2 * Copyright (c) 2010 Broadcom Corporation
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #define __UNDEF_NO_VERSION__
19 #include <linux/etherdevice.h>
20 #include <linux/pci.h>
21 #include <linux/sched.h>
22 #include <linux/firmware.h>
23 #include <linux/interrupt.h>
24 #include <net/mac80211.h>
27 #include "phy/phy_int.h"
32 #include "ucode_loader.h"
33 #include "mac80211_if.h"
36 #define N_TX_QUEUES 4 /* #tx queues on mac80211<->driver interface */
38 /* Flags we support */
39 #define MAC_FILTERS (FIF_PROMISC_IN_BSS | \
45 FIF_BCN_PRBRESP_PROMISC)
47 #define CHAN2GHZ(channel, freqency, chflags) { \
48 .band = IEEE80211_BAND_2GHZ, \
49 .center_freq = (freqency), \
50 .hw_value = (channel), \
52 .max_antenna_gain = 0, \
56 #define CHAN5GHZ(channel, chflags) { \
57 .band = IEEE80211_BAND_5GHZ, \
58 .center_freq = 5000 + 5*(channel), \
59 .hw_value = (channel), \
61 .max_antenna_gain = 0, \
65 #define RATE(rate100m, _flags) { \
66 .bitrate = (rate100m), \
68 .hw_value = (rate100m / 5), \
77 static const char * const brcms_firmwares[MAX_FW_IMAGES] = {
82 static int n_adapters_found;
84 MODULE_AUTHOR("Broadcom Corporation");
85 MODULE_DESCRIPTION("Broadcom 802.11n wireless LAN driver.");
86 MODULE_SUPPORTED_DEVICE("Broadcom 802.11n WLAN cards");
87 MODULE_LICENSE("Dual BSD/GPL");
89 /* recognized PCI IDs */
90 static DEFINE_PCI_DEVICE_TABLE(brcms_pci_id_table) = {
91 { PCI_DEVICE(PCI_VENDOR_ID_BROADCOM, 0x4357) }, /* 43225 2G */
92 { PCI_DEVICE(PCI_VENDOR_ID_BROADCOM, 0x4353) }, /* 43224 DUAL */
93 { PCI_DEVICE(PCI_VENDOR_ID_BROADCOM, 0x4727) }, /* 4313 DUAL */
94 { PCI_DEVICE(PCI_VENDOR_ID_BROADCOM, 0x0576) }, /* 43224 Ven */
98 MODULE_DEVICE_TABLE(pci, brcms_pci_id_table);
101 static int msglevel = 0xdeadbeef;
102 module_param(msglevel, int, 0);
105 static struct ieee80211_channel brcms_2ghz_chantable[] = {
106 CHAN2GHZ(1, 2412, IEEE80211_CHAN_NO_HT40MINUS),
107 CHAN2GHZ(2, 2417, IEEE80211_CHAN_NO_HT40MINUS),
108 CHAN2GHZ(3, 2422, IEEE80211_CHAN_NO_HT40MINUS),
109 CHAN2GHZ(4, 2427, IEEE80211_CHAN_NO_HT40MINUS),
110 CHAN2GHZ(5, 2432, 0),
111 CHAN2GHZ(6, 2437, 0),
112 CHAN2GHZ(7, 2442, 0),
113 CHAN2GHZ(8, 2447, IEEE80211_CHAN_NO_HT40PLUS),
114 CHAN2GHZ(9, 2452, IEEE80211_CHAN_NO_HT40PLUS),
115 CHAN2GHZ(10, 2457, IEEE80211_CHAN_NO_HT40PLUS),
116 CHAN2GHZ(11, 2462, IEEE80211_CHAN_NO_HT40PLUS),
118 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
119 IEEE80211_CHAN_NO_HT40PLUS),
121 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
122 IEEE80211_CHAN_NO_HT40PLUS),
124 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_IBSS |
125 IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS)
128 static struct ieee80211_channel brcms_5ghz_nphy_chantable[] = {
130 CHAN5GHZ(36, IEEE80211_CHAN_NO_HT40MINUS),
131 CHAN5GHZ(40, IEEE80211_CHAN_NO_HT40PLUS),
132 CHAN5GHZ(44, IEEE80211_CHAN_NO_HT40MINUS),
133 CHAN5GHZ(48, IEEE80211_CHAN_NO_HT40PLUS),
136 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
137 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
139 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
140 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
142 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
143 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
145 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
146 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
149 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
150 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
152 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
153 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
155 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
156 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
158 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
159 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
161 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
162 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
164 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
165 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
167 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
168 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
170 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
171 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
173 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
174 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40MINUS),
176 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
177 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS),
179 IEEE80211_CHAN_RADAR | IEEE80211_CHAN_NO_IBSS |
180 IEEE80211_CHAN_PASSIVE_SCAN | IEEE80211_CHAN_NO_HT40PLUS |
181 IEEE80211_CHAN_NO_HT40MINUS),
183 CHAN5GHZ(149, IEEE80211_CHAN_NO_HT40MINUS),
184 CHAN5GHZ(153, IEEE80211_CHAN_NO_HT40PLUS),
185 CHAN5GHZ(157, IEEE80211_CHAN_NO_HT40MINUS),
186 CHAN5GHZ(161, IEEE80211_CHAN_NO_HT40PLUS),
187 CHAN5GHZ(165, IEEE80211_CHAN_NO_HT40PLUS | IEEE80211_CHAN_NO_HT40MINUS)
191 * The rate table is used for both 2.4G and 5G rates. The
192 * latter being a subset as it does not support CCK rates.
