 iowrite32(MWL8K_H2A_INT_DOORBELL,
2245 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
2246 iowrite32(MWL8K_H2A_INT_DUMMY,
2247 regs + MWL8K_HIU_H2A_INTERRUPT_EVENTS);
2248
2249 timeout = wait_for_completion_timeout(&cmd_wait,
2250 msecs_to_jiffies(MWL8K_CMD_TIMEOUT_MS));
2251
2252 priv->hostcmd_wait = NULL;
2253
2254
2255 pci_unmap_single(priv->pdev, dma_addr, dma_size,
2256 PCI_DMA_BIDIRECTIONAL);
2257
2258 if (!timeout) {
2259 wiphy_err(hw->wiphy, "Command %s timeout after %u ms\n",
2260 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)),
2261 MWL8K_CMD_TIMEOUT_MS);
2262 rc = -ETIMEDOUT;
2263 } else {
2264 int ms;
2265
2266 ms = MWL8K_CMD_TIMEOUT_MS - jiffies_to_msecs(timeout);
2267
2268 rc = cmd->result ? -EINVAL : 0;
2269 if (rc)
2270 wiphy_err(hw->wiphy, "Command %s error 0x%x\n",
2271 mwl8k_cmd_name(cmd->code, buf, sizeof(buf)),
2272 le16_to_cpu(cmd->result));
2273 else if (ms > 2000)
2274 wiphy_notice(hw->wiphy, "Command %s took %d ms\n",
2275 mwl8k_cmd_name(cmd->code,
2276 buf, sizeof(buf)),
2277 ms);
2278 }
2279
2280 if (bitmap)
2281 mwl8k_enable_bsses(hw, true, bitmap);
2282
2283 mwl8k_fw_unlock(hw);
2284
2285 return rc;
2286}
2287
2288static int mwl8k_post_pervif_cmd(struct ieee80211_hw *hw,
2289 struct ieee80211_vif *vif,
2290 struct mwl8k_cmd_pkt *cmd)
2291{
2292 if (vif != NULL)
2293 cmd->macid = MWL8K_VIF(vif)->macid;
2294 return mwl8k_post_cmd(hw, cmd);
2295}
2296
2297/*
2298 * Setup code shared between STA and AP firmware images.
2299 */
2300static void mwl8k_setup_2ghz_band(struct ieee80211_hw *hw)
2301{
2302 struct mwl8k_priv *priv = hw->priv;
2303
2304 BUILD_BUG_ON(sizeof(priv->channels_24) != sizeof(mwl8k_channels_24));
2305 memcpy(priv->channels_24, mwl8k_channels_24, sizeof(mwl8k_channels_24));
2306
2307 BUILD_BUG_ON(sizeof(priv->rates_24) != sizeof(mwl8k_rates_24));
2308 memcpy(priv->rates_24, mwl8k_rates_24, sizeof(mwl8k_rates_24));
2309
2310 priv->band_24.band = IEEE80211_BAND_2GHZ;
2311 priv->band_24.channels = priv->channels_24;
2312 priv->band_24.n_channels = ARRAY_SIZE(mwl8k_channels_24);
2313 priv->band_24.bitrates = priv->rates_24;
2314 priv->band_24.n_bitrates = ARRAY_SIZE(mwl8k_rates_24);
2315
2316 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &priv->band_24;
2317}
2318
2319static void mwl8k_setup_5ghz_band(struct ieee80211_hw *hw)
2320{
2321 struct mwl8k_priv *priv = hw->priv;
2322
2323 BUILD_BUG_ON(sizeof(priv->channels_50) != sizeof(mwl8k_channels_50));
2324 memcpy(priv->channels_50, mwl8k_channels_50, sizeof(mwl8k_channels_50));
2325
2326 BUILD_BUG_ON(sizeof(priv->rates_50) != sizeof(mwl8k_rates_50));
2327 memcpy(priv->rates_50, mwl8k_rates_50, sizeof(mwl8k_rates_50));
2328
2329 priv->band_50.band = IEEE80211_BAND_5GHZ;
2330 priv->band_50.channels = priv->channels_50;
2331 priv->band_50.n_channels = ARRAY_SIZE(mwl8k_channels_50);
2332 priv->band_50.bitrates = priv->rates_50;
2333 priv->band_50.n_bitrates = ARRAY_SIZE(mwl8k_rates_50);
2334
2335 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &priv->band_50;
2336}
2337
2338/*
2339 * CMD_GET_HW_SPEC (STA version).
2340 */
2341struct mwl8k_cmd_get_hw_spec_sta {
2342 struct mwl8k_cmd_pkt header;
2343 __u8 hw_rev;
2344 __u8 host_interface;
2345 __le16 num_mcaddrs;
2346 __u8 perm_addr[ETH_ALEN];
2347 __le16 region_code;
2348 __le32 fw_rev;
2349 __le32 ps_cookie;
2350 __le32 caps;
2351 __u8 mcs_bitmap[16];
2352 __le32 rx_queue_ptr;
2353 __le32 num_tx_queues;
2354 __le32 tx_queue_ptrs[MWL8K_TX_WMM_QUEUES];
2355 __le32 caps2;
2356 __le32 num_tx_desc_per_queue;
2357 __le32 total_rxd;
2358} __packed;
2359
2360#define MWL8K_CAP_MAX_AMSDU 0x20000000
2361#define MWL8K_CAP_GREENFIELD 0x08000000
2362#define MWL8K_CAP_AMPDU 0x04000000
2363#define MWL8K_CAP_RX_STBC 0x01000000
2364#define MWL8K_CAP_TX_STBC 0x00800000
2365#define MWL8K_CAP_SHORTGI_40MHZ 0x00400000
2366#define MWL8K_CAP_SHORTGI_20MHZ 0x00200000
2367#define MWL8K_CAP_RX_ANTENNA_MASK 0x000e0000
2368#define MWL8K_CAP_TX_ANTENNA_MASK 0x0001c000
2369#define MWL8K_CAP_DELAY_BA 0x00003000
2370#define MWL8K_CAP_MIMO 0x00000200
2371#define MWL8K_CAP_40MHZ 0x00000100
2372#define MWL8K_CAP_BAND_MASK 0x00000007
2373#define MWL8K_CAP_5GHZ 0x00000004
2374#define MWL8K_CAP_2GHZ4 0x00000001
2375
2376static void
2377mwl8k_set_ht_caps(struct ieee80211_hw *hw,
2378 struct ieee80211_supported_band *band, u32 cap)
2379{
2380 int rx_streams;
2381 int tx_streams;
2382
2383 band->ht_cap.ht_supported = 1;
2384
2385 if (cap & MWL8K_CAP_MAX_AMSDU)
2386 band->ht_cap.cap |= IEEE80211_HT_CAP_MAX_AMSDU;
2387 if (cap & MWL8K_CAP_GREENFIELD)
2388 band->ht_cap.cap |= IEEE80211_HT_CAP_GRN_FLD;
2389 if (cap & MWL8K_CAP_AMPDU) {
2390 hw->flags |= IEEE80211_HW_AMPDU_AGGREGATION;
2391 band->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
2392 band->ht_cap.ampdu_density = IEEE80211_HT_MPDU_DENSITY_NONE;
2393 }
2394 if (cap & MWL8K_CAP_RX_STBC)
2395 band->ht_cap.cap |= IEEE80211_HT_CAP_RX_STBC;
2396 if (cap & MWL8K_CAP_TX_STBC)
2397 band->ht_cap.cap |= IEEE80211_HT_CAP_TX_STBC;
2398 if (cap & MWL8K_CAP_SHORTGI_40MHZ)
2399 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_40;
2400 if (cap & MWL8K_CAP_SHORTGI_20MHZ)
2401 band->ht_cap.cap |= IEEE80211_HT_CAP_SGI_20;
2402 if (cap & MWL8K_CAP_DELAY_BA)
2403 band->ht_cap.cap |= IEEE80211_HT_CAP_DELAY_BA;
2404 if (cap & MWL8K_CAP_40MHZ)
2405 band->ht_cap.cap |= IEEE80211_HT_CAP_SUP_WIDTH_20_40;
2406
2407 rx_streams = hweight32(cap & MWL8K_CAP_RX_ANTENNA_MASK);
2408 tx_streams = hweight32(cap & MWL8K_CAP_TX_ANTENNA_MASK);
2409
2410 band->ht_cap.mcs.rx_mask[0] = 0xff;
2411 if (rx_streams >= 2)
2412 band->ht_cap.mcs.rx_mask[1] = 0xff;
2413 if (rx_streams >= 3)
2414 band->ht_cap.mcs.rx_mask[2] = 0xff;
2415 band->ht_cap.mcs.rx_mask[4] = 0x01;
2416 band->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2417
2418 if (rx_streams != tx_streams) {
2419 band->ht_cap.mcs.tx_params |= IEEE80211_HT_MCS_TX_RX_DIFF;
2420 band->ht_cap.mcs.tx_params |= (tx_streams - 1) <<
2421 IEEE80211_HT_MCS_TX_MAX_STREAMS_SHIFT;
2422 }
2423}
2424
2425static void
2426mwl8k_set_caps(struct ieee80211_hw *hw, u32 caps)
2427{
2428 struct mwl8k_priv *priv = hw->priv;
2429
2430 if (priv->caps)
2431 return;
2432
2433 if ((caps & MWL8K_CAP_2GHZ4) || !(caps & MWL8K_CAP_BAND_MASK)) {
2434 mwl8k_setup_2ghz_band(hw);
2435 if (caps & MWL8K_CAP_MIMO)
2436 mwl8k_set_ht_caps(hw, &priv->band_24, caps);
2437 }
2438
2439 if (caps & MWL8K_CAP_5GHZ) {
2440 mwl8k_setup_5ghz_band(hw);
2441 if (caps & MWL8K_CAP_MIMO)
2442 mwl8k_set_ht_caps(hw, &priv->band_50, caps);
2443 }
2444
2445 priv->caps = caps;
2446}
2447
2448static int mwl8k_cmd_get_hw_spec_sta(struct ieee80211_hw *hw)
2449{
2450 struct mwl8k_priv *priv = hw->priv;
2451 struct mwl8k_cmd_get_hw_spec_sta *cmd;
2452 int rc;
2453 int i;
2454
2455 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2456 if (cmd == NULL)
2457 return -ENOMEM;
2458
2459 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_HW_SPEC);
2460 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2461
2462 memset(cmd->perm_addr, 0xff, sizeof(cmd->perm_addr));
2463 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2464 cmd->rx_queue_ptr = cpu_to_le32(priv->rxq[0].rxd_dma);
2465 cmd->num_tx_queues = cpu_to_le32(mwl8k_tx_queues(priv));
2466 for (i = 0; i < mwl8k_tx_queues(priv); i++)
2467 cmd->tx_queue_ptrs[i] = cpu_to_le32(priv->txq[i].txd_dma);
2468 cmd->num_tx_desc_per_queue = cpu_to_le32(MWL8K_TX_DESCS);
2469 cmd->total_rxd = cpu_to_le32(MWL8K_RX_DESCS);
2470
2471 rc = mwl8k_post_cmd(hw, &cmd->header);
2472
2473 if (!rc) {
2474 SET_IEEE80211_PERM_ADDR(hw, cmd->perm_addr);
2475 priv->num_mcaddrs = le16_to_cpu(cmd->num_mcaddrs);
2476 priv->fw_rev = le32_to_cpu(cmd->fw_rev);
2477 priv->hw_rev = cmd->hw_rev;
2478 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps));
2479 priv->ap_macids_supported = 0x00000000;
2480 priv->sta_macids_supported = 0x00000001;
2481 }
2482
2483 kfree(cmd);
2484 return rc;
2485}
2486
2487/*
2488 * CMD_GET_HW_SPEC (AP version).
2489 */
2490struct mwl8k_cmd_get_hw_spec_ap {
2491 struct mwl8k_cmd_pkt header;
2492 __u8 hw_rev;
2493 __u8 host_interface;
2494 __le16 num_wcb;
2495 __le16 num_mcaddrs;
2496 __u8 perm_addr[ETH_ALEN];
2497 __le16 region_code;
2498 __le16 num_antenna;
2499 __le32 fw_rev;
2500 __le32 wcbbase0;
2501 __le32 rxwrptr;
2502 __le32 rxrdptr;
2503 __le32 ps_cookie;
2504 __le32 wcbbase1;
2505 __le32 wcbbase2;
2506 __le32 wcbbase3;
2507 __le32 fw_api_version;
2508 __le32 caps;
2509 __le32 num_of_ampdu_queues;
2510 __le32 wcbbase_ampdu[MWL8K_MAX_AMPDU_QUEUES];
2511} __packed;
2512
2513static int mwl8k_cmd_get_hw_spec_ap(struct ieee80211_hw *hw)
2514{
2515 struct mwl8k_priv *priv = hw->priv;
2516 struct mwl8k_cmd_get_hw_spec_ap *cmd;
2517 int rc, i;
2518 u32 api_version;
2519
2520 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2521 if (cmd == NULL)
2522 return -ENOMEM;
2523
2524 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_HW_SPEC);
2525 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2526
2527 memset(cmd->perm_addr, 0xff, sizeof(cmd->perm_addr));
2528 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2529
2530 rc = mwl8k_post_cmd(hw, &cmd->header);
2531
2532 if (!rc) {
2533 int off;
2534
2535 api_version = le32_to_cpu(cmd->fw_api_version);
2536 if (priv->device_info->fw_api_ap != api_version) {
2537 printk(KERN_ERR "%s: Unsupported fw API version for %s."
2538 " Expected %d got %d.\n", MWL8K_NAME,
2539 priv->device_info->part_name,
2540 priv->device_info->fw_api_ap,
2541 api_version);
2542 rc = -EINVAL;
2543 goto done;
2544 }
2545 SET_IEEE80211_PERM_ADDR(hw, cmd->perm_addr);
2546 priv->num_mcaddrs = le16_to_cpu(cmd->num_mcaddrs);
2547 priv->fw_rev = le32_to_cpu(cmd->fw_rev);
2548 priv->hw_rev = cmd->hw_rev;
2549 mwl8k_set_caps(hw, le32_to_cpu(cmd->caps));
2550 priv->ap_macids_supported = 0x000000ff;
2551 priv->sta_macids_supported = 0x00000100;
2552 priv->num_ampdu_queues = le32_to_cpu(cmd->num_of_ampdu_queues);
2553 if (priv->num_ampdu_queues > MWL8K_MAX_AMPDU_QUEUES) {
2554 wiphy_warn(hw->wiphy, "fw reported %d ampdu queues"
2555 " but we only support %d.\n",
2556 priv->num_ampdu_queues,
2557 MWL8K_MAX_AMPDU_QUEUES);
2558 priv->num_ampdu_queues = MWL8K_MAX_AMPDU_QUEUES;
2559 }
2560 off = le32_to_cpu(cmd->rxwrptr) & 0xffff;
2561 iowrite32(priv->rxq[0].rxd_dma, priv->sram + off);
2562
2563 off = le32_to_cpu(cmd->rxrdptr) & 0xffff;
2564 iowrite32(priv->rxq[0].rxd_dma, priv->sram + off);
2565
2566 priv->txq_offset[0] = le32_to_cpu(cmd->wcbbase0) & 0xffff;
2567 priv->txq_offset[1] = le32_to_cpu(cmd->wcbbase1) & 0xffff;
2568 priv->txq_offset[2] = le32_to_cpu(cmd->wcbbase2) & 0xffff;
2569 priv->txq_offset[3] = le32_to_cpu(cmd->wcbbase3) & 0xffff;
2570
2571 for (i = 0; i < priv->num_ampdu_queues; i++)
2572 priv->txq_offset[i + MWL8K_TX_WMM_QUEUES] =
2573 le32_to_cpu(cmd->wcbbase_ampdu[i]) & 0xffff;
2574 }
2575
2576done:
2577 kfree(cmd);
2578 return rc;
2579}
2580
2581/*
2582 * CMD_SET_HW_SPEC.
2583 */
2584struct mwl8k_cmd_set_hw_spec {
2585 struct mwl8k_cmd_pkt header;
2586 __u8 hw_rev;
2587 __u8 host_interface;
2588 __le16 num_mcaddrs;
2589 __u8 perm_addr[ETH_ALEN];
2590 __le16 region_code;
2591 __le32 fw_rev;
2592 __le32 ps_cookie;
2593 __le32 caps;
2594 __le32 rx_queue_ptr;
2595 __le32 num_tx_queues;
2596 __le32 tx_queue_ptrs[MWL8K_MAX_TX_QUEUES];
2597 __le32 flags;
2598 __le32 num_tx_desc_per_queue;
2599 __le32 total_rxd;
2600} __packed;
2601
2602/* If enabled, MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY will cause
2603 * packets to expire 500 ms after the timestamp in the tx descriptor. That is,
2604 * the packets that are queued for more than 500ms, will be dropped in the
2605 * hardware. This helps minimizing the issues caused due to head-of-line
2606 * blocking where a slow client can hog the bandwidth and affect traffic to a
2607 * faster client.
2608 */
2609#define MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY 0x00000400
2610#define MWL8K_SET_HW_SPEC_FLAG_GENERATE_CCMP_HDR 0x00000200
2611#define MWL8K_SET_HW_SPEC_FLAG_HOST_DECR_MGMT 0x00000080
2612#define MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_PROBERESP 0x00000020
2613#define MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_BEACON 0x00000010
2614
2615static int mwl8k_cmd_set_hw_spec(struct ieee80211_hw *hw)
2616{
2617 struct mwl8k_priv *priv = hw->priv;
2618 struct mwl8k_cmd_set_hw_spec *cmd;
2619 int rc;
2620 int i;
2621
2622 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2623 if (cmd == NULL)
2624 return -ENOMEM;
2625
2626 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_HW_SPEC);
2627 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2628
2629 cmd->ps_cookie = cpu_to_le32(priv->cookie_dma);
2630 cmd->rx_queue_ptr = cpu_to_le32(priv->rxq[0].rxd_dma);
2631 cmd->num_tx_queues = cpu_to_le32(mwl8k_tx_queues(priv));
2632
2633 /*
2634 * Mac80211 stack has Q0 as highest priority and Q3 as lowest in
2635 * that order. Firmware has Q3 as highest priority and Q0 as lowest
2636 * in that order. Map Q3 of mac80211 to Q0 of firmware so that the
2637 * priority is interpreted the right way in firmware.
2638 */
2639 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
2640 int j = mwl8k_tx_queues(priv) - 1 - i;
2641 cmd->tx_queue_ptrs[i] = cpu_to_le32(priv->txq[j].txd_dma);
2642 }
2643
2644 cmd->flags = cpu_to_le32(MWL8K_SET_HW_SPEC_FLAG_HOST_DECR_MGMT |
2645 MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_PROBERESP |
2646 MWL8K_SET_HW_SPEC_FLAG_HOSTFORM_BEACON |
2647 MWL8K_SET_HW_SPEC_FLAG_ENABLE_LIFE_TIME_EXPIRY |
2648 MWL8K_SET_HW_SPEC_FLAG_GENERATE_CCMP_HDR);
2649 cmd->num_tx_desc_per_queue = cpu_to_le32(MWL8K_TX_DESCS);
2650 cmd->total_rxd = cpu_to_le32(MWL8K_RX_DESCS);
2651
2652 rc = mwl8k_post_cmd(hw, &cmd->header);
2653 kfree(cmd);
2654
2655 return rc;
2656}
2657
2658/*
2659 * CMD_MAC_MULTICAST_ADR.
