root/drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. rtl8187_iowrite_async_cb
  2. rtl8187_iowrite_async
  3. rtl818x_iowrite32_async
  4. rtl8187_write_phy
  5. rtl8187_tx_cb
  6. rtl8187_tx
  7. rtl8187_rx_cb
  8. rtl8187_init_urbs
  9. rtl8187b_status_cb
  10. rtl8187b_init_status_urb
  11. rtl8187_set_anaparam
  12. rtl8187_cmd_reset
  13. rtl8187_init_hw
  14. rtl8187b_init_hw
  15. rtl8187_work
  16. rtl8187_start
  17. rtl8187_stop
  18. rtl8187_get_tsf
  19. rtl8187_beacon_work
  20. rtl8187_add_interface
  21. rtl8187_remove_interface
  22. rtl8187_config
  23. rtl8187_conf_erp
  24. rtl8187_bss_info_changed
  25. rtl8187_prepare_multicast
  26. rtl8187_configure_filter
  27. rtl8187_conf_tx
  28. rtl8187_eeprom_register_read
  29. rtl8187_eeprom_register_write
  30. rtl8187_probe
  31. rtl8187_disconnect
   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * Linux device driver for RTL8187
   4  *
   5  * Copyright 2007 Michael Wu <flamingice@sourmilk.net>
   6  * Copyright 2007 Andrea Merello <andrea.merello@gmail.com>
   7  *
   8  * Based on the r8187 driver, which is:
   9  * Copyright 2005 Andrea Merello <andrea.merello@gmail.com>, et al.
  10  *
  11  * The driver was extended to the RTL8187B in 2008 by:
  12  *      Herton Ronaldo Krzesinski <herton@mandriva.com.br>
  13  *      Hin-Tak Leung <htl10@users.sourceforge.net>
  14  *      Larry Finger <Larry.Finger@lwfinger.net>
  15  *
  16  * Magic delays and register offsets below are taken from the original
  17  * r8187 driver sources.  Thanks to Realtek for their support!
  18  */
  19 
  20 #include <linux/usb.h>
  21 #include <linux/slab.h>
  22 #include <linux/delay.h>
  23 #include <linux/etherdevice.h>
  24 #include <linux/eeprom_93cx6.h>
  25 #include <linux/module.h>
  26 #include <net/mac80211.h>
  27 
  28 #include "rtl8187.h"
  29 #include "rtl8225.h"
  30 #ifdef CONFIG_RTL8187_LEDS
  31 #include "leds.h"
  32 #endif
  33 #include "rfkill.h"
  34 
  35 MODULE_AUTHOR("Michael Wu <flamingice@sourmilk.net>");
  36 MODULE_AUTHOR("Andrea Merello <andrea.merello@gmail.com>");
  37 MODULE_AUTHOR("Herton Ronaldo Krzesinski <herton@mandriva.com.br>");
  38 MODULE_AUTHOR("Hin-Tak Leung <htl10@users.sourceforge.net>");
  39 MODULE_AUTHOR("Larry Finger <Larry.Finger@lwfinger.net>");
  40 MODULE_DESCRIPTION("RTL8187/RTL8187B USB wireless driver");
  41 MODULE_LICENSE("GPL");
  42 
  43 static const struct usb_device_id rtl8187_table[] = {
  44         /* Asus */
  45         {USB_DEVICE(0x0b05, 0x171d), .driver_info = DEVICE_RTL8187},
  46         /* Belkin */
  47         {USB_DEVICE(0x050d, 0x705e), .driver_info = DEVICE_RTL8187B},
  48         /* Realtek */
  49         {USB_DEVICE(0x0bda, 0x8187), .driver_info = DEVICE_RTL8187},
  50         {USB_DEVICE(0x0bda, 0x8189), .driver_info = DEVICE_RTL8187B},
  51         {USB_DEVICE(0x0bda, 0x8197), .driver_info = DEVICE_RTL8187B},
  52         {USB_DEVICE(0x0bda, 0x8198), .driver_info = DEVICE_RTL8187B},
  53         /* Surecom */
  54         {USB_DEVICE(0x0769, 0x11F2), .driver_info = DEVICE_RTL8187},
  55         /* Logitech */
  56         {USB_DEVICE(0x0789, 0x010C), .driver_info = DEVICE_RTL8187},
  57         /* Netgear */
  58         {USB_DEVICE(0x0846, 0x6100), .driver_info = DEVICE_RTL8187},
  59         {USB_DEVICE(0x0846, 0x6a00), .driver_info = DEVICE_RTL8187},
  60         {USB_DEVICE(0x0846, 0x4260), .driver_info = DEVICE_RTL8187B},
  61         /* HP */
  62         {USB_DEVICE(0x03f0, 0xca02), .driver_info = DEVICE_RTL8187},
  63         /* Sitecom */
  64         {USB_DEVICE(0x0df6, 0x000d), .driver_info = DEVICE_RTL8187},
  65         {USB_DEVICE(0x0df6, 0x0028), .driver_info = DEVICE_RTL8187B},
  66         {USB_DEVICE(0x0df6, 0x0029), .driver_info = DEVICE_RTL8187B},
  67         /* Sphairon Access Systems GmbH */
  68         {USB_DEVICE(0x114B, 0x0150), .driver_info = DEVICE_RTL8187},
  69         /* Dick Smith Electronics */
  70         {USB_DEVICE(0x1371, 0x9401), .driver_info = DEVICE_RTL8187},
  71         /* Abocom */
  72         {USB_DEVICE(0x13d1, 0xabe6), .driver_info = DEVICE_RTL8187},
  73         /* Qcom */
  74         {USB_DEVICE(0x18E8, 0x6232), .driver_info = DEVICE_RTL8187},
  75         /* AirLive */
  76         {USB_DEVICE(0x1b75, 0x8187), .driver_info = DEVICE_RTL8187},
  77         /* Linksys */
  78         {USB_DEVICE(0x1737, 0x0073), .driver_info = DEVICE_RTL8187B},
  79         {}
  80 };
  81 
  82 MODULE_DEVICE_TABLE(usb, rtl8187_table);
  83 
  84 static const struct ieee80211_rate rtl818x_rates[] = {
  85         { .bitrate = 10, .hw_value = 0, },
  86         { .bitrate = 20, .hw_value = 1, },
  87         { .bitrate = 55, .hw_value = 2, },
  88         { .bitrate = 110, .hw_value = 3, },
  89         { .bitrate = 60, .hw_value = 4, },
  90         { .bitrate = 90, .hw_value = 5, },
  91         { .bitrate = 120, .hw_value = 6, },
  92         { .bitrate = 180, .hw_value = 7, },
  93         { .bitrate = 240, .hw_value = 8, },
  94         { .bitrate = 360, .hw_value = 9, },
  95         { .bitrate = 480, .hw_value = 10, },
  96         { .bitrate = 540, .hw_value = 11, },
  97 };
  98 
  99 static const struct ieee80211_channel rtl818x_channels[] = {
 100         { .center_freq = 2412 },
 101         { .center_freq = 2417 },
 102         { .center_freq = 2422 },
 103         { .center_freq = 2427 },
 104         { .center_freq = 2432 },
 105         { .center_freq = 2437 },
 106         { .center_freq = 2442 },
 107         { .center_freq = 2447 },
 108         { .center_freq = 2452 },
 109         { .center_freq = 2457 },
 110         { .center_freq = 2462 },
 111         { .center_freq = 2467 },
 112         { .center_freq = 2472 },
 113         { .center_freq = 2484 },
 114 };
 115 
 116 static void rtl8187_iowrite_async_cb(struct urb *urb)
 117 {
 118         kfree(urb->context);
 119 }
 120 
 121 static void rtl8187_iowrite_async(struct rtl8187_priv *priv, __le16 addr,
 122                                   void *data, u16 len)
 123 {
 124         struct usb_ctrlrequest *dr;
 125         struct urb *urb;
 126         struct rtl8187_async_write_data {
 127                 u8 data[4];
 128                 struct usb_ctrlrequest dr;
 129         } *buf;
 130         int rc;
 131 
 132         buf = kmalloc(sizeof(*buf), GFP_ATOMIC);
 133         if (!buf)
 134                 return;
 135 
 136         urb = usb_alloc_urb(0, GFP_ATOMIC);
 137         if (!urb) {
 138                 kfree(buf);
 139                 return;
 140         }
 141 
 142         dr = &buf->dr;
 143 
 144         dr->bRequestType = RTL8187_REQT_WRITE;
 145         dr->bRequest = RTL8187_REQ_SET_REG;
 146         dr->wValue = addr;
 147         dr->wIndex = 0;
 148         dr->wLength = cpu_to_le16(len);
 149 
 150         memcpy(buf, data, len);
 151 
 152         usb_fill_control_urb(urb, priv->udev, usb_sndctrlpipe(priv->udev, 0),
 153                              (unsigned char *)dr, buf, len,
 154                              rtl8187_iowrite_async_cb, buf);
 155         usb_anchor_urb(urb, &priv->anchored);
 156         rc = usb_submit_urb(urb, GFP_ATOMIC);
 157         if (rc < 0) {
 158                 kfree(buf);
 159                 usb_unanchor_urb(urb);
 160         }
 161         usb_free_urb(urb);
 162 }
 163 
 164 static inline void rtl818x_iowrite32_async(struct rtl8187_priv *priv,
 165                                            __le32 *addr, u32 val)
 166 {
 167         __le32 buf = cpu_to_le32(val);
 168 
 169         rtl8187_iowrite_async(priv, cpu_to_le16((unsigned long)addr),
 170                               &buf, sizeof(buf));
 171 }
 172 
 173 void rtl8187_write_phy(struct ieee80211_hw *dev, u8 addr, u32 data)
 174 {
 175         struct rtl8187_priv *priv = dev->priv;
 176 
 177         data <<= 8;
 178         data |= addr | 0x80;
 179 
 180         rtl818x_iowrite8(priv, &priv->map->PHY[3], (data >> 24) & 0xFF);
 181         rtl818x_iowrite8(priv, &priv->map->PHY[2], (data >> 16) & 0xFF);