194 static struct ieee80211_rate legacy_ratetable[] = {
196 RATE(20, IEEE80211_RATE_SHORT_PREAMBLE),
197 RATE(55, IEEE80211_RATE_SHORT_PREAMBLE),
198 RATE(110, IEEE80211_RATE_SHORT_PREAMBLE),
209 static const struct ieee80211_supported_band brcms_band_2GHz_nphy_template = {
210 .band = IEEE80211_BAND_2GHZ,
211 .channels = brcms_2ghz_chantable,
212 .n_channels = ARRAY_SIZE(brcms_2ghz_chantable),
213 .bitrates = legacy_ratetable,
214 .n_bitrates = ARRAY_SIZE(legacy_ratetable),
216 /* from include/linux/ieee80211.h */
217 .cap = IEEE80211_HT_CAP_GRN_FLD |
218 IEEE80211_HT_CAP_SGI_20 | IEEE80211_HT_CAP_SGI_40,
219 .ht_supported = true,
220 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
221 .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
223 /* placeholders for now */
224 .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
225 .rx_highest = cpu_to_le16(500),
226 .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
230 static const struct ieee80211_supported_band brcms_band_5GHz_nphy_template = {
231 .band = IEEE80211_BAND_5GHZ,
232 .channels = brcms_5ghz_nphy_chantable,
233 .n_channels = ARRAY_SIZE(brcms_5ghz_nphy_chantable),
234 .bitrates = legacy_ratetable + BRCMS_LEGACY_5G_RATE_OFFSET,
235 .n_bitrates = ARRAY_SIZE(legacy_ratetable) -
236 BRCMS_LEGACY_5G_RATE_OFFSET,
238 .cap = IEEE80211_HT_CAP_GRN_FLD | IEEE80211_HT_CAP_SGI_20 |
239 IEEE80211_HT_CAP_SGI_40,
240 .ht_supported = true,
241 .ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K,
242 .ampdu_density = AMPDU_DEF_MPDU_DENSITY,
244 /* placeholders for now */
245 .rx_mask = {0xff, 0xff, 0, 0, 0, 0, 0, 0, 0, 0},
246 .rx_highest = cpu_to_le16(500),
247 .tx_params = IEEE80211_HT_MCS_TX_DEFINED}
251 /* flags the given rate in rateset as requested */
252 static void brcms_set_basic_rate(struct brcm_rateset *rs, u16 rate, bool is_br)
256 for (i = 0; i < rs->count; i++) {
257 if (rate != (rs->rates[i] & 0x7f))
261 rs->rates[i] |= BRCMS_RATE_FLAG;
263 rs->rates[i] &= BRCMS_RATE_MASK;
268 static void brcms_ops_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
270 struct brcms_info *wl = hw->priv;
272 spin_lock_bh(&wl->lock);
274 wiphy_err(wl->wiphy, "ops->tx called while down\n");
278 brcms_c_sendpkt_mac80211(wl->wlc, skb, hw);
280 spin_unlock_bh(&wl->lock);
283 static int brcms_ops_start(struct ieee80211_hw *hw)
285 struct brcms_info *wl = hw->priv;
288 ieee80211_wake_queues(hw);
289 spin_lock_bh(&wl->lock);
290 blocked = brcms_rfkill_set_hw_state(wl);
291 spin_unlock_bh(&wl->lock);
293 wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
298 static void brcms_ops_stop(struct ieee80211_hw *hw)
300 ieee80211_stop_queues(hw);
304 brcms_ops_add_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
306 struct brcms_info *wl;
309 /* Just STA for now */
310 if (vif->type != NL80211_IFTYPE_AP &&
311 vif->type != NL80211_IFTYPE_MESH_POINT &&
312 vif->type != NL80211_IFTYPE_STATION &&
313 vif->type != NL80211_IFTYPE_WDS &&
314 vif->type != NL80211_IFTYPE_ADHOC) {
315 wiphy_err(hw->wiphy, "%s: Attempt to add type %d, only"
316 " STA for now\n", __func__, vif->type);
321 spin_lock_bh(&wl->lock);
326 spin_unlock_bh(&wl->lock);
329 wiphy_err(hw->wiphy, "%s: brcms_up() returned %d\n", __func__,
336 brcms_ops_remove_interface(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
338 struct brcms_info *wl;
342 /* put driver in down state */
343 spin_lock_bh(&wl->lock);
345 spin_unlock_bh(&wl->lock);
348 static int brcms_ops_config(struct ieee80211_hw *hw, u32 changed)
350 struct ieee80211_conf *conf = &hw->conf;
351 struct brcms_info *wl = hw->priv;
354 struct wiphy *wiphy = hw->wiphy;
356 spin_lock_bh(&wl->lock);
357 if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL) {
358 brcms_c_set_beacon_listen_interval(wl->wlc,
359 conf->listen_interval);
361 if (changed & IEEE80211_CONF_CHANGE_MONITOR)
362 wiphy_err(wiphy, "%s: change monitor mode: %s (implement)\n",
363 __func__, conf->flags & IEEE80211_CONF_MONITOR ?
365 if (changed & IEEE80211_CONF_CHANGE_PS)
366 wiphy_err(wiphy, "%s: change power-save mode: %s (implement)\n",
367 __func__, conf->flags & IEEE80211_CONF_PS ?
370 if (changed & IEEE80211_CONF_CHANGE_POWER) {
371 err = brcms_c_set_tx_power(wl->wlc, conf->power_level);
373 wiphy_err(wiphy, "%s: Error setting power_level\n",
377 new_int = brcms_c_get_tx_power(wl->wlc);
378 if (new_int != conf->power_level)
379 wiphy_err(wiphy, "%s: Power level req != actual, %d %d"
380 "\n", __func__, conf->power_level,
383 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
384 if (conf->channel_type == NL80211_CHAN_HT20 ||
385 conf->channel_type == NL80211_CHAN_NO_HT)
386 err = brcms_c_set_channel(wl->wlc,
387 conf->channel->hw_value);
391 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
392 err = brcms_c_set_rate_limit(wl->wlc,
393 conf->short_frame_max_tx_count,
394 conf->long_frame_max_tx_count);
397 spin_unlock_bh(&wl->lock);
402 brcms_ops_bss_info_changed(struct ieee80211_hw *hw,
403 struct ieee80211_vif *vif,
404 struct ieee80211_bss_conf *info, u32 changed)
406 struct brcms_info *wl = hw->priv;
407 struct wiphy *wiphy = hw->wiphy;
409 if (changed & BSS_CHANGED_ASSOC) {
410 /* association status changed (associated/disassociated)
411 * also implies a change in the AID.
