3 * Copyright (c) 2011 Atheros Communications Inc.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 #include <linux/mmc/sdio_func.h>
26 unsigned int debug_mask;
27 static unsigned int testmode;
29 module_param(debug_mask, uint, 0644);
30 module_param(testmode, uint, 0644);
33 * Include definitions here that can be used to tune the WLAN module
34 * behavior. Different customers can tune the behavior as per their needs,
39 * This configuration item enable/disable keepalive support.
40 * Keepalive support: In the absence of any data traffic to AP, null
41 * frames will be sent to the AP at periodic interval, to keep the association
42 * active. This configuration item defines the periodic interval.
43 * Use value of zero to disable keepalive support
46 #define WLAN_CONFIG_KEEP_ALIVE_INTERVAL 60
49 * This configuration item sets the value of disconnect timeout
50 * Firmware delays sending the disconnec event to the host for this
51 * timeout after is gets disconnected from the current AP.
52 * If the firmware successly roams within the disconnect timeout
53 * it sends a new connect event
55 #define WLAN_CONFIG_DISCONNECT_TIMEOUT 10
57 #define CONFIG_AR600x_DEBUG_UART_TX_PIN 8
59 #define ATH6KL_DATA_OFFSET 64
60 struct sk_buff *ath6kl_buf_alloc(int size)
65 /* Add chacheline space at front and back of buffer */
66 reserved = (2 * L1_CACHE_BYTES) + ATH6KL_DATA_OFFSET +
67 sizeof(struct htc_packet) + ATH6KL_HTC_ALIGN_BYTES;
68 skb = dev_alloc_skb(size + reserved);
71 skb_reserve(skb, reserved - L1_CACHE_BYTES);
75 void ath6kl_init_profile_info(struct ath6kl *ar)
78 memset(ar->ssid, 0, sizeof(ar->ssid));
80 ar->dot11_auth_mode = OPEN_AUTH;
81 ar->auth_mode = NONE_AUTH;
82 ar->prwise_crypto = NONE_CRYPT;
83 ar->prwise_crypto_len = 0;
84 ar->grp_crypto = NONE_CRYPT;
85 ar->grp_crypto_len = 0;
86 memset(ar->wep_key_list, 0, sizeof(ar->wep_key_list));
87 memset(ar->req_bssid, 0, sizeof(ar->req_bssid));
88 memset(ar->bssid, 0, sizeof(ar->bssid));
90 ar->nw_type = ar->next_mode = INFRA_NETWORK;
93 static u8 ath6kl_get_fw_iftype(struct ath6kl *ar)
95 switch (ar->nw_type) {
97 return HI_OPTION_FW_MODE_BSS_STA;
99 return HI_OPTION_FW_MODE_IBSS;
101 return HI_OPTION_FW_MODE_AP;
103 ath6kl_err("Unsupported interface type :%d\n", ar->nw_type);
108 static int ath6kl_set_host_app_area(struct ath6kl *ar)
111 struct host_app_area host_app_area;
113 /* Fetch the address of the host_app_area_s
114 * instance in the host interest area */
115 address = ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_app_host_interest));
116 address = TARG_VTOP(ar->target_type, address);
118 if (ath6kl_diag_read32(ar, address, &data))
121 address = TARG_VTOP(ar->target_type, data);
122 host_app_area.wmi_protocol_ver = WMI_PROTOCOL_VERSION;
123 if (ath6kl_diag_write(ar, address, (u8 *) &host_app_area,
124 sizeof(struct host_app_area)))
130 static inline void set_ac2_ep_map(struct ath6kl *ar,
132 enum htc_endpoint_id ep)
134 ar->ac2ep_map[ac] = ep;
135 ar->ep2ac_map[ep] = ac;
138 /* connect to a service */
139 static int ath6kl_connectservice(struct ath6kl *ar,
140 struct htc_service_connect_req *con_req,
144 struct htc_service_connect_resp response;
146 memset(&response, 0, sizeof(response));
148 status = ath6kl_htc_conn_service(ar->htc_target, con_req, &response);
150 ath6kl_err("failed to connect to %s service status:%d\n",
155 switch (con_req->svc_id) {
156 case WMI_CONTROL_SVC:
157 if (test_bit(WMI_ENABLED, &ar->flag))
158 ath6kl_wmi_set_control_ep(ar->wmi, response.endpoint);
159 ar->ctrl_ep = response.endpoint;
161 case WMI_DATA_BE_SVC:
162 set_ac2_ep_map(ar, WMM_AC_BE, response.endpoint);
164 case WMI_DATA_BK_SVC:
165 set_ac2_ep_map(ar, WMM_AC_BK, response.endpoint);
167 case WMI_DATA_VI_SVC:
168 set_ac2_ep_map(ar, WMM_AC_VI, response.endpoint);
170 case WMI_DATA_VO_SVC:
171 set_ac2_ep_map(ar, WMM_AC_VO, response.endpoint);
174 ath6kl_err("service id is not mapped %d\n", con_req->svc_id);
181 static int ath6kl_init_service_ep(struct ath6kl *ar)
183 struct htc_service_connect_req connect;
185 memset(&connect, 0, sizeof(connect));
187 /* these fields are the same for all service endpoints */
188 connect.ep_cb.rx = ath6kl_rx;
189 connect.ep_cb.rx_refill = ath6kl_rx_refill;
190 connect.ep_cb.tx_full = ath6kl_tx_queue_full;
193 * Set the max queue depth so that our ath6kl_tx_queue_full handler
196 connect.max_txq_depth = MAX_DEFAULT_SEND_QUEUE_DEPTH;
197 connect.ep_cb.rx_refill_thresh = ATH6KL_MAX_RX_BUFFERS / 4;
198 if (!connect.ep_cb.rx_refill_thresh)
199 connect.ep_cb.rx_refill_thresh++;
201 /* connect to control service */
202 connect.svc_id = WMI_CONTROL_SVC;
203 if (ath6kl_connectservice(ar, &connect, "WMI CONTROL"))
206 connect.flags |= HTC_FLGS_TX_BNDL_PAD_EN;
209 * Limit the HTC message size on the send path, although e can
210 * receive A-MSDU frames of 4K, we will only send ethernet-sized
211 * (802.3) frames on the send path.