2660 */
2661struct mwl8k_cmd_mac_multicast_adr {
2662 struct mwl8k_cmd_pkt header;
2663 __le16 action;
2664 __le16 numaddr;
2665 __u8 addr[0][ETH_ALEN];
2666};
2667
2668#define MWL8K_ENABLE_RX_DIRECTED 0x0001
2669#define MWL8K_ENABLE_RX_MULTICAST 0x0002
2670#define MWL8K_ENABLE_RX_ALL_MULTICAST 0x0004
2671#define MWL8K_ENABLE_RX_BROADCAST 0x0008
2672
2673static struct mwl8k_cmd_pkt *
2674__mwl8k_cmd_mac_multicast_adr(struct ieee80211_hw *hw, int allmulti,
2675 struct netdev_hw_addr_list *mc_list)
2676{
2677 struct mwl8k_priv *priv = hw->priv;
2678 struct mwl8k_cmd_mac_multicast_adr *cmd;
2679 int size;
2680 int mc_count = 0;
2681
2682 if (mc_list)
2683 mc_count = netdev_hw_addr_list_count(mc_list);
2684
2685 if (allmulti || mc_count > priv->num_mcaddrs) {
2686 allmulti = 1;
2687 mc_count = 0;
2688 }
2689
2690 size = sizeof(*cmd) + mc_count * ETH_ALEN;
2691
2692 cmd = kzalloc(size, GFP_ATOMIC);
2693 if (cmd == NULL)
2694 return NULL;
2695
2696 cmd->header.code = cpu_to_le16(MWL8K_CMD_MAC_MULTICAST_ADR);
2697 cmd->header.length = cpu_to_le16(size);
2698 cmd->action = cpu_to_le16(MWL8K_ENABLE_RX_DIRECTED |
2699 MWL8K_ENABLE_RX_BROADCAST);
2700
2701 if (allmulti) {
2702 cmd->action |= cpu_to_le16(MWL8K_ENABLE_RX_ALL_MULTICAST);
2703 } else if (mc_count) {
2704 struct netdev_hw_addr *ha;
2705 int i = 0;
2706
2707 cmd->action |= cpu_to_le16(MWL8K_ENABLE_RX_MULTICAST);
2708 cmd->numaddr = cpu_to_le16(mc_count);
2709 netdev_hw_addr_list_for_each(ha, mc_list) {
2710 memcpy(cmd->addr[i], ha->addr, ETH_ALEN);
2711 }
2712 }
2713
2714 return &cmd->header;
2715}
2716
2717/*
2718 * CMD_GET_STAT.
2719 */
2720struct mwl8k_cmd_get_stat {
2721 struct mwl8k_cmd_pkt header;
2722 __le32 stats[64];
2723} __packed;
2724
2725#define MWL8K_STAT_ACK_FAILURE 9
2726#define MWL8K_STAT_RTS_FAILURE 12
2727#define MWL8K_STAT_FCS_ERROR 24
2728#define MWL8K_STAT_RTS_SUCCESS 11
2729
2730static int mwl8k_cmd_get_stat(struct ieee80211_hw *hw,
2731 struct ieee80211_low_level_stats *stats)
2732{
2733 struct mwl8k_cmd_get_stat *cmd;
2734 int rc;
2735
2736 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2737 if (cmd == NULL)
2738 return -ENOMEM;
2739
2740 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_STAT);
2741 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2742
2743 rc = mwl8k_post_cmd(hw, &cmd->header);
2744 if (!rc) {
2745 stats->dot11ACKFailureCount =
2746 le32_to_cpu(cmd->stats[MWL8K_STAT_ACK_FAILURE]);
2747 stats->dot11RTSFailureCount =
2748 le32_to_cpu(cmd->stats[MWL8K_STAT_RTS_FAILURE]);
2749 stats->dot11FCSErrorCount =
2750 le32_to_cpu(cmd->stats[MWL8K_STAT_FCS_ERROR]);
2751 stats->dot11RTSSuccessCount =
2752 le32_to_cpu(cmd->stats[MWL8K_STAT_RTS_SUCCESS]);
2753 }
2754 kfree(cmd);
2755
2756 return rc;
2757}
2758
2759/*
2760 * CMD_RADIO_CONTROL.
2761 */
2762struct mwl8k_cmd_radio_control {
2763 struct mwl8k_cmd_pkt header;
2764 __le16 action;
2765 __le16 control;
2766 __le16 radio_on;
2767} __packed;
2768
2769static int
2770mwl8k_cmd_radio_control(struct ieee80211_hw *hw, bool enable, bool force)
2771{
2772 struct mwl8k_priv *priv = hw->priv;
2773 struct mwl8k_cmd_radio_control *cmd;
2774 int rc;
2775
2776 if (enable == priv->radio_on && !force)
2777 return 0;
2778
2779 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2780 if (cmd == NULL)
2781 return -ENOMEM;
2782
2783 cmd->header.code = cpu_to_le16(MWL8K_CMD_RADIO_CONTROL);
2784 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2785 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
2786 cmd->control = cpu_to_le16(priv->radio_short_preamble ? 3 : 1);
2787 cmd->radio_on = cpu_to_le16(enable ? 0x0001 : 0x0000);
2788
2789 rc = mwl8k_post_cmd(hw, &cmd->header);
2790 kfree(cmd);
2791
2792 if (!rc)
2793 priv->radio_on = enable;
2794
2795 return rc;
2796}
2797
2798static int mwl8k_cmd_radio_disable(struct ieee80211_hw *hw)
2799{
2800 return mwl8k_cmd_radio_control(hw, 0, 0);
2801}
2802
2803static int mwl8k_cmd_radio_enable(struct ieee80211_hw *hw)
2804{
2805 return mwl8k_cmd_radio_control(hw, 1, 0);
2806}
2807
2808static int
2809mwl8k_set_radio_preamble(struct ieee80211_hw *hw, bool short_preamble)
2810{
2811 struct mwl8k_priv *priv = hw->priv;
2812
2813 priv->radio_short_preamble = short_preamble;
2814
2815 return mwl8k_cmd_radio_control(hw, 1, 1);
2816}
2817
2818/*
2819 * CMD_RF_TX_POWER.
2820 */
2821#define MWL8K_RF_TX_POWER_LEVEL_TOTAL 8
2822
2823struct mwl8k_cmd_rf_tx_power {
2824 struct mwl8k_cmd_pkt header;
2825 __le16 action;
2826 __le16 support_level;
2827 __le16 current_level;
2828 __le16 reserved;
2829 __le16 power_level_list[MWL8K_RF_TX_POWER_LEVEL_TOTAL];
2830} __packed;
2831
2832static int mwl8k_cmd_rf_tx_power(struct ieee80211_hw *hw, int dBm)
2833{
2834 struct mwl8k_cmd_rf_tx_power *cmd;
2835 int rc;
2836
2837 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2838 if (cmd == NULL)
2839 return -ENOMEM;
2840
2841 cmd->header.code = cpu_to_le16(MWL8K_CMD_RF_TX_POWER);
2842 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2843 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
2844 cmd->support_level = cpu_to_le16(dBm);
2845
2846 rc = mwl8k_post_cmd(hw, &cmd->header);
2847 kfree(cmd);
2848
2849 return rc;
2850}
2851
2852/*
2853 * CMD_TX_POWER.
2854 */
2855#define MWL8K_TX_POWER_LEVEL_TOTAL 12
2856
2857struct mwl8k_cmd_tx_power {
2858 struct mwl8k_cmd_pkt header;
2859 __le16 action;
2860 __le16 band;
2861 __le16 channel;
2862 __le16 bw;
2863 __le16 sub_ch;
2864 __le16 power_level_list[MWL8K_TX_POWER_LEVEL_TOTAL];
2865} __packed;
2866
2867static int mwl8k_cmd_tx_power(struct ieee80211_hw *hw,
2868 struct ieee80211_conf *conf,
2869 unsigned short pwr)
2870{
2871 struct ieee80211_channel *channel = conf->chandef.chan;
2872 enum nl80211_channel_type channel_type =
2873 cfg80211_get_chandef_type(&conf->chandef);
2874 struct mwl8k_cmd_tx_power *cmd;
2875 int rc;
2876 int i;
2877
2878 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2879 if (cmd == NULL)
2880 return -ENOMEM;
2881
2882 cmd->header.code = cpu_to_le16(MWL8K_CMD_TX_POWER);
2883 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2884 cmd->action = cpu_to_le16(MWL8K_CMD_SET_LIST);
2885
2886 if (channel->band == IEEE80211_BAND_2GHZ)
2887 cmd->band = cpu_to_le16(0x1);
2888 else if (channel->band == IEEE80211_BAND_5GHZ)
2889 cmd->band = cpu_to_le16(0x4);
2890
2891 cmd->channel = cpu_to_le16(channel->hw_value);
2892
2893 if (channel_type == NL80211_CHAN_NO_HT ||
2894 channel_type == NL80211_CHAN_HT20) {
2895 cmd->bw = cpu_to_le16(0x2);
2896 } else {
2897 cmd->bw = cpu_to_le16(0x4);
2898 if (channel_type == NL80211_CHAN_HT40MINUS)
2899 cmd->sub_ch = cpu_to_le16(0x3);
2900 else if (channel_type == NL80211_CHAN_HT40PLUS)
2901 cmd->sub_ch = cpu_to_le16(0x1);
2902 }
2903
2904 for (i = 0; i < MWL8K_TX_POWER_LEVEL_TOTAL; i++)
2905 cmd->power_level_list[i] = cpu_to_le16(pwr);
2906
2907 rc = mwl8k_post_cmd(hw, &cmd->header);
2908 kfree(cmd);
2909
2910 return rc;
2911}
2912
2913/*
2914 * CMD_RF_ANTENNA.
2915 */
2916struct mwl8k_cmd_rf_antenna {
2917 struct mwl8k_cmd_pkt header;
2918 __le16 antenna;
2919 __le16 mode;
2920} __packed;
2921
2922#define MWL8K_RF_ANTENNA_RX 1
2923#define MWL8K_RF_ANTENNA_TX 2
2924
2925static int
2926mwl8k_cmd_rf_antenna(struct ieee80211_hw *hw, int antenna, int mask)
2927{
2928 struct mwl8k_cmd_rf_antenna *cmd;
2929 int rc;
2930
2931 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2932 if (cmd == NULL)
2933 return -ENOMEM;
2934
2935 cmd->header.code = cpu_to_le16(MWL8K_CMD_RF_ANTENNA);
2936 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2937 cmd->antenna = cpu_to_le16(antenna);
2938 cmd->mode = cpu_to_le16(mask);
2939
2940 rc = mwl8k_post_cmd(hw, &cmd->header);
2941 kfree(cmd);
2942
2943 return rc;
2944}
2945
2946/*
2947 * CMD_SET_BEACON.
2948 */
2949struct mwl8k_cmd_set_beacon {
2950 struct mwl8k_cmd_pkt header;
2951 __le16 beacon_len;
2952 __u8 beacon[0];
2953};
2954
2955static int mwl8k_cmd_set_beacon(struct ieee80211_hw *hw,
2956 struct ieee80211_vif *vif, u8 *beacon, int len)
2957{
2958 struct mwl8k_cmd_set_beacon *cmd;
2959 int rc;
2960
2961 cmd = kzalloc(sizeof(*cmd) + len, GFP_KERNEL);
2962 if (cmd == NULL)
2963 return -ENOMEM;
2964
2965 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_BEACON);
2966 cmd->header.length = cpu_to_le16(sizeof(*cmd) + len);
2967 cmd->beacon_len = cpu_to_le16(len);
2968 memcpy(cmd->beacon, beacon, len);
2969
2970 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
2971 kfree(cmd);
2972
2973 return rc;
2974}
2975
2976/*
2977 * CMD_SET_PRE_SCAN.
2978 */
2979struct mwl8k_cmd_set_pre_scan {
2980 struct mwl8k_cmd_pkt header;
2981} __packed;
2982
2983static int mwl8k_cmd_set_pre_scan(struct ieee80211_hw *hw)
2984{
2985 struct mwl8k_cmd_set_pre_scan *cmd;
2986 int rc;
2987
2988 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
2989 if (cmd == NULL)
2990 return -ENOMEM;
2991
2992 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_PRE_SCAN);
2993 cmd->header.length = cpu_to_le16(sizeof(*cmd));
2994
2995 rc = mwl8k_post_cmd(hw, &cmd->header);
2996 kfree(cmd);
2997
2998 return rc;
2999}
3000
3001/*
3002 * CMD_BBP_REG_ACCESS.
3003 */
3004struct mwl8k_cmd_bbp_reg_access {
3005 struct mwl8k_cmd_pkt header;
3006 __le16 action;
3007 __le16 offset;
3008 u8 value;
3009 u8 rsrv[3];
3010} __packed;
3011
3012static int
3013mwl8k_cmd_bbp_reg_access(struct ieee80211_hw *hw,
3014 u16 action,
3015 u16 offset,
3016 u8 *value)
3017{
3018 struct mwl8k_cmd_bbp_reg_access *cmd;
3019 int rc;
3020
3021 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3022 if (cmd == NULL)
3023 return -ENOMEM;
3024
3025 cmd->header.code = cpu_to_le16(MWL8K_CMD_BBP_REG_ACCESS);
3026 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3027 cmd->action = cpu_to_le16(action);
3028 cmd->offset = cpu_to_le16(offset);
3029
3030 rc = mwl8k_post_cmd(hw, &cmd->header);
3031
3032 if (!rc)
3033 *value = cmd->value;
3034 else
3035 *value = 0;
3036
3037 kfree(cmd);
3038
3039 return rc;
3040}
3041
3042/*
3043 * CMD_SET_POST_SCAN.
3044 */
3045struct mwl8k_cmd_set_post_scan {
3046 struct mwl8k_cmd_pkt header;
3047 __le32 isibss;
3048 __u8 bssid[ETH_ALEN];
3049} __packed;
3050
3051static int
3052mwl8k_cmd_set_post_scan(struct ieee80211_hw *hw, const __u8 *mac)
3053{
3054 struct mwl8k_cmd_set_post_scan *cmd;
3055 int rc;
3056
3057 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3058 if (cmd == NULL)
3059 return -ENOMEM;
3060
3061 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_POST_SCAN);
3062 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3063 cmd->isibss = 0;
3064 memcpy(cmd->bssid, mac, ETH_ALEN);
3065
3066 rc = mwl8k_post_cmd(hw, &cmd->header);
3067 kfree(cmd);
3068
3069 return rc;
3070}
3071
3072static int freq_to_idx(struct mwl8k_priv *priv, int freq)
3073{
3074 struct ieee80211_supported_band *sband;
3075 int band, ch, idx = 0;
3076
3077 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
3078 sband = priv->hw->wiphy->bands[band];
3079 if (!sband)
3080 continue;
3081
3082 for (ch = 0; ch < sband->n_channels; ch++, idx++)
3083 if (sband->channels[ch].center_freq == freq)
3084 goto exit;
3085 }
3086
3087exit:
3088 return idx;
3089}
3090
3091static void mwl8k_update_survey(struct mwl8k_priv *priv,
3092 struct ieee80211_channel *channel)
3093{
3094 u32 cca_cnt, rx_rdy;
3095 s8 nf = 0, idx;
3096 struct survey_info *survey;
3097
3098 idx = freq_to_idx(priv, priv->acs_chan->center_freq);
3099 if (idx >= MWL8K_NUM_CHANS) {
3100 wiphy_err(priv->hw->wiphy, "Failed to update survey\n");
3101 return;
3102 }
3103
3104 survey = &priv->survey[idx];
3105
3106 cca_cnt = ioread32(priv->regs + NOK_CCA_CNT_REG);
3107 cca_cnt /= 1000; /* uSecs to mSecs */
3108 survey->channel_time_busy = (u64) cca_cnt;
3109
3110 rx_rdy = ioread32(priv->regs + BBU_RXRDY_CNT_REG);
3111 rx_rdy /= 1000; /* uSecs to mSecs */
3112 survey->channel_time_rx = (u64) rx_rdy;
3113
3114 priv->channel_time = jiffies - priv->channel_time;
3115 survey->channel_time = jiffies_to_msecs(priv->channel_time);
3116
3117 survey->channel = channel;
3118
3119 mwl8k_cmd_bbp_reg_access(priv->hw, 0, BBU_AVG_NOISE_VAL, &nf);
3120
3121 /* Make sure sign is negative else ACS at hostapd fails */
3122 survey->noise = nf * -1;
3123
3124 survey->filled = SURVEY_INFO_NOISE_DBM |
3125 SURVEY_INFO_CHANNEL_TIME |
3126 SURVEY_INFO_CHANNEL_TIME_BUSY |
3127 SURVEY_INFO_CHANNEL_TIME_RX;
3128}
3129
3130/*
3131 * CMD_SET_RF_CHANNEL.
3132 */
3133struct mwl8k_cmd_set_rf_channel {
3134 struct mwl8k_cmd_pkt header;
3135 __le16 action;
3136 __u8 current_channel;
3137 __le32 channel_flags;
3138} __packed;
3139
3140static int mwl8k_cmd_set_rf_channel(struct ieee80211_hw *hw,
3141 struct ieee80211_conf *conf)
3142{
3143 struct ieee80211_channel *channel = conf->chandef.chan;
3144 enum nl80211_channel_type channel_type =
3145 cfg80211_get_chandef_type(&conf->chandef);
3146 struct mwl8k_cmd_set_rf_channel *cmd;
3147 struct mwl8k_priv *priv = hw->priv;
3148 int rc;
3149
3150 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3151 if (cmd == NULL)
3152 return -ENOMEM;
3153
3154 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RF_CHANNEL);
3155 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3156 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3157 cmd->current_channel = channel->hw_value;
3158
3159 if (channel->band == IEEE80211_BAND_2GHZ)
3160 cmd->channel_flags |= cpu_to_le32(0x00000001);
3161 else if (channel->band == IEEE80211_BAND_5GHZ)
3162 cmd->channel_flags |= cpu_to_le32(0x00000004);
3163
3164 if (!priv->sw_scan_start) {
3165 if (channel_type == NL80211_CHAN_NO_HT ||
3166 channel_type == NL80211_CHAN_HT20)
3167 cmd->channel_flags |= cpu_to_le32(0x00000080);
3168 else if (channel_type == NL80211_CHAN_HT40MINUS)
3169 cmd->channel_flags |= cpu_to_le32(0x000001900);
3170 else if (channel_type == NL80211_CHAN_HT40PLUS)
3171 cmd->channel_flags |= cpu_to_le32(0x000000900);
3172 } else {
3173 cmd->channel_flags |= cpu_to_le32(0x00000080);
3174 }
3175
3176 if (priv->sw_scan_start) {
3177 /* Store current channel stats
3178 * before switching to newer one.
3179 * This will be processed only for AP fw.
3180 */
3181 if (priv->channel_time != 0)
3182 mwl8k_update_survey(priv, priv->acs_chan);
3183
3184 priv->channel_time = jiffies;
3185 priv->acs_chan = channel;
3186 }
3187
3188 rc = mwl8k_post_cmd(hw, &cmd->header);
3189 kfree(cmd);
3190
3191 return rc;
3192}
3193
3194/*
3195 * CMD_SET_AID.
