PageRenderTime 107ms CodeModel.GetById 25ms app.highlight 70ms RepoModel.GetById 1ms app.codeStats 1ms

/drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c

http://github.com/mirrors/linux
C | 1711 lines | 1249 code | 230 blank | 232 comment | 174 complexity | c4d16721c16251751f0a2b708bd2bcb5 MD5 | raw file
   1/*
   2 * Copyright (c) 2010 Broadcom Corporation
   3 * Copyright (c) 2013 Hauke Mehrtens <hauke@hauke-m.de>
   4 *
   5 * Permission to use, copy, modify, and/or distribute this software for any
   6 * purpose with or without fee is hereby granted, provided that the above
   7 * copyright notice and this permission notice appear in all copies.
   8 *
   9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
  12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
  14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  16 */
  17
  18#define __UNDEF_NO_VERSION__
  19#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  20
  21#include <linux/etherdevice.h>
  22#include <linux/sched.h>
  23#include <linux/firmware.h>
  24#include <linux/interrupt.h>
  25#include <linux/module.h>
  26#include <linux/bcma/bcma.h>
  27#include <net/mac80211.h>
  28#include <defs.h>
  29#include "phy/phy_int.h"
  30#include "d11.h"
  31#include "channel.h"
  32#include "scb.h"
  33#include "pub.h"
  34#include "ucode_loader.h"
  35#include "mac80211_if.h"
  36#include "main.h"
  37#include "debug.h"
  38#include "led.h"
  39
  40#define N_TX_QUEUES	4 /* #tx queues on mac80211<->driver interface */
  41#define BRCMS_FLUSH_TIMEOUT	500 /* msec */
  42
  43/* Flags we support */
  44#define MAC_FILTERS (FIF_PROMISC_IN_BSS | \
  45	FIF_ALLMULTI | \
  46	FIF_FCSFAIL | \
  47	FIF_CONTROL | \
  48	FIF_OTHER_BSS | \
  49	FIF_BCN_PRBRESP_PROMISC | \
  50	FIF_PSPOLL)
  51
  52#define CHAN2GHZ(channel, freqency, chflags)  { \
  53	.band = IEEE80211_BAND_2GHZ, \
  54	.center_freq = (freqency), \
  55	.hw_value = (channel), \
  56	.flags = chflags, \
  57	.max_antenna_gain = 0, \
  58	.max_power = 19, \
  59}
  60
  61#define CHAN5GHZ(channel, chflags)  { \
  62	.band = IEEE80211_BAND_5GHZ, \
  63	.center_freq = 5000 + 5*(channel), \
  64	.hw_value = (channel), \
  65	.flags = chflags, \
  66	.max_antenna_gain = 0, \
  67	.max_power = 21, \
  68}
  69
  70#define RATE(rate100m, _flags) { \
  71	.bitrate = (rate100m), \
  72	.flags = (_flags), \
  73	.hw_value = (rate100m / 5), \
  74}
  75
  76struct firmware_hdr {
  77	__le32 offset;
  78	__le32 len;
  79	__le32 idx;
  80};
  81
  82static const char * const brcms_firmwares[MAX_FW_IMAGES] = {
  83	"brcm/bcm43xx",
  84	NULL
  85};
  86
  87static int n_adapters_found;
  88
  89MODULE_AUTHOR("Broadcom Corporation");
  90MODULE_DESCRIPTION("Broadcom 802.11n wireless LAN driver.");
  91MODULE_SUPPORTED_DEVICE("Broadcom 802.11n WLAN cards");
  92MODULE_LICENSE("Dual BSD/GPL");
  93/* This needs to be adjusted when brcms_firmwares changes */
  94MODULE_FIRMWARE("brcm/bcm43xx-0.fw");
  95MODULE_FIRMWARE("brcm/bcm43xx_hdr-0.fw");
  96
  97/* recognized BCMA Core IDs */
  98static struct bcma_device_id brcms_coreid_table[] = {
  99	BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 17, BCMA_ANY_CLASS),
 100	BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 23, BCMA_ANY_CLASS),
 101	BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 24, BCMA_ANY_CLASS),
 102	BCMA_CORETABLE_END
 103};
 104MODULE_DEVICE_TABLE(bcma, brcms_coreid_table);
 105
 106#if defined(CONFIG_BRCMDBG)
 107/*
 108 * Module parameter for setting the debug message level. Available
 109 * flags are specified by the BRCM_DL_* macros in
 110 * drivers/net/wireless/brcm80211/include/defs.h.
 111 */
 112module_param_named(debug, brcm_msg_level, uint, S_IRUGO | S_IWUSR);
 113#endif
 114
 115static struct ieee80211_channel brcms_2ghz_chantable[] = {
 116	CHAN2GHZ(1, 2412, IEEE80211_CHAN_NO_HT40MINUS),
 117	CHAN2GHZ(2, 2417, IEEE80211_CHAN_NO_HT40MINUS),
 118	CHAN2GHZ(3, 2422, IEEE80211_CHAN_NO_HT40MINUS),
 119	CHAN2GHZ(4, 2427, IEEE80211_CHAN_NO_HT40MINUS),
 120	CHAN2GHZ(5, 2432, 0),
 121	CHAN2GHZ(6, 2437, 0),
 122	CHAN2GHZ(7, 2442, 0),
 123	CHAN2GHZ(8, 2447, IEEE80211_CHAN_NO_HT40PLUS),
 124	CHAN2GHZ(9, 2452, IEEE80211_CHAN_NO_HT40PLUS),
 125	CHAN2GHZ(10, 2457, IEEE80211_CHAN_NO_HT40PLUS),
 126	CHAN2GHZ(11, 2462, IEEE80211_CHAN_NO_HT40PLUS),
 127	CHAN2GHZ(12, 2467,
 128		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
 129		 IEEE80211_CHAN_NO_HT40PLUS),
 130	CHAN2GHZ(13, 2472,
 131		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
 132		 IEEE80211_CHAN_NO_HT40PLUS),
 133	CHAN2GHZ(14, 2484,
 134		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
 135		 IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS |
 136		 IEEE80211_CHAN_NO_OFDM)
 137};
 138
 139static struct ieee80211_channel brcms_5ghz_nphy_chantable[] = {
 140	/* UNII-1 */
 141	CHAN5GHZ(36, IEEE80211_CHAN_NO_HT40MINUS),
 142	CHAN5GHZ(40, IEEE80211_CHAN_NO_HT40PLUS),
 143	CHAN5GHZ(44, IEEE80211_CHAN_NO_HT40MINUS),
 144	CHAN5GHZ(48, IEEE80211_CHAN_NO_HT40PLUS),
 145	/* UNII-2 */
 146	CHAN5GHZ(52,
 147		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 148		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 149	CHAN5GHZ(56,
 150		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 151		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 152	CHAN5GHZ(60,
 153		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 154		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 155	CHAN5GHZ(64,
 156		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 157		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 158	/* MID */
 159	CHAN5GHZ(100,
 160		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 161		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 162	CHAN5GHZ(104,
 163		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 164		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 165	CHAN5GHZ(108,
 166		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 167		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 168	CHAN5GHZ(112,
 169		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 170		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 171	CHAN5GHZ(116,
 172		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 173		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 174	CHAN5GHZ(120,
 175		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 176		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 177	CHAN5GHZ(124,
 178		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 179		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 180	CHAN5GHZ(128,
 181		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 182		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 183	CHAN5GHZ(132,
 184		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 185		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
 186	CHAN5GHZ(136,
 187		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 188		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
 189	CHAN5GHZ(140,
 190		 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
 191		 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS |
 192		 IEEE80211_CHAN_NO_HT40MINUS),
 193	/* UNII-3 */
 194	CHAN5GHZ(149, IEEE80211_CHAN_NO_HT40MINUS),
 195	CHAN5GHZ(153, IEEE80211_CHAN_NO_HT40PLUS),
 196	CHAN5GHZ(157, IEEE80211_CHAN_NO_HT40MINUS),
 197	CHAN5GHZ(161, IEEE80211_CHAN_NO_HT40PLUS),
 198	CHAN5GHZ(165, IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS)
 199};
 200
 201/*
 202 * The rate table is used for both 2.4G and 5G rates. The
 203 * latter being a subset as it does not support CCK rates.