213 connect.max_rxmsg_sz = WMI_MAX_TX_DATA_FRAME_LENGTH;
216 * To reduce the amount of committed memory for larger A_MSDU
217 * frames, use the recv-alloc threshold mechanism for larger
220 connect.ep_cb.rx_alloc_thresh = ATH6KL_BUFFER_SIZE;
221 connect.ep_cb.rx_allocthresh = ath6kl_alloc_amsdu_rxbuf;
224 * For the remaining data services set the connection flag to
225 * reduce dribbling, if configured to do so.
227 connect.conn_flags |= HTC_CONN_FLGS_REDUCE_CRED_DRIB;
228 connect.conn_flags &= ~HTC_CONN_FLGS_THRESH_MASK;
229 connect.conn_flags |= HTC_CONN_FLGS_THRESH_LVL_HALF;
231 connect.svc_id = WMI_DATA_BE_SVC;
233 if (ath6kl_connectservice(ar, &connect, "WMI DATA BE"))
236 /* connect to back-ground map this to WMI LOW_PRI */
237 connect.svc_id = WMI_DATA_BK_SVC;
238 if (ath6kl_connectservice(ar, &connect, "WMI DATA BK"))
241 /* connect to Video service, map this to to HI PRI */
242 connect.svc_id = WMI_DATA_VI_SVC;
243 if (ath6kl_connectservice(ar, &connect, "WMI DATA VI"))
247 * Connect to VO service, this is currently not mapped to a WMI
248 * priority stream due to historical reasons. WMI originally
249 * defined 3 priorities over 3 mailboxes We can change this when
250 * WMI is reworked so that priorities are not dependent on
253 connect.svc_id = WMI_DATA_VO_SVC;
254 if (ath6kl_connectservice(ar, &connect, "WMI DATA VO"))
260 static void ath6kl_init_control_info(struct ath6kl *ar)
264 clear_bit(WMI_ENABLED, &ar->flag);
265 ath6kl_init_profile_info(ar);
266 ar->def_txkey_index = 0;
267 memset(ar->wep_key_list, 0, sizeof(ar->wep_key_list));
269 ar->listen_intvl_t = A_DEFAULT_LISTEN_INTERVAL;
270 ar->listen_intvl_b = 0;
272 clear_bit(SKIP_SCAN, &ar->flag);
273 set_bit(WMM_ENABLED, &ar->flag);
275 memset(&ar->sc_params, 0, sizeof(ar->sc_params));
276 ar->sc_params.short_scan_ratio = WMI_SHORTSCANRATIO_DEFAULT;
277 ar->sc_params.scan_ctrl_flags = DEFAULT_SCAN_CTRL_FLAGS;
278 ar->lrssi_roam_threshold = DEF_LRSSI_ROAM_THRESHOLD;
280 memset((u8 *)ar->sta_list, 0,
281 AP_MAX_NUM_STA * sizeof(struct ath6kl_sta));
283 spin_lock_init(&ar->mcastpsq_lock);
285 /* Init the PS queues */
286 for (ctr = 0; ctr < AP_MAX_NUM_STA; ctr++) {
287 spin_lock_init(&ar->sta_list[ctr].psq_lock);
288 skb_queue_head_init(&ar->sta_list[ctr].psq);
291 skb_queue_head_init(&ar->mcastpsq);
293 memcpy(ar->ap_country_code, DEF_AP_COUNTRY_CODE, 3);
297 * Set HTC/Mbox operational parameters, this can only be called when the
298 * target is in the BMI phase.
300 static int ath6kl_set_htc_params(struct ath6kl *ar, u32 mbox_isr_yield_val,
306 blk_size = ar->mbox_info.block_size;
309 blk_size |= ((u32)htc_ctrl_buf) << 16;
311 /* set the host interest area for the block size */
312 status = ath6kl_bmi_write(ar,
313 ath6kl_get_hi_item_addr(ar,
314 HI_ITEM(hi_mbox_io_block_sz)),
318 ath6kl_err("bmi_write_memory for IO block size failed\n");
322 ath6kl_dbg(ATH6KL_DBG_TRC, "block size set: %d (target addr:0x%X)\n",
324 ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_mbox_io_block_sz)));
326 if (mbox_isr_yield_val) {
327 /* set the host interest area for the mbox ISR yield limit */
328 status = ath6kl_bmi_write(ar,
329 ath6kl_get_hi_item_addr(ar,
330 HI_ITEM(hi_mbox_isr_yield_limit)),
331 (u8 *)&mbox_isr_yield_val,
334 ath6kl_err("bmi_write_memory for yield limit failed\n");
343 #define REG_DUMP_COUNT_AR6003 60
344 #define REGISTER_DUMP_LEN_MAX 60
346 static void ath6kl_dump_target_assert_info(struct ath6kl *ar)
351 u32 regdump_val[REGISTER_DUMP_LEN_MAX];
354 if (ar->target_type != TARGET_TYPE_AR6003)
357 /* the reg dump pointer is copied to the host interest area */
358 address = ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_failure_state));
359 address = TARG_VTOP(ar->target_type, address);
361 /* read RAM location through diagnostic window */
362 status = ath6kl_diag_read32(ar, address, ®dump_loc);
364 if (status || !regdump_loc) {
365 ath6kl_err("failed to get ptr to register dump area\n");
369 ath6kl_dbg(ATH6KL_DBG_TRC, "location of register dump data: 0x%X\n",
371 regdump_loc = TARG_VTOP(ar->target_type, regdump_loc);
373 /* fetch register dump data */
374 status = ath6kl_diag_read(ar, regdump_loc, (u8 *)®dump_val[0],
375 REG_DUMP_COUNT_AR6003 * (sizeof(u32)));
378 ath6kl_err("failed to get register dump\n");
381 ath6kl_dbg(ATH6KL_DBG_TRC, "Register Dump:\n");
383 for (i = 0; i < REG_DUMP_COUNT_AR6003; i++)
384 ath6kl_dbg(ATH6KL_DBG_TRC, " %d : 0x%8.8X\n",
389 void ath6kl_target_failure(struct ath6kl *ar)
391 ath6kl_err("target asserted\n");
393 /* try dumping target assertion information (if any) */
394 ath6kl_dump_target_assert_info(ar);
398 static int ath6kl_target_config_wlan_params(struct ath6kl *ar)
404 * Configure the device for rx dot11 header rules. "0,0" are the
405 * default values. Required if checksum offload is needed. Set
406 * RxMetaVersion to 2.
