3 * Copyright (c) 2011 Atheros Communications Inc.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 #include <linux/mmc/sdio_func.h>
25 unsigned int debug_mask;
27 module_param(debug_mask, uint, 0644);
30 * Include definitions here that can be used to tune the WLAN module
31 * behavior. Different customers can tune the behavior as per their needs,
36 * This configuration item enable/disable keepalive support.
37 * Keepalive support: In the absence of any data traffic to AP, null
38 * frames will be sent to the AP at periodic interval, to keep the association
39 * active. This configuration item defines the periodic interval.
40 * Use value of zero to disable keepalive support
43 #define WLAN_CONFIG_KEEP_ALIVE_INTERVAL 60
46 * This configuration item sets the value of disconnect timeout
47 * Firmware delays sending the disconnec event to the host for this
48 * timeout after is gets disconnected from the current AP.
49 * If the firmware successly roams within the disconnect timeout
50 * it sends a new connect event
52 #define WLAN_CONFIG_DISCONNECT_TIMEOUT 10
54 #define CONFIG_AR600x_DEBUG_UART_TX_PIN 8
59 APP_START_OVERRIDE_ADDR,
62 #define ATH6KL_DATA_OFFSET 64
63 struct sk_buff *ath6kl_buf_alloc(int size)
68 /* Add chacheline space at front and back of buffer */
69 reserved = (2 * L1_CACHE_BYTES) + ATH6KL_DATA_OFFSET +
70 sizeof(struct htc_packet) + ATH6KL_HTC_ALIGN_BYTES;
71 skb = dev_alloc_skb(size + reserved);
74 skb_reserve(skb, reserved - L1_CACHE_BYTES);
78 void ath6kl_init_profile_info(struct ath6kl *ar)
81 memset(ar->ssid, 0, sizeof(ar->ssid));
83 ar->dot11_auth_mode = OPEN_AUTH;
84 ar->auth_mode = NONE_AUTH;
85 ar->prwise_crypto = NONE_CRYPT;
86 ar->prwise_crypto_len = 0;
87 ar->grp_crypto = NONE_CRYPT;
88 ar->grp_crpto_len = 0;
89 memset(ar->wep_key_list, 0, sizeof(ar->wep_key_list));
90 memset(ar->req_bssid, 0, sizeof(ar->req_bssid));
91 memset(ar->bssid, 0, sizeof(ar->bssid));
93 ar->nw_type = ar->next_mode = INFRA_NETWORK;
96 static u8 ath6kl_get_fw_iftype(struct ath6kl *ar)
98 switch (ar->nw_type) {
100 return HI_OPTION_FW_MODE_BSS_STA;
102 return HI_OPTION_FW_MODE_IBSS;
104 return HI_OPTION_FW_MODE_AP;
106 ath6kl_err("Unsupported interface type :%d\n", ar->nw_type);
111 static inline u32 ath6kl_get_hi_item_addr(struct ath6kl *ar,
116 if (ar->target_type == TARGET_TYPE_AR6003)
117 addr = ATH6KL_AR6003_HI_START_ADDR + item_offset;
118 else if (ar->target_type == TARGET_TYPE_AR6004)
119 addr = ATH6KL_AR6004_HI_START_ADDR + item_offset;
124 static int ath6kl_set_host_app_area(struct ath6kl *ar)
127 struct host_app_area host_app_area;
129 /* Fetch the address of the host_app_area_s
130 * instance in the host interest area */
131 address = ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_app_host_interest));
132 address = TARG_VTOP(ar->target_type, address);
134 if (ath6kl_read_reg_diag(ar, &address, &data))
137 address = TARG_VTOP(ar->target_type, data);
138 host_app_area.wmi_protocol_ver = WMI_PROTOCOL_VERSION;
139 if (ath6kl_access_datadiag(ar, address,
140 (u8 *)&host_app_area,
141 sizeof(struct host_app_area), false))
147 static inline void set_ac2_ep_map(struct ath6kl *ar,
149 enum htc_endpoint_id ep)
151 ar->ac2ep_map[ac] = ep;
152 ar->ep2ac_map[ep] = ac;
155 /* connect to a service */
156 static int ath6kl_connectservice(struct ath6kl *ar,
157 struct htc_service_connect_req *con_req,
161 struct htc_service_connect_resp response;
163 memset(&response, 0, sizeof(response));
165 status = ath6kl_htc_conn_service(ar->htc_target, con_req, &response);
167 ath6kl_err("failed to connect to %s service status:%d\n",
172 switch (con_req->svc_id) {
173 case WMI_CONTROL_SVC:
174 if (test_bit(WMI_ENABLED, &ar->flag))
175 ath6kl_wmi_set_control_ep(ar->wmi, response.endpoint);
176 ar->ctrl_ep = response.endpoint;
178 case WMI_DATA_BE_SVC:
179 set_ac2_ep_map(ar, WMM_AC_BE, response.endpoint);
181 case WMI_DATA_BK_SVC:
182 set_ac2_ep_map(ar, WMM_AC_BK, response.endpoint);
184 case WMI_DATA_VI_SVC:
185 set_ac2_ep_map(ar, WMM_AC_VI, response.endpoint);
187 case WMI_DATA_VO_SVC:
188 set_ac2_ep_map(ar, WMM_AC_VO, response.endpoint);
191 ath6kl_err("service id is not mapped %d\n", con_req->svc_id);
198 static int ath6kl_init_service_ep(struct ath6kl *ar)
200 struct htc_service_connect_req connect;
202 memset(&connect, 0, sizeof(connect));
204 /* these fields are the same for all service endpoints */
205 connect.ep_cb.rx = ath6kl_rx;
206 connect.ep_cb.rx_refill = ath6kl_rx_refill;
207 connect.ep_cb.tx_full = ath6kl_tx_queue_full;
210 * Set the max queue depth so that our ath6kl_tx_queue_full handler
213 connect.max_txq_depth = MAX_DEFAULT_SEND_QUEUE_DEPTH;
214 connect.ep_cb.rx_refill_thresh = ATH6KL_MAX_RX_BUFFERS / 4;
215 if (!connect.ep_cb.rx_refill_thresh)
216 connect.ep_cb.rx_refill_thresh++;
218 /* connect to control service */
219 connect.svc_id = WMI_CONTROL_SVC;
220 if (ath6kl_connectservice(ar, &connect, "WMI CONTROL"))
223 connect.flags |= HTC_FLGS_TX_BNDL_PAD_EN;
226 * Limit the HTC message size on the send path, although e can
227 * receive A-MSDU frames of 4K, we will only send ethernet-sized
228 * (802.3) frames on the send path.