3196 */
3197#define MWL8K_FRAME_PROT_DISABLED 0x00
3198#define MWL8K_FRAME_PROT_11G 0x07
3199#define MWL8K_FRAME_PROT_11N_HT_40MHZ_ONLY 0x02
3200#define MWL8K_FRAME_PROT_11N_HT_ALL 0x06
3201
3202struct mwl8k_cmd_update_set_aid {
3203 struct mwl8k_cmd_pkt header;
3204 __le16 aid;
3205
3206 /* AP's MAC address (BSSID) */
3207 __u8 bssid[ETH_ALEN];
3208 __le16 protection_mode;
3209 __u8 supp_rates[14];
3210} __packed;
3211
3212static void legacy_rate_mask_to_array(u8 *rates, u32 mask)
3213{
3214 int i;
3215 int j;
3216
3217 /*
3218 * Clear nonstandard rate 4.
3219 */
3220 mask &= 0x1fef;
3221
3222 for (i = 0, j = 0; i < 13; i++) {
3223 if (mask & (1 << i))
3224 rates[j++] = mwl8k_rates_24[i].hw_value;
3225 }
3226}
3227
3228static int
3229mwl8k_cmd_set_aid(struct ieee80211_hw *hw,
3230 struct ieee80211_vif *vif, u32 legacy_rate_mask)
3231{
3232 struct mwl8k_cmd_update_set_aid *cmd;
3233 u16 prot_mode;
3234 int rc;
3235
3236 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3237 if (cmd == NULL)
3238 return -ENOMEM;
3239
3240 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_AID);
3241 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3242 cmd->aid = cpu_to_le16(vif->bss_conf.aid);
3243 memcpy(cmd->bssid, vif->bss_conf.bssid, ETH_ALEN);
3244
3245 if (vif->bss_conf.use_cts_prot) {
3246 prot_mode = MWL8K_FRAME_PROT_11G;
3247 } else {
3248 switch (vif->bss_conf.ht_operation_mode &
3249 IEEE80211_HT_OP_MODE_PROTECTION) {
3250 case IEEE80211_HT_OP_MODE_PROTECTION_20MHZ:
3251 prot_mode = MWL8K_FRAME_PROT_11N_HT_40MHZ_ONLY;
3252 break;
3253 case IEEE80211_HT_OP_MODE_PROTECTION_NONHT_MIXED:
3254 prot_mode = MWL8K_FRAME_PROT_11N_HT_ALL;
3255 break;
3256 default:
3257 prot_mode = MWL8K_FRAME_PROT_DISABLED;
3258 break;
3259 }
3260 }
3261 cmd->protection_mode = cpu_to_le16(prot_mode);
3262
3263 legacy_rate_mask_to_array(cmd->supp_rates, legacy_rate_mask);
3264
3265 rc = mwl8k_post_cmd(hw, &cmd->header);
3266 kfree(cmd);
3267
3268 return rc;
3269}
3270
3271/*
3272 * CMD_SET_RATE.
3273 */
3274struct mwl8k_cmd_set_rate {
3275 struct mwl8k_cmd_pkt header;
3276 __u8 legacy_rates[14];
3277
3278 /* Bitmap for supported MCS codes. */
3279 __u8 mcs_set[16];
3280 __u8 reserved[16];
3281} __packed;
3282
3283static int
3284mwl8k_cmd_set_rate(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
3285 u32 legacy_rate_mask, u8 *mcs_rates)
3286{
3287 struct mwl8k_cmd_set_rate *cmd;
3288 int rc;
3289
3290 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3291 if (cmd == NULL)
3292 return -ENOMEM;
3293
3294 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RATE);
3295 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3296 legacy_rate_mask_to_array(cmd->legacy_rates, legacy_rate_mask);
3297 memcpy(cmd->mcs_set, mcs_rates, 16);
3298
3299 rc = mwl8k_post_cmd(hw, &cmd->header);
3300 kfree(cmd);
3301
3302 return rc;
3303}
3304
3305/*
3306 * CMD_FINALIZE_JOIN.
3307 */
3308#define MWL8K_FJ_BEACON_MAXLEN 128
3309
3310struct mwl8k_cmd_finalize_join {
3311 struct mwl8k_cmd_pkt header;
3312 __le32 sleep_interval; /* Number of beacon periods to sleep */
3313 __u8 beacon_data[MWL8K_FJ_BEACON_MAXLEN];
3314} __packed;
3315
3316static int mwl8k_cmd_finalize_join(struct ieee80211_hw *hw, void *frame,
3317 int framelen, int dtim)
3318{
3319 struct mwl8k_cmd_finalize_join *cmd;
3320 struct ieee80211_mgmt *payload = frame;
3321 int payload_len;
3322 int rc;
3323
3324 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3325 if (cmd == NULL)
3326 return -ENOMEM;
3327
3328 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_FINALIZE_JOIN);
3329 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3330 cmd->sleep_interval = cpu_to_le32(dtim ? dtim : 1);
3331
3332 payload_len = framelen - ieee80211_hdrlen(payload->frame_control);
3333 if (payload_len < 0)
3334 payload_len = 0;
3335 else if (payload_len > MWL8K_FJ_BEACON_MAXLEN)
3336 payload_len = MWL8K_FJ_BEACON_MAXLEN;
3337
3338 memcpy(cmd->beacon_data, &payload->u.beacon, payload_len);
3339
3340 rc = mwl8k_post_cmd(hw, &cmd->header);
3341 kfree(cmd);
3342
3343 return rc;
3344}
3345
3346/*
3347 * CMD_SET_RTS_THRESHOLD.
3348 */
3349struct mwl8k_cmd_set_rts_threshold {
3350 struct mwl8k_cmd_pkt header;
3351 __le16 action;
3352 __le16 threshold;
3353} __packed;
3354
3355static int
3356mwl8k_cmd_set_rts_threshold(struct ieee80211_hw *hw, int rts_thresh)
3357{
3358 struct mwl8k_cmd_set_rts_threshold *cmd;
3359 int rc;
3360
3361 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3362 if (cmd == NULL)
3363 return -ENOMEM;
3364
3365 cmd->header.code = cpu_to_le16(MWL8K_CMD_RTS_THRESHOLD);
3366 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3367 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3368 cmd->threshold = cpu_to_le16(rts_thresh);
3369
3370 rc = mwl8k_post_cmd(hw, &cmd->header);
3371 kfree(cmd);
3372
3373 return rc;
3374}
3375
3376/*
3377 * CMD_SET_SLOT.
3378 */
3379struct mwl8k_cmd_set_slot {
3380 struct mwl8k_cmd_pkt header;
3381 __le16 action;
3382 __u8 short_slot;
3383} __packed;
3384
3385static int mwl8k_cmd_set_slot(struct ieee80211_hw *hw, bool short_slot_time)
3386{
3387 struct mwl8k_cmd_set_slot *cmd;
3388 int rc;
3389
3390 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3391 if (cmd == NULL)
3392 return -ENOMEM;
3393
3394 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_SLOT);
3395 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3396 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3397 cmd->short_slot = short_slot_time;
3398
3399 rc = mwl8k_post_cmd(hw, &cmd->header);
3400 kfree(cmd);
3401
3402 return rc;
3403}
3404
3405/*
3406 * CMD_SET_EDCA_PARAMS.
3407 */
3408struct mwl8k_cmd_set_edca_params {
3409 struct mwl8k_cmd_pkt header;
3410
3411 /* See MWL8K_SET_EDCA_XXX below */
3412 __le16 action;
3413
3414 /* TX opportunity in units of 32 us */
3415 __le16 txop;
3416
3417 union {
3418 struct {
3419 /* Log exponent of max contention period: 0...15 */
3420 __le32 log_cw_max;
3421
3422 /* Log exponent of min contention period: 0...15 */
3423 __le32 log_cw_min;
3424
3425 /* Adaptive interframe spacing in units of 32us */
3426 __u8 aifs;
3427
3428 /* TX queue to configure */
3429 __u8 txq;
3430 } ap;
3431 struct {
3432 /* Log exponent of max contention period: 0...15 */
3433 __u8 log_cw_max;
3434
3435 /* Log exponent of min contention period: 0...15 */
3436 __u8 log_cw_min;
3437
3438 /* Adaptive interframe spacing in units of 32us */
3439 __u8 aifs;
3440
3441 /* TX queue to configure */
3442 __u8 txq;
3443 } sta;
3444 };
3445} __packed;
3446
3447#define MWL8K_SET_EDCA_CW 0x01
3448#define MWL8K_SET_EDCA_TXOP 0x02
3449#define MWL8K_SET_EDCA_AIFS 0x04
3450
3451#define MWL8K_SET_EDCA_ALL (MWL8K_SET_EDCA_CW | \
3452 MWL8K_SET_EDCA_TXOP | \
3453 MWL8K_SET_EDCA_AIFS)
3454
3455static int
3456mwl8k_cmd_set_edca_params(struct ieee80211_hw *hw, __u8 qnum,
3457 __u16 cw_min, __u16 cw_max,
3458 __u8 aifs, __u16 txop)
3459{
3460 struct mwl8k_priv *priv = hw->priv;
3461 struct mwl8k_cmd_set_edca_params *cmd;
3462 int rc;
3463
3464 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3465 if (cmd == NULL)
3466 return -ENOMEM;
3467
3468 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_EDCA_PARAMS);
3469 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3470 cmd->action = cpu_to_le16(MWL8K_SET_EDCA_ALL);
3471 cmd->txop = cpu_to_le16(txop);
3472 if (priv->ap_fw) {
3473 cmd->ap.log_cw_max = cpu_to_le32(ilog2(cw_max + 1));
3474 cmd->ap.log_cw_min = cpu_to_le32(ilog2(cw_min + 1));
3475 cmd->ap.aifs = aifs;
3476 cmd->ap.txq = qnum;
3477 } else {
3478 cmd->sta.log_cw_max = (u8)ilog2(cw_max + 1);
3479 cmd->sta.log_cw_min = (u8)ilog2(cw_min + 1);
3480 cmd->sta.aifs = aifs;
3481 cmd->sta.txq = qnum;
3482 }
3483
3484 rc = mwl8k_post_cmd(hw, &cmd->header);
3485 kfree(cmd);
3486
3487 return rc;
3488}
3489
3490/*
3491 * CMD_SET_WMM_MODE.
3492 */
3493struct mwl8k_cmd_set_wmm_mode {
3494 struct mwl8k_cmd_pkt header;
3495 __le16 action;
3496} __packed;
3497
3498static int mwl8k_cmd_set_wmm_mode(struct ieee80211_hw *hw, bool enable)
3499{
3500 struct mwl8k_priv *priv = hw->priv;
3501 struct mwl8k_cmd_set_wmm_mode *cmd;
3502 int rc;
3503
3504 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3505 if (cmd == NULL)
3506 return -ENOMEM;
3507
3508 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_WMM_MODE);
3509 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3510 cmd->action = cpu_to_le16(!!enable);
3511
3512 rc = mwl8k_post_cmd(hw, &cmd->header);
3513 kfree(cmd);
3514
3515 if (!rc)
3516 priv->wmm_enabled = enable;
3517
3518 return rc;
3519}
3520
3521/*
3522 * CMD_MIMO_CONFIG.
3523 */
3524struct mwl8k_cmd_mimo_config {
3525 struct mwl8k_cmd_pkt header;
3526 __le32 action;
3527 __u8 rx_antenna_map;
3528 __u8 tx_antenna_map;
3529} __packed;
3530
3531static int mwl8k_cmd_mimo_config(struct ieee80211_hw *hw, __u8 rx, __u8 tx)
3532{
3533 struct mwl8k_cmd_mimo_config *cmd;
3534 int rc;
3535
3536 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3537 if (cmd == NULL)
3538 return -ENOMEM;
3539
3540 cmd->header.code = cpu_to_le16(MWL8K_CMD_MIMO_CONFIG);
3541 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3542 cmd->action = cpu_to_le32((u32)MWL8K_CMD_SET);
3543 cmd->rx_antenna_map = rx;
3544 cmd->tx_antenna_map = tx;
3545
3546 rc = mwl8k_post_cmd(hw, &cmd->header);
3547 kfree(cmd);
3548
3549 return rc;
3550}
3551
3552/*
3553 * CMD_USE_FIXED_RATE (STA version).
3554 */
3555struct mwl8k_cmd_use_fixed_rate_sta {
3556 struct mwl8k_cmd_pkt header;
3557 __le32 action;
3558 __le32 allow_rate_drop;
3559 __le32 num_rates;
3560 struct {
3561 __le32 is_ht_rate;
3562 __le32 enable_retry;
3563 __le32 rate;
3564 __le32 retry_count;
3565 } rate_entry[8];
3566 __le32 rate_type;
3567 __le32 reserved1;
3568 __le32 reserved2;
3569} __packed;
3570
3571#define MWL8K_USE_AUTO_RATE 0x0002
3572#define MWL8K_UCAST_RATE 0
3573
3574static int mwl8k_cmd_use_fixed_rate_sta(struct ieee80211_hw *hw)
3575{
3576 struct mwl8k_cmd_use_fixed_rate_sta *cmd;
3577 int rc;
3578
3579 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3580 if (cmd == NULL)
3581 return -ENOMEM;
3582
3583 cmd->header.code = cpu_to_le16(MWL8K_CMD_USE_FIXED_RATE);
3584 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3585 cmd->action = cpu_to_le32(MWL8K_USE_AUTO_RATE);
3586 cmd->rate_type = cpu_to_le32(MWL8K_UCAST_RATE);
3587
3588 rc = mwl8k_post_cmd(hw, &cmd->header);
3589 kfree(cmd);
3590
3591 return rc;
3592}
3593
3594/*
3595 * CMD_USE_FIXED_RATE (AP version).
3596 */
3597struct mwl8k_cmd_use_fixed_rate_ap {
3598 struct mwl8k_cmd_pkt header;
3599 __le32 action;
3600 __le32 allow_rate_drop;
3601 __le32 num_rates;
3602 struct mwl8k_rate_entry_ap {
3603 __le32 is_ht_rate;
3604 __le32 enable_retry;
3605 __le32 rate;
3606 __le32 retry_count;
3607 } rate_entry[4];
3608 u8 multicast_rate;
3609 u8 multicast_rate_type;
3610 u8 management_rate;
3611} __packed;
3612
3613static int
3614mwl8k_cmd_use_fixed_rate_ap(struct ieee80211_hw *hw, int mcast, int mgmt)
3615{
3616 struct mwl8k_cmd_use_fixed_rate_ap *cmd;
3617 int rc;
3618
3619 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3620 if (cmd == NULL)
3621 return -ENOMEM;
3622
3623 cmd->header.code = cpu_to_le16(MWL8K_CMD_USE_FIXED_RATE);
3624 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3625 cmd->action = cpu_to_le32(MWL8K_USE_AUTO_RATE);
3626 cmd->multicast_rate = mcast;
3627 cmd->management_rate = mgmt;
3628
3629 rc = mwl8k_post_cmd(hw, &cmd->header);
3630 kfree(cmd);
3631
3632 return rc;
3633}
3634
3635/*
3636 * CMD_ENABLE_SNIFFER.
3637 */
3638struct mwl8k_cmd_enable_sniffer {
3639 struct mwl8k_cmd_pkt header;
3640 __le32 action;
3641} __packed;
3642
3643static int mwl8k_cmd_enable_sniffer(struct ieee80211_hw *hw, bool enable)
3644{
3645 struct mwl8k_cmd_enable_sniffer *cmd;
3646 int rc;
3647
3648 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3649 if (cmd == NULL)
3650 return -ENOMEM;
3651
3652 cmd->header.code = cpu_to_le16(MWL8K_CMD_ENABLE_SNIFFER);
3653 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3654 cmd->action = cpu_to_le32(!!enable);
3655
3656 rc = mwl8k_post_cmd(hw, &cmd->header);
3657 kfree(cmd);
3658
3659 return rc;
3660}
3661
3662struct mwl8k_cmd_update_mac_addr {
3663 struct mwl8k_cmd_pkt header;
3664 union {
3665 struct {
3666 __le16 mac_type;
3667 __u8 mac_addr[ETH_ALEN];
3668 } mbss;
3669 __u8 mac_addr[ETH_ALEN];
3670 };
3671} __packed;
3672
3673#define MWL8K_MAC_TYPE_PRIMARY_CLIENT 0
3674#define MWL8K_MAC_TYPE_SECONDARY_CLIENT 1
3675#define MWL8K_MAC_TYPE_PRIMARY_AP 2
3676#define MWL8K_MAC_TYPE_SECONDARY_AP 3
3677
3678static int mwl8k_cmd_update_mac_addr(struct ieee80211_hw *hw,
3679 struct ieee80211_vif *vif, u8 *mac, bool set)
3680{
3681 struct mwl8k_priv *priv = hw->priv;
3682 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
3683 struct mwl8k_cmd_update_mac_addr *cmd;
3684 int mac_type;
3685 int rc;
3686
3687 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP;
3688 if (vif != NULL && vif->type == NL80211_IFTYPE_STATION) {
3689 if (mwl8k_vif->macid + 1 == ffs(priv->sta_macids_supported))
3690 if (priv->ap_fw)
3691 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT;
3692 else
3693 mac_type = MWL8K_MAC_TYPE_PRIMARY_CLIENT;
3694 else
3695 mac_type = MWL8K_MAC_TYPE_SECONDARY_CLIENT;
3696 } else if (vif != NULL && vif->type == NL80211_IFTYPE_AP) {
3697 if (mwl8k_vif->macid + 1 == ffs(priv->ap_macids_supported))
3698 mac_type = MWL8K_MAC_TYPE_PRIMARY_AP;
3699 else
3700 mac_type = MWL8K_MAC_TYPE_SECONDARY_AP;
3701 }
3702
3703 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3704 if (cmd == NULL)
3705 return -ENOMEM;
3706
3707 if (set)
3708 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_MAC_ADDR);
3709 else
3710 cmd->header.code = cpu_to_le16(MWL8K_CMD_DEL_MAC_ADDR);
3711
3712 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3713 if (priv->ap_fw) {
3714 cmd->mbss.mac_type = cpu_to_le16(mac_type);
3715 memcpy(cmd->mbss.mac_addr, mac, ETH_ALEN);
3716 } else {
3717 memcpy(cmd->mac_addr, mac, ETH_ALEN);
3718 }
3719
3720 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3721 kfree(cmd);
3722
3723 return rc;
3724}
3725
3726/*
3727 * MWL8K_CMD_SET_MAC_ADDR.
3728 */
3729static inline int mwl8k_cmd_set_mac_addr(struct ieee80211_hw *hw,
3730 struct ieee80211_vif *vif, u8 *mac)
3731{
3732 return mwl8k_cmd_update_mac_addr(hw, vif, mac, true);
3733}
3734
3735/*
3736 * MWL8K_CMD_DEL_MAC_ADDR.
3737 */
3738static inline int mwl8k_cmd_del_mac_addr(struct ieee80211_hw *hw,
3739 struct ieee80211_vif *vif, u8 *mac)
3740{
3741 return mwl8k_cmd_update_mac_addr(hw, vif, mac, false);
3742}
3743
3744/*
3745 * CMD_SET_RATEADAPT_MODE.
3746 */
3747struct mwl8k_cmd_set_rate_adapt_mode {
3748 struct mwl8k_cmd_pkt header;
3749 __le16 action;
3750 __le16 mode;
3751} __packed;
3752
3753static int mwl8k_cmd_set_rateadapt_mode(struct ieee80211_hw *hw, __u16 mode)
3754{
3755 struct mwl8k_cmd_set_rate_adapt_mode *cmd;
3756 int rc;
3757
3758 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3759 if (cmd == NULL)
3760 return -ENOMEM;
3761
3762 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_RATEADAPT_MODE);
3763 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3764 cmd->action = cpu_to_le16(MWL8K_CMD_SET);
3765 cmd->mode = cpu_to_le16(mode);
3766
3767 rc = mwl8k_post_cmd(hw, &cmd->header);
3768 kfree(cmd);
3769
3770 return rc;
3771}
3772
3773/*
3774 * CMD_GET_WATCHDOG_BITMAP.
