wl12xx: implement change_interface
[linux-2.6.git] / drivers / net / wireless / wl12xx / main.c
1 /*
2  * This file is part of wl1271
3  *
4  * Copyright (C) 2008-2010 Nokia Corporation
5  *
6  * Contact: Luciano Coelho <luciano.coelho@nokia.com>
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License
10  * version 2 as published by the Free Software Foundation.
11  *
12  * This program is distributed in the hope that it will be useful, but
13  * WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
15  * General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20  * 02110-1301 USA
21  *
22  */
23
24 #include <linux/module.h>
25 #include <linux/firmware.h>
26 #include <linux/delay.h>
27 #include <linux/spi/spi.h>
28 #include <linux/crc32.h>
29 #include <linux/etherdevice.h>
30 #include <linux/vmalloc.h>
31 #include <linux/platform_device.h>
32 #include <linux/slab.h>
33 #include <linux/wl12xx.h>
34 #include <linux/sched.h>
35 #include <linux/interrupt.h>
36
37 #include "wl12xx.h"
38 #include "debug.h"
39 #include "wl12xx_80211.h"
40 #include "reg.h"
41 #include "io.h"
42 #include "event.h"
43 #include "tx.h"
44 #include "rx.h"
45 #include "ps.h"
46 #include "init.h"
47 #include "debugfs.h"
48 #include "cmd.h"
49 #include "boot.h"
50 #include "testmode.h"
51 #include "scan.h"
52
53 #define WL1271_BOOT_RETRIES 3
54
55 static struct conf_drv_settings default_conf = {
56         .sg = {
57                 .params = {
58                         [CONF_SG_ACL_BT_MASTER_MIN_BR] = 10,
59                         [CONF_SG_ACL_BT_MASTER_MAX_BR] = 180,
60                         [CONF_SG_ACL_BT_SLAVE_MIN_BR] = 10,
61                         [CONF_SG_ACL_BT_SLAVE_MAX_BR] = 180,
62                         [CONF_SG_ACL_BT_MASTER_MIN_EDR] = 10,
63                         [CONF_SG_ACL_BT_MASTER_MAX_EDR] = 80,
64                         [CONF_SG_ACL_BT_SLAVE_MIN_EDR] = 10,
65                         [CONF_SG_ACL_BT_SLAVE_MAX_EDR] = 80,
66                         [CONF_SG_ACL_WLAN_PS_MASTER_BR] = 8,
67                         [CONF_SG_ACL_WLAN_PS_SLAVE_BR] = 8,
68                         [CONF_SG_ACL_WLAN_PS_MASTER_EDR] = 20,
69                         [CONF_SG_ACL_WLAN_PS_SLAVE_EDR] = 20,
70                         [CONF_SG_ACL_WLAN_ACTIVE_MASTER_MIN_BR] = 20,
71                         [CONF_SG_ACL_WLAN_ACTIVE_MASTER_MAX_BR] = 35,
72                         [CONF_SG_ACL_WLAN_ACTIVE_SLAVE_MIN_BR] = 16,
73                         [CONF_SG_ACL_WLAN_ACTIVE_SLAVE_MAX_BR] = 35,
74                         [CONF_SG_ACL_WLAN_ACTIVE_MASTER_MIN_EDR] = 32,
75                         [CONF_SG_ACL_WLAN_ACTIVE_MASTER_MAX_EDR] = 50,
76                         [CONF_SG_ACL_WLAN_ACTIVE_SLAVE_MIN_EDR] = 28,
77                         [CONF_SG_ACL_WLAN_ACTIVE_SLAVE_MAX_EDR] = 50,
78                         [CONF_SG_ACL_ACTIVE_SCAN_WLAN_BR] = 10,
79                         [CONF_SG_ACL_ACTIVE_SCAN_WLAN_EDR] = 20,
80                         [CONF_SG_ACL_PASSIVE_SCAN_BT_BR] = 75,
81                         [CONF_SG_ACL_PASSIVE_SCAN_WLAN_BR] = 15,
82                         [CONF_SG_ACL_PASSIVE_SCAN_BT_EDR] = 27,
83                         [CONF_SG_ACL_PASSIVE_SCAN_WLAN_EDR] = 17,
84                         /* active scan params */
85                         [CONF_SG_AUTO_SCAN_PROBE_REQ] = 170,
86                         [CONF_SG_ACTIVE_SCAN_DURATION_FACTOR_HV3] = 50,
87                         [CONF_SG_ACTIVE_SCAN_DURATION_FACTOR_A2DP] = 100,
88                         /* passive scan params */
89                         [CONF_SG_PASSIVE_SCAN_DURATION_FACTOR_A2DP_BR] = 800,
90                         [CONF_SG_PASSIVE_SCAN_DURATION_FACTOR_A2DP_EDR] = 200,
91                         [CONF_SG_PASSIVE_SCAN_DURATION_FACTOR_HV3] = 200,
92                         /* passive scan in dual antenna params */
93                         [CONF_SG_CONSECUTIVE_HV3_IN_PASSIVE_SCAN] = 0,
94                         [CONF_SG_BCN_HV3_COLLISION_THRESH_IN_PASSIVE_SCAN] = 0,
95                         [CONF_SG_TX_RX_PROTECTION_BWIDTH_IN_PASSIVE_SCAN] = 0,
96                         /* general params */
97                         [CONF_SG_STA_FORCE_PS_IN_BT_SCO] = 1,
98                         [CONF_SG_ANTENNA_CONFIGURATION] = 0,
99                         [CONF_SG_BEACON_MISS_PERCENT] = 60,
100                         [CONF_SG_DHCP_TIME] = 5000,
101                         [CONF_SG_RXT] = 1200,
102                         [CONF_SG_TXT] = 1000,
103                         [CONF_SG_ADAPTIVE_RXT_TXT] = 1,
104                         [CONF_SG_GENERAL_USAGE_BIT_MAP] = 3,
105                         [CONF_SG_HV3_MAX_SERVED] = 6,
106                         [CONF_SG_PS_POLL_TIMEOUT] = 10,
107                         [CONF_SG_UPSD_TIMEOUT] = 10,
108                         [CONF_SG_CONSECUTIVE_CTS_THRESHOLD] = 2,
109                         [CONF_SG_STA_RX_WINDOW_AFTER_DTIM] = 5,
110                         [CONF_SG_STA_CONNECTION_PROTECTION_TIME] = 30,
111                         /* AP params */
112                         [CONF_AP_BEACON_MISS_TX] = 3,
113                         [CONF_AP_RX_WINDOW_AFTER_BEACON] = 10,
114                         [CONF_AP_BEACON_WINDOW_INTERVAL] = 2,
115                         [CONF_AP_CONNECTION_PROTECTION_TIME] = 0,
116                         [CONF_AP_BT_ACL_VAL_BT_SERVE_TIME] = 25,
117                         [CONF_AP_BT_ACL_VAL_WL_SERVE_TIME] = 25,
118                 },
119                 .state = CONF_SG_PROTECTIVE,
120         },
121         .rx = {
122                 .rx_msdu_life_time           = 512000,
123                 .packet_detection_threshold  = 0,
124                 .ps_poll_timeout             = 15,
125                 .upsd_timeout                = 15,
126                 .rts_threshold               = IEEE80211_MAX_RTS_THRESHOLD,
127                 .rx_cca_threshold            = 0,
128                 .irq_blk_threshold           = 0xFFFF,
129                 .irq_pkt_threshold           = 0,
130                 .irq_timeout                 = 600,
131                 .queue_type                  = CONF_RX_QUEUE_TYPE_LOW_PRIORITY,
132         },
133         .tx = {
134                 .tx_energy_detection         = 0,
135                 .sta_rc_conf                 = {
136                         .enabled_rates       = 0,
137                         .short_retry_limit   = 10,
138                         .long_retry_limit    = 10,
139                         .aflags              = 0,
140                 },
141                 .ac_conf_count               = 4,
142                 .ac_conf                     = {
143                         [CONF_TX_AC_BE] = {
144                                 .ac          = CONF_TX_AC_BE,
145                                 .cw_min      = 15,
146                                 .cw_max      = 63,
147                                 .aifsn       = 3,
148                                 .tx_op_limit = 0,
149                         },
150                         [CONF_TX_AC_BK] = {
151                                 .ac          = CONF_TX_AC_BK,
152                                 .cw_min      = 15,
153                                 .cw_max      = 63,
154                                 .aifsn       = 7,
155                                 .tx_op_limit = 0,
156                         },
157                         [CONF_TX_AC_VI] = {
158                                 .ac          = CONF_TX_AC_VI,
159                                 .cw_min      = 15,
160                                 .cw_max      = 63,
161                                 .aifsn       = CONF_TX_AIFS_PIFS,
162                                 .tx_op_limit = 3008,
163                         },
164                         [CONF_TX_AC_VO] = {
165                                 .ac          = CONF_TX_AC_VO,
166                                 .cw_min      = 15,
167                                 .cw_max      = 63,
168                                 .aifsn       = CONF_TX_AIFS_PIFS,
169                                 .tx_op_limit = 1504,
170                         },
171                 },
172                 .max_tx_retries = 100,
173                 .ap_aging_period = 300,
174                 .tid_conf_count = 4,
175                 .tid_conf = {
176                         [CONF_TX_AC_BE] = {
177                                 .queue_id    = CONF_TX_AC_BE,
178                                 .channel_type = CONF_CHANNEL_TYPE_EDCF,
179                                 .tsid        = CONF_TX_AC_BE,
180                                 .ps_scheme   = CONF_PS_SCHEME_LEGACY,
181                                 .ack_policy  = CONF_ACK_POLICY_LEGACY,
182                                 .apsd_conf   = {0, 0},
183                         },
184                         [CONF_TX_AC_BK] = {
185                                 .queue_id    = CONF_TX_AC_BK,
186                                 .channel_type = CONF_CHANNEL_TYPE_EDCF,
187                                 .tsid        = CONF_TX_AC_BK,
188                                 .ps_scheme   = CONF_PS_SCHEME_LEGACY,
189                                 .ack_policy  = CONF_ACK_POLICY_LEGACY,
190                                 .apsd_conf   = {0, 0},
191                         },
192                         [CONF_TX_AC_VI] = {
193                                 .queue_id    = CONF_TX_AC_VI,
194                                 .channel_type = CONF_CHANNEL_TYPE_EDCF,
195                                 .tsid        = CONF_TX_AC_VI,
196                                 .ps_scheme   = CONF_PS_SCHEME_LEGACY,
197                                 .ack_policy  = CONF_ACK_POLICY_LEGACY,
198                                 .apsd_conf   = {0, 0},
199                         },
200                         [CONF_TX_AC_VO] = {
201                                 .queue_id    = CONF_TX_AC_VO,
202                                 .channel_type = CONF_CHANNEL_TYPE_EDCF,
203                                 .tsid        = CONF_TX_AC_VO,
204                                 .ps_scheme   = CONF_PS_SCHEME_LEGACY,
205                                 .ack_policy  = CONF_ACK_POLICY_LEGACY,
206                                 .apsd_conf   = {0, 0},
207                         },
208                 },
209                 .frag_threshold              = IEEE80211_MAX_FRAG_THRESHOLD,
210                 .tx_compl_timeout            = 700,
211                 .tx_compl_threshold          = 4,
212                 .basic_rate                  = CONF_HW_BIT_RATE_1MBPS,
213                 .basic_rate_5                = CONF_HW_BIT_RATE_6MBPS,
214                 .tmpl_short_retry_limit      = 10,
215                 .tmpl_long_retry_limit       = 10,
216         },
217         .conn = {
218                 .wake_up_event               = CONF_WAKE_UP_EVENT_DTIM,
219                 .listen_interval             = 1,
220                 .bcn_filt_mode               = CONF_BCN_FILT_MODE_ENABLED,
221                 .bcn_filt_ie_count           = 2,
222                 .bcn_filt_ie = {
223                         [0] = {
224                                 .ie          = WLAN_EID_CHANNEL_SWITCH,
225                                 .rule        = CONF_BCN_RULE_PASS_ON_APPEARANCE,
226                         },
227                         [1] = {
228                                 .ie          = WLAN_EID_HT_INFORMATION,
229                                 .rule        = CONF_BCN_RULE_PASS_ON_CHANGE,
230                         },
231                 },
232                 .synch_fail_thold            = 10,
233                 .bss_lose_timeout            = 100,
234                 .beacon_rx_timeout           = 10000,
235                 .broadcast_timeout           = 20000,
236                 .rx_broadcast_in_ps          = 1,
237                 .ps_poll_threshold           = 10,
238                 .ps_poll_recovery_period     = 700,
239                 .bet_enable                  = CONF_BET_MODE_ENABLE,
240                 .bet_max_consecutive         = 50,
241                 .psm_entry_retries           = 8,
242                 .psm_exit_retries            = 16,
243                 .psm_entry_nullfunc_retries  = 3,
244                 .keep_alive_interval         = 55000,
245                 .max_listen_interval         = 20,
246         },
247         .itrim = {
248                 .enable = false,
249                 .timeout = 50000,
250         },
251         .pm_config = {
252                 .host_clk_settling_time = 5000,
253                 .host_fast_wakeup_support = false
254         },
255         .roam_trigger = {
256                 .trigger_pacing               = 1,
257                 .avg_weight_rssi_beacon       = 20,
258                 .avg_weight_rssi_data         = 10,
259                 .avg_weight_snr_beacon        = 20,
260                 .avg_weight_snr_data          = 10,
261         },
262         .scan = {
263                 .min_dwell_time_active        = 7500,
264                 .max_dwell_time_active        = 30000,
265                 .min_dwell_time_passive       = 100000,
266                 .max_dwell_time_passive       = 100000,
267                 .num_probe_reqs               = 2,
268         },
269         .sched_scan = {
270                 /* sched_scan requires dwell times in TU instead of TU/1000 */
271                 .min_dwell_time_active = 30,
272                 .max_dwell_time_active = 60,
273                 .dwell_time_passive    = 100,
274                 .dwell_time_dfs        = 150,
275                 .num_probe_reqs        = 2,
276                 .rssi_threshold        = -90,
277                 .snr_threshold         = 0,
278         },
279         .rf = {
280                 .tx_per_channel_power_compensation_2 = {
281                         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
282                 },
283                 .tx_per_channel_power_compensation_5 = {
284                         0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
285                         0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
286                         0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
287                 },
288         },
289         .ht = {
290                 .rx_ba_win_size = 8,
291                 .tx_ba_win_size = 64,
292                 .inactivity_timeout = 10000,
293                 .tx_ba_tid_bitmap = CONF_TX_BA_ENABLED_TID_BITMAP,
294         },
295         .mem_wl127x = {
296                 .num_stations                 = 1,
297                 .ssid_profiles                = 1,
298                 .rx_block_num                 = 70,
299                 .tx_min_block_num             = 40,
300                 .dynamic_memory               = 1,
301                 .min_req_tx_blocks            = 100,
302                 .min_req_rx_blocks            = 22,
303                 .tx_min                       = 27,
304         },
305         .mem_wl128x = {
306                 .num_stations                 = 1,
307                 .ssid_profiles                = 1,
308                 .rx_block_num                 = 40,
309                 .tx_min_block_num             = 40,
310                 .dynamic_memory               = 1,
311                 .min_req_tx_blocks            = 45,
312                 .min_req_rx_blocks            = 22,
313                 .tx_min                       = 27,
314         },
315         .fm_coex = {
316                 .enable                       = true,
317                 .swallow_period               = 5,
318                 .n_divider_fref_set_1         = 0xff,       /* default */
319                 .n_divider_fref_set_2         = 12,
320                 .m_divider_fref_set_1         = 148,
321                 .m_divider_fref_set_2         = 0xffff,     /* default */
322                 .coex_pll_stabilization_time  = 0xffffffff, /* default */
323                 .ldo_stabilization_time       = 0xffff,     /* default */
324                 .fm_disturbed_band_margin     = 0xff,       /* default */
325                 .swallow_clk_diff             = 0xff,       /* default */
326         },
327         .rx_streaming = {
328                 .duration                      = 150,
329                 .queues                        = 0x1,
330                 .interval                      = 20,
331                 .always                        = 0,
332         },
333         .fwlog = {
334                 .mode                         = WL12XX_FWLOG_ON_DEMAND,
335                 .mem_blocks                   = 2,
336                 .severity                     = 0,
337                 .timestamp                    = WL12XX_FWLOG_TIMESTAMP_DISABLED,
338                 .output                       = WL12XX_FWLOG_OUTPUT_HOST,
339                 .threshold                    = 0,
340         },
341         .hci_io_ds = HCI_IO_DS_6MA,
342         .rate = {
343                 .rate_retry_score = 32000,
344                 .per_add = 8192,
345                 .per_th1 = 2048,
346                 .per_th2 = 4096,
347                 .max_per = 8100,
348                 .inverse_curiosity_factor = 5,
349                 .tx_fail_low_th = 4,
350                 .tx_fail_high_th = 10,
351                 .per_alpha_shift = 4,
352                 .per_add_shift = 13,
353                 .per_beta1_shift = 10,
354                 .per_beta2_shift = 8,
355                 .rate_check_up = 2,
356                 .rate_check_down = 12,
357                 .rate_retry_policy = {
358                         0x00, 0x00, 0x00, 0x00, 0x00,
359                         0x00, 0x00, 0x00, 0x00, 0x00,
360                         0x00, 0x00, 0x00,
361                 },
362         },
363         .hangover = {
364                 .recover_time               = 0,
365                 .hangover_period            = 20,
366                 .dynamic_mode               = 1,
367                 .early_termination_mode     = 1,
368                 .max_period                 = 20,
369                 .min_period                 = 1,
370                 .increase_delta             = 1,
371                 .decrease_delta             = 2,
372                 .quiet_time                 = 4,
373                 .increase_time              = 1,
374                 .window_size                = 16,
375         },
376 };
377
378 static char *fwlog_param;
379 static bool bug_on_recovery;
380
381 static void __wl1271_op_remove_interface(struct wl1271 *wl,
382                                          struct ieee80211_vif *vif,
383                                          bool reset_tx_queues);
384 static void wl1271_op_stop(struct ieee80211_hw *hw);
385 static void wl1271_free_ap_keys(struct wl1271 *wl, struct wl12xx_vif *wlvif);
386
387 static DEFINE_MUTEX(wl_list_mutex);
388 static LIST_HEAD(wl_list);
389
390 static int wl1271_check_operstate(struct wl1271 *wl, struct wl12xx_vif *wlvif,
391                                   unsigned char operstate)
392 {
393         int ret;
394
395         if (operstate != IF_OPER_UP)
396                 return 0;
397
398         if (test_and_set_bit(WLVIF_FLAG_STA_STATE_SENT, &wlvif->flags))
399                 return 0;
400
401         ret = wl12xx_cmd_set_peer_state(wl, wlvif->sta.hlid);
402         if (ret < 0)
403                 return ret;
404
405         wl12xx_croc(wl, wlvif->role_id);
406
407         wl1271_info("Association completed.");
408         return 0;
409 }
410 static int wl1271_dev_notify(struct notifier_block *me, unsigned long what,
411                              void *arg)
412 {
413         struct net_device *dev = arg;
414         struct wireless_dev *wdev;
415         struct wiphy *wiphy;
416         struct ieee80211_hw *hw;
417         struct wl1271 *wl;
418         struct wl1271 *wl_temp;
419         struct wl12xx_vif *wlvif;
420         int ret = 0;
421
422         /* Check that this notification is for us. */
423         if (what != NETDEV_CHANGE)
424                 return NOTIFY_DONE;
425
426         wdev = dev->ieee80211_ptr;
427         if (wdev == NULL)
428                 return NOTIFY_DONE;
429
430         wiphy = wdev->wiphy;
431         if (wiphy == NULL)
432                 return NOTIFY_DONE;
433
434         hw = wiphy_priv(wiphy);
435         if (hw == NULL)
436                 return NOTIFY_DONE;
437
438         wl_temp = hw->priv;
439         mutex_lock(&wl_list_mutex);
440         list_for_each_entry(wl, &wl_list, list) {
441                 if (wl == wl_temp)
442                         break;
443         }
444         mutex_unlock(&wl_list_mutex);
445         if (wl != wl_temp)
446                 return NOTIFY_DONE;
447
448         mutex_lock(&wl->mutex);
449
450         if (wl->state == WL1271_STATE_OFF)
451                 goto out;
452
453         wl12xx_for_each_wlvif_sta(wl, wlvif) {
454                 if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
455                         continue;
456
457                 ret = wl1271_ps_elp_wakeup(wl);
458                 if (ret < 0)
459                         goto out;
460
461                 wl1271_check_operstate(wl, wlvif, dev->operstate);
462
463                 wl1271_ps_elp_sleep(wl);
464         }
465 out:
466         mutex_unlock(&wl->mutex);
467
468         return NOTIFY_OK;
469 }
470
471 static int wl1271_reg_notify(struct wiphy *wiphy,
472                              struct regulatory_request *request)
473 {
474         struct ieee80211_supported_band *band;
475         struct ieee80211_channel *ch;
476         int i;
477
478         band = wiphy->bands[IEEE80211_BAND_5GHZ];
479         for (i = 0; i < band->n_channels; i++) {
480                 ch = &band->channels[i];
481                 if (ch->flags & IEEE80211_CHAN_DISABLED)
482                         continue;
483
484                 if (ch->flags & IEEE80211_CHAN_RADAR)
485                         ch->flags |= IEEE80211_CHAN_NO_IBSS |
486                                      IEEE80211_CHAN_PASSIVE_SCAN;
487
488         }
489
490         return 0;
491 }
492
493 static int wl1271_set_rx_streaming(struct wl1271 *wl, struct wl12xx_vif *wlvif,
494                                    bool enable)
495 {
496         int ret = 0;
497
498         /* we should hold wl->mutex */
499         ret = wl1271_acx_ps_rx_streaming(wl, wlvif, enable);
500         if (ret < 0)
501                 goto out;
502
503         if (enable)
504                 set_bit(WLVIF_FLAG_RX_STREAMING_STARTED, &wlvif->flags);
505         else
506                 clear_bit(WLVIF_FLAG_RX_STREAMING_STARTED, &wlvif->flags);
507 out:
508         return ret;
509 }
510
511 /*
512  * this function is being called when the rx_streaming interval
513  * has beed changed or rx_streaming should be disabled
514  */
515 int wl1271_recalc_rx_streaming(struct wl1271 *wl, struct wl12xx_vif *wlvif)
516 {
517         int ret = 0;
518         int period = wl->conf.rx_streaming.interval;
519
520         /* don't reconfigure if rx_streaming is disabled */
521         if (!test_bit(WLVIF_FLAG_RX_STREAMING_STARTED, &wlvif->flags))
522                 goto out;
523
524         /* reconfigure/disable according to new streaming_period */
525         if (period &&
526             test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) &&
527             (wl->conf.rx_streaming.always ||
528              test_bit(WL1271_FLAG_SOFT_GEMINI, &wl->flags)))
529                 ret = wl1271_set_rx_streaming(wl, wlvif, true);
530         else {
531                 ret = wl1271_set_rx_streaming(wl, wlvif, false);
532                 /* don't cancel_work_sync since we might deadlock */
533                 del_timer_sync(&wlvif->rx_streaming_timer);
534         }
535 out:
536         return ret;
537 }
538
539 static void wl1271_rx_streaming_enable_work(struct work_struct *work)
540 {
541         int ret;
542         struct wl12xx_vif *wlvif = container_of(work, struct wl12xx_vif,
543                                                 rx_streaming_enable_work);
544         struct wl1271 *wl = wlvif->wl;
545
546         mutex_lock(&wl->mutex);
547
548         if (test_bit(WLVIF_FLAG_RX_STREAMING_STARTED, &wlvif->flags) ||
549             !test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) ||
550             (!wl->conf.rx_streaming.always &&
551              !test_bit(WL1271_FLAG_SOFT_GEMINI, &wl->flags)))
552                 goto out;
553
554         if (!wl->conf.rx_streaming.interval)
555                 goto out;
556
557         ret = wl1271_ps_elp_wakeup(wl);
558         if (ret < 0)
559                 goto out;
560
561         ret = wl1271_set_rx_streaming(wl, wlvif, true);
562         if (ret < 0)
563                 goto out_sleep;
564
565         /* stop it after some time of inactivity */
566         mod_timer(&wlvif->rx_streaming_timer,
567                   jiffies + msecs_to_jiffies(wl->conf.rx_streaming.duration));
568
569 out_sleep:
570         wl1271_ps_elp_sleep(wl);
571 out:
572         mutex_unlock(&wl->mutex);
573 }
574
575 static void wl1271_rx_streaming_disable_work(struct work_struct *work)
576 {
577         int ret;
578         struct wl12xx_vif *wlvif = container_of(work, struct wl12xx_vif,
579                                                 rx_streaming_disable_work);
580         struct wl1271 *wl = wlvif->wl;
581
582         mutex_lock(&wl->mutex);
583
584         if (!test_bit(WLVIF_FLAG_RX_STREAMING_STARTED, &wlvif->flags))
585                 goto out;
586
587         ret = wl1271_ps_elp_wakeup(wl);
588         if (ret < 0)
589                 goto out;
590
591         ret = wl1271_set_rx_streaming(wl, wlvif, false);
592         if (ret)
593                 goto out_sleep;
594
595 out_sleep:
596         wl1271_ps_elp_sleep(wl);
597 out:
598         mutex_unlock(&wl->mutex);
599 }
600
601 static void wl1271_rx_streaming_timer(unsigned long data)
602 {
603         struct wl12xx_vif *wlvif = (struct wl12xx_vif *)data;
604         struct wl1271 *wl = wlvif->wl;
605         ieee80211_queue_work(wl->hw, &wlvif->rx_streaming_disable_work);
606 }
607
608 static void wl1271_conf_init(struct wl1271 *wl)
609 {
610
611         /*
612          * This function applies the default configuration to the driver. This
613          * function is invoked upon driver load (spi probe.)
614          *
615          * The configuration is stored in a run-time structure in order to
616          * facilitate for run-time adjustment of any of the parameters. Making
617          * changes to the configuration structure will apply the new values on
618          * the next interface up (wl1271_op_start.)