408 if (ath6kl_wmi_set_rx_frame_format_cmd(ar->wmi,
409 ar->rx_meta_ver, 0, 0)) {
410 ath6kl_err("unable to set the rx frame format\n");
414 if (ar->conf_flags & ATH6KL_CONF_IGNORE_PS_FAIL_EVT_IN_SCAN)
415 if ((ath6kl_wmi_pmparams_cmd(ar->wmi, 0, 1, 0, 0, 1,
416 IGNORE_POWER_SAVE_FAIL_EVENT_DURING_SCAN)) != 0) {
417 ath6kl_err("unable to set power save fail event policy\n");
421 if (!(ar->conf_flags & ATH6KL_CONF_IGNORE_ERP_BARKER))
422 if ((ath6kl_wmi_set_lpreamble_cmd(ar->wmi, 0,
423 WMI_DONOT_IGNORE_BARKER_IN_ERP)) != 0) {
424 ath6kl_err("unable to set barker preamble policy\n");
428 if (ath6kl_wmi_set_keepalive_cmd(ar->wmi,
429 WLAN_CONFIG_KEEP_ALIVE_INTERVAL)) {
430 ath6kl_err("unable to set keep alive interval\n");
434 if (ath6kl_wmi_disctimeout_cmd(ar->wmi,
435 WLAN_CONFIG_DISCONNECT_TIMEOUT)) {
436 ath6kl_err("unable to set disconnect timeout\n");
440 if (!(ar->conf_flags & ATH6KL_CONF_ENABLE_TX_BURST))
441 if (ath6kl_wmi_set_wmm_txop(ar->wmi, WMI_TXOP_DISABLED)) {
442 ath6kl_err("unable to set txop bursting\n");
447 ret = ath6kl_wmi_info_req_cmd(ar->wmi,
448 P2P_FLAG_CAPABILITIES_REQ |
449 P2P_FLAG_MACADDR_REQ |
450 P2P_FLAG_HMODEL_REQ);
452 ath6kl_dbg(ATH6KL_DBG_TRC, "failed to request P2P "
453 "capabilities (%d) - assuming P2P not "
460 /* Enable Probe Request reporting for P2P */
461 ret = ath6kl_wmi_probe_report_req_cmd(ar->wmi, true);
463 ath6kl_dbg(ATH6KL_DBG_TRC, "failed to enable Probe "
464 "Request reporting (%d)\n", ret);
471 int ath6kl_configure_target(struct ath6kl *ar)
473 u32 param, ram_reserved_size;
476 fw_iftype = ath6kl_get_fw_iftype(ar);
477 if (fw_iftype == 0xff)
480 /* Tell target which HTC version it is used*/
481 param = HTC_PROTOCOL_VERSION;
482 if (ath6kl_bmi_write(ar,
483 ath6kl_get_hi_item_addr(ar,
484 HI_ITEM(hi_app_host_interest)),
485 (u8 *)¶m, 4) != 0) {
486 ath6kl_err("bmi_write_memory for htc version failed\n");
490 /* set the firmware mode to STA/IBSS/AP */
493 if (ath6kl_bmi_read(ar,
494 ath6kl_get_hi_item_addr(ar,
495 HI_ITEM(hi_option_flag)),
496 (u8 *)¶m, 4) != 0) {
497 ath6kl_err("bmi_read_memory for setting fwmode failed\n");
501 param |= (1 << HI_OPTION_NUM_DEV_SHIFT);
502 param |= (fw_iftype << HI_OPTION_FW_MODE_SHIFT);
503 if (ar->p2p && fw_iftype == HI_OPTION_FW_MODE_BSS_STA) {
504 param |= HI_OPTION_FW_SUBMODE_P2PDEV <<
505 HI_OPTION_FW_SUBMODE_SHIFT;
507 param |= (0 << HI_OPTION_MAC_ADDR_METHOD_SHIFT);
508 param |= (0 << HI_OPTION_FW_BRIDGE_SHIFT);
510 if (ath6kl_bmi_write(ar,
511 ath6kl_get_hi_item_addr(ar,
512 HI_ITEM(hi_option_flag)),
515 ath6kl_err("bmi_write_memory for setting fwmode failed\n");
519 ath6kl_dbg(ATH6KL_DBG_TRC, "firmware mode set\n");
522 * Hardcode the address use for the extended board data
523 * Ideally this should be pre-allocate by the OS at boot time
524 * But since it is a new feature and board data is loaded
525 * at init time, we have to workaround this from host.
526 * It is difficult to patch the firmware boot code,
527 * but possible in theory.