230 connect.max_rxmsg_sz = WMI_MAX_TX_DATA_FRAME_LENGTH;
233 * To reduce the amount of committed memory for larger A_MSDU
234 * frames, use the recv-alloc threshold mechanism for larger
237 connect.ep_cb.rx_alloc_thresh = ATH6KL_BUFFER_SIZE;
238 connect.ep_cb.rx_allocthresh = ath6kl_alloc_amsdu_rxbuf;
241 * For the remaining data services set the connection flag to
242 * reduce dribbling, if configured to do so.
244 connect.conn_flags |= HTC_CONN_FLGS_REDUCE_CRED_DRIB;
245 connect.conn_flags &= ~HTC_CONN_FLGS_THRESH_MASK;
246 connect.conn_flags |= HTC_CONN_FLGS_THRESH_LVL_HALF;
248 connect.svc_id = WMI_DATA_BE_SVC;
250 if (ath6kl_connectservice(ar, &connect, "WMI DATA BE"))
253 /* connect to back-ground map this to WMI LOW_PRI */
254 connect.svc_id = WMI_DATA_BK_SVC;
255 if (ath6kl_connectservice(ar, &connect, "WMI DATA BK"))
258 /* connect to Video service, map this to to HI PRI */
259 connect.svc_id = WMI_DATA_VI_SVC;
260 if (ath6kl_connectservice(ar, &connect, "WMI DATA VI"))
264 * Connect to VO service, this is currently not mapped to a WMI
265 * priority stream due to historical reasons. WMI originally
266 * defined 3 priorities over 3 mailboxes We can change this when
267 * WMI is reworked so that priorities are not dependent on
270 connect.svc_id = WMI_DATA_VO_SVC;
271 if (ath6kl_connectservice(ar, &connect, "WMI DATA VO"))
277 static void ath6kl_init_control_info(struct ath6kl *ar)
281 clear_bit(WMI_ENABLED, &ar->flag);
282 ath6kl_init_profile_info(ar);
283 ar->def_txkey_index = 0;
284 memset(ar->wep_key_list, 0, sizeof(ar->wep_key_list));
286 ar->listen_intvl_t = A_DEFAULT_LISTEN_INTERVAL;
287 ar->listen_intvl_b = 0;
289 clear_bit(SKIP_SCAN, &ar->flag);
290 set_bit(WMM_ENABLED, &ar->flag);
292 memset(&ar->sc_params, 0, sizeof(ar->sc_params));
293 ar->sc_params.short_scan_ratio = WMI_SHORTSCANRATIO_DEFAULT;
294 ar->sc_params.scan_ctrl_flags = DEFAULT_SCAN_CTRL_FLAGS;
296 memset((u8 *)ar->sta_list, 0,
297 AP_MAX_NUM_STA * sizeof(struct ath6kl_sta));
299 spin_lock_init(&ar->mcastpsq_lock);
301 /* Init the PS queues */
302 for (ctr = 0; ctr < AP_MAX_NUM_STA; ctr++) {
303 spin_lock_init(&ar->sta_list[ctr].psq_lock);
304 skb_queue_head_init(&ar->sta_list[ctr].psq);
307 skb_queue_head_init(&ar->mcastpsq);
309 memcpy(ar->ap_country_code, DEF_AP_COUNTRY_CODE, 3);
313 * Set HTC/Mbox operational parameters, this can only be called when the
314 * target is in the BMI phase.