 204 */
 205static struct ieee80211_rate legacy_ratetable[] = {
 206	RATE(10, 0),
 207	RATE(20, IEEE80211_RATE_SHORT_PREAMBLE),
 208	RATE(55, IEEE80211_RATE_SHORT_PREAMBLE),
 209	RATE(110, IEEE80211_RATE_SHORT_PREAMBLE),
 210	RATE(60, 0),
 211	RATE(90, 0),
 212	RATE(120, 0),
 213	RATE(180, 0),
 214	RATE(240, 0),
 215	RATE(360, 0),
 216	RATE(480, 0),
 217	RATE(540, 0),
 218};
 219
 220static const struct ieee80211_supported_band brcms_band_2GHz_nphy_template = {
 221	.band = IEEE80211_BAND_2GHZ,
 222	.channels = brcms_2ghz_chantable,
 223	.n_channels = ARRAY_SIZE(brcms_2ghz_chantable),
 224	.bitrates = legacy_ratetable,
 225	.n_bitrates = ARRAY_SIZE(legacy_ratetable),
 226	.ht_cap = {
 227		   /* from include/linux/ieee80211.h */
 228		   .cap = IEEE80211_HT_CAP_GRN_FLD |
 229			  IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40,
 230		   .ht_supported = true,
 231		   .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
 232		   .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
 233		   .mcs = {
 234			   /* placeholders for now */
 235			   .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
 236			   .rx_highest = cpu_to_le16(500),
 237			   .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
 238		   }
 239};
 240
 241static const struct ieee80211_supported_band brcms_band_5GHz_nphy_template = {
 242	.band = IEEE80211_BAND_5GHZ,
 243	.channels = brcms_5ghz_nphy_chantable,
 244	.n_channels = ARRAY_SIZE(brcms_5ghz_nphy_chantable),
 245	.bitrates = legacy_ratetable + BRCMS_LEGACY_5G_RATE_OFFSET,
 246	.n_bitrates = ARRAY_SIZE(legacy_ratetable) -
 247			BRCMS_LEGACY_5G_RATE_OFFSET,
 248	.ht_cap = {
 249		   .cap = IEEE80211_HT_CAP_GRN_FLD | IEEE80211_HT_CAP_SGI_20 |
 250			  IEEE80211_HT_CAP_SGI_40,
 251		   .ht_supported = true,
 252		   .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
 253		   .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
 254		   .mcs = {
 255			   /* placeholders for now */
 256			   .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
 257			   .rx_highest = cpu_to_le16(500),
 258			   .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
 259		   }
 260};
 261
 262/* flags the given rate in rateset as requested */
 263static void brcms_set_basic_rate(struct brcm_rateset *rs, u16 rate, bool is_br)
 264{
 265	u32 i;
 266
 267	for (i = 0; i < rs->count; i++) {
 268		if (rate != (rs->rates[i] & 0x7f))
 269			continue;
 270
 271		if (is_br)
 272			rs->rates[i] |= BRCMS_RATE_FLAG;
 273		else
 274			rs->rates[i] &= BRCMS_RATE_MASK;
 275		return;
 276	}
 277}
 278
 279/**
 280 * This function frees the WL per-device resources.
 281 *
 282 * This function frees resources owned by the WL device pointed to
 283 * by the wl parameter.
 284 *
 285 * precondition: can both be called locked and unlocked
 286 *
 287 */
 288static void brcms_free(struct brcms_info *wl)
 289{
 290	struct brcms_timer *t, *next;
 291
 292	/* free ucode data */
 293	if (wl->fw.fw_cnt)
 294		brcms_ucode_data_free(&wl->ucode);
 295	if (wl->irq)
 296		free_irq(wl->irq, wl);
 297
 298	/* kill dpc */
 299	tasklet_kill(&wl->tasklet);
 300
 301	if (wl->pub) {
 302		brcms_debugfs_detach(wl->pub);
 303		brcms_c_module_unregister(wl->pub, "linux", wl);
 304	}
 305
 306	/* free common resources */
 307	if (wl->wlc) {
 308		brcms_c_detach(wl->wlc);
 309		wl->wlc = NULL;
 310		wl->pub = NULL;
 311	}
 312
 313	/* virtual interface deletion is deferred so we cannot spinwait */
 314
 315	/* wait for all pending callbacks to complete */
 316	while (atomic_read(&wl->callbacks) > 0)
 317		schedule();
 318
 319	/* free timers */
 320	for (t = wl->timers; t; t = next) {
 321		next = t->next;
 322#ifdef DEBUG
 323		kfree(t->name);
 324#endif
 325		kfree(t);
 326	}
 327}
 328
 329/*
 330* called from both kernel as from this kernel module (error flow on attach)
 331* precondition: perimeter lock is not acquired.
 332*/
 333static void brcms_remove(struct bcma_device *pdev)
 334{
 335	struct ieee80211_hw *hw = bcma_get_drvdata(pdev);
 336	struct brcms_info *wl = hw->priv;
 337
 338	if (wl->wlc) {
 339		brcms_led_unregister(wl);
 340		wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, false);
 341		wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
 342		ieee80211_unregister_hw(hw);
 343	}
 344
 345	brcms_free(wl);
 346
 347	bcma_set_drvdata(pdev, NULL);
 348	ieee80211_free_hw(hw);
 349}
 350
 351/*
 352 * Precondition: Since this function is called in brcms_pci_probe() context,
 353 * no locking is required.
 354 */
 355static void brcms_release_fw(struct brcms_info *wl)
 356{
 357	int i;
 358	for (i = 0; i < MAX_FW_IMAGES; i++) {
 359		release_firmware(wl->fw.fw_bin[i]);
 360		release_firmware(wl->fw.fw_hdr[i]);
 361	}
 362}
 363
 364/*
 365 * Precondition: Since this function is called in brcms_pci_probe() context,
 366 * no locking is required.