530 if (ar->target_type == TARGET_TYPE_AR6003 ||
531 ar->target_type == TARGET_TYPE_AR6004) {
532 if (ar->version.target_ver == AR6003_REV2_VERSION) {
533 param = AR6003_REV2_BOARD_EXT_DATA_ADDRESS;
534 ram_reserved_size = AR6003_REV2_RAM_RESERVE_SIZE;
535 } else if (ar->version.target_ver == AR6004_REV1_VERSION) {
536 param = AR6004_REV1_BOARD_EXT_DATA_ADDRESS;
537 ram_reserved_size = AR6004_REV1_RAM_RESERVE_SIZE;
539 param = AR6003_REV3_BOARD_EXT_DATA_ADDRESS;
540 ram_reserved_size = AR6003_REV3_RAM_RESERVE_SIZE;
543 if (ath6kl_bmi_write(ar,
544 ath6kl_get_hi_item_addr(ar,
545 HI_ITEM(hi_board_ext_data)),
546 (u8 *)¶m, 4) != 0) {
547 ath6kl_err("bmi_write_memory for hi_board_ext_data failed\n");
550 if (ath6kl_bmi_write(ar,
551 ath6kl_get_hi_item_addr(ar,
552 HI_ITEM(hi_end_ram_reserve_sz)),
553 (u8 *)&ram_reserved_size, 4) != 0) {
554 ath6kl_err("bmi_write_memory for hi_end_ram_reserve_sz failed\n");
559 /* set the block size for the target */
560 if (ath6kl_set_htc_params(ar, MBOX_YIELD_LIMIT, 0))
561 /* use default number of control buffers */
567 struct ath6kl *ath6kl_core_alloc(struct device *sdev)
569 struct net_device *dev;
571 struct wireless_dev *wdev;
573 wdev = ath6kl_cfg80211_init(sdev);
575 ath6kl_err("ath6kl_cfg80211_init failed\n");
579 ar = wdev_priv(wdev);
582 wdev->iftype = NL80211_IFTYPE_STATION;
584 if (ath6kl_debug_init(ar)) {
585 ath6kl_err("Failed to initialize debugfs\n");
586 ath6kl_cfg80211_deinit(ar);
590 dev = alloc_netdev(0, "wlan%d", ether_setup);
592 ath6kl_err("no memory for network device instance\n");
593 ath6kl_cfg80211_deinit(ar);
597 dev->ieee80211_ptr = wdev;
598 SET_NETDEV_DEV(dev, wiphy_dev(wdev->wiphy));
600 ar->sme_state = SME_DISCONNECTED;
601 ar->auto_auth_stage = AUTH_IDLE;
606 set_bit(WLAN_ENABLED, &ar->flag);
608 ar->wlan_pwr_state = WLAN_POWER_STATE_ON;
610 spin_lock_init(&ar->lock);
612 ath6kl_init_control_info(ar);
613 init_waitqueue_head(&ar->event_wq);
614 sema_init(&ar->sem, 1);
615 clear_bit(DESTROY_IN_PROGRESS, &ar->flag);
617 INIT_LIST_HEAD(&ar->amsdu_rx_buffer_queue);
619 setup_timer(&ar->disconnect_timer, disconnect_timer_handler,
620 (unsigned long) dev);
625 int ath6kl_unavail_ev(struct ath6kl *ar)
627 ath6kl_destroy(ar->net_dev, 1);
632 /* firmware upload */
633 static int ath6kl_get_fw(struct ath6kl *ar, const char *filename,
634 u8 **fw, size_t *fw_len)
636 const struct firmware *fw_entry;
639 ret = request_firmware(&fw_entry, filename, ar->dev);
643 *fw_len = fw_entry->size;
644 *fw = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL);
649 release_firmware(fw_entry);
655 static const char *get_target_ver_dir(const struct ath6kl *ar)
657 switch (ar->version.target_ver) {
658 case AR6003_REV1_VERSION:
659 return "ath6k/AR6003/hw1.0";
660 case AR6003_REV2_VERSION:
661 return "ath6k/AR6003/hw2.0";
662 case AR6003_REV3_VERSION:
663 return "ath6k/AR6003/hw2.1.1";
665 ath6kl_warn("%s: unsupported target version 0x%x.\n", __func__,
666 ar->version.target_ver);
671 * Check the device tree for a board-id and use it to construct
672 * the pathname to the firmware file. Used (for now) to find a
673 * fallback to the "bdata.bin" file--typically a symlink to the
674 * appropriate board-specific file.
676 static bool check_device_tree(struct ath6kl *ar)
678 static const char *board_id_prop = "atheros,board-id";
679 struct device_node *node;
680 char board_filename[64];
681 const char *board_id;
684 for_each_compatible_node(node, NULL, "atheros,ath6kl") {
685 board_id = of_get_property(node, board_id_prop, NULL);
686 if (board_id == NULL) {
687 ath6kl_warn("No \"%s\" property on %s node.\n",
688 board_id_prop, node->name);
691 snprintf(board_filename, sizeof(board_filename),
692 "%s/bdata.%s.bin", get_target_ver_dir(ar), board_id);
694 ret = ath6kl_get_fw(ar, board_filename, &ar->fw_board,
697 ath6kl_err("Failed to get DT board file %s: %d\n",
698 board_filename, ret);
706 static bool check_device_tree(struct ath6kl *ar)
710 #endif /* CONFIG_OF */
712 static int ath6kl_fetch_board_file(struct ath6kl *ar)
714 const char *filename;
717 if (ar->fw_board != NULL)
720 switch (ar->version.target_ver) {
721 case AR6003_REV2_VERSION:
722 filename = AR6003_REV2_BOARD_DATA_FILE;
724 case AR6004_REV1_VERSION:
725 filename = AR6004_REV1_BOARD_DATA_FILE;
728 filename = AR6003_REV3_BOARD_DATA_FILE;
732 ret = ath6kl_get_fw(ar, filename, &ar->fw_board,
735 /* managed to get proper board file */
739 if (check_device_tree(ar)) {
740 /* got board file from device tree */