619          */
620
621         /* apply driver default configuration */
622         memcpy(&wl->conf, &default_conf, sizeof(default_conf));
623
624         /* Adjust settings according to optional module parameters */
625         if (fwlog_param) {
626                 if (!strcmp(fwlog_param, "continuous")) {
627                         wl->conf.fwlog.mode = WL12XX_FWLOG_CONTINUOUS;
628                 } else if (!strcmp(fwlog_param, "ondemand")) {
629                         wl->conf.fwlog.mode = WL12XX_FWLOG_ON_DEMAND;
630                 } else if (!strcmp(fwlog_param, "dbgpins")) {
631                         wl->conf.fwlog.mode = WL12XX_FWLOG_CONTINUOUS;
632                         wl->conf.fwlog.output = WL12XX_FWLOG_OUTPUT_DBG_PINS;
633                 } else if (!strcmp(fwlog_param, "disable")) {
634                         wl->conf.fwlog.mem_blocks = 0;
635                         wl->conf.fwlog.output = WL12XX_FWLOG_OUTPUT_NONE;
636                 } else {
637                         wl1271_error("Unknown fwlog parameter %s", fwlog_param);
638                 }
639         }
640 }
641
642 static int wl1271_plt_init(struct wl1271 *wl)
643 {
644         int ret;
645
646         if (wl->chip.id == CHIP_ID_1283_PG20)
647                 ret = wl128x_cmd_general_parms(wl);
648         else
649                 ret = wl1271_cmd_general_parms(wl);
650         if (ret < 0)
651                 return ret;
652
653         if (wl->chip.id == CHIP_ID_1283_PG20)
654                 ret = wl128x_cmd_radio_parms(wl);
655         else
656                 ret = wl1271_cmd_radio_parms(wl);
657         if (ret < 0)
658                 return ret;
659
660         if (wl->chip.id != CHIP_ID_1283_PG20) {
661                 ret = wl1271_cmd_ext_radio_parms(wl);
662                 if (ret < 0)
663                         return ret;
664         }
665         if (ret < 0)
666                 return ret;
667
668         /* Chip-specific initializations */
669         ret = wl1271_chip_specific_init(wl);
670         if (ret < 0)
671                 return ret;
672
673         ret = wl1271_acx_init_mem_config(wl);
674         if (ret < 0)
675                 return ret;
676
677         ret = wl12xx_acx_mem_cfg(wl);
678         if (ret < 0)
679                 goto out_free_memmap;
680
681         /* Enable data path */
682         ret = wl1271_cmd_data_path(wl, 1);
683         if (ret < 0)
684                 goto out_free_memmap;
685
686         /* Configure for CAM power saving (ie. always active) */
687         ret = wl1271_acx_sleep_auth(wl, WL1271_PSM_CAM);
688         if (ret < 0)
689                 goto out_free_memmap;
690
691         /* configure PM */
692         ret = wl1271_acx_pm_config(wl);
693         if (ret < 0)
694                 goto out_free_memmap;
695
696         return 0;
697
698  out_free_memmap:
699         kfree(wl->target_mem_map);
700         wl->target_mem_map = NULL;
701
702         return ret;
703 }
704
705 static void wl12xx_irq_ps_regulate_link(struct wl1271 *wl,
706                                         struct wl12xx_vif *wlvif,
707                                         u8 hlid, u8 tx_pkts)
708 {
709         bool fw_ps, single_sta;
710
711         fw_ps = test_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map);
712         single_sta = (wl->active_sta_count == 1);
713
714         /*
715          * Wake up from high level PS if the STA is asleep with too little
716          * packets in FW or if the STA is awake.
717          */
718         if (!fw_ps || tx_pkts < WL1271_PS_STA_MAX_PACKETS)
719                 wl12xx_ps_link_end(wl, wlvif, hlid);
720
721         /*
722          * Start high-level PS if the STA is asleep with enough blocks in FW.
723          * Make an exception if this is the only connected station. In this
724          * case FW-memory congestion is not a problem.
725          */
726         else if (!single_sta && fw_ps && tx_pkts >= WL1271_PS_STA_MAX_PACKETS)
727                 wl12xx_ps_link_start(wl, wlvif, hlid, true);
728 }
729
730 static void wl12xx_irq_update_links_status(struct wl1271 *wl,
731                                            struct wl12xx_vif *wlvif,
732                                            struct wl12xx_fw_status *status)
733 {
734         struct wl1271_link *lnk;
735         u32 cur_fw_ps_map;
736         u8 hlid, cnt;
737
738         /* TODO: also use link_fast_bitmap here */
739
740         cur_fw_ps_map = le32_to_cpu(status->link_ps_bitmap);
741         if (wl->ap_fw_ps_map != cur_fw_ps_map) {
742                 wl1271_debug(DEBUG_PSM,
743                              "link ps prev 0x%x cur 0x%x changed 0x%x",
744                              wl->ap_fw_ps_map, cur_fw_ps_map,
745                              wl->ap_fw_ps_map ^ cur_fw_ps_map);
746
747                 wl->ap_fw_ps_map = cur_fw_ps_map;
748         }
749
750         for_each_set_bit(hlid, wlvif->ap.sta_hlid_map, WL12XX_MAX_LINKS) {
751                 lnk = &wl->links[hlid];
752                 cnt = status->tx_lnk_free_pkts[hlid] - lnk->prev_freed_pkts;
753
754                 lnk->prev_freed_pkts = status->tx_lnk_free_pkts[hlid];
755                 lnk->allocated_pkts -= cnt;
756
757                 wl12xx_irq_ps_regulate_link(wl, wlvif, hlid,
758                                             lnk->allocated_pkts);
759         }
760 }
761
762 static void wl12xx_fw_status(struct wl1271 *wl,
763                              struct wl12xx_fw_status *status)
764 {
765         struct wl12xx_vif *wlvif;
766         struct timespec ts;
767         u32 old_tx_blk_count = wl->tx_blocks_available;
768         int avail, freed_blocks;
769         int i;
770
771         wl1271_raw_read(wl, FW_STATUS_ADDR, status, sizeof(*status), false);
772
773         wl1271_debug(DEBUG_IRQ, "intr: 0x%x (fw_rx_counter = %d, "
774                      "drv_rx_counter = %d, tx_results_counter = %d)",
775                      status->intr,
776                      status->fw_rx_counter,
777                      status->drv_rx_counter,
778                      status->tx_results_counter);
779
780         for (i = 0; i < NUM_TX_QUEUES; i++) {
781                 /* prevent wrap-around in freed-packets counter */
782                 wl->tx_allocated_pkts[i] -=
783                                 (status->tx_released_pkts[i] -
784                                 wl->tx_pkts_freed[i]) & 0xff;
785
786                 wl->tx_pkts_freed[i] = status->tx_released_pkts[i];
787         }
788
789         /* prevent wrap-around in total blocks counter */
790         if (likely(wl->tx_blocks_freed <=
791                    le32_to_cpu(status->total_released_blks)))
792                 freed_blocks = le32_to_cpu(status->total_released_blks) -
793                                wl->tx_blocks_freed;
794         else
795                 freed_blocks = 0x100000000LL - wl->tx_blocks_freed +
796                                le32_to_cpu(status->total_released_blks);
797
798         wl->tx_blocks_freed = le32_to_cpu(status->total_released_blks);
799
800         wl->tx_allocated_blocks -= freed_blocks;
801
802         avail = le32_to_cpu(status->tx_total) - wl->tx_allocated_blocks;
803
804         /*
805          * The FW might change the total number of TX memblocks before
806          * we get a notification about blocks being released. Thus, the
807          * available blocks calculation might yield a temporary result
808          * which is lower than the actual available blocks. Keeping in
809          * mind that only blocks that were allocated can be moved from
810          * TX to RX, tx_blocks_available should never decrease here.
811          */
812         wl->tx_blocks_available = max((int)wl->tx_blocks_available,
813                                       avail);
814
815         /* if more blocks are available now, tx work can be scheduled */
816         if (wl->tx_blocks_available > old_tx_blk_count)
817                 clear_bit(WL1271_FLAG_FW_TX_BUSY, &wl->flags);
818
819         /* for AP update num of allocated TX blocks per link and ps status */
820         wl12xx_for_each_wlvif_ap(wl, wlvif) {
821                 wl12xx_irq_update_links_status(wl, wlvif, status);
822         }
823
824         /* update the host-chipset time offset */
825         getnstimeofday(&ts);
826         wl->time_offset = (timespec_to_ns(&ts) >> 10) -
827                 (s64)le32_to_cpu(status->fw_localtime);
828 }
829
830 static void wl1271_flush_deferred_work(struct wl1271 *wl)
831 {
832         struct sk_buff *skb;
833
834         /* Pass all received frames to the network stack */
835         while ((skb = skb_dequeue(&wl->deferred_rx_queue)))
836                 ieee80211_rx_ni(wl->hw, skb);
837
838         /* Return sent skbs to the network stack */
839         while ((skb = skb_dequeue(&wl->deferred_tx_queue)))
840                 ieee80211_tx_status_ni(wl->hw, skb);
841 }
842
843 static void wl1271_netstack_work(struct work_struct *work)
844 {
845         struct wl1271 *wl =
846                 container_of(work, struct wl1271, netstack_work);
847
848         do {
849                 wl1271_flush_deferred_work(wl);
850         } while (skb_queue_len(&wl->deferred_rx_queue));
851 }
852
853 #define WL1271_IRQ_MAX_LOOPS 256
854
855 static irqreturn_t wl1271_irq(int irq, void *cookie)
856 {
857         int ret;
858         u32 intr;
859         int loopcount = WL1271_IRQ_MAX_LOOPS;
860         struct wl1271 *wl = (struct wl1271 *)cookie;
861         bool done = false;
862         unsigned int defer_count;
863         unsigned long flags;
864
865         /* TX might be handled here, avoid redundant work */
866         set_bit(WL1271_FLAG_TX_PENDING, &wl->flags);
867         cancel_work_sync(&wl->tx_work);
868
869         /*
870          * In case edge triggered interrupt must be used, we cannot iterate
871          * more than once without introducing race conditions with the hardirq.
872          */
873         if (wl->platform_quirks & WL12XX_PLATFORM_QUIRK_EDGE_IRQ)
874                 loopcount = 1;
875
876         mutex_lock(&wl->mutex);
877
878         wl1271_debug(DEBUG_IRQ, "IRQ work");
879
880         if (unlikely(wl->state == WL1271_STATE_OFF))
881                 goto out;
882
883         ret = wl1271_ps_elp_wakeup(wl);
884         if (ret < 0)
885                 goto out;
886
887         while (!done && loopcount--) {
888                 /*
889                  * In order to avoid a race with the hardirq, clear the flag
890                  * before acknowledging the chip. Since the mutex is held,
891                  * wl1271_ps_elp_wakeup cannot be called concurrently.
892                  */
893                 clear_bit(WL1271_FLAG_IRQ_RUNNING, &wl->flags);
894                 smp_mb__after_clear_bit();
895
896                 wl12xx_fw_status(wl, wl->fw_status);
897                 intr = le32_to_cpu(wl->fw_status->intr);
898                 intr &= WL1271_INTR_MASK;
899                 if (!intr) {
900                         done = true;
901                         continue;
902                 }
903
904                 if (unlikely(intr & WL1271_ACX_INTR_WATCHDOG)) {
905                         wl1271_error("watchdog interrupt received! "
906                                      "starting recovery.");
907                         wl12xx_queue_recovery_work(wl);
908
909                         /* restarting the chip. ignore any other interrupt. */
910                         goto out;
911                 }
912
913                 if (likely(intr & WL1271_ACX_INTR_DATA)) {
914                         wl1271_debug(DEBUG_IRQ, "WL1271_ACX_INTR_DATA");
915
916                         wl12xx_rx(wl, wl->fw_status);
917
918                         /* Check if any tx blocks were freed */
919                         spin_lock_irqsave(&wl->wl_lock, flags);
920                         if (!test_bit(WL1271_FLAG_FW_TX_BUSY, &wl->flags) &&
921                             wl1271_tx_total_queue_count(wl) > 0) {
922                                 spin_unlock_irqrestore(&wl->wl_lock, flags);
923                                 /*
924                                  * In order to avoid starvation of the TX path,
925                                  * call the work function directly.
926                                  */
927                                 wl1271_tx_work_locked(wl);
928                         } else {
929                                 spin_unlock_irqrestore(&wl->wl_lock, flags);
930                         }
931
932                         /* check for tx results */
933                         if (wl->fw_status->tx_results_counter !=
934                             (wl->tx_results_count & 0xff))
935                                 wl1271_tx_complete(wl);
936
937                         /* Make sure the deferred queues don't get too long */
938                         defer_count = skb_queue_len(&wl->deferred_tx_queue) +
939                                       skb_queue_len(&wl->deferred_rx_queue);
940                         if (defer_count > WL1271_DEFERRED_QUEUE_LIMIT)
941                                 wl1271_flush_deferred_work(wl);
942                 }
943
944                 if (intr & WL1271_ACX_INTR_EVENT_A) {
945                         wl1271_debug(DEBUG_IRQ, "WL1271_ACX_INTR_EVENT_A");
946                         wl1271_event_handle(wl, 0);
947                 }
948
949                 if (intr & WL1271_ACX_INTR_EVENT_B) {
950                         wl1271_debug(DEBUG_IRQ, "WL1271_ACX_INTR_EVENT_B");
951                         wl1271_event_handle(wl, 1);
952                 }
953
954                 if (intr & WL1271_ACX_INTR_INIT_COMPLETE)
955                         wl1271_debug(DEBUG_IRQ,
956                                      "WL1271_ACX_INTR_INIT_COMPLETE");
957
958                 if (intr & WL1271_ACX_INTR_HW_AVAILABLE)
959                         wl1271_debug(DEBUG_IRQ, "WL1271_ACX_INTR_HW_AVAILABLE");
960         }
961
962         wl1271_ps_elp_sleep(wl);
963
964 out:
965         spin_lock_irqsave(&wl->wl_lock, flags);
966         /* In case TX was not handled here, queue TX work */
967         clear_bit(WL1271_FLAG_TX_PENDING, &wl->flags);
968         if (!test_bit(WL1271_FLAG_FW_TX_BUSY, &wl->flags) &&
969             wl1271_tx_total_queue_count(wl) > 0)
970                 ieee80211_queue_work(wl->hw, &wl->tx_work);
971         spin_unlock_irqrestore(&wl->wl_lock, flags);
972
973         mutex_unlock(&wl->mutex);
974
975         return IRQ_HANDLED;
976 }
977
978 static int wl1271_fetch_firmware(struct wl1271 *wl)
979 {
980         const struct firmware *fw;
981         const char *fw_name;
982         int ret;
983
984         if (wl->chip.id == CHIP_ID_1283_PG20)
985                 fw_name = WL128X_FW_NAME;
986         else
987                 fw_name = WL127X_FW_NAME;
988
989         wl1271_debug(DEBUG_BOOT, "booting firmware %s", fw_name);
990
991         ret = request_firmware(&fw, fw_name, wl->dev);
992
993         if (ret < 0) {
994                 wl1271_error("could not get firmware %s: %d", fw_name, ret);
995                 return ret;
996         }
997
998         if (fw->size % 4) {
999                 wl1271_error("firmware size is not multiple of 32 bits: %zu",
1000                              fw->size);
1001                 ret = -EILSEQ;
1002                 goto out;
1003         }
1004
1005         vfree(wl->fw);
1006         wl->fw_len = fw->size;
1007         wl->fw = vmalloc(wl->fw_len);
1008
1009         if (!wl->fw) {
1010                 wl1271_error("could not allocate memory for the firmware");
1011                 ret = -ENOMEM;
1012                 goto out;
1013         }
1014
1015         memcpy(wl->fw, fw->data, wl->fw_len);
1016         ret = 0;
1017
1018 out:
1019         release_firmware(fw);
1020
1021         return ret;
1022 }
1023
1024 static int wl1271_fetch_nvs(struct wl1271 *wl)
1025 {
1026         const struct firmware *fw;
1027         int ret;
1028
1029         ret = request_firmware(&fw, WL12XX_NVS_NAME, wl->dev);
1030
1031         if (ret < 0) {
1032                 wl1271_error("could not get nvs file %s: %d", WL12XX_NVS_NAME,
1033                              ret);
1034                 return ret;
1035         }
1036
1037         wl->nvs = kmemdup(fw->data, fw->size, GFP_KERNEL);
1038
1039         if (!wl->nvs) {
1040                 wl1271_error("could not allocate memory for the nvs file");
1041                 ret = -ENOMEM;
1042                 goto out;
1043         }
1044
1045         wl->nvs_len = fw->size;
1046
1047 out:
1048         release_firmware(fw);
1049
1050         return ret;
1051 }
1052
1053 void wl12xx_queue_recovery_work(struct wl1271 *wl)
1054 {
1055         if (!test_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags))
1056                 ieee80211_queue_work(wl->hw, &wl->recovery_work);
1057 }
1058
1059 size_t wl12xx_copy_fwlog(struct wl1271 *wl, u8 *memblock, size_t maxlen)
1060 {
1061         size_t len = 0;
1062
1063         /* The FW log is a length-value list, find where the log end */
1064         while (len < maxlen) {
1065                 if (memblock[len] == 0)
1066                         break;
1067                 if (len + memblock[len] + 1 > maxlen)
1068                         break;
1069                 len += memblock[len] + 1;
1070         }
1071
1072         /* Make sure we have enough room */
1073         len = min(len, (size_t)(PAGE_SIZE - wl->fwlog_size));
1074
1075         /* Fill the FW log file, consumed by the sysfs fwlog entry */
1076         memcpy(wl->fwlog + wl->fwlog_size, memblock, len);
1077         wl->fwlog_size += len;
1078
1079         return len;
1080 }
1081
1082 static void wl12xx_read_fwlog_panic(struct wl1271 *wl)
1083 {
1084         u32 addr;
1085         u32 first_addr;
1086         u8 *block;
1087
1088         if ((wl->quirks & WL12XX_QUIRK_FWLOG_NOT_IMPLEMENTED) ||
1089             (wl->conf.fwlog.mode != WL12XX_FWLOG_ON_DEMAND) ||
1090             (wl->conf.fwlog.mem_blocks == 0))
1091                 return;
1092
1093         wl1271_info("Reading FW panic log");
1094
1095         block = kmalloc(WL12XX_HW_BLOCK_SIZE, GFP_KERNEL);
1096         if (!block)
1097                 return;
1098
1099         /*
1100          * Make sure the chip is awake and the logger isn't active.
1101          * This might fail if the firmware hanged.
1102          */
1103         if (!wl1271_ps_elp_wakeup(wl))
1104                 wl12xx_cmd_stop_fwlog(wl);
1105
1106         /* Read the first memory block address */
1107         wl12xx_fw_status(wl, wl->fw_status);
1108         first_addr = le32_to_cpu(wl->fw_status->log_start_addr);
1109         if (!first_addr)
1110                 goto out;
1111
1112         /* Traverse the memory blocks linked list */
1113         addr = first_addr;
1114         do {
1115                 memset(block, 0, WL12XX_HW_BLOCK_SIZE);
1116                 wl1271_read_hwaddr(wl, addr, block, WL12XX_HW_BLOCK_SIZE,
1117                                    false);
1118
1119                 /*
1120                  * Memory blocks are linked to one another. The first 4 bytes
1121                  * of each memory block hold the hardware address of the next
1122                  * one. The last memory block points to the first one.
1123                  */
1124                 addr = le32_to_cpup((__le32 *)block);
1125                 if (!wl12xx_copy_fwlog(wl, block + sizeof(addr),
1126                                        WL12XX_HW_BLOCK_SIZE - sizeof(addr)))
1127                         break;
1128         } while (addr && (addr != first_addr));
1129
1130         wake_up_interruptible(&wl->fwlog_waitq);
1131
1132 out:
1133         kfree(block);
1134 }
1135
1136 static void wl1271_recovery_work(struct work_struct *work)
1137 {
1138         struct wl1271 *wl =
1139                 container_of(work, struct wl1271, recovery_work);
1140         struct wl12xx_vif *wlvif;
1141         struct ieee80211_vif *vif;
1142
1143         mutex_lock(&wl->mutex);
1144
1145         if (wl->state != WL1271_STATE_ON)
1146                 goto out_unlock;
1147
1148         /* Avoid a recursive recovery */
1149         set_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags);
1150
1151         wl12xx_read_fwlog_panic(wl);
1152
1153         wl1271_info("Hardware recovery in progress. FW ver: %s pc: 0x%x",
1154                     wl->chip.fw_ver_str, wl1271_read32(wl, SCR_PAD4));
1155
1156         BUG_ON(bug_on_recovery);
1157
1158         /*
1159          * Advance security sequence number to overcome potential progress
1160          * in the firmware during recovery. This doens't hurt if the network is
1161          * not encrypted.
1162          */
1163         wl12xx_for_each_wlvif(wl, wlvif) {
1164                 if (test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags) ||
1165                     test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags))
1166                         wlvif->tx_security_seq +=
1167                                 WL1271_TX_SQN_POST_RECOVERY_PADDING;
1168         }
1169
1170         /* Prevent spurious TX during FW restart */
1171         ieee80211_stop_queues(wl->hw);
1172
1173         if (wl->sched_scanning) {
1174                 ieee80211_sched_scan_stopped(wl->hw);
1175                 wl->sched_scanning = false;
1176         }
1177
1178         /* reboot the chipset */
1179         while (!list_empty(&wl->wlvif_list)) {
1180                 wlvif = list_first_entry(&wl->wlvif_list,
1181                                        struct wl12xx_vif, list);
1182                 vif = wl12xx_wlvif_to_vif(wlvif);
1183                 __wl1271_op_remove_interface(wl, vif, false);
1184         }
1185         mutex_unlock(&wl->mutex);
1186         wl1271_op_stop(wl->hw);
1187
1188         clear_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags);
1189
1190         ieee80211_restart_hw(wl->hw);
1191
1192         /*
1193          * Its safe to enable TX now - the queues are stopped after a request
1194          * to restart the HW.
1195          */
1196         ieee80211_wake_queues(wl->hw);
1197         return;
1198 out_unlock:
1199         mutex_unlock(&wl->mutex);
1200 }
1201
1202 static void wl1271_fw_wakeup(struct wl1271 *wl)
1203 {
1204         u32 elp_reg;
1205
1206         elp_reg = ELPCTRL_WAKE_UP;
1207         wl1271_raw_write32(wl, HW_ACCESS_ELP_CTRL_REG_ADDR, elp_reg);
1208 }
1209
1210 static int wl1271_setup(struct wl1271 *wl)
1211 {
1212         wl->fw_status = kmalloc(sizeof(*wl->fw_status), GFP_KERNEL);
1213         if (!wl->fw_status)
1214                 return -ENOMEM;
1215
1216         wl->tx_res_if = kmalloc(sizeof(*wl->tx_res_if), GFP_KERNEL);
1217         if (!wl->tx_res_if) {
1218                 kfree(wl->fw_status);
1219                 return -ENOMEM;
1220         }
1221
1222         return 0;
1223 }
1224
1225 static int wl1271_chip_wakeup(struct wl1271 *wl)
1226 {
1227         struct wl1271_partition_set partition;
1228         int ret = 0;
1229
1230         msleep(WL1271_PRE_POWER_ON_SLEEP);
1231         ret = wl1271_power_on(wl);
1232         if (ret < 0)
1233                 goto out;
1234         msleep(WL1271_POWER_ON_SLEEP);
1235         wl1271_io_reset(wl);
1236         wl1271_io_init(wl);
1237
1238         /* We don't need a real memory partition here, because we only want
1239          * to use the registers at this point. */
1240         memset(&partition, 0, sizeof(partition));
1241         partition.reg.start = REGISTERS_BASE;
1242         partition.reg.size = REGISTERS_DOWN_SIZE;
1243         wl1271_set_partition(wl, &partition);
1244
1245         /* ELP module wake up */
1246         wl1271_fw_wakeup(wl);
1247
1248         /* whal_FwCtrl_BootSm() */
1249
1250         /* 0. read chip id from CHIP_ID */
1251         wl->chip.id = wl1271_read32(wl, CHIP_ID_B);
1252
1253         /*
1254          * For wl127x based devices we could use the default block
1255          * size (512 bytes), but due to a bug in the sdio driver, we
1256          * need to set it explicitly after the chip is powered on.  To
1257          * simplify the code and since the performance impact is
1258          * negligible, we use the same block size for all different
1259          * chip types.