 182         rtl818x_iowrite8(priv, &priv->map->PHY[1], (data >> 8) & 0xFF);
 183         rtl818x_iowrite8(priv, &priv->map->PHY[0], data & 0xFF);
 184 }
 185 
 186 static void rtl8187_tx_cb(struct urb *urb)
 187 {
 188         struct sk_buff *skb = (struct sk_buff *)urb->context;
 189         struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 190         struct ieee80211_hw *hw = info->rate_driver_data[0];
 191         struct rtl8187_priv *priv = hw->priv;
 192 
 193         skb_pull(skb, priv->is_rtl8187b ? sizeof(struct rtl8187b_tx_hdr) :
 194                                           sizeof(struct rtl8187_tx_hdr));
 195         ieee80211_tx_info_clear_status(info);
 196 
 197         if (!(urb->status) && !(info->flags & IEEE80211_TX_CTL_NO_ACK)) {
 198                 if (priv->is_rtl8187b) {
 199                         skb_queue_tail(&priv->b_tx_status.queue, skb);
 200 
 201                         /* queue is "full", discard last items */
 202                         while (skb_queue_len(&priv->b_tx_status.queue) > 5) {
 203                                 struct sk_buff *old_skb;
 204 
 205                                 dev_dbg(&priv->udev->dev,
 206                                         "transmit status queue full\n");
 207 
 208                                 old_skb = skb_dequeue(&priv->b_tx_status.queue);
 209                                 ieee80211_tx_status_irqsafe(hw, old_skb);
 210                         }
 211                         return;
 212                 } else {
 213                         info->flags |= IEEE80211_TX_STAT_ACK;
 214                 }
 215         }
 216         if (priv->is_rtl8187b)
 217                 ieee80211_tx_status_irqsafe(hw, skb);
 218         else {
 219                 /* Retry information for the RTI8187 is only available by
 220                  * reading a register in the device. We are in interrupt mode
 221                  * here, thus queue the skb and finish on a work queue. */
 222                 skb_queue_tail(&priv->b_tx_status.queue, skb);
 223                 ieee80211_queue_delayed_work(hw, &priv->work, 0);
 224         }
 225 }
 226 
 227 static void rtl8187_tx(struct ieee80211_hw *dev,
 228                        struct ieee80211_tx_control *control,
 229                        struct sk_buff *skb)
 230 {
 231         struct rtl8187_priv *priv = dev->priv;
 232         struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 233         struct ieee80211_hdr *tx_hdr =  (struct ieee80211_hdr *)(skb->data);
 234         unsigned int ep;
 235         void *buf;
 236         struct urb *urb;
 237         __le16 rts_dur = 0;
 238         u32 flags;
 239         int rc;
 240 
 241         urb = usb_alloc_urb(0, GFP_ATOMIC);
 242         if (!urb) {
 243                 kfree_skb(skb);
 244                 return;
 245         }
 246 
 247         flags = skb->len;
 248         flags |= RTL818X_TX_DESC_FLAG_NO_ENC;
 249 
 250         flags |= ieee80211_get_tx_rate(dev, info)->hw_value << 24;
 251         if (ieee80211_has_morefrags(tx_hdr->frame_control))
 252                 flags |= RTL818X_TX_DESC_FLAG_MOREFRAG;
 253 
 254         /* HW will perform RTS-CTS when only RTS flags is set.
 255          * HW will perform CTS-to-self when both RTS and CTS flags are set.
 256          * RTS rate and RTS duration will be used also for CTS-to-self.
 257          */
 258         if (info->control.rates[0].flags & IEEE80211_TX_RC_USE_RTS_CTS) {
 259                 flags |= RTL818X_TX_DESC_FLAG_RTS;
 260                 flags |= ieee80211_get_rts_cts_rate(dev, info)->hw_value << 19;
 261                 rts_dur = ieee80211_rts_duration(dev, priv->vif,
 262                                                  skb->len, info);
 263         } else if (info->control.rates[0].flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
 264                 flags |= RTL818X_TX_DESC_FLAG_RTS | RTL818X_TX_DESC_FLAG_CTS;
 265                 flags |= ieee80211_get_rts_cts_rate(dev, info)->hw_value << 19;
 266                 rts_dur = ieee80211_ctstoself_duration(dev, priv->vif,
 267                                                  skb->len, info);
 268         }
 269 
 270         if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) {
 271                 if (info->flags & IEEE80211_TX_CTL_FIRST_FRAGMENT)
 272                         priv->seqno += 0x10;
 273                 tx_hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
 274                 tx_hdr->seq_ctrl |= cpu_to_le16(priv->seqno);
 275         }
 276 
 277         if (!priv->is_rtl8187b) {
 278                 struct rtl8187_tx_hdr *hdr = skb_push(skb, sizeof(*hdr));
 279                 hdr->flags = cpu_to_le32(flags);
 280                 hdr->len = 0;
 281                 hdr->rts_duration = rts_dur;
 282                 hdr->retry = cpu_to_le32((info->control.rates[0].count - 1) << 8);
 283                 buf = hdr;
 284 
 285                 ep = 2;
 286         } else {
 287                 /* fc needs to be calculated before skb_push() */
 288                 unsigned int epmap[4] = { 6, 7, 5, 4 };
 289                 u16 fc = le16_to_cpu(tx_hdr->frame_control);
 290 
 291                 struct rtl8187b_tx_hdr *hdr = skb_push(skb, sizeof(*hdr));
 292                 struct ieee80211_rate *txrate =
 293                         ieee80211_get_tx_rate(dev, info);
 294                 memset(hdr, 0, sizeof(*hdr));
 295                 hdr->flags = cpu_to_le32(flags);
 296                 hdr->rts_duration = rts_dur;
 297                 hdr->retry = cpu_to_le32((info->control.rates[0].count - 1) << 8);
 298                 hdr->tx_duration =
 299                         ieee80211_generic_frame_duration(dev, priv->vif,
 300                                                          info->band,
 301                                                          skb->len, txrate);
 302                 buf = hdr;
 303 
 304                 if ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_MGMT)
 305                         ep = 12;
 306                 else
 307                         ep = epmap[skb_get_queue_mapping(skb)];
 308         }
 309 
 310         info->rate_driver_data[0] = dev;
 311         info->rate_driver_data[1] = urb;
 312 
 313         usb_fill_bulk_urb(urb, priv->udev, usb_sndbulkpipe(priv->udev, ep),
 314                           buf, skb->len, rtl8187_tx_cb, skb);
 315         urb->transfer_flags |= URB_ZERO_PACKET;
 316         usb_anchor_urb(urb, &priv->anchored);
 317         rc = usb_submit_urb(urb, GFP_ATOMIC);
 318         if (rc < 0) {
 319                 usb_unanchor_urb(urb);
 320                 kfree_skb(skb);
 321         }
 322         usb_free_urb(urb);
 323 }
 324 
 325 static void rtl8187_rx_cb(struct urb *urb)
 326 {
 327         struct sk_buff *skb = (struct sk_buff *)urb->context;
 328         struct rtl8187_rx_info *info = (struct rtl8187_rx_info *)skb->cb;
 329         struct ieee80211_hw *dev = info->dev;
 330         struct rtl8187_priv *priv = dev->priv;
 331         struct ieee80211_rx_status rx_status = { 0 };
 332         int rate, signal;
 333         u32 flags;
 334         unsigned long f;
 335 
 336         spin_lock_irqsave(&priv->rx_queue.lock, f);
 337         __skb_unlink(skb, &priv->rx_queue);
 338         spin_unlock_irqrestore(&priv->rx_queue.lock, f);
 339         skb_put(skb, urb->actual_length);
 340 
 341         if (unlikely(urb->status)) {
 342                 dev_kfree_skb_irq(skb);
 343                 return;
 344         }
 345 
 346         if (!priv->is_rtl8187b) {
 347                 struct rtl8187_rx_hdr *hdr =
 348                         (typeof(hdr))(skb_tail_pointer(skb) - sizeof(*hdr));
 349                 flags = le32_to_cpu(hdr->flags);
 350                 /* As with the RTL8187B below, the AGC is used to calculate
 351                  * signal strength. In this case, the scaling
 352                  * constants are derived from the output of p54usb.