413 wiphy_err(wiphy, "%s: %s: %sassociated\n", KBUILD_MODNAME,
414 __func__, info->assoc ? "" : "dis");
415 spin_lock_bh(&wl->lock);
416 brcms_c_associate_upd(wl->wlc, info->assoc);
417 spin_unlock_bh(&wl->lock);
419 if (changed & BSS_CHANGED_ERP_SLOT) {
422 /* slot timing changed */
423 if (info->use_short_slot)
427 spin_lock_bh(&wl->lock);
428 brcms_c_set_shortslot_override(wl->wlc, val);
429 spin_unlock_bh(&wl->lock);
432 if (changed & BSS_CHANGED_HT) {
433 /* 802.11n parameters changed */
434 u16 mode = info->ht_operation_mode;
436 spin_lock_bh(&wl->lock);
437 brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_CFG,
438 mode & IEEE80211_HT_OP_MODE_PROTECTION);
439 brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_NONGF,
440 mode & IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT);
441 brcms_c_protection_upd(wl->wlc, BRCMS_PROT_N_OBSS,
442 mode & IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT);
443 spin_unlock_bh(&wl->lock);
445 if (changed & BSS_CHANGED_BASIC_RATES) {
446 struct ieee80211_supported_band *bi;
449 struct brcm_rateset rs;
452 /* retrieve the current rates */
453 spin_lock_bh(&wl->lock);
454 brcms_c_get_current_rateset(wl->wlc, &rs);
455 spin_unlock_bh(&wl->lock);
457 br_mask = info->basic_rates;
458 bi = hw->wiphy->bands[brcms_c_get_curband(wl->wlc)];
459 for (i = 0; i < bi->n_bitrates; i++) {
460 /* convert to internal rate value */
461 rate = (bi->bitrates[i].bitrate << 1) / 10;
463 /* set/clear basic rate flag */
464 brcms_set_basic_rate(&rs, rate, br_mask & 1);
468 /* update the rate set */
469 spin_lock_bh(&wl->lock);
470 error = brcms_c_set_rateset(wl->wlc, &rs);
471 spin_unlock_bh(&wl->lock);
473 wiphy_err(wiphy, "changing basic rates failed: %d\n",
476 if (changed & BSS_CHANGED_BEACON_INT) {
477 /* Beacon interval changed */
478 spin_lock_bh(&wl->lock);
479 brcms_c_set_beacon_period(wl->wlc, info->beacon_int);
480 spin_unlock_bh(&wl->lock);
482 if (changed & BSS_CHANGED_BSSID) {
483 /* BSSID changed, for whatever reason (IBSS and managed mode) */
484 spin_lock_bh(&wl->lock);
485 brcms_c_set_addrmatch(wl->wlc, RCM_BSSID_OFFSET, info->bssid);
486 spin_unlock_bh(&wl->lock);
488 if (changed & BSS_CHANGED_BEACON)
489 /* Beacon data changed, retrieve new beacon (beaconing modes) */
490 wiphy_err(wiphy, "%s: beacon changed\n", __func__);
492 if (changed & BSS_CHANGED_BEACON_ENABLED) {
493 /* Beaconing should be enabled/disabled (beaconing modes) */
494 wiphy_err(wiphy, "%s: Beacon enabled: %s\n", __func__,
495 info->enable_beacon ? "true" : "false");
498 if (changed & BSS_CHANGED_CQM) {
499 /* Connection quality monitor config changed */
500 wiphy_err(wiphy, "%s: cqm change: threshold %d, hys %d "
501 " (implement)\n", __func__, info->cqm_rssi_thold,
502 info->cqm_rssi_hyst);
505 if (changed & BSS_CHANGED_IBSS) {
506 /* IBSS join status changed */
507 wiphy_err(wiphy, "%s: IBSS joined: %s (implement)\n", __func__,
508 info->ibss_joined ? "true" : "false");
511 if (changed & BSS_CHANGED_ARP_FILTER) {
512 /* Hardware ARP filter address list or state changed */
513 wiphy_err(wiphy, "%s: arp filtering: enabled %s, count %d"
514 " (implement)\n", __func__, info->arp_filter_enabled ?
515 "true" : "false", info->arp_addr_cnt);
518 if (changed & BSS_CHANGED_QOS) {
520 * QoS for this association was enabled/disabled.
521 * Note that it is only ever disabled for station mode.
523 wiphy_err(wiphy, "%s: qos enabled: %s (implement)\n", __func__,
524 info->qos ? "true" : "false");
530 brcms_ops_configure_filter(struct ieee80211_hw *hw,
531 unsigned int changed_flags,
532 unsigned int *total_flags, u64 multicast)
534 struct brcms_info *wl = hw->priv;
535 struct wiphy *wiphy = hw->wiphy;
537 changed_flags &= MAC_FILTERS;
538 *total_flags &= MAC_FILTERS;
539 if (changed_flags & FIF_PROMISC_IN_BSS)
540 wiphy_err(wiphy, "FIF_PROMISC_IN_BSS\n");
541 if (changed_flags & FIF_ALLMULTI)
542 wiphy_err(wiphy, "FIF_ALLMULTI\n");
543 if (changed_flags & FIF_FCSFAIL)
544 wiphy_err(wiphy, "FIF_FCSFAIL\n");
545 if (changed_flags & FIF_PLCPFAIL)
546 wiphy_err(wiphy, "FIF_PLCPFAIL\n");
547 if (changed_flags & FIF_CONTROL)
548 wiphy_err(wiphy, "FIF_CONTROL\n");
549 if (changed_flags & FIF_OTHER_BSS)
550 wiphy_err(wiphy, "FIF_OTHER_BSS\n");
551 if (changed_flags & FIF_BCN_PRBRESP_PROMISC) {
552 spin_lock_bh(&wl->lock);
553 if (*total_flags & FIF_BCN_PRBRESP_PROMISC) {
554 wl->pub->mac80211_state |= MAC80211_PROMISC_BCNS;
555 brcms_c_mac_bcn_promisc_change(wl->wlc, 1);
557 brcms_c_mac_bcn_promisc_change(wl->wlc, 0);
558 wl->pub->mac80211_state &= ~MAC80211_PROMISC_BCNS;
560 spin_unlock_bh(&wl->lock);
565 static void brcms_ops_sw_scan_start(struct ieee80211_hw *hw)
567 struct brcms_info *wl = hw->priv;
568 spin_lock_bh(&wl->lock);