1260          */
1261         if (!wl1271_set_block_size(wl))
1262                 wl->quirks |= WL12XX_QUIRK_NO_BLOCKSIZE_ALIGNMENT;
1263
1264         switch (wl->chip.id) {
1265         case CHIP_ID_1271_PG10:
1266                 wl1271_warning("chip id 0x%x (1271 PG10) support is obsolete",
1267                                wl->chip.id);
1268
1269                 ret = wl1271_setup(wl);
1270                 if (ret < 0)
1271                         goto out;
1272                 wl->quirks |= WL12XX_QUIRK_NO_BLOCKSIZE_ALIGNMENT;
1273                 break;
1274
1275         case CHIP_ID_1271_PG20:
1276                 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1271 PG20)",
1277                              wl->chip.id);
1278
1279                 ret = wl1271_setup(wl);
1280                 if (ret < 0)
1281                         goto out;
1282                 wl->quirks |= WL12XX_QUIRK_NO_BLOCKSIZE_ALIGNMENT;
1283                 break;
1284
1285         case CHIP_ID_1283_PG20:
1286                 wl1271_debug(DEBUG_BOOT, "chip id 0x%x (1283 PG20)",
1287                              wl->chip.id);
1288
1289                 ret = wl1271_setup(wl);
1290                 if (ret < 0)
1291                         goto out;
1292                 break;
1293         case CHIP_ID_1283_PG10:
1294         default:
1295                 wl1271_warning("unsupported chip id: 0x%x", wl->chip.id);
1296                 ret = -ENODEV;
1297                 goto out;
1298         }
1299
1300         if (wl->fw == NULL) {
1301                 ret = wl1271_fetch_firmware(wl);
1302                 if (ret < 0)
1303                         goto out;
1304         }
1305
1306         /* No NVS from netlink, try to get it from the filesystem */
1307         if (wl->nvs == NULL) {
1308                 ret = wl1271_fetch_nvs(wl);
1309                 if (ret < 0)
1310                         goto out;
1311         }
1312
1313 out:
1314         return ret;
1315 }
1316
1317 int wl1271_plt_start(struct wl1271 *wl)
1318 {
1319         int retries = WL1271_BOOT_RETRIES;
1320         struct wiphy *wiphy = wl->hw->wiphy;
1321         int ret;
1322
1323         mutex_lock(&wl->mutex);
1324
1325         wl1271_notice("power up");
1326
1327         if (wl->state != WL1271_STATE_OFF) {
1328                 wl1271_error("cannot go into PLT state because not "
1329                              "in off state: %d", wl->state);
1330                 ret = -EBUSY;
1331                 goto out;
1332         }
1333
1334         while (retries) {
1335                 retries--;
1336                 ret = wl1271_chip_wakeup(wl);
1337                 if (ret < 0)
1338                         goto power_off;
1339
1340                 ret = wl1271_boot(wl);
1341                 if (ret < 0)
1342                         goto power_off;
1343
1344                 ret = wl1271_plt_init(wl);
1345                 if (ret < 0)
1346                         goto irq_disable;
1347
1348                 wl->state = WL1271_STATE_PLT;
1349                 wl1271_notice("firmware booted in PLT mode (%s)",
1350                               wl->chip.fw_ver_str);
1351
1352                 /* update hw/fw version info in wiphy struct */
1353                 wiphy->hw_version = wl->chip.id;
1354                 strncpy(wiphy->fw_version, wl->chip.fw_ver_str,
1355                         sizeof(wiphy->fw_version));
1356
1357                 goto out;
1358
1359 irq_disable:
1360                 mutex_unlock(&wl->mutex);
1361                 /* Unlocking the mutex in the middle of handling is
1362                    inherently unsafe. In this case we deem it safe to do,
1363                    because we need to let any possibly pending IRQ out of
1364                    the system (and while we are WL1271_STATE_OFF the IRQ
1365                    work function will not do anything.) Also, any other
1366                    possible concurrent operations will fail due to the
1367                    current state, hence the wl1271 struct should be safe. */
1368                 wl1271_disable_interrupts(wl);
1369                 wl1271_flush_deferred_work(wl);
1370                 cancel_work_sync(&wl->netstack_work);
1371                 mutex_lock(&wl->mutex);
1372 power_off:
1373                 wl1271_power_off(wl);
1374         }
1375
1376         wl1271_error("firmware boot in PLT mode failed despite %d retries",
1377                      WL1271_BOOT_RETRIES);
1378 out:
1379         mutex_unlock(&wl->mutex);
1380
1381         return ret;
1382 }
1383
1384 static int __wl1271_plt_stop(struct wl1271 *wl)
1385 {
1386         int ret = 0;
1387
1388         wl1271_notice("power down");
1389
1390         if (wl->state != WL1271_STATE_PLT) {
1391                 wl1271_error("cannot power down because not in PLT "
1392                              "state: %d", wl->state);
1393                 ret = -EBUSY;
1394                 goto out;
1395         }
1396
1397         wl1271_power_off(wl);
1398
1399         wl->state = WL1271_STATE_OFF;
1400         wl->rx_counter = 0;
1401
1402         mutex_unlock(&wl->mutex);
1403         wl1271_disable_interrupts(wl);
1404         wl1271_flush_deferred_work(wl);
1405         cancel_work_sync(&wl->netstack_work);
1406         cancel_work_sync(&wl->recovery_work);
1407         mutex_lock(&wl->mutex);
1408 out:
1409         return ret;
1410 }
1411
1412 int wl1271_plt_stop(struct wl1271 *wl)
1413 {
1414         int ret;
1415
1416         mutex_lock(&wl->mutex);
1417         ret = __wl1271_plt_stop(wl);
1418         mutex_unlock(&wl->mutex);
1419         return ret;
1420 }
1421
1422 static void wl1271_op_tx(struct ieee80211_hw *hw, struct sk_buff *skb)
1423 {
1424         struct wl1271 *wl = hw->priv;
1425         struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1426         struct ieee80211_vif *vif = info->control.vif;
1427         struct wl12xx_vif *wlvif = NULL;
1428         unsigned long flags;
1429         int q, mapping;
1430         u8 hlid;
1431
1432         if (vif)
1433                 wlvif = wl12xx_vif_to_data(vif);
1434
1435         mapping = skb_get_queue_mapping(skb);
1436         q = wl1271_tx_get_queue(mapping);
1437
1438         hlid = wl12xx_tx_get_hlid(wl, wlvif, skb);
1439
1440         spin_lock_irqsave(&wl->wl_lock, flags);
1441
1442         /* queue the packet */
1443         if (hlid == WL12XX_INVALID_LINK_ID ||
1444             (wlvif && !test_bit(hlid, wlvif->links_map))) {
1445                 wl1271_debug(DEBUG_TX, "DROP skb hlid %d q %d", hlid, q);
1446                 ieee80211_free_txskb(hw, skb);
1447                 goto out;
1448         }
1449
1450         wl1271_debug(DEBUG_TX, "queue skb hlid %d q %d", hlid, q);
1451         skb_queue_tail(&wl->links[hlid].tx_queue[q], skb);
1452
1453         wl->tx_queue_count[q]++;
1454
1455         /*
1456          * The workqueue is slow to process the tx_queue and we need stop
1457          * the queue here, otherwise the queue will get too long.
1458          */
1459         if (wl->tx_queue_count[q] >= WL1271_TX_QUEUE_HIGH_WATERMARK) {
1460                 wl1271_debug(DEBUG_TX, "op_tx: stopping queues for q %d", q);
1461                 ieee80211_stop_queue(wl->hw, mapping);
1462                 set_bit(q, &wl->stopped_queues_map);
1463         }
1464
1465         /*
1466          * The chip specific setup must run before the first TX packet -
1467          * before that, the tx_work will not be initialized!
1468          */
1469
1470         if (!test_bit(WL1271_FLAG_FW_TX_BUSY, &wl->flags) &&
1471             !test_bit(WL1271_FLAG_TX_PENDING, &wl->flags))
1472                 ieee80211_queue_work(wl->hw, &wl->tx_work);
1473
1474 out:
1475         spin_unlock_irqrestore(&wl->wl_lock, flags);
1476 }
1477
1478 int wl1271_tx_dummy_packet(struct wl1271 *wl)
1479 {
1480         unsigned long flags;
1481         int q;
1482
1483         /* no need to queue a new dummy packet if one is already pending */
1484         if (test_bit(WL1271_FLAG_DUMMY_PACKET_PENDING, &wl->flags))
1485                 return 0;
1486
1487         q = wl1271_tx_get_queue(skb_get_queue_mapping(wl->dummy_packet));
1488
1489         spin_lock_irqsave(&wl->wl_lock, flags);
1490         set_bit(WL1271_FLAG_DUMMY_PACKET_PENDING, &wl->flags);
1491         wl->tx_queue_count[q]++;
1492         spin_unlock_irqrestore(&wl->wl_lock, flags);
1493
1494         /* The FW is low on RX memory blocks, so send the dummy packet asap */
1495         if (!test_bit(WL1271_FLAG_FW_TX_BUSY, &wl->flags))
1496                 wl1271_tx_work_locked(wl);
1497
1498         /*
1499          * If the FW TX is busy, TX work will be scheduled by the threaded
1500          * interrupt handler function
1501          */
1502         return 0;
1503 }
1504
1505 /*
1506  * The size of the dummy packet should be at least 1400 bytes. However, in
1507  * order to minimize the number of bus transactions, aligning it to 512 bytes
1508  * boundaries could be beneficial, performance wise
1509  */
1510 #define TOTAL_TX_DUMMY_PACKET_SIZE (ALIGN(1400, 512))
1511
1512 static struct sk_buff *wl12xx_alloc_dummy_packet(struct wl1271 *wl)
1513 {
1514         struct sk_buff *skb;
1515         struct ieee80211_hdr_3addr *hdr;
1516         unsigned int dummy_packet_size;
1517
1518         dummy_packet_size = TOTAL_TX_DUMMY_PACKET_SIZE -
1519                             sizeof(struct wl1271_tx_hw_descr) - sizeof(*hdr);
1520
1521         skb = dev_alloc_skb(TOTAL_TX_DUMMY_PACKET_SIZE);
1522         if (!skb) {
1523                 wl1271_warning("Failed to allocate a dummy packet skb");
1524                 return NULL;
1525         }
1526
1527         skb_reserve(skb, sizeof(struct wl1271_tx_hw_descr));
1528
1529         hdr = (struct ieee80211_hdr_3addr *) skb_put(skb, sizeof(*hdr));
1530         memset(hdr, 0, sizeof(*hdr));
1531         hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
1532                                          IEEE80211_STYPE_NULLFUNC |
1533                                          IEEE80211_FCTL_TODS);
1534
1535         memset(skb_put(skb, dummy_packet_size), 0, dummy_packet_size);
1536
1537         /* Dummy packets require the TID to be management */
1538         skb->priority = WL1271_TID_MGMT;
1539
1540         /* Initialize all fields that might be used */
1541         skb_set_queue_mapping(skb, 0);
1542         memset(IEEE80211_SKB_CB(skb), 0, sizeof(struct ieee80211_tx_info));
1543
1544         return skb;
1545 }
1546
1547
1548 static struct notifier_block wl1271_dev_notifier = {
1549         .notifier_call = wl1271_dev_notify,
1550 };
1551
1552 #ifdef CONFIG_PM
1553 static int wl1271_configure_suspend_sta(struct wl1271 *wl,
1554                                         struct wl12xx_vif *wlvif)
1555 {
1556         int ret = 0;
1557
1558         mutex_lock(&wl->mutex);
1559
1560         if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
1561                 goto out_unlock;
1562
1563         ret = wl1271_ps_elp_wakeup(wl);
1564         if (ret < 0)
1565                 goto out_unlock;
1566
1567         /* enter psm if needed*/
1568         if (!test_bit(WLVIF_FLAG_PSM, &wlvif->flags)) {
1569                 DECLARE_COMPLETION_ONSTACK(compl);
1570
1571                 wlvif->ps_compl = &compl;
1572                 ret = wl1271_ps_set_mode(wl, wlvif, STATION_POWER_SAVE_MODE,
1573                                    wlvif->basic_rate, true);
1574                 if (ret < 0)
1575                         goto out_sleep;
1576
1577                 /* we must unlock here so we will be able to get events */
1578                 wl1271_ps_elp_sleep(wl);
1579                 mutex_unlock(&wl->mutex);
1580
1581                 ret = wait_for_completion_timeout(
1582                         &compl, msecs_to_jiffies(WL1271_PS_COMPLETE_TIMEOUT));
1583
1584                 mutex_lock(&wl->mutex);
1585                 if (ret <= 0) {
1586                         wl1271_warning("couldn't enter ps mode!");
1587                         ret = -EBUSY;
1588                         goto out_cleanup;
1589                 }
1590
1591                 ret = wl1271_ps_elp_wakeup(wl);
1592                 if (ret < 0)
1593                         goto out_cleanup;
1594         }
1595 out_sleep:
1596         wl1271_ps_elp_sleep(wl);
1597 out_cleanup:
1598         wlvif->ps_compl = NULL;
1599 out_unlock:
1600         mutex_unlock(&wl->mutex);
1601         return ret;
1602
1603 }
1604
1605 static int wl1271_configure_suspend_ap(struct wl1271 *wl,
1606                                        struct wl12xx_vif *wlvif)
1607 {
1608         int ret = 0;
1609
1610         mutex_lock(&wl->mutex);
1611
1612         if (!test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags))
1613                 goto out_unlock;
1614
1615         ret = wl1271_ps_elp_wakeup(wl);
1616         if (ret < 0)
1617                 goto out_unlock;
1618
1619         ret = wl1271_acx_beacon_filter_opt(wl, wlvif, true);
1620
1621         wl1271_ps_elp_sleep(wl);
1622 out_unlock:
1623         mutex_unlock(&wl->mutex);
1624         return ret;
1625
1626 }
1627
1628 static int wl1271_configure_suspend(struct wl1271 *wl,
1629                                     struct wl12xx_vif *wlvif)
1630 {
1631         if (wlvif->bss_type == BSS_TYPE_STA_BSS)
1632                 return wl1271_configure_suspend_sta(wl, wlvif);
1633         if (wlvif->bss_type == BSS_TYPE_AP_BSS)
1634                 return wl1271_configure_suspend_ap(wl, wlvif);
1635         return 0;
1636 }
1637
1638 static void wl1271_configure_resume(struct wl1271 *wl,
1639                                     struct wl12xx_vif *wlvif)
1640 {
1641         int ret;
1642         bool is_sta = wlvif->bss_type == BSS_TYPE_STA_BSS;
1643         bool is_ap = wlvif->bss_type == BSS_TYPE_AP_BSS;
1644
1645         if (!is_sta && !is_ap)
1646                 return;
1647
1648         mutex_lock(&wl->mutex);
1649         ret = wl1271_ps_elp_wakeup(wl);
1650         if (ret < 0)
1651                 goto out;
1652
1653         if (is_sta) {
1654                 /* exit psm if it wasn't configured */
1655                 if (!test_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags))
1656                         wl1271_ps_set_mode(wl, wlvif, STATION_ACTIVE_MODE,
1657                                            wlvif->basic_rate, true);
1658         } else if (is_ap) {
1659                 wl1271_acx_beacon_filter_opt(wl, wlvif, false);
1660         }
1661
1662         wl1271_ps_elp_sleep(wl);
1663 out:
1664         mutex_unlock(&wl->mutex);
1665 }
1666
1667 static int wl1271_op_suspend(struct ieee80211_hw *hw,
1668                             struct cfg80211_wowlan *wow)
1669 {
1670         struct wl1271 *wl = hw->priv;
1671         struct wl12xx_vif *wlvif;
1672         int ret;
1673
1674         wl1271_debug(DEBUG_MAC80211, "mac80211 suspend wow=%d", !!wow);
1675         WARN_ON(!wow || !wow->any);
1676
1677         wl->wow_enabled = true;
1678         wl12xx_for_each_wlvif(wl, wlvif) {
1679                 ret = wl1271_configure_suspend(wl, wlvif);
1680                 if (ret < 0) {
1681                         wl1271_warning("couldn't prepare device to suspend");
1682                         return ret;
1683                 }
1684         }
1685         /* flush any remaining work */
1686         wl1271_debug(DEBUG_MAC80211, "flushing remaining works");
1687
1688         /*
1689          * disable and re-enable interrupts in order to flush
1690          * the threaded_irq
1691          */
1692         wl1271_disable_interrupts(wl);
1693
1694         /*
1695          * set suspended flag to avoid triggering a new threaded_irq
1696          * work. no need for spinlock as interrupts are disabled.
1697          */
1698         set_bit(WL1271_FLAG_SUSPENDED, &wl->flags);
1699
1700         wl1271_enable_interrupts(wl);
1701         flush_work(&wl->tx_work);
1702         wl12xx_for_each_wlvif(wl, wlvif) {
1703                 flush_delayed_work(&wlvif->pspoll_work);
1704         }
1705         flush_delayed_work(&wl->elp_work);
1706
1707         return 0;
1708 }
1709
1710 static int wl1271_op_resume(struct ieee80211_hw *hw)
1711 {
1712         struct wl1271 *wl = hw->priv;
1713         struct wl12xx_vif *wlvif;
1714         unsigned long flags;
1715         bool run_irq_work = false;
1716
1717         wl1271_debug(DEBUG_MAC80211, "mac80211 resume wow=%d",
1718                      wl->wow_enabled);
1719         WARN_ON(!wl->wow_enabled);
1720
1721         /*
1722          * re-enable irq_work enqueuing, and call irq_work directly if
1723          * there is a pending work.
1724          */
1725         spin_lock_irqsave(&wl->wl_lock, flags);
1726         clear_bit(WL1271_FLAG_SUSPENDED, &wl->flags);
1727         if (test_and_clear_bit(WL1271_FLAG_PENDING_WORK, &wl->flags))
1728                 run_irq_work = true;
1729         spin_unlock_irqrestore(&wl->wl_lock, flags);
1730
1731         if (run_irq_work) {
1732                 wl1271_debug(DEBUG_MAC80211,
1733                              "run postponed irq_work directly");
1734                 wl1271_irq(0, wl);
1735                 wl1271_enable_interrupts(wl);
1736         }
1737         wl12xx_for_each_wlvif(wl, wlvif) {
1738                 wl1271_configure_resume(wl, wlvif);
1739         }
1740         wl->wow_enabled = false;
1741
1742         return 0;
1743 }
1744 #endif
1745
1746 static int wl1271_op_start(struct ieee80211_hw *hw)
1747 {
1748         wl1271_debug(DEBUG_MAC80211, "mac80211 start");
1749
1750         /*
1751          * We have to delay the booting of the hardware because
1752          * we need to know the local MAC address before downloading and
1753          * initializing the firmware. The MAC address cannot be changed
1754          * after boot, and without the proper MAC address, the firmware
1755          * will not function properly.
1756          *
1757          * The MAC address is first known when the corresponding interface
1758          * is added. That is where we will initialize the hardware.
1759          */
1760
1761         return 0;
1762 }
1763
1764 static void wl1271_op_stop(struct ieee80211_hw *hw)
1765 {
1766         struct wl1271 *wl = hw->priv;
1767         int i;
1768
1769         wl1271_debug(DEBUG_MAC80211, "mac80211 stop");
1770
1771         mutex_lock(&wl->mutex);
1772         if (wl->state == WL1271_STATE_OFF) {
1773                 mutex_unlock(&wl->mutex);
1774                 return;
1775         }
1776         /*
1777          * this must be before the cancel_work calls below, so that the work
1778          * functions don't perform further work.
1779          */
1780         wl->state = WL1271_STATE_OFF;
1781         mutex_unlock(&wl->mutex);
1782
1783         mutex_lock(&wl_list_mutex);
1784         list_del(&wl->list);
1785         mutex_unlock(&wl_list_mutex);
1786
1787         wl1271_disable_interrupts(wl);
1788         wl1271_flush_deferred_work(wl);
1789         cancel_delayed_work_sync(&wl->scan_complete_work);
1790         cancel_work_sync(&wl->netstack_work);
1791         cancel_work_sync(&wl->tx_work);
1792         cancel_delayed_work_sync(&wl->elp_work);
1793
1794         /* let's notify MAC80211 about the remaining pending TX frames */
1795         wl12xx_tx_reset(wl, true);
1796         mutex_lock(&wl->mutex);
1797
1798         wl1271_power_off(wl);
1799
1800         wl->band = IEEE80211_BAND_2GHZ;
1801
1802         wl->rx_counter = 0;
1803         wl->power_level = WL1271_DEFAULT_POWER_LEVEL;
1804         wl->tx_blocks_available = 0;
1805         wl->tx_allocated_blocks = 0;
1806         wl->tx_results_count = 0;
1807         wl->tx_packets_count = 0;
1808         wl->time_offset = 0;
1809         wl->tx_spare_blocks = TX_HW_BLOCK_SPARE_DEFAULT;
1810         wl->ap_fw_ps_map = 0;
1811         wl->ap_ps_map = 0;
1812         wl->sched_scanning = false;
1813         memset(wl->roles_map, 0, sizeof(wl->roles_map));
1814         memset(wl->links_map, 0, sizeof(wl->links_map));
1815         memset(wl->roc_map, 0, sizeof(wl->roc_map));
1816         wl->active_sta_count = 0;
1817
1818         /* The system link is always allocated */
1819         __set_bit(WL12XX_SYSTEM_HLID, wl->links_map);
1820
1821         /*
1822          * this is performed after the cancel_work calls and the associated
1823          * mutex_lock, so that wl1271_op_add_interface does not accidentally
1824          * get executed before all these vars have been reset.
1825          */
1826         wl->flags = 0;
1827
1828         wl->tx_blocks_freed = 0;
1829
1830         for (i = 0; i < NUM_TX_QUEUES; i++) {
1831                 wl->tx_pkts_freed[i] = 0;
1832                 wl->tx_allocated_pkts[i] = 0;
1833         }
1834
1835         wl1271_debugfs_reset(wl);
1836
1837         kfree(wl->fw_status);
1838         wl->fw_status = NULL;
1839         kfree(wl->tx_res_if);
1840         wl->tx_res_if = NULL;
1841         kfree(wl->target_mem_map);
1842         wl->target_mem_map = NULL;
1843
1844         mutex_unlock(&wl->mutex);
1845 }
1846
1847 static int wl12xx_allocate_rate_policy(struct wl1271 *wl, u8 *idx)
1848 {
1849         u8 policy = find_first_zero_bit(wl->rate_policies_map,
1850                                         WL12XX_MAX_RATE_POLICIES);
1851         if (policy >= WL12XX_MAX_RATE_POLICIES)
1852                 return -EBUSY;
1853
1854         __set_bit(policy, wl->rate_policies_map);
1855         *idx = policy;
1856         return 0;
1857 }
1858
1859 static void wl12xx_free_rate_policy(struct wl1271 *wl, u8 *idx)
1860 {
1861         if (WARN_ON(*idx >= WL12XX_MAX_RATE_POLICIES))
1862                 return;
1863
1864         __clear_bit(*idx, wl->rate_policies_map);
1865         *idx = WL12XX_MAX_RATE_POLICIES;
1866 }
1867
1868 static u8 wl12xx_get_role_type(struct wl1271 *wl, struct wl12xx_vif *wlvif)
1869 {
1870         switch (wlvif->bss_type) {
1871         case BSS_TYPE_AP_BSS:
1872                 if (wlvif->p2p)
1873                         return WL1271_ROLE_P2P_GO;
1874                 else
1875                         return WL1271_ROLE_AP;
1876
1877         case BSS_TYPE_STA_BSS:
1878                 if (wlvif->p2p)
1879                         return WL1271_ROLE_P2P_CL;
1880                 else
1881                         return WL1271_ROLE_STA;
1882
1883         case BSS_TYPE_IBSS:
1884                 return WL1271_ROLE_IBSS;
1885
1886         default:
1887                 wl1271_error("invalid bss_type: %d", wlvif->bss_type);
1888         }
1889         return WL12XX_INVALID_ROLE_TYPE;
1890 }
1891
1892 static int wl12xx_init_vif_data(struct wl1271 *wl, struct ieee80211_vif *vif)
1893 {
1894         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
1895         int i;
1896
1897         /* clear everything but the persistent data */
1898         memset(wlvif, 0, offsetof(struct wl12xx_vif, persistent));
1899
1900         switch (ieee80211_vif_type_p2p(vif)) {
1901         case NL80211_IFTYPE_P2P_CLIENT:
1902                 wlvif->p2p = 1;
1903                 /* fall-through */
1904         case NL80211_IFTYPE_STATION:
1905                 wlvif->bss_type = BSS_TYPE_STA_BSS;
1906                 break;
1907         case NL80211_IFTYPE_ADHOC:
1908                 wlvif->bss_type = BSS_TYPE_IBSS;
1909                 break;
1910         case NL80211_IFTYPE_P2P_GO:
1911                 wlvif->p2p = 1;
1912                 /* fall-through */
1913         case NL80211_IFTYPE_AP:
1914                 wlvif->bss_type = BSS_TYPE_AP_BSS;
1915                 break;
1916         default:
1917                 wlvif->bss_type = MAX_BSS_TYPE;
1918                 return -EOPNOTSUPP;
1919         }
1920
1921         wlvif->role_id = WL12XX_INVALID_ROLE_ID;
1922         wlvif->dev_role_id = WL12XX_INVALID_ROLE_ID;
1923         wlvif->dev_hlid = WL12XX_INVALID_LINK_ID;
1924
1925         if (wlvif->bss_type == BSS_TYPE_STA_BSS ||
1926             wlvif->bss_type == BSS_TYPE_IBSS) {
1927                 /* init sta/ibss data */
1928                 wlvif->sta.hlid = WL12XX_INVALID_LINK_ID;
1929                 wl12xx_allocate_rate_policy(wl, &wlvif->sta.basic_rate_idx);
1930                 wl12xx_allocate_rate_policy(wl, &wlvif->sta.ap_rate_idx);
1931                 wl12xx_allocate_rate_policy(wl, &wlvif->sta.p2p_rate_idx);
1932         } else {
1933                 /* init ap data */
1934                 wlvif->ap.bcast_hlid = WL12XX_INVALID_LINK_ID;
1935                 wlvif->ap.global_hlid = WL12XX_INVALID_LINK_ID;
1936                 wl12xx_allocate_rate_policy(wl, &wlvif->ap.mgmt_rate_idx);
1937                 wl12xx_allocate_rate_policy(wl, &wlvif->ap.bcast_rate_idx);
1938                 for (i = 0; i < CONF_TX_MAX_AC_COUNT; i++)
1939                         wl12xx_allocate_rate_policy(wl,
1940                                                 &wlvif->ap.ucast_rate_idx[i]);
1941         }
1942
1943         wlvif->bitrate_masks[IEEE80211_BAND_2GHZ] = wl->conf.tx.basic_rate;
1944         wlvif->bitrate_masks[IEEE80211_BAND_5GHZ] = wl->conf.tx.basic_rate_5;
1945         wlvif->basic_rate_set = CONF_TX_RATE_MASK_BASIC;
1946         wlvif->basic_rate = CONF_TX_RATE_MASK_BASIC;
1947         wlvif->rate_set = CONF_TX_RATE_MASK_BASIC;
1948         wlvif->beacon_int = WL1271_DEFAULT_BEACON_INT;
1949
1950         /*
1951          * mac80211 configures some values globally, while we treat them
1952          * per-interface. thus, on init, we have to copy them from wl
1953          */
1954         wlvif->band = wl->band;
1955         wlvif->channel = wl->channel;
1956         wlvif->power_level = wl->power_level;
1957
1958         INIT_WORK(&wlvif->rx_streaming_enable_work,
1959                   wl1271_rx_streaming_enable_work);
1960         INIT_WORK(&wlvif->rx_streaming_disable_work,
1961                   wl1271_rx_streaming_disable_work);
1962         INIT_DELAYED_WORK(&wlvif->pspoll_work, wl1271_pspoll_work);
1963         INIT_LIST_HEAD(&wlvif->list);
1964
1965         setup_timer(&wlvif->rx_streaming_timer, wl1271_rx_streaming_timer,
1966                     (unsigned long) wlvif);
1967         return 0;
1968 }
1969
1970 static bool wl12xx_init_fw(struct wl1271 *wl)
1971 {
1972         int retries = WL1271_BOOT_RETRIES;
1973         bool booted = false;
1974         struct wiphy *wiphy = wl->hw->wiphy;
1975         int ret;
1976
1977         while (retries) {
1978                 retries--;
1979                 ret = wl1271_chip_wakeup(wl);
1980                 if (ret < 0)
1981                         goto power_off;
1982
1983                 ret = wl1271_boot(wl);
1984                 if (ret < 0)
1985                         goto power_off;
1986
1987                 ret = wl1271_hw_init(wl);
1988                 if (ret < 0)
1989                         goto irq_disable;
1990
1991                 booted = true;
1992                 break;
1993
1994 irq_disable:
1995                 mutex_unlock(&wl->mutex);
1996                 /* Unlocking the mutex in the middle of handling is
1997                    inherently unsafe. In this case we deem it safe to do,
1998                    because we need to let any possibly pending IRQ out of
1999                    the system (and while we are WL1271_STATE_OFF the IRQ
2000                    work function will not do anything.) Also, any other
2001                    possible concurrent operations will fail due to the
2002                    current state, hence the wl1271 struct should be safe. */
2003                 wl1271_disable_interrupts(wl);
2004                 wl1271_flush_deferred_work(wl);
2005                 cancel_work_sync(&wl->netstack_work);
2006                 mutex_lock(&wl->mutex);
2007 power_off:
2008                 wl1271_power_off(wl);
2009         }
2010
2011         if (!booted) {
2012                 wl1271_error("firmware boot failed despite %d retries",
2013                              WL1271_BOOT_RETRIES);
2014                 goto out;
2015         }
2016
2017         wl1271_info("firmware booted (%s)", wl->chip.fw_ver_str);
2018
2019         /* update hw/fw version info in wiphy struct */
2020         wiphy->hw_version = wl->chip.id;
2021         strncpy(wiphy->fw_version, wl->chip.fw_ver_str,
2022                 sizeof(wiphy->fw_version));
2023
2024         /*
2025          * Now we know if 11a is supported (info from the NVS), so disable
2026          * 11a channels if not supported
2027          */
2028         if (!wl->enable_11a)
2029                 wiphy->bands[IEEE80211_BAND_5GHZ]->n_channels = 0;
2030
2031         wl1271_debug(DEBUG_MAC80211, "11a is %ssupported",
2032                      wl->enable_11a ? "" : "not ");
2033
2034         wl->state = WL1271_STATE_ON;
2035 out:
2036         return booted;
2037 }
2038
2039 static int wl1271_op_add_interface(struct ieee80211_hw *hw,
2040                                    struct ieee80211_vif *vif)
2041 {
2042         struct wl1271 *wl = hw->priv;
2043         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
2044         int ret = 0;
2045         u8 role_type;
2046         bool booted = false;
2047
2048         wl1271_debug(DEBUG_MAC80211, "mac80211 add interface type %d mac %pM",
2049                      ieee80211_vif_type_p2p(vif), vif->addr);
2050
2051         mutex_lock(&wl->mutex);
2052         ret = wl1271_ps_elp_wakeup(wl);
2053         if (ret < 0)
2054                 goto out_unlock;
2055
2056         if (wl->vif) {
2057                 wl1271_debug(DEBUG_MAC80211,
2058                              "multiple vifs are not supported yet");
2059                 ret = -EBUSY;
2060                 goto out;
2061         }
2062
2063         /*
2064          * in some very corner case HW recovery scenarios its possible to
2065          * get here before __wl1271_op_remove_interface is complete, so
2066          * opt out if that is the case.