 367 */
 368static int brcms_request_fw(struct brcms_info *wl, struct bcma_device *pdev)
 369{
 370	int status;
 371	struct device *device = &pdev->dev;
 372	char fw_name[100];
 373	int i;
 374
 375	memset(&wl->fw, 0, sizeof(struct brcms_firmware));
 376	for (i = 0; i < MAX_FW_IMAGES; i++) {
 377		if (brcms_firmwares[i] == NULL)
 378			break;
 379		sprintf(fw_name, "%s-%d.fw", brcms_firmwares[i],
 380			UCODE_LOADER_API_VER);
 381		status = request_firmware(&wl->fw.fw_bin[i], fw_name, device);
 382		if (status) {
 383			wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
 384				  KBUILD_MODNAME, fw_name);
 385			return status;
 386		}
 387		sprintf(fw_name, "%s_hdr-%d.fw", brcms_firmwares[i],
 388			UCODE_LOADER_API_VER);
 389		status = request_firmware(&wl->fw.fw_hdr[i], fw_name, device);
 390		if (status) {
 391			wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
 392				  KBUILD_MODNAME, fw_name);
 393			return status;
 394		}
 395		wl->fw.hdr_num_entries[i] =
 396		    wl->fw.fw_hdr[i]->size / (sizeof(struct firmware_hdr));
 397	}
 398	wl->fw.fw_cnt = i;
 399	status = brcms_ucode_data_init(wl, &wl->ucode);
 400	brcms_release_fw(wl);
 401	return status;
 402}
 403
 404static void brcms_ops_tx(struct ieee80211_hw *hw,
 405			 struct ieee80211_tx_control *control,
 406			 struct sk_buff *skb)
 407{
 408	struct brcms_info *wl = hw->priv;
 409	struct ieee80211_tx_info *tx_info = IEEE80211_SKB_CB(skb);
 410
 411	spin_lock_bh(&wl->lock);
 412	if (!wl->pub->up) {
 413		brcms_err(wl->wlc->hw->d11core, "ops->tx called while down\n");
 414		kfree_skb(skb);
 415		goto done;
 416	}
 417	if (brcms_c_sendpkt_mac80211(wl->wlc, skb, hw))
 418		tx_info->rate_driver_data[0] = control->sta;
 419 done:
 420	spin_unlock_bh(&wl->lock);
 421}
 422
 423static int brcms_ops_start(struct ieee80211_hw *hw)
 424{
 425	struct brcms_info *wl = hw->priv;
 426	bool blocked;
 427	int err;
 428
 429	ieee80211_wake_queues(hw);
 430	spin_lock_bh(&wl->lock);
 431	blocked = brcms_rfkill_set_hw_state(wl);
 432	spin_unlock_bh(&wl->lock);
 433	if (!blocked)
 434		wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
 435
 436	if (!wl->ucode.bcm43xx_bomminor) {
 437		err = brcms_request_fw(wl, wl->wlc->hw->d11core);
 438		if (err) {
 439			brcms_remove(wl->wlc->hw->d11core);
 440			return -ENOENT;
 441		}
 442	}
 443
 444	spin_lock_bh(&wl->lock);
 445	/* avoid acknowledging frames before a non-monitor device is added */
 446	wl->mute_tx = true;
 447
 448	if (!wl->pub->up)
 449		if (!blocked)
 450			err = brcms_up(wl);
 451		else
 452			err = -ERFKILL;
 453	else
 454		err = -ENODEV;
 455	spin_unlock_bh(&wl->lock);
 456
 457	if (err != 0)
 458		brcms_err(wl->wlc->hw->d11core, "%s: brcms_up() returned %d\n",
 459			  __func__, err);
 460
 461	bcma_core_pci_power_save(wl->wlc->hw->d11core->bus, true);
 462	return err;
 463}
 464
 465static void brcms_ops_stop(struct ieee80211_hw *hw)
 466{
 467	struct brcms_info *wl = hw->priv;
 468	int status;
 469
 470	ieee80211_stop_queues(hw);
 471
 472	if (wl->wlc == NULL)
 473		return;
 474
 475	spin_lock_bh(&wl->lock);
 476	status = brcms_c_chipmatch(wl->wlc->hw->d11core);
 477	spin_unlock_bh(&wl->lock);
 478	if (!status) {
 479		brcms_err(wl->wlc->hw->d11core,
 480			  "wl: brcms_ops_stop: chipmatch failed\n");
 481		return;
 482	}
 483
 484	bcma_core_pci_power_save(wl->wlc->hw->d11core->bus, false);
 485
 486	/* put driver in down state */
 487	spin_lock_bh(&wl->lock);
 488	brcms_down(wl);
 489	spin_unlock_bh(&wl->lock);
 490}
 491
 492static int
 493brcms_ops_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 494{
 495	struct brcms_info *wl = hw->priv;
 496
 497	/* Just STA, AP and ADHOC for now */
 498	if (vif->type != NL80211_IFTYPE_STATION &&
 499	    vif->type != NL80211_IFTYPE_AP &&
 500	    vif->type != NL80211_IFTYPE_ADHOC) {
 501		brcms_err(wl->wlc->hw->d11core,
 502			  "%s: Attempt to add type %d, only STA, AP and AdHoc for now\n",
 503			  __func__, vif->type);
 504		return -EOPNOTSUPP;
 505	}
 506
 507	spin_lock_bh(&wl->lock);
 508	wl->mute_tx = false;
 509	brcms_c_mute(wl->wlc, false);
 510	if (vif->type == NL80211_IFTYPE_STATION)
 511		brcms_c_start_station(wl->wlc, vif->addr);
 512	else if (vif->type == NL80211_IFTYPE_AP)
 513		brcms_c_start_ap(wl->wlc, vif->addr, vif->bss_conf.bssid,
 514				 vif->bss_conf.ssid, vif->bss_conf.ssid_len);
 515	else if (vif->type == NL80211_IFTYPE_ADHOC)
 516		brcms_c_start_adhoc(wl->wlc, vif->addr);
 517	spin_unlock_bh(&wl->lock);
 518
 519	return 0;
 520}
 521
 522static void
 523brcms_ops_remove_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 524{
 525}
 526
 527static int brcms_ops_config(struct ieee80211_hw *hw, u32 changed)
 528{
 529	struct ieee80211_conf *conf = &hw->conf;
 530	struct brcms_info *wl = hw->priv;
 531	struct bcma_device *core = wl->wlc->hw->d11core;
 532	int err = 0;
 533	int new_int;
 534
 535	spin_lock_bh(&wl->lock);
 536	if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
 537		brcms_c_set_beacon_listen_interval(wl->wlc,
 538						   conf->listen_interval);
 539	}
 540	if (changed & IEEE80211_CONF_CHANGE_MONITOR)
 541		brcms_dbg_info(core, "%s: change monitor mode: %s\n",
 542			       __func__, conf->flags & IEEE80211_CONF_MONITOR ?
 543			       "true" : "false");
 544	if (changed & IEEE80211_CONF_CHANGE_PS)
 545		brcms_err(core, "%s: change power-save mode: %s (implement)\n",
 546			  __func__, conf->flags & IEEE80211_CONF_PS ?
 547			  "true" : "false");
 548
 549	if (changed & IEEE80211_CONF_CHANGE_POWER) {
 550		err = brcms_c_set_tx_power(wl->wlc, conf->power_level);
 551		if (err < 0) {
 552			brcms_err(core, "%s: Error setting power_level\n",
 553				  __func__);
 554			goto config_out;
 555		}
 556		new_int = brcms_c_get_tx_power(wl->wlc);
 557		if (new_int != conf->power_level)
 558			brcms_err(core,
 559				  "%s: Power level req != actual, %d %d\n",
 560				  __func__, conf->power_level,
 561				  new_int);
 562	}
 563	if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
 564		if (conf->chandef.width == NL80211_CHAN_WIDTH_20 ||
 565		    conf->chandef.width == NL80211_CHAN_WIDTH_20_NOHT)
 566			err = brcms_c_set_channel(wl->wlc,
 567						  conf->chandef.chan->hw_value);
 568		else
 569			err = -ENOTSUPP;
 570	}
 571	if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
 572		err = brcms_c_set_rate_limit(wl->wlc,
 573					     conf->short_frame_max_tx_count,
 574					     conf->long_frame_max_tx_count);
 575
 576 config_out:
 577	spin_unlock_bh(&wl->lock);
 578	return err;
 579}
 580
 581static void
 582brcms_ops_bss_info_changed(struct ieee80211_hw *hw,
 583			struct ieee80211_vif *vif,
 584			struct ieee80211_bss_conf *info, u32 changed)
 585{
 586	struct brcms_info *wl = hw->priv;
 587	struct bcma_device *core = wl->wlc->hw->d11core;
 588
 589	if (changed & BSS_CHANGED_ASSOC) {
 590		/* association status changed (associated/disassociated)
 591		 * also implies a change in the AID.