 353                  */
 354                 signal = -4 - ((27 * hdr->agc) >> 6);
 355                 rx_status.antenna = (hdr->signal >> 7) & 1;
 356                 rx_status.mactime = le64_to_cpu(hdr->mac_time);
 357         } else {
 358                 struct rtl8187b_rx_hdr *hdr =
 359                         (typeof(hdr))(skb_tail_pointer(skb) - sizeof(*hdr));
 360                 /* The Realtek datasheet for the RTL8187B shows that the RX
 361                  * header contains the following quantities: signal quality,
 362                  * RSSI, AGC, the received power in dB, and the measured SNR.
 363                  * In testing, none of these quantities show qualitative
 364                  * agreement with AP signal strength, except for the AGC,
 365                  * which is inversely proportional to the strength of the
 366                  * signal. In the following, the signal strength
 367                  * is derived from the AGC. The arbitrary scaling constants
 368                  * are chosen to make the results close to the values obtained
 369                  * for a BCM4312 using b43 as the driver. The noise is ignored
 370                  * for now.
 371                  */
 372                 flags = le32_to_cpu(hdr->flags);
 373                 signal = 14 - hdr->agc / 2;
 374                 rx_status.antenna = (hdr->rssi >> 7) & 1;
 375                 rx_status.mactime = le64_to_cpu(hdr->mac_time);
 376         }
 377 
 378         rx_status.signal = signal;
 379         priv->signal = signal;
 380         rate = (flags >> 20) & 0xF;
 381         skb_trim(skb, flags & 0x0FFF);
 382         rx_status.rate_idx = rate;
 383         rx_status.freq = dev->conf.chandef.chan->center_freq;
 384         rx_status.band = dev->conf.chandef.chan->band;
 385         rx_status.flag |= RX_FLAG_MACTIME_START;
 386         if (flags & RTL818X_RX_DESC_FLAG_SPLCP)
 387                 rx_status.enc_flags |= RX_ENC_FLAG_SHORTPRE;
 388         if (flags & RTL818X_RX_DESC_FLAG_CRC32_ERR)
 389                 rx_status.flag |= RX_FLAG_FAILED_FCS_CRC;
 390         memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
 391         ieee80211_rx_irqsafe(dev, skb);
 392 
 393         skb = dev_alloc_skb(RTL8187_MAX_RX);
 394         if (unlikely(!skb)) {
 395                 /* TODO check rx queue length and refill *somewhere* */
 396                 return;
 397         }
 398 
 399         info = (struct rtl8187_rx_info *)skb->cb;
 400         info->urb = urb;
 401         info->dev = dev;
 402         urb->transfer_buffer = skb_tail_pointer(skb);
 403         urb->context = skb;
 404         skb_queue_tail(&priv->rx_queue, skb);
 405 
 406         usb_anchor_urb(urb, &priv->anchored);
 407         if (usb_submit_urb(urb, GFP_ATOMIC)) {
 408                 usb_unanchor_urb(urb);
 409                 skb_unlink(skb, &priv->rx_queue);
 410                 dev_kfree_skb_irq(skb);
 411         }
 412 }
 413 
 414 static int rtl8187_init_urbs(struct ieee80211_hw *dev)
 415 {
 416         struct rtl8187_priv *priv = dev->priv;
 417         struct urb *entry = NULL;
 418         struct sk_buff *skb;
 419         struct rtl8187_rx_info *info;
 420         int ret = 0;
 421 
 422         while (skb_queue_len(&priv->rx_queue) < 32) {
 423                 skb = __dev_alloc_skb(RTL8187_MAX_RX, GFP_KERNEL);
 424                 if (!skb) {
 425                         ret = -ENOMEM;
 426                         goto err;
 427                 }
 428                 entry = usb_alloc_urb(0, GFP_KERNEL);
 429                 if (!entry) {
 430                         ret = -ENOMEM;
 431                         goto err;
 432                 }
 433                 usb_fill_bulk_urb(entry, priv->udev,
 434                                   usb_rcvbulkpipe(priv->udev,
 435                                   priv->is_rtl8187b ? 3 : 1),
 436                                   skb_tail_pointer(skb),
 437                                   RTL8187_MAX_RX, rtl8187_rx_cb, skb);
 438                 info = (struct rtl8187_rx_info *)skb->cb;
 439                 info->urb = entry;
 440                 info->dev = dev;
 441                 skb_queue_tail(&priv->rx_queue, skb);
 442                 usb_anchor_urb(entry, &priv->anchored);
 443                 ret = usb_submit_urb(entry, GFP_KERNEL);
 444                 if (ret) {
 445                         skb_unlink(skb, &priv->rx_queue);
 446                         usb_unanchor_urb(entry);
 447                         usb_put_urb(entry);
 448                         goto err;
 449                 }
 450                 usb_put_urb(entry);
 451         }
 452         return ret;
 453 
 454 err:
 455         kfree_skb(skb);
 456         usb_kill_anchored_urbs(&priv->anchored);
 457         return ret;
 458 }
 459 
 460 static void rtl8187b_status_cb(struct urb *urb)
 461 {
 462         struct ieee80211_hw *hw = (struct ieee80211_hw *)urb->context;
 463         struct rtl8187_priv *priv = hw->priv;
 464         u64 val;
 465         unsigned int cmd_type;
 466 
 467         if (unlikely(urb->status))
 468                 return;
 469 
 470         /*
 471          * Read from status buffer:
 472          *
 473          * bits [30:31] = cmd type:
 474          * - 0 indicates tx beacon interrupt
 475          * - 1 indicates tx close descriptor
 476          *
 477          * In the case of tx beacon interrupt:
 478          * [0:9] = Last Beacon CW
 479          * [10:29] = reserved
 480          * [30:31] = 00b
 481          * [32:63] = Last Beacon TSF
 482          *
 483          * If it's tx close descriptor:
 484          * [0:7] = Packet Retry Count
 485          * [8:14] = RTS Retry Count
 486          * [15] = TOK
 487          * [16:27] = Sequence No
 488          * [28] = LS
 489          * [29] = FS
 490          * [30:31] = 01b
 491          * [32:47] = unused (reserved?)
 492          * [48:63] = MAC Used Time
 493          */
 494         val = le64_to_cpu(priv->b_tx_status.buf);
 495 
 496         cmd_type = (val >> 30) & 0x3;
 497         if (cmd_type == 1) {
 498                 unsigned int pkt_rc, seq_no;
 499                 bool tok;
 500                 struct sk_buff *skb, *iter;
 501                 struct ieee80211_hdr *ieee80211hdr;
 502                 unsigned long flags;
 503 
 504                 pkt_rc = val & 0xFF;
 505                 tok = val & (1 << 15);
 506                 seq_no = (val >> 16) & 0xFFF;
 507 
 508                 spin_lock_irqsave(&priv->b_tx_status.queue.lock, flags);
 509                 skb = NULL;
 510                 skb_queue_reverse_walk(&priv->b_tx_status.queue, iter) {
 511                         ieee80211hdr = (struct ieee80211_hdr *)iter->data;
 512 
 513                         /*
 514                          * While testing, it was discovered that the seq_no
 515                          * doesn't actually contains the sequence number.