2067          */
2068         if (test_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags) ||
2069             test_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags)) {
2070                 ret = -EBUSY;
2071                 goto out;
2072         }
2073
2074         ret = wl12xx_init_vif_data(wl, vif);
2075         if (ret < 0)
2076                 goto out;
2077
2078         wlvif->wl = wl;
2079         role_type = wl12xx_get_role_type(wl, wlvif);
2080         if (role_type == WL12XX_INVALID_ROLE_TYPE) {
2081                 ret = -EINVAL;
2082                 goto out;
2083         }
2084
2085         /*
2086          * TODO: after the nvs issue will be solved, move this block
2087          * to start(), and make sure here the driver is ON.
2088          */
2089         if (wl->state == WL1271_STATE_OFF) {
2090                 /*
2091                  * we still need this in order to configure the fw
2092                  * while uploading the nvs
2093                  */
2094                 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
2095
2096                 booted = wl12xx_init_fw(wl);
2097                 if (!booted) {
2098                         ret = -EINVAL;
2099                         goto out;
2100                 }
2101         }
2102
2103         if (wlvif->bss_type == BSS_TYPE_STA_BSS ||
2104             wlvif->bss_type == BSS_TYPE_IBSS) {
2105                 /*
2106                  * The device role is a special role used for
2107                  * rx and tx frames prior to association (as
2108                  * the STA role can get packets only from
2109                  * its associated bssid)
2110                  */
2111                 ret = wl12xx_cmd_role_enable(wl, vif->addr,
2112                                                  WL1271_ROLE_DEVICE,
2113                                                  &wlvif->dev_role_id);
2114                 if (ret < 0)
2115                         goto out;
2116         }
2117
2118         ret = wl12xx_cmd_role_enable(wl, vif->addr,
2119                                      role_type, &wlvif->role_id);
2120         if (ret < 0)
2121                 goto out;
2122
2123         ret = wl1271_init_vif_specific(wl, vif);
2124         if (ret < 0)
2125                 goto out;
2126
2127         wl->vif = vif;
2128         list_add(&wlvif->list, &wl->wlvif_list);
2129         set_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags);
2130
2131         if (wlvif->bss_type == BSS_TYPE_AP_BSS)
2132                 wl->ap_count++;
2133         else
2134                 wl->sta_count++;
2135 out:
2136         wl1271_ps_elp_sleep(wl);
2137 out_unlock:
2138         mutex_unlock(&wl->mutex);
2139
2140         mutex_lock(&wl_list_mutex);
2141         if (!ret)
2142                 list_add(&wl->list, &wl_list);
2143         mutex_unlock(&wl_list_mutex);
2144
2145         return ret;
2146 }
2147
2148 static void __wl1271_op_remove_interface(struct wl1271 *wl,
2149                                          struct ieee80211_vif *vif,
2150                                          bool reset_tx_queues)
2151 {
2152         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
2153         int i, ret;
2154
2155         wl1271_debug(DEBUG_MAC80211, "mac80211 remove interface");
2156
2157         if (!test_and_clear_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags))
2158                 return;
2159
2160         wl->vif = NULL;
2161
2162         /* because of hardware recovery, we may get here twice */
2163         if (wl->state != WL1271_STATE_ON)
2164                 return;
2165
2166         wl1271_info("down");
2167
2168         /* enable dyn ps just in case (if left on due to fw crash etc) */
2169         if (wlvif->bss_type == BSS_TYPE_STA_BSS)
2170                 ieee80211_enable_dyn_ps(vif);
2171
2172         if (wl->scan.state != WL1271_SCAN_STATE_IDLE &&
2173             wl->scan_vif == vif) {
2174                 wl->scan.state = WL1271_SCAN_STATE_IDLE;
2175                 memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
2176                 wl->scan_vif = NULL;
2177                 wl->scan.req = NULL;
2178                 ieee80211_scan_completed(wl->hw, true);
2179         }
2180
2181         if (!test_bit(WL1271_FLAG_RECOVERY_IN_PROGRESS, &wl->flags)) {
2182                 /* disable active roles */
2183                 ret = wl1271_ps_elp_wakeup(wl);
2184                 if (ret < 0)
2185                         goto deinit;
2186
2187                 if (wlvif->bss_type == BSS_TYPE_STA_BSS) {
2188                         ret = wl12xx_cmd_role_disable(wl, &wlvif->dev_role_id);
2189                         if (ret < 0)
2190                                 goto deinit;
2191                 }
2192
2193                 ret = wl12xx_cmd_role_disable(wl, &wlvif->role_id);
2194                 if (ret < 0)
2195                         goto deinit;
2196
2197                 wl1271_ps_elp_sleep(wl);
2198         }
2199 deinit:
2200         /* clear all hlids (except system_hlid) */
2201         wlvif->dev_hlid = WL12XX_INVALID_LINK_ID;
2202
2203         if (wlvif->bss_type == BSS_TYPE_STA_BSS ||
2204             wlvif->bss_type == BSS_TYPE_IBSS) {
2205                 wlvif->sta.hlid = WL12XX_INVALID_LINK_ID;
2206                 wl12xx_free_rate_policy(wl, &wlvif->sta.basic_rate_idx);
2207                 wl12xx_free_rate_policy(wl, &wlvif->sta.ap_rate_idx);
2208                 wl12xx_free_rate_policy(wl, &wlvif->sta.p2p_rate_idx);
2209         } else {
2210                 wlvif->ap.bcast_hlid = WL12XX_INVALID_LINK_ID;
2211                 wlvif->ap.global_hlid = WL12XX_INVALID_LINK_ID;
2212                 wl12xx_free_rate_policy(wl, &wlvif->ap.mgmt_rate_idx);
2213                 wl12xx_free_rate_policy(wl, &wlvif->ap.bcast_rate_idx);
2214                 for (i = 0; i < CONF_TX_MAX_AC_COUNT; i++)
2215                         wl12xx_free_rate_policy(wl,
2216                                                 &wlvif->ap.ucast_rate_idx[i]);
2217         }
2218
2219         wl12xx_tx_reset_wlvif(wl, wlvif);
2220         wl1271_free_ap_keys(wl, wlvif);
2221         if (wl->last_wlvif == wlvif)
2222                 wl->last_wlvif = NULL;
2223         list_del(&wlvif->list);
2224         memset(wlvif->ap.sta_hlid_map, 0, sizeof(wlvif->ap.sta_hlid_map));
2225         wlvif->role_id = WL12XX_INVALID_ROLE_ID;
2226         wlvif->dev_role_id = WL12XX_INVALID_ROLE_ID;
2227
2228         if (wlvif->bss_type == BSS_TYPE_AP_BSS)
2229                 wl->ap_count--;
2230         else
2231                 wl->sta_count--;
2232
2233         mutex_unlock(&wl->mutex);
2234         del_timer_sync(&wlvif->rx_streaming_timer);
2235         cancel_work_sync(&wlvif->rx_streaming_enable_work);
2236         cancel_work_sync(&wlvif->rx_streaming_disable_work);
2237         cancel_delayed_work_sync(&wlvif->pspoll_work);
2238
2239         mutex_lock(&wl->mutex);
2240 }
2241
2242 static void wl1271_op_remove_interface(struct ieee80211_hw *hw,
2243                                        struct ieee80211_vif *vif)
2244 {
2245         struct wl1271 *wl = hw->priv;
2246         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
2247         struct wl12xx_vif *iter;
2248
2249         mutex_lock(&wl->mutex);
2250
2251         if (wl->state == WL1271_STATE_OFF ||
2252             !test_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags))
2253                 goto out;
2254
2255         /*
2256          * wl->vif can be null here if someone shuts down the interface
2257          * just when hardware recovery has been started.
2258          */
2259         wl12xx_for_each_wlvif(wl, iter) {
2260                 if (iter != wlvif)
2261                         continue;
2262
2263                 __wl1271_op_remove_interface(wl, vif, true);
2264                 break;
2265         }
2266         WARN_ON(iter != wlvif);
2267 out:
2268         mutex_unlock(&wl->mutex);
2269         cancel_work_sync(&wl->recovery_work);
2270 }
2271
2272 static int wl12xx_op_change_interface(struct ieee80211_hw *hw,
2273                                       struct ieee80211_vif *vif,
2274                                       enum nl80211_iftype new_type, bool p2p)
2275 {
2276         wl1271_op_remove_interface(hw, vif);
2277
2278         vif->type = ieee80211_iftype_p2p(new_type, p2p);
2279         vif->p2p = p2p;
2280         return wl1271_op_add_interface(hw, vif);
2281 }
2282
2283 static int wl1271_join(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2284                           bool set_assoc)
2285 {
2286         int ret;
2287         bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS);
2288
2289         /*
2290          * One of the side effects of the JOIN command is that is clears
2291          * WPA/WPA2 keys from the chipset. Performing a JOIN while associated
2292          * to a WPA/WPA2 access point will therefore kill the data-path.
2293          * Currently the only valid scenario for JOIN during association
2294          * is on roaming, in which case we will also be given new keys.
2295          * Keep the below message for now, unless it starts bothering
2296          * users who really like to roam a lot :)
2297          */
2298         if (test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
2299                 wl1271_info("JOIN while associated.");
2300
2301         if (set_assoc)
2302                 set_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags);
2303
2304         if (is_ibss)
2305                 ret = wl12xx_cmd_role_start_ibss(wl, wlvif);
2306         else
2307                 ret = wl12xx_cmd_role_start_sta(wl, wlvif);
2308         if (ret < 0)
2309                 goto out;
2310
2311         if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
2312                 goto out;
2313
2314         /*
2315          * The join command disable the keep-alive mode, shut down its process,
2316          * and also clear the template config, so we need to reset it all after
2317          * the join. The acx_aid starts the keep-alive process, and the order
2318          * of the commands below is relevant.
2319          */
2320         ret = wl1271_acx_keep_alive_mode(wl, wlvif, true);
2321         if (ret < 0)
2322                 goto out;
2323
2324         ret = wl1271_acx_aid(wl, wlvif, wlvif->aid);
2325         if (ret < 0)
2326                 goto out;
2327
2328         ret = wl12xx_cmd_build_klv_null_data(wl, wlvif);
2329         if (ret < 0)
2330                 goto out;
2331
2332         ret = wl1271_acx_keep_alive_config(wl, wlvif,
2333                                            CMD_TEMPL_KLV_IDX_NULL_DATA,
2334                                            ACX_KEEP_ALIVE_TPL_VALID);
2335         if (ret < 0)
2336                 goto out;
2337
2338 out:
2339         return ret;
2340 }
2341
2342 static int wl1271_unjoin(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2343 {
2344         int ret;
2345
2346         if (test_and_clear_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags)) {
2347                 struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
2348
2349                 wl12xx_cmd_stop_channel_switch(wl);
2350                 ieee80211_chswitch_done(vif, false);
2351         }
2352
2353         /* to stop listening to a channel, we disconnect */
2354         ret = wl12xx_cmd_role_stop_sta(wl, wlvif);
2355         if (ret < 0)
2356                 goto out;
2357
2358         /* reset TX security counters on a clean disconnect */
2359         wlvif->tx_security_last_seq_lsb = 0;
2360         wlvif->tx_security_seq = 0;
2361
2362 out:
2363         return ret;
2364 }
2365
2366 static void wl1271_set_band_rate(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2367 {
2368         wlvif->basic_rate_set = wlvif->bitrate_masks[wlvif->band];
2369         wlvif->rate_set = wlvif->basic_rate_set;
2370 }
2371
2372 static bool wl12xx_is_roc(struct wl1271 *wl)
2373 {
2374         u8 role_id;
2375
2376         role_id = find_first_bit(wl->roc_map, WL12XX_MAX_ROLES);
2377         if (role_id >= WL12XX_MAX_ROLES)
2378                 return false;
2379
2380         return true;
2381 }
2382
2383 static int wl1271_sta_handle_idle(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2384                                   bool idle)
2385 {
2386         int ret;
2387
2388         if (idle) {
2389                 /* no need to croc if we weren't busy (e.g. during boot) */
2390                 if (wl12xx_is_roc(wl)) {
2391                         ret = wl12xx_stop_dev(wl, wlvif);
2392                         if (ret < 0)
2393                                 goto out;
2394                 }
2395                 wlvif->rate_set =
2396                         wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
2397                 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
2398                 if (ret < 0)
2399                         goto out;
2400                 ret = wl1271_acx_keep_alive_config(
2401                         wl, wlvif, CMD_TEMPL_KLV_IDX_NULL_DATA,
2402                         ACX_KEEP_ALIVE_TPL_INVALID);
2403                 if (ret < 0)
2404                         goto out;
2405                 set_bit(WL1271_FLAG_IDLE, &wl->flags);
2406         } else {
2407                 /* The current firmware only supports sched_scan in idle */
2408                 if (wl->sched_scanning) {
2409                         wl1271_scan_sched_scan_stop(wl);
2410                         ieee80211_sched_scan_stopped(wl->hw);
2411                 }
2412
2413                 ret = wl12xx_start_dev(wl, wlvif);
2414                 if (ret < 0)
2415                         goto out;
2416                 clear_bit(WL1271_FLAG_IDLE, &wl->flags);
2417         }
2418
2419 out:
2420         return ret;
2421 }
2422
2423 static int wl12xx_config_vif(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2424                              struct ieee80211_conf *conf, u32 changed)
2425 {
2426         bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
2427         int channel, ret;
2428
2429         channel = ieee80211_frequency_to_channel(conf->channel->center_freq);
2430
2431         /* if the channel changes while joined, join again */
2432         if (changed & IEEE80211_CONF_CHANGE_CHANNEL &&
2433             ((wlvif->band != conf->channel->band) ||
2434              (wlvif->channel != channel))) {
2435                 /* send all pending packets */
2436                 wl1271_tx_work_locked(wl);
2437                 wlvif->band = conf->channel->band;
2438                 wlvif->channel = channel;
2439
2440                 if (!is_ap) {
2441                         /*
2442                          * FIXME: the mac80211 should really provide a fixed
2443                          * rate to use here. for now, just use the smallest
2444                          * possible rate for the band as a fixed rate for
2445                          * association frames and other control messages.
2446                          */
2447                         if (!test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags))
2448                                 wl1271_set_band_rate(wl, wlvif);
2449
2450                         wlvif->basic_rate =
2451                                 wl1271_tx_min_rate_get(wl,
2452                                                        wlvif->basic_rate_set);
2453                         ret = wl1271_acx_sta_rate_policies(wl, wlvif);
2454                         if (ret < 0)
2455                                 wl1271_warning("rate policy for channel "
2456                                                "failed %d", ret);
2457
2458                         if (test_bit(WLVIF_FLAG_STA_ASSOCIATED,
2459                                      &wlvif->flags)) {
2460                                 if (wl12xx_is_roc(wl)) {
2461                                         /* roaming */
2462                                         ret = wl12xx_croc(wl,
2463                                                           wlvif->dev_role_id);
2464                                         if (ret < 0)
2465                                                 return ret;
2466                                 }
2467                                 ret = wl1271_join(wl, wlvif, false);
2468                                 if (ret < 0)
2469                                         wl1271_warning("cmd join on channel "
2470                                                        "failed %d", ret);
2471                         } else {
2472                                 /*
2473                                  * change the ROC channel. do it only if we are
2474                                  * not idle. otherwise, CROC will be called
2475                                  * anyway.
2476                                  */
2477                                 if (wl12xx_is_roc(wl) &&
2478                                     !(conf->flags & IEEE80211_CONF_IDLE)) {
2479                                         ret = wl12xx_stop_dev(wl, wlvif);
2480                                         if (ret < 0)
2481                                                 return ret;
2482
2483                                         ret = wl12xx_start_dev(wl, wlvif);
2484                                         if (ret < 0)
2485                                                 return ret;
2486                                 }
2487                         }
2488                 }
2489         }
2490
2491         /*
2492          * if mac80211 changes the PSM mode, make sure the mode is not
2493          * incorrectly changed after the pspoll failure active window.
2494          */
2495         if (changed & IEEE80211_CONF_CHANGE_PS)
2496                 clear_bit(WLVIF_FLAG_PSPOLL_FAILURE, &wlvif->flags);
2497
2498         if (conf->flags & IEEE80211_CONF_PS &&
2499             !test_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags)) {
2500                 set_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags);
2501
2502                 /*
2503                  * We enter PSM only if we're already associated.
2504                  * If we're not, we'll enter it when joining an SSID,
2505                  * through the bss_info_changed() hook.
2506                  */
2507                 if (test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags)) {
2508                         wl1271_debug(DEBUG_PSM, "psm enabled");
2509                         ret = wl1271_ps_set_mode(wl, wlvif,
2510                                                  STATION_POWER_SAVE_MODE,
2511                                                  wlvif->basic_rate, true);
2512                 }
2513         } else if (!(conf->flags & IEEE80211_CONF_PS) &&
2514                    test_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags)) {
2515                 wl1271_debug(DEBUG_PSM, "psm disabled");
2516
2517                 clear_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags);
2518
2519                 if (test_bit(WLVIF_FLAG_PSM, &wlvif->flags))
2520                         ret = wl1271_ps_set_mode(wl, wlvif,
2521                                                  STATION_ACTIVE_MODE,
2522                                                  wlvif->basic_rate, true);
2523         }
2524
2525         if (conf->power_level != wlvif->power_level) {
2526                 ret = wl1271_acx_tx_power(wl, wlvif, conf->power_level);
2527                 if (ret < 0)
2528                         return ret;
2529
2530                 wlvif->power_level = conf->power_level;
2531         }
2532
2533         return 0;
2534 }
2535
2536 static int wl1271_op_config(struct ieee80211_hw *hw, u32 changed)
2537 {
2538         struct wl1271 *wl = hw->priv;
2539         struct wl12xx_vif *wlvif;
2540         struct ieee80211_conf *conf = &hw->conf;
2541         int channel, ret = 0;
2542
2543         channel = ieee80211_frequency_to_channel(conf->channel->center_freq);
2544
2545         wl1271_debug(DEBUG_MAC80211, "mac80211 config ch %d psm %s power %d %s"
2546                      " changed 0x%x",
2547                      channel,
2548                      conf->flags & IEEE80211_CONF_PS ? "on" : "off",
2549                      conf->power_level,
2550                      conf->flags & IEEE80211_CONF_IDLE ? "idle" : "in use",
2551                          changed);
2552
2553         /*
2554          * mac80211 will go to idle nearly immediately after transmitting some
2555          * frames, such as the deauth. To make sure those frames reach the air,
2556          * wait here until the TX queue is fully flushed.
2557          */
2558         if ((changed & IEEE80211_CONF_CHANGE_IDLE) &&
2559             (conf->flags & IEEE80211_CONF_IDLE))
2560                 wl1271_tx_flush(wl);
2561
2562         mutex_lock(&wl->mutex);
2563
2564         /* we support configuring the channel and band even while off */
2565         if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
2566                 wl->band = conf->channel->band;
2567                 wl->channel = channel;
2568         }
2569
2570         if (changed & IEEE80211_CONF_CHANGE_POWER)
2571                 wl->power_level = conf->power_level;
2572
2573         if (unlikely(wl->state == WL1271_STATE_OFF))
2574                 goto out;
2575
2576         ret = wl1271_ps_elp_wakeup(wl);
2577         if (ret < 0)
2578                 goto out;
2579
2580         /* configure each interface */
2581         wl12xx_for_each_wlvif(wl, wlvif) {
2582                 ret = wl12xx_config_vif(wl, wlvif, conf, changed);
2583                 if (ret < 0)
2584                         goto out_sleep;
2585         }
2586
2587 out_sleep:
2588         wl1271_ps_elp_sleep(wl);
2589
2590 out:
2591         mutex_unlock(&wl->mutex);
2592
2593         return ret;
2594 }
2595
2596 struct wl1271_filter_params {
2597         bool enabled;
2598         int mc_list_length;
2599         u8 mc_list[ACX_MC_ADDRESS_GROUP_MAX][ETH_ALEN];
2600 };
2601
2602 static u64 wl1271_op_prepare_multicast(struct ieee80211_hw *hw,
2603                                        struct netdev_hw_addr_list *mc_list)
2604 {
2605         struct wl1271_filter_params *fp;
2606         struct netdev_hw_addr *ha;
2607         struct wl1271 *wl = hw->priv;
2608
2609         if (unlikely(wl->state == WL1271_STATE_OFF))
2610                 return 0;
2611
2612         fp = kzalloc(sizeof(*fp), GFP_ATOMIC);
2613         if (!fp) {
2614                 wl1271_error("Out of memory setting filters.");
2615                 return 0;
2616         }
2617
2618         /* update multicast filtering parameters */
2619         fp->mc_list_length = 0;
2620         if (netdev_hw_addr_list_count(mc_list) > ACX_MC_ADDRESS_GROUP_MAX) {
2621                 fp->enabled = false;
2622         } else {
2623                 fp->enabled = true;
2624                 netdev_hw_addr_list_for_each(ha, mc_list) {
2625                         memcpy(fp->mc_list[fp->mc_list_length],
2626                                         ha->addr, ETH_ALEN);
2627                         fp->mc_list_length++;
2628                 }
2629         }
2630
2631         return (u64)(unsigned long)fp;
2632 }
2633
2634 #define WL1271_SUPPORTED_FILTERS (FIF_PROMISC_IN_BSS | \
2635                                   FIF_ALLMULTI | \
2636                                   FIF_FCSFAIL | \
2637                                   FIF_BCN_PRBRESP_PROMISC | \
2638                                   FIF_CONTROL | \
2639                                   FIF_OTHER_BSS)
2640
2641 static void wl1271_op_configure_filter(struct ieee80211_hw *hw,
2642                                        unsigned int changed,
2643                                        unsigned int *total, u64 multicast)
2644 {
2645         struct wl1271_filter_params *fp = (void *)(unsigned long)multicast;
2646         struct wl1271 *wl = hw->priv;
2647         struct wl12xx_vif *wlvif;
2648
2649         int ret;
2650
2651         wl1271_debug(DEBUG_MAC80211, "mac80211 configure filter changed %x"
2652                      " total %x", changed, *total);
2653
2654         mutex_lock(&wl->mutex);
2655
2656         *total &= WL1271_SUPPORTED_FILTERS;
2657         changed &= WL1271_SUPPORTED_FILTERS;
2658
2659         if (unlikely(wl->state == WL1271_STATE_OFF))
2660                 goto out;
2661
2662         ret = wl1271_ps_elp_wakeup(wl);
2663         if (ret < 0)
2664                 goto out;
2665
2666         wl12xx_for_each_wlvif(wl, wlvif) {
2667                 if (wlvif->bss_type != BSS_TYPE_AP_BSS) {
2668                         if (*total & FIF_ALLMULTI)
2669                                 ret = wl1271_acx_group_address_tbl(wl, wlvif,
2670                                                                    false,
2671                                                                    NULL, 0);
2672                         else if (fp)
2673                                 ret = wl1271_acx_group_address_tbl(wl, wlvif,
2674                                                         fp->enabled,
2675                                                         fp->mc_list,
2676                                                         fp->mc_list_length);
2677                         if (ret < 0)
2678                                 goto out_sleep;
2679                 }
2680         }
2681
2682         /*
2683          * the fw doesn't provide an api to configure the filters. instead,
2684          * the filters configuration is based on the active roles / ROC
2685          * state.
2686          */
2687
2688 out_sleep:
2689         wl1271_ps_elp_sleep(wl);
2690
2691 out:
2692         mutex_unlock(&wl->mutex);
2693         kfree(fp);
2694 }
2695
2696 static int wl1271_record_ap_key(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2697                                 u8 id, u8 key_type, u8 key_size,
2698                                 const u8 *key, u8 hlid, u32 tx_seq_32,
2699                                 u16 tx_seq_16)
2700 {
2701         struct wl1271_ap_key *ap_key;
2702         int i;
2703
2704         wl1271_debug(DEBUG_CRYPT, "record ap key id %d", (int)id);
2705
2706         if (key_size > MAX_KEY_SIZE)
2707                 return -EINVAL;
2708
2709         /*
2710          * Find next free entry in ap_keys. Also check we are not replacing
2711          * an existing key.