744 /* there was no proper board file, try to use default instead */
745 ath6kl_warn("Failed to get board file %s (%d), trying to find default board file.\n",
748 switch (ar->version.target_ver) {
749 case AR6003_REV2_VERSION:
750 filename = AR6003_REV2_DEFAULT_BOARD_DATA_FILE;
752 case AR6004_REV1_VERSION:
753 filename = AR6004_REV1_DEFAULT_BOARD_DATA_FILE;
756 filename = AR6003_REV3_DEFAULT_BOARD_DATA_FILE;
760 ret = ath6kl_get_fw(ar, filename, &ar->fw_board,
763 ath6kl_err("Failed to get default board file %s: %d\n",
768 ath6kl_warn("WARNING! No proper board file was not found, instead using a default board file.\n");
769 ath6kl_warn("Most likely your hardware won't work as specified. Install correct board file!\n");
774 static int ath6kl_fetch_otp_file(struct ath6kl *ar)
776 const char *filename;
779 if (ar->fw_otp != NULL)
782 switch (ar->version.target_ver) {
783 case AR6003_REV2_VERSION:
784 filename = AR6003_REV2_OTP_FILE;
786 case AR6004_REV1_VERSION:
787 ath6kl_dbg(ATH6KL_DBG_TRC, "AR6004 doesn't need OTP file\n");
791 filename = AR6003_REV3_OTP_FILE;
795 ret = ath6kl_get_fw(ar, filename, &ar->fw_otp,
798 ath6kl_err("Failed to get OTP file %s: %d\n",
806 static int ath6kl_fetch_fw_file(struct ath6kl *ar)
808 const char *filename;
815 switch (ar->version.target_ver) {
816 case AR6003_REV2_VERSION:
817 filename = AR6003_REV2_TCMD_FIRMWARE_FILE;
819 case AR6003_REV3_VERSION:
820 filename = AR6003_REV3_TCMD_FIRMWARE_FILE;
822 case AR6004_REV1_VERSION:
823 ath6kl_warn("testmode not supported with ar6004\n");
826 ath6kl_warn("unknown target version: 0x%x\n",
827 ar->version.target_ver);
831 set_bit(TESTMODE, &ar->flag);
836 switch (ar->version.target_ver) {
837 case AR6003_REV2_VERSION:
838 filename = AR6003_REV2_FIRMWARE_FILE;
840 case AR6004_REV1_VERSION:
841 filename = AR6004_REV1_FIRMWARE_FILE;
844 filename = AR6003_REV3_FIRMWARE_FILE;
849 ret = ath6kl_get_fw(ar, filename, &ar->fw, &ar->fw_len);
851 ath6kl_err("Failed to get firmware file %s: %d\n",
859 static int ath6kl_fetch_patch_file(struct ath6kl *ar)
861 const char *filename;
864 switch (ar->version.target_ver) {
865 case AR6003_REV2_VERSION:
866 filename = AR6003_REV2_PATCH_FILE;
868 case AR6004_REV1_VERSION:
869 /* FIXME: implement for AR6004 */
873 filename = AR6003_REV3_PATCH_FILE;
877 if (ar->fw_patch == NULL) {
878 ret = ath6kl_get_fw(ar, filename, &ar->fw_patch,
881 ath6kl_err("Failed to get patch file %s: %d\n",
890 static int ath6kl_fetch_fw_api1(struct ath6kl *ar)
894 ret = ath6kl_fetch_otp_file(ar);
898 ret = ath6kl_fetch_fw_file(ar);
902 ret = ath6kl_fetch_patch_file(ar);
909 static int ath6kl_fetch_fw_api2(struct ath6kl *ar)
911 size_t magic_len, len, ie_len;
912 const struct firmware *fw;
913 struct ath6kl_fw_ie *hdr;
914 const char *filename;
918 switch (ar->version.target_ver) {
919 case AR6003_REV2_VERSION:
920 filename = AR6003_REV2_FIRMWARE_2_FILE;
922 case AR6003_REV3_VERSION:
923 filename = AR6003_REV3_FIRMWARE_2_FILE;
925 case AR6004_REV1_VERSION:
926 filename = AR6004_REV1_FIRMWARE_2_FILE;
932 ret = request_firmware(&fw, filename, ar->dev);
939 /* magic also includes the null byte, check that as well */
940 magic_len = strlen(ATH6KL_FIRMWARE_MAGIC) + 1;
942 if (len < magic_len) {
947 if (memcmp(data, ATH6KL_FIRMWARE_MAGIC, magic_len) != 0) {
956 while (len > sizeof(struct ath6kl_fw_ie)) {
957 /* hdr is unaligned! */
958 hdr = (struct ath6kl_fw_ie *) data;
960 ie_id = le32_to_cpup(&hdr->id);
961 ie_len = le32_to_cpup(&hdr->len);
964 data += sizeof(*hdr);
972 case ATH6KL_FW_IE_OTP_IMAGE:
973 ar->fw_otp = kmemdup(data, ie_len, GFP_KERNEL);
975 if (ar->fw_otp == NULL) {
980 ar->fw_otp_len = ie_len;
982 case ATH6KL_FW_IE_FW_IMAGE:
983 ar->fw = kmemdup(data, ie_len, GFP_KERNEL);
985 if (ar->fw == NULL) {
992 case ATH6KL_FW_IE_PATCH_IMAGE:
993 ar->fw_patch = kmemdup(data, ie_len, GFP_KERNEL);
995 if (ar->fw_patch == NULL) {
1000 ar->fw_patch_len = ie_len;
1003 ath6kl_dbg(ATH6KL_DBG_TRC, "Unknown fw ie: %u\n",
1004 le32_to_cpup(&hdr->id));
1014 release_firmware(fw);
1019 static int ath6kl_fetch_firmwares(struct ath6kl *ar)
1023 ret = ath6kl_fetch_board_file(ar);
1027 ret = ath6kl_fetch_fw_api2(ar);
1029 /* fw api 2 found, use it */
1032 ret = ath6kl_fetch_fw_api1(ar);
1039 static int ath6kl_upload_board_file(struct ath6kl *ar)
1041 u32 board_address, board_ext_address, param;
1042 u32 board_data_size, board_ext_data_size;
1045 if (WARN_ON(ar->fw_board == NULL))
1049 * Determine where in Target RAM to write Board Data.