 516                          * Instead of returning just the 12 bits of sequence
 517                          * number, hardware is returning entire sequence control
 518                          * (fragment number plus sequence number) in a 12 bit
 519                          * only field overflowing after some time. As a
 520                          * workaround, just consider the lower bits, and expect
 521                          * it's unlikely we wrongly ack some sent data
 522                          */
 523                         if ((le16_to_cpu(ieee80211hdr->seq_ctrl)
 524                              & 0xFFF) == seq_no) {
 525                                 skb = iter;
 526                                 break;
 527                         }
 528                 }
 529                 if (skb) {
 530                         struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
 531 
 532                         __skb_unlink(skb, &priv->b_tx_status.queue);
 533                         if (tok)
 534                                 info->flags |= IEEE80211_TX_STAT_ACK;
 535                         info->status.rates[0].count = pkt_rc + 1;
 536 
 537                         ieee80211_tx_status_irqsafe(hw, skb);
 538                 }
 539                 spin_unlock_irqrestore(&priv->b_tx_status.queue.lock, flags);
 540         }
 541 
 542         usb_anchor_urb(urb, &priv->anchored);
 543         if (usb_submit_urb(urb, GFP_ATOMIC))
 544                 usb_unanchor_urb(urb);
 545 }
 546 
 547 static int rtl8187b_init_status_urb(struct ieee80211_hw *dev)
 548 {
 549         struct rtl8187_priv *priv = dev->priv;
 550         struct urb *entry;
 551         int ret = 0;
 552 
 553         entry = usb_alloc_urb(0, GFP_KERNEL);
 554         if (!entry)
 555                 return -ENOMEM;
 556 
 557         usb_fill_bulk_urb(entry, priv->udev, usb_rcvbulkpipe(priv->udev, 9),
 558                           &priv->b_tx_status.buf, sizeof(priv->b_tx_status.buf),
 559                           rtl8187b_status_cb, dev);
 560 
 561         usb_anchor_urb(entry, &priv->anchored);
 562         ret = usb_submit_urb(entry, GFP_KERNEL);
 563         if (ret)
 564                 usb_unanchor_urb(entry);
 565         usb_free_urb(entry);
 566 
 567         return ret;
 568 }
 569 
 570 static void rtl8187_set_anaparam(struct rtl8187_priv *priv, bool rfon)
 571 {
 572         u32 anaparam, anaparam2;
 573         u8 anaparam3, reg;
 574 
 575         if (!priv->is_rtl8187b) {
 576                 if (rfon) {
 577                         anaparam = RTL8187_RTL8225_ANAPARAM_ON;
 578                         anaparam2 = RTL8187_RTL8225_ANAPARAM2_ON;
 579                 } else {
 580                         anaparam = RTL8187_RTL8225_ANAPARAM_OFF;
 581                         anaparam2 = RTL8187_RTL8225_ANAPARAM2_OFF;
 582                 }
 583         } else {
 584                 if (rfon) {
 585                         anaparam = RTL8187B_RTL8225_ANAPARAM_ON;
 586                         anaparam2 = RTL8187B_RTL8225_ANAPARAM2_ON;
 587                         anaparam3 = RTL8187B_RTL8225_ANAPARAM3_ON;
 588                 } else {
 589                         anaparam = RTL8187B_RTL8225_ANAPARAM_OFF;
 590                         anaparam2 = RTL8187B_RTL8225_ANAPARAM2_OFF;
 591                         anaparam3 = RTL8187B_RTL8225_ANAPARAM3_OFF;
 592                 }
 593         }
 594 
 595         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 596                          RTL818X_EEPROM_CMD_CONFIG);
 597         reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
 598         reg |= RTL818X_CONFIG3_ANAPARAM_WRITE;
 599         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg);
 600         rtl818x_iowrite32(priv, &priv->map->ANAPARAM, anaparam);
 601         rtl818x_iowrite32(priv, &priv->map->ANAPARAM2, anaparam2);
 602         if (priv->is_rtl8187b)
 603                 rtl818x_iowrite8(priv, &priv->map->ANAPARAM3A, anaparam3);
 604         reg &= ~RTL818X_CONFIG3_ANAPARAM_WRITE;
 605         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg);
 606         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 607                          RTL818X_EEPROM_CMD_NORMAL);
 608 }
 609 
 610 static int rtl8187_cmd_reset(struct ieee80211_hw *dev)
 611 {
 612         struct rtl8187_priv *priv = dev->priv;
 613         u8 reg;
 614         int i;
 615 
 616         reg = rtl818x_ioread8(priv, &priv->map->CMD);
 617         reg &= (1 << 1);
 618         reg |= RTL818X_CMD_RESET;
 619         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
 620 
 621         i = 10;
 622         do {
 623                 msleep(2);
 624                 if (!(rtl818x_ioread8(priv, &priv->map->CMD) &
 625                       RTL818X_CMD_RESET))
 626                         break;
 627         } while (--i);
 628 
 629         if (!i) {
 630                 wiphy_err(dev->wiphy, "Reset timeout!\n");
 631                 return -ETIMEDOUT;
 632         }
 633 
 634         /* reload registers from eeprom */
 635         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_LOAD);
 636 
 637         i = 10;
 638         do {
 639                 msleep(4);
 640                 if (!(rtl818x_ioread8(priv, &priv->map->EEPROM_CMD) &
 641                       RTL818X_EEPROM_CMD_CONFIG))
 642                         break;
 643         } while (--i);
 644 
 645         if (!i) {
 646                 wiphy_err(dev->wiphy, "eeprom reset timeout!\n");
 647                 return -ETIMEDOUT;
 648         }
 649 
 650         return 0;
 651 }
 652 
 653 static int rtl8187_init_hw(struct ieee80211_hw *dev)
 654 {
 655         struct rtl8187_priv *priv = dev->priv;
 656         u8 reg;
 657         int res;
 658 
 659         /* reset */
 660         rtl8187_set_anaparam(priv, true);
 661 
 662         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0);
 663 
 664         msleep(200);
 665         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x10);
 666         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x11);
 667         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x00);
 668         msleep(200);
 669 
 670         res = rtl8187_cmd_reset(dev);
 671         if (res)
 672                 return res;
 673 
 674         rtl8187_set_anaparam(priv, true);
 675 
 676         /* setup card */
 677         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0);
 678         rtl818x_iowrite8(priv, &priv->map->GPIO0, 0);
 679 
 680         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, (4 << 8));
 681         rtl818x_iowrite8(priv, &priv->map->GPIO0, 1);
 682         rtl818x_iowrite8(priv, &priv->map->GP_ENABLE, 0);
 683 
 684         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
 685 
 686         rtl818x_iowrite16(priv, (__le16 *)0xFFF4, 0xFFFF);
 687         reg = rtl818x_ioread8(priv, &priv->map->CONFIG1);
 688         reg &= 0x3F;
 689         reg |= 0x80;
 690         rtl818x_iowrite8(priv, &priv->map->CONFIG1, reg);
 691 
 692         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
 693 
 694         rtl818x_iowrite32(priv, &priv->map->INT_TIMEOUT, 0);
 695         rtl818x_iowrite8(priv, &priv->map->WPA_CONF, 0);
 696         rtl818x_iowrite8(priv, &priv->map->RATE_FALLBACK, 0);
 697 
 698         // TODO: set RESP_RATE and BRSR properly
 699         rtl818x_iowrite8(priv, &priv->map->RESP_RATE, (8 << 4) | 0);
 700         rtl818x_iowrite16(priv, &priv->map->BRSR, 0x01F3);
 701 
 702         /* host_usb_init */
 703         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0);
 704         rtl818x_iowrite8(priv, &priv->map->GPIO0, 0);
 705         reg = rtl818x_ioread8(priv, (u8 *)0xFE53);
 706         rtl818x_iowrite8(priv, (u8 *)0xFE53, reg | (1 << 7));
 707         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, (4 << 8));
 708         rtl818x_iowrite8(priv, &priv->map->GPIO0, 0x20);
 709         rtl818x_iowrite8(priv, &priv->map->GP_ENABLE, 0);
 710         rtl818x_iowrite16(priv, &priv->map->RFPinsOutput, 0x80);
 711         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0x80);
 712         rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x80);
 713         msleep(100);
 714 
 715         rtl818x_iowrite32(priv, &priv->map->RF_TIMING, 0x000a8008);
 716         rtl818x_iowrite16(priv, &priv->map->BRSR, 0xFFFF);
 717         rtl818x_iowrite32(priv, &priv->map->RF_PARA, 0x00100044);