2712          */
2713         for (i = 0; i < MAX_NUM_KEYS; i++) {
2714                 if (wlvif->ap.recorded_keys[i] == NULL)
2715                         break;
2716
2717                 if (wlvif->ap.recorded_keys[i]->id == id) {
2718                         wl1271_warning("trying to record key replacement");
2719                         return -EINVAL;
2720                 }
2721         }
2722
2723         if (i == MAX_NUM_KEYS)
2724                 return -EBUSY;
2725
2726         ap_key = kzalloc(sizeof(*ap_key), GFP_KERNEL);
2727         if (!ap_key)
2728                 return -ENOMEM;
2729
2730         ap_key->id = id;
2731         ap_key->key_type = key_type;
2732         ap_key->key_size = key_size;
2733         memcpy(ap_key->key, key, key_size);
2734         ap_key->hlid = hlid;
2735         ap_key->tx_seq_32 = tx_seq_32;
2736         ap_key->tx_seq_16 = tx_seq_16;
2737
2738         wlvif->ap.recorded_keys[i] = ap_key;
2739         return 0;
2740 }
2741
2742 static void wl1271_free_ap_keys(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2743 {
2744         int i;
2745
2746         for (i = 0; i < MAX_NUM_KEYS; i++) {
2747                 kfree(wlvif->ap.recorded_keys[i]);
2748                 wlvif->ap.recorded_keys[i] = NULL;
2749         }
2750 }
2751
2752 static int wl1271_ap_init_hwenc(struct wl1271 *wl, struct wl12xx_vif *wlvif)
2753 {
2754         int i, ret = 0;
2755         struct wl1271_ap_key *key;
2756         bool wep_key_added = false;
2757
2758         for (i = 0; i < MAX_NUM_KEYS; i++) {
2759                 u8 hlid;
2760                 if (wlvif->ap.recorded_keys[i] == NULL)
2761                         break;
2762
2763                 key = wlvif->ap.recorded_keys[i];
2764                 hlid = key->hlid;
2765                 if (hlid == WL12XX_INVALID_LINK_ID)
2766                         hlid = wlvif->ap.bcast_hlid;
2767
2768                 ret = wl1271_cmd_set_ap_key(wl, wlvif, KEY_ADD_OR_REPLACE,
2769                                             key->id, key->key_type,
2770                                             key->key_size, key->key,
2771                                             hlid, key->tx_seq_32,
2772                                             key->tx_seq_16);
2773                 if (ret < 0)
2774                         goto out;
2775
2776                 if (key->key_type == KEY_WEP)
2777                         wep_key_added = true;
2778         }
2779
2780         if (wep_key_added) {
2781                 ret = wl12xx_cmd_set_default_wep_key(wl, wlvif->default_key,
2782                                                      wlvif->ap.bcast_hlid);
2783                 if (ret < 0)
2784                         goto out;
2785         }
2786
2787 out:
2788         wl1271_free_ap_keys(wl, wlvif);
2789         return ret;
2790 }
2791
2792 static int wl1271_set_key(struct wl1271 *wl, struct wl12xx_vif *wlvif,
2793                        u16 action, u8 id, u8 key_type,
2794                        u8 key_size, const u8 *key, u32 tx_seq_32,
2795                        u16 tx_seq_16, struct ieee80211_sta *sta)
2796 {
2797         int ret;
2798         bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
2799
2800         if (is_ap) {
2801                 struct wl1271_station *wl_sta;
2802                 u8 hlid;
2803
2804                 if (sta) {
2805                         wl_sta = (struct wl1271_station *)sta->drv_priv;
2806                         hlid = wl_sta->hlid;
2807                 } else {
2808                         hlid = wlvif->ap.bcast_hlid;
2809                 }
2810
2811                 if (!test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags)) {
2812                         /*
2813                          * We do not support removing keys after AP shutdown.
2814                          * Pretend we do to make mac80211 happy.
2815                          */
2816                         if (action != KEY_ADD_OR_REPLACE)
2817                                 return 0;
2818
2819                         ret = wl1271_record_ap_key(wl, wlvif, id,
2820                                              key_type, key_size,
2821                                              key, hlid, tx_seq_32,
2822                                              tx_seq_16);
2823                 } else {
2824                         ret = wl1271_cmd_set_ap_key(wl, wlvif, action,
2825                                              id, key_type, key_size,
2826                                              key, hlid, tx_seq_32,
2827                                              tx_seq_16);
2828                 }
2829
2830                 if (ret < 0)
2831                         return ret;
2832         } else {
2833                 const u8 *addr;
2834                 static const u8 bcast_addr[ETH_ALEN] = {
2835                         0xff, 0xff, 0xff, 0xff, 0xff, 0xff
2836                 };
2837
2838                 /*
2839                  * A STA set to GEM cipher requires 2 tx spare blocks.
2840                  * Return to default value when GEM cipher key is removed
2841                  */
2842                 if (key_type == KEY_GEM) {
2843                         if (action == KEY_ADD_OR_REPLACE)
2844                                 wl->tx_spare_blocks = 2;
2845                         else if (action == KEY_REMOVE)
2846                                 wl->tx_spare_blocks = TX_HW_BLOCK_SPARE_DEFAULT;
2847                 }
2848
2849                 addr = sta ? sta->addr : bcast_addr;
2850
2851                 if (is_zero_ether_addr(addr)) {
2852                         /* We dont support TX only encryption */
2853                         return -EOPNOTSUPP;
2854                 }
2855
2856                 /* The wl1271 does not allow to remove unicast keys - they
2857                    will be cleared automatically on next CMD_JOIN. Ignore the
2858                    request silently, as we dont want the mac80211 to emit
2859                    an error message. */
2860                 if (action == KEY_REMOVE && !is_broadcast_ether_addr(addr))
2861                         return 0;
2862
2863                 /* don't remove key if hlid was already deleted */
2864                 if (action == KEY_REMOVE &&
2865                     wlvif->sta.hlid == WL12XX_INVALID_LINK_ID)
2866                         return 0;
2867
2868                 ret = wl1271_cmd_set_sta_key(wl, wlvif, action,
2869                                              id, key_type, key_size,
2870                                              key, addr, tx_seq_32,
2871                                              tx_seq_16);
2872                 if (ret < 0)
2873                         return ret;
2874
2875                 /* the default WEP key needs to be configured at least once */
2876                 if (key_type == KEY_WEP) {
2877                         ret = wl12xx_cmd_set_default_wep_key(wl,
2878                                                         wlvif->default_key,
2879                                                         wlvif->sta.hlid);
2880                         if (ret < 0)
2881                                 return ret;
2882                 }
2883         }
2884
2885         return 0;
2886 }
2887
2888 static int wl1271_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
2889                              struct ieee80211_vif *vif,
2890                              struct ieee80211_sta *sta,
2891                              struct ieee80211_key_conf *key_conf)
2892 {
2893         struct wl1271 *wl = hw->priv;
2894         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
2895         int ret;
2896         u32 tx_seq_32 = 0;
2897         u16 tx_seq_16 = 0;
2898         u8 key_type;
2899
2900         wl1271_debug(DEBUG_MAC80211, "mac80211 set key");
2901
2902         wl1271_debug(DEBUG_CRYPT, "CMD: 0x%x sta: %p", cmd, sta);
2903         wl1271_debug(DEBUG_CRYPT, "Key: algo:0x%x, id:%d, len:%d flags 0x%x",
2904                      key_conf->cipher, key_conf->keyidx,
2905                      key_conf->keylen, key_conf->flags);
2906         wl1271_dump(DEBUG_CRYPT, "KEY: ", key_conf->key, key_conf->keylen);
2907
2908         mutex_lock(&wl->mutex);
2909
2910         if (unlikely(wl->state == WL1271_STATE_OFF)) {
2911                 ret = -EAGAIN;
2912                 goto out_unlock;
2913         }
2914
2915         ret = wl1271_ps_elp_wakeup(wl);
2916         if (ret < 0)
2917                 goto out_unlock;
2918
2919         switch (key_conf->cipher) {
2920         case WLAN_CIPHER_SUITE_WEP40:
2921         case WLAN_CIPHER_SUITE_WEP104:
2922                 key_type = KEY_WEP;
2923
2924                 key_conf->hw_key_idx = key_conf->keyidx;
2925                 break;
2926         case WLAN_CIPHER_SUITE_TKIP:
2927                 key_type = KEY_TKIP;
2928
2929                 key_conf->hw_key_idx = key_conf->keyidx;
2930                 tx_seq_32 = WL1271_TX_SECURITY_HI32(wlvif->tx_security_seq);
2931                 tx_seq_16 = WL1271_TX_SECURITY_LO16(wlvif->tx_security_seq);
2932                 break;
2933         case WLAN_CIPHER_SUITE_CCMP:
2934                 key_type = KEY_AES;
2935
2936                 key_conf->flags |= IEEE80211_KEY_FLAG_PUT_IV_SPACE;
2937                 tx_seq_32 = WL1271_TX_SECURITY_HI32(wlvif->tx_security_seq);
2938                 tx_seq_16 = WL1271_TX_SECURITY_LO16(wlvif->tx_security_seq);
2939                 break;
2940         case WL1271_CIPHER_SUITE_GEM:
2941                 key_type = KEY_GEM;
2942                 tx_seq_32 = WL1271_TX_SECURITY_HI32(wlvif->tx_security_seq);
2943                 tx_seq_16 = WL1271_TX_SECURITY_LO16(wlvif->tx_security_seq);
2944                 break;
2945         default:
2946                 wl1271_error("Unknown key algo 0x%x", key_conf->cipher);
2947
2948                 ret = -EOPNOTSUPP;
2949                 goto out_sleep;
2950         }
2951
2952         switch (cmd) {
2953         case SET_KEY:
2954                 ret = wl1271_set_key(wl, wlvif, KEY_ADD_OR_REPLACE,
2955                                  key_conf->keyidx, key_type,
2956                                  key_conf->keylen, key_conf->key,
2957                                  tx_seq_32, tx_seq_16, sta);
2958                 if (ret < 0) {
2959                         wl1271_error("Could not add or replace key");
2960                         goto out_sleep;
2961                 }
2962                 break;
2963
2964         case DISABLE_KEY:
2965                 ret = wl1271_set_key(wl, wlvif, KEY_REMOVE,
2966                                      key_conf->keyidx, key_type,
2967                                      key_conf->keylen, key_conf->key,
2968                                      0, 0, sta);
2969                 if (ret < 0) {
2970                         wl1271_error("Could not remove key");
2971                         goto out_sleep;
2972                 }
2973                 break;
2974
2975         default:
2976                 wl1271_error("Unsupported key cmd 0x%x", cmd);
2977                 ret = -EOPNOTSUPP;
2978                 break;
2979         }
2980
2981 out_sleep:
2982         wl1271_ps_elp_sleep(wl);
2983
2984 out_unlock:
2985         mutex_unlock(&wl->mutex);
2986
2987         return ret;
2988 }
2989
2990 static int wl1271_op_hw_scan(struct ieee80211_hw *hw,
2991                              struct ieee80211_vif *vif,
2992                              struct cfg80211_scan_request *req)
2993 {
2994         struct wl1271 *wl = hw->priv;
2995         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
2996
2997         int ret;
2998         u8 *ssid = NULL;
2999         size_t len = 0;
3000
3001         wl1271_debug(DEBUG_MAC80211, "mac80211 hw scan");
3002
3003         if (req->n_ssids) {
3004                 ssid = req->ssids[0].ssid;
3005                 len = req->ssids[0].ssid_len;
3006         }
3007
3008         mutex_lock(&wl->mutex);
3009
3010         if (wl->state == WL1271_STATE_OFF) {
3011                 /*
3012                  * We cannot return -EBUSY here because cfg80211 will expect
3013                  * a call to ieee80211_scan_completed if we do - in this case
3014                  * there won't be any call.
3015                  */
3016                 ret = -EAGAIN;
3017                 goto out;
3018         }
3019
3020         ret = wl1271_ps_elp_wakeup(wl);
3021         if (ret < 0)
3022                 goto out;
3023
3024         /* cancel ROC before scanning */
3025         if (wl12xx_is_roc(wl)) {
3026                 if (test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags)) {
3027                         /* don't allow scanning right now */
3028                         ret = -EBUSY;
3029                         goto out_sleep;
3030                 }
3031                 wl12xx_stop_dev(wl, wlvif);
3032         }
3033
3034         ret = wl1271_scan(hw->priv, vif, ssid, len, req);
3035 out_sleep:
3036         wl1271_ps_elp_sleep(wl);
3037 out:
3038         mutex_unlock(&wl->mutex);
3039
3040         return ret;
3041 }
3042
3043 static void wl1271_op_cancel_hw_scan(struct ieee80211_hw *hw,
3044                                      struct ieee80211_vif *vif)
3045 {
3046         struct wl1271 *wl = hw->priv;
3047         int ret;
3048
3049         wl1271_debug(DEBUG_MAC80211, "mac80211 cancel hw scan");
3050
3051         mutex_lock(&wl->mutex);
3052
3053         if (wl->state == WL1271_STATE_OFF)
3054                 goto out;
3055
3056         if (wl->scan.state == WL1271_SCAN_STATE_IDLE)
3057                 goto out;
3058
3059         ret = wl1271_ps_elp_wakeup(wl);
3060         if (ret < 0)
3061                 goto out;
3062
3063         if (wl->scan.state != WL1271_SCAN_STATE_DONE) {
3064                 ret = wl1271_scan_stop(wl);
3065                 if (ret < 0)
3066                         goto out_sleep;
3067         }
3068         wl->scan.state = WL1271_SCAN_STATE_IDLE;
3069         memset(wl->scan.scanned_ch, 0, sizeof(wl->scan.scanned_ch));
3070         wl->scan_vif = NULL;
3071         wl->scan.req = NULL;
3072         ieee80211_scan_completed(wl->hw, true);
3073
3074 out_sleep:
3075         wl1271_ps_elp_sleep(wl);
3076 out:
3077         mutex_unlock(&wl->mutex);
3078
3079         cancel_delayed_work_sync(&wl->scan_complete_work);
3080 }
3081
3082 static int wl1271_op_sched_scan_start(struct ieee80211_hw *hw,
3083                                       struct ieee80211_vif *vif,
3084                                       struct cfg80211_sched_scan_request *req,
3085                                       struct ieee80211_sched_scan_ies *ies)
3086 {
3087         struct wl1271 *wl = hw->priv;
3088         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3089         int ret;
3090
3091         wl1271_debug(DEBUG_MAC80211, "wl1271_op_sched_scan_start");
3092
3093         mutex_lock(&wl->mutex);
3094
3095         ret = wl1271_ps_elp_wakeup(wl);
3096         if (ret < 0)
3097                 goto out;
3098
3099         ret = wl1271_scan_sched_scan_config(wl, wlvif, req, ies);
3100         if (ret < 0)
3101                 goto out_sleep;
3102
3103         ret = wl1271_scan_sched_scan_start(wl, wlvif);
3104         if (ret < 0)
3105                 goto out_sleep;
3106
3107         wl->sched_scanning = true;
3108
3109 out_sleep:
3110         wl1271_ps_elp_sleep(wl);
3111 out:
3112         mutex_unlock(&wl->mutex);
3113         return ret;
3114 }
3115
3116 static void wl1271_op_sched_scan_stop(struct ieee80211_hw *hw,
3117                                       struct ieee80211_vif *vif)
3118 {
3119         struct wl1271 *wl = hw->priv;
3120         int ret;
3121
3122         wl1271_debug(DEBUG_MAC80211, "wl1271_op_sched_scan_stop");
3123
3124         mutex_lock(&wl->mutex);
3125
3126         ret = wl1271_ps_elp_wakeup(wl);
3127         if (ret < 0)
3128                 goto out;
3129
3130         wl1271_scan_sched_scan_stop(wl);
3131
3132         wl1271_ps_elp_sleep(wl);
3133 out:
3134         mutex_unlock(&wl->mutex);
3135 }
3136
3137 static int wl1271_op_set_frag_threshold(struct ieee80211_hw *hw, u32 value)
3138 {
3139         struct wl1271 *wl = hw->priv;
3140         int ret = 0;
3141
3142         mutex_lock(&wl->mutex);
3143
3144         if (unlikely(wl->state == WL1271_STATE_OFF)) {
3145                 ret = -EAGAIN;
3146                 goto out;
3147         }
3148
3149         ret = wl1271_ps_elp_wakeup(wl);
3150         if (ret < 0)
3151                 goto out;
3152
3153         ret = wl1271_acx_frag_threshold(wl, value);
3154         if (ret < 0)
3155                 wl1271_warning("wl1271_op_set_frag_threshold failed: %d", ret);
3156
3157         wl1271_ps_elp_sleep(wl);
3158
3159 out:
3160         mutex_unlock(&wl->mutex);
3161
3162         return ret;
3163 }
3164
3165 static int wl1271_op_set_rts_threshold(struct ieee80211_hw *hw, u32 value)
3166 {
3167         struct wl1271 *wl = hw->priv;
3168         struct wl12xx_vif *wlvif;
3169         int ret = 0;
3170
3171         mutex_lock(&wl->mutex);
3172
3173         if (unlikely(wl->state == WL1271_STATE_OFF)) {
3174                 ret = -EAGAIN;
3175                 goto out;
3176         }
3177
3178         ret = wl1271_ps_elp_wakeup(wl);
3179         if (ret < 0)
3180                 goto out;
3181
3182         wl12xx_for_each_wlvif(wl, wlvif) {
3183                 ret = wl1271_acx_rts_threshold(wl, wlvif, value);
3184                 if (ret < 0)
3185                         wl1271_warning("set rts threshold failed: %d", ret);
3186         }
3187         wl1271_ps_elp_sleep(wl);
3188
3189 out:
3190         mutex_unlock(&wl->mutex);
3191
3192         return ret;
3193 }
3194
3195 static int wl1271_ssid_set(struct ieee80211_vif *vif, struct sk_buff *skb,
3196                             int offset)
3197 {
3198         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3199         u8 ssid_len;
3200         const u8 *ptr = cfg80211_find_ie(WLAN_EID_SSID, skb->data + offset,
3201                                          skb->len - offset);
3202
3203         if (!ptr) {
3204                 wl1271_error("No SSID in IEs!");
3205                 return -ENOENT;
3206         }
3207
3208         ssid_len = ptr[1];
3209         if (ssid_len > IEEE80211_MAX_SSID_LEN) {
3210                 wl1271_error("SSID is too long!");
3211                 return -EINVAL;
3212         }
3213
3214         wlvif->ssid_len = ssid_len;
3215         memcpy(wlvif->ssid, ptr+2, ssid_len);
3216         return 0;
3217 }
3218
3219 static void wl12xx_remove_ie(struct sk_buff *skb, u8 eid, int ieoffset)
3220 {
3221         int len;
3222         const u8 *next, *end = skb->data + skb->len;
3223         u8 *ie = (u8 *)cfg80211_find_ie(eid, skb->data + ieoffset,
3224                                         skb->len - ieoffset);
3225         if (!ie)
3226                 return;
3227         len = ie[1] + 2;
3228         next = ie + len;
3229         memmove(ie, next, end - next);
3230         skb_trim(skb, skb->len - len);
3231 }
3232
3233 static void wl12xx_remove_vendor_ie(struct sk_buff *skb,
3234                                             unsigned int oui, u8 oui_type,
3235                                             int ieoffset)
3236 {
3237         int len;
3238         const u8 *next, *end = skb->data + skb->len;
3239         u8 *ie = (u8 *)cfg80211_find_vendor_ie(oui, oui_type,
3240                                                skb->data + ieoffset,
3241                                                skb->len - ieoffset);
3242         if (!ie)
3243                 return;
3244         len = ie[1] + 2;
3245         next = ie + len;
3246         memmove(ie, next, end - next);
3247         skb_trim(skb, skb->len - len);
3248 }
3249
3250 static int wl1271_ap_set_probe_resp_tmpl(struct wl1271 *wl, u32 rates,
3251                                          struct ieee80211_vif *vif)
3252 {
3253         struct sk_buff *skb;
3254         int ret;
3255
3256         skb = ieee80211_proberesp_get(wl->hw, vif);
3257         if (!skb)
3258                 return -EOPNOTSUPP;
3259
3260         ret = wl1271_cmd_template_set(wl,
3261                                       CMD_TEMPL_AP_PROBE_RESPONSE,
3262                                       skb->data,
3263                                       skb->len, 0,
3264                                       rates);
3265
3266         dev_kfree_skb(skb);
3267         return ret;
3268 }
3269
3270 static int wl1271_ap_set_probe_resp_tmpl_legacy(struct wl1271 *wl,
3271                                              struct ieee80211_vif *vif,
3272                                              u8 *probe_rsp_data,
3273                                              size_t probe_rsp_len,
3274                                              u32 rates)
3275 {
3276         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3277         struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
3278         u8 probe_rsp_templ[WL1271_CMD_TEMPL_MAX_SIZE];
3279         int ssid_ie_offset, ie_offset, templ_len;
3280         const u8 *ptr;
3281
3282         /* no need to change probe response if the SSID is set correctly */
3283         if (wlvif->ssid_len > 0)
3284                 return wl1271_cmd_template_set(wl,
3285                                                CMD_TEMPL_AP_PROBE_RESPONSE,
3286                                                probe_rsp_data,
3287                                                probe_rsp_len, 0,
3288                                                rates);
3289
3290         if (probe_rsp_len + bss_conf->ssid_len > WL1271_CMD_TEMPL_MAX_SIZE) {
3291                 wl1271_error("probe_rsp template too big");
3292                 return -EINVAL;
3293         }
3294
3295         /* start searching from IE offset */
3296         ie_offset = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
3297
3298         ptr = cfg80211_find_ie(WLAN_EID_SSID, probe_rsp_data + ie_offset,
3299                                probe_rsp_len - ie_offset);
3300         if (!ptr) {
3301                 wl1271_error("No SSID in beacon!");
3302                 return -EINVAL;
3303         }
3304
3305         ssid_ie_offset = ptr - probe_rsp_data;
3306         ptr += (ptr[1] + 2);
3307
3308         memcpy(probe_rsp_templ, probe_rsp_data, ssid_ie_offset);
3309
3310         /* insert SSID from bss_conf */
3311         probe_rsp_templ[ssid_ie_offset] = WLAN_EID_SSID;
3312         probe_rsp_templ[ssid_ie_offset + 1] = bss_conf->ssid_len;
3313         memcpy(probe_rsp_templ + ssid_ie_offset + 2,
3314                bss_conf->ssid, bss_conf->ssid_len);
3315         templ_len = ssid_ie_offset + 2 + bss_conf->ssid_len;
3316
3317         memcpy(probe_rsp_templ + ssid_ie_offset + 2 + bss_conf->ssid_len,
3318                ptr, probe_rsp_len - (ptr - probe_rsp_data));
3319         templ_len += probe_rsp_len - (ptr - probe_rsp_data);
3320
3321         return wl1271_cmd_template_set(wl,
3322                                        CMD_TEMPL_AP_PROBE_RESPONSE,
3323                                        probe_rsp_templ,
3324                                        templ_len, 0,
3325                                        rates);
3326 }
3327
3328 static int wl1271_bss_erp_info_changed(struct wl1271 *wl,
3329                                        struct ieee80211_vif *vif,
3330                                        struct ieee80211_bss_conf *bss_conf,
3331                                        u32 changed)
3332 {
3333         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3334         int ret = 0;
3335
3336         if (changed & BSS_CHANGED_ERP_SLOT) {
3337                 if (bss_conf->use_short_slot)
3338                         ret = wl1271_acx_slot(wl, wlvif, SLOT_TIME_SHORT);
3339                 else
3340                         ret = wl1271_acx_slot(wl, wlvif, SLOT_TIME_LONG);
3341                 if (ret < 0) {
3342                         wl1271_warning("Set slot time failed %d", ret);
3343                         goto out;
3344                 }
3345         }
3346
3347         if (changed & BSS_CHANGED_ERP_PREAMBLE) {
3348                 if (bss_conf->use_short_preamble)
3349                         wl1271_acx_set_preamble(wl, wlvif, ACX_PREAMBLE_SHORT);
3350                 else
3351                         wl1271_acx_set_preamble(wl, wlvif, ACX_PREAMBLE_LONG);
3352         }
3353
3354         if (changed & BSS_CHANGED_ERP_CTS_PROT) {
3355                 if (bss_conf->use_cts_prot)
3356                         ret = wl1271_acx_cts_protect(wl, wlvif,
3357                                                      CTSPROTECT_ENABLE);
3358                 else
3359                         ret = wl1271_acx_cts_protect(wl, wlvif,
3360                                                      CTSPROTECT_DISABLE);
3361                 if (ret < 0) {
3362                         wl1271_warning("Set ctsprotect failed %d", ret);
3363                         goto out;
3364                 }
3365         }
3366
3367 out:
3368         return ret;
3369 }
3370
3371 static int wl1271_bss_beacon_info_changed(struct wl1271 *wl,
3372                                           struct ieee80211_vif *vif,
3373                                           struct ieee80211_bss_conf *bss_conf,
3374                                           u32 changed)
3375 {
3376         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3377         bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
3378         int ret = 0;
3379
3380         if ((changed & BSS_CHANGED_BEACON_INT)) {
3381                 wl1271_debug(DEBUG_MASTER, "beacon interval updated: %d",
3382                         bss_conf->beacon_int);
3383
3384                 wlvif->beacon_int = bss_conf->beacon_int;
3385         }
3386
3387         if ((changed & BSS_CHANGED_AP_PROBE_RESP) && is_ap) {
3388                 u32 rate = wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
3389                 if (!wl1271_ap_set_probe_resp_tmpl(wl, rate, vif)) {
3390                         wl1271_debug(DEBUG_AP, "probe response updated");
3391                         set_bit(WLVIF_FLAG_AP_PROBE_RESP_SET, &wlvif->flags);
3392                 }
3393         }
3394
3395         if ((changed & BSS_CHANGED_BEACON)) {
3396                 struct ieee80211_hdr *hdr;
3397                 u32 min_rate;
3398                 int ieoffset = offsetof(struct ieee80211_mgmt,
3399                                         u.beacon.variable);
3400                 struct sk_buff *beacon = ieee80211_beacon_get(wl->hw, vif);
3401                 u16 tmpl_id;
3402
3403                 if (!beacon) {
3404                         ret = -EINVAL;
3405                         goto out;
3406                 }
3407
3408                 wl1271_debug(DEBUG_MASTER, "beacon updated");
3409
3410                 ret = wl1271_ssid_set(vif, beacon, ieoffset);
3411                 if (ret < 0) {
3412                         dev_kfree_skb(beacon);
3413                         goto out;
3414                 }
3415                 min_rate = wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
3416                 tmpl_id = is_ap ? CMD_TEMPL_AP_BEACON :
3417                                   CMD_TEMPL_BEACON;
3418                 ret = wl1271_cmd_template_set(wl, tmpl_id,
3419                                               beacon->data,
3420                                               beacon->len, 0,
3421                                               min_rate);
3422                 if (ret < 0) {
3423                         dev_kfree_skb(beacon);
3424                         goto out;
3425                 }
3426
3427                 /*
3428                  * In case we already have a probe-resp beacon set explicitly
3429                  * by usermode, don't use the beacon data.
3430                  */
3431                 if (test_bit(WLVIF_FLAG_AP_PROBE_RESP_SET, &wlvif->flags))
3432                         goto end_bcn;
3433
3434                 /* remove TIM ie from probe response */
3435                 wl12xx_remove_ie(beacon, WLAN_EID_TIM, ieoffset);
3436
3437                 /*
3438                  * remove p2p ie from probe response.