569 brcms_c_scan_start(wl->wlc);
570 spin_unlock_bh(&wl->lock);
574 static void brcms_ops_sw_scan_complete(struct ieee80211_hw *hw)
576 struct brcms_info *wl = hw->priv;
577 spin_lock_bh(&wl->lock);
578 brcms_c_scan_stop(wl->wlc);
579 spin_unlock_bh(&wl->lock);
584 brcms_ops_conf_tx(struct ieee80211_hw *hw, struct ieee80211_vif *vif, u16 queue,
585 const struct ieee80211_tx_queue_params *params)
587 struct brcms_info *wl = hw->priv;
589 spin_lock_bh(&wl->lock);
590 brcms_c_wme_setparams(wl->wlc, queue, params, true);
591 spin_unlock_bh(&wl->lock);
597 brcms_ops_sta_add(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
598 struct ieee80211_sta *sta)
600 struct brcms_info *wl = hw->priv;
601 struct scb *scb = &wl->wlc->pri_scb;
603 brcms_c_init_scb(scb);
605 wl->pub->global_ampdu = &(scb->scb_ampdu);
606 wl->pub->global_ampdu->scb = scb;
607 wl->pub->global_ampdu->max_pdu = 16;
609 sta->ht_cap.ht_supported = true;
610 sta->ht_cap.ampdu_factor = IEEE80211_HT_MAX_AMPDU_64K;
611 sta->ht_cap.ampdu_density = AMPDU_DEF_MPDU_DENSITY;
612 sta->ht_cap.cap = IEEE80211_HT_CAP_GRN_FLD |
613 IEEE80211_HT_CAP_SGI_20 |
614 IEEE80211_HT_CAP_SGI_40 | IEEE80211_HT_CAP_40MHZ_INTOLERANT;
617 * minstrel_ht initiates addBA on our behalf by calling
618 * ieee80211_start_tx_ba_session()
624 brcms_ops_ampdu_action(struct ieee80211_hw *hw,
625 struct ieee80211_vif *vif,
626 enum ieee80211_ampdu_mlme_action action,
627 struct ieee80211_sta *sta, u16 tid, u16 *ssn,
630 struct brcms_info *wl = hw->priv;
631 struct scb *scb = &wl->wlc->pri_scb;
634 if (WARN_ON(scb->magic != SCB_MAGIC))
637 case IEEE80211_AMPDU_RX_START:
639 case IEEE80211_AMPDU_RX_STOP:
641 case IEEE80211_AMPDU_TX_START:
642 spin_lock_bh(&wl->lock);
643 status = brcms_c_aggregatable(wl->wlc, tid);
644 spin_unlock_bh(&wl->lock);
646 wiphy_err(wl->wiphy, "START: tid %d is not agg\'able\n",
650 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
653 case IEEE80211_AMPDU_TX_STOP:
654 spin_lock_bh(&wl->lock);
655 brcms_c_ampdu_flush(wl->wlc, sta, tid);
656 spin_unlock_bh(&wl->lock);
657 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
659 case IEEE80211_AMPDU_TX_OPERATIONAL:
661 * BA window size from ADDBA response ('buf_size') defines how
662 * many outstanding MPDUs are allowed for the BA stream by
663 * recipient and traffic class. 'ampdu_factor' gives maximum
666 spin_lock_bh(&wl->lock);
667 brcms_c_ampdu_tx_operational(wl->wlc, tid, buf_size,
668 (1 << (IEEE80211_HT_MAX_AMPDU_FACTOR +
669 sta->ht_cap.ampdu_factor)) - 1);
670 spin_unlock_bh(&wl->lock);
671 /* Power save wakeup */
674 wiphy_err(wl->wiphy, "%s: Invalid command, ignoring\n",
681 static void brcms_ops_rfkill_poll(struct ieee80211_hw *hw)
683 struct brcms_info *wl = hw->priv;
686 spin_lock_bh(&wl->lock);
687 blocked = brcms_c_check_radio_disabled(wl->wlc);
688 spin_unlock_bh(&wl->lock);
690 wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
693 static void brcms_ops_flush(struct ieee80211_hw *hw, bool drop)
695 struct brcms_info *wl = hw->priv;
697 no_printk("%s: drop = %s\n", __func__, drop ? "true" : "false");
699 /* wait for packet queue and dma fifos to run empty */
700 spin_lock_bh(&wl->lock);
701 brcms_c_wait_for_tx_completion(wl->wlc, drop);
702 spin_unlock_bh(&wl->lock);
705 static const struct ieee80211_ops brcms_ops = {
707 .start = brcms_ops_start,
708 .stop = brcms_ops_stop,
709 .add_interface = brcms_ops_add_interface,
710 .remove_interface = brcms_ops_remove_interface,
711 .config = brcms_ops_config,
712 .bss_info_changed = brcms_ops_bss_info_changed,
713 .configure_filter = brcms_ops_configure_filter,
714 .sw_scan_start = brcms_ops_sw_scan_start,
715 .sw_scan_complete = brcms_ops_sw_scan_complete,
716 .conf_tx = brcms_ops_conf_tx,
717 .sta_add = brcms_ops_sta_add,
718 .ampdu_action = brcms_ops_ampdu_action,
719 .rfkill_poll = brcms_ops_rfkill_poll,
720 .flush = brcms_ops_flush,
724 * is called in brcms_pci_probe() context, therefore no locking required.
726 static int brcms_set_hint(struct brcms_info *wl, char *abbrev)
728 return regulatory_hint(wl->pub->ieee_hw->wiphy, abbrev);
731 void brcms_dpc(unsigned long data)
733 struct brcms_info *wl;
735 wl = (struct brcms_info *) data;
737 spin_lock_bh(&wl->lock);
739 /* call the common second level interrupt handler */
744 spin_lock_irqsave(&wl->isr_lock, flags);
745 brcms_c_intrsupd(wl->wlc);
746 spin_unlock_irqrestore(&wl->isr_lock, flags);
749 wl->resched = brcms_c_dpc(wl->wlc, true);
752 /* brcms_c_dpc() may bring the driver down */
756 /* re-schedule dpc */
758 tasklet_schedule(&wl->tasklet);
760 /* re-enable interrupts */
764 spin_unlock_bh(&wl->lock);
768 * Precondition: Since this function is called in brcms_pci_probe() context,
769 * no locking is required.