 718         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 719                          RTL818X_EEPROM_CMD_CONFIG);
 720         rtl818x_iowrite8(priv, &priv->map->CONFIG3, 0x44);
 721         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 722                          RTL818X_EEPROM_CMD_NORMAL);
 723         rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x1FF7);
 724         msleep(100);
 725 
 726         priv->rf->init(dev);
 727 
 728         rtl818x_iowrite16(priv, &priv->map->BRSR, 0x01F3);
 729         reg = rtl818x_ioread8(priv, &priv->map->PGSELECT) & ~1;
 730         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg | 1);
 731         rtl818x_iowrite16(priv, (__le16 *)0xFFFE, 0x10);
 732         rtl818x_iowrite8(priv, &priv->map->TALLY_SEL, 0x80);
 733         rtl818x_iowrite8(priv, (u8 *)0xFFFF, 0x60);
 734         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg);
 735 
 736         return 0;
 737 }
 738 
 739 static const u8 rtl8187b_reg_table[][3] = {
 740         {0xF0, 0x32, 0}, {0xF1, 0x32, 0}, {0xF2, 0x00, 0}, {0xF3, 0x00, 0},
 741         {0xF4, 0x32, 0}, {0xF5, 0x43, 0}, {0xF6, 0x00, 0}, {0xF7, 0x00, 0},
 742         {0xF8, 0x46, 0}, {0xF9, 0xA4, 0}, {0xFA, 0x00, 0}, {0xFB, 0x00, 0},
 743         {0xFC, 0x96, 0}, {0xFD, 0xA4, 0}, {0xFE, 0x00, 0}, {0xFF, 0x00, 0},
 744 
 745         {0x58, 0x4B, 1}, {0x59, 0x00, 1}, {0x5A, 0x4B, 1}, {0x5B, 0x00, 1},
 746         {0x60, 0x4B, 1}, {0x61, 0x09, 1}, {0x62, 0x4B, 1}, {0x63, 0x09, 1},
 747         {0xCE, 0x0F, 1}, {0xCF, 0x00, 1}, {0xF0, 0x4E, 1}, {0xF1, 0x01, 1},
 748         {0xF2, 0x02, 1}, {0xF3, 0x03, 1}, {0xF4, 0x04, 1}, {0xF5, 0x05, 1},
 749         {0xF6, 0x06, 1}, {0xF7, 0x07, 1}, {0xF8, 0x08, 1},
 750 
 751         {0x4E, 0x00, 2}, {0x0C, 0x04, 2}, {0x21, 0x61, 2}, {0x22, 0x68, 2},
 752         {0x23, 0x6F, 2}, {0x24, 0x76, 2}, {0x25, 0x7D, 2}, {0x26, 0x84, 2},
 753         {0x27, 0x8D, 2}, {0x4D, 0x08, 2}, {0x50, 0x05, 2}, {0x51, 0xF5, 2},
 754         {0x52, 0x04, 2}, {0x53, 0xA0, 2}, {0x54, 0x1F, 2}, {0x55, 0x23, 2},
 755         {0x56, 0x45, 2}, {0x57, 0x67, 2}, {0x58, 0x08, 2}, {0x59, 0x08, 2},
 756         {0x5A, 0x08, 2}, {0x5B, 0x08, 2}, {0x60, 0x08, 2}, {0x61, 0x08, 2},
 757         {0x62, 0x08, 2}, {0x63, 0x08, 2}, {0x64, 0xCF, 2},
 758 
 759         {0x5B, 0x40, 0}, {0x84, 0x88, 0}, {0x85, 0x24, 0}, {0x88, 0x54, 0},
 760         {0x8B, 0xB8, 0}, {0x8C, 0x07, 0}, {0x8D, 0x00, 0}, {0x94, 0x1B, 0},
 761         {0x95, 0x12, 0}, {0x96, 0x00, 0}, {0x97, 0x06, 0}, {0x9D, 0x1A, 0},
 762         {0x9F, 0x10, 0}, {0xB4, 0x22, 0}, {0xBE, 0x80, 0}, {0xDB, 0x00, 0},
 763         {0xEE, 0x00, 0}, {0x4C, 0x00, 2},
 764 
 765         {0x9F, 0x00, 3}, {0x8C, 0x01, 0}, {0x8D, 0x10, 0}, {0x8E, 0x08, 0},
 766         {0x8F, 0x00, 0}
 767 };
 768 
 769 static int rtl8187b_init_hw(struct ieee80211_hw *dev)
 770 {
 771         struct rtl8187_priv *priv = dev->priv;
 772         int res, i;
 773         u8 reg;
 774 
 775         rtl8187_set_anaparam(priv, true);
 776 
 777         /* Reset PLL sequence on 8187B. Realtek note: reduces power
 778          * consumption about 30 mA */
 779         rtl818x_iowrite8(priv, (u8 *)0xFF61, 0x10);
 780         reg = rtl818x_ioread8(priv, (u8 *)0xFF62);
 781         rtl818x_iowrite8(priv, (u8 *)0xFF62, reg & ~(1 << 5));
 782         rtl818x_iowrite8(priv, (u8 *)0xFF62, reg | (1 << 5));
 783 
 784         res = rtl8187_cmd_reset(dev);
 785         if (res)
 786                 return res;
 787 
 788         rtl8187_set_anaparam(priv, true);
 789 
 790         /* BRSR (Basic Rate Set Register) on 8187B looks to be the same as
 791          * RESP_RATE on 8187L in Realtek sources: each bit should be each
 792          * one of the 12 rates, all are enabled */
 793         rtl818x_iowrite16(priv, (__le16 *)0xFF34, 0x0FFF);
 794 
 795         reg = rtl818x_ioread8(priv, &priv->map->CW_CONF);
 796         reg |= RTL818X_CW_CONF_PERPACKET_RETRY;
 797         rtl818x_iowrite8(priv, &priv->map->CW_CONF, reg);
 798 
 799         /* Auto Rate Fallback Register (ARFR): 1M-54M setting */
 800         rtl818x_iowrite16_idx(priv, (__le16 *)0xFFE0, 0x0FFF, 1);
 801         rtl818x_iowrite8_idx(priv, (u8 *)0xFFE2, 0x00, 1);
 802 
 803         rtl818x_iowrite16_idx(priv, (__le16 *)0xFFD4, 0xFFFF, 1);
 804 
 805         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 806                          RTL818X_EEPROM_CMD_CONFIG);
 807         reg = rtl818x_ioread8(priv, &priv->map->CONFIG1);
 808         rtl818x_iowrite8(priv, &priv->map->CONFIG1, (reg & 0x3F) | 0x80);
 809         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
 810                          RTL818X_EEPROM_CMD_NORMAL);
 811 
 812         rtl818x_iowrite8(priv, &priv->map->WPA_CONF, 0);
 813         for (i = 0; i < ARRAY_SIZE(rtl8187b_reg_table); i++) {
 814                 rtl818x_iowrite8_idx(priv,
 815                                      (u8 *)(uintptr_t)
 816                                      (rtl8187b_reg_table[i][0] | 0xFF00),
 817                                      rtl8187b_reg_table[i][1],
 818                                      rtl8187b_reg_table[i][2]);
 819         }
 820 
 821         rtl818x_iowrite16(priv, &priv->map->TID_AC_MAP, 0xFA50);
 822         rtl818x_iowrite16(priv, &priv->map->INT_MIG, 0);
 823 
 824         rtl818x_iowrite32_idx(priv, (__le32 *)0xFFF0, 0, 1);
 825         rtl818x_iowrite32_idx(priv, (__le32 *)0xFFF4, 0, 1);
 826         rtl818x_iowrite8_idx(priv, (u8 *)0xFFF8, 0, 1);
 827 
 828         rtl818x_iowrite32(priv, &priv->map->RF_TIMING, 0x00004001);
 829 
 830         /* RFSW_CTRL register */
 831         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF72, 0x569A, 2);
 832 
 833         rtl818x_iowrite16(priv, &priv->map->RFPinsOutput, 0x0480);
 834         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0x2488);
 835         rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x1FFF);
 836         msleep(100);
 837 
 838         priv->rf->init(dev);
 839 
 840         reg = RTL818X_CMD_TX_ENABLE | RTL818X_CMD_RX_ENABLE;
 841         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
 842         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0xFFFF);
 843 
 844         rtl818x_iowrite8(priv, (u8 *)0xFE41, 0xF4);
 845         rtl818x_iowrite8(priv, (u8 *)0xFE40, 0x00);
 846         rtl818x_iowrite8(priv, (u8 *)0xFE42, 0x00);
 847         rtl818x_iowrite8(priv, (u8 *)0xFE42, 0x01);
 848         rtl818x_iowrite8(priv, (u8 *)0xFE40, 0x0F);
 849         rtl818x_iowrite8(priv, (u8 *)0xFE42, 0x00);
 850         rtl818x_iowrite8(priv, (u8 *)0xFE42, 0x01);
 851 
 852         reg = rtl818x_ioread8(priv, (u8 *)0xFFDB);
 853         rtl818x_iowrite8(priv, (u8 *)0xFFDB, reg | (1 << 2));
 854         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF72, 0x59FA, 3);
 855         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF74, 0x59D2, 3);
 856         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF76, 0x59D2, 3);
 857         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF78, 0x19FA, 3);
 858         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF7A, 0x19FA, 3);
 859         rtl818x_iowrite16_idx(priv, (__le16 *)0xFF7C, 0x00D0, 3);
 860         rtl818x_iowrite8(priv, (u8 *)0xFF61, 0);
 861         rtl818x_iowrite8_idx(priv, (u8 *)0xFF80, 0x0F, 1);
 862         rtl818x_iowrite8_idx(priv, (u8 *)0xFF83, 0x03, 1);
 863         rtl818x_iowrite8(priv, (u8 *)0xFFDA, 0x10);
 864         rtl818x_iowrite8_idx(priv, (u8 *)0xFF4D, 0x08, 2);
 865 
 866         rtl818x_iowrite32(priv, &priv->map->HSSI_PARA, 0x0600321B);
 867 
 868         rtl818x_iowrite16_idx(priv, (__le16 *)0xFFEC, 0x0800, 1);
 869 
 870         priv->slot_time = 0x9;
 871         priv->aifsn[0] = 2; /* AIFSN[AC_VO] */
 872         priv->aifsn[1] = 2; /* AIFSN[AC_VI] */
 873         priv->aifsn[2] = 7; /* AIFSN[AC_BK] */
 874         priv->aifsn[3] = 3; /* AIFSN[AC_BE] */
 875         rtl818x_iowrite8(priv, &priv->map->ACM_CONTROL, 0);
 876 
 877         /* ENEDCA flag must always be set, transmit issues? */
 878         rtl818x_iowrite8(priv, &priv->map->MSR, RTL818X_MSR_ENEDCA);
 879 
 880         return 0;
 881 }
 882 
 883 static void rtl8187_work(struct work_struct *work)
 884 {
 885         /* The RTL8187 returns the retry count through register 0xFFFA. In
 886          * addition, it appears to be a cumulative retry count, not the
 887          * value for the current TX packet. When multiple TX entries are
 888          * waiting in the queue, the retry count will be the total for all.