3439                  * the fw reponds to probe requests that don't include
3440                  * the p2p ie. probe requests with p2p ie will be passed,
3441                  * and will be responded by the supplicant (the spec
3442                  * forbids including the p2p ie when responding to probe
3443                  * requests that didn't include it).
3444                  */
3445                 wl12xx_remove_vendor_ie(beacon, WLAN_OUI_WFA,
3446                                         WLAN_OUI_TYPE_WFA_P2P, ieoffset);
3447
3448                 hdr = (struct ieee80211_hdr *) beacon->data;
3449                 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
3450                                                  IEEE80211_STYPE_PROBE_RESP);
3451                 if (is_ap)
3452                         ret = wl1271_ap_set_probe_resp_tmpl_legacy(wl, vif,
3453                                                 beacon->data,
3454                                                 beacon->len,
3455                                                 min_rate);
3456                 else
3457                         ret = wl1271_cmd_template_set(wl,
3458                                                 CMD_TEMPL_PROBE_RESPONSE,
3459                                                 beacon->data,
3460                                                 beacon->len, 0,
3461                                                 min_rate);
3462 end_bcn:
3463                 dev_kfree_skb(beacon);
3464                 if (ret < 0)
3465                         goto out;
3466         }
3467
3468 out:
3469         if (ret != 0)
3470                 wl1271_error("beacon info change failed: %d", ret);
3471         return ret;
3472 }
3473
3474 /* AP mode changes */
3475 static void wl1271_bss_info_changed_ap(struct wl1271 *wl,
3476                                        struct ieee80211_vif *vif,
3477                                        struct ieee80211_bss_conf *bss_conf,
3478                                        u32 changed)
3479 {
3480         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3481         int ret = 0;
3482
3483         if ((changed & BSS_CHANGED_BASIC_RATES)) {
3484                 u32 rates = bss_conf->basic_rates;
3485
3486                 wlvif->basic_rate_set = wl1271_tx_enabled_rates_get(wl, rates,
3487                                                                  wlvif->band);
3488                 wlvif->basic_rate = wl1271_tx_min_rate_get(wl,
3489                                                         wlvif->basic_rate_set);
3490
3491                 ret = wl1271_init_ap_rates(wl, wlvif);
3492                 if (ret < 0) {
3493                         wl1271_error("AP rate policy change failed %d", ret);
3494                         goto out;
3495                 }
3496
3497                 ret = wl1271_ap_init_templates(wl, vif);
3498                 if (ret < 0)
3499                         goto out;
3500         }
3501
3502         ret = wl1271_bss_beacon_info_changed(wl, vif, bss_conf, changed);
3503         if (ret < 0)
3504                 goto out;
3505
3506         if ((changed & BSS_CHANGED_BEACON_ENABLED)) {
3507                 if (bss_conf->enable_beacon) {
3508                         if (!test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags)) {
3509                                 ret = wl12xx_cmd_role_start_ap(wl, wlvif);
3510                                 if (ret < 0)
3511                                         goto out;
3512
3513                                 ret = wl1271_ap_init_hwenc(wl, wlvif);
3514                                 if (ret < 0)
3515                                         goto out;
3516
3517                                 set_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags);
3518                                 wl1271_debug(DEBUG_AP, "started AP");
3519                         }
3520                 } else {
3521                         if (test_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags)) {
3522                                 ret = wl12xx_cmd_role_stop_ap(wl, wlvif);
3523                                 if (ret < 0)
3524                                         goto out;
3525
3526                                 clear_bit(WLVIF_FLAG_AP_STARTED, &wlvif->flags);
3527                                 clear_bit(WLVIF_FLAG_AP_PROBE_RESP_SET,
3528                                           &wlvif->flags);
3529                                 wl1271_debug(DEBUG_AP, "stopped AP");
3530                         }
3531                 }
3532         }
3533
3534         ret = wl1271_bss_erp_info_changed(wl, vif, bss_conf, changed);
3535         if (ret < 0)
3536                 goto out;
3537
3538         /* Handle HT information change */
3539         if ((changed & BSS_CHANGED_HT) &&
3540             (bss_conf->channel_type != NL80211_CHAN_NO_HT)) {
3541                 ret = wl1271_acx_set_ht_information(wl, wlvif,
3542                                         bss_conf->ht_operation_mode);
3543                 if (ret < 0) {
3544                         wl1271_warning("Set ht information failed %d", ret);
3545                         goto out;
3546                 }
3547         }
3548
3549 out:
3550         return;
3551 }
3552
3553 /* STA/IBSS mode changes */
3554 static void wl1271_bss_info_changed_sta(struct wl1271 *wl,
3555                                         struct ieee80211_vif *vif,
3556                                         struct ieee80211_bss_conf *bss_conf,
3557                                         u32 changed)
3558 {
3559         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3560         bool do_join = false, set_assoc = false;
3561         bool is_ibss = (wlvif->bss_type == BSS_TYPE_IBSS);
3562         bool ibss_joined = false;
3563         u32 sta_rate_set = 0;
3564         int ret;
3565         struct ieee80211_sta *sta;
3566         bool sta_exists = false;
3567         struct ieee80211_sta_ht_cap sta_ht_cap;
3568
3569         if (is_ibss) {
3570                 ret = wl1271_bss_beacon_info_changed(wl, vif, bss_conf,
3571                                                      changed);
3572                 if (ret < 0)
3573                         goto out;
3574         }
3575
3576         if (changed & BSS_CHANGED_IBSS) {
3577                 if (bss_conf->ibss_joined) {
3578                         set_bit(WLVIF_FLAG_IBSS_JOINED, &wlvif->flags);
3579                         ibss_joined = true;
3580                 } else {
3581                         if (test_and_clear_bit(WLVIF_FLAG_IBSS_JOINED,
3582                                                &wlvif->flags)) {
3583                                 wl1271_unjoin(wl, wlvif);
3584                                 wl12xx_start_dev(wl, wlvif);
3585                         }
3586                 }
3587         }
3588
3589         if ((changed & BSS_CHANGED_BEACON_INT) && ibss_joined)
3590                 do_join = true;
3591
3592         /* Need to update the SSID (for filtering etc) */
3593         if ((changed & BSS_CHANGED_BEACON) && ibss_joined)
3594                 do_join = true;
3595
3596         if ((changed & BSS_CHANGED_BEACON_ENABLED) && ibss_joined) {
3597                 wl1271_debug(DEBUG_ADHOC, "ad-hoc beaconing: %s",
3598                              bss_conf->enable_beacon ? "enabled" : "disabled");
3599
3600                 do_join = true;
3601         }
3602
3603         if (changed & BSS_CHANGED_IDLE) {
3604                 ret = wl1271_sta_handle_idle(wl, wlvif, bss_conf->idle);
3605                 if (ret < 0)
3606                         wl1271_warning("idle mode change failed %d", ret);
3607         }
3608
3609         if ((changed & BSS_CHANGED_CQM)) {
3610                 bool enable = false;
3611                 if (bss_conf->cqm_rssi_thold)
3612                         enable = true;
3613                 ret = wl1271_acx_rssi_snr_trigger(wl, wlvif, enable,
3614                                                   bss_conf->cqm_rssi_thold,
3615                                                   bss_conf->cqm_rssi_hyst);
3616                 if (ret < 0)
3617                         goto out;
3618                 wlvif->rssi_thold = bss_conf->cqm_rssi_thold;
3619         }
3620
3621         if (changed & BSS_CHANGED_BSSID)
3622                 if (!is_zero_ether_addr(bss_conf->bssid)) {
3623                         ret = wl12xx_cmd_build_null_data(wl, wlvif);
3624                         if (ret < 0)
3625                                 goto out;
3626
3627                         ret = wl1271_build_qos_null_data(wl, vif);
3628                         if (ret < 0)
3629                                 goto out;
3630
3631                         /* Need to update the BSSID (for filtering etc) */
3632                         do_join = true;
3633                 }
3634
3635         if (changed & (BSS_CHANGED_ASSOC | BSS_CHANGED_HT)) {
3636                 rcu_read_lock();
3637                 sta = ieee80211_find_sta(vif, bss_conf->bssid);
3638                 if (!sta)
3639                         goto sta_not_found;
3640
3641                 /* save the supp_rates of the ap */
3642                 sta_rate_set = sta->supp_rates[wl->hw->conf.channel->band];
3643                 if (sta->ht_cap.ht_supported)
3644                         sta_rate_set |=
3645                             (sta->ht_cap.mcs.rx_mask[0] << HW_HT_RATES_OFFSET);
3646                 sta_ht_cap = sta->ht_cap;
3647                 sta_exists = true;
3648
3649 sta_not_found:
3650                 rcu_read_unlock();
3651         }
3652
3653         if ((changed & BSS_CHANGED_ASSOC)) {
3654                 if (bss_conf->assoc) {
3655                         u32 rates;
3656                         int ieoffset;
3657                         wlvif->aid = bss_conf->aid;
3658                         set_assoc = true;
3659
3660                         wlvif->ps_poll_failures = 0;
3661
3662                         /*
3663                          * use basic rates from AP, and determine lowest rate
3664                          * to use with control frames.
3665                          */
3666                         rates = bss_conf->basic_rates;
3667                         wlvif->basic_rate_set =
3668                                 wl1271_tx_enabled_rates_get(wl, rates,
3669                                                             wlvif->band);
3670                         wlvif->basic_rate =
3671                                 wl1271_tx_min_rate_get(wl,
3672                                                        wlvif->basic_rate_set);
3673                         if (sta_rate_set)
3674                                 wlvif->rate_set =
3675                                         wl1271_tx_enabled_rates_get(wl,
3676                                                                 sta_rate_set,
3677                                                                 wlvif->band);
3678                         ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3679                         if (ret < 0)
3680                                 goto out;
3681
3682                         /*
3683                          * with wl1271, we don't need to update the
3684                          * beacon_int and dtim_period, because the firmware
3685                          * updates it by itself when the first beacon is
3686                          * received after a join.
3687                          */
3688                         ret = wl1271_cmd_build_ps_poll(wl, wlvif, wlvif->aid);
3689                         if (ret < 0)
3690                                 goto out;
3691
3692                         /*
3693                          * Get a template for hardware connection maintenance
3694                          */
3695                         dev_kfree_skb(wlvif->probereq);
3696                         wlvif->probereq = wl1271_cmd_build_ap_probe_req(wl,
3697                                                                         wlvif,
3698                                                                         NULL);
3699                         ieoffset = offsetof(struct ieee80211_mgmt,
3700                                             u.probe_req.variable);
3701                         wl1271_ssid_set(vif, wlvif->probereq, ieoffset);
3702
3703                         /* enable the connection monitoring feature */
3704                         ret = wl1271_acx_conn_monit_params(wl, wlvif, true);
3705                         if (ret < 0)
3706                                 goto out;
3707                 } else {
3708                         /* use defaults when not associated */
3709                         bool was_assoc =
3710                             !!test_and_clear_bit(WLVIF_FLAG_STA_ASSOCIATED,
3711                                                  &wlvif->flags);
3712                         bool was_ifup =
3713                             !!test_and_clear_bit(WLVIF_FLAG_STA_STATE_SENT,
3714                                                  &wlvif->flags);
3715                         wlvif->aid = 0;
3716
3717                         /* free probe-request template */
3718                         dev_kfree_skb(wlvif->probereq);
3719                         wlvif->probereq = NULL;
3720
3721                         /* re-enable dynamic ps - just in case */
3722                         ieee80211_enable_dyn_ps(vif);
3723
3724                         /* revert back to minimum rates for the current band */
3725                         wl1271_set_band_rate(wl, wlvif);
3726                         wlvif->basic_rate =
3727                                 wl1271_tx_min_rate_get(wl,
3728                                                        wlvif->basic_rate_set);
3729                         ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3730                         if (ret < 0)
3731                                 goto out;
3732
3733                         /* disable connection monitor features */
3734                         ret = wl1271_acx_conn_monit_params(wl, wlvif, false);
3735
3736                         /* Disable the keep-alive feature */
3737                         ret = wl1271_acx_keep_alive_mode(wl, wlvif, false);
3738                         if (ret < 0)
3739                                 goto out;
3740
3741                         /* restore the bssid filter and go to dummy bssid */
3742                         if (was_assoc) {
3743                                 u32 conf_flags = wl->hw->conf.flags;
3744                                 /*
3745                                  * we might have to disable roc, if there was
3746                                  * no IF_OPER_UP notification.
3747                                  */
3748                                 if (!was_ifup) {
3749                                         ret = wl12xx_croc(wl, wlvif->role_id);
3750                                         if (ret < 0)
3751                                                 goto out;
3752                                 }
3753                                 /*
3754                                  * (we also need to disable roc in case of
3755                                  * roaming on the same channel. until we will
3756                                  * have a better flow...)
3757                                  */
3758                                 if (test_bit(wlvif->dev_role_id, wl->roc_map)) {
3759                                         ret = wl12xx_croc(wl,
3760                                                           wlvif->dev_role_id);
3761                                         if (ret < 0)
3762                                                 goto out;
3763                                 }
3764
3765                                 wl1271_unjoin(wl, wlvif);
3766                                 if (!(conf_flags & IEEE80211_CONF_IDLE))
3767                                         wl12xx_start_dev(wl, wlvif);
3768                         }
3769                 }
3770         }
3771
3772         if (changed & BSS_CHANGED_IBSS) {
3773                 wl1271_debug(DEBUG_ADHOC, "ibss_joined: %d",
3774                              bss_conf->ibss_joined);
3775
3776                 if (bss_conf->ibss_joined) {
3777                         u32 rates = bss_conf->basic_rates;
3778                         wlvif->basic_rate_set =
3779                                 wl1271_tx_enabled_rates_get(wl, rates,
3780                                                             wlvif->band);
3781                         wlvif->basic_rate =
3782                                 wl1271_tx_min_rate_get(wl,
3783                                                        wlvif->basic_rate_set);
3784
3785                         /* by default, use 11b + OFDM rates */
3786                         wlvif->rate_set = CONF_TX_IBSS_DEFAULT_RATES;
3787                         ret = wl1271_acx_sta_rate_policies(wl, wlvif);
3788                         if (ret < 0)
3789                                 goto out;
3790                 }
3791         }
3792
3793         ret = wl1271_bss_erp_info_changed(wl, vif, bss_conf, changed);
3794         if (ret < 0)
3795                 goto out;
3796
3797         if (changed & BSS_CHANGED_ARP_FILTER) {
3798                 __be32 addr = bss_conf->arp_addr_list[0];
3799                 WARN_ON(wlvif->bss_type != BSS_TYPE_STA_BSS);
3800
3801                 if (bss_conf->arp_addr_cnt == 1 &&
3802                     bss_conf->arp_filter_enabled) {
3803                         /*
3804                          * The template should have been configured only upon
3805                          * association. however, it seems that the correct ip
3806                          * isn't being set (when sending), so we have to
3807                          * reconfigure the template upon every ip change.
3808                          */
3809                         ret = wl1271_cmd_build_arp_rsp(wl, wlvif, addr);
3810                         if (ret < 0) {
3811                                 wl1271_warning("build arp rsp failed: %d", ret);
3812                                 goto out;
3813                         }
3814
3815                         ret = wl1271_acx_arp_ip_filter(wl, wlvif,
3816                                 ACX_ARP_FILTER_ARP_FILTERING,
3817                                 addr);
3818                 } else
3819                         ret = wl1271_acx_arp_ip_filter(wl, wlvif, 0, addr);
3820
3821                 if (ret < 0)
3822                         goto out;
3823         }
3824
3825         if (do_join) {
3826                 ret = wl1271_join(wl, wlvif, set_assoc);
3827                 if (ret < 0) {
3828                         wl1271_warning("cmd join failed %d", ret);
3829                         goto out;
3830                 }
3831
3832                 /* ROC until connected (after EAPOL exchange) */
3833                 if (!is_ibss) {
3834                         ret = wl12xx_roc(wl, wlvif, wlvif->role_id);
3835                         if (ret < 0)
3836                                 goto out;
3837
3838                         wl1271_check_operstate(wl, wlvif,
3839                                                ieee80211_get_operstate(vif));
3840                 }
3841                 /*
3842                  * stop device role if started (we might already be in
3843                  * STA role). TODO: make it better.
3844                  */
3845                 if (wlvif->dev_role_id != WL12XX_INVALID_ROLE_ID) {
3846                         ret = wl12xx_stop_dev(wl, wlvif);
3847                         if (ret < 0)
3848                                 goto out;
3849                 }
3850
3851                 /* If we want to go in PSM but we're not there yet */
3852                 if (test_bit(WLVIF_FLAG_PSM_REQUESTED, &wlvif->flags) &&
3853                     !test_bit(WLVIF_FLAG_PSM, &wlvif->flags)) {
3854                         enum wl1271_cmd_ps_mode mode;
3855
3856                         mode = STATION_POWER_SAVE_MODE;
3857                         ret = wl1271_ps_set_mode(wl, wlvif, mode,
3858                                                  wlvif->basic_rate,
3859                                                  true);
3860                         if (ret < 0)
3861                                 goto out;
3862                 }
3863         }
3864
3865         /* Handle new association with HT. Do this after join. */
3866         if (sta_exists) {
3867                 if ((changed & BSS_CHANGED_HT) &&
3868                     (bss_conf->channel_type != NL80211_CHAN_NO_HT)) {
3869                         ret = wl1271_acx_set_ht_capabilities(wl,
3870                                                              &sta_ht_cap,
3871                                                              true,
3872                                                              wlvif->sta.hlid);
3873                         if (ret < 0) {
3874                                 wl1271_warning("Set ht cap true failed %d",
3875                                                ret);
3876                                 goto out;
3877                         }
3878                 }
3879                 /* handle new association without HT and disassociation */
3880                 else if (changed & BSS_CHANGED_ASSOC) {
3881                         ret = wl1271_acx_set_ht_capabilities(wl,
3882                                                              &sta_ht_cap,
3883                                                              false,
3884                                                              wlvif->sta.hlid);
3885                         if (ret < 0) {
3886                                 wl1271_warning("Set ht cap false failed %d",
3887                                                ret);
3888                                 goto out;
3889                         }
3890                 }
3891         }
3892
3893         /* Handle HT information change. Done after join. */
3894         if ((changed & BSS_CHANGED_HT) &&
3895             (bss_conf->channel_type != NL80211_CHAN_NO_HT)) {
3896                 ret = wl1271_acx_set_ht_information(wl, wlvif,
3897                                         bss_conf->ht_operation_mode);
3898                 if (ret < 0) {
3899                         wl1271_warning("Set ht information failed %d", ret);
3900                         goto out;
3901                 }
3902         }
3903
3904 out:
3905         return;
3906 }
3907
3908 static void wl1271_op_bss_info_changed(struct ieee80211_hw *hw,
3909                                        struct ieee80211_vif *vif,
3910                                        struct ieee80211_bss_conf *bss_conf,
3911                                        u32 changed)
3912 {
3913         struct wl1271 *wl = hw->priv;
3914         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3915         bool is_ap = (wlvif->bss_type == BSS_TYPE_AP_BSS);
3916         int ret;
3917
3918         wl1271_debug(DEBUG_MAC80211, "mac80211 bss info changed 0x%x",
3919                      (int)changed);
3920
3921         mutex_lock(&wl->mutex);
3922
3923         if (unlikely(wl->state == WL1271_STATE_OFF))
3924                 goto out;
3925
3926         if (unlikely(!test_bit(WLVIF_FLAG_INITIALIZED, &wlvif->flags)))
3927                 goto out;
3928
3929         ret = wl1271_ps_elp_wakeup(wl);
3930         if (ret < 0)
3931                 goto out;
3932
3933         if (is_ap)
3934                 wl1271_bss_info_changed_ap(wl, vif, bss_conf, changed);
3935         else
3936                 wl1271_bss_info_changed_sta(wl, vif, bss_conf, changed);
3937
3938         wl1271_ps_elp_sleep(wl);
3939
3940 out:
3941         mutex_unlock(&wl->mutex);
3942 }
3943
3944 static int wl1271_op_conf_tx(struct ieee80211_hw *hw,
3945                              struct ieee80211_vif *vif, u16 queue,
3946                              const struct ieee80211_tx_queue_params *params)
3947 {
3948         struct wl1271 *wl = hw->priv;
3949         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
3950         u8 ps_scheme;
3951         int ret = 0;
3952
3953         mutex_lock(&wl->mutex);
3954
3955         wl1271_debug(DEBUG_MAC80211, "mac80211 conf tx %d", queue);
3956
3957         if (params->uapsd)
3958                 ps_scheme = CONF_PS_SCHEME_UPSD_TRIGGER;
3959         else
3960                 ps_scheme = CONF_PS_SCHEME_LEGACY;
3961
3962         if (wl->state == WL1271_STATE_OFF) {
3963                 /*
3964                  * If the state is off, the parameters will be recorded and
3965                  * configured on init. This happens in AP-mode.