316 static int ath6kl_set_htc_params(struct ath6kl *ar, u32 mbox_isr_yield_val,
322 blk_size = ar->mbox_info.block_size;
325 blk_size |= ((u32)htc_ctrl_buf) << 16;
327 /* set the host interest area for the block size */
328 status = ath6kl_bmi_write(ar,
329 ath6kl_get_hi_item_addr(ar,
330 HI_ITEM(hi_mbox_io_block_sz)),
334 ath6kl_err("bmi_write_memory for IO block size failed\n");
338 ath6kl_dbg(ATH6KL_DBG_TRC, "block size set: %d (target addr:0x%X)\n",
340 ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_mbox_io_block_sz)));
342 if (mbox_isr_yield_val) {
343 /* set the host interest area for the mbox ISR yield limit */
344 status = ath6kl_bmi_write(ar,
345 ath6kl_get_hi_item_addr(ar,
346 HI_ITEM(hi_mbox_isr_yield_limit)),
347 (u8 *)&mbox_isr_yield_val,
350 ath6kl_err("bmi_write_memory for yield limit failed\n");
359 #define REG_DUMP_COUNT_AR6003 60
360 #define REGISTER_DUMP_LEN_MAX 60
362 static void ath6kl_dump_target_assert_info(struct ath6kl *ar)
367 u32 regdump_val[REGISTER_DUMP_LEN_MAX];
370 if (ar->target_type != TARGET_TYPE_AR6003)
373 /* the reg dump pointer is copied to the host interest area */
374 address = ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_failure_state));
375 address = TARG_VTOP(ar->target_type, address);
377 /* read RAM location through diagnostic window */
378 status = ath6kl_read_reg_diag(ar, &address, ®dump_loc);
380 if (status || !regdump_loc) {
381 ath6kl_err("failed to get ptr to register dump area\n");
385 ath6kl_dbg(ATH6KL_DBG_TRC, "location of register dump data: 0x%X\n",
387 regdump_loc = TARG_VTOP(ar->target_type, regdump_loc);
389 /* fetch register dump data */
390 status = ath6kl_access_datadiag(ar,
392 (u8 *)®dump_val[0],
393 REG_DUMP_COUNT_AR6003 * (sizeof(u32)),
397 ath6kl_err("failed to get register dump\n");
400 ath6kl_dbg(ATH6KL_DBG_TRC, "Register Dump:\n");
402 for (i = 0; i < REG_DUMP_COUNT_AR6003; i++)
403 ath6kl_dbg(ATH6KL_DBG_TRC, " %d : 0x%8.8X\n",
408 void ath6kl_target_failure(struct ath6kl *ar)
410 ath6kl_err("target asserted\n");
412 /* try dumping target assertion information (if any) */
413 ath6kl_dump_target_assert_info(ar);
417 static int ath6kl_target_config_wlan_params(struct ath6kl *ar)
423 * Configure the device for rx dot11 header rules. "0,0" are the
424 * default values. Required if checksum offload is needed. Set
425 * RxMetaVersion to 2.
427 if (ath6kl_wmi_set_rx_frame_format_cmd(ar->wmi,
428 ar->rx_meta_ver, 0, 0)) {
429 ath6kl_err("unable to set the rx frame format\n");
433 if (ar->conf_flags & ATH6KL_CONF_IGNORE_PS_FAIL_EVT_IN_SCAN)
434 if ((ath6kl_wmi_pmparams_cmd(ar->wmi, 0, 1, 0, 0, 1,
435 IGNORE_POWER_SAVE_FAIL_EVENT_DURING_SCAN)) != 0) {
436 ath6kl_err("unable to set power save fail event policy\n");
440 if (!(ar->conf_flags & ATH6KL_CONF_IGNORE_ERP_BARKER))
441 if ((ath6kl_wmi_set_lpreamble_cmd(ar->wmi, 0,
442 WMI_DONOT_IGNORE_BARKER_IN_ERP)) != 0) {
443 ath6kl_err("unable to set barker preamble policy\n");
447 if (ath6kl_wmi_set_keepalive_cmd(ar->wmi,
448 WLAN_CONFIG_KEEP_ALIVE_INTERVAL)) {
449 ath6kl_err("unable to set keep alive interval\n");
453 if (ath6kl_wmi_disctimeout_cmd(ar->wmi,
454 WLAN_CONFIG_DISCONNECT_TIMEOUT)) {
455 ath6kl_err("unable to set disconnect timeout\n");
459 if (!(ar->conf_flags & ATH6KL_CONF_ENABLE_TX_BURST))
460 if (ath6kl_wmi_set_wmm_txop(ar->wmi, WMI_TXOP_DISABLED)) {
461 ath6kl_err("unable to set txop bursting\n");
465 ret = ath6kl_wmi_info_req_cmd(ar->wmi, P2P_FLAG_CAPABILITIES_REQ |
466 P2P_FLAG_MACADDR_REQ |
467 P2P_FLAG_HMODEL_REQ);
469 ath6kl_dbg(ATH6KL_DBG_TRC, "failed to request P2P "
470 "capabilities (%d) - assuming P2P not supported\n",
474 /* Enable Probe Request reporting for P2P */
475 ret = ath6kl_wmi_probe_report_req_cmd(ar->wmi, true);
477 ath6kl_dbg(ATH6KL_DBG_TRC, "failed to enable Probe Request "
478 "reporting (%d)\n", ret);
484 int ath6kl_configure_target(struct ath6kl *ar)