 889          * The "error" may matter for purposes of rate setting, but there is
 890          * no other choice with this hardware.
 891          */
 892         struct rtl8187_priv *priv = container_of(work, struct rtl8187_priv,
 893                                     work.work);
 894         struct ieee80211_tx_info *info;
 895         struct ieee80211_hw *dev = priv->dev;
 896         static u16 retry;
 897         u16 tmp;
 898         u16 avg_retry;
 899         int length;
 900 
 901         mutex_lock(&priv->conf_mutex);
 902         tmp = rtl818x_ioread16(priv, (__le16 *)0xFFFA);
 903         length = skb_queue_len(&priv->b_tx_status.queue);
 904         if (unlikely(!length))
 905                 length = 1;
 906         if (unlikely(tmp < retry))
 907                 tmp = retry;
 908         avg_retry = (tmp - retry) / length;
 909         while (skb_queue_len(&priv->b_tx_status.queue) > 0) {
 910                 struct sk_buff *old_skb;
 911 
 912                 old_skb = skb_dequeue(&priv->b_tx_status.queue);
 913                 info = IEEE80211_SKB_CB(old_skb);
 914                 info->status.rates[0].count = avg_retry + 1;
 915                 if (info->status.rates[0].count > RETRY_COUNT)
 916                         info->flags &= ~IEEE80211_TX_STAT_ACK;
 917                 ieee80211_tx_status_irqsafe(dev, old_skb);
 918         }
 919         retry = tmp;
 920         mutex_unlock(&priv->conf_mutex);
 921 }
 922 
 923 static int rtl8187_start(struct ieee80211_hw *dev)
 924 {
 925         struct rtl8187_priv *priv = dev->priv;
 926         u32 reg;
 927         int ret;
 928 
 929         mutex_lock(&priv->conf_mutex);
 930 
 931         ret = (!priv->is_rtl8187b) ? rtl8187_init_hw(dev) :
 932                                      rtl8187b_init_hw(dev);
 933         if (ret)
 934                 goto rtl8187_start_exit;
 935 
 936         init_usb_anchor(&priv->anchored);
 937         priv->dev = dev;
 938 
 939         if (priv->is_rtl8187b) {
 940                 reg = RTL818X_RX_CONF_MGMT |
 941                       RTL818X_RX_CONF_DATA |
 942                       RTL818X_RX_CONF_BROADCAST |
 943                       RTL818X_RX_CONF_NICMAC |
 944                       RTL818X_RX_CONF_BSSID |
 945                       (7 << 13 /* RX FIFO threshold NONE */) |
 946                       (7 << 10 /* MAX RX DMA */) |
 947                       RTL818X_RX_CONF_RX_AUTORESETPHY |
 948                       RTL818X_RX_CONF_ONLYERLPKT;
 949                 priv->rx_conf = reg;
 950                 rtl818x_iowrite32(priv, &priv->map->RX_CONF, reg);
 951 
 952                 reg = rtl818x_ioread8(priv, &priv->map->TX_AGC_CTL);
 953                 reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_GAIN;
 954                 reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_ANTSEL;
 955                 reg &= ~RTL818X_TX_AGC_CTL_FEEDBACK_ANT;
 956                 rtl818x_iowrite8(priv, &priv->map->TX_AGC_CTL, reg);
 957 
 958                 rtl818x_iowrite32(priv, &priv->map->TX_CONF,
 959                                   RTL818X_TX_CONF_HW_SEQNUM |
 960                                   RTL818X_TX_CONF_DISREQQSIZE |
 961                                   (RETRY_COUNT << 8  /* short retry limit */) |
 962                                   (RETRY_COUNT << 0  /* long retry limit */) |
 963                                   (7 << 21 /* MAX TX DMA */));
 964                 ret = rtl8187_init_urbs(dev);
 965                 if (ret)
 966                         goto rtl8187_start_exit;
 967                 ret = rtl8187b_init_status_urb(dev);
 968                 if (ret)
 969                         usb_kill_anchored_urbs(&priv->anchored);
 970                 goto rtl8187_start_exit;
 971         }
 972 
 973         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0xFFFF);
 974 
 975         rtl818x_iowrite32(priv, &priv->map->MAR[0], ~0);
 976         rtl818x_iowrite32(priv, &priv->map->MAR[1], ~0);
 977 
 978         ret = rtl8187_init_urbs(dev);
 979         if (ret)
 980                 goto rtl8187_start_exit;
 981 
 982         reg = RTL818X_RX_CONF_ONLYERLPKT |
 983               RTL818X_RX_CONF_RX_AUTORESETPHY |
 984               RTL818X_RX_CONF_BSSID |
 985               RTL818X_RX_CONF_MGMT |
 986               RTL818X_RX_CONF_DATA |
 987               (7 << 13 /* RX FIFO threshold NONE */) |
 988               (7 << 10 /* MAX RX DMA */) |
 989               RTL818X_RX_CONF_BROADCAST |
 990               RTL818X_RX_CONF_NICMAC;
 991 
 992         priv->rx_conf = reg;
 993         rtl818x_iowrite32(priv, &priv->map->RX_CONF, reg);
 994 
 995         reg = rtl818x_ioread8(priv, &priv->map->CW_CONF);
 996         reg &= ~RTL818X_CW_CONF_PERPACKET_CW;
 997         reg |= RTL818X_CW_CONF_PERPACKET_RETRY;
 998         rtl818x_iowrite8(priv, &priv->map->CW_CONF, reg);
 999 
1000         reg = rtl818x_ioread8(priv, &priv->map->TX_AGC_CTL);
1001         reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_GAIN;
1002         reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_ANTSEL;
1003         reg &= ~RTL818X_TX_AGC_CTL_FEEDBACK_ANT;
1004         rtl818x_iowrite8(priv, &priv->map->TX_AGC_CTL, reg);
1005 
1006         reg  = RTL818X_TX_CONF_CW_MIN |
1007                (7 << 21 /* MAX TX DMA */) |
1008                RTL818X_TX_CONF_NO_ICV;
1009         rtl818x_iowrite32(priv, &priv->map->TX_CONF, reg);
1010 
1011         reg = rtl818x_ioread8(priv, &priv->map->CMD);
1012         reg |= RTL818X_CMD_TX_ENABLE;
1013         reg |= RTL818X_CMD_RX_ENABLE;
1014         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
1015         INIT_DELAYED_WORK(&priv->work, rtl8187_work);
1016 
1017 rtl8187_start_exit:
1018         mutex_unlock(&priv->conf_mutex);
1019         return ret;
1020 }
1021 
1022 static void rtl8187_stop(struct ieee80211_hw *dev)
1023 {
1024         struct rtl8187_priv *priv = dev->priv;
1025         struct sk_buff *skb;
1026         u32 reg;
1027 
1028         mutex_lock(&priv->conf_mutex);
1029         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0);
1030 
1031         reg = rtl818x_ioread8(priv, &priv->map->CMD);
1032         reg &= ~RTL818X_CMD_TX_ENABLE;
1033         reg &= ~RTL818X_CMD_RX_ENABLE;
1034         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
1035 
1036         priv->rf->stop(dev);
1037         rtl8187_set_anaparam(priv, false);
1038 
1039         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
1040         reg = rtl818x_ioread8(priv, &priv->map->CONFIG4);
1041         rtl818x_iowrite8(priv, &priv->map->CONFIG4, reg | RTL818X_CONFIG4_VCOOFF);
1042         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
1043 
1044         while ((skb = skb_dequeue(&priv->b_tx_status.queue)))
1045                 dev_kfree_skb_any(skb);
1046 
1047         usb_kill_anchored_urbs(&priv->anchored);
1048         mutex_unlock(&priv->conf_mutex);
1049 
1050         if (!priv->is_rtl8187b)
1051                 cancel_delayed_work_sync(&priv->work);
1052 }
1053 
1054 static u64 rtl8187_get_tsf(struct ieee80211_hw *dev, struct ieee80211_vif *vif)
1055 {
1056         struct rtl8187_priv *priv = dev->priv;
1057 
1058         return rtl818x_ioread32(priv, &priv->map->TSFT[0]) |
1059                (u64)(rtl818x_ioread32(priv, &priv->map->TSFT[1])) << 32;
1060 }
1061 
1062 
1063 static void rtl8187_beacon_work(struct work_struct *work)
1064 {
1065         struct rtl8187_vif *vif_priv =
1066                 container_of(work, struct rtl8187_vif, beacon_work.work);
1067         struct ieee80211_vif *vif =
1068                 container_of((void *)vif_priv, struct ieee80211_vif, drv_priv);
1069         struct ieee80211_hw *dev = vif_priv->dev;
1070         struct ieee80211_mgmt *mgmt;
1071         struct sk_buff *skb;
1072 
1073         /* don't overflow the tx ring */
1074         if (ieee80211_queue_stopped(dev, 0))
1075                 goto resched;
1076 
1077         /* grab a fresh beacon */
1078         skb = ieee80211_beacon_get(dev, vif);