3966                  */
3967                 struct conf_tx_ac_category *conf_ac =
3968                         &wl->conf.tx.ac_conf[wl1271_tx_get_queue(queue)];
3969                 struct conf_tx_tid *conf_tid =
3970                         &wl->conf.tx.tid_conf[wl1271_tx_get_queue(queue)];
3971
3972                 conf_ac->ac = wl1271_tx_get_queue(queue);
3973                 conf_ac->cw_min = (u8)params->cw_min;
3974                 conf_ac->cw_max = params->cw_max;
3975                 conf_ac->aifsn = params->aifs;
3976                 conf_ac->tx_op_limit = params->txop << 5;
3977
3978                 conf_tid->queue_id = wl1271_tx_get_queue(queue);
3979                 conf_tid->channel_type = CONF_CHANNEL_TYPE_EDCF;
3980                 conf_tid->tsid = wl1271_tx_get_queue(queue);
3981                 conf_tid->ps_scheme = ps_scheme;
3982                 conf_tid->ack_policy = CONF_ACK_POLICY_LEGACY;
3983                 conf_tid->apsd_conf[0] = 0;
3984                 conf_tid->apsd_conf[1] = 0;
3985                 goto out;
3986         }
3987
3988         ret = wl1271_ps_elp_wakeup(wl);
3989         if (ret < 0)
3990                 goto out;
3991
3992         /*
3993          * the txop is confed in units of 32us by the mac80211,
3994          * we need us
3995          */
3996         ret = wl1271_acx_ac_cfg(wl, wlvif, wl1271_tx_get_queue(queue),
3997                                 params->cw_min, params->cw_max,
3998                                 params->aifs, params->txop << 5);
3999         if (ret < 0)
4000                 goto out_sleep;
4001
4002         ret = wl1271_acx_tid_cfg(wl, wlvif, wl1271_tx_get_queue(queue),
4003                                  CONF_CHANNEL_TYPE_EDCF,
4004                                  wl1271_tx_get_queue(queue),
4005                                  ps_scheme, CONF_ACK_POLICY_LEGACY,
4006                                  0, 0);
4007
4008 out_sleep:
4009         wl1271_ps_elp_sleep(wl);
4010
4011 out:
4012         mutex_unlock(&wl->mutex);
4013
4014         return ret;
4015 }
4016
4017 static u64 wl1271_op_get_tsf(struct ieee80211_hw *hw,
4018                              struct ieee80211_vif *vif)
4019 {
4020
4021         struct wl1271 *wl = hw->priv;
4022         u64 mactime = ULLONG_MAX;
4023         int ret;
4024
4025         wl1271_debug(DEBUG_MAC80211, "mac80211 get tsf");
4026
4027         mutex_lock(&wl->mutex);
4028
4029         if (unlikely(wl->state == WL1271_STATE_OFF))
4030                 goto out;
4031
4032         ret = wl1271_ps_elp_wakeup(wl);
4033         if (ret < 0)
4034                 goto out;
4035
4036         ret = wl1271_acx_tsf_info(wl, &mactime);
4037         if (ret < 0)
4038                 goto out_sleep;
4039
4040 out_sleep:
4041         wl1271_ps_elp_sleep(wl);
4042
4043 out:
4044         mutex_unlock(&wl->mutex);
4045         return mactime;
4046 }
4047
4048 static int wl1271_op_get_survey(struct ieee80211_hw *hw, int idx,
4049                                 struct survey_info *survey)
4050 {
4051         struct wl1271 *wl = hw->priv;
4052         struct ieee80211_conf *conf = &hw->conf;
4053
4054         if (idx != 0)
4055                 return -ENOENT;
4056
4057         survey->channel = conf->channel;
4058         survey->filled = SURVEY_INFO_NOISE_DBM;
4059         survey->noise = wl->noise;
4060
4061         return 0;
4062 }
4063
4064 static int wl1271_allocate_sta(struct wl1271 *wl,
4065                              struct wl12xx_vif *wlvif,
4066                              struct ieee80211_sta *sta)
4067 {
4068         struct wl1271_station *wl_sta;
4069         int ret;
4070
4071
4072         if (wl->active_sta_count >= AP_MAX_STATIONS) {
4073                 wl1271_warning("could not allocate HLID - too much stations");
4074                 return -EBUSY;
4075         }
4076
4077         wl_sta = (struct wl1271_station *)sta->drv_priv;
4078         ret = wl12xx_allocate_link(wl, wlvif, &wl_sta->hlid);
4079         if (ret < 0) {
4080                 wl1271_warning("could not allocate HLID - too many links");
4081                 return -EBUSY;
4082         }
4083
4084         set_bit(wl_sta->hlid, wlvif->ap.sta_hlid_map);
4085         memcpy(wl->links[wl_sta->hlid].addr, sta->addr, ETH_ALEN);
4086         wl->active_sta_count++;
4087         return 0;
4088 }
4089
4090 void wl1271_free_sta(struct wl1271 *wl, struct wl12xx_vif *wlvif, u8 hlid)
4091 {
4092         if (!test_bit(hlid, wlvif->ap.sta_hlid_map))
4093                 return;
4094
4095         clear_bit(hlid, wlvif->ap.sta_hlid_map);
4096         memset(wl->links[hlid].addr, 0, ETH_ALEN);
4097         wl->links[hlid].ba_bitmap = 0;
4098         wl1271_tx_reset_link_queues(wl, hlid);
4099         __clear_bit(hlid, &wl->ap_ps_map);
4100         __clear_bit(hlid, (unsigned long *)&wl->ap_fw_ps_map);
4101         wl12xx_free_link(wl, wlvif, &hlid);
4102         wl->active_sta_count--;
4103 }
4104
4105 static int wl1271_op_sta_add(struct ieee80211_hw *hw,
4106                              struct ieee80211_vif *vif,
4107                              struct ieee80211_sta *sta)
4108 {
4109         struct wl1271 *wl = hw->priv;
4110         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4111         struct wl1271_station *wl_sta;
4112         int ret = 0;
4113         u8 hlid;
4114
4115         mutex_lock(&wl->mutex);
4116
4117         if (unlikely(wl->state == WL1271_STATE_OFF))
4118                 goto out;
4119
4120         if (wlvif->bss_type != BSS_TYPE_AP_BSS)
4121                 goto out;
4122
4123         wl1271_debug(DEBUG_MAC80211, "mac80211 add sta %d", (int)sta->aid);
4124
4125         ret = wl1271_allocate_sta(wl, wlvif, sta);
4126         if (ret < 0)
4127                 goto out;
4128
4129         wl_sta = (struct wl1271_station *)sta->drv_priv;
4130         hlid = wl_sta->hlid;
4131
4132         ret = wl1271_ps_elp_wakeup(wl);
4133         if (ret < 0)
4134                 goto out_free_sta;
4135
4136         ret = wl12xx_cmd_add_peer(wl, wlvif, sta, hlid);
4137         if (ret < 0)
4138                 goto out_sleep;
4139
4140         ret = wl12xx_cmd_set_peer_state(wl, hlid);
4141         if (ret < 0)
4142                 goto out_sleep;
4143
4144         ret = wl1271_acx_set_ht_capabilities(wl, &sta->ht_cap, true, hlid);
4145         if (ret < 0)
4146                 goto out_sleep;
4147
4148 out_sleep:
4149         wl1271_ps_elp_sleep(wl);
4150
4151 out_free_sta:
4152         if (ret < 0)
4153                 wl1271_free_sta(wl, wlvif, hlid);
4154
4155 out:
4156         mutex_unlock(&wl->mutex);
4157         return ret;
4158 }
4159
4160 static int wl1271_op_sta_remove(struct ieee80211_hw *hw,
4161                                 struct ieee80211_vif *vif,
4162                                 struct ieee80211_sta *sta)
4163 {
4164         struct wl1271 *wl = hw->priv;
4165         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4166         struct wl1271_station *wl_sta;
4167         int ret = 0, id;
4168
4169         mutex_lock(&wl->mutex);
4170
4171         if (unlikely(wl->state == WL1271_STATE_OFF))
4172                 goto out;
4173
4174         if (wlvif->bss_type != BSS_TYPE_AP_BSS)
4175                 goto out;
4176
4177         wl1271_debug(DEBUG_MAC80211, "mac80211 remove sta %d", (int)sta->aid);
4178
4179         wl_sta = (struct wl1271_station *)sta->drv_priv;
4180         id = wl_sta->hlid;
4181         if (WARN_ON(!test_bit(id, wlvif->ap.sta_hlid_map)))
4182                 goto out;
4183
4184         ret = wl1271_ps_elp_wakeup(wl);
4185         if (ret < 0)
4186                 goto out;
4187
4188         ret = wl12xx_cmd_remove_peer(wl, wl_sta->hlid);
4189         if (ret < 0)
4190                 goto out_sleep;
4191
4192         wl1271_free_sta(wl, wlvif, wl_sta->hlid);
4193
4194 out_sleep:
4195         wl1271_ps_elp_sleep(wl);
4196
4197 out:
4198         mutex_unlock(&wl->mutex);
4199         return ret;
4200 }
4201
4202 static int wl1271_op_ampdu_action(struct ieee80211_hw *hw,
4203                                   struct ieee80211_vif *vif,
4204                                   enum ieee80211_ampdu_mlme_action action,
4205                                   struct ieee80211_sta *sta, u16 tid, u16 *ssn,
4206                                   u8 buf_size)
4207 {
4208         struct wl1271 *wl = hw->priv;
4209         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4210         int ret;
4211         u8 hlid, *ba_bitmap;
4212
4213         wl1271_debug(DEBUG_MAC80211, "mac80211 ampdu action %d tid %d", action,
4214                      tid);
4215
4216         /* sanity check - the fields in FW are only 8bits wide */
4217         if (WARN_ON(tid > 0xFF))
4218                 return -ENOTSUPP;
4219
4220         mutex_lock(&wl->mutex);
4221
4222         if (unlikely(wl->state == WL1271_STATE_OFF)) {
4223                 ret = -EAGAIN;
4224                 goto out;
4225         }
4226
4227         if (wlvif->bss_type == BSS_TYPE_STA_BSS) {
4228                 hlid = wlvif->sta.hlid;
4229                 ba_bitmap = &wlvif->sta.ba_rx_bitmap;
4230         } else if (wlvif->bss_type == BSS_TYPE_AP_BSS) {
4231                 struct wl1271_station *wl_sta;
4232
4233                 wl_sta = (struct wl1271_station *)sta->drv_priv;
4234                 hlid = wl_sta->hlid;
4235                 ba_bitmap = &wl->links[hlid].ba_bitmap;
4236         } else {
4237                 ret = -EINVAL;
4238                 goto out;
4239         }
4240
4241         ret = wl1271_ps_elp_wakeup(wl);
4242         if (ret < 0)
4243                 goto out;
4244
4245         wl1271_debug(DEBUG_MAC80211, "mac80211 ampdu: Rx tid %d action %d",
4246                      tid, action);
4247
4248         switch (action) {
4249         case IEEE80211_AMPDU_RX_START:
4250                 if (!wlvif->ba_support || !wlvif->ba_allowed) {
4251                         ret = -ENOTSUPP;
4252                         break;
4253                 }
4254
4255                 if (wl->ba_rx_session_count >= RX_BA_MAX_SESSIONS) {
4256                         ret = -EBUSY;
4257                         wl1271_error("exceeded max RX BA sessions");
4258                         break;
4259                 }
4260
4261                 if (*ba_bitmap & BIT(tid)) {
4262                         ret = -EINVAL;
4263                         wl1271_error("cannot enable RX BA session on active "
4264                                      "tid: %d", tid);
4265                         break;
4266                 }
4267
4268                 ret = wl12xx_acx_set_ba_receiver_session(wl, tid, *ssn, true,
4269                                                          hlid);
4270                 if (!ret) {
4271                         *ba_bitmap |= BIT(tid);
4272                         wl->ba_rx_session_count++;
4273                 }
4274                 break;
4275
4276         case IEEE80211_AMPDU_RX_STOP:
4277                 if (!(*ba_bitmap & BIT(tid))) {
4278                         ret = -EINVAL;
4279                         wl1271_error("no active RX BA session on tid: %d",
4280                                      tid);
4281                         break;
4282                 }
4283
4284                 ret = wl12xx_acx_set_ba_receiver_session(wl, tid, 0, false,
4285                                                          hlid);
4286                 if (!ret) {
4287                         *ba_bitmap &= ~BIT(tid);
4288                         wl->ba_rx_session_count--;
4289                 }
4290                 break;
4291
4292         /*
4293          * The BA initiator session management in FW independently.
4294          * Falling break here on purpose for all TX APDU commands.
4295          */
4296         case IEEE80211_AMPDU_TX_START:
4297         case IEEE80211_AMPDU_TX_STOP:
4298         case IEEE80211_AMPDU_TX_OPERATIONAL:
4299                 ret = -EINVAL;
4300                 break;
4301
4302         default:
4303                 wl1271_error("Incorrect ampdu action id=%x\n", action);
4304                 ret = -EINVAL;
4305         }
4306
4307         wl1271_ps_elp_sleep(wl);
4308
4309 out:
4310         mutex_unlock(&wl->mutex);
4311
4312         return ret;
4313 }
4314
4315 static int wl12xx_set_bitrate_mask(struct ieee80211_hw *hw,
4316                                    struct ieee80211_vif *vif,
4317                                    const struct cfg80211_bitrate_mask *mask)
4318 {
4319         struct wl12xx_vif *wlvif = wl12xx_vif_to_data(vif);
4320         struct wl1271 *wl = hw->priv;
4321         int i, ret = 0;
4322
4323         wl1271_debug(DEBUG_MAC80211, "mac80211 set_bitrate_mask 0x%x 0x%x",
4324                 mask->control[NL80211_BAND_2GHZ].legacy,
4325                 mask->control[NL80211_BAND_5GHZ].legacy);
4326
4327         mutex_lock(&wl->mutex);
4328
4329         for (i = 0; i < IEEE80211_NUM_BANDS; i++)
4330                 wlvif->bitrate_masks[i] =
4331                         wl1271_tx_enabled_rates_get(wl,
4332                                                     mask->control[i].legacy,
4333                                                     i);
4334
4335         if (unlikely(wl->state == WL1271_STATE_OFF))
4336                 goto out;
4337
4338         if (wlvif->bss_type == BSS_TYPE_STA_BSS &&
4339             !test_bit(WLVIF_FLAG_STA_ASSOCIATED, &wlvif->flags)) {
4340
4341                 ret = wl1271_ps_elp_wakeup(wl);
4342                 if (ret < 0)
4343                         goto out;
4344
4345                 wl1271_set_band_rate(wl, wlvif);
4346                 wlvif->basic_rate =
4347                         wl1271_tx_min_rate_get(wl, wlvif->basic_rate_set);
4348                 ret = wl1271_acx_sta_rate_policies(wl, wlvif);
4349
4350                 wl1271_ps_elp_sleep(wl);
4351         }
4352 out:
4353         mutex_unlock(&wl->mutex);
4354
4355         return ret;
4356 }
4357
4358 static void wl12xx_op_channel_switch(struct ieee80211_hw *hw,
4359                                      struct ieee80211_channel_switch *ch_switch)
4360 {
4361         struct wl1271 *wl = hw->priv;
4362         struct wl12xx_vif *wlvif;
4363         int ret;
4364
4365         wl1271_debug(DEBUG_MAC80211, "mac80211 channel switch");
4366
4367         mutex_lock(&wl->mutex);
4368
4369         if (unlikely(wl->state == WL1271_STATE_OFF)) {
4370                 wl12xx_for_each_wlvif_sta(wl, wlvif) {
4371                         struct ieee80211_vif *vif = wl12xx_wlvif_to_vif(wlvif);
4372                         ieee80211_chswitch_done(vif, false);
4373                 }
4374                 goto out;
4375         }
4376
4377         ret = wl1271_ps_elp_wakeup(wl);
4378         if (ret < 0)
4379                 goto out;
4380
4381         /* TODO: change mac80211 to pass vif as param */
4382         wl12xx_for_each_wlvif_sta(wl, wlvif) {
4383                 ret = wl12xx_cmd_channel_switch(wl, ch_switch);
4384
4385                 if (!ret)
4386                         set_bit(WLVIF_FLAG_CS_PROGRESS, &wlvif->flags);
4387         }
4388
4389         wl1271_ps_elp_sleep(wl);
4390
4391 out:
4392         mutex_unlock(&wl->mutex);
4393 }
4394
4395 static bool wl1271_tx_frames_pending(struct ieee80211_hw *hw)
4396 {
4397         struct wl1271 *wl = hw->priv;
4398         bool ret = false;
4399
4400         mutex_lock(&wl->mutex);
4401
4402         if (unlikely(wl->state == WL1271_STATE_OFF))
4403                 goto out;
4404
4405         /* packets are considered pending if in the TX queue or the FW */
4406         ret = (wl1271_tx_total_queue_count(wl) > 0) || (wl->tx_frames_cnt > 0);
4407 out:
4408         mutex_unlock(&wl->mutex);
4409
4410         return ret;
4411 }
4412
4413 /* can't be const, mac80211 writes to this */
4414 static struct ieee80211_rate wl1271_rates[] = {
4415         { .bitrate = 10,
4416           .hw_value = CONF_HW_BIT_RATE_1MBPS,
4417           .hw_value_short = CONF_HW_BIT_RATE_1MBPS, },
4418         { .bitrate = 20,
4419           .hw_value = CONF_HW_BIT_RATE_2MBPS,
4420           .hw_value_short = CONF_HW_BIT_RATE_2MBPS,
4421           .flags = IEEE80211_RATE_SHORT_PREAMBLE },
4422         { .bitrate = 55,
4423           .hw_value = CONF_HW_BIT_RATE_5_5MBPS,
4424           .hw_value_short = CONF_HW_BIT_RATE_5_5MBPS,
4425           .flags = IEEE80211_RATE_SHORT_PREAMBLE },
4426         { .bitrate = 110,
4427           .hw_value = CONF_HW_BIT_RATE_11MBPS,
4428           .hw_value_short = CONF_HW_BIT_RATE_11MBPS,
4429           .flags = IEEE80211_RATE_SHORT_PREAMBLE },
4430         { .bitrate = 60,
4431           .hw_value = CONF_HW_BIT_RATE_6MBPS,
4432           .hw_value_short = CONF_HW_BIT_RATE_6MBPS, },
4433         { .bitrate = 90,
4434           .hw_value = CONF_HW_BIT_RATE_9MBPS,
4435           .hw_value_short = CONF_HW_BIT_RATE_9MBPS, },
4436         { .bitrate = 120,
4437           .hw_value = CONF_HW_BIT_RATE_12MBPS,
4438           .hw_value_short = CONF_HW_BIT_RATE_12MBPS, },
4439         { .bitrate = 180,
4440           .hw_value = CONF_HW_BIT_RATE_18MBPS,
4441           .hw_value_short = CONF_HW_BIT_RATE_18MBPS, },
4442         { .bitrate = 240,
4443           .hw_value = CONF_HW_BIT_RATE_24MBPS,
4444           .hw_value_short = CONF_HW_BIT_RATE_24MBPS, },
4445         { .bitrate = 360,
4446          .hw_value = CONF_HW_BIT_RATE_36MBPS,
4447          .hw_value_short = CONF_HW_BIT_RATE_36MBPS, },
4448         { .bitrate = 480,
4449           .hw_value = CONF_HW_BIT_RATE_48MBPS,
4450           .hw_value_short = CONF_HW_BIT_RATE_48MBPS, },
4451         { .bitrate = 540,
4452           .hw_value = CONF_HW_BIT_RATE_54MBPS,
4453           .hw_value_short = CONF_HW_BIT_RATE_54MBPS, },
4454 };
4455
4456 /* can't be const, mac80211 writes to this */
4457 static struct ieee80211_channel wl1271_channels[] = {
4458         { .hw_value = 1, .center_freq = 2412, .max_power = 25 },
4459         { .hw_value = 2, .center_freq = 2417, .max_power = 25 },
4460         { .hw_value = 3, .center_freq = 2422, .max_power = 25 },
4461         { .hw_value = 4, .center_freq = 2427, .max_power = 25 },
4462         { .hw_value = 5, .center_freq = 2432, .max_power = 25 },
4463         { .hw_value = 6, .center_freq = 2437, .max_power = 25 },
4464         { .hw_value = 7, .center_freq = 2442, .max_power = 25 },
4465         { .hw_value = 8, .center_freq = 2447, .max_power = 25 },
4466         { .hw_value = 9, .center_freq = 2452, .max_power = 25 },
4467         { .hw_value = 10, .center_freq = 2457, .max_power = 25 },
4468         { .hw_value = 11, .center_freq = 2462, .max_power = 25 },
4469         { .hw_value = 12, .center_freq = 2467, .max_power = 25 },
4470         { .hw_value = 13, .center_freq = 2472, .max_power = 25 },
4471         { .hw_value = 14, .center_freq = 2484, .max_power = 25 },
4472 };
4473
4474 /* mapping to indexes for wl1271_rates */
4475 static const u8 wl1271_rate_to_idx_2ghz[] = {
4476         /* MCS rates are used only with 11n */
4477         7,                            /* CONF_HW_RXTX_RATE_MCS7 */
4478         6,                            /* CONF_HW_RXTX_RATE_MCS6 */
4479         5,                            /* CONF_HW_RXTX_RATE_MCS5 */
4480         4,                            /* CONF_HW_RXTX_RATE_MCS4 */
4481         3,                            /* CONF_HW_RXTX_RATE_MCS3 */
4482         2,                            /* CONF_HW_RXTX_RATE_MCS2 */
4483         1,                            /* CONF_HW_RXTX_RATE_MCS1 */
4484         0,                            /* CONF_HW_RXTX_RATE_MCS0 */
4485
4486         11,                            /* CONF_HW_RXTX_RATE_54   */
4487         10,                            /* CONF_HW_RXTX_RATE_48   */
4488         9,                             /* CONF_HW_RXTX_RATE_36   */
4489         8,                             /* CONF_HW_RXTX_RATE_24   */
4490
4491         /* TI-specific rate */
4492         CONF_HW_RXTX_RATE_UNSUPPORTED, /* CONF_HW_RXTX_RATE_22   */
4493
4494         7,                             /* CONF_HW_RXTX_RATE_18   */
4495         6,                             /* CONF_HW_RXTX_RATE_12   */
4496         3,                             /* CONF_HW_RXTX_RATE_11   */
4497         5,                             /* CONF_HW_RXTX_RATE_9    */
4498         4,                             /* CONF_HW_RXTX_RATE_6    */
4499         2,                             /* CONF_HW_RXTX_RATE_5_5  */
4500         1,                             /* CONF_HW_RXTX_RATE_2    */
4501         0                              /* CONF_HW_RXTX_RATE_1    */
4502 };
4503
4504 /* 11n STA capabilities */
4505 #define HW_RX_HIGHEST_RATE      72
4506
4507 #define WL12XX_HT_CAP { \
4508         .cap = IEEE80211_HT_CAP_GRN_FLD | IEEE80211_HT_CAP_SGI_20 | \
4509                (1 << IEEE80211_HT_CAP_RX_STBC_SHIFT), \
4510         .ht_supported = true, \
4511         .ampdu_factor = IEEE80211_HT_MAX_AMPDU_8K, \
4512         .ampdu_density = IEEE80211_HT_MPDU_DENSITY_8, \
4513         .mcs = { \
4514                 .rx_mask = { 0xff, 0, 0, 0, 0, 0, 0, 0, 0, 0, }, \
4515                 .rx_highest = cpu_to_le16(HW_RX_HIGHEST_RATE), \
4516                 .tx_params = IEEE80211_HT_MCS_TX_DEFINED, \
4517                 }, \
4518 }
4519
4520 /* can't be const, mac80211 writes to this */
4521 static struct ieee80211_supported_band wl1271_band_2ghz = {
4522         .channels = wl1271_channels,
4523         .n_channels = ARRAY_SIZE(wl1271_channels),
4524         .bitrates = wl1271_rates,
4525         .n_bitrates = ARRAY_SIZE(wl1271_rates),
4526         .ht_cap = WL12XX_HT_CAP,
4527 };
4528
4529 /* 5 GHz data rates for WL1273 */
4530 static struct ieee80211_rate wl1271_rates_5ghz[] = {
4531         { .bitrate = 60,
4532           .hw_value = CONF_HW_BIT_RATE_6MBPS,
4533           .hw_value_short = CONF_HW_BIT_RATE_6MBPS, },
4534         { .bitrate = 90,
4535           .hw_value = CONF_HW_BIT_RATE_9MBPS,
4536           .hw_value_short = CONF_HW_BIT_RATE_9MBPS, },
4537         { .bitrate = 120,
4538           .hw_value = CONF_HW_BIT_RATE_12MBPS,
4539           .hw_value_short = CONF_HW_BIT_RATE_12MBPS, },
4540         { .bitrate = 180,
4541           .hw_value = CONF_HW_BIT_RATE_18MBPS,
4542           .hw_value_short = CONF_HW_BIT_RATE_18MBPS, },
4543         { .bitrate = 240,
4544           .hw_value = CONF_HW_BIT_RATE_24MBPS,
4545           .hw_value_short = CONF_HW_BIT_RATE_24MBPS, },
4546         { .bitrate = 360,
4547          .hw_value = CONF_HW_BIT_RATE_36MBPS,
4548          .hw_value_short = CONF_HW_BIT_RATE_36MBPS, },
4549         { .bitrate = 480,
4550           .hw_value = CONF_HW_BIT_RATE_48MBPS,
4551           .hw_value_short = CONF_HW_BIT_RATE_48MBPS, },
4552         { .bitrate = 540,
4553           .hw_value = CONF_HW_BIT_RATE_54MBPS,
4554           .hw_value_short = CONF_HW_BIT_RATE_54MBPS, },
4555 };
4556
4557 /* 5 GHz band channels for WL1273 */
4558 static struct ieee80211_channel wl1271_channels_5ghz[] = {
4559         { .hw_value = 7, .center_freq = 5035, .max_power = 25 },
4560         { .hw_value = 8, .center_freq = 5040, .max_power = 25 },
4561         { .hw_value = 9, .center_freq = 5045, .max_power = 25 },
4562         { .hw_value = 11, .center_freq = 5055, .max_power = 25 },
4563         { .hw_value = 12, .center_freq = 5060, .max_power = 25 },
4564         { .hw_value = 16, .center_freq = 5080, .max_power = 25 },
4565         { .hw_value = 34, .center_freq = 5170, .max_power = 25 },
4566         { .hw_value = 36, .center_freq = 5180, .max_power = 25 },
4567         { .hw_value = 38, .center_freq = 5190, .max_power = 25 },
4568         { .hw_value = 40, .center_freq = 5200, .max_power = 25 },
4569         { .hw_value = 42, .center_freq = 5210, .max_power = 25 },
4570         { .hw_value = 44, .center_freq = 5220, .max_power = 25 },
4571         { .hw_value = 46, .center_freq = 5230, .max_power = 25 },
4572         { .hw_value = 48, .center_freq = 5240, .max_power = 25 },
4573         { .hw_value = 52, .center_freq = 5260, .max_power = 25 },
4574         { .hw_value = 56, .center_freq = 5280, .max_power = 25 },
4575         { .hw_value = 60, .center_freq = 5300, .max_power = 25 },
4576         { .hw_value = 64, .center_freq = 5320, .max_power = 25 },
4577         { .hw_value = 100, .center_freq = 5500, .max_power = 25 },
4578         { .hw_value = 104, .center_freq = 5520, .max_power = 25 },
4579         { .hw_value = 108, .center_freq = 5540, .max_power = 25 },
4580         { .hw_value = 112, .center_freq = 5560, .max_power = 25 },
4581         { .hw_value = 116, .center_freq = 5580, .max_power = 25 },
4582         { .hw_value = 120, .center_freq = 5600, .max_power = 25 },
4583         { .hw_value = 124, .center_freq = 5620, .max_power = 25 },
4584         { .hw_value = 128, .center_freq = 5640, .max_power = 25 },
4585         { .hw_value = 132, .center_freq = 5660, .max_power = 25 },
4586         { .hw_value = 136, .center_freq = 5680, .max_power = 25 },
4587         { .hw_value = 140, .center_freq = 5700, .max_power = 25 },
4588         { .hw_value = 149, .center_freq = 5745, .max_power = 25 },
4589         { .hw_value = 153, .center_freq = 5765, .max_power = 25 },
4590         { .hw_value = 157, .center_freq = 5785, .max_power = 25 },
4591         { .hw_value = 161, .center_freq = 5805, .max_power = 25 },
4592         { .hw_value = 165, .center_freq = 5825, .max_power = 25 },
4593 };
4594
4595 /* mapping to indexes for wl1271_rates_5ghz */
4596 static const u8 wl1271_rate_to_idx_5ghz[] = {
4597         /* MCS rates are used only with 11n */
4598         7,                            /* CONF_HW_RXTX_RATE_MCS7 */
4599         6,                            /* CONF_HW_RXTX_RATE_MCS6 */
4600         5,                            /* CONF_HW_RXTX_RATE_MCS5 */
4601         4,                            /* CONF_HW_RXTX_RATE_MCS4 */
4602         3,                            /* CONF_HW_RXTX_RATE_MCS3 */
4603         2,                            /* CONF_HW_RXTX_RATE_MCS2 */
4604         1,                            /* CONF_HW_RXTX_RATE_MCS1 */
4605         0,                            /* CONF_HW_RXTX_RATE_MCS0 */
4606
4607         7,                             /* CONF_HW_RXTX_RATE_54   */
4608         6,                             /* CONF_HW_RXTX_RATE_48   */
4609         5,                             /* CONF_HW_RXTX_RATE_36   */
4610         4,                             /* CONF_HW_RXTX_RATE_24   */
4611
4612         /* TI-specific rate */
4613         CONF_HW_RXTX_RATE_UNSUPPORTED, /* CONF_HW_RXTX_RATE_22   */
4614
4615         3,                             /* CONF_HW_RXTX_RATE_18   */
4616         2,                             /* CONF_HW_RXTX_RATE_12   */
4617         CONF_HW_RXTX_RATE_UNSUPPORTED, /* CONF_HW_RXTX_RATE_11   */
4618         1,                             /* CONF_HW_RXTX_RATE_9    */
4619         0,                             /* CONF_HW_RXTX_RATE_6    */
4620         CONF_HW_RXTX_RATE_UNSUPPORTED, /* CONF_HW_RXTX_RATE_5_5  */
4621         CONF_HW_RXTX_RATE_UNSUPPORTED, /* CONF_HW_RXTX_RATE_2    */
4622         CONF_HW_RXTX_RATE_UNSUPPORTED  /* CONF_HW_RXTX_RATE_1    */
4623 };
4624
4625 static struct ieee80211_supported_band wl1271_band_5ghz = {
4626         .channels = wl1271_channels_5ghz,
4627         .n_channels = ARRAY_SIZE(wl1271_channels_5ghz),
4628         .bitrates = wl1271_rates_5ghz,
4629         .n_bitrates = ARRAY_SIZE(wl1271_rates_5ghz),
4630         .ht_cap = WL12XX_HT_CAP,
4631 };
4632
4633 static const u8 *wl1271_band_rate_to_idx[] = {
4634         [IEEE80211_BAND_2GHZ] = wl1271_rate_to_idx_2ghz,
4635         [IEEE80211_BAND_5GHZ] = wl1271_rate_to_idx_5ghz
4636 };
4637
4638 static const struct ieee80211_ops wl1271_ops = {
4639         .start = wl1271_op_start,
4640         .stop = wl1271_op_stop,
4641         .add_interface = wl1271_op_add_interface,
4642         .remove_interface = wl1271_op_remove_interface,
4643         .change_interface = wl12xx_op_change_interface,
4644 #ifdef CONFIG_PM
4645         .suspend = wl1271_op_suspend,
4646         .resume = wl1271_op_resume,
4647 #endif
4648         .config = wl1271_op_config,
4649         .prepare_multicast = wl1271_op_prepare_multicast,
4650         .configure_filter = wl1271_op_configure_filter,
4651         .tx = wl1271_op_tx,
4652         .set_key = wl1271_op_set_key,
4653         .hw_scan = wl1271_op_hw_scan,
4654         .cancel_hw_scan = wl1271_op_cancel_hw_scan,
4655         .sched_scan_start = wl1271_op_sched_scan_start,
4656         .sched_scan_stop = wl1271_op_sched_scan_stop,
4657         .bss_info_changed = wl1271_op_bss_info_changed,
4658         .set_frag_threshold = wl1271_op_set_frag_threshold,
4659         .set_rts_threshold = wl1271_op_set_rts_threshold,
4660         .conf_tx = wl1271_op_conf_tx,
4661         .get_tsf = wl1271_op_get_tsf,
4662         .get_survey = wl1271_op_get_survey,
4663         .sta_add = wl1271_op_sta_add,
4664         .sta_remove = wl1271_op_sta_remove,
4665         .ampdu_action = wl1271_op_ampdu_action,
4666         .tx_frames_pending = wl1271_tx_frames_pending,
4667         .set_bitrate_mask = wl12xx_set_bitrate_mask,
4668         .channel_switch = wl12xx_op_channel_switch,
4669         CFG80211_TESTMODE_CMD(wl1271_tm_cmd)
4670 };
4671
4672
4673 u8 wl1271_rate_to_idx(int rate, enum ieee80211_band band)
4674 {
4675         u8 idx;
4676
4677         BUG_ON(band >= sizeof(wl1271_band_rate_to_idx)/sizeof(u8 *));
4678
4679         if (unlikely(rate >= CONF_HW_RXTX_RATE_MAX)) {
4680                 wl1271_error("Illegal RX rate from HW: %d", rate);
4681                 return 0;
4682         }
4683
4684         idx = wl1271_band_rate_to_idx[band][rate];
4685         if (unlikely(idx == CONF_HW_RXTX_RATE_UNSUPPORTED)) {
4686                 wl1271_error("Unsupported RX rate from HW: %d", rate);
4687                 return 0;
4688         }
4689
4690         return idx;
4691 }
4692
4693 static ssize_t wl1271_sysfs_show_bt_coex_state(struct device *dev,
4694                                                struct device_attribute *attr,
4695                                                char *buf)
4696 {
4697         struct wl1271 *wl = dev_get_drvdata(dev);
4698         ssize_t len;
4699
4700         len = PAGE_SIZE;
4701
4702         mutex_lock(&wl->mutex);
4703         len = snprintf(buf, len, "%d\n\n0 - off\n1 - on\n",
4704                        wl->sg_enabled);
4705         mutex_unlock(&wl->mutex);
4706
4707         return len;
4708
4709 }
4710
4711 static ssize_t wl1271_sysfs_store_bt_coex_state(struct device *dev,
4712                                                 struct device_attribute *attr,
4713                                                 const char *buf, size_t count)
4714 {
4715         struct wl1271 *wl = dev_get_drvdata(dev);
4716         unsigned long res;
4717         int ret;
4718
4719         ret = kstrtoul(buf, 10, &res);
4720         if (ret < 0) {
4721                 wl1271_warning("incorrect value written to bt_coex_mode");
4722                 return count;
4723         }
4724
4725         mutex_lock(&wl->mutex);
4726
4727         res = !!res;
4728
4729         if (res == wl->sg_enabled)
4730                 goto out;
4731
4732         wl->sg_enabled = res;
4733
4734         if (wl->state == WL1271_STATE_OFF)
4735                 goto out;
4736
4737         ret = wl1271_ps_elp_wakeup(wl);
4738         if (ret < 0)
4739                 goto out;
4740
4741         wl1271_acx_sg_enable(wl, wl->sg_enabled);
4742         wl1271_ps_elp_sleep(wl);
4743
4744  out:
4745         mutex_unlock(&wl->mutex);
4746         return count;
4747 }
4748
4749 static DEVICE_ATTR(bt_coex_state, S_IRUGO | S_IWUSR,
4750                    wl1271_sysfs_show_bt_coex_state,
4751                    wl1271_sysfs_store_bt_coex_state);
4752
4753 static ssize_t wl1271_sysfs_show_hw_pg_ver(struct device *dev,
4754                                            struct device_attribute *attr,
4755                                            char *buf)
4756 {
4757         struct wl1271 *wl = dev_get_drvdata(dev);
4758         ssize_t len;
4759
4760         len = PAGE_SIZE;
4761
4762         mutex_lock(&wl->mutex);
4763         if (wl->hw_pg_ver >= 0)
4764                 len = snprintf(buf, len, "%d\n", wl->hw_pg_ver);
4765         else
4766                 len = snprintf(buf, len, "n/a\n");
4767         mutex_unlock(&wl->mutex);
4768
4769         return len;
4770 }
4771
4772 static DEVICE_ATTR(hw_pg_ver, S_IRUGO,
4773                    wl1271_sysfs_show_hw_pg_ver, NULL);
4774
4775 static ssize_t wl1271_sysfs_read_fwlog(struct file *filp, struct kobject *kobj,
4776                                        struct bin_attribute *bin_attr,
4777                                        char *buffer, loff_t pos, size_t count)
4778 {
4779         struct device *dev = container_of(kobj, struct device, kobj);
4780         struct wl1271 *wl = dev_get_drvdata(dev);
4781         ssize_t len;
4782         int ret;
4783
4784         ret = mutex_lock_interruptible(&wl->mutex);
4785         if (ret < 0)
4786                 return -ERESTARTSYS;
4787
4788         /* Let only one thread read the log at a time, blocking others */
4789         while (wl->fwlog_size == 0) {
4790                 DEFINE_WAIT(wait);
4791
4792                 prepare_to_wait_exclusive(&wl->fwlog_waitq,
4793                                           &wait,
4794                                           TASK_INTERRUPTIBLE);
4795
4796                 if (wl->fwlog_size != 0) {
4797                         finish_wait(&wl->fwlog_waitq, &wait);
4798                         break;
4799                 }
4800
4801                 mutex_unlock(&wl->mutex);
4802
4803                 schedule();
4804                 finish_wait(&wl->fwlog_waitq, &wait);
4805
4806                 if (signal_pending(current))
4807                         return -ERESTARTSYS;
4808
4809                 ret = mutex_lock_interruptible(&wl->mutex);
4810                 if (ret < 0)
4811                         return -ERESTARTSYS;
4812         }
4813
4814         /* Check if the fwlog is still valid */
4815         if (wl->fwlog_size < 0) {
4816                 mutex_unlock(&wl->mutex);
4817                 return 0;
4818         }
4819
4820         /* Seeking is not supported - old logs are not kept. Disregard pos. */
4821         len = min(count, (size_t)wl->fwlog_size);
4822         wl->fwlog_size -= len;
4823         memcpy(buffer, wl->fwlog, len);
4824
4825         /* Make room for new messages */
4826         memmove(wl->fwlog, wl->fwlog + len, wl->fwlog_size);
4827
4828         mutex_unlock(&wl->mutex);
4829
4830         return len;
4831 }
4832
4833 static struct bin_attribute fwlog_attr = {
4834         .attr = {.name = "fwlog", .mode = S_IRUSR},
4835         .read = wl1271_sysfs_read_fwlog,
4836 };
4837
4838 static int wl1271_register_hw(struct wl1271 *wl)
4839 {
4840         int ret;
4841
4842         if (wl->mac80211_registered)
4843                 return 0;
4844
4845         ret = wl1271_fetch_nvs(wl);
4846         if (ret == 0) {
4847                 /* NOTE: The wl->nvs->nvs element must be first, in
4848                  * order to simplify the casting, we assume it is at
4849                  * the beginning of the wl->nvs structure.