1050 * For AR6004, host determine Target RAM address for
1051 * writing board data.
1053 if (ar->target_type == TARGET_TYPE_AR6004) {
1054 board_address = AR6004_REV1_BOARD_DATA_ADDRESS;
1055 ath6kl_bmi_write(ar,
1056 ath6kl_get_hi_item_addr(ar,
1057 HI_ITEM(hi_board_data)),
1058 (u8 *) &board_address, 4);
1061 ath6kl_get_hi_item_addr(ar,
1062 HI_ITEM(hi_board_data)),
1063 (u8 *) &board_address, 4);
1066 ath6kl_dbg(ATH6KL_DBG_TRC, "board data download addr: 0x%x\n",
1069 /* determine where in target ram to write extended board data */
1071 ath6kl_get_hi_item_addr(ar,
1072 HI_ITEM(hi_board_ext_data)),
1073 (u8 *) &board_ext_address, 4);
1075 ath6kl_dbg(ATH6KL_DBG_TRC, "board file download addr: 0x%x\n",
1078 if (board_ext_address == 0) {
1079 ath6kl_err("Failed to get board file target address.\n");
1083 switch (ar->target_type) {
1084 case TARGET_TYPE_AR6003:
1085 board_data_size = AR6003_BOARD_DATA_SZ;
1086 board_ext_data_size = AR6003_BOARD_EXT_DATA_SZ;
1088 case TARGET_TYPE_AR6004:
1089 board_data_size = AR6004_BOARD_DATA_SZ;
1090 board_ext_data_size = AR6004_BOARD_EXT_DATA_SZ;
1098 if (ar->fw_board_len == (board_data_size +
1099 board_ext_data_size)) {
1101 /* write extended board data */
1102 ret = ath6kl_bmi_write(ar, board_ext_address,
1103 ar->fw_board + board_data_size,
1104 board_ext_data_size);
1106 ath6kl_err("Failed to write extended board data: %d\n",
1111 /* record that extended board data is initialized */
1112 param = (board_ext_data_size << 16) | 1;
1114 ath6kl_bmi_write(ar,
1115 ath6kl_get_hi_item_addr(ar,
1116 HI_ITEM(hi_board_ext_data_config)),
1117 (unsigned char *) ¶m, 4);
1120 if (ar->fw_board_len < board_data_size) {
1121 ath6kl_err("Too small board file: %zu\n", ar->fw_board_len);
1126 ret = ath6kl_bmi_write(ar, board_address, ar->fw_board,
1130 ath6kl_err("Board file bmi write failed: %d\n", ret);
1134 /* record the fact that Board Data IS initialized */
1136 ath6kl_bmi_write(ar,
1137 ath6kl_get_hi_item_addr(ar,
1138 HI_ITEM(hi_board_data_initialized)),
1144 static int ath6kl_upload_otp(struct ath6kl *ar)
1149 if (WARN_ON(ar->fw_otp == NULL))
1152 address = ar->hw.app_load_addr;
1154 ret = ath6kl_bmi_fast_download(ar, address, ar->fw_otp,
1157 ath6kl_err("Failed to upload OTP file: %d\n", ret);
1161 /* execute the OTP code */
1163 address = ar->hw.app_start_override_addr;
1164 ath6kl_bmi_execute(ar, address, ¶m);
1169 static int ath6kl_upload_firmware(struct ath6kl *ar)
1174 if (WARN_ON(ar->fw == NULL))
1177 address = ar->hw.app_load_addr;
1179 ret = ath6kl_bmi_fast_download(ar, address, ar->fw, ar->fw_len);
1182 ath6kl_err("Failed to write firmware: %d\n", ret);
1187 * Set starting address for firmware
1188 * Don't need to setup app_start override addr on AR6004
1190 if (ar->target_type != TARGET_TYPE_AR6004) {
1191 address = ar->hw.app_start_override_addr;
1192 ath6kl_bmi_set_app_start(ar, address);
1197 static int ath6kl_upload_patch(struct ath6kl *ar)
1202 if (WARN_ON(ar->fw_patch == NULL))
1205 address = ar->hw.dataset_patch_addr;
1207 ret = ath6kl_bmi_write(ar, address, ar->fw_patch, ar->fw_patch_len);
1209 ath6kl_err("Failed to write patch file: %d\n", ret);
1214 ath6kl_bmi_write(ar,
1215 ath6kl_get_hi_item_addr(ar,
1216 HI_ITEM(hi_dset_list_head)),
1217 (unsigned char *) ¶m, 4);
1222 static int ath6kl_init_upload(struct ath6kl *ar)
1224 u32 param, options, sleep, address;
1227 if (ar->target_type != TARGET_TYPE_AR6003 &&
1228 ar->target_type != TARGET_TYPE_AR6004)
1231 /* temporarily disable system sleep */
1232 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS;
1233 status = ath6kl_bmi_reg_read(ar, address, ¶m);
1239 param |= ATH6KL_OPTION_SLEEP_DISABLE;
1240 status = ath6kl_bmi_reg_write(ar, address, param);
1244 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS;
1245 status = ath6kl_bmi_reg_read(ar, address, ¶m);
1251 param |= SM(SYSTEM_SLEEP_DISABLE, 1);
1252 status = ath6kl_bmi_reg_write(ar, address, param);
1256 ath6kl_dbg(ATH6KL_DBG_TRC, "old options: %d, old sleep: %d\n",
1259 /* program analog PLL register */
1260 /* no need to control 40/44MHz clock on AR6004 */
1261 if (ar->target_type != TARGET_TYPE_AR6004) {
1262 status = ath6kl_bmi_reg_write(ar, ATH6KL_ANALOG_PLL_REGISTER,
1268 /* Run at 80/88MHz by default */
1269 param = SM(CPU_CLOCK_STANDARD, 1);
1271 address = RTC_BASE_ADDRESS + CPU_CLOCK_ADDRESS;