486 u32 param, ram_reserved_size;
489 fw_iftype = ath6kl_get_fw_iftype(ar);
490 if (fw_iftype == 0xff)
493 /* Tell target which HTC version it is used*/
494 param = HTC_PROTOCOL_VERSION;
495 if (ath6kl_bmi_write(ar,
496 ath6kl_get_hi_item_addr(ar,
497 HI_ITEM(hi_app_host_interest)),
498 (u8 *)¶m, 4) != 0) {
499 ath6kl_err("bmi_write_memory for htc version failed\n");
503 /* set the firmware mode to STA/IBSS/AP */
506 if (ath6kl_bmi_read(ar,
507 ath6kl_get_hi_item_addr(ar,
508 HI_ITEM(hi_option_flag)),
509 (u8 *)¶m, 4) != 0) {
510 ath6kl_err("bmi_read_memory for setting fwmode failed\n");
514 param |= (1 << HI_OPTION_NUM_DEV_SHIFT);
515 param |= (fw_iftype << HI_OPTION_FW_MODE_SHIFT);
516 param |= (0 << HI_OPTION_MAC_ADDR_METHOD_SHIFT);
517 param |= (0 << HI_OPTION_FW_BRIDGE_SHIFT);
519 if (ath6kl_bmi_write(ar,
520 ath6kl_get_hi_item_addr(ar,
521 HI_ITEM(hi_option_flag)),
524 ath6kl_err("bmi_write_memory for setting fwmode failed\n");
528 ath6kl_dbg(ATH6KL_DBG_TRC, "firmware mode set\n");
531 * Hardcode the address use for the extended board data
532 * Ideally this should be pre-allocate by the OS at boot time
533 * But since it is a new feature and board data is loaded
534 * at init time, we have to workaround this from host.
535 * It is difficult to patch the firmware boot code,
536 * but possible in theory.
539 if (ar->target_type == TARGET_TYPE_AR6003 ||
540 ar->target_type == TARGET_TYPE_AR6004) {
541 if (ar->version.target_ver == AR6003_REV2_VERSION) {
542 param = AR6003_REV2_BOARD_EXT_DATA_ADDRESS;
543 ram_reserved_size = AR6003_REV2_RAM_RESERVE_SIZE;
544 } else if (ar->version.target_ver == AR6004_REV1_VERSION) {
545 param = AR6004_REV1_BOARD_EXT_DATA_ADDRESS;
546 ram_reserved_size = AR6004_REV1_RAM_RESERVE_SIZE;
548 param = AR6003_REV3_BOARD_EXT_DATA_ADDRESS;
549 ram_reserved_size = AR6003_REV3_RAM_RESERVE_SIZE;
552 if (ath6kl_bmi_write(ar,
553 ath6kl_get_hi_item_addr(ar,
554 HI_ITEM(hi_board_ext_data)),
555 (u8 *)¶m, 4) != 0) {
556 ath6kl_err("bmi_write_memory for hi_board_ext_data failed\n");
559 if (ath6kl_bmi_write(ar,
560 ath6kl_get_hi_item_addr(ar,
561 HI_ITEM(hi_end_ram_reserve_sz)),
562 (u8 *)&ram_reserved_size, 4) != 0) {
563 ath6kl_err("bmi_write_memory for hi_end_ram_reserve_sz failed\n");
568 /* set the block size for the target */
569 if (ath6kl_set_htc_params(ar, MBOX_YIELD_LIMIT, 0))
570 /* use default number of control buffers */
576 struct ath6kl *ath6kl_core_alloc(struct device *sdev)
578 struct net_device *dev;
580 struct wireless_dev *wdev;
582 wdev = ath6kl_cfg80211_init(sdev);
584 ath6kl_err("ath6kl_cfg80211_init failed\n");
588 ar = wdev_priv(wdev);
591 wdev->iftype = NL80211_IFTYPE_STATION;
593 if (ath6kl_debug_init(ar)) {
594 ath6kl_err("Failed to initialize debugfs\n");
595 ath6kl_cfg80211_deinit(ar);
599 dev = alloc_netdev(0, "wlan%d", ether_setup);
601 ath6kl_err("no memory for network device instance\n");
602 ath6kl_cfg80211_deinit(ar);
606 dev->ieee80211_ptr = wdev;
607 SET_NETDEV_DEV(dev, wiphy_dev(wdev->wiphy));
609 ar->sme_state = SME_DISCONNECTED;
610 ar->auto_auth_stage = AUTH_IDLE;
615 set_bit(WLAN_ENABLED, &ar->flag);
617 ar->wlan_pwr_state = WLAN_POWER_STATE_ON;
619 spin_lock_init(&ar->lock);
621 ath6kl_init_control_info(ar);
622 init_waitqueue_head(&ar->event_wq);
623 sema_init(&ar->sem, 1);
624 clear_bit(DESTROY_IN_PROGRESS, &ar->flag);
626 INIT_LIST_HEAD(&ar->amsdu_rx_buffer_queue);
628 setup_timer(&ar->disconnect_timer, disconnect_timer_handler,
629 (unsigned long) dev);
634 int ath6kl_unavail_ev(struct ath6kl *ar)
636 ath6kl_destroy(ar->net_dev, 1);
641 /* firmware upload */
642 static u32 ath6kl_get_load_address(u32 target_ver, enum addr_type type)
644 WARN_ON(target_ver != AR6003_REV2_VERSION &&
645 target_ver != AR6003_REV3_VERSION &&
646 target_ver != AR6004_REV1_VERSION);
649 case DATASET_PATCH_ADDR:
650 return (target_ver == AR6003_REV2_VERSION) ?