3775 */
3776struct mwl8k_cmd_get_watchdog_bitmap {
3777 struct mwl8k_cmd_pkt header;
3778 u8 bitmap;
3779} __packed;
3780
3781static int mwl8k_cmd_get_watchdog_bitmap(struct ieee80211_hw *hw, u8 *bitmap)
3782{
3783 struct mwl8k_cmd_get_watchdog_bitmap *cmd;
3784 int rc;
3785
3786 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3787 if (cmd == NULL)
3788 return -ENOMEM;
3789
3790 cmd->header.code = cpu_to_le16(MWL8K_CMD_GET_WATCHDOG_BITMAP);
3791 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3792
3793 rc = mwl8k_post_cmd(hw, &cmd->header);
3794 if (!rc)
3795 *bitmap = cmd->bitmap;
3796
3797 kfree(cmd);
3798
3799 return rc;
3800}
3801
3802#define MWL8K_WMM_QUEUE_NUMBER 3
3803
3804static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
3805 u8 idx);
3806
3807static void mwl8k_watchdog_ba_events(struct work_struct *work)
3808{
3809 int rc;
3810 u8 bitmap = 0, stream_index;
3811 struct mwl8k_ampdu_stream *streams;
3812 struct mwl8k_priv *priv =
3813 container_of(work, struct mwl8k_priv, watchdog_ba_handle);
3814 struct ieee80211_hw *hw = priv->hw;
3815 int i;
3816 u32 status = 0;
3817
3818 mwl8k_fw_lock(hw);
3819
3820 rc = mwl8k_cmd_get_watchdog_bitmap(priv->hw, &bitmap);
3821 if (rc)
3822 goto done;
3823
3824 spin_lock(&priv->stream_lock);
3825
3826 /* the bitmap is the hw queue number. Map it to the ampdu queue. */
3827 for (i = 0; i < TOTAL_HW_TX_QUEUES; i++) {
3828 if (bitmap & (1 << i)) {
3829 stream_index = (i + MWL8K_WMM_QUEUE_NUMBER) %
3830 TOTAL_HW_TX_QUEUES;
3831 streams = &priv->ampdu[stream_index];
3832 if (streams->state == AMPDU_STREAM_ACTIVE) {
3833 ieee80211_stop_tx_ba_session(streams->sta,
3834 streams->tid);
3835 spin_unlock(&priv->stream_lock);
3836 mwl8k_destroy_ba(hw, stream_index);
3837 spin_lock(&priv->stream_lock);
3838 }
3839 }
3840 }
3841
3842 spin_unlock(&priv->stream_lock);
3843done:
3844 atomic_dec(&priv->watchdog_event_pending);
3845 status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
3846 iowrite32((status | MWL8K_A2H_INT_BA_WATCHDOG),
3847 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
3848 mwl8k_fw_unlock(hw);
3849 return;
3850}
3851
3852
3853/*
3854 * CMD_BSS_START.
3855 */
3856struct mwl8k_cmd_bss_start {
3857 struct mwl8k_cmd_pkt header;
3858 __le32 enable;
3859} __packed;
3860
3861static int mwl8k_cmd_bss_start(struct ieee80211_hw *hw,
3862 struct ieee80211_vif *vif, int enable)
3863{
3864 struct mwl8k_cmd_bss_start *cmd;
3865 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
3866 struct mwl8k_priv *priv = hw->priv;
3867 int rc;
3868
3869 if (enable && (priv->running_bsses & (1 << mwl8k_vif->macid)))
3870 return 0;
3871
3872 if (!enable && !(priv->running_bsses & (1 << mwl8k_vif->macid)))
3873 return 0;
3874
3875 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3876 if (cmd == NULL)
3877 return -ENOMEM;
3878
3879 cmd->header.code = cpu_to_le16(MWL8K_CMD_BSS_START);
3880 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3881 cmd->enable = cpu_to_le32(enable);
3882
3883 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3884 kfree(cmd);
3885
3886 if (!rc) {
3887 if (enable)
3888 priv->running_bsses |= (1 << mwl8k_vif->macid);
3889 else
3890 priv->running_bsses &= ~(1 << mwl8k_vif->macid);
3891 }
3892 return rc;
3893}
3894
3895static void mwl8k_enable_bsses(struct ieee80211_hw *hw, bool enable, u32 bitmap)
3896{
3897 struct mwl8k_priv *priv = hw->priv;
3898 struct mwl8k_vif *mwl8k_vif, *tmp_vif;
3899 struct ieee80211_vif *vif;
3900
3901 list_for_each_entry_safe(mwl8k_vif, tmp_vif, &priv->vif_list, list) {
3902 vif = mwl8k_vif->vif;
3903
3904 if (!(bitmap & (1 << mwl8k_vif->macid)))
3905 continue;
3906
3907 if (vif->type == NL80211_IFTYPE_AP)
3908 mwl8k_cmd_bss_start(hw, vif, enable);
3909 }
3910}
3911/*
3912 * CMD_BASTREAM.
3913 */
3914
3915/*
3916 * UPSTREAM is tx direction
3917 */
3918#define BASTREAM_FLAG_DIRECTION_UPSTREAM 0x00
3919#define BASTREAM_FLAG_IMMEDIATE_TYPE 0x01
3920
3921enum ba_stream_action_type {
3922 MWL8K_BA_CREATE,
3923 MWL8K_BA_UPDATE,
3924 MWL8K_BA_DESTROY,
3925 MWL8K_BA_FLUSH,
3926 MWL8K_BA_CHECK,
3927};
3928
3929
3930struct mwl8k_create_ba_stream {
3931 __le32 flags;
3932 __le32 idle_thrs;
3933 __le32 bar_thrs;
3934 __le32 window_size;
3935 u8 peer_mac_addr[6];
3936 u8 dialog_token;
3937 u8 tid;
3938 u8 queue_id;
3939 u8 param_info;
3940 __le32 ba_context;
3941 u8 reset_seq_no_flag;
3942 __le16 curr_seq_no;
3943 u8 sta_src_mac_addr[6];
3944} __packed;
3945
3946struct mwl8k_destroy_ba_stream {
3947 __le32 flags;
3948 __le32 ba_context;
3949} __packed;
3950
3951struct mwl8k_cmd_bastream {
3952 struct mwl8k_cmd_pkt header;
3953 __le32 action;
3954 union {
3955 struct mwl8k_create_ba_stream create_params;
3956 struct mwl8k_destroy_ba_stream destroy_params;
3957 };
3958} __packed;
3959
3960static int
3961mwl8k_check_ba(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream,
3962 struct ieee80211_vif *vif)
3963{
3964 struct mwl8k_cmd_bastream *cmd;
3965 int rc;
3966
3967 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
3968 if (cmd == NULL)
3969 return -ENOMEM;
3970
3971 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
3972 cmd->header.length = cpu_to_le16(sizeof(*cmd));
3973
3974 cmd->action = cpu_to_le32(MWL8K_BA_CHECK);
3975
3976 cmd->create_params.queue_id = stream->idx;
3977 memcpy(&cmd->create_params.peer_mac_addr[0], stream->sta->addr,
3978 ETH_ALEN);
3979 cmd->create_params.tid = stream->tid;
3980
3981 cmd->create_params.flags =
3982 cpu_to_le32(BASTREAM_FLAG_IMMEDIATE_TYPE) |
3983 cpu_to_le32(BASTREAM_FLAG_DIRECTION_UPSTREAM);
3984
3985 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
3986
3987 kfree(cmd);
3988
3989 return rc;
3990}
3991
3992static int
3993mwl8k_create_ba(struct ieee80211_hw *hw, struct mwl8k_ampdu_stream *stream,
3994 u8 buf_size, struct ieee80211_vif *vif)
3995{
3996 struct mwl8k_cmd_bastream *cmd;
3997 int rc;
3998
3999 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4000 if (cmd == NULL)
4001 return -ENOMEM;
4002
4003
4004 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
4005 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4006
4007 cmd->action = cpu_to_le32(MWL8K_BA_CREATE);
4008
4009 cmd->create_params.bar_thrs = cpu_to_le32((u32)buf_size);
4010 cmd->create_params.window_size = cpu_to_le32((u32)buf_size);
4011 cmd->create_params.queue_id = stream->idx;
4012
4013 memcpy(cmd->create_params.peer_mac_addr, stream->sta->addr, ETH_ALEN);
4014 cmd->create_params.tid = stream->tid;
4015 cmd->create_params.curr_seq_no = cpu_to_le16(0);
4016 cmd->create_params.reset_seq_no_flag = 1;
4017
4018 cmd->create_params.param_info =
4019 (stream->sta->ht_cap.ampdu_factor &
4020 IEEE80211_HT_AMPDU_PARM_FACTOR) |
4021 ((stream->sta->ht_cap.ampdu_density << 2) &
4022 IEEE80211_HT_AMPDU_PARM_DENSITY);
4023
4024 cmd->create_params.flags =
4025 cpu_to_le32(BASTREAM_FLAG_IMMEDIATE_TYPE |
4026 BASTREAM_FLAG_DIRECTION_UPSTREAM);
4027
4028 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4029
4030 wiphy_debug(hw->wiphy, "Created a BA stream for %pM : tid %d\n",
4031 stream->sta->addr, stream->tid);
4032 kfree(cmd);
4033
4034 return rc;
4035}
4036
4037static void mwl8k_destroy_ba(struct ieee80211_hw *hw,
4038 u8 idx)
4039{
4040 struct mwl8k_cmd_bastream *cmd;
4041
4042 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4043 if (cmd == NULL)
4044 return;
4045
4046 cmd->header.code = cpu_to_le16(MWL8K_CMD_BASTREAM);
4047 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4048 cmd->action = cpu_to_le32(MWL8K_BA_DESTROY);
4049
4050 cmd->destroy_params.ba_context = cpu_to_le32(idx);
4051 mwl8k_post_cmd(hw, &cmd->header);
4052
4053 wiphy_debug(hw->wiphy, "Deleted BA stream index %d\n", idx);
4054
4055 kfree(cmd);
4056}
4057
4058/*
4059 * CMD_SET_NEW_STN.
4060 */
4061struct mwl8k_cmd_set_new_stn {
4062 struct mwl8k_cmd_pkt header;
4063 __le16 aid;
4064 __u8 mac_addr[6];
4065 __le16 stn_id;
4066 __le16 action;
4067 __le16 rsvd;
4068 __le32 legacy_rates;
4069 __u8 ht_rates[4];
4070 __le16 cap_info;
4071 __le16 ht_capabilities_info;
4072 __u8 mac_ht_param_info;
4073 __u8 rev;
4074 __u8 control_channel;
4075 __u8 add_channel;
4076 __le16 op_mode;
4077 __le16 stbc;
4078 __u8 add_qos_info;
4079 __u8 is_qos_sta;
4080 __le32 fw_sta_ptr;
4081} __packed;
4082
4083#define MWL8K_STA_ACTION_ADD 0
4084#define MWL8K_STA_ACTION_REMOVE 2
4085
4086static int mwl8k_cmd_set_new_stn_add(struct ieee80211_hw *hw,
4087 struct ieee80211_vif *vif,
4088 struct ieee80211_sta *sta)
4089{
4090 struct mwl8k_cmd_set_new_stn *cmd;
4091 u32 rates;
4092 int rc;
4093
4094 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4095 if (cmd == NULL)
4096 return -ENOMEM;
4097
4098 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
4099 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4100 cmd->aid = cpu_to_le16(sta->aid);
4101 memcpy(cmd->mac_addr, sta->addr, ETH_ALEN);
4102 cmd->stn_id = cpu_to_le16(sta->aid);
4103 cmd->action = cpu_to_le16(MWL8K_STA_ACTION_ADD);
4104 if (hw->conf.chandef.chan->band == IEEE80211_BAND_2GHZ)
4105 rates = sta->supp_rates[IEEE80211_BAND_2GHZ];
4106 else
4107 rates = sta->supp_rates[IEEE80211_BAND_5GHZ] << 5;
4108 cmd->legacy_rates = cpu_to_le32(rates);
4109 if (sta->ht_cap.ht_supported) {
4110 cmd->ht_rates[0] = sta->ht_cap.mcs.rx_mask[0];
4111 cmd->ht_rates[1] = sta->ht_cap.mcs.rx_mask[1];
4112 cmd->ht_rates[2] = sta->ht_cap.mcs.rx_mask[2];
4113 cmd->ht_rates[3] = sta->ht_cap.mcs.rx_mask[3];
4114 cmd->ht_capabilities_info = cpu_to_le16(sta->ht_cap.cap);
4115 cmd->mac_ht_param_info = (sta->ht_cap.ampdu_factor & 3) |
4116 ((sta->ht_cap.ampdu_density & 7) << 2);
4117 cmd->is_qos_sta = 1;
4118 }
4119
4120 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4121 kfree(cmd);
4122
4123 return rc;
4124}
4125
4126static int mwl8k_cmd_set_new_stn_add_self(struct ieee80211_hw *hw,
4127 struct ieee80211_vif *vif)
4128{
4129 struct mwl8k_cmd_set_new_stn *cmd;
4130 int rc;
4131
4132 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4133 if (cmd == NULL)
4134 return -ENOMEM;
4135
4136 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
4137 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4138 memcpy(cmd->mac_addr, vif->addr, ETH_ALEN);
4139
4140 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4141 kfree(cmd);
4142
4143 return rc;
4144}
4145
4146static int mwl8k_cmd_set_new_stn_del(struct ieee80211_hw *hw,
4147 struct ieee80211_vif *vif, u8 *addr)
4148{
4149 struct mwl8k_cmd_set_new_stn *cmd;
4150 struct mwl8k_priv *priv = hw->priv;
4151 int rc, i;
4152 u8 idx;
4153
4154 spin_lock(&priv->stream_lock);
4155 /* Destroy any active ampdu streams for this sta */
4156 for (i = 0; i < MWL8K_NUM_AMPDU_STREAMS; i++) {
4157 struct mwl8k_ampdu_stream *s;
4158 s = &priv->ampdu[i];
4159 if (s->state != AMPDU_NO_STREAM) {
4160 if (memcmp(s->sta->addr, addr, ETH_ALEN) == 0) {
4161 if (s->state == AMPDU_STREAM_ACTIVE) {
4162 idx = s->idx;
4163 spin_unlock(&priv->stream_lock);
4164 mwl8k_destroy_ba(hw, idx);
4165 spin_lock(&priv->stream_lock);
4166 } else if (s->state == AMPDU_STREAM_NEW) {
4167 mwl8k_remove_stream(hw, s);
4168 }
4169 }
4170 }
4171 }
4172
4173 spin_unlock(&priv->stream_lock);
4174
4175 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4176 if (cmd == NULL)
4177 return -ENOMEM;
4178
4179 cmd->header.code = cpu_to_le16(MWL8K_CMD_SET_NEW_STN);
4180 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4181 memcpy(cmd->mac_addr, addr, ETH_ALEN);
4182 cmd->action = cpu_to_le16(MWL8K_STA_ACTION_REMOVE);
4183
4184 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4185 kfree(cmd);
4186
4187 return rc;
4188}
4189
4190/*
4191 * CMD_UPDATE_ENCRYPTION.