 592		 */
 593		brcms_err(core, "%s: %s: %sassociated\n", KBUILD_MODNAME,
 594			  __func__, info->assoc ? "" : "dis");
 595		spin_lock_bh(&wl->lock);
 596		brcms_c_associate_upd(wl->wlc, info->assoc);
 597		spin_unlock_bh(&wl->lock);
 598	}
 599	if (changed & BSS_CHANGED_ERP_SLOT) {
 600		s8 val;
 601
 602		/* slot timing changed */
 603		if (info->use_short_slot)
 604			val = 1;
 605		else
 606			val = 0;
 607		spin_lock_bh(&wl->lock);
 608		brcms_c_set_shortslot_override(wl->wlc, val);
 609		spin_unlock_bh(&wl->lock);
 610	}
 611
 612	if (changed & BSS_CHANGED_HT) {
 613		/* 802.11n parameters changed */
 614		u16 mode = info->ht_operation_mode;
 615
 616		spin_lock_bh(&wl->lock);
 617		brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_CFG,
 618			mode & IEEE80211_HT_OP_MODE_PROTECTION);
 619		brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_NONGF,
 620			mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT);
 621		brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_OBSS,
 622			mode & IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT);
 623		spin_unlock_bh(&wl->lock);
 624	}
 625	if (changed & BSS_CHANGED_BASIC_RATES) {
 626		struct ieee80211_supported_band *bi;
 627		u32 br_mask, i;
 628		u16 rate;
 629		struct brcm_rateset rs;
 630		int error;
 631
 632		/* retrieve the current rates */
 633		spin_lock_bh(&wl->lock);
 634		brcms_c_get_current_rateset(wl->wlc, &rs);
 635		spin_unlock_bh(&wl->lock);
 636
 637		br_mask = info->basic_rates;
 638		bi = hw->wiphy->bands[brcms_c_get_curband(wl->wlc)];
 639		for (i = 0; i < bi->n_bitrates; i++) {
 640			/* convert to internal rate value */
 641			rate = (bi->bitrates[i].bitrate << 1) / 10;
 642
 643			/* set/clear basic rate flag */
 644			brcms_set_basic_rate(&rs, rate, br_mask & 1);
 645			br_mask >>= 1;
 646		}
 647
 648		/* update the rate set */
 649		spin_lock_bh(&wl->lock);
 650		error = brcms_c_set_rateset(wl->wlc, &rs);
 651		spin_unlock_bh(&wl->lock);
 652		if (error)
 653			brcms_err(core, "changing basic rates failed: %d\n",
 654				  error);
 655	}
 656	if (changed & BSS_CHANGED_BEACON_INT) {
 657		/* Beacon interval changed */
 658		spin_lock_bh(&wl->lock);
 659		brcms_c_set_beacon_period(wl->wlc, info->beacon_int);
 660		spin_unlock_bh(&wl->lock);
 661	}
 662	if (changed & BSS_CHANGED_BSSID) {
 663		/* BSSID changed, for whatever reason (IBSS and managed mode) */
 664		spin_lock_bh(&wl->lock);
 665		brcms_c_set_addrmatch(wl->wlc, RCM_BSSID_OFFSET, info->bssid);
 666		spin_unlock_bh(&wl->lock);
 667	}
 668	if (changed & BSS_CHANGED_SSID) {
 669		/* BSSID changed, for whatever reason (IBSS and managed mode) */
 670		spin_lock_bh(&wl->lock);
 671		brcms_c_set_ssid(wl->wlc, info->ssid, info->ssid_len);
 672		spin_unlock_bh(&wl->lock);
 673	}
 674	if (changed & BSS_CHANGED_BEACON) {
 675		/* Beacon data changed, retrieve new beacon (beaconing modes) */
 676		struct sk_buff *beacon;
 677		u16 tim_offset = 0;
 678
 679		spin_lock_bh(&wl->lock);
 680		beacon = ieee80211_beacon_get_tim(hw, vif, &tim_offset, NULL);
 681		brcms_c_set_new_beacon(wl->wlc, beacon, tim_offset,
 682				       info->dtim_period);
 683		spin_unlock_bh(&wl->lock);
 684	}
 685
 686	if (changed & BSS_CHANGED_AP_PROBE_RESP) {
 687		struct sk_buff *probe_resp;
 688
 689		spin_lock_bh(&wl->lock);
 690		probe_resp = ieee80211_proberesp_get(hw, vif);
 691		brcms_c_set_new_probe_resp(wl->wlc, probe_resp);
 692		spin_unlock_bh(&wl->lock);
 693	}
 694
 695	if (changed & BSS_CHANGED_BEACON_ENABLED) {
 696		/* Beaconing should be enabled/disabled (beaconing modes) */
 697		brcms_err(core, "%s: Beacon enabled: %s\n", __func__,
 698			  info->enable_beacon ? "true" : "false");
 699		if (info->enable_beacon &&
 700		    hw->wiphy->flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) {
 701			brcms_c_enable_probe_resp(wl->wlc, true);
 702		} else {
 703			brcms_c_enable_probe_resp(wl->wlc, false);
 704		}
 705	}
 706
 707	if (changed & BSS_CHANGED_CQM) {
 708		/* Connection quality monitor config changed */
 709		brcms_err(core, "%s: cqm change: threshold %d, hys %d "
 710			  " (implement)\n", __func__, info->cqm_rssi_thold,
 711			  info->cqm_rssi_hyst);
 712	}
 713
 714	if (changed & BSS_CHANGED_IBSS) {
 715		/* IBSS join status changed */
 716		brcms_err(core, "%s: IBSS joined: %s (implement)\n",
 717			  __func__, info->ibss_joined ? "true" : "false");
 718	}
 719
 720	if (changed & BSS_CHANGED_ARP_FILTER) {
 721		/* Hardware ARP filter address list or state changed */
 722		brcms_err(core, "%s: arp filtering: %d addresses"
 723			  " (implement)\n", __func__, info->arp_addr_cnt);
 724	}
 725
 726	if (changed & BSS_CHANGED_QOS) {
 727		/*
 728		 * QoS for this association was enabled/disabled.
 729		 * Note that it is only ever disabled for station mode.
 730		 */
 731		brcms_err(core, "%s: qos enabled: %s (implement)\n",
 732			  __func__, info->qos ? "true" : "false");
 733	}
 734	return;
 735}
 736
 737static void
 738brcms_ops_configure_filter(struct ieee80211_hw *hw,
 739			unsigned int changed_flags,
 740			unsigned int *total_flags, u64 multicast)
 741{
 742	struct brcms_info *wl = hw->priv;
 743	struct bcma_device *core = wl->wlc->hw->d11core;
 744
 745	changed_flags &= MAC_FILTERS;
 746	*total_flags &= MAC_FILTERS;
 747
 748	if (changed_flags & FIF_PROMISC_IN_BSS)
 749		brcms_dbg_info(core, "FIF_PROMISC_IN_BSS\n");
 750	if (changed_flags & FIF_ALLMULTI)
 751		brcms_dbg_info(core, "FIF_ALLMULTI\n");
 752	if (changed_flags & FIF_FCSFAIL)
 753		brcms_dbg_info(core, "FIF_FCSFAIL\n");
 754	if (changed_flags & FIF_CONTROL)
 755		brcms_dbg_info(core, "FIF_CONTROL\n");
 756	if (changed_flags & FIF_OTHER_BSS)
 757		brcms_dbg_info(core, "FIF_OTHER_BSS\n");
 758	if (changed_flags & FIF_PSPOLL)
 759		brcms_dbg_info(core, "FIF_PSPOLL\n");
 760	if (changed_flags & FIF_BCN_PRBRESP_PROMISC)
 761		brcms_dbg_info(core, "FIF_BCN_PRBRESP_PROMISC\n");
 762
 763	spin_lock_bh(&wl->lock);
 764	brcms_c_mac_promisc(wl->wlc, *total_flags);
 765	spin_unlock_bh(&wl->lock);
 766	return;
 767}
 768
 769static void brcms_ops_sw_scan_start(struct ieee80211_hw *hw)
 770{
 771	struct brcms_info *wl = hw->priv;
 772	spin_lock_bh(&wl->lock);
 773	brcms_c_scan_start(wl->wlc);
 774	spin_unlock_bh(&wl->lock);
 775	return;
 776}
 777
 778static void brcms_ops_sw_scan_complete(struct ieee80211_hw *hw)
 779{
 780	struct brcms_info *wl = hw->priv;
 781	spin_lock_bh(&wl->lock);
 782	brcms_c_scan_stop(wl->wlc);
 783	spin_unlock_bh(&wl->lock);
 784	return;
 785}
 786
 787static int
 788brcms_ops_conf_tx(struct ieee80211_hw *hw, struct ieee80211_vif *vif, u16 queue,
 789		  const struct ieee80211_tx_queue_params *params)
 790{
 791	struct brcms_info *wl = hw->priv;
 792
 793	spin_lock_bh(&wl->lock);
 794	brcms_c_wme_setparams(wl->wlc, queue, params, true);
 795	spin_unlock_bh(&wl->lock);
 796
 797	return 0;
 798}
 799
 800static int
 801brcms_ops_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
 802	       struct ieee80211_sta *sta)
 803{
 804	struct brcms_info *wl = hw->priv;
 805	struct scb *scb = &wl->wlc->pri_scb;
 806
 807	brcms_c_init_scb(scb);
 808
 809	wl->pub->global_ampdu = &(scb->scb_ampdu);
 810	wl->pub->global_ampdu->scb = scb;
 811	wl->pub->global_ampdu->max_pdu = 16;
 812
 813	/*
 814	 * minstrel_ht initiates addBA on our behalf by calling
 815	 * ieee80211_start_tx_ba_session()
 816	 */
 817	return 0;
 818}
 819
 820static int
 821brcms_ops_ampdu_action(struct ieee80211_hw *hw,
 822		    struct ieee80211_vif *vif,
 823		    enum ieee80211_ampdu_mlme_action action,
 824		    struct ieee80211_sta *sta, u16 tid, u16 *ssn,
 825		    u8 buf_size)
 826{
 827	struct brcms_info *wl = hw->priv;
 828	struct scb *scb = &wl->wlc->pri_scb;
 829	int status;
 830
 831	if (WARN_ON(scb->magic != SCB_MAGIC))
 832		return -EIDRM;
 833	switch (action) {
 834	case IEEE80211_AMPDU_RX_START:
 835		break;
 836	case IEEE80211_AMPDU_RX_STOP:
 837		break;
 838	case IEEE80211_AMPDU_TX_START:
 839		spin_lock_bh(&wl->lock);
 840		status = brcms_c_aggregatable(wl->wlc, tid);
 841		spin_unlock_bh(&wl->lock);
 842		if (!status) {
 843			brcms_err(wl->wlc->hw->d11core,
 844				  "START: tid %d is not agg\'able\n", tid);
 845			return -EINVAL;
 846		}
 847		ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
 848		break;
 849
 850	case IEEE80211_AMPDU_TX_STOP_CONT:
 851	case IEEE80211_AMPDU_TX_STOP_FLUSH:
 852	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
 853		spin_lock_bh(&wl->lock);
 854		brcms_c_ampdu_flush(wl->wlc, sta, tid);
 855		spin_unlock_bh(&wl->lock);
 856		ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
 857		break;
 858	case IEEE80211_AMPDU_TX_OPERATIONAL:
 859		/*
 860		 * BA window size from ADDBA response ('buf_size') defines how
 861		 * many outstanding MPDUs are allowed for the BA stream by
 862		 * recipient and traffic class. 'ampdu_factor' gives maximum
 863		 * AMPDU size.