651 AR6003_REV2_DATASET_PATCH_ADDRESS :
652 AR6003_REV3_DATASET_PATCH_ADDRESS;
654 return (target_ver == AR6003_REV2_VERSION) ?
655 AR6003_REV2_APP_LOAD_ADDRESS :
657 case APP_START_OVERRIDE_ADDR:
658 return (target_ver == AR6003_REV2_VERSION) ?
659 AR6003_REV2_APP_START_OVERRIDE :
660 AR6003_REV3_APP_START_OVERRIDE;
666 static int ath6kl_get_fw(struct ath6kl *ar, const char *filename,
667 u8 **fw, size_t *fw_len)
669 const struct firmware *fw_entry;
672 ret = request_firmware(&fw_entry, filename, ar->dev);
676 *fw_len = fw_entry->size;
677 *fw = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL);
682 release_firmware(fw_entry);
687 static int ath6kl_fetch_board_file(struct ath6kl *ar)
689 const char *filename;
692 switch (ar->version.target_ver) {
693 case AR6003_REV2_VERSION:
694 filename = AR6003_REV2_BOARD_DATA_FILE;
696 case AR6004_REV1_VERSION:
697 filename = AR6004_REV1_BOARD_DATA_FILE;
700 filename = AR6003_REV3_BOARD_DATA_FILE;
704 ret = ath6kl_get_fw(ar, filename, &ar->fw_board,
707 /* managed to get proper board file */
711 /* there was no proper board file, try to use default instead */
712 ath6kl_warn("Failed to get board file %s (%d), trying to find default board file.\n",
715 switch (ar->version.target_ver) {
716 case AR6003_REV2_VERSION:
717 filename = AR6003_REV2_DEFAULT_BOARD_DATA_FILE;
719 case AR6004_REV1_VERSION:
720 filename = AR6004_REV1_DEFAULT_BOARD_DATA_FILE;
723 filename = AR6003_REV3_DEFAULT_BOARD_DATA_FILE;
727 ret = ath6kl_get_fw(ar, filename, &ar->fw_board,
730 ath6kl_err("Failed to get default board file %s: %d\n",
735 ath6kl_warn("WARNING! No proper board file was not found, instead using a default board file.\n");
736 ath6kl_warn("Most likely your hardware won't work as specified. Install correct board file!\n");
742 static int ath6kl_upload_board_file(struct ath6kl *ar)
744 u32 board_address, board_ext_address, param;
745 u32 board_data_size, board_ext_data_size;
748 if (ar->fw_board == NULL) {
749 ret = ath6kl_fetch_board_file(ar);
755 * Determine where in Target RAM to write Board Data.
756 * For AR6004, host determine Target RAM address for
757 * writing board data.
759 if (ar->target_type == TARGET_TYPE_AR6004) {
760 board_address = AR6004_REV1_BOARD_DATA_ADDRESS;
762 ath6kl_get_hi_item_addr(ar,
763 HI_ITEM(hi_board_data)),
764 (u8 *) &board_address, 4);
767 ath6kl_get_hi_item_addr(ar,
768 HI_ITEM(hi_board_data)),
769 (u8 *) &board_address, 4);
772 ath6kl_dbg(ATH6KL_DBG_TRC, "board data download addr: 0x%x\n",
775 /* determine where in target ram to write extended board data */
777 ath6kl_get_hi_item_addr(ar,
778 HI_ITEM(hi_board_ext_data)),
779 (u8 *) &board_ext_address, 4);
781 ath6kl_dbg(ATH6KL_DBG_TRC, "board file download addr: 0x%x\n",
784 if (board_ext_address == 0) {
785 ath6kl_err("Failed to get board file target address.\n");
789 switch (ar->target_type) {
790 case TARGET_TYPE_AR6003:
791 board_data_size = AR6003_BOARD_DATA_SZ;
792 board_ext_data_size = AR6003_BOARD_EXT_DATA_SZ;
794 case TARGET_TYPE_AR6004:
795 board_data_size = AR6004_BOARD_DATA_SZ;
796 board_ext_data_size = AR6004_BOARD_EXT_DATA_SZ;
804 if (ar->fw_board_len == (board_data_size +
805 board_ext_data_size)) {
807 /* write extended board data */
808 ret = ath6kl_bmi_write(ar, board_ext_address,
809 ar->fw_board + board_data_size,
810 board_ext_data_size);
812 ath6kl_err("Failed to write extended board data: %d\n",
817 /* record that extended board data is initialized */
818 param = (board_ext_data_size << 16) | 1;
821 ath6kl_get_hi_item_addr(ar,
822 HI_ITEM(hi_board_ext_data_config)),
823 (unsigned char *) ¶m, 4);
826 if (ar->fw_board_len < board_data_size) {
827 ath6kl_err("Too small board file: %zu\n", ar->fw_board_len);
832 ret = ath6kl_bmi_write(ar, board_address, ar->fw_board,