771 static int brcms_request_fw(struct brcms_info *wl, struct pci_dev *pdev)
774 struct device *device = &pdev->dev;
778 memset(&wl->fw, 0, sizeof(struct brcms_firmware));
779 for (i = 0; i < MAX_FW_IMAGES; i++) {
780 if (brcms_firmwares[i] == NULL)
782 sprintf(fw_name, "%s-%d.fw", brcms_firmwares[i],
783 UCODE_LOADER_API_VER);
784 status = request_firmware(&wl->fw.fw_bin[i], fw_name, device);
786 wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
787 KBUILD_MODNAME, fw_name);
790 sprintf(fw_name, "%s_hdr-%d.fw", brcms_firmwares[i],
791 UCODE_LOADER_API_VER);
792 status = request_firmware(&wl->fw.fw_hdr[i], fw_name, device);
794 wiphy_err(wl->wiphy, "%s: fail to load firmware %s\n",
795 KBUILD_MODNAME, fw_name);
798 wl->fw.hdr_num_entries[i] =
799 wl->fw.fw_hdr[i]->size / (sizeof(struct firmware_hdr));
802 return brcms_ucode_data_init(wl, &wl->ucode);
806 * Precondition: Since this function is called in brcms_pci_probe() context,
807 * no locking is required.
809 static void brcms_release_fw(struct brcms_info *wl)
812 for (i = 0; i < MAX_FW_IMAGES; i++) {
813 release_firmware(wl->fw.fw_bin[i]);
814 release_firmware(wl->fw.fw_hdr[i]);
819 * This function frees the WL per-device resources.
821 * This function frees resources owned by the WL device pointed to
822 * by the wl parameter.
824 * precondition: can both be called locked and unlocked
827 static void brcms_free(struct brcms_info *wl)
829 struct brcms_timer *t, *next;
831 /* free ucode data */
833 brcms_ucode_data_free(&wl->ucode);
835 free_irq(wl->irq, wl);
838 tasklet_kill(&wl->tasklet);
841 brcms_c_module_unregister(wl->pub, "linux", wl);
843 /* free common resources */
845 brcms_c_detach(wl->wlc);
850 /* virtual interface deletion is deferred so we cannot spinwait */
852 /* wait for all pending callbacks to complete */
853 while (atomic_read(&wl->callbacks) > 0)
857 for (t = wl->timers; t; t = next) {
866 * unregister_netdev() calls get_stats() which may read chip
867 * registers so we cannot unmap the chip registers until
868 * after calling unregister_netdev() .
877 * called from both kernel as from this kernel module.
878 * precondition: perimeter lock is not acquired.
880 static void brcms_remove(struct pci_dev *pdev)
882 struct brcms_info *wl;
883 struct ieee80211_hw *hw;
886 hw = pci_get_drvdata(pdev);
889 pr_err("wl: brcms_remove: pci_get_drvdata failed\n");
893 spin_lock_bh(&wl->lock);
894 status = brcms_c_chipmatch(pdev->vendor, pdev->device);
895 spin_unlock_bh(&wl->lock);
897 wiphy_err(wl->wiphy, "wl: brcms_remove: chipmatch "
902 wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, false);
903 wiphy_rfkill_stop_polling(wl->pub->ieee_hw->wiphy);
904 ieee80211_unregister_hw(hw);
905 spin_lock_bh(&wl->lock);
907 spin_unlock_bh(&wl->lock);
909 pci_disable_device(pdev);
913 pci_set_drvdata(pdev, NULL);
914 ieee80211_free_hw(hw);
917 static irqreturn_t brcms_isr(int irq, void *dev_id)
919 struct brcms_info *wl;
922 wl = (struct brcms_info *) dev_id;
924 spin_lock(&wl->isr_lock);
926 /* call common first level interrupt handler */
927 ours = brcms_c_isr(wl->wlc, &wantdpc);
929 /* if more to do... */
932 /* ...and call the second level interrupt handler */
934 tasklet_schedule(&wl->tasklet);
938 spin_unlock(&wl->isr_lock);
940 return IRQ_RETVAL(ours);
944 * is called in brcms_pci_probe() context, therefore no locking required.
946 static int ieee_hw_rate_init(struct ieee80211_hw *hw)
948 struct brcms_info *wl = hw->priv;
949 struct brcms_c_info *wlc = wl->wlc;
950 struct ieee80211_supported_band *band;
954 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = NULL;
955 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = NULL;
957 phy_type = brcms_c_get_phy_type(wl->wlc, 0);
958 if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
959 band = &wlc->bandstate[BAND_2G_INDEX]->band;
960 *band = brcms_band_2GHz_nphy_template;
961 if (phy_type == PHY_TYPE_LCN) {
963 band->ht_cap.mcs.rx_mask[1] = 0;
964 band->ht_cap.mcs.rx_highest = cpu_to_le16(72);
966 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = band;
971 /* Assume all bands use the same phy. True for 11n devices. */
972 if (wl->pub->_nbands > 1) {
974 if (phy_type == PHY_TYPE_N || phy_type == PHY_TYPE_LCN) {
975 band = &wlc->bandstate[BAND_5G_INDEX]->band;
976 *band = brcms_band_5GHz_nphy_template;
977 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = band;
986 * is called in brcms_pci_probe() context, therefore no locking required.
988 static int ieee_hw_init(struct ieee80211_hw *hw)
990 hw->flags = IEEE80211_HW_SIGNAL_DBM
991 /* | IEEE80211_HW_CONNECTION_MONITOR What is this? */
992 | IEEE80211_HW_REPORTS_TX_ACK_STATUS
993 | IEEE80211_HW_AMPDU_AGGREGATION;
995 hw->extra_tx_headroom = brcms_c_get_header_len();
996 hw->queues = N_TX_QUEUES;
997 hw->max_rates = 2; /* Primary rate and 1 fallback rate */
999 /* channel change time is dependent on chip and band */
1000 hw->channel_change_time = 7 * 1000;
1001 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION);
1003 hw->rate_control_algorithm = "minstrel_ht";
1005 hw->sta_data_size = 0;
1006 return ieee_hw_rate_init(hw);
1010 * attach to the WL device.