 864		 */
 865		spin_lock_bh(&wl->lock);
 866		brcms_c_ampdu_tx_operational(wl->wlc, tid, buf_size,
 867			(1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
 868			 sta->ht_cap.ampdu_factor)) - 1);
 869		spin_unlock_bh(&wl->lock);
 870		/* Power save wakeup */
 871		break;
 872	default:
 873		brcms_err(wl->wlc->hw->d11core,
 874			  "%s: Invalid command, ignoring\n", __func__);
 875	}
 876
 877	return 0;
 878}
 879
 880static void brcms_ops_rfkill_poll(struct ieee80211_hw *hw)
 881{
 882	struct brcms_info *wl = hw->priv;
 883	bool blocked;
 884
 885	spin_lock_bh(&wl->lock);
 886	blocked = brcms_c_check_radio_disabled(wl->wlc);
 887	spin_unlock_bh(&wl->lock);
 888
 889	wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
 890}
 891
 892static bool brcms_tx_flush_completed(struct brcms_info *wl)
 893{
 894	bool result;
 895
 896	spin_lock_bh(&wl->lock);
 897	result = brcms_c_tx_flush_completed(wl->wlc);
 898	spin_unlock_bh(&wl->lock);
 899	return result;
 900}
 901
 902static void brcms_ops_flush(struct ieee80211_hw *hw, u32 queues, bool drop)
 903{
 904	struct brcms_info *wl = hw->priv;
 905	int ret;
 906
 907	no_printk("%s: drop = %s\n", __func__, drop ? "true" : "false");
 908
 909	ret = wait_event_timeout(wl->tx_flush_wq,
 910				 brcms_tx_flush_completed(wl),
 911				 msecs_to_jiffies(BRCMS_FLUSH_TIMEOUT));
 912
 913	brcms_dbg_mac80211(wl->wlc->hw->d11core,
 914			   "ret=%d\n", jiffies_to_msecs(ret));
 915}
 916
 917static u64 brcms_ops_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
 918{
 919	struct brcms_info *wl = hw->priv;
 920	u64 tsf;
 921
 922	spin_lock_bh(&wl->lock);
 923	tsf = brcms_c_tsf_get(wl->wlc);
 924	spin_unlock_bh(&wl->lock);
 925
 926	return tsf;
 927}
 928
 929static void brcms_ops_set_tsf(struct ieee80211_hw *hw,
 930			   struct ieee80211_vif *vif, u64 tsf)
 931{
 932	struct brcms_info *wl = hw->priv;
 933
 934	spin_lock_bh(&wl->lock);
 935	brcms_c_tsf_set(wl->wlc, tsf);
 936	spin_unlock_bh(&wl->lock);
 937}
 938
 939static const struct ieee80211_ops brcms_ops = {
 940	.tx = brcms_ops_tx,
 941	.start = brcms_ops_start,
 942	.stop = brcms_ops_stop,
 943	.add_interface = brcms_ops_add_interface,
 944	.remove_interface = brcms_ops_remove_interface,
 945	.config = brcms_ops_config,
 946	.bss_info_changed = brcms_ops_bss_info_changed,
 947	.configure_filter = brcms_ops_configure_filter,
 948	.sw_scan_start = brcms_ops_sw_scan_start,
 949	.sw_scan_complete = brcms_ops_sw_scan_complete,
 950	.conf_tx = brcms_ops_conf_tx,
 951	.sta_add = brcms_ops_sta_add,
 952	.ampdu_action = brcms_ops_ampdu_action,
 953	.rfkill_poll = brcms_ops_rfkill_poll,
 954	.flush = brcms_ops_flush,
 955	.get_tsf = brcms_ops_get_tsf,
 956	.set_tsf = brcms_ops_set_tsf,
 957};
 958
 959void brcms_dpc(unsigned long data)
 960{
 961	struct brcms_info *wl;
 962
 963	wl = (struct brcms_info *) data;
 964
 965	spin_lock_bh(&wl->lock);
 966
 967	/* call the common second level interrupt handler */
 968	if (wl->pub->up) {
 969		if (wl->resched) {
 970			unsigned long flags;
 971
 972			spin_lock_irqsave(&wl->isr_lock, flags);
 973			brcms_c_intrsupd(wl->wlc);
 974			spin_unlock_irqrestore(&wl->isr_lock, flags);
 975		}
 976
 977		wl->resched = brcms_c_dpc(wl->wlc, true);
 978	}
 979
 980	/* brcms_c_dpc() may bring the driver down */
 981	if (!wl->pub->up)
 982		goto done;
 983
 984	/* re-schedule dpc */
 985	if (wl->resched)
 986		tasklet_schedule(&wl->tasklet);
 987	else
 988		/* re-enable interrupts */
 989		brcms_intrson(wl);
 990
 991 done:
 992	spin_unlock_bh(&wl->lock);
 993	wake_up(&wl->tx_flush_wq);
 994}
 995
 996static irqreturn_t brcms_isr(int irq, void *dev_id)
 997{
 998	struct brcms_info *wl;
 999	irqreturn_t ret = IRQ_NONE;
1000
1001	wl = (struct brcms_info *) dev_id;
1002
1003	spin_lock(&wl->isr_lock);
1004
1005	/* call common first level interrupt handler */
1006	if (brcms_c_isr(wl->wlc)) {
1007		/* schedule second level handler */
1008		tasklet_schedule(&wl->tasklet);
1009		ret = IRQ_HANDLED;
1010	}
1011
1012	spin_unlock(&wl->isr_lock);
1013
1014	return ret;
1015}
1016
1017/*
1018 * is called in brcms_pci_probe() context, therefore no locking required.