4192 */
4193
4194#define MAX_ENCR_KEY_LENGTH 16
4195#define MIC_KEY_LENGTH 8
4196
4197struct mwl8k_cmd_update_encryption {
4198 struct mwl8k_cmd_pkt header;
4199
4200 __le32 action;
4201 __le32 reserved;
4202 __u8 mac_addr[6];
4203 __u8 encr_type;
4204
4205} __packed;
4206
4207struct mwl8k_cmd_set_key {
4208 struct mwl8k_cmd_pkt header;
4209
4210 __le32 action;
4211 __le32 reserved;
4212 __le16 length;
4213 __le16 key_type_id;
4214 __le32 key_info;
4215 __le32 key_id;
4216 __le16 key_len;
4217 __u8 key_material[MAX_ENCR_KEY_LENGTH];
4218 __u8 tkip_tx_mic_key[MIC_KEY_LENGTH];
4219 __u8 tkip_rx_mic_key[MIC_KEY_LENGTH];
4220 __le16 tkip_rsc_low;
4221 __le32 tkip_rsc_high;
4222 __le16 tkip_tsc_low;
4223 __le32 tkip_tsc_high;
4224 __u8 mac_addr[6];
4225} __packed;
4226
4227enum {
4228 MWL8K_ENCR_ENABLE,
4229 MWL8K_ENCR_SET_KEY,
4230 MWL8K_ENCR_REMOVE_KEY,
4231 MWL8K_ENCR_SET_GROUP_KEY,
4232};
4233
4234#define MWL8K_UPDATE_ENCRYPTION_TYPE_WEP 0
4235#define MWL8K_UPDATE_ENCRYPTION_TYPE_DISABLE 1
4236#define MWL8K_UPDATE_ENCRYPTION_TYPE_TKIP 4
4237#define MWL8K_UPDATE_ENCRYPTION_TYPE_MIXED 7
4238#define MWL8K_UPDATE_ENCRYPTION_TYPE_AES 8
4239
4240enum {
4241 MWL8K_ALG_WEP,
4242 MWL8K_ALG_TKIP,
4243 MWL8K_ALG_CCMP,
4244};
4245
4246#define MWL8K_KEY_FLAG_TXGROUPKEY 0x00000004
4247#define MWL8K_KEY_FLAG_PAIRWISE 0x00000008
4248#define MWL8K_KEY_FLAG_TSC_VALID 0x00000040
4249#define MWL8K_KEY_FLAG_WEP_TXKEY 0x01000000
4250#define MWL8K_KEY_FLAG_MICKEY_VALID 0x02000000
4251
4252static int mwl8k_cmd_update_encryption_enable(struct ieee80211_hw *hw,
4253 struct ieee80211_vif *vif,
4254 u8 *addr,
4255 u8 encr_type)
4256{
4257 struct mwl8k_cmd_update_encryption *cmd;
4258 int rc;
4259
4260 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4261 if (cmd == NULL)
4262 return -ENOMEM;
4263
4264 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_ENCRYPTION);
4265 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4266 cmd->action = cpu_to_le32(MWL8K_ENCR_ENABLE);
4267 memcpy(cmd->mac_addr, addr, ETH_ALEN);
4268 cmd->encr_type = encr_type;
4269
4270 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4271 kfree(cmd);
4272
4273 return rc;
4274}
4275
4276static int mwl8k_encryption_set_cmd_info(struct mwl8k_cmd_set_key *cmd,
4277 u8 *addr,
4278 struct ieee80211_key_conf *key)
4279{
4280 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_ENCRYPTION);
4281 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4282 cmd->length = cpu_to_le16(sizeof(*cmd) -
4283 offsetof(struct mwl8k_cmd_set_key, length));
4284 cmd->key_id = cpu_to_le32(key->keyidx);
4285 cmd->key_len = cpu_to_le16(key->keylen);
4286 memcpy(cmd->mac_addr, addr, ETH_ALEN);
4287
4288 switch (key->cipher) {
4289 case WLAN_CIPHER_SUITE_WEP40:
4290 case WLAN_CIPHER_SUITE_WEP104:
4291 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_WEP);
4292 if (key->keyidx == 0)
4293 cmd->key_info = cpu_to_le32(MWL8K_KEY_FLAG_WEP_TXKEY);
4294
4295 break;
4296 case WLAN_CIPHER_SUITE_TKIP:
4297 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_TKIP);
4298 cmd->key_info = (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4299 ? cpu_to_le32(MWL8K_KEY_FLAG_PAIRWISE)
4300 : cpu_to_le32(MWL8K_KEY_FLAG_TXGROUPKEY);
4301 cmd->key_info |= cpu_to_le32(MWL8K_KEY_FLAG_MICKEY_VALID
4302 | MWL8K_KEY_FLAG_TSC_VALID);
4303 break;
4304 case WLAN_CIPHER_SUITE_CCMP:
4305 cmd->key_type_id = cpu_to_le16(MWL8K_ALG_CCMP);
4306 cmd->key_info = (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4307 ? cpu_to_le32(MWL8K_KEY_FLAG_PAIRWISE)
4308 : cpu_to_le32(MWL8K_KEY_FLAG_TXGROUPKEY);
4309 break;
4310 default:
4311 return -ENOTSUPP;
4312 }
4313
4314 return 0;
4315}
4316
4317static int mwl8k_cmd_encryption_set_key(struct ieee80211_hw *hw,
4318 struct ieee80211_vif *vif,
4319 u8 *addr,
4320 struct ieee80211_key_conf *key)
4321{
4322 struct mwl8k_cmd_set_key *cmd;
4323 int rc;
4324 int keymlen;
4325 u32 action;
4326 u8 idx;
4327 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4328
4329 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4330 if (cmd == NULL)
4331 return -ENOMEM;
4332
4333 rc = mwl8k_encryption_set_cmd_info(cmd, addr, key);
4334 if (rc < 0)
4335 goto done;
4336
4337 idx = key->keyidx;
4338
4339 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE)
4340 action = MWL8K_ENCR_SET_KEY;
4341 else
4342 action = MWL8K_ENCR_SET_GROUP_KEY;
4343
4344 switch (key->cipher) {
4345 case WLAN_CIPHER_SUITE_WEP40:
4346 case WLAN_CIPHER_SUITE_WEP104:
4347 if (!mwl8k_vif->wep_key_conf[idx].enabled) {
4348 memcpy(mwl8k_vif->wep_key_conf[idx].key, key,
4349 sizeof(*key) + key->keylen);
4350 mwl8k_vif->wep_key_conf[idx].enabled = 1;
4351 }
4352
4353 keymlen = key->keylen;
4354 action = MWL8K_ENCR_SET_KEY;
4355 break;
4356 case WLAN_CIPHER_SUITE_TKIP:
4357 keymlen = MAX_ENCR_KEY_LENGTH + 2 * MIC_KEY_LENGTH;
4358 break;
4359 case WLAN_CIPHER_SUITE_CCMP:
4360 keymlen = key->keylen;
4361 break;
4362 default:
4363 rc = -ENOTSUPP;
4364 goto done;
4365 }
4366
4367 memcpy(cmd->key_material, key->key, keymlen);
4368 cmd->action = cpu_to_le32(action);
4369
4370 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4371done:
4372 kfree(cmd);
4373
4374 return rc;
4375}
4376
4377static int mwl8k_cmd_encryption_remove_key(struct ieee80211_hw *hw,
4378 struct ieee80211_vif *vif,
4379 u8 *addr,
4380 struct ieee80211_key_conf *key)
4381{
4382 struct mwl8k_cmd_set_key *cmd;
4383 int rc;
4384 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4385
4386 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4387 if (cmd == NULL)
4388 return -ENOMEM;
4389
4390 rc = mwl8k_encryption_set_cmd_info(cmd, addr, key);
4391 if (rc < 0)
4392 goto done;
4393
4394 if (key->cipher == WLAN_CIPHER_SUITE_WEP40 ||
4395 key->cipher == WLAN_CIPHER_SUITE_WEP104)
4396 mwl8k_vif->wep_key_conf[key->keyidx].enabled = 0;
4397
4398 cmd->action = cpu_to_le32(MWL8K_ENCR_REMOVE_KEY);
4399
4400 rc = mwl8k_post_pervif_cmd(hw, vif, &cmd->header);
4401done:
4402 kfree(cmd);
4403
4404 return rc;
4405}
4406
4407static int mwl8k_set_key(struct ieee80211_hw *hw,
4408 enum set_key_cmd cmd_param,
4409 struct ieee80211_vif *vif,
4410 struct ieee80211_sta *sta,
4411 struct ieee80211_key_conf *key)
4412{
4413 int rc = 0;
4414 u8 encr_type;
4415 u8 *addr;
4416 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4417 struct mwl8k_priv *priv = hw->priv;
4418
4419 if (vif->type == NL80211_IFTYPE_STATION && !priv->ap_fw)
4420 return -EOPNOTSUPP;
4421
4422 if (sta == NULL)
4423 addr = vif->addr;
4424 else
4425 addr = sta->addr;
4426
4427 if (cmd_param == SET_KEY) {
4428 rc = mwl8k_cmd_encryption_set_key(hw, vif, addr, key);
4429 if (rc)
4430 goto out;
4431
4432 if ((key->cipher == WLAN_CIPHER_SUITE_WEP40)
4433 || (key->cipher == WLAN_CIPHER_SUITE_WEP104))
4434 encr_type = MWL8K_UPDATE_ENCRYPTION_TYPE_WEP;
4435 else
4436 encr_type = MWL8K_UPDATE_ENCRYPTION_TYPE_MIXED;
4437
4438 rc = mwl8k_cmd_update_encryption_enable(hw, vif, addr,
4439 encr_type);
4440 if (rc)
4441 goto out;
4442
4443 mwl8k_vif->is_hw_crypto_enabled = true;
4444
4445 } else {
4446 rc = mwl8k_cmd_encryption_remove_key(hw, vif, addr, key);
4447
4448 if (rc)
4449 goto out;
4450 }
4451out:
4452 return rc;
4453}
4454
4455/*
4456 * CMD_UPDATE_STADB.
4457 */
4458struct ewc_ht_info {
4459 __le16 control1;
4460 __le16 control2;
4461 __le16 control3;
4462} __packed;
4463
4464struct peer_capability_info {
4465 /* Peer type - AP vs. STA. */
4466 __u8 peer_type;
4467
4468 /* Basic 802.11 capabilities from assoc resp. */
4469 __le16 basic_caps;
4470
4471 /* Set if peer supports 802.11n high throughput (HT). */
4472 __u8 ht_support;
4473
4474 /* Valid if HT is supported. */
4475 __le16 ht_caps;
4476 __u8 extended_ht_caps;
4477 struct ewc_ht_info ewc_info;
4478
4479 /* Legacy rate table. Intersection of our rates and peer rates. */
4480 __u8 legacy_rates[12];
4481
4482 /* HT rate table. Intersection of our rates and peer rates. */
4483 __u8 ht_rates[16];
4484 __u8 pad[16];
4485
4486 /* If set, interoperability mode, no proprietary extensions. */
4487 __u8 interop;
4488 __u8 pad2;
4489 __u8 station_id;
4490 __le16 amsdu_enabled;
4491} __packed;
4492
4493struct mwl8k_cmd_update_stadb {
4494 struct mwl8k_cmd_pkt header;
4495
4496 /* See STADB_ACTION_TYPE */
4497 __le32 action;
4498
4499 /* Peer MAC address */
4500 __u8 peer_addr[ETH_ALEN];
4501
4502 __le32 reserved;
4503
4504 /* Peer info - valid during add/update. */
4505 struct peer_capability_info peer_info;
4506} __packed;
4507
4508#define MWL8K_STA_DB_MODIFY_ENTRY 1
4509#define MWL8K_STA_DB_DEL_ENTRY 2
4510
4511/* Peer Entry flags - used to define the type of the peer node */
4512#define MWL8K_PEER_TYPE_ACCESSPOINT 2
4513
4514static int mwl8k_cmd_update_stadb_add(struct ieee80211_hw *hw,
4515 struct ieee80211_vif *vif,
4516 struct ieee80211_sta *sta)
4517{
4518 struct mwl8k_cmd_update_stadb *cmd;
4519 struct peer_capability_info *p;
4520 u32 rates;
4521 int rc;
4522
4523 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4524 if (cmd == NULL)
4525 return -ENOMEM;
4526
4527 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_STADB);
4528 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4529 cmd->action = cpu_to_le32(MWL8K_STA_DB_MODIFY_ENTRY);
4530 memcpy(cmd->peer_addr, sta->addr, ETH_ALEN);
4531
4532 p = &cmd->peer_info;
4533 p->peer_type = MWL8K_PEER_TYPE_ACCESSPOINT;
4534 p->basic_caps = cpu_to_le16(vif->bss_conf.assoc_capability);
4535 p->ht_support = sta->ht_cap.ht_supported;
4536 p->ht_caps = cpu_to_le16(sta->ht_cap.cap);
4537 p->extended_ht_caps = (sta->ht_cap.ampdu_factor & 3) |
4538 ((sta->ht_cap.ampdu_density & 7) << 2);
4539 if (hw->conf.chandef.chan->band == IEEE80211_BAND_2GHZ)
4540 rates = sta->supp_rates[IEEE80211_BAND_2GHZ];
4541 else
4542 rates = sta->supp_rates[IEEE80211_BAND_5GHZ] << 5;
4543 legacy_rate_mask_to_array(p->legacy_rates, rates);
4544 memcpy(p->ht_rates, sta->ht_cap.mcs.rx_mask, 16);
4545 p->interop = 1;
4546 p->amsdu_enabled = 0;
4547
4548 rc = mwl8k_post_cmd(hw, &cmd->header);
4549 if (!rc)
4550 rc = p->station_id;
4551 kfree(cmd);
4552
4553 return rc;
4554}
4555
4556static int mwl8k_cmd_update_stadb_del(struct ieee80211_hw *hw,
4557 struct ieee80211_vif *vif, u8 *addr)
4558{
4559 struct mwl8k_cmd_update_stadb *cmd;
4560 int rc;
4561
4562 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
4563 if (cmd == NULL)
4564 return -ENOMEM;
4565
4566 cmd->header.code = cpu_to_le16(MWL8K_CMD_UPDATE_STADB);
4567 cmd->header.length = cpu_to_le16(sizeof(*cmd));
4568 cmd->action = cpu_to_le32(MWL8K_STA_DB_DEL_ENTRY);
4569 memcpy(cmd->peer_addr, addr, ETH_ALEN);
4570
4571 rc = mwl8k_post_cmd(hw, &cmd->header);
4572 kfree(cmd);
4573
4574 return rc;
4575}
4576
4577
4578/*
4579 * Interrupt handling.
4580 */
4581static irqreturn_t mwl8k_interrupt(int irq, void *dev_id)
4582{
4583 struct ieee80211_hw *hw = dev_id;
4584 struct mwl8k_priv *priv = hw->priv;
4585 u32 status;
4586
4587 status = ioread32(priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4588 if (!status)
4589 return IRQ_NONE;
4590
4591 if (status & MWL8K_A2H_INT_TX_DONE) {
4592 status &= ~MWL8K_A2H_INT_TX_DONE;
4593 tasklet_schedule(&priv->poll_tx_task);
4594 }
4595
4596 if (status & MWL8K_A2H_INT_RX_READY) {
4597 status &= ~MWL8K_A2H_INT_RX_READY;
4598 tasklet_schedule(&priv->poll_rx_task);
4599 }
4600
4601 if (status & MWL8K_A2H_INT_BA_WATCHDOG) {
4602 iowrite32(~MWL8K_A2H_INT_BA_WATCHDOG,
4603 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
4604
4605 atomic_inc(&priv->watchdog_event_pending);
4606 status &= ~MWL8K_A2H_INT_BA_WATCHDOG;
4607 ieee80211_queue_work(hw, &priv->watchdog_ba_handle);
4608 }
4609
4610 if (status)
4611 iowrite32(~status, priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4612
4613 if (status & MWL8K_A2H_INT_OPC_DONE) {
4614 if (priv->hostcmd_wait != NULL)
4615 complete(priv->hostcmd_wait);
4616 }
4617
4618 if (status & MWL8K_A2H_INT_QUEUE_EMPTY) {
4619 if (!mutex_is_locked(&priv->fw_mutex) &&
4620 priv->radio_on && priv->pending_tx_pkts)
4621 mwl8k_tx_start(priv);
4622 }
4623
4624 return IRQ_HANDLED;
4625}
4626
4627static void mwl8k_tx_poll(unsigned long data)
4628{
4629 struct ieee80211_hw *hw = (struct ieee80211_hw *)data;
4630 struct mwl8k_priv *priv = hw->priv;
4631 int limit;
4632 int i;
4633
4634 limit = 32;
4635
4636 spin_lock_bh(&priv->tx_lock);
4637
4638 for (i = 0; i < mwl8k_tx_queues(priv); i++)
4639 limit -= mwl8k_txq_reclaim(hw, i, limit, 0);
4640
4641 if (!priv->pending_tx_pkts && priv->tx_wait != NULL) {
4642 complete(priv->tx_wait);
4643 priv->tx_wait = NULL;
4644 }
4645
4646 spin_unlock_bh(&priv->tx_lock);
4647
4648 if (limit) {
4649 writel(~MWL8K_A2H_INT_TX_DONE,
4650 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4651 } else {
4652 tasklet_schedule(&priv->poll_tx_task);
4653 }
4654}
4655
4656static void mwl8k_rx_poll(unsigned long data)
4657{
4658 struct ieee80211_hw *hw = (struct ieee80211_hw *)data;
4659 struct mwl8k_priv *priv = hw->priv;
4660 int limit;
4661
4662 limit = 32;
4663 limit -= rxq_process(hw, 0, limit);
4664 limit -= rxq_refill(hw, 0, limit);
4665
4666 if (limit) {
4667 writel(~MWL8K_A2H_INT_RX_READY,
4668 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
4669 } else {
4670 tasklet_schedule(&priv->poll_rx_task);
4671 }
4672}
4673
4674
4675/*
4676 * Core driver operations.
4677 */
4678static void mwl8k_tx(struct ieee80211_hw *hw,
4679 struct ieee80211_tx_control *control,
4680 struct sk_buff *skb)
4681{
4682 struct mwl8k_priv *priv = hw->priv;
4683 int index = skb_get_queue_mapping(skb);
4684
4685 if (!priv->radio_on) {
4686 wiphy_debug(hw->wiphy,
4687 "dropped TX frame since radio disabled\n");
4688 dev_kfree_skb(skb);
4689 return;
4690 }
4691
4692 mwl8k_txq_xmit(hw, index, control->sta, skb);
4693}
4694
4695static int mwl8k_start(struct ieee80211_hw *hw)
4696{
4697 struct mwl8k_priv *priv = hw->priv;
4698 int rc;
4699
4700 rc = request_irq(priv->pdev->irq, mwl8k_interrupt,
4701 IRQF_SHARED, MWL8K_NAME, hw);
4702 if (rc) {
4703 priv->irq = -1;
4704 wiphy_err(hw->wiphy, "failed to register IRQ handler\n");
4705 return -EIO;
4706 }
4707 priv->irq = priv->pdev->irq;
4708
4709 /* Enable TX reclaim and RX tasklets. */
4710 tasklet_enable(&priv->poll_tx_task);
4711 tasklet_enable(&priv->poll_rx_task);
4712
4713 /* Enable interrupts */
4714 iowrite32(MWL8K_A2H_EVENTS, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4715 iowrite32(MWL8K_A2H_EVENTS,
4716 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
4717
4718 rc = mwl8k_fw_lock(hw);
4719 if (!rc) {
4720 rc = mwl8k_cmd_radio_enable(hw);
4721
4722 if (!priv->ap_fw) {
4723 if (!rc)
4724 rc = mwl8k_cmd_enable_sniffer(hw, 0);
4725
4726 if (!rc)
4727 rc = mwl8k_cmd_set_pre_scan(hw);
4728
4729 if (!rc)
4730 rc = mwl8k_cmd_set_post_scan(hw,
4731 "\x00\x00\x00\x00\x00\x00");
4732 }
4733
4734 if (!rc)
4735 rc = mwl8k_cmd_set_rateadapt_mode(hw, 0);
4736
4737 if (!rc)
4738 rc = mwl8k_cmd_set_wmm_mode(hw, 0);
4739
4740 mwl8k_fw_unlock(hw);
4741 }
4742
4743 if (rc) {
4744 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4745 free_irq(priv->pdev->irq, hw);
4746 priv->irq = -1;
4747 tasklet_disable(&priv->poll_tx_task);
4748 tasklet_disable(&priv->poll_rx_task);
4749 } else {
4750 ieee80211_wake_queues(hw);
4751 }
4752
4753 return rc;
4754}
4755
4756static void mwl8k_stop(struct ieee80211_hw *hw)
4757{
4758 struct mwl8k_priv *priv = hw->priv;
4759 int i;
4760
4761 if (!priv->hw_restart_in_progress)
4762 mwl8k_cmd_radio_disable(hw);
4763
4764 ieee80211_stop_queues(hw);
4765
4766 /* Disable interrupts */
4767 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
4768 if (priv->irq != -1) {
4769 free_irq(priv->pdev->irq, hw);
4770 priv->irq = -1;
4771 }
4772
4773 /* Stop finalize join worker */
4774 cancel_work_sync(&priv->finalize_join_worker);
4775 cancel_work_sync(&priv->watchdog_ba_handle);
4776 if (priv->beacon_skb != NULL)
4777 dev_kfree_skb(priv->beacon_skb);
4778
4779 /* Stop TX reclaim and RX tasklets. */
4780 tasklet_disable(&priv->poll_tx_task);
4781 tasklet_disable(&priv->poll_rx_task);
4782
4783 /* Return all skbs to mac80211 */
4784 for (i = 0; i < mwl8k_tx_queues(priv); i++)
4785 mwl8k_txq_reclaim(hw, i, INT_MAX, 1);
4786}
4787
4788static int mwl8k_reload_firmware(struct ieee80211_hw *hw, char *fw_image);
4789
4790static int mwl8k_add_interface(struct ieee80211_hw *hw,
4791 struct ieee80211_vif *vif)
4792{
4793 struct mwl8k_priv *priv = hw->priv;
4794 struct mwl8k_vif *mwl8k_vif;
4795 u32 macids_supported;
4796 int macid, rc;
4797 struct mwl8k_device_info *di;
4798
4799 /*
4800 * Reject interface creation if sniffer mode is active, as
4801 * STA operation is mutually exclusive with hardware sniffer
4802 * mode. (Sniffer mode is only used on STA firmware.)
4803 */
4804 if (priv->sniffer_enabled) {
4805 wiphy_info(hw->wiphy,
4806 "unable to create STA interface because sniffer mode is enabled\n");
4807 return -EINVAL;
4808 }
4809
4810 di = priv->device_info;
4811 switch (vif->type) {
4812 case NL80211_IFTYPE_AP:
4813 if (!priv->ap_fw && di->fw_image_ap) {
4814 /* we must load the ap fw to meet this request */
4815 if (!list_empty(&priv->vif_list))
4816 return -EBUSY;
4817 rc = mwl8k_reload_firmware(hw, di->fw_image_ap);
4818 if (rc)
4819 return rc;
4820 }
4821 macids_supported = priv->ap_macids_supported;
4822 break;
4823 case NL80211_IFTYPE_STATION:
4824 if (priv->ap_fw && di->fw_image_sta) {
4825 if (!list_empty(&priv->vif_list)) {
4826 wiphy_warn(hw->wiphy, "AP interface is running.\n"
4827 "Adding STA interface for WDS");
4828 } else {
4829 /* we must load the sta fw to
4830 * meet this request.