1012 * Attach to the WL device identified by vendor and device parameters.
1013 * regs is a host accessible memory address pointing to WL device registers.
1015 * brcms_attach is not defined as static because in the case where no bus
1016 * is defined, wl_attach will never be called, and thus, gcc will issue
1017 * a warning that this function is defined but not used if we declare
1021 * is called in brcms_pci_probe() context, therefore no locking required.
1023 static struct brcms_info *brcms_attach(u16 vendor, u16 device,
1024 resource_size_t regs,
1025 struct pci_dev *btparam, uint irq)
1027 struct brcms_info *wl = NULL;
1029 struct ieee80211_hw *hw;
1032 unit = n_adapters_found;
1038 /* allocate private info */
1039 hw = pci_get_drvdata(btparam); /* btparam == pdev */
1042 if (WARN_ON(hw == NULL) || WARN_ON(wl == NULL))
1044 wl->wiphy = hw->wiphy;
1046 atomic_set(&wl->callbacks, 0);
1048 /* setup the bottom half handler */
1049 tasklet_init(&wl->tasklet, brcms_dpc, (unsigned long) wl);
1051 wl->regsva = ioremap_nocache(regs, PCI_BAR0_WINSZ);
1052 if (wl->regsva == NULL) {
1053 wiphy_err(wl->wiphy, "wl%d: ioremap() failed\n", unit);
1056 spin_lock_init(&wl->lock);
1057 spin_lock_init(&wl->isr_lock);
1060 if (brcms_request_fw(wl, btparam) < 0) {
1061 wiphy_err(wl->wiphy, "%s: Failed to find firmware usually in "
1062 "%s\n", KBUILD_MODNAME, "/lib/firmware/brcm");
1063 brcms_release_fw(wl);
1064 brcms_remove(btparam);
1068 /* common load-time initialization */
1069 wl->wlc = brcms_c_attach(wl, vendor, device, unit, false,
1070 wl->regsva, btparam, &err);
1071 brcms_release_fw(wl);
1073 wiphy_err(wl->wiphy, "%s: attach() failed with code %d\n",
1074 KBUILD_MODNAME, err);
1077 wl->pub = brcms_c_pub(wl->wlc);
1079 wl->pub->ieee_hw = hw;
1081 /* register our interrupt handler */
1082 if (request_irq(irq, brcms_isr, IRQF_SHARED, KBUILD_MODNAME, wl)) {
1083 wiphy_err(wl->wiphy, "wl%d: request_irq() failed\n", unit);
1088 /* register module */
1089 brcms_c_module_register(wl->pub, "linux", wl, NULL);
1091 if (ieee_hw_init(hw)) {
1092 wiphy_err(wl->wiphy, "wl%d: %s: ieee_hw_init failed!\n", unit,
1097 memcpy(perm, &wl->pub->cur_etheraddr, ETH_ALEN);
1098 if (WARN_ON(!is_valid_ether_addr(perm)))
1100 SET_IEEE80211_PERM_ADDR(hw, perm);
1102 err = ieee80211_register_hw(hw);
1104 wiphy_err(wl->wiphy, "%s: ieee80211_register_hw failed, status"
1105 "%d\n", __func__, err);
1107 if (wl->pub->srom_ccode[0])
1108 err = brcms_set_hint(wl, wl->pub->srom_ccode);
1110 err = brcms_set_hint(wl, "US");
1112 wiphy_err(wl->wiphy, "%s: regulatory_hint failed, status %d\n",
1126 * determines if a device is a WL device, and if so, attaches it.
1128 * This function determines if a device pointed to by pdev is a WL device,
1129 * and if so, performs a brcms_attach() on it.
1131 * Perimeter lock is initialized in the course of this function.
1133 static int __devinit
1134 brcms_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
1137 struct brcms_info *wl;
1138 struct ieee80211_hw *hw;
1141 dev_info(&pdev->dev, "bus %d slot %d func %d irq %d\n",
1142 pdev->bus->number, PCI_SLOT(pdev->devfn),
1143 PCI_FUNC(pdev->devfn), pdev->irq);
1145 if ((pdev->vendor != PCI_VENDOR_ID_BROADCOM) ||
1146 ((pdev->device != 0x0576) &&
1147 ((pdev->device & 0xff00) != 0x4300) &&
1148 ((pdev->device & 0xff00) != 0x4700) &&
1149 ((pdev->device < 43000) || (pdev->device > 43999))))
1152 rc = pci_enable_device(pdev);
1154 pr_err("%s: Cannot enable device %d-%d_%d\n",
1155 __func__, pdev->bus->number, PCI_SLOT(pdev->devfn),
1156 PCI_FUNC(pdev->devfn));
1159 pci_set_master(pdev);
1161 pci_read_config_dword(pdev, 0x40, &val);
1162 if ((val & 0x0000ff00) != 0)
1163 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
1165 hw = ieee80211_alloc_hw(sizeof(struct brcms_info), &brcms_ops);
1167 pr_err("%s: ieee80211_alloc_hw failed\n", __func__);
1171 SET_IEEE80211_DEV(hw, &pdev->dev);
1173 pci_set_drvdata(pdev, hw);
1175 memset(hw->priv, 0, sizeof(*wl));
1177 wl = brcms_attach(pdev->vendor, pdev->device,
1178 pci_resource_start(pdev, 0), pdev,
1182 pr_err("%s: %s: brcms_attach failed!\n", KBUILD_MODNAME,
1189 static int brcms_suspend(struct pci_dev *pdev, pm_message_t state)
1191 struct brcms_info *wl;
1192 struct ieee80211_hw *hw;
1194 hw = pci_get_drvdata(pdev);
1197 wiphy_err(wl->wiphy,
1198 "brcms_suspend: pci_get_drvdata failed\n");
1202 /* only need to flag hw is down for proper resume */
1203 spin_lock_bh(&wl->lock);
1204 wl->pub->hw_up = false;
1205 spin_unlock_bh(&wl->lock);
1207 pci_save_state(pdev);
1208 pci_disable_device(pdev);
1209 return pci_set_power_state(pdev, PCI_D3hot);
1212 static int brcms_resume(struct pci_dev *pdev)
1214 struct brcms_info *wl;
1215 struct ieee80211_hw *hw;
1219 hw = pci_get_drvdata(pdev);
1222 wiphy_err(wl->wiphy,
1223 "wl: brcms_resume: pci_get_drvdata failed\n");
1227 err = pci_set_power_state(pdev, PCI_D0);
1231 pci_restore_state(pdev);
1233 err = pci_enable_device(pdev);
1237 pci_set_master(pdev);
1239 pci_read_config_dword(pdev, 0x40, &val);
1240 if ((val & 0x0000ff00) != 0)
1241 pci_write_config_dword(pdev, 0x40, val & 0xffff00ff);
1244 * done. driver will be put in up state
1245 * in brcms_ops_add_interface() call.