1019 */
1020static int ieee_hw_rate_init(struct ieee80211_hw *hw)
1021{
1022	struct brcms_info *wl = hw->priv;
1023	struct brcms_c_info *wlc = wl->wlc;
1024	struct ieee80211_supported_band *band;
1025	int has_5g = 0;
1026	u16 phy_type;
1027
1028	hw->wiphy->bands[IEEE80211_BAND_2GHZ] = NULL;
1029	hw->wiphy->bands[IEEE80211_BAND_5GHZ] = NULL;
1030
1031	phy_type = brcms_c_get_phy_type(wl->wlc, 0);
1032	if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
1033		band = &wlc->bandstate[BAND_2G_INDEX]->band;
1034		*band = brcms_band_2GHz_nphy_template;
1035		if (phy_type == PHY_TYPE_LCN) {
1036			/* Single stream */
1037			band->ht_cap.mcs.rx_mask[1] = 0;
1038			band->ht_cap.mcs.rx_highest = cpu_to_le16(72);
1039		}
1040		hw->wiphy->bands[IEEE80211_BAND_2GHZ] = band;
1041	} else {
1042		return -EPERM;
1043	}
1044
1045	/* Assume all bands use the same phy.  True for 11n devices. */
1046	if (wl->pub->_nbands > 1) {
1047		has_5g++;
1048		if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
1049			band = &wlc->bandstate[BAND_5G_INDEX]->band;
1050			*band = brcms_band_5GHz_nphy_template;
1051			hw->wiphy->bands[IEEE80211_BAND_5GHZ] = band;
1052		} else {
1053			return -EPERM;
1054		}
1055	}
1056	return 0;
1057}
1058
1059/*
1060 * is called in brcms_pci_probe() context, therefore no locking required.
1061 */
1062static int ieee_hw_init(struct ieee80211_hw *hw)
1063{
1064	hw->flags = IEEE80211_HW_SIGNAL_DBM
1065	    /* | IEEE80211_HW_CONNECTION_MONITOR  What is this? */
1066	    | IEEE80211_HW_REPORTS_TX_ACK_STATUS
1067	    | IEEE80211_HW_AMPDU_AGGREGATION;
1068
1069	hw->extra_tx_headroom = brcms_c_get_header_len();
1070	hw->queues = N_TX_QUEUES;
1071	hw->max_rates = 2;	/* Primary rate and 1 fallback rate */
1072
1073	/* channel change time is dependent on chip and band  */
1074	hw->channel_change_time = 7 * 1000;
1075	hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1076				     BIT(NL80211_IFTYPE_AP) |
1077				     BIT(NL80211_IFTYPE_ADHOC);
1078
1079	/*
1080	 * deactivate sending probe responses by ucude, because this will
1081	 * cause problems when WPS is used.
1082	 *
1083	 * hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
1084	 */
1085
1086	hw->rate_control_algorithm = "minstrel_ht";
1087
1088	hw->sta_data_size = 0;
1089	return ieee_hw_rate_init(hw);
1090}
1091
1092/**
1093 * attach to the WL device.
1094 *
1095 * Attach to the WL device identified by vendor and device parameters.
1096 * regs is a host accessible memory address pointing to WL device registers.
1097 *
1098 * brcms_attach is not defined as static because in the case where no bus
1099 * is defined, wl_attach will never be called, and thus, gcc will issue
1100 * a warning that this function is defined but not used if we declare
1101 * it as static.
1102 *
1103 *
1104 * is called in brcms_bcma_probe() context, therefore no locking required.
1105 */
1106static struct brcms_info *brcms_attach(struct bcma_device *pdev)
1107{
1108	struct brcms_info *wl = NULL;
1109	int unit, err;
1110	struct ieee80211_hw *hw;
1111	u8 perm[ETH_ALEN];
1112
1113	unit = n_adapters_found;
1114	err = 0;
1115
1116	if (unit < 0)
1117		return NULL;
1118
1119	/* allocate private info */
1120	hw = bcma_get_drvdata(pdev);
1121	if (hw != NULL)
1122		wl = hw->priv;
1123	if (WARN_ON(hw == NULL) || WARN_ON(wl == NULL))
1124		return NULL;
1125	wl->wiphy = hw->wiphy;
1126
1127	atomic_set(&wl->callbacks, 0);
1128
1129	init_waitqueue_head(&wl->tx_flush_wq);
1130
1131	/* setup the bottom half handler */
1132	tasklet_init(&wl->tasklet, brcms_dpc, (unsigned long) wl);
1133
1134	spin_lock_init(&wl->lock);
1135	spin_lock_init(&wl->isr_lock);
1136
1137	/* common load-time initialization */
1138	wl->wlc = brcms_c_attach((void *)wl, pdev, unit, false, &err);
1139	if (!wl->wlc) {
1140		wiphy_err(wl->wiphy, "%s: attach() failed with code %d\n",
1141			  KBUILD_MODNAME, err);
1142		goto fail;
1143	}
1144	wl->pub = brcms_c_pub(wl->wlc);
1145
1146	wl->pub->ieee_hw = hw;
1147
1148	/* register our interrupt handler */
1149	if (request_irq(pdev->irq, brcms_isr,
1150			IRQF_SHARED, KBUILD_MODNAME, wl)) {
1151		wiphy_err(wl->wiphy, "wl%d: request_irq() failed\n", unit);
1152		goto fail;
1153	}
1154	wl->irq = pdev->irq;
1155
1156	/* register module */
1157	brcms_c_module_register(wl->pub, "linux", wl, NULL);
1158
1159	if (ieee_hw_init(hw)) {
1160		wiphy_err(wl->wiphy, "wl%d: %s: ieee_hw_init failed!\n", unit,
1161			  __func__);
1162		goto fail;
1163	}
1164
1165	brcms_c_regd_init(wl->wlc);
1166
1167	memcpy(perm, &wl->pub->cur_etheraddr, ETH_ALEN);
1168	if (WARN_ON(!is_valid_ether_addr(perm)))
1169		goto fail;
1170	SET_IEEE80211_PERM_ADDR(hw, perm);
1171
1172	err = ieee80211_register_hw(hw);
1173	if (err)
1174		wiphy_err(wl->wiphy, "%s: ieee80211_register_hw failed, status"
1175			  "%d\n", __func__, err);
1176
1177	if (wl->pub->srom_ccode[0] &&
1178	    regulatory_hint(wl->wiphy, wl->pub->srom_ccode))
1179		wiphy_err(wl->wiphy, "%s: regulatory hint failed\n", __func__);
1180
1181	brcms_debugfs_attach(wl->pub);
1182	brcms_debugfs_create_files(wl->pub);
1183	n_adapters_found++;
1184	return wl;
1185
1186fail:
1187	brcms_free(wl);
1188	return NULL;
1189}
1190
1191
1192
1193/**
1194 * determines if a device is a WL device, and if so, attaches it.
1195 *
1196 * This function determines if a device pointed to by pdev is a WL device,
1197 * and if so, performs a brcms_attach() on it.
1198 *
1199 * Perimeter lock is initialized in the course of this function.