4831 */
4832 rc = mwl8k_reload_firmware(hw,
4833 di->fw_image_sta);
4834 if (rc)
4835 return rc;
4836 }
4837 }
4838 macids_supported = priv->sta_macids_supported;
4839 break;
4840 default:
4841 return -EINVAL;
4842 }
4843
4844 macid = ffs(macids_supported & ~priv->macids_used);
4845 if (!macid--)
4846 return -EBUSY;
4847
4848 /* Setup driver private area. */
4849 mwl8k_vif = MWL8K_VIF(vif);
4850 memset(mwl8k_vif, 0, sizeof(*mwl8k_vif));
4851 mwl8k_vif->vif = vif;
4852 mwl8k_vif->macid = macid;
4853 mwl8k_vif->seqno = 0;
4854 memcpy(mwl8k_vif->bssid, vif->addr, ETH_ALEN);
4855 mwl8k_vif->is_hw_crypto_enabled = false;
4856
4857 /* Set the mac address. */
4858 mwl8k_cmd_set_mac_addr(hw, vif, vif->addr);
4859
4860 if (vif->type == NL80211_IFTYPE_AP)
4861 mwl8k_cmd_set_new_stn_add_self(hw, vif);
4862
4863 priv->macids_used |= 1 << mwl8k_vif->macid;
4864 list_add_tail(&mwl8k_vif->list, &priv->vif_list);
4865
4866 return 0;
4867}
4868
4869static void mwl8k_remove_vif(struct mwl8k_priv *priv, struct mwl8k_vif *vif)
4870{
4871 /* Has ieee80211_restart_hw re-added the removed interfaces? */
4872 if (!priv->macids_used)
4873 return;
4874
4875 priv->macids_used &= ~(1 << vif->macid);
4876 list_del(&vif->list);
4877}
4878
4879static void mwl8k_remove_interface(struct ieee80211_hw *hw,
4880 struct ieee80211_vif *vif)
4881{
4882 struct mwl8k_priv *priv = hw->priv;
4883 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
4884
4885 if (vif->type == NL80211_IFTYPE_AP)
4886 mwl8k_cmd_set_new_stn_del(hw, vif, vif->addr);
4887
4888 mwl8k_cmd_del_mac_addr(hw, vif, vif->addr);
4889
4890 mwl8k_remove_vif(priv, mwl8k_vif);
4891}
4892
4893static void mwl8k_hw_restart_work(struct work_struct *work)
4894{
4895 struct mwl8k_priv *priv =
4896 container_of(work, struct mwl8k_priv, fw_reload);
4897 struct ieee80211_hw *hw = priv->hw;
4898 struct mwl8k_device_info *di;
4899 int rc;
4900
4901 /* If some command is waiting for a response, clear it */
4902 if (priv->hostcmd_wait != NULL) {
4903 complete(priv->hostcmd_wait);
4904 priv->hostcmd_wait = NULL;
4905 }
4906
4907 priv->hw_restart_owner = current;
4908 di = priv->device_info;
4909 mwl8k_fw_lock(hw);
4910
4911 if (priv->ap_fw)
4912 rc = mwl8k_reload_firmware(hw, di->fw_image_ap);
4913 else
4914 rc = mwl8k_reload_firmware(hw, di->fw_image_sta);
4915
4916 if (rc)
4917 goto fail;
4918
4919 priv->hw_restart_owner = NULL;
4920 priv->hw_restart_in_progress = false;
4921
4922 /*
4923 * This unlock will wake up the queues and
4924 * also opens the command path for other
4925 * commands
4926 */
4927 mwl8k_fw_unlock(hw);
4928
4929 ieee80211_restart_hw(hw);
4930
4931 wiphy_err(hw->wiphy, "Firmware restarted successfully\n");
4932
4933 return;
4934fail:
4935 mwl8k_fw_unlock(hw);
4936
4937 wiphy_err(hw->wiphy, "Firmware restart failed\n");
4938}
4939
4940static int mwl8k_config(struct ieee80211_hw *hw, u32 changed)
4941{
4942 struct ieee80211_conf *conf = &hw->conf;
4943 struct mwl8k_priv *priv = hw->priv;
4944 int rc;
4945
4946 rc = mwl8k_fw_lock(hw);
4947 if (rc)
4948 return rc;
4949
4950 if (conf->flags & IEEE80211_CONF_IDLE)
4951 rc = mwl8k_cmd_radio_disable(hw);
4952 else
4953 rc = mwl8k_cmd_radio_enable(hw);
4954 if (rc)
4955 goto out;
4956
4957 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
4958 rc = mwl8k_cmd_set_rf_channel(hw, conf);
4959 if (rc)
4960 goto out;
4961 }
4962
4963 if (conf->power_level > 18)
4964 conf->power_level = 18;
4965
4966 if (priv->ap_fw) {
4967
4968 if (conf->flags & IEEE80211_CONF_CHANGE_POWER) {
4969 rc = mwl8k_cmd_tx_power(hw, conf, conf->power_level);
4970 if (rc)
4971 goto out;
4972 }
4973
4974
4975 } else {
4976 rc = mwl8k_cmd_rf_tx_power(hw, conf->power_level);
4977 if (rc)
4978 goto out;
4979 rc = mwl8k_cmd_mimo_config(hw, 0x7, 0x7);
4980 }
4981
4982out:
4983 mwl8k_fw_unlock(hw);
4984
4985 return rc;
4986}
4987
4988static void
4989mwl8k_bss_info_changed_sta(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
4990 struct ieee80211_bss_conf *info, u32 changed)
4991{
4992 struct mwl8k_priv *priv = hw->priv;
4993 u32 ap_legacy_rates = 0;
4994 u8 ap_mcs_rates[16];
4995 int rc;
4996
4997 if (mwl8k_fw_lock(hw))
4998 return;
4999
5000 /*
5001 * No need to capture a beacon if we're no longer associated.
5002 */
5003 if ((changed & BSS_CHANGED_ASSOC) && !vif->bss_conf.assoc)
5004 priv->capture_beacon = false;
5005
5006 /*
5007 * Get the AP's legacy and MCS rates.
5008 */
5009 if (vif->bss_conf.assoc) {
5010 struct ieee80211_sta *ap;
5011
5012 rcu_read_lock();
5013
5014 ap = ieee80211_find_sta(vif, vif->bss_conf.bssid);
5015 if (ap == NULL) {
5016 rcu_read_unlock();
5017 goto out;
5018 }
5019
5020 if (hw->conf.chandef.chan->band == IEEE80211_BAND_2GHZ) {
5021 ap_legacy_rates = ap->supp_rates[IEEE80211_BAND_2GHZ];
5022 } else {
5023 ap_legacy_rates =
5024 ap->supp_rates[IEEE80211_BAND_5GHZ] << 5;
5025 }
5026 memcpy(ap_mcs_rates, ap->ht_cap.mcs.rx_mask, 16);
5027
5028 rcu_read_unlock();
5029 }
5030
5031 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc &&
5032 !priv->ap_fw) {
5033 rc = mwl8k_cmd_set_rate(hw, vif, ap_legacy_rates, ap_mcs_rates);
5034 if (rc)
5035 goto out;
5036
5037 rc = mwl8k_cmd_use_fixed_rate_sta(hw);
5038 if (rc)
5039 goto out;
5040 } else {
5041 if ((changed & BSS_CHANGED_ASSOC) && vif->bss_conf.assoc &&
5042 priv->ap_fw) {
5043 int idx;
5044 int rate;
5045
5046 /* Use AP firmware specific rate command.
5047 */
5048 idx = ffs(vif->bss_conf.basic_rates);
5049 if (idx)
5050 idx--;
5051
5052 if (hw->conf.chandef.chan->band == IEEE80211_BAND_2GHZ)
5053 rate = mwl8k_rates_24[idx].hw_value;
5054 else
5055 rate = mwl8k_rates_50[idx].hw_value;
5056
5057 mwl8k_cmd_use_fixed_rate_ap(hw, rate, rate);
5058 }
5059 }
5060
5061 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
5062 rc = mwl8k_set_radio_preamble(hw,
5063 vif->bss_conf.use_short_preamble);
5064 if (rc)
5065 goto out;
5066 }
5067
5068 if ((changed & BSS_CHANGED_ERP_SLOT) && !priv->ap_fw) {
5069 rc = mwl8k_cmd_set_slot(hw, vif->bss_conf.use_short_slot);
5070 if (rc)
5071 goto out;
5072 }
5073
5074 if (vif->bss_conf.assoc && !priv->ap_fw &&
5075 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_ERP_CTS_PROT |
5076 BSS_CHANGED_HT))) {
5077 rc = mwl8k_cmd_set_aid(hw, vif, ap_legacy_rates);
5078 if (rc)
5079 goto out;
5080 }
5081
5082 if (vif->bss_conf.assoc &&
5083 (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_BEACON_INT))) {
5084 /*
5085 * Finalize the join. Tell rx handler to process
5086 * next beacon from our BSSID.
5087 */
5088 memcpy(priv->capture_bssid, vif->bss_conf.bssid, ETH_ALEN);
5089 priv->capture_beacon = true;
5090 }
5091
5092out:
5093 mwl8k_fw_unlock(hw);
5094}
5095
5096static void
5097mwl8k_bss_info_changed_ap(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5098 struct ieee80211_bss_conf *info, u32 changed)
5099{
5100 int rc;
5101
5102 if (mwl8k_fw_lock(hw))
5103 return;
5104
5105 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
5106 rc = mwl8k_set_radio_preamble(hw,
5107 vif->bss_conf.use_short_preamble);
5108 if (rc)
5109 goto out;
5110 }
5111
5112 if (changed & BSS_CHANGED_BASIC_RATES) {
5113 int idx;
5114 int rate;
5115
5116 /*
5117 * Use lowest supported basic rate for multicasts
5118 * and management frames (such as probe responses --
5119 * beacons will always go out at 1 Mb/s).
5120 */
5121 idx = ffs(vif->bss_conf.basic_rates);
5122 if (idx)
5123 idx--;
5124
5125 if (hw->conf.chandef.chan->band == IEEE80211_BAND_2GHZ)
5126 rate = mwl8k_rates_24[idx].hw_value;
5127 else
5128 rate = mwl8k_rates_50[idx].hw_value;
5129
5130 mwl8k_cmd_use_fixed_rate_ap(hw, rate, rate);
5131 }
5132
5133 if (changed & (BSS_CHANGED_BEACON_INT | BSS_CHANGED_BEACON)) {
5134 struct sk_buff *skb;
5135
5136 skb = ieee80211_beacon_get(hw, vif);
5137 if (skb != NULL) {
5138 mwl8k_cmd_set_beacon(hw, vif, skb->data, skb->len);
5139 kfree_skb(skb);
5140 }
5141 }
5142
5143 if (changed & BSS_CHANGED_BEACON_ENABLED)
5144 mwl8k_cmd_bss_start(hw, vif, info->enable_beacon);
5145
5146out:
5147 mwl8k_fw_unlock(hw);
5148}
5149
5150static void
5151mwl8k_bss_info_changed(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5152 struct ieee80211_bss_conf *info, u32 changed)
5153{
5154 if (vif->type == NL80211_IFTYPE_STATION)
5155 mwl8k_bss_info_changed_sta(hw, vif, info, changed);
5156 if (vif->type == NL80211_IFTYPE_AP)
5157 mwl8k_bss_info_changed_ap(hw, vif, info, changed);
5158}
5159
5160static u64 mwl8k_prepare_multicast(struct ieee80211_hw *hw,
5161 struct netdev_hw_addr_list *mc_list)
5162{
5163 struct mwl8k_cmd_pkt *cmd;
5164
5165 /*
5166 * Synthesize and return a command packet that programs the
5167 * hardware multicast address filter. At this point we don't
5168 * know whether FIF_ALLMULTI is being requested, but if it is,
5169 * we'll end up throwing this packet away and creating a new
5170 * one in mwl8k_configure_filter().
5171 */
5172 cmd = __mwl8k_cmd_mac_multicast_adr(hw, 0, mc_list);
5173
5174 return (unsigned long)cmd;
5175}
5176
5177static int
5178mwl8k_configure_filter_sniffer(struct ieee80211_hw *hw,
5179 unsigned int changed_flags,
5180 unsigned int *total_flags)
5181{
5182 struct mwl8k_priv *priv = hw->priv;
5183
5184 /*
5185 * Hardware sniffer mode is mutually exclusive with STA
5186 * operation, so refuse to enable sniffer mode if a STA
5187 * interface is active.
5188 */
5189 if (!list_empty(&priv->vif_list)) {
5190 if (net_ratelimit())
5191 wiphy_info(hw->wiphy,
5192 "not enabling sniffer mode because STA interface is active\n");
5193 return 0;
5194 }
5195
5196 if (!priv->sniffer_enabled) {
5197 if (mwl8k_cmd_enable_sniffer(hw, 1))
5198 return 0;
5199 priv->sniffer_enabled = true;
5200 }
5201
5202 *total_flags &= FIF_PROMISC_IN_BSS | FIF_ALLMULTI |
5203 FIF_BCN_PRBRESP_PROMISC | FIF_CONTROL |
5204 FIF_OTHER_BSS;
5205
5206 return 1;
5207}
5208
5209static struct mwl8k_vif *mwl8k_first_vif(struct mwl8k_priv *priv)
5210{
5211 if (!list_empty(&priv->vif_list))
5212 return list_entry(priv->vif_list.next, struct mwl8k_vif, list);
5213
5214 return NULL;
5215}
5216
5217static void mwl8k_configure_filter(struct ieee80211_hw *hw,
5218 unsigned int changed_flags,
5219 unsigned int *total_flags,
5220 u64 multicast)
5221{
5222 struct mwl8k_priv *priv = hw->priv;
5223 struct mwl8k_cmd_pkt *cmd = (void *)(unsigned long)multicast;
5224
5225 /*
5226 * AP firmware doesn't allow fine-grained control over
5227 * the receive filter.
5228 */
5229 if (priv->ap_fw) {
5230 *total_flags &= FIF_ALLMULTI | FIF_BCN_PRBRESP_PROMISC;
5231 kfree(cmd);
5232 return;
5233 }
5234
5235 /*
5236 * Enable hardware sniffer mode if FIF_CONTROL or
5237 * FIF_OTHER_BSS is requested.
5238 */
5239 if (*total_flags & (FIF_CONTROL | FIF_OTHER_BSS) &&
5240 mwl8k_configure_filter_sniffer(hw, changed_flags, total_flags)) {
5241 kfree(cmd);
5242 return;
5243 }
5244
5245 /* Clear unsupported feature flags */
5246 *total_flags &= FIF_ALLMULTI | FIF_BCN_PRBRESP_PROMISC;
5247
5248 if (mwl8k_fw_lock(hw)) {
5249 kfree(cmd);
5250 return;
5251 }
5252
5253 if (priv->sniffer_enabled) {
5254 mwl8k_cmd_enable_sniffer(hw, 0);
5255 priv->sniffer_enabled = false;
5256 }
5257
5258 if (changed_flags & FIF_BCN_PRBRESP_PROMISC) {
5259 if (*total_flags & FIF_BCN_PRBRESP_PROMISC) {
5260 /*
5261 * Disable the BSS filter.
5262 */
5263 mwl8k_cmd_set_pre_scan(hw);
5264 } else {
5265 struct mwl8k_vif *mwl8k_vif;
5266 const u8 *bssid;
5267
5268 /*
5269 * Enable the BSS filter.
5270 *
5271 * If there is an active STA interface, use that
5272 * interface's BSSID, otherwise use a dummy one
5273 * (where the OUI part needs to be nonzero for
5274 * the BSSID to be accepted by POST_SCAN).
5275 */
5276 mwl8k_vif = mwl8k_first_vif(priv);
5277 if (mwl8k_vif != NULL)
5278 bssid = mwl8k_vif->vif->bss_conf.bssid;
5279 else
5280 bssid = "\x01\x00\x00\x00\x00\x00";
5281
5282 mwl8k_cmd_set_post_scan(hw, bssid);
5283 }
5284 }
5285
5286 /*
5287 * If FIF_ALLMULTI is being requested, throw away the command
5288 * packet that ->prepare_multicast() built and replace it with
5289 * a command packet that enables reception of all multicast
5290 * packets.