1250 static struct pci_driver brcms_pci_driver = {
1251 .name = KBUILD_MODNAME,
1252 .probe = brcms_pci_probe,
1253 .suspend = brcms_suspend,
1254 .resume = brcms_resume,
1255 .remove = __devexit_p(brcms_remove),
1256 .id_table = brcms_pci_id_table,
1260 * This is the main entry point for the WL driver.
1262 * This function determines if a device pointed to by pdev is a WL device,
1263 * and if so, performs a brcms_attach() on it.
1266 static int __init brcms_module_init(void)
1268 int error = -ENODEV;
1271 if (msglevel != 0xdeadbeef)
1272 brcm_msg_level = msglevel;
1275 error = pci_register_driver(&brcms_pci_driver);
1285 * This function unloads the WL driver from the system.
1287 * This function unconditionally unloads the WL driver module from the
1291 static void __exit brcms_module_exit(void)
1293 pci_unregister_driver(&brcms_pci_driver);
1297 module_init(brcms_module_init);
1298 module_exit(brcms_module_exit);
1301 * precondition: perimeter lock has been acquired
1303 void brcms_txflowcontrol(struct brcms_info *wl, struct brcms_if *wlif,
1304 bool state, int prio)
1306 wiphy_err(wl->wiphy, "Shouldn't be here %s\n", __func__);
1310 * precondition: perimeter lock has been acquired
1312 void brcms_init(struct brcms_info *wl)
1314 BCMMSG(wl->pub->ieee_hw->wiphy, "wl%d\n", wl->pub->unit);
1317 brcms_c_init(wl->wlc);
1321 * precondition: perimeter lock has been acquired
1323 uint brcms_reset(struct brcms_info *wl)
1325 BCMMSG(wl->pub->ieee_hw->wiphy, "wl%d\n", wl->pub->unit);
1326 brcms_c_reset(wl->wlc);
1328 /* dpc will not be rescheduled */
1334 void brcms_fatal_error(struct brcms_info *wl)
1336 wiphy_err(wl->wlc->wiphy, "wl%d: fatal error, reinitializing\n",
1337 wl->wlc->pub->unit);
1339 ieee80211_restart_hw(wl->pub->ieee_hw);
1343 * These are interrupt on/off entry points. Disable interrupts
1344 * during interrupt state transition.
1346 void brcms_intrson(struct brcms_info *wl)
1348 unsigned long flags;
1350 spin_lock_irqsave(&wl->isr_lock, flags);
1351 brcms_c_intrson(wl->wlc);
1352 spin_unlock_irqrestore(&wl->isr_lock, flags);
1355 u32 brcms_intrsoff(struct brcms_info *wl)
1357 unsigned long flags;
1360 spin_lock_irqsave(&wl->isr_lock, flags);
1361 status = brcms_c_intrsoff(wl->wlc);
1362 spin_unlock_irqrestore(&wl->isr_lock, flags);
1366 void brcms_intrsrestore(struct brcms_info *wl, u32 macintmask)
1368 unsigned long flags;
1370 spin_lock_irqsave(&wl->isr_lock, flags);
1371 brcms_c_intrsrestore(wl->wlc, macintmask);
1372 spin_unlock_irqrestore(&wl->isr_lock, flags);
1376 * precondition: perimeter lock has been acquired
1378 int brcms_up(struct brcms_info *wl)
1385 error = brcms_c_up(wl->wlc);
1391 * precondition: perimeter lock has been acquired
1393 void brcms_down(struct brcms_info *wl)
1395 uint callbacks, ret_val = 0;
1397 /* call common down function */
1398 ret_val = brcms_c_down(wl->wlc);
1399 callbacks = atomic_read(&wl->callbacks) - ret_val;
1401 /* wait for down callbacks to complete */
1402 spin_unlock_bh(&wl->lock);
1404 /* For HIGH_only driver, it's important to actually schedule other work,
1405 * not just spin wait since everything runs at schedule level
1407 SPINWAIT((atomic_read(&wl->callbacks) > callbacks), 100 * 1000);
1409 spin_lock_bh(&wl->lock);
1413 * precondition: perimeter lock is not acquired
1415 static void _brcms_timer(struct work_struct *work)
1417 struct brcms_timer *t = container_of(work, struct brcms_timer,
1420 spin_lock_bh(&t->wl->lock);
1424 atomic_inc(&t->wl->callbacks);
1425 ieee80211_queue_delayed_work(t->wl->pub->ieee_hw,
1427 msecs_to_jiffies(t->ms));
1435 atomic_dec(&t->wl->callbacks);
1437 spin_unlock_bh(&t->wl->lock);
1441 * Adds a timer to the list. Caller supplies a timer function.
1442 * Is called from wlc.