836 ath6kl_err("Board file bmi write failed: %d\n", ret);
840 /* record the fact that Board Data IS initialized */
843 ath6kl_get_hi_item_addr(ar,
844 HI_ITEM(hi_board_data_initialized)),
850 static int ath6kl_upload_otp(struct ath6kl *ar)
852 const char *filename;
856 switch (ar->version.target_ver) {
857 case AR6003_REV2_VERSION:
858 filename = AR6003_REV2_OTP_FILE;
860 case AR6004_REV1_VERSION:
861 ath6kl_dbg(ATH6KL_DBG_TRC, "AR6004 doesn't need OTP file\n");
865 filename = AR6003_REV3_OTP_FILE;
869 if (ar->fw_otp == NULL) {
870 ret = ath6kl_get_fw(ar, filename, &ar->fw_otp,
873 ath6kl_err("Failed to get OTP file %s: %d\n",
879 address = ath6kl_get_load_address(ar->version.target_ver,
882 ret = ath6kl_bmi_fast_download(ar, address, ar->fw_otp,
885 ath6kl_err("Failed to upload OTP file: %d\n", ret);
889 /* execute the OTP code */
891 address = ath6kl_get_load_address(ar->version.target_ver,
892 APP_START_OVERRIDE_ADDR);
893 ath6kl_bmi_execute(ar, address, ¶m);
898 static int ath6kl_upload_firmware(struct ath6kl *ar)
900 const char *filename;
904 switch (ar->version.target_ver) {
905 case AR6003_REV2_VERSION:
906 filename = AR6003_REV2_FIRMWARE_FILE;
908 case AR6004_REV1_VERSION:
909 filename = AR6004_REV1_FIRMWARE_FILE;
912 filename = AR6003_REV3_FIRMWARE_FILE;
916 if (ar->fw == NULL) {
917 ret = ath6kl_get_fw(ar, filename, &ar->fw, &ar->fw_len);
919 ath6kl_err("Failed to get firmware file %s: %d\n",
925 address = ath6kl_get_load_address(ar->version.target_ver,
928 ret = ath6kl_bmi_fast_download(ar, address, ar->fw, ar->fw_len);
931 ath6kl_err("Failed to write firmware: %d\n", ret);
936 * Set starting address for firmware
937 * Don't need to setup app_start override addr on AR6004
939 if (ar->target_type != TARGET_TYPE_AR6004) {
940 address = ath6kl_get_load_address(ar->version.target_ver,
941 APP_START_OVERRIDE_ADDR);
942 ath6kl_bmi_set_app_start(ar, address);
947 static int ath6kl_upload_patch(struct ath6kl *ar)
949 const char *filename;
953 switch (ar->version.target_ver) {
954 case AR6003_REV2_VERSION:
955 filename = AR6003_REV2_PATCH_FILE;
957 case AR6004_REV1_VERSION:
958 /* FIXME: implement for AR6004 */
962 filename = AR6003_REV3_PATCH_FILE;
966 if (ar->fw_patch == NULL) {
967 ret = ath6kl_get_fw(ar, filename, &ar->fw_patch,
970 ath6kl_err("Failed to get patch file %s: %d\n",
976 address = ath6kl_get_load_address(ar->version.target_ver,
979 ret = ath6kl_bmi_write(ar, address, ar->fw_patch, ar->fw_patch_len);
981 ath6kl_err("Failed to write patch file: %d\n", ret);
987 ath6kl_get_hi_item_addr(ar,
988 HI_ITEM(hi_dset_list_head)),
989 (unsigned char *) ¶m, 4);
994 static int ath6kl_init_upload(struct ath6kl *ar)
996 u32 param, options, sleep, address;
999 if (ar->target_type != TARGET_TYPE_AR6003 &&
1000 ar->target_type != TARGET_TYPE_AR6004)
1003 /* temporarily disable system sleep */
1004 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS;
1005 status = ath6kl_bmi_reg_read(ar, address, ¶m);
1011 param |= ATH6KL_OPTION_SLEEP_DISABLE;
1012 status = ath6kl_bmi_reg_write(ar, address, param);
1016 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS;
1017 status = ath6kl_bmi_reg_read(ar, address, ¶m);
1023 param |= SM(SYSTEM_SLEEP_DISABLE, 1);
1024 status = ath6kl_bmi_reg_write(ar, address, param);
1028 ath6kl_dbg(ATH6KL_DBG_TRC, "old options: %d, old sleep: %d\n",
1031 /* program analog PLL register */
1032 /* no need to control 40/44MHz clock on AR6004 */
1033 if (ar->target_type != TARGET_TYPE_AR6004) {
1034 status = ath6kl_bmi_reg_write(ar, ATH6KL_ANALOG_PLL_REGISTER,
1040 /* Run at 80/88MHz by default */
1041 param = SM(CPU_CLOCK_STANDARD, 1);
1043 address = RTC_BASE_ADDRESS + CPU_CLOCK_ADDRESS;
1044 status = ath6kl_bmi_reg_write(ar, address, param);