1079         if (!skb)
1080                 goto resched;
1081 
1082         /*
1083          * update beacon timestamp w/ TSF value
1084          * TODO: make hardware update beacon timestamp
1085          */
1086         mgmt = (struct ieee80211_mgmt *)skb->data;
1087         mgmt->u.beacon.timestamp = cpu_to_le64(rtl8187_get_tsf(dev, vif));
1088 
1089         /* TODO: use actual beacon queue */
1090         skb_set_queue_mapping(skb, 0);
1091 
1092         rtl8187_tx(dev, NULL, skb);
1093 
1094 resched:
1095         /*
1096          * schedule next beacon
1097          * TODO: use hardware support for beacon timing
1098          */
1099         schedule_delayed_work(&vif_priv->beacon_work,
1100                         usecs_to_jiffies(1024 * vif->bss_conf.beacon_int));
1101 }
1102 
1103 
1104 static int rtl8187_add_interface(struct ieee80211_hw *dev,
1105                                  struct ieee80211_vif *vif)
1106 {
1107         struct rtl8187_priv *priv = dev->priv;
1108         struct rtl8187_vif *vif_priv;
1109         int i;
1110         int ret = -EOPNOTSUPP;
1111 
1112         mutex_lock(&priv->conf_mutex);
1113         if (priv->vif)
1114                 goto exit;
1115 
1116         switch (vif->type) {
1117         case NL80211_IFTYPE_STATION:
1118         case NL80211_IFTYPE_ADHOC:
1119                 break;
1120         default:
1121                 goto exit;
1122         }
1123 
1124         ret = 0;
1125         priv->vif = vif;
1126 
1127         /* Initialize driver private area */
1128         vif_priv = (struct rtl8187_vif *)&vif->drv_priv;
1129         vif_priv->dev = dev;
1130         INIT_DELAYED_WORK(&vif_priv->beacon_work, rtl8187_beacon_work);
1131         vif_priv->enable_beacon = false;
1132 
1133 
1134         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
1135         for (i = 0; i < ETH_ALEN; i++)
1136                 rtl818x_iowrite8(priv, &priv->map->MAC[i],
1137                                  ((u8 *)vif->addr)[i]);
1138         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
1139 
1140 exit:
1141         mutex_unlock(&priv->conf_mutex);
1142         return ret;
1143 }
1144 
1145 static void rtl8187_remove_interface(struct ieee80211_hw *dev,
1146                                      struct ieee80211_vif *vif)
1147 {
1148         struct rtl8187_priv *priv = dev->priv;
1149         mutex_lock(&priv->conf_mutex);
1150         priv->vif = NULL;
1151         mutex_unlock(&priv->conf_mutex);
1152 }
1153 
1154 static int rtl8187_config(struct ieee80211_hw *dev, u32 changed)
1155 {
1156         struct rtl8187_priv *priv = dev->priv;
1157         struct ieee80211_conf *conf = &dev->conf;
1158         u32 reg;
1159 
1160         mutex_lock(&priv->conf_mutex);
1161         reg = rtl818x_ioread32(priv, &priv->map->TX_CONF);
1162         /* Enable TX loopback on MAC level to avoid TX during channel
1163          * changes, as this has be seen to causes problems and the
1164          * card will stop work until next reset
1165          */
1166         rtl818x_iowrite32(priv, &priv->map->TX_CONF,
1167                           reg | RTL818X_TX_CONF_LOOPBACK_MAC);
1168         priv->rf->set_chan(dev, conf);
1169         msleep(10);
1170         rtl818x_iowrite32(priv, &priv->map->TX_CONF, reg);
1171 
1172         rtl818x_iowrite16(priv, &priv->map->ATIM_WND, 2);
1173         rtl818x_iowrite16(priv, &priv->map->ATIMTR_INTERVAL, 100);
1174         rtl818x_iowrite16(priv, &priv->map->BEACON_INTERVAL, 100);
1175         rtl818x_iowrite16(priv, &priv->map->BEACON_INTERVAL_TIME, 100);
1176         mutex_unlock(&priv->conf_mutex);
1177         return 0;
1178 }
1179 
1180 /*
1181  * With 8187B, AC_*_PARAM clashes with FEMR definition in struct rtl818x_csr for
1182  * example. Thus we have to use raw values for AC_*_PARAM register addresses.
1183  */
1184 static __le32 *rtl8187b_ac_addr[4] = {
1185         (__le32 *) 0xFFF0, /* AC_VO */
1186         (__le32 *) 0xFFF4, /* AC_VI */
1187         (__le32 *) 0xFFFC, /* AC_BK */
1188         (__le32 *) 0xFFF8, /* AC_BE */
1189 };
1190 
1191 #define SIFS_TIME 0xa
1192 
1193 static void rtl8187_conf_erp(struct rtl8187_priv *priv, bool use_short_slot,
1194                              bool use_short_preamble)
1195 {
1196         if (priv->is_rtl8187b) {
1197                 u8 difs, eifs;
1198                 u16 ack_timeout;
1199                 int queue;
1200 
1201                 if (use_short_slot) {
1202                         priv->slot_time = 0x9;
1203                         difs = 0x1c;
1204                         eifs = 0x53;
1205                 } else {
1206                         priv->slot_time = 0x14;
1207                         difs = 0x32;
1208                         eifs = 0x5b;
1209                 }
1210                 rtl818x_iowrite8(priv, &priv->map->SIFS, 0x22);
1211                 rtl818x_iowrite8(priv, &priv->map->SLOT, priv->slot_time);
1212                 rtl818x_iowrite8(priv, &priv->map->DIFS, difs);
1213 
1214                 /*
1215                  * BRSR+1 on 8187B is in fact EIFS register
1216                  * Value in units of 4 us
1217                  */
1218                 rtl818x_iowrite8(priv, (u8 *)&priv->map->BRSR + 1, eifs);
1219 
1220                 /*
1221                  * For 8187B, CARRIER_SENSE_COUNTER is in fact ack timeout
1222                  * register. In units of 4 us like eifs register
1223                  * ack_timeout = ack duration + plcp + difs + preamble
1224                  */
1225                 ack_timeout = 112 + 48 + difs;
1226                 if (use_short_preamble)
1227                         ack_timeout += 72;
1228                 else
1229                         ack_timeout += 144;
1230                 rtl818x_iowrite8(priv, &priv->map->CARRIER_SENSE_COUNTER,
1231                                  DIV_ROUND_UP(ack_timeout, 4));
1232 
1233                 for (queue = 0; queue < 4; queue++)
1234                         rtl818x_iowrite8(priv, (u8 *) rtl8187b_ac_addr[queue],
1235                                          priv->aifsn[queue] * priv->slot_time +
1236                                          SIFS_TIME);
1237         } else {
1238                 rtl818x_iowrite8(priv, &priv->map->SIFS, 0x22);
1239                 if (use_short_slot) {
1240                         rtl818x_iowrite8(priv, &priv->map->SLOT, 0x9);
1241                         rtl818x_iowrite8(priv, &priv->map->DIFS, 0x14);
1242                         rtl818x_iowrite8(priv, &priv->map->EIFS, 91 - 0x14);
1243                 } else {
1244                         rtl818x_iowrite8(priv, &priv->map->SLOT, 0x14);
1245                         rtl818x_iowrite8(priv, &priv->map->DIFS, 0x24);
1246                         rtl818x_iowrite8(priv, &priv->map->EIFS, 91 - 0x24);
1247                 }
1248         }
1249 }
1250 
1251 static void rtl8187_bss_info_changed(struct ieee80211_hw *dev,
1252                                      struct ieee80211_vif *vif,
1253                                      struct ieee80211_bss_conf *info,
1254                                      u32 changed)
1255 {
1256         struct rtl8187_priv *priv = dev->priv;
1257         struct rtl8187_vif *vif_priv;
1258         int i;
1259         u8 reg;
1260 
1261         vif_priv = (struct rtl8187_vif *)&vif->drv_priv;
1262 
1263         if (changed & BSS_CHANGED_BSSID) {
1264                 mutex_lock(&priv->conf_mutex);
1265                 for (i = 0; i < ETH_ALEN; i++)
1266                         rtl818x_iowrite8(priv, &priv->map->BSSID[i],
1267                                          info->bssid[i]);
1268 
1269                 if (priv->is_rtl8187b)
1270                         reg = RTL818X_MSR_ENEDCA;
1271                 else
1272                         reg = 0;
1273 
1274                 if (is_valid_ether_addr(info->bssid)) {
1275                         if (vif->type == NL80211_IFTYPE_ADHOC)
1276                                 reg |= RTL818X_MSR_ADHOC;
1277                         else