1272 status = ath6kl_bmi_reg_write(ar, address, param);
1278 address = RTC_BASE_ADDRESS + LPO_CAL_ADDRESS;
1279 param = SM(LPO_CAL_ENABLE, 1);
1280 status = ath6kl_bmi_reg_write(ar, address, param);
1284 /* WAR to avoid SDIO CRC err */
1285 if (ar->version.target_ver == AR6003_REV2_VERSION) {
1286 ath6kl_err("temporary war to avoid sdio crc error\n");
1290 address = GPIO_BASE_ADDRESS + GPIO_PIN10_ADDRESS;
1291 status = ath6kl_bmi_reg_write(ar, address, param);
1295 address = GPIO_BASE_ADDRESS + GPIO_PIN11_ADDRESS;
1296 status = ath6kl_bmi_reg_write(ar, address, param);
1300 address = GPIO_BASE_ADDRESS + GPIO_PIN12_ADDRESS;
1301 status = ath6kl_bmi_reg_write(ar, address, param);
1305 address = GPIO_BASE_ADDRESS + GPIO_PIN13_ADDRESS;
1306 status = ath6kl_bmi_reg_write(ar, address, param);
1311 /* write EEPROM data to Target RAM */
1312 status = ath6kl_upload_board_file(ar);
1316 /* transfer One time Programmable data */
1317 status = ath6kl_upload_otp(ar);
1321 /* Download Target firmware */
1322 status = ath6kl_upload_firmware(ar);
1326 status = ath6kl_upload_patch(ar);
1330 /* Restore system sleep */
1331 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS;
1332 status = ath6kl_bmi_reg_write(ar, address, sleep);
1336 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS;
1337 param = options | 0x20;
1338 status = ath6kl_bmi_reg_write(ar, address, param);
1342 /* Configure GPIO AR6003 UART */
1343 param = CONFIG_AR600x_DEBUG_UART_TX_PIN;
1344 status = ath6kl_bmi_write(ar,
1345 ath6kl_get_hi_item_addr(ar,
1346 HI_ITEM(hi_dbg_uart_txpin)),
1352 static int ath6kl_init_hw_params(struct ath6kl *ar)
1354 switch (ar->version.target_ver) {
1355 case AR6003_REV2_VERSION:
1356 ar->hw.dataset_patch_addr = AR6003_REV2_DATASET_PATCH_ADDRESS;
1357 ar->hw.app_load_addr = AR6003_REV2_APP_LOAD_ADDRESS;
1358 ar->hw.app_start_override_addr = AR6003_REV2_APP_START_OVERRIDE;
1360 case AR6003_REV3_VERSION:
1361 ar->hw.dataset_patch_addr = AR6003_REV3_DATASET_PATCH_ADDRESS;
1362 ar->hw.app_load_addr = 0x1234;
1363 ar->hw.app_start_override_addr = AR6003_REV3_APP_START_OVERRIDE;
1365 case AR6004_REV1_VERSION:
1366 ar->hw.dataset_patch_addr = AR6003_REV2_DATASET_PATCH_ADDRESS;
1367 ar->hw.app_load_addr = AR6003_REV3_APP_LOAD_ADDRESS;
1368 ar->hw.app_start_override_addr = AR6003_REV3_APP_START_OVERRIDE;
1371 ath6kl_err("Unsupported hardware version: 0x%x\n",
1372 ar->version.target_ver);
1379 static int ath6kl_init(struct net_device *dev)
1381 struct ath6kl *ar = ath6kl_priv(dev);
1388 /* Do we need to finish the BMI phase */
1389 if (ath6kl_bmi_done(ar)) {
1391 goto ath6kl_init_done;
1394 /* Indicate that WMI is enabled (although not ready yet) */
1395 set_bit(WMI_ENABLED, &ar->flag);
1396 ar->wmi = ath6kl_wmi_init(ar);
1398 ath6kl_err("failed to initialize wmi\n");
1400 goto ath6kl_init_done;
1403 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: got wmi @ 0x%p.\n", __func__, ar->wmi);
1405 wlan_node_table_init(&ar->scan_table);
1408 * The reason we have to wait for the target here is that the
1409 * driver layer has to init BMI in order to set the host block
1412 if (ath6kl_htc_wait_target(ar->htc_target)) {
1414 goto err_node_cleanup;
1417 if (ath6kl_init_service_ep(ar)) {
1419 goto err_cleanup_scatter;
1422 /* setup access class priority mappings */
1423 ar->ac_stream_pri_map[WMM_AC_BK] = 0; /* lowest */
1424 ar->ac_stream_pri_map[WMM_AC_BE] = 1;
1425 ar->ac_stream_pri_map[WMM_AC_VI] = 2;
1426 ar->ac_stream_pri_map[WMM_AC_VO] = 3; /* highest */
1428 /* give our connected endpoints some buffers */
1429 ath6kl_rx_refill(ar->htc_target, ar->ctrl_ep);
1430 ath6kl_rx_refill(ar->htc_target, ar->ac2ep_map[WMM_AC_BE]);
1432 /* allocate some buffers that handle larger AMSDU frames */
1433 ath6kl_refill_amsdu_rxbufs(ar, ATH6KL_MAX_AMSDU_RX_BUFFERS);
1435 /* setup credit distribution */
1436 ath6k_setup_credit_dist(ar->htc_target, &ar->credit_state_info);
1438 ath6kl_cookie_init(ar);
1441 status = ath6kl_htc_start(ar->htc_target);
1444 ath6kl_cookie_cleanup(ar);
1445 goto err_rxbuf_cleanup;
1448 /* Wait for Wmi event to be ready */
1449 timeleft = wait_event_interruptible_timeout(ar->event_wq,
1454 if (ar->version.abi_ver != ATH6KL_ABI_VERSION) {
1455 ath6kl_err("abi version mismatch: host(0x%x), target(0x%x)\n",