1050 address = RTC_BASE_ADDRESS + LPO_CAL_ADDRESS;
1051 param = SM(LPO_CAL_ENABLE, 1);
1052 status = ath6kl_bmi_reg_write(ar, address, param);
1056 /* WAR to avoid SDIO CRC err */
1057 if (ar->version.target_ver == AR6003_REV2_VERSION) {
1058 ath6kl_err("temporary war to avoid sdio crc error\n");
1062 address = GPIO_BASE_ADDRESS + GPIO_PIN10_ADDRESS;
1063 status = ath6kl_bmi_reg_write(ar, address, param);
1067 address = GPIO_BASE_ADDRESS + GPIO_PIN11_ADDRESS;
1068 status = ath6kl_bmi_reg_write(ar, address, param);
1072 address = GPIO_BASE_ADDRESS + GPIO_PIN12_ADDRESS;
1073 status = ath6kl_bmi_reg_write(ar, address, param);
1077 address = GPIO_BASE_ADDRESS + GPIO_PIN13_ADDRESS;
1078 status = ath6kl_bmi_reg_write(ar, address, param);
1083 /* write EEPROM data to Target RAM */
1084 status = ath6kl_upload_board_file(ar);
1088 /* transfer One time Programmable data */
1089 status = ath6kl_upload_otp(ar);
1093 /* Download Target firmware */
1094 status = ath6kl_upload_firmware(ar);
1098 status = ath6kl_upload_patch(ar);
1102 /* Restore system sleep */
1103 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS;
1104 status = ath6kl_bmi_reg_write(ar, address, sleep);
1108 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS;
1109 param = options | 0x20;
1110 status = ath6kl_bmi_reg_write(ar, address, param);
1114 /* Configure GPIO AR6003 UART */
1115 param = CONFIG_AR600x_DEBUG_UART_TX_PIN;
1116 status = ath6kl_bmi_write(ar,
1117 ath6kl_get_hi_item_addr(ar,
1118 HI_ITEM(hi_dbg_uart_txpin)),
1124 static int ath6kl_init(struct net_device *dev)
1126 struct ath6kl *ar = ath6kl_priv(dev);
1133 /* Do we need to finish the BMI phase */
1134 if (ath6kl_bmi_done(ar)) {
1136 goto ath6kl_init_done;
1139 /* Indicate that WMI is enabled (although not ready yet) */
1140 set_bit(WMI_ENABLED, &ar->flag);
1141 ar->wmi = ath6kl_wmi_init(ar);
1143 ath6kl_err("failed to initialize wmi\n");
1145 goto ath6kl_init_done;
1148 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: got wmi @ 0x%p.\n", __func__, ar->wmi);
1150 wlan_node_table_init(&ar->scan_table);
1153 * The reason we have to wait for the target here is that the
1154 * driver layer has to init BMI in order to set the host block
1157 if (ath6kl_htc_wait_target(ar->htc_target)) {
1159 goto err_node_cleanup;
1162 if (ath6kl_init_service_ep(ar)) {
1164 goto err_cleanup_scatter;
1167 /* setup access class priority mappings */
1168 ar->ac_stream_pri_map[WMM_AC_BK] = 0; /* lowest */
1169 ar->ac_stream_pri_map[WMM_AC_BE] = 1;
1170 ar->ac_stream_pri_map[WMM_AC_VI] = 2;
1171 ar->ac_stream_pri_map[WMM_AC_VO] = 3; /* highest */
1173 /* give our connected endpoints some buffers */
1174 ath6kl_rx_refill(ar->htc_target, ar->ctrl_ep);
1175 ath6kl_rx_refill(ar->htc_target, ar->ac2ep_map[WMM_AC_BE]);
1177 /* allocate some buffers that handle larger AMSDU frames */
1178 ath6kl_refill_amsdu_rxbufs(ar, ATH6KL_MAX_AMSDU_RX_BUFFERS);
1180 /* setup credit distribution */
1181 ath6k_setup_credit_dist(ar->htc_target, &ar->credit_state_info);
1183 ath6kl_cookie_init(ar);
1186 status = ath6kl_htc_start(ar->htc_target);
1189 ath6kl_cookie_cleanup(ar);
1190 goto err_rxbuf_cleanup;
1193 /* Wait for Wmi event to be ready */
1194 timeleft = wait_event_interruptible_timeout(ar->event_wq,
1199 if (ar->version.abi_ver != ATH6KL_ABI_VERSION) {
1200 ath6kl_err("abi version mismatch: host(0x%x), target(0x%x)\n",
1201 ATH6KL_ABI_VERSION, ar->version.abi_ver);
1206 if (!timeleft || signal_pending(current)) {
1207 ath6kl_err("wmi is not ready or wait was interrupted\n");
1212 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: wmi is ready\n", __func__);
1214 /* communicate the wmi protocol verision to the target */
1215 if ((ath6kl_set_host_app_area(ar)) != 0)
1216 ath6kl_err("unable to set the host app area\n");