1200 */
1201static int brcms_bcma_probe(struct bcma_device *pdev)
1202{
1203	struct brcms_info *wl;
1204	struct ieee80211_hw *hw;
1205
1206	dev_info(&pdev->dev, "mfg %x core %x rev %d class %d irq %d\n",
1207		 pdev->id.manuf, pdev->id.id, pdev->id.rev, pdev->id.class,
1208		 pdev->irq);
1209
1210	if ((pdev->id.manuf != BCMA_MANUF_BCM) ||
1211	    (pdev->id.id != BCMA_CORE_80211))
1212		return -ENODEV;
1213
1214	hw = ieee80211_alloc_hw(sizeof(struct brcms_info), &brcms_ops);
1215	if (!hw) {
1216		pr_err("%s: ieee80211_alloc_hw failed\n", __func__);
1217		return -ENOMEM;
1218	}
1219
1220	SET_IEEE80211_DEV(hw, &pdev->dev);
1221
1222	bcma_set_drvdata(pdev, hw);
1223
1224	memset(hw->priv, 0, sizeof(*wl));
1225
1226	wl = brcms_attach(pdev);
1227	if (!wl) {
1228		pr_err("%s: brcms_attach failed!\n", __func__);
1229		return -ENODEV;
1230	}
1231	brcms_led_register(wl);
1232
1233	return 0;
1234}
1235
1236static int brcms_suspend(struct bcma_device *pdev)
1237{
1238	struct brcms_info *wl;
1239	struct ieee80211_hw *hw;
1240
1241	hw = bcma_get_drvdata(pdev);
1242	wl = hw->priv;
1243	if (!wl) {
1244		pr_err("%s: %s: no driver private struct!\n", KBUILD_MODNAME,
1245		       __func__);
1246		return -ENODEV;
1247	}
1248
1249	/* only need to flag hw is down for proper resume */
1250	spin_lock_bh(&wl->lock);
1251	wl->pub->hw_up = false;
1252	spin_unlock_bh(&wl->lock);
1253
1254	brcms_dbg_info(wl->wlc->hw->d11core, "brcms_suspend ok\n");
1255
1256	return 0;
1257}
1258
1259static int brcms_resume(struct bcma_device *pdev)
1260{
1261	return 0;
1262}
1263
1264static struct bcma_driver brcms_bcma_driver = {
1265	.name     = KBUILD_MODNAME,
1266	.probe    = brcms_bcma_probe,
1267	.suspend  = brcms_suspend,
1268	.resume   = brcms_resume,
1269	.remove   = brcms_remove,
1270	.id_table = brcms_coreid_table,
1271};
1272
1273/**
1274 * This is the main entry point for the brcmsmac driver.
1275 *
1276 * This function is scheduled upon module initialization and
1277 * does the driver registration, which result in brcms_bcma_probe()
1278 * call resulting in the driver bringup.
1279 */
1280static void brcms_driver_init(struct work_struct *work)
1281{
1282	int error;
1283
1284	error = bcma_driver_register(&brcms_bcma_driver);
1285	if (error)
1286		pr_err("%s: register returned %d\n", __func__, error);
1287}
1288
1289static DECLARE_WORK(brcms_driver_work, brcms_driver_init);
1290
1291static int __init brcms_module_init(void)
1292{
1293	brcms_debugfs_init();
1294	if (!schedule_work(&brcms_driver_work))
1295		return -EBUSY;
1296
1297	return 0;
1298}
1299
1300/**
1301 * This function unloads the brcmsmac driver from the system.
1302 *
1303 * This function unconditionally unloads the brcmsmac driver module from the
1304 * system.
1305 *
1306 */
1307static void __exit brcms_module_exit(void)
1308{
1309	cancel_work_sync(&brcms_driver_work);
1310	bcma_driver_unregister(&brcms_bcma_driver);
1311	brcms_debugfs_exit();
1312}
1313
1314module_init(brcms_module_init);
1315module_exit(brcms_module_exit);
1316
1317/*
1318 * precondition: perimeter lock has been acquired
1319 */
1320void brcms_txflowcontrol(struct brcms_info *wl, struct brcms_if *wlif,
1321			 bool state, int prio)
1322{
1323	brcms_err(wl->wlc->hw->d11core, "Shouldn't be here %s\n", __func__);
1324}
1325
1326/*
1327 * precondition: perimeter lock has been acquired
1328 */
1329void brcms_init(struct brcms_info *wl)
1330{
1331	brcms_dbg_info(wl->wlc->hw->d11core, "Initializing wl%d\n",
1332		       wl->pub->unit);
1333	brcms_reset(wl);
1334	brcms_c_init(wl->wlc, wl->mute_tx);
1335}
1336
1337/*
1338 * precondition: perimeter lock has been acquired
1339 */
1340uint brcms_reset(struct brcms_info *wl)
1341{
1342	brcms_dbg_info(wl->wlc->hw->d11core, "Resetting wl%d\n", wl->pub->unit);
1343	brcms_c_reset(wl->wlc);
1344
1345	/* dpc will not be rescheduled */
1346	wl->resched = false;
1347
1348	/* inform publicly that interface is down */
1349	wl->pub->up = false;
1350
1351	return 0;
1352}
1353
1354void brcms_fatal_error(struct brcms_info *wl)
1355{
1356	brcms_err(wl->wlc->hw->d11core, "wl%d: fatal error, reinitializing\n",
1357		  wl->wlc->pub->unit);
1358	brcms_reset(wl);
1359	ieee80211_restart_hw(wl->pub->ieee_hw);
1360}
1361
1362/*
1363 * These are interrupt on/off entry points. Disable interrupts
1364 * during interrupt state transition.
1365 */
1366void brcms_intrson(struct brcms_info *wl)
1367{
1368	unsigned long flags;
1369
1370	spin_lock_irqsave(&wl->isr_lock, flags);
1371	brcms_c_intrson(wl->wlc);
1372	spin_unlock_irqrestore(&wl->isr_lock, flags);
1373}
1374
1375u32 brcms_intrsoff(struct brcms_info *wl)
1376{
1377	unsigned long flags;
1378	u32 status;
1379
1380	spin_lock_irqsave(&wl->isr_lock, flags);
1381	status = brcms_c_intrsoff(wl->wlc);
1382	spin_unlock_irqrestore(&wl->isr_lock, flags);
1383	return status;
1384}
1385
1386void brcms_intrsrestore(struct brcms_info *wl, u32 macintmask)
1387{
1388	unsigned long flags;
1389
1390	spin_lock_irqsave(&wl->isr_lock, flags);
1391	brcms_c_intrsrestore(wl->wlc, macintmask);
1392	spin_unlock_irqrestore(&wl->isr_lock, flags);
1393}
1394
1395/*
1396 * precondition: perimeter lock has been acquired
1397 */
1398int brcms_up(struct brcms_info *wl)
1399{
1400	int error = 0;
1401
1402	if (wl->pub->up)
1403		return 0;
1404
1405	error = brcms_c_up(wl->wlc);
1406
1407	return error;
1408}
1409
1410/*
1411 * precondition: perimeter lock has been acquired
1412 */
1413void brcms_down(struct brcms_info *wl)
1414{
1415	uint callbacks, ret_val = 0;
1416
1417	/* call common down function */
1418	ret_val = brcms_c_down(wl->wlc);
1419	callbacks = atomic_read(&wl->callbacks) - ret_val;
1420
1421	/* wait for down callbacks to complete */
1422	spin_unlock_bh(&wl->lock);
1423
1424	/* For HIGH_only driver, it's important to actually schedule other work,
1425	 * not just spin wait since everything runs at schedule level
1426	 */
1427	SPINWAIT((atomic_read(&wl->callbacks) > callbacks), 100 * 1000);
1428
1429	spin_lock_bh(&wl->lock);
1430}
1431
1432/*
1433* precondition: perimeter lock is not acquired
1434 */
1435static void _brcms_timer(struct work_struct *work)
1436{
1437	struct brcms_timer *t = container_of(work, struct brcms_timer,
1438					     dly_wrk.work);
1439
1440	spin_lock_bh(&t->wl->lock);
1441
1442	if (t->set) {
1443		if (t->periodic) {
1444			atomic_inc(&t->wl->callbacks);
1445			ieee80211_queue_delayed_work(t->wl->pub->ieee_hw,
1446						     &t->dly_wrk,
1447						     msecs_to_jiffies(t->ms));
1448		} else {
1449			t->set = false;
1450		}
1451
1452		t->fn(t->arg);
1453	}
1454
1455	atomic_dec(&t->wl->callbacks);
1456
1457	spin_unlock_bh(&t->wl->lock);
1458}
1459
1460/*
1461 * Adds a timer to the list. Caller supplies a timer function.
1462 * Is called from wlc.