1444 * precondition: perimeter lock has been acquired
1446 struct brcms_timer *brcms_init_timer(struct brcms_info *wl,
1447 void (*fn) (void *arg),
1448 void *arg, const char *name)
1450 struct brcms_timer *t;
1452 t = kzalloc(sizeof(struct brcms_timer), GFP_ATOMIC);
1456 INIT_DELAYED_WORK(&t->dly_wrk, _brcms_timer);
1460 t->next = wl->timers;
1464 t->name = kmalloc(strlen(name) + 1, GFP_ATOMIC);
1466 strcpy(t->name, name);
1473 * adds only the kernel timer since it's going to be more accurate
1474 * as well as it's easier to make it periodic
1476 * precondition: perimeter lock has been acquired
1478 void brcms_add_timer(struct brcms_timer *t, uint ms, int periodic)
1480 struct ieee80211_hw *hw = t->wl->pub->ieee_hw;
1484 wiphy_err(hw->wiphy, "%s: Already set. Name: %s, per %d\n",
1485 __func__, t->name, periodic);
1488 t->periodic = (bool) periodic;
1491 atomic_inc(&t->wl->callbacks);
1493 ieee80211_queue_delayed_work(hw, &t->dly_wrk, msecs_to_jiffies(ms));
1497 * return true if timer successfully deleted, false if still pending
1499 * precondition: perimeter lock has been acquired
1501 bool brcms_del_timer(struct brcms_timer *t)
1505 if (!cancel_delayed_work(&t->dly_wrk))
1508 atomic_dec(&t->wl->callbacks);
1515 * precondition: perimeter lock has been acquired
1517 void brcms_free_timer(struct brcms_timer *t)
1519 struct brcms_info *wl = t->wl;
1520 struct brcms_timer *tmp;
1522 /* delete the timer in case it is active */
1525 if (wl->timers == t) {
1526 wl->timers = wl->timers->next;
1537 if (tmp->next == t) {
1538 tmp->next = t->next;
1551 * precondition: perimeter lock has been acquired
1553 int brcms_ucode_init_buf(struct brcms_info *wl, void **pbuf, u32 idx)
1557 struct firmware_hdr *hdr;
1558 for (i = 0; i < wl->fw.fw_cnt; i++) {
1559 hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1560 for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1562 u32 len = le32_to_cpu(hdr->len);
1563 if (le32_to_cpu(hdr->idx) == idx) {
1564 pdata = wl->fw.fw_bin[i]->data +
1565 le32_to_cpu(hdr->offset);
1566 *pbuf = kmalloc(len, GFP_ATOMIC);
1570 memcpy(*pbuf, pdata, len);
1575 wiphy_err(wl->wiphy, "ERROR: ucode buf tag:%d can not be found!\n",
1583 * Precondition: Since this function is called in brcms_pci_probe() context,
1584 * no locking is required.
1586 int brcms_ucode_init_uint(struct brcms_info *wl, size_t *n_bytes, u32 idx)
1590 struct firmware_hdr *hdr;
1591 for (i = 0; i < wl->fw.fw_cnt; i++) {
1592 hdr = (struct firmware_hdr *)wl->fw.fw_hdr[i]->data;
1593 for (entry = 0; entry < wl->fw.hdr_num_entries[i];
1595 if (le32_to_cpu(hdr->idx) == idx) {
1596 pdata = wl->fw.fw_bin[i]->data +
1597 le32_to_cpu(hdr->offset);
1598 if (le32_to_cpu(hdr->len) != 4) {
1599 wiphy_err(wl->wiphy,
1600 "ERROR: fw hdr len\n");
1603 *n_bytes = le32_to_cpu(*((__le32 *) pdata));
1608 wiphy_err(wl->wiphy, "ERROR: ucode tag:%d can not be found!\n", idx);
1613 * precondition: can both be called locked and unlocked
1615 void brcms_ucode_free_buf(void *p)
1621 * checks validity of all firmware images loaded from user space
1623 * Precondition: Since this function is called in brcms_pci_probe() context,
1624 * no locking is required.
1626 int brcms_check_firmwares(struct brcms_info *wl)
1631 const struct firmware *fw;
1632 const struct firmware *fw_hdr;
1633 struct firmware_hdr *ucode_hdr;
1634 for (i = 0; i < MAX_FW_IMAGES && rc == 0; i++) {
1635 fw = wl->fw.fw_bin[i];
1636 fw_hdr = wl->fw.fw_hdr[i];
1637 if (fw == NULL && fw_hdr == NULL) {
1639 } else if (fw == NULL || fw_hdr == NULL) {
1640 wiphy_err(wl->wiphy, "%s: invalid bin/hdr fw\n",
1643 } else if (fw_hdr->size % sizeof(struct firmware_hdr)) {
1644 wiphy_err(wl->wiphy, "%s: non integral fw hdr file "
1645 "size %zu/%zu\n", __func__, fw_hdr->size,
1646 sizeof(struct firmware_hdr));
1648 } else if (fw->size < MIN_FW_SIZE || fw->size > MAX_FW_SIZE) {
1649 wiphy_err(wl->wiphy, "%s: out of bounds fw file size "
1650 "%zu\n", __func__, fw->size);
1653 /* check if ucode section overruns firmware image */
1654 ucode_hdr = (struct firmware_hdr *)fw_hdr->data;
1655 for (entry = 0; entry < wl->fw.hdr_num_entries[i] &&
1656 !rc; entry++, ucode_hdr++) {
1657 if (le32_to_cpu(ucode_hdr->offset) +
1658 le32_to_cpu(ucode_hdr->len) >
1660 wiphy_err(wl->wiphy,
1661 "%s: conflicting bin/hdr\n",
1668 if (rc == 0 && wl->fw.fw_cnt != i) {
1669 wiphy_err(wl->wiphy, "%s: invalid fw_cnt=%d\n", __func__,
1677 * precondition: perimeter lock has been acquired
1679 bool brcms_rfkill_set_hw_state(struct brcms_info *wl)
1681 bool blocked = brcms_c_check_radio_disabled(wl->wlc);
1683 spin_unlock_bh(&wl->lock);
1684 wiphy_rfkill_set_hw_state(wl->pub->ieee_hw->wiphy, blocked);
1686 wiphy_rfkill_start_polling(wl->pub->ieee_hw->wiphy);
1687 spin_lock_bh(&wl->lock);
1692 * precondition: perimeter lock has been acquired
1694 void brcms_msleep(struct brcms_info *wl, uint ms)
1696 spin_unlock_bh(&wl->lock);
1698 spin_lock_bh(&wl->lock);
projects / ~andy / linux / blob