1218 ar->conf_flags = ATH6KL_CONF_IGNORE_ERP_BARKER |
1219 ATH6KL_CONF_ENABLE_11N | ATH6KL_CONF_ENABLE_TX_BURST;
1221 status = ath6kl_target_config_wlan_params(ar);
1223 goto ath6kl_init_done;
1226 ath6kl_htc_stop(ar->htc_target);
1228 ath6kl_htc_flush_rx_buf(ar->htc_target);
1229 ath6kl_cleanup_amsdu_rxbufs(ar);
1230 err_cleanup_scatter:
1231 ath6kl_hif_cleanup_scatter(ar);
1233 wlan_node_table_cleanup(&ar->scan_table);
1234 ath6kl_wmi_shutdown(ar->wmi);
1235 clear_bit(WMI_ENABLED, &ar->flag);
1242 int ath6kl_core_init(struct ath6kl *ar)
1245 struct ath6kl_bmi_target_info targ_info;
1247 ar->ath6kl_wq = create_singlethread_workqueue("ath6kl");
1251 ret = ath6kl_bmi_init(ar);
1255 ret = ath6kl_bmi_get_target_info(ar, &targ_info);
1257 goto err_bmi_cleanup;
1259 ar->version.target_ver = le32_to_cpu(targ_info.version);
1260 ar->target_type = le32_to_cpu(targ_info.type);
1261 ar->wdev->wiphy->hw_version = le32_to_cpu(targ_info.version);
1263 ret = ath6kl_configure_target(ar);
1265 goto err_bmi_cleanup;
1267 ar->htc_target = ath6kl_htc_create(ar);
1269 if (!ar->htc_target) {
1271 goto err_bmi_cleanup;
1274 ar->aggr_cntxt = aggr_init(ar->net_dev);
1275 if (!ar->aggr_cntxt) {
1276 ath6kl_err("failed to initialize aggr\n");
1278 goto err_htc_cleanup;
1281 ret = ath6kl_init_upload(ar);
1283 goto err_htc_cleanup;
1285 ret = ath6kl_init(ar->net_dev);
1287 goto err_htc_cleanup;
1289 /* This runs the init function if registered */
1290 ret = register_netdev(ar->net_dev);
1292 ath6kl_err("register_netdev failed\n");
1293 ath6kl_destroy(ar->net_dev, 0);
1297 set_bit(NETDEV_REGISTERED, &ar->flag);
1299 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: name=%s dev=0x%p, ar=0x%p\n",
1300 __func__, ar->net_dev->name, ar->net_dev, ar);
1305 ath6kl_htc_cleanup(ar->htc_target);
1307 ath6kl_bmi_cleanup(ar);
1309 destroy_workqueue(ar->ath6kl_wq);
1313 void ath6kl_stop_txrx(struct ath6kl *ar)
1315 struct net_device *ndev = ar->net_dev;
1320 set_bit(DESTROY_IN_PROGRESS, &ar->flag);
1322 if (down_interruptible(&ar->sem)) {
1323 ath6kl_err("down_interruptible failed\n");
1327 if (ar->wlan_pwr_state != WLAN_POWER_STATE_CUT_PWR)
1328 ath6kl_stop_endpoint(ndev, false, true);
1330 clear_bit(WLAN_ENABLED, &ar->flag);
1334 * We need to differentiate between the surprise and planned removal of the
1335 * device because of the following consideration:
1337 * - In case of surprise removal, the hcd already frees up the pending
1338 * for the device and hence there is no need to unregister the function
1339 * driver inorder to get these requests. For planned removal, the function
1340 * driver has to explicitly unregister itself to have the hcd return all the
1341 * pending requests before the data structures for the devices are freed up.
1342 * Note that as per the current implementation, the function driver will
1343 * end up releasing all the devices since there is no API to selectively
1344 * release a particular device.
1346 * - Certain commands issued to the target can be skipped for surprise
1347 * removal since they will anyway not go through.
1349 void ath6kl_destroy(struct net_device *dev, unsigned int unregister)
1353 if (!dev || !ath6kl_priv(dev)) {
1354 ath6kl_err("failed to get device structure\n");
1358 ar = ath6kl_priv(dev);
1360 destroy_workqueue(ar->ath6kl_wq);
1363 ath6kl_htc_cleanup(ar->htc_target);
1365 aggr_module_destroy(ar->aggr_cntxt);
1367 ath6kl_cookie_cleanup(ar);
1369 ath6kl_cleanup_amsdu_rxbufs(ar);
1371 ath6kl_bmi_cleanup(ar);
1373 if (unregister && test_bit(NETDEV_REGISTERED, &ar->flag)) {
1374 unregister_netdev(dev);
1375 clear_bit(NETDEV_REGISTERED, &ar->flag);
1380 wlan_node_table_cleanup(&ar->scan_table);
1382 kfree(ar->fw_board);
1385 kfree(ar->fw_patch);
1387 ath6kl_cfg80211_deinit(ar);