1456 ATH6KL_ABI_VERSION, ar->version.abi_ver);
1461 if (!timeleft || signal_pending(current)) {
1462 ath6kl_err("wmi is not ready or wait was interrupted\n");
1467 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: wmi is ready\n", __func__);
1469 /* communicate the wmi protocol verision to the target */
1470 if ((ath6kl_set_host_app_area(ar)) != 0)
1471 ath6kl_err("unable to set the host app area\n");
1473 ar->conf_flags = ATH6KL_CONF_IGNORE_ERP_BARKER |
1474 ATH6KL_CONF_ENABLE_11N | ATH6KL_CONF_ENABLE_TX_BURST;
1476 status = ath6kl_target_config_wlan_params(ar);
1478 goto ath6kl_init_done;
1481 ath6kl_htc_stop(ar->htc_target);
1483 ath6kl_htc_flush_rx_buf(ar->htc_target);
1484 ath6kl_cleanup_amsdu_rxbufs(ar);
1485 err_cleanup_scatter:
1486 ath6kl_hif_cleanup_scatter(ar);
1488 wlan_node_table_cleanup(&ar->scan_table);
1489 ath6kl_wmi_shutdown(ar->wmi);
1490 clear_bit(WMI_ENABLED, &ar->flag);
1497 int ath6kl_core_init(struct ath6kl *ar)
1500 struct ath6kl_bmi_target_info targ_info;
1502 ar->ath6kl_wq = create_singlethread_workqueue("ath6kl");
1506 ret = ath6kl_bmi_init(ar);
1510 ret = ath6kl_bmi_get_target_info(ar, &targ_info);
1512 goto err_bmi_cleanup;
1514 ar->version.target_ver = le32_to_cpu(targ_info.version);
1515 ar->target_type = le32_to_cpu(targ_info.type);
1516 ar->wdev->wiphy->hw_version = le32_to_cpu(targ_info.version);
1518 ret = ath6kl_init_hw_params(ar);
1520 goto err_bmi_cleanup;
1522 ret = ath6kl_configure_target(ar);
1524 goto err_bmi_cleanup;
1526 ar->htc_target = ath6kl_htc_create(ar);
1528 if (!ar->htc_target) {
1530 goto err_bmi_cleanup;
1533 ar->aggr_cntxt = aggr_init(ar->net_dev);
1534 if (!ar->aggr_cntxt) {
1535 ath6kl_err("failed to initialize aggr\n");
1537 goto err_htc_cleanup;
1540 ret = ath6kl_fetch_firmwares(ar);
1542 goto err_htc_cleanup;
1544 ret = ath6kl_init_upload(ar);
1546 goto err_htc_cleanup;
1548 ret = ath6kl_init(ar->net_dev);
1550 goto err_htc_cleanup;
1552 /* This runs the init function if registered */
1553 ret = register_netdev(ar->net_dev);
1555 ath6kl_err("register_netdev failed\n");
1556 ath6kl_destroy(ar->net_dev, 0);
1560 set_bit(NETDEV_REGISTERED, &ar->flag);
1562 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: name=%s dev=0x%p, ar=0x%p\n",
1563 __func__, ar->net_dev->name, ar->net_dev, ar);
1568 ath6kl_htc_cleanup(ar->htc_target);
1570 ath6kl_bmi_cleanup(ar);
1572 destroy_workqueue(ar->ath6kl_wq);
1576 void ath6kl_stop_txrx(struct ath6kl *ar)
1578 struct net_device *ndev = ar->net_dev;
1583 set_bit(DESTROY_IN_PROGRESS, &ar->flag);
1585 if (down_interruptible(&ar->sem)) {
1586 ath6kl_err("down_interruptible failed\n");
1590 if (ar->wlan_pwr_state != WLAN_POWER_STATE_CUT_PWR)
1591 ath6kl_stop_endpoint(ndev, false, true);
1593 clear_bit(WLAN_ENABLED, &ar->flag);
1597 * We need to differentiate between the surprise and planned removal of the
1598 * device because of the following consideration:
1600 * - In case of surprise removal, the hcd already frees up the pending
1601 * for the device and hence there is no need to unregister the function
1602 * driver inorder to get these requests. For planned removal, the function
1603 * driver has to explicitly unregister itself to have the hcd return all the
1604 * pending requests before the data structures for the devices are freed up.
1605 * Note that as per the current implementation, the function driver will
1606 * end up releasing all the devices since there is no API to selectively
1607 * release a particular device.
1609 * - Certain commands issued to the target can be skipped for surprise
1610 * removal since they will anyway not go through.
1612 void ath6kl_destroy(struct net_device *dev, unsigned int unregister)
1616 if (!dev || !ath6kl_priv(dev)) {
1617 ath6kl_err("failed to get device structure\n");
1621 ar = ath6kl_priv(dev);
1623 destroy_workqueue(ar->ath6kl_wq);
1626 ath6kl_htc_cleanup(ar->htc_target);
1628 aggr_module_destroy(ar->aggr_cntxt);
1630 ath6kl_cookie_cleanup(ar);
1632 ath6kl_cleanup_amsdu_rxbufs(ar);
1634 ath6kl_bmi_cleanup(ar);
1636 ath6kl_debug_cleanup(ar);
1638 if (unregister && test_bit(NETDEV_REGISTERED, &ar->flag)) {
1639 unregister_netdev(dev);
1640 clear_bit(NETDEV_REGISTERED, &ar->flag);
1645 wlan_node_table_cleanup(&ar->scan_table);
1647 kfree(ar->fw_board);
1650 kfree(ar->fw_patch);
1652 ath6kl_cfg80211_deinit(ar);