5291 */
5292 if (*total_flags & FIF_ALLMULTI) {
5293 kfree(cmd);
5294 cmd = __mwl8k_cmd_mac_multicast_adr(hw, 1, NULL);
5295 }
5296
5297 if (cmd != NULL) {
5298 mwl8k_post_cmd(hw, cmd);
5299 kfree(cmd);
5300 }
5301
5302 mwl8k_fw_unlock(hw);
5303}
5304
5305static int mwl8k_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
5306{
5307 return mwl8k_cmd_set_rts_threshold(hw, value);
5308}
5309
5310static int mwl8k_sta_remove(struct ieee80211_hw *hw,
5311 struct ieee80211_vif *vif,
5312 struct ieee80211_sta *sta)
5313{
5314 struct mwl8k_priv *priv = hw->priv;
5315
5316 if (priv->ap_fw)
5317 return mwl8k_cmd_set_new_stn_del(hw, vif, sta->addr);
5318 else
5319 return mwl8k_cmd_update_stadb_del(hw, vif, sta->addr);
5320}
5321
5322static int mwl8k_sta_add(struct ieee80211_hw *hw,
5323 struct ieee80211_vif *vif,
5324 struct ieee80211_sta *sta)
5325{
5326 struct mwl8k_priv *priv = hw->priv;
5327 int ret;
5328 int i;
5329 struct mwl8k_vif *mwl8k_vif = MWL8K_VIF(vif);
5330 struct ieee80211_key_conf *key;
5331
5332 if (!priv->ap_fw) {
5333 ret = mwl8k_cmd_update_stadb_add(hw, vif, sta);
5334 if (ret >= 0) {
5335 MWL8K_STA(sta)->peer_id = ret;
5336 if (sta->ht_cap.ht_supported)
5337 MWL8K_STA(sta)->is_ampdu_allowed = true;
5338 ret = 0;
5339 }
5340
5341 } else {
5342 ret = mwl8k_cmd_set_new_stn_add(hw, vif, sta);
5343 }
5344
5345 for (i = 0; i < NUM_WEP_KEYS; i++) {
5346 key = IEEE80211_KEY_CONF(mwl8k_vif->wep_key_conf[i].key);
5347 if (mwl8k_vif->wep_key_conf[i].enabled)
5348 mwl8k_set_key(hw, SET_KEY, vif, sta, key);
5349 }
5350 return ret;
5351}
5352
5353static int mwl8k_conf_tx(struct ieee80211_hw *hw,
5354 struct ieee80211_vif *vif, u16 queue,
5355 const struct ieee80211_tx_queue_params *params)
5356{
5357 struct mwl8k_priv *priv = hw->priv;
5358 int rc;
5359
5360 rc = mwl8k_fw_lock(hw);
5361 if (!rc) {
5362 BUG_ON(queue > MWL8K_TX_WMM_QUEUES - 1);
5363 memcpy(&priv->wmm_params[queue], params, sizeof(*params));
5364
5365 if (!priv->wmm_enabled)
5366 rc = mwl8k_cmd_set_wmm_mode(hw, 1);
5367
5368 if (!rc) {
5369 int q = MWL8K_TX_WMM_QUEUES - 1 - queue;
5370 rc = mwl8k_cmd_set_edca_params(hw, q,
5371 params->cw_min,
5372 params->cw_max,
5373 params->aifs,
5374 params->txop);
5375 }
5376
5377 mwl8k_fw_unlock(hw);
5378 }
5379
5380 return rc;
5381}
5382
5383static int mwl8k_get_stats(struct ieee80211_hw *hw,
5384 struct ieee80211_low_level_stats *stats)
5385{
5386 return mwl8k_cmd_get_stat(hw, stats);
5387}
5388
5389static int mwl8k_get_survey(struct ieee80211_hw *hw, int idx,
5390 struct survey_info *survey)
5391{
5392 struct mwl8k_priv *priv = hw->priv;
5393 struct ieee80211_conf *conf = &hw->conf;
5394 struct ieee80211_supported_band *sband;
5395
5396 if (priv->ap_fw) {
5397 sband = hw->wiphy->bands[IEEE80211_BAND_2GHZ];
5398
5399 if (sband && idx >= sband->n_channels) {
5400 idx -= sband->n_channels;
5401 sband = NULL;
5402 }
5403
5404 if (!sband)
5405 sband = hw->wiphy->bands[IEEE80211_BAND_5GHZ];
5406
5407 if (!sband || idx >= sband->n_channels)
5408 return -ENOENT;
5409
5410 memcpy(survey, &priv->survey[idx], sizeof(*survey));
5411 survey->channel = &sband->channels[idx];
5412
5413 return 0;
5414 }
5415
5416 if (idx != 0)
5417 return -ENOENT;
5418
5419 survey->channel = conf->chandef.chan;
5420 survey->filled = SURVEY_INFO_NOISE_DBM;
5421 survey->noise = priv->noise;
5422
5423 return 0;
5424}
5425
5426#define MAX_AMPDU_ATTEMPTS 5
5427
5428static int
5429mwl8k_ampdu_action(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
5430 enum ieee80211_ampdu_mlme_action action,
5431 struct ieee80211_sta *sta, u16 tid, u16 *ssn,
5432 u8 buf_size)
5433{
5434
5435 int i, rc = 0;
5436 struct mwl8k_priv *priv = hw->priv;
5437 struct mwl8k_ampdu_stream *stream;
5438 u8 *addr = sta->addr, idx;
5439 struct mwl8k_sta *sta_info = MWL8K_STA(sta);
5440
5441 if (!(hw->flags & IEEE80211_HW_AMPDU_AGGREGATION))
5442 return -ENOTSUPP;
5443
5444 spin_lock(&priv->stream_lock);
5445 stream = mwl8k_lookup_stream(hw, addr, tid);
5446
5447 switch (action) {
5448 case IEEE80211_AMPDU_RX_START:
5449 case IEEE80211_AMPDU_RX_STOP:
5450 break;
5451 case IEEE80211_AMPDU_TX_START:
5452 /* By the time we get here the hw queues may contain outgoing
5453 * packets for this RA/TID that are not part of this BA
5454 * session. The hw will assign sequence numbers to these
5455 * packets as they go out. So if we query the hw for its next
5456 * sequence number and use that for the SSN here, it may end up
5457 * being wrong, which will lead to sequence number mismatch at
5458 * the recipient. To avoid this, we reset the sequence number
5459 * to O for the first MPDU in this BA stream.
5460 */
5461 *ssn = 0;
5462 if (stream == NULL) {
5463 /* This means that somebody outside this driver called
5464 * ieee80211_start_tx_ba_session. This is unexpected
5465 * because we do our own rate control. Just warn and
5466 * move on.
5467 */
5468 wiphy_warn(hw->wiphy, "Unexpected call to %s. "
5469 "Proceeding anyway.\n", __func__);
5470 stream = mwl8k_add_stream(hw, sta, tid);
5471 }
5472 if (stream == NULL) {
5473 wiphy_debug(hw->wiphy, "no free AMPDU streams\n");
5474 rc = -EBUSY;
5475 break;
5476 }
5477 stream->state = AMPDU_STREAM_IN_PROGRESS;
5478
5479 /* Release the lock before we do the time consuming stuff */
5480 spin_unlock(&priv->stream_lock);
5481 for (i = 0; i < MAX_AMPDU_ATTEMPTS; i++) {
5482
5483 /* Check if link is still valid */
5484 if (!sta_info->is_ampdu_allowed) {
5485 spin_lock(&priv->stream_lock);
5486 mwl8k_remove_stream(hw, stream);
5487 spin_unlock(&priv->stream_lock);
5488 return -EBUSY;
5489 }
5490
5491 rc = mwl8k_check_ba(hw, stream, vif);
5492
5493 /* If HW restart is in progress mwl8k_post_cmd will
5494 * return -EBUSY. Avoid retrying mwl8k_check_ba in
5495 * such cases
5496 */
5497 if (!rc || rc == -EBUSY)
5498 break;
5499 /*
5500 * HW queues take time to be flushed, give them
5501 * sufficient time
5502 */
5503
5504 msleep(1000);
5505 }
5506 spin_lock(&priv->stream_lock);
5507 if (rc) {
5508 wiphy_err(hw->wiphy, "Stream for tid %d busy after %d"
5509 " attempts\n", tid, MAX_AMPDU_ATTEMPTS);
5510 mwl8k_remove_stream(hw, stream);
5511 rc = -EBUSY;
5512 break;
5513 }
5514 ieee80211_start_tx_ba_cb_irqsafe(vif, addr, tid);
5515 break;
5516 case IEEE80211_AMPDU_TX_STOP_CONT:
5517 case IEEE80211_AMPDU_TX_STOP_FLUSH:
5518 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
5519 if (stream) {
5520 if (stream->state == AMPDU_STREAM_ACTIVE) {
5521 idx = stream->idx;
5522 spin_unlock(&priv->stream_lock);
5523 mwl8k_destroy_ba(hw, idx);
5524 spin_lock(&priv->stream_lock);
5525 }
5526 mwl8k_remove_stream(hw, stream);
5527 }
5528 ieee80211_stop_tx_ba_cb_irqsafe(vif, addr, tid);
5529 break;
5530 case IEEE80211_AMPDU_TX_OPERATIONAL:
5531 BUG_ON(stream == NULL);
5532 BUG_ON(stream->state != AMPDU_STREAM_IN_PROGRESS);
5533 spin_unlock(&priv->stream_lock);
5534 rc = mwl8k_create_ba(hw, stream, buf_size, vif);
5535 spin_lock(&priv->stream_lock);
5536 if (!rc)
5537 stream->state = AMPDU_STREAM_ACTIVE;
5538 else {
5539 idx = stream->idx;
5540 spin_unlock(&priv->stream_lock);
5541 mwl8k_destroy_ba(hw, idx);
5542 spin_lock(&priv->stream_lock);
5543 wiphy_debug(hw->wiphy,
5544 "Failed adding stream for sta %pM tid %d\n",
5545 addr, tid);
5546 mwl8k_remove_stream(hw, stream);
5547 }
5548 break;
5549
5550 default:
5551 rc = -ENOTSUPP;
5552 }
5553
5554 spin_unlock(&priv->stream_lock);
5555 return rc;
5556}
5557
5558static void mwl8k_sw_scan_start(struct ieee80211_hw *hw)
5559{
5560 struct mwl8k_priv *priv = hw->priv;
5561 u8 tmp;
5562
5563 if (!priv->ap_fw)
5564 return;
5565
5566 /* clear all stats */
5567 priv->channel_time = 0;
5568 ioread32(priv->regs + BBU_RXRDY_CNT_REG);
5569 ioread32(priv->regs + NOK_CCA_CNT_REG);
5570 mwl8k_cmd_bbp_reg_access(priv->hw, 0, BBU_AVG_NOISE_VAL, &tmp);
5571
5572 priv->sw_scan_start = true;
5573}
5574
5575static void mwl8k_sw_scan_complete(struct ieee80211_hw *hw)
5576{
5577 struct mwl8k_priv *priv = hw->priv;
5578 u8 tmp;
5579
5580 if (!priv->ap_fw)
5581 return;
5582
5583 priv->sw_scan_start = false;
5584
5585 /* clear all stats */
5586 priv->channel_time = 0;
5587 ioread32(priv->regs + BBU_RXRDY_CNT_REG);
5588 ioread32(priv->regs + NOK_CCA_CNT_REG);
5589 mwl8k_cmd_bbp_reg_access(priv->hw, 0, BBU_AVG_NOISE_VAL, &tmp);
5590}
5591
5592static const struct ieee80211_ops mwl8k_ops = {
5593 .tx = mwl8k_tx,
5594 .start = mwl8k_start,
5595 .stop = mwl8k_stop,
5596 .add_interface = mwl8k_add_interface,
5597 .remove_interface = mwl8k_remove_interface,
5598 .config = mwl8k_config,
5599 .bss_info_changed = mwl8k_bss_info_changed,
5600 .prepare_multicast = mwl8k_prepare_multicast,
5601 .configure_filter = mwl8k_configure_filter,
5602 .set_key = mwl8k_set_key,
5603 .set_rts_threshold = mwl8k_set_rts_threshold,
5604 .sta_add = mwl8k_sta_add,
5605 .sta_remove = mwl8k_sta_remove,
5606 .conf_tx = mwl8k_conf_tx,
5607 .get_stats = mwl8k_get_stats,
5608 .get_survey = mwl8k_get_survey,
5609 .ampdu_action = mwl8k_ampdu_action,
5610 .sw_scan_start = mwl8k_sw_scan_start,
5611 .sw_scan_complete = mwl8k_sw_scan_complete,
5612};
5613
5614static void mwl8k_finalize_join_worker(struct work_struct *work)
5615{
5616 struct mwl8k_priv *priv =
5617 container_of(work, struct mwl8k_priv, finalize_join_worker);
5618 struct sk_buff *skb = priv->beacon_skb;
5619 struct ieee80211_mgmt *mgmt = (void *)skb->data;
5620 int len = skb->len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
5621 const u8 *tim = cfg80211_find_ie(WLAN_EID_TIM,
5622 mgmt->u.beacon.variable, len);
5623 int dtim_period = 1;
5624
5625 if (tim && tim[1] >= 2)
5626 dtim_period = tim[3];
5627
5628 mwl8k_cmd_finalize_join(priv->hw, skb->data, skb->len, dtim_period);
5629
5630 dev_kfree_skb(skb);
5631 priv->beacon_skb = NULL;
5632}
5633
5634enum {
5635 MWL8363 = 0,
5636 MWL8687,
5637 MWL8366,
5638 MWL8764,
5639};
5640
5641#define MWL8K_8366_AP_FW_API 3
5642#define _MWL8K_8366_AP_FW(api) "mwl8k/fmimage_8366_ap-" #api ".fw"
5643#define MWL8K_8366_AP_FW(api) _MWL8K_8366_AP_FW(api)
5644
5645#define MWL8K_8764_AP_FW_API 1
5646#define _MWL8K_8764_AP_FW(api) "mwl8k/fmimage_8764_ap-" #api ".fw"
5647#define MWL8K_8764_AP_FW(api) _MWL8K_8764_AP_FW(api)
5648
5649static struct mwl8k_device_info mwl8k_info_tbl[] = {
5650 [MWL8363] = {
5651 .part_name = "88w8363",
5652 .helper_image = "mwl8k/helper_8363.fw",
5653 .fw_image_sta = "mwl8k/fmimage_8363.fw",
5654 },
5655 [MWL8687] = {
5656 .part_name = "88w8687",
5657 .helper_image = "mwl8k/helper_8687.fw",
5658 .fw_image_sta = "mwl8k/fmimage_8687.fw",
5659 },
5660 [MWL8366] = {
5661 .part_name = "88w8366",
5662 .helper_image = "mwl8k/helper_8366.fw",
5663 .fw_image_sta = "mwl8k/fmimage_8366.fw",
5664 .fw_image_ap = MWL8K_8366_AP_FW(MWL8K_8366_AP_FW_API),
5665 .fw_api_ap = MWL8K_8366_AP_FW_API,
5666 .ap_rxd_ops = &rxd_ap_ops,
5667 },
5668 [MWL8764] = {
5669 .part_name = "88w8764",
5670 .fw_image_ap = MWL8K_8764_AP_FW(MWL8K_8764_AP_FW_API),
5671 .fw_api_ap = MWL8K_8764_AP_FW_API,
5672 .ap_rxd_ops = &rxd_ap_ops,
5673 },
5674};
5675
5676MODULE_FIRMWARE("mwl8k/helper_8363.fw");
5677MODULE_FIRMWARE("mwl8k/fmimage_8363.fw");
5678MODULE_FIRMWARE("mwl8k/helper_8687.fw");
5679MODULE_FIRMWARE("mwl8k/fmimage_8687.fw");
5680MODULE_FIRMWARE("mwl8k/helper_8366.fw");
5681MODULE_FIRMWARE("mwl8k/fmimage_8366.fw");
5682MODULE_FIRMWARE(MWL8K_8366_AP_FW(MWL8K_8366_AP_FW_API));
5683
5684static DEFINE_PCI_DEVICE_TABLE(mwl8k_pci_id_table) = {
5685 { PCI_VDEVICE(MARVELL, 0x2a0a), .driver_data = MWL8363, },
5686 { PCI_VDEVICE(MARVELL, 0x2a0c), .driver_data = MWL8363, },
5687 { PCI_VDEVICE(MARVELL, 0x2a24), .driver_data = MWL8363, },
5688 { PCI_VDEVICE(MARVELL, 0x2a2b), .driver_data = MWL8687, },
5689 { PCI_VDEVICE(MARVELL, 0x2a30), .driver_data = MWL8687, },
5690 { PCI_VDEVICE(MARVELL, 0x2a40), .driver_data = MWL8366, },
5691 { PCI_VDEVICE(MARVELL, 0x2a41), .driver_data = MWL8366, },
5692 { PCI_VDEVICE(MARVELL, 0x2a42), .driver_data = MWL8366, },
5693 { PCI_VDEVICE(MARVELL, 0x2a43), .driver_data = MWL8366, },
5694 { PCI_VDEVICE(MARVELL, 0x2b36), .driver_data = MWL8764, },
5695 { },
5696};
5697MODULE_DEVICE_TABLE(pci, mwl8k_pci_id_table);
5698
5699static int mwl8k_request_alt_fw(struct mwl8k_priv *priv)
5700{
5701 int rc;
5702 printk(KERN_ERR "%s: Error requesting preferred fw %s.\n"
5703 "Trying alternative firmware %s\n", pci_name(priv->pdev),
5704 priv->fw_pref, priv->fw_alt);
5705 rc = mwl8k_request_fw(priv, priv->fw_alt, &priv->fw_ucode, true);
5706 if (rc) {
5707 printk(KERN_ERR "%s: Error requesting alt fw %s\n",
5708 pci_name(priv->pdev), priv->fw_alt);
5709 return rc;
5710 }
5711 return 0;
5712}
5713
5714static int mwl8k_firmware_load_success(struct mwl8k_priv *priv);
5715static void mwl8k_fw_state_machine(const struct firmware *fw, void *context)
5716{
5717 struct mwl8k_priv *priv = context;
5718 struct mwl8k_device_info *di = priv->device_info;
5719 int rc;
5720
5721 switch (priv->fw_state) {
5722 case FW_STATE_INIT:
5723 if (!fw) {
5724 printk(KERN_ERR "%s: Error requesting helper fw %s\n",
5725 pci_name(priv->pdev), di->helper_image);
5726 goto fail;
5727 }
5728 priv->fw_helper = fw;
5729 rc = mwl8k_request_fw(priv, priv->fw_pref, &priv->fw_ucode,
5730 true);
5731 if (rc && priv->fw_alt) {
5732 rc = mwl8k_request_alt_fw(priv);
5733 if (rc)
5734 goto fail;
5735 priv->fw_state = FW_STATE_LOADING_ALT;
5736 } else if (rc)
5737 goto fail;
5738 else
5739 priv->fw_state = FW_STATE_LOADING_PREF;
5740 break;
5741
5742 case FW_STATE_LOADING_PREF:
5743 if (!fw) {
5744 if (priv->fw_alt) {
5745 rc = mwl8k_request_alt_fw(priv);
5746 if (rc)
5747 goto fail;
5748 priv->fw_state = FW_STATE_LOADING_ALT;
5749 } else
5750 goto fail;
5751 } else {
5752 priv->fw_ucode = fw;
5753 rc = mwl8k_firmware_load_success(priv);
5754 if (rc)
5755 goto fail;
5756 else
5757 complete(&priv->firmware_loading_complete);
5758 }
5759 break;
5760
5761 case FW_STATE_LOADING_ALT:
5762 if (!fw) {
5763 printk(KERN_ERR "%s: Error requesting alt fw %s\n",
5764 pci_name(priv->pdev), di->helper_image);
5765 goto fail;
5766 }
5767 priv->fw_ucode = fw;
5768 rc = mwl8k_firmware_load_success(priv);
5769 if (rc)
5770 goto fail;
5771 else
5772 complete(&priv->firmware_loading_complete);
5773 break;
5774
5775 default:
5776 printk(KERN_ERR "%s: Unexpected firmware loading state: %d\n",
5777 MWL8K_NAME, priv->fw_state);
5778 BUG_ON(1);
5779 }
5780
5781 return;
5782
5783fail:
5784 priv->fw_state = FW_STATE_ERROR;
5785 complete(&priv->firmware_loading_complete);
5786 device_release_driver(&priv->pdev->dev);
5787 mwl8k_release_firmware(priv);
5788}
5789
5790#define MAX_RESTART_ATTEMPTS 1
5791static int mwl8k_init_firmware(struct ieee80211_hw *hw, char *fw_image,
5792 bool nowait)
5793{
5794 struct mwl8k_priv *priv = hw->priv;
5795 int rc;
5796 int count = MAX_RESTART_ATTEMPTS;
5797
5798retry:
5799 /* Reset firmware and hardware */
5800 mwl8k_hw_reset(priv);
5801
5802 /* Ask userland hotplug daemon for the device firmware */
5803 rc = mwl8k_request_firmware(priv, fw_image, nowait);
5804 if (rc) {
5805 wiphy_err(hw->wiphy, "Firmware files not found\n");
5806 return rc;
5807 }
5808
5809 if (nowait)
5810 return rc;
5811
5812 /* Load firmware into hardware */
5813 rc = mwl8k_load_firmware(hw);
5814 if (rc)
5815 wiphy_err(hw->wiphy, "Cannot start firmware\n");
5816
5817 /* Reclaim memory once firmware is successfully loaded */
5818 mwl8k_release_firmware(priv);
5819
5820 if (rc && count) {
5821 /* FW did not start successfully;
5822 * lets try one more time
5823 */
5824 count--;
5825 wiphy_err(hw->wiphy, "Trying to reload the firmware again\n");
5826 msleep(20);
5827 goto retry;
5828 }
5829
5830 return rc;
5831}
5832
5833static int mwl8k_init_txqs(struct ieee80211_hw *hw)
5834{
5835 struct mwl8k_priv *priv = hw->priv;
5836 int rc = 0;
5837 int i;
5838
5839 for (i = 0; i < mwl8k_tx_queues(priv); i++) {
5840 rc = mwl8k_txq_init(hw, i);
5841 if (rc)
5842 break;
5843 if (priv->ap_fw)
5844 iowrite32(priv->txq[i].txd_dma,
5845 priv->sram + priv->txq_offset[i]);
5846 }
5847 return rc;
5848}
5849
5850/* initialize hw after successfully loading a firmware image */
5851static int mwl8k_probe_hw(struct ieee80211_hw *hw)
5852{
5853 struct mwl8k_priv *priv = hw->priv;
5854 int rc = 0;
5855 int i;
5856
5857 if (priv->ap_fw) {
5858 priv->rxd_ops = priv->device_info->ap_rxd_ops;
5859 if (priv->rxd_ops == NULL) {
5860 wiphy_err(hw->wiphy,
5861 "Driver does not have AP firmware image support for this hardware\n");
5862 rc = -ENOENT;
5863 goto err_stop_firmware;
5864 }
5865 } else {
5866 priv->rxd_ops = &rxd_sta_ops;
5867 }
5868
5869 priv->sniffer_enabled = false;
5870 priv->wmm_enabled = false;
5871 priv->pending_tx_pkts = 0;
5872 atomic_set(&priv->watchdog_event_pending, 0);
5873
5874 rc = mwl8k_rxq_init(hw, 0);
5875 if (rc)
5876 goto err_stop_firmware;
5877 rxq_refill(hw, 0, INT_MAX);
5878
5879 /* For the sta firmware, we need to know the dma addresses of tx queues
5880 * before sending MWL8K_CMD_GET_HW_SPEC. So we must initialize them
5881 * prior to issuing this command. But for the AP case, we learn the
5882 * total number of queues from the result CMD_GET_HW_SPEC, so for this
5883 * case we must initialize the tx queues after.