1463 *
1464 * precondition: perimeter lock has been acquired
1465 */
1466struct brcms_timer *brcms_init_timer(struct brcms_info *wl,
1467				     void (*fn) (void *arg),
1468				     void *arg, const char *name)
1469{
1470	struct brcms_timer *t;
1471
1472	t = kzalloc(sizeof(struct brcms_timer), GFP_ATOMIC);
1473	if (!t)
1474		return NULL;
1475
1476	INIT_DELAYED_WORK(&t->dly_wrk, _brcms_timer);
1477	t->wl = wl;
1478	t->fn = fn;
1479	t->arg = arg;
1480	t->next = wl->timers;
1481	wl->timers = t;
1482
1483#ifdef DEBUG
1484	t->name = kmalloc(strlen(name) + 1, GFP_ATOMIC);
1485	if (t->name)
1486		strcpy(t->name, name);
1487#endif
1488
1489	return t;
1490}
1491
1492/*
1493 * adds only the kernel timer since it's going to be more accurate
1494 * as well as it's easier to make it periodic
1495 *
1496 * precondition: perimeter lock has been acquired
1497 */
1498void brcms_add_timer(struct brcms_timer *t, uint ms, int periodic)
1499{
1500	struct ieee80211_hw *hw = t->wl->pub->ieee_hw;
1501
1502#ifdef DEBUG
1503	if (t->set)
1504		brcms_dbg_info(t->wl->wlc->hw->d11core,
1505			       "%s: Already set. Name: %s, per %d\n",
1506			       __func__, t->name, periodic);
1507#endif
1508	t->ms = ms;
1509	t->periodic = (bool) periodic;
1510	if (!t->set) {
1511		t->set = true;
1512		atomic_inc(&t->wl->callbacks);
1513	}
1514
1515	ieee80211_queue_delayed_work(hw, &t->dly_wrk, msecs_to_jiffies(ms));
1516}
1517
1518/*
1519 * return true if timer successfully deleted, false if still pending
1520 *
1521 * precondition: perimeter lock has been acquired
1522 */
1523bool brcms_del_timer(struct brcms_timer *t)
1524{
1525	if (t->set) {
1526		t->set = false;
1527		if (!cancel_delayed_work(&t->dly_wrk))
1528			return false;
1529
1530		atomic_dec(&t->wl->callbacks);
1531	}
1532
1533	return true;
1534}
1535
1536/*
1537 * precondition: perimeter lock has been acquired
1538 */
1539void brcms_free_timer(struct brcms_timer *t)
1540{
1541	struct brcms_info *wl = t->wl;
1542	struct brcms_timer *tmp;
1543
1544	/* delete the timer in case it is active */
1545	brcms_del_timer(t);
1546
1547	if (wl->timers == t) {
1548		wl->timers = wl->timers->next;
1549#ifdef DEBUG
1550		kfree(t->name);
1551#endif
1552		kfree(t);
1553		return;
1554
1555	}
1556
1557	tmp = wl->timers;
1558	while (tmp) {
1559		if (tmp->next == t) {
1560			tmp->next = t->next;
1561#ifdef DEBUG
1562			kfree(t->name);
1563#endif
1564			kfree(t);
1565			return;
1566		}
1567		tmp = tmp->next;
1568	}
1569
1570}
1571
1572/*
1573 * precondition: perimeter lock has been acquired
1574 */
1575int brcms_ucode_init_buf(struct brcms_info *wl, void **pbuf, u32 idx)
1576{
1577	int i, entry;
1578	const u8 *pdata;
1579	struct firmware_hdr *hdr;
1580	for (i = 0; i < wl->fw.fw_cnt; i++) {
1581		hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1582		for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1583		     entry++, hdr++) {
1584			u32 len = le32_to_cpu(hdr->len);
1585			if (le32_to_cpu(hdr->idx) == idx) {
1586				pdata = wl->fw.fw_bin[i]->data +
1587					le32_to_cpu(hdr->offset);
1588				*pbuf = kmemdup(pdata, len, GFP_ATOMIC);
1589				if (*pbuf == NULL)
1590					goto fail;
1591
1592				return 0;
1593			}
1594		}
1595	}
1596	brcms_err(wl->wlc->hw->d11core,
1597		  "ERROR: ucode buf tag:%d can not be found!\n", idx);
1598	*pbuf = NULL;
1599fail:
1600	return -ENODATA;
1601}
1602
1603/*
1604 * Precondition: Since this function is called in brcms_bcma_probe() context,
1605 * no locking is required.
1606 */
1607int brcms_ucode_init_uint(struct brcms_info *wl, size_t *n_bytes, u32 idx)
1608{
1609	int i, entry;
1610	const u8 *pdata;
1611	struct firmware_hdr *hdr;
1612	for (i = 0; i < wl->fw.fw_cnt; i++) {
1613		hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1614		for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1615		     entry++, hdr++) {
1616			if (le32_to_cpu(hdr->idx) == idx) {
1617				pdata = wl->fw.fw_bin[i]->data +
1618					le32_to_cpu(hdr->offset);
1619				if (le32_to_cpu(hdr->len) != 4) {
1620					brcms_err(wl->wlc->hw->d11core,
1621						  "ERROR: fw hdr len\n");
1622					return -ENOMSG;
1623				}
1624				*n_bytes = le32_to_cpu(*((__le32 *) pdata));
1625				return 0;
1626			}
1627		}
1628	}
1629	brcms_err(wl->wlc->hw->d11core,
1630		  "ERROR: ucode tag:%d can not be found!\n", idx);
1631	return -ENOMSG;
1632}
1633
1634/*
1635 * precondition: can both be called locked and unlocked
1636 */
1637void brcms_ucode_free_buf(void *p)
1638{
1639	kfree(p);
1640}
1641
1642/*
1643 * checks validity of all firmware images loaded from user space
1644 *
1645 * Precondition: Since this function is called in brcms_bcma_probe() context,
1646 * no locking is required.
1647 */
1648int brcms_check_firmwares(struct brcms_info *wl)
1649{
1650	int i;
1651	int entry;
1652	int rc = 0;
1653	const struct firmware *fw;
1654	const struct firmware *fw_hdr;
1655	struct firmware_hdr *ucode_hdr;
1656	for (i = 0; i < MAX_FW_IMAGES && rc == 0; i++) {
1657		fw =  wl->fw.fw_bin[i];
1658		fw_hdr = wl->fw.fw_hdr[i];
1659		if (fw == NULL && fw_hdr == NULL) {
1660			break;
1661		} else if (fw == NULL || fw_hdr == NULL) {
1662			wiphy_err(wl->wiphy, "%s: invalid bin/hdr fw\n",
1663				  __func__);
1664			rc = -EBADF;
1665		} else if (fw_hdr->size % sizeof(struct firmware_hdr)) {
1666			wiphy_err(wl->wiphy, "%s: non integral fw hdr file "
1667				"size %zu/%zu\n", __func__, fw_hdr->size,
1668				sizeof(struct firmware_hdr));
1669			rc = -EBADF;
1670		} else if (fw->size < MIN_FW_SIZE || fw->size > MAX_FW_SIZE) {
1671			wiphy_err(wl->wiphy, "%s: out of bounds fw file size %zu\n",
1672				  __func__, fw->size);
1673			rc = -EBADF;
1674		} else {
1675			/* check if ucode section overruns firmware image */
1676			ucode_hdr = (struct firmware_hdr *)fw_hdr->data;
1677			for (entry = 0; entry < wl->fw.hdr_num_entries[i] &&
1678			     !rc; entry++, ucode_hdr++) {
1679				if (le32_to_cpu(ucode_hdr->offset) +
1680				    le32_to_cpu(ucode_hdr->len) >
1681				    fw->size) {
1682					wiphy_err(wl->wiphy,
1683						  "%s: conflicting bin/hdr\n",
1684						  __func__);
1685					rc = -EBADF;
1686				}
1687			}
1688		}
1689	}
1690	if (rc == 0 && wl->fw.fw_cnt != i) {
1691		wiphy_err(wl->wiphy, "%s: invalid fw_cnt=%d\n", __func__,
1692			wl->fw.fw_cnt);
1693		rc = -EBADF;
1694	}
1695	return rc;
1696}
1697
1698/*
1699 * precondition: perimeter lock has been acquired
1700 */
1701bool brcms_rfkill_set_hw_state(struct brcms_info *wl)
1702{
1703	bool blocked = brcms_c_check_radio_disabled(wl->wlc);
1704
1705	spin_unlock_bh(&wl->lock);
1706	wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
1707	if (blocked)
1708		wiphy_rfkill_start_polling(wl->pub->ieee_hw->wiphy);
1709	spin_lock_bh(&wl->lock);
1710	return blocked;
1711}