4850                  */
4851                 u8 *nvs_ptr = (u8 *)wl->nvs;
4852
4853                 wl->mac_addr[0] = nvs_ptr[11];
4854                 wl->mac_addr[1] = nvs_ptr[10];
4855                 wl->mac_addr[2] = nvs_ptr[6];
4856                 wl->mac_addr[3] = nvs_ptr[5];
4857                 wl->mac_addr[4] = nvs_ptr[4];
4858                 wl->mac_addr[5] = nvs_ptr[3];
4859         }
4860
4861         SET_IEEE80211_PERM_ADDR(wl->hw, wl->mac_addr);
4862
4863         ret = ieee80211_register_hw(wl->hw);
4864         if (ret < 0) {
4865                 wl1271_error("unable to register mac80211 hw: %d", ret);
4866                 return ret;
4867         }
4868
4869         wl->mac80211_registered = true;
4870
4871         wl1271_debugfs_init(wl);
4872
4873         register_netdevice_notifier(&wl1271_dev_notifier);
4874
4875         wl1271_notice("loaded");
4876
4877         return 0;
4878 }
4879
4880 static void wl1271_unregister_hw(struct wl1271 *wl)
4881 {
4882         if (wl->state == WL1271_STATE_PLT)
4883                 __wl1271_plt_stop(wl);
4884
4885         unregister_netdevice_notifier(&wl1271_dev_notifier);
4886         ieee80211_unregister_hw(wl->hw);
4887         wl->mac80211_registered = false;
4888
4889 }
4890
4891 static int wl1271_init_ieee80211(struct wl1271 *wl)
4892 {
4893         static const u32 cipher_suites[] = {
4894                 WLAN_CIPHER_SUITE_WEP40,
4895                 WLAN_CIPHER_SUITE_WEP104,
4896                 WLAN_CIPHER_SUITE_TKIP,
4897                 WLAN_CIPHER_SUITE_CCMP,
4898                 WL1271_CIPHER_SUITE_GEM,
4899         };
4900
4901         /* The tx descriptor buffer and the TKIP space. */
4902         wl->hw->extra_tx_headroom = WL1271_TKIP_IV_SPACE +
4903                 sizeof(struct wl1271_tx_hw_descr);
4904
4905         /* unit us */
4906         /* FIXME: find a proper value */
4907         wl->hw->channel_change_time = 10000;
4908         wl->hw->max_listen_interval = wl->conf.conn.max_listen_interval;
4909
4910         wl->hw->flags = IEEE80211_HW_SIGNAL_DBM |
4911                 IEEE80211_HW_BEACON_FILTER |
4912                 IEEE80211_HW_SUPPORTS_PS |
4913                 IEEE80211_HW_SUPPORTS_UAPSD |
4914                 IEEE80211_HW_HAS_RATE_CONTROL |
4915                 IEEE80211_HW_CONNECTION_MONITOR |
4916                 IEEE80211_HW_SUPPORTS_CQM_RSSI |
4917                 IEEE80211_HW_REPORTS_TX_ACK_STATUS |
4918                 IEEE80211_HW_SPECTRUM_MGMT |
4919                 IEEE80211_HW_AP_LINK_PS |
4920                 IEEE80211_HW_AMPDU_AGGREGATION |
4921                 IEEE80211_HW_TX_AMPDU_SETUP_IN_HW;
4922
4923         wl->hw->wiphy->cipher_suites = cipher_suites;
4924         wl->hw->wiphy->n_cipher_suites = ARRAY_SIZE(cipher_suites);
4925
4926         wl->hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
4927                 BIT(NL80211_IFTYPE_ADHOC) | BIT(NL80211_IFTYPE_AP) |
4928                 BIT(NL80211_IFTYPE_P2P_CLIENT) | BIT(NL80211_IFTYPE_P2P_GO);
4929         wl->hw->wiphy->max_scan_ssids = 1;
4930         wl->hw->wiphy->max_sched_scan_ssids = 16;
4931         wl->hw->wiphy->max_match_sets = 16;
4932         /*
4933          * Maximum length of elements in scanning probe request templates
4934          * should be the maximum length possible for a template, without
4935          * the IEEE80211 header of the template
4936          */
4937         wl->hw->wiphy->max_scan_ie_len = WL1271_CMD_TEMPL_DFLT_SIZE -
4938                         sizeof(struct ieee80211_header);
4939
4940         wl->hw->wiphy->max_sched_scan_ie_len = WL1271_CMD_TEMPL_DFLT_SIZE -
4941                 sizeof(struct ieee80211_header);
4942
4943         wl->hw->wiphy->flags |= WIPHY_FLAG_AP_UAPSD;
4944
4945         /* make sure all our channels fit in the scanned_ch bitmask */
4946         BUILD_BUG_ON(ARRAY_SIZE(wl1271_channels) +
4947                      ARRAY_SIZE(wl1271_channels_5ghz) >
4948                      WL1271_MAX_CHANNELS);
4949         /*
4950          * We keep local copies of the band structs because we need to
4951          * modify them on a per-device basis.
4952          */
4953         memcpy(&wl->bands[IEEE80211_BAND_2GHZ], &wl1271_band_2ghz,
4954                sizeof(wl1271_band_2ghz));
4955         memcpy(&wl->bands[IEEE80211_BAND_5GHZ], &wl1271_band_5ghz,
4956                sizeof(wl1271_band_5ghz));
4957
4958         wl->hw->wiphy->bands[IEEE80211_BAND_2GHZ] =
4959                 &wl->bands[IEEE80211_BAND_2GHZ];
4960         wl->hw->wiphy->bands[IEEE80211_BAND_5GHZ] =
4961                 &wl->bands[IEEE80211_BAND_5GHZ];
4962
4963         wl->hw->queues = 4;
4964         wl->hw->max_rates = 1;
4965
4966         wl->hw->wiphy->reg_notifier = wl1271_reg_notify;
4967
4968         /* the FW answers probe-requests in AP-mode */
4969         wl->hw->wiphy->flags |= WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD;
4970         wl->hw->wiphy->probe_resp_offload =
4971                 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS |
4972                 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_WPS2 |
4973                 NL80211_PROBE_RESP_OFFLOAD_SUPPORT_P2P;
4974
4975         SET_IEEE80211_DEV(wl->hw, wl->dev);
4976
4977         wl->hw->sta_data_size = sizeof(struct wl1271_station);
4978         wl->hw->vif_data_size = sizeof(struct wl12xx_vif);
4979
4980         wl->hw->max_rx_aggregation_subframes = 8;
4981
4982         return 0;
4983 }
4984
4985 #define WL1271_DEFAULT_CHANNEL 0
4986
4987 static struct ieee80211_hw *wl1271_alloc_hw(void)
4988 {
4989         struct ieee80211_hw *hw;
4990         struct wl1271 *wl;
4991         int i, j, ret;
4992         unsigned int order;
4993
4994         BUILD_BUG_ON(AP_MAX_STATIONS > WL12XX_MAX_LINKS);
4995
4996         hw = ieee80211_alloc_hw(sizeof(*wl), &wl1271_ops);
4997         if (!hw) {
4998                 wl1271_error("could not alloc ieee80211_hw");
4999                 ret = -ENOMEM;
5000                 goto err_hw_alloc;
5001         }
5002
5003         wl = hw->priv;
5004         memset(wl, 0, sizeof(*wl));
5005
5006         INIT_LIST_HEAD(&wl->list);
5007         INIT_LIST_HEAD(&wl->wlvif_list);
5008
5009         wl->hw = hw;
5010
5011         for (i = 0; i < NUM_TX_QUEUES; i++)
5012                 for (j = 0; j < WL12XX_MAX_LINKS; j++)
5013                         skb_queue_head_init(&wl->links[j].tx_queue[i]);
5014
5015         skb_queue_head_init(&wl->deferred_rx_queue);
5016         skb_queue_head_init(&wl->deferred_tx_queue);
5017
5018         INIT_DELAYED_WORK(&wl->elp_work, wl1271_elp_work);
5019         INIT_WORK(&wl->netstack_work, wl1271_netstack_work);
5020         INIT_WORK(&wl->tx_work, wl1271_tx_work);
5021         INIT_WORK(&wl->recovery_work, wl1271_recovery_work);
5022         INIT_DELAYED_WORK(&wl->scan_complete_work, wl1271_scan_complete_work);
5023
5024         wl->freezable_wq = create_freezable_workqueue("wl12xx_wq");
5025         if (!wl->freezable_wq) {
5026                 ret = -ENOMEM;
5027                 goto err_hw;
5028         }
5029
5030         wl->channel = WL1271_DEFAULT_CHANNEL;
5031         wl->rx_counter = 0;
5032         wl->power_level = WL1271_DEFAULT_POWER_LEVEL;
5033         wl->band = IEEE80211_BAND_2GHZ;
5034         wl->vif = NULL;
5035         wl->flags = 0;
5036         wl->sg_enabled = true;
5037         wl->hw_pg_ver = -1;
5038         wl->ap_ps_map = 0;
5039         wl->ap_fw_ps_map = 0;
5040         wl->quirks = 0;
5041         wl->platform_quirks = 0;
5042         wl->sched_scanning = false;
5043         wl->tx_spare_blocks = TX_HW_BLOCK_SPARE_DEFAULT;
5044         wl->system_hlid = WL12XX_SYSTEM_HLID;
5045         wl->active_sta_count = 0;
5046         wl->fwlog_size = 0;
5047         init_waitqueue_head(&wl->fwlog_waitq);
5048
5049         /* The system link is always allocated */
5050         __set_bit(WL12XX_SYSTEM_HLID, wl->links_map);
5051
5052         memset(wl->tx_frames_map, 0, sizeof(wl->tx_frames_map));
5053         for (i = 0; i < ACX_TX_DESCRIPTORS; i++)
5054                 wl->tx_frames[i] = NULL;
5055
5056         spin_lock_init(&wl->wl_lock);
5057
5058         wl->state = WL1271_STATE_OFF;
5059         mutex_init(&wl->mutex);
5060
5061         /* Apply default driver configuration. */
5062         wl1271_conf_init(wl);
5063
5064         order = get_order(WL1271_AGGR_BUFFER_SIZE);
5065         wl->aggr_buf = (u8 *)__get_free_pages(GFP_KERNEL, order);
5066         if (!wl->aggr_buf) {
5067                 ret = -ENOMEM;
5068                 goto err_wq;
5069         }
5070
5071         wl->dummy_packet = wl12xx_alloc_dummy_packet(wl);
5072         if (!wl->dummy_packet) {
5073                 ret = -ENOMEM;
5074                 goto err_aggr;
5075         }
5076
5077         /* Allocate one page for the FW log */
5078         wl->fwlog = (u8 *)get_zeroed_page(GFP_KERNEL);
5079         if (!wl->fwlog) {
5080                 ret = -ENOMEM;
5081                 goto err_dummy_packet;
5082         }
5083
5084         return hw;
5085
5086 err_dummy_packet:
5087         dev_kfree_skb(wl->dummy_packet);
5088
5089 err_aggr:
5090         free_pages((unsigned long)wl->aggr_buf, order);
5091
5092 err_wq:
5093         destroy_workqueue(wl->freezable_wq);
5094
5095 err_hw:
5096         wl1271_debugfs_exit(wl);
5097         ieee80211_free_hw(hw);
5098
5099 err_hw_alloc:
5100
5101         return ERR_PTR(ret);
5102 }
5103
5104 static int wl1271_free_hw(struct wl1271 *wl)
5105 {
5106         /* Unblock any fwlog readers */
5107         mutex_lock(&wl->mutex);
5108         wl->fwlog_size = -1;
5109         wake_up_interruptible_all(&wl->fwlog_waitq);
5110         mutex_unlock(&wl->mutex);
5111
5112         device_remove_bin_file(wl->dev, &fwlog_attr);
5113
5114         device_remove_file(wl->dev, &dev_attr_hw_pg_ver);
5115
5116         device_remove_file(wl->dev, &dev_attr_bt_coex_state);
5117         free_page((unsigned long)wl->fwlog);
5118         dev_kfree_skb(wl->dummy_packet);
5119         free_pages((unsigned long)wl->aggr_buf,
5120                         get_order(WL1271_AGGR_BUFFER_SIZE));
5121
5122         wl1271_debugfs_exit(wl);
5123
5124         vfree(wl->fw);
5125         wl->fw = NULL;
5126         kfree(wl->nvs);
5127         wl->nvs = NULL;
5128
5129         kfree(wl->fw_status);
5130         kfree(wl->tx_res_if);
5131         destroy_workqueue(wl->freezable_wq);
5132
5133         ieee80211_free_hw(wl->hw);
5134
5135         return 0;
5136 }
5137
5138 static irqreturn_t wl12xx_hardirq(int irq, void *cookie)
5139 {
5140         struct wl1271 *wl = cookie;
5141         unsigned long flags;
5142
5143         wl1271_debug(DEBUG_IRQ, "IRQ");
5144
5145         /* complete the ELP completion */
5146         spin_lock_irqsave(&wl->wl_lock, flags);
5147         set_bit(WL1271_FLAG_IRQ_RUNNING, &wl->flags);
5148         if (wl->elp_compl) {
5149                 complete(wl->elp_compl);
5150                 wl->elp_compl = NULL;
5151         }
5152
5153         if (test_bit(WL1271_FLAG_SUSPENDED, &wl->flags)) {
5154                 /* don't enqueue a work right now. mark it as pending */
5155                 set_bit(WL1271_FLAG_PENDING_WORK, &wl->flags);
5156                 wl1271_debug(DEBUG_IRQ, "should not enqueue work");
5157                 disable_irq_nosync(wl->irq);
5158                 pm_wakeup_event(wl->dev, 0);
5159                 spin_unlock_irqrestore(&wl->wl_lock, flags);
5160                 return IRQ_HANDLED;
5161         }
5162         spin_unlock_irqrestore(&wl->wl_lock, flags);
5163
5164         return IRQ_WAKE_THREAD;
5165 }
5166
5167 static int __devinit wl12xx_probe(struct platform_device *pdev)
5168 {
5169         struct wl12xx_platform_data *pdata = pdev->dev.platform_data;
5170         struct ieee80211_hw *hw;
5171         struct wl1271 *wl;
5172         unsigned long irqflags;
5173         int ret = -ENODEV;
5174
5175         hw = wl1271_alloc_hw();
5176         if (IS_ERR(hw)) {
5177                 wl1271_error("can't allocate hw");
5178                 ret = PTR_ERR(hw);
5179                 goto out;
5180         }
5181
5182         wl = hw->priv;
5183         wl->irq = platform_get_irq(pdev, 0);
5184         wl->ref_clock = pdata->board_ref_clock;
5185         wl->tcxo_clock = pdata->board_tcxo_clock;
5186         wl->platform_quirks = pdata->platform_quirks;
5187         wl->set_power = pdata->set_power;
5188         wl->dev = &pdev->dev;
5189         wl->if_ops = pdata->ops;
5190
5191         platform_set_drvdata(pdev, wl);
5192
5193         if (wl->platform_quirks & WL12XX_PLATFORM_QUIRK_EDGE_IRQ)
5194                 irqflags = IRQF_TRIGGER_RISING;
5195         else
5196                 irqflags = IRQF_TRIGGER_HIGH | IRQF_ONESHOT;
5197
5198         ret = request_threaded_irq(wl->irq, wl12xx_hardirq, wl1271_irq,
5199                                    irqflags,
5200                                    pdev->name, wl);
5201         if (ret < 0) {
5202                 wl1271_error("request_irq() failed: %d", ret);
5203                 goto out_free_hw;
5204         }
5205
5206         ret = enable_irq_wake(wl->irq);
5207         if (!ret) {
5208                 wl->irq_wake_enabled = true;
5209                 device_init_wakeup(wl->dev, 1);
5210                 if (pdata->pwr_in_suspend)
5211                         hw->wiphy->wowlan.flags = WIPHY_WOWLAN_ANY;
5212
5213         }
5214         disable_irq(wl->irq);
5215
5216         ret = wl1271_init_ieee80211(wl);
5217         if (ret)
5218                 goto out_irq;
5219
5220         ret = wl1271_register_hw(wl);
5221         if (ret)
5222                 goto out_irq;
5223
5224         /* Create sysfs file to control bt coex state */
5225         ret = device_create_file(wl->dev, &dev_attr_bt_coex_state);
5226         if (ret < 0) {
5227                 wl1271_error("failed to create sysfs file bt_coex_state");
5228                 goto out_irq;
5229         }
5230
5231         /* Create sysfs file to get HW PG version */
5232         ret = device_create_file(wl->dev, &dev_attr_hw_pg_ver);
5233         if (ret < 0) {
5234                 wl1271_error("failed to create sysfs file hw_pg_ver");
5235                 goto out_bt_coex_state;
5236         }
5237
5238         /* Create sysfs file for the FW log */
5239         ret = device_create_bin_file(wl->dev, &fwlog_attr);
5240         if (ret < 0) {
5241                 wl1271_error("failed to create sysfs file fwlog");
5242                 goto out_hw_pg_ver;
5243         }
5244
5245         return 0;
5246
5247 out_hw_pg_ver:
5248         device_remove_file(wl->dev, &dev_attr_hw_pg_ver);
5249
5250 out_bt_coex_state:
5251         device_remove_file(wl->dev, &dev_attr_bt_coex_state);
5252
5253 out_irq:
5254         free_irq(wl->irq, wl);
5255
5256 out_free_hw:
5257         wl1271_free_hw(wl);
5258
5259 out:
5260         return ret;
5261 }
5262
5263 static int __devexit wl12xx_remove(struct platform_device *pdev)
5264 {
5265         struct wl1271 *wl = platform_get_drvdata(pdev);
5266
5267         if (wl->irq_wake_enabled) {
5268                 device_init_wakeup(wl->dev, 0);
5269                 disable_irq_wake(wl->irq);
5270         }
5271         wl1271_unregister_hw(wl);
5272         free_irq(wl->irq, wl);
5273         wl1271_free_hw(wl);
5274
5275         return 0;
5276 }
5277
5278 static const struct platform_device_id wl12xx_id_table[] __devinitconst = {
5279         { "wl12xx", 0 },
5280         {  } /* Terminating Entry */
5281 };
5282 MODULE_DEVICE_TABLE(platform, wl12xx_id_table);
5283
5284 static struct platform_driver wl12xx_driver = {
5285         .probe          = wl12xx_probe,
5286         .remove         = __devexit_p(wl12xx_remove),
5287         .id_table       = wl12xx_id_table,
5288         .driver = {
5289                 .name   = "wl12xx_driver",
5290                 .owner  = THIS_MODULE,
5291         }
5292 };
5293
5294 static int __init wl12xx_init(void)
5295 {
5296         return platform_driver_register(&wl12xx_driver);
5297 }
5298 module_init(wl12xx_init);
5299
5300 static void __exit wl12xx_exit(void)
5301 {
5302         platform_driver_unregister(&wl12xx_driver);
5303 }
5304 module_exit(wl12xx_exit);
5305
5306 u32 wl12xx_debug_level = DEBUG_NONE;
5307 EXPORT_SYMBOL_GPL(wl12xx_debug_level);
5308 module_param_named(debug_level, wl12xx_debug_level, uint, S_IRUSR | S_IWUSR);
5309 MODULE_PARM_DESC(debug_level, "wl12xx debugging level");
5310
5311 module_param_named(fwlog, fwlog_param, charp, 0);
5312 MODULE_PARM_DESC(keymap,
5313                  "FW logger options: continuous, ondemand, dbgpins or disable");
5314
5315 module_param(bug_on_recovery, bool, S_IRUSR | S_IWUSR);
5316 MODULE_PARM_DESC(bug_on_recovery, "BUG() on fw recovery");
5317
5318 MODULE_LICENSE("GPL");
5319 MODULE_AUTHOR("Luciano Coelho <coelho@ti.com>");
5320 MODULE_AUTHOR("Juuso Oikarinen <juuso.oikarinen@nokia.com>");