5884 */
5885 priv->num_ampdu_queues = 0;
5886 if (!priv->ap_fw) {
5887 rc = mwl8k_init_txqs(hw);
5888 if (rc)
5889 goto err_free_queues;
5890 }
5891
5892 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS);
5893 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5894 iowrite32(MWL8K_A2H_INT_TX_DONE|MWL8K_A2H_INT_RX_READY|
5895 MWL8K_A2H_INT_BA_WATCHDOG,
5896 priv->regs + MWL8K_HIU_A2H_INTERRUPT_CLEAR_SEL);
5897 iowrite32(MWL8K_A2H_INT_OPC_DONE,
5898 priv->regs + MWL8K_HIU_A2H_INTERRUPT_STATUS_MASK);
5899
5900 rc = request_irq(priv->pdev->irq, mwl8k_interrupt,
5901 IRQF_SHARED, MWL8K_NAME, hw);
5902 if (rc) {
5903 wiphy_err(hw->wiphy, "failed to register IRQ handler\n");
5904 goto err_free_queues;
5905 }
5906
5907 /*
5908 * When hw restart is requested,
5909 * mac80211 will take care of clearing
5910 * the ampdu streams, so do not clear
5911 * the ampdu state here
5912 */
5913 if (!priv->hw_restart_in_progress)
5914 memset(priv->ampdu, 0, sizeof(priv->ampdu));
5915
5916 /*
5917 * Temporarily enable interrupts. Initial firmware host
5918 * commands use interrupts and avoid polling. Disable
5919 * interrupts when done.
5920 */
5921 iowrite32(MWL8K_A2H_EVENTS, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5922
5923 /* Get config data, mac addrs etc */
5924 if (priv->ap_fw) {
5925 rc = mwl8k_cmd_get_hw_spec_ap(hw);
5926 if (!rc)
5927 rc = mwl8k_init_txqs(hw);
5928 if (!rc)
5929 rc = mwl8k_cmd_set_hw_spec(hw);
5930 } else {
5931 rc = mwl8k_cmd_get_hw_spec_sta(hw);
5932 }
5933 if (rc) {
5934 wiphy_err(hw->wiphy, "Cannot initialise firmware\n");
5935 goto err_free_irq;
5936 }
5937
5938 /* Turn radio off */
5939 rc = mwl8k_cmd_radio_disable(hw);
5940 if (rc) {
5941 wiphy_err(hw->wiphy, "Cannot disable\n");
5942 goto err_free_irq;
5943 }
5944
5945 /* Clear MAC address */
5946 rc = mwl8k_cmd_set_mac_addr(hw, NULL, "\x00\x00\x00\x00\x00\x00");
5947 if (rc) {
5948 wiphy_err(hw->wiphy, "Cannot clear MAC address\n");
5949 goto err_free_irq;
5950 }
5951
5952 /* Configure Antennas */
5953 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_RX, 0x3);
5954 if (rc)
5955 wiphy_warn(hw->wiphy, "failed to set # of RX antennas");
5956 rc = mwl8k_cmd_rf_antenna(hw, MWL8K_RF_ANTENNA_TX, 0x7);
5957 if (rc)
5958 wiphy_warn(hw->wiphy, "failed to set # of TX antennas");
5959
5960
5961 /* Disable interrupts */
5962 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5963 free_irq(priv->pdev->irq, hw);
5964
5965 wiphy_info(hw->wiphy, "%s v%d, %pm, %s firmware %u.%u.%u.%u\n",
5966 priv->device_info->part_name,
5967 priv->hw_rev, hw->wiphy->perm_addr,
5968 priv->ap_fw ? "AP" : "STA",
5969 (priv->fw_rev >> 24) & 0xff, (priv->fw_rev >> 16) & 0xff,
5970 (priv->fw_rev >> 8) & 0xff, priv->fw_rev & 0xff);
5971
5972 return 0;
5973
5974err_free_irq:
5975 iowrite32(0, priv->regs + MWL8K_HIU_A2H_INTERRUPT_MASK);
5976 free_irq(priv->pdev->irq, hw);
5977
5978err_free_queues:
5979 for (i = 0; i < mwl8k_tx_queues(priv); i++)
5980 mwl8k_txq_deinit(hw, i);
5981 mwl8k_rxq_deinit(hw, 0);
5982
5983err_stop_firmware:
5984 mwl8k_hw_reset(priv);
5985
5986 return rc;
5987}
5988
5989/*
5990 * invoke mwl8k_reload_firmware to change the firmware image after the device
5991 * has already been registered
5992 */
5993static int mwl8k_reload_firmware(struct ieee80211_hw *hw, char *fw_image)
5994{
5995 int i, rc = 0;
5996 struct mwl8k_priv *priv = hw->priv;
5997 struct mwl8k_vif *vif, *tmp_vif;
5998
5999 mwl8k_stop(hw);
6000 mwl8k_rxq_deinit(hw, 0);
6001
6002 /*
6003 * All the existing interfaces are re-added by the ieee80211_reconfig;
6004 * which means driver should remove existing interfaces before calling
6005 * ieee80211_restart_hw
6006 */
6007 if (priv->hw_restart_in_progress)
6008 list_for_each_entry_safe(vif, tmp_vif, &priv->vif_list, list)
6009 mwl8k_remove_vif(priv, vif);
6010
6011 for (i = 0; i < mwl8k_tx_queues(priv); i++)
6012 mwl8k_txq_deinit(hw, i);
6013
6014 rc = mwl8k_init_firmware(hw, fw_image, false);
6015 if (rc)
6016 goto fail;
6017
6018 rc = mwl8k_probe_hw(hw);
6019 if (rc)
6020 goto fail;
6021
6022 if (priv->hw_restart_in_progress)
6023 return rc;
6024
6025 rc = mwl8k_start(hw);
6026 if (rc)
6027 goto fail;
6028
6029 rc = mwl8k_config(hw, ~0);
6030 if (rc)
6031 goto fail;
6032
6033 for (i = 0; i < MWL8K_TX_WMM_QUEUES; i++) {
6034 rc = mwl8k_conf_tx(hw, NULL, i, &priv->wmm_params[i]);
6035 if (rc)
6036 goto fail;
6037 }
6038
6039 return rc;
6040
6041fail:
6042 printk(KERN_WARNING "mwl8k: Failed to reload firmware image.\n");
6043 return rc;
6044}
6045
6046static const struct ieee80211_iface_limit ap_if_limits[] = {
6047 { .max = 8, .types = BIT(NL80211_IFTYPE_AP) },
6048 { .max = 1, .types = BIT(NL80211_IFTYPE_STATION) },
6049};
6050
6051static const struct ieee80211_iface_combination ap_if_comb = {
6052 .limits = ap_if_limits,
6053 .n_limits = ARRAY_SIZE(ap_if_limits),
6054 .max_interfaces = 8,
6055 .num_different_channels = 1,
6056};
6057
6058
6059static int mwl8k_firmware_load_success(struct mwl8k_priv *priv)
6060{
6061 struct ieee80211_hw *hw = priv->hw;
6062 int i, rc;
6063
6064 rc = mwl8k_load_firmware(hw);
6065 mwl8k_release_firmware(priv);
6066 if (rc) {
6067 wiphy_err(hw->wiphy, "Cannot start firmware\n");
6068 return rc;
6069 }
6070
6071 /*
6072 * Extra headroom is the size of the required DMA header
6073 * minus the size of the smallest 802.11 frame (CTS frame).
6074 */
6075 hw->extra_tx_headroom =
6076 sizeof(struct mwl8k_dma_data) - sizeof(struct ieee80211_cts);
6077
6078 hw->extra_tx_headroom -= priv->ap_fw ? REDUCED_TX_HEADROOM : 0;
6079
6080 hw->queues = MWL8K_TX_WMM_QUEUES;
6081
6082 /* Set rssi values to dBm */
6083 hw->flags |= IEEE80211_HW_SIGNAL_DBM | IEEE80211_HW_HAS_RATE_CONTROL;
6084
6085 /*
6086 * Ask mac80211 to not to trigger PS mode
6087 * based on PM bit of incoming frames.
6088 */
6089 if (priv->ap_fw)
6090 hw->flags |= IEEE80211_HW_AP_LINK_PS;
6091
6092 hw->vif_data_size = sizeof(struct mwl8k_vif);
6093 hw->sta_data_size = sizeof(struct mwl8k_sta);
6094
6095 priv->macids_used = 0;
6096 INIT_LIST_HEAD(&priv->vif_list);
6097
6098 /* Set default radio state and preamble */
6099 priv->radio_on = false;
6100 priv->radio_short_preamble = false;
6101
6102 /* Finalize join worker */
6103 INIT_WORK(&priv->finalize_join_worker, mwl8k_finalize_join_worker);
6104 /* Handle watchdog ba events */
6105 INIT_WORK(&priv->watchdog_ba_handle, mwl8k_watchdog_ba_events);
6106 /* To reload the firmware if it crashes */
6107 INIT_WORK(&priv->fw_reload, mwl8k_hw_restart_work);
6108
6109 /* TX reclaim and RX tasklets. */
6110 tasklet_init(&priv->poll_tx_task, mwl8k_tx_poll, (unsigned long)hw);
6111 tasklet_disable(&priv->poll_tx_task);
6112 tasklet_init(&priv->poll_rx_task, mwl8k_rx_poll, (unsigned long)hw);
6113 tasklet_disable(&priv->poll_rx_task);
6114
6115 /* Power management cookie */
6116 priv->cookie = pci_alloc_consistent(priv->pdev, 4, &priv->cookie_dma);
6117 if (priv->cookie == NULL)
6118 return -ENOMEM;
6119
6120 mutex_init(&priv->fw_mutex);
6121 priv->fw_mutex_owner = NULL;
6122 priv->fw_mutex_depth = 0;
6123 priv->hostcmd_wait = NULL;
6124
6125 spin_lock_init(&priv->tx_lock);
6126
6127 spin_lock_init(&priv->stream_lock);
6128
6129 priv->tx_wait = NULL;
6130
6131 rc = mwl8k_probe_hw(hw);
6132 if (rc)
6133 goto err_free_cookie;
6134
6135 hw->wiphy->interface_modes = 0;
6136
6137 if (priv->ap_macids_supported || priv->device_info->fw_image_ap) {
6138 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_AP);
6139 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_STATION);
6140 hw->wiphy->iface_combinations = &ap_if_comb;
6141 hw->wiphy->n_iface_combinations = 1;
6142 }
6143
6144 if (priv->sta_macids_supported || priv->device_info->fw_image_sta)
6145 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_STATION);
6146
6147 rc = ieee80211_register_hw(hw);
6148 if (rc) {
6149 wiphy_err(hw->wiphy, "Cannot register device\n");
6150 goto err_unprobe_hw;
6151 }
6152
6153 return 0;
6154
6155err_unprobe_hw:
6156 for (i = 0; i < mwl8k_tx_queues(priv); i++)
6157 mwl8k_txq_deinit(hw, i);
6158 mwl8k_rxq_deinit(hw, 0);
6159
6160err_free_cookie:
6161 if (priv->cookie != NULL)
6162 pci_free_consistent(priv->pdev, 4,
6163 priv->cookie, priv->cookie_dma);
6164
6165 return rc;
6166}
6167static int mwl8k_probe(struct pci_dev *pdev,
6168 const struct pci_device_id *id)
6169{
6170 static int printed_version;
6171 struct ieee80211_hw *hw;
6172 struct mwl8k_priv *priv;
6173 struct mwl8k_device_info *di;
6174 int rc;
6175
6176 if (!printed_version) {
6177 printk(KERN_INFO "%s version %s\n", MWL8K_DESC, MWL8K_VERSION);
6178 printed_version = 1;
6179 }
6180
6181
6182 rc = pci_enable_device(pdev);
6183 if (rc) {
6184 printk(KERN_ERR "%s: Cannot enable new PCI device\n",
6185 MWL8K_NAME);
6186 return rc;
6187 }
6188
6189 rc = pci_request_regions(pdev, MWL8K_NAME);
6190 if (rc) {
6191 printk(KERN_ERR "%s: Cannot obtain PCI resources\n",
6192 MWL8K_NAME);
6193 goto err_disable_device;
6194 }
6195
6196 pci_set_master(pdev);
6197
6198
6199 hw = ieee80211_alloc_hw(sizeof(*priv), &mwl8k_ops);
6200 if (hw == NULL) {
6201 printk(KERN_ERR "%s: ieee80211 alloc failed\n", MWL8K_NAME);
6202 rc = -ENOMEM;
6203 goto err_free_reg;
6204 }
6205
6206 SET_IEEE80211_DEV(hw, &pdev->dev);
6207 pci_set_drvdata(pdev, hw);
6208
6209 priv = hw->priv;
6210 priv->hw = hw;
6211 priv->pdev = pdev;
6212 priv->device_info = &mwl8k_info_tbl[id->driver_data];
6213
6214 if (id->driver_data == MWL8764)
6215 priv->is_8764 = true;
6216
6217 priv->sram = pci_iomap(pdev, 0, 0x10000);
6218 if (priv->sram == NULL) {
6219 wiphy_err(hw->wiphy, "Cannot map device SRAM\n");
6220 rc = -EIO;
6221 goto err_iounmap;
6222 }
6223
6224 /*
6225 * If BAR0 is a 32 bit BAR, the register BAR will be BAR1.
6226 * If BAR0 is a 64 bit BAR, the register BAR will be BAR2.
6227 */
6228 priv->regs = pci_iomap(pdev, 1, 0x10000);
6229 if (priv->regs == NULL) {
6230 priv->regs = pci_iomap(pdev, 2, 0x10000);
6231 if (priv->regs == NULL) {
6232 wiphy_err(hw->wiphy, "Cannot map device registers\n");
6233 rc = -EIO;
6234 goto err_iounmap;
6235 }
6236 }
6237
6238 /*
6239 * Choose the initial fw image depending on user input. If a second
6240 * image is available, make it the alternative image that will be
6241 * loaded if the first one fails.
6242 */
6243 init_completion(&priv->firmware_loading_complete);
6244 di = priv->device_info;
6245 if (ap_mode_default && di->fw_image_ap) {
6246 priv->fw_pref = di->fw_image_ap;
6247 priv->fw_alt = di->fw_image_sta;
6248 } else if (!ap_mode_default && di->fw_image_sta) {
6249 priv->fw_pref = di->fw_image_sta;
6250 priv->fw_alt = di->fw_image_ap;
6251 } else if (ap_mode_default && !di->fw_image_ap && di->fw_image_sta) {
6252 printk(KERN_WARNING "AP fw is unavailable. Using STA fw.");
6253 priv->fw_pref = di->fw_image_sta;
6254 } else if (!ap_mode_default && !di->fw_image_sta && di->fw_image_ap) {
6255 printk(KERN_WARNING "STA fw is unavailable. Using AP fw.");
6256 priv->fw_pref = di->fw_image_ap;
6257 }
6258 rc = mwl8k_init_firmware(hw, priv->fw_pref, true);
6259 if (rc)
6260 goto err_stop_firmware;
6261
6262 priv->hw_restart_in_progress = false;
6263
6264 priv->running_bsses = 0;
6265
6266 return rc;
6267
6268err_stop_firmware:
6269 mwl8k_hw_reset(priv);
6270
6271err_iounmap:
6272 if (priv->regs != NULL)
6273 pci_iounmap(pdev, priv->regs);
6274
6275 if (priv->sram != NULL)
6276 pci_iounmap(pdev, priv->sram);
6277
6278 ieee80211_free_hw(hw);
6279
6280err_free_reg:
6281 pci_release_regions(pdev);
6282
6283err_disable_device:
6284 pci_disable_device(pdev);
6285
6286 return rc;
6287}
6288
6289static void mwl8k_remove(struct pci_dev *pdev)
6290{
6291 struct ieee80211_hw *hw = pci_get_drvdata(pdev);
6292 struct mwl8k_priv *priv;
6293 int i;
6294
6295 if (hw == NULL)
6296 return;
6297 priv = hw->priv;
6298
6299 wait_for_completion(&priv->firmware_loading_complete);
6300
6301 if (priv->fw_state == FW_STATE_ERROR) {
6302 mwl8k_hw_reset(priv);
6303 goto unmap;
6304 }
6305
6306 ieee80211_stop_queues(hw);
6307
6308 ieee80211_unregister_hw(hw);
6309
6310 /* Remove TX reclaim and RX tasklets. */
6311 tasklet_kill(&priv->poll_tx_task);
6312 tasklet_kill(&priv->poll_rx_task);
6313
6314 /* Stop hardware */
6315 mwl8k_hw_reset(priv);
6316
6317 /* Return all skbs to mac80211 */
6318 for (i = 0; i < mwl8k_tx_queues(priv); i++)
6319 mwl8k_txq_reclaim(hw, i, INT_MAX, 1);
6320
6321 for (i = 0; i < mwl8k_tx_queues(priv); i++)
6322 mwl8k_txq_deinit(hw, i);
6323
6324 mwl8k_rxq_deinit(hw, 0);
6325
6326 pci_free_consistent(priv->pdev, 4, priv->cookie, priv->cookie_dma);
6327
6328unmap:
6329 pci_iounmap(pdev, priv->regs);
6330 pci_iounmap(pdev, priv->sram);
6331 ieee80211_free_hw(hw);
6332 pci_release_regions(pdev);
6333 pci_disable_device(pdev);
6334}
6335
6336static struct pci_driver mwl8k_driver = {
6337 .name = MWL8K_NAME,
6338 .id_table = mwl8k_pci_id_table,
6339 .probe = mwl8k_probe,
6340 .remove = mwl8k_remove,
6341};
6342
6343module_pci_driver(mwl8k_driver);
6344
6345MODULE_DESCRIPTION(MWL8K_DESC);
6346MODULE_VERSION(MWL8K_VERSION);
6347MODULE_AUTHOR("Lennert Buytenhek <buytenh@marvell.com>");
6348MODULE_LICENSE("GPL");