1278                                 reg |= RTL818X_MSR_INFRA;
1279                 }
1280                 else
1281                         reg |= RTL818X_MSR_NO_LINK;
1282 
1283                 rtl818x_iowrite8(priv, &priv->map->MSR, reg);
1284 
1285                 mutex_unlock(&priv->conf_mutex);
1286         }
1287 
1288         if (changed & (BSS_CHANGED_ERP_SLOT | BSS_CHANGED_ERP_PREAMBLE))
1289                 rtl8187_conf_erp(priv, info->use_short_slot,
1290                                  info->use_short_preamble);
1291 
1292         if (changed & BSS_CHANGED_BEACON_ENABLED)
1293                 vif_priv->enable_beacon = info->enable_beacon;
1294 
1295         if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON)) {
1296                 cancel_delayed_work_sync(&vif_priv->beacon_work);
1297                 if (vif_priv->enable_beacon)
1298                         schedule_work(&vif_priv->beacon_work.work);
1299         }
1300 
1301 }
1302 
1303 static u64 rtl8187_prepare_multicast(struct ieee80211_hw *dev,
1304                                      struct netdev_hw_addr_list *mc_list)
1305 {
1306         return netdev_hw_addr_list_count(mc_list);
1307 }
1308 
1309 static void rtl8187_configure_filter(struct ieee80211_hw *dev,
1310                                      unsigned int changed_flags,
1311                                      unsigned int *total_flags,
1312                                      u64 multicast)
1313 {
1314         struct rtl8187_priv *priv = dev->priv;
1315 
1316         if (changed_flags & FIF_FCSFAIL)
1317                 priv->rx_conf ^= RTL818X_RX_CONF_FCS;
1318         if (changed_flags & FIF_CONTROL)
1319                 priv->rx_conf ^= RTL818X_RX_CONF_CTRL;
1320         if (*total_flags & FIF_OTHER_BSS ||
1321             *total_flags & FIF_ALLMULTI || multicast > 0)
1322                 priv->rx_conf |= RTL818X_RX_CONF_MONITOR;
1323         else
1324                 priv->rx_conf &= ~RTL818X_RX_CONF_MONITOR;
1325 
1326         *total_flags = 0;
1327 
1328         if (priv->rx_conf & RTL818X_RX_CONF_FCS)
1329                 *total_flags |= FIF_FCSFAIL;
1330         if (priv->rx_conf & RTL818X_RX_CONF_CTRL)
1331                 *total_flags |= FIF_CONTROL;
1332         if (priv->rx_conf & RTL818X_RX_CONF_MONITOR) {
1333                 *total_flags |= FIF_OTHER_BSS;
1334                 *total_flags |= FIF_ALLMULTI;
1335         }
1336 
1337         rtl818x_iowrite32_async(priv, &priv->map->RX_CONF, priv->rx_conf);
1338 }
1339 
1340 static int rtl8187_conf_tx(struct ieee80211_hw *dev,
1341                            struct ieee80211_vif *vif, u16 queue,
1342                            const struct ieee80211_tx_queue_params *params)
1343 {
1344         struct rtl8187_priv *priv = dev->priv;
1345         u8 cw_min, cw_max;
1346 
1347         if (queue > 3)
1348                 return -EINVAL;
1349 
1350         cw_min = fls(params->cw_min);
1351         cw_max = fls(params->cw_max);
1352 
1353         if (priv->is_rtl8187b) {
1354                 priv->aifsn[queue] = params->aifs;
1355 
1356                 /*
1357                  * This is the structure of AC_*_PARAM registers in 8187B:
1358                  * - TXOP limit field, bit offset = 16
1359                  * - ECWmax, bit offset = 12
1360                  * - ECWmin, bit offset = 8
1361                  * - AIFS, bit offset = 0
1362                  */
1363                 rtl818x_iowrite32(priv, rtl8187b_ac_addr[queue],
1364                                   (params->txop << 16) | (cw_max << 12) |
1365                                   (cw_min << 8) | (params->aifs *
1366                                   priv->slot_time + SIFS_TIME));
1367         } else {
1368                 if (queue != 0)
1369                         return -EINVAL;
1370 
1371                 rtl818x_iowrite8(priv, &priv->map->CW_VAL,
1372                                  cw_min | (cw_max << 4));
1373         }
1374         return 0;
1375 }
1376 
1377 
1378 static const struct ieee80211_ops rtl8187_ops = {
1379         .tx                     = rtl8187_tx,
1380         .start                  = rtl8187_start,
1381         .stop                   = rtl8187_stop,
1382         .add_interface          = rtl8187_add_interface,
1383         .remove_interface       = rtl8187_remove_interface,
1384         .config                 = rtl8187_config,
1385         .bss_info_changed       = rtl8187_bss_info_changed,
1386         .prepare_multicast      = rtl8187_prepare_multicast,
1387         .configure_filter       = rtl8187_configure_filter,
1388         .conf_tx                = rtl8187_conf_tx,
1389         .rfkill_poll            = rtl8187_rfkill_poll,
1390         .get_tsf                = rtl8187_get_tsf,
1391 };
1392 
1393 static void rtl8187_eeprom_register_read(struct eeprom_93cx6 *eeprom)
1394 {
1395         struct ieee80211_hw *dev = eeprom->data;
1396         struct rtl8187_priv *priv = dev->priv;
1397         u8 reg = rtl818x_ioread8(priv, &priv->map->EEPROM_CMD);
1398 
1399         eeprom->reg_data_in = reg & RTL818X_EEPROM_CMD_WRITE;
1400         eeprom->reg_data_out = reg & RTL818X_EEPROM_CMD_READ;
1401         eeprom->reg_data_clock = reg & RTL818X_EEPROM_CMD_CK;
1402         eeprom->reg_chip_select = reg & RTL818X_EEPROM_CMD_CS;
1403 }
1404 
1405 static void rtl8187_eeprom_register_write(struct eeprom_93cx6 *eeprom)
1406 {
1407         struct ieee80211_hw *dev = eeprom->data;
1408         struct rtl8187_priv *priv = dev->priv;
1409         u8 reg = RTL818X_EEPROM_CMD_PROGRAM;
1410 
1411         if (eeprom->reg_data_in)
1412                 reg |= RTL818X_EEPROM_CMD_WRITE;
1413         if (eeprom->reg_data_out)
1414                 reg |= RTL818X_EEPROM_CMD_READ;
1415         if (eeprom->reg_data_clock)
1416                 reg |= RTL818X_EEPROM_CMD_CK;
1417         if (eeprom->reg_chip_select)
1418                 reg |= RTL818X_EEPROM_CMD_CS;
1419 
1420         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, reg);
1421         udelay(10);
1422 }
1423 
1424 static int rtl8187_probe(struct usb_interface *intf,
1425                                    const struct usb_device_id *id)
1426 {
1427         struct usb_device *udev = interface_to_usbdev(intf);
1428         struct ieee80211_hw *dev;
1429         struct rtl8187_priv *priv;
1430         struct eeprom_93cx6 eeprom;
1431         struct ieee80211_channel *channel;
1432         const char *chip_name;
1433         u16 txpwr, reg;
1434         u16 product_id = le16_to_cpu(udev->descriptor.idProduct);
1435         int err, i;
1436         u8 mac_addr[ETH_ALEN];
1437 
1438         dev = ieee80211_alloc_hw(sizeof(*priv), &rtl8187_ops);
1439         if (!dev) {
1440                 printk(KERN_ERR "rtl8187: ieee80211 alloc failed\n");
1441                 return -ENOMEM;
1442         }
1443 
1444         priv = dev->priv;
1445         priv->is_rtl8187b = (id->driver_info == DEVICE_RTL8187B);
1446 
1447         /* allocate "DMA aware" buffer for register accesses */
1448         priv->io_dmabuf = kmalloc(sizeof(*priv->io_dmabuf), GFP_KERNEL);
1449         if (!priv->io_dmabuf) {
1450                 err = -ENOMEM;
1451                 goto err_free_dev;
1452         }
1453         mutex_init(&priv->io_mutex);
1454         mutex_init(&priv->conf_mutex);
1455 
1456         SET_IEEE80211_DEV(dev, &intf->dev);
1457         usb_set_intfdata(intf, dev);
1458         priv->udev = udev;
1459 
1460         usb_get_dev(udev);
1461 
1462         skb_queue_head_init(&priv->rx_queue);
1463 
1464         BUILD_BUG_ON(sizeof(priv->channels) != sizeof(rtl818x_channels));
1465         BUILD_BUG_ON(sizeof(priv->rates) != sizeof(rtl818x_rates));
1466 
1467         memcpy(priv->channels, rtl818x_channels, sizeof(rtl818x_channels));
1468         memcpy(priv->rates, rtl818x_rates, sizeof(rtl818x_rates));
1469         priv->map = (struct rtl818x_csr *)0xFF00;
1470 
1471         priv->band.band = NL80211_BAND_2GHZ;
1472         priv->band.channels = priv->channels;
1473         priv->band.n_channels = ARRAY_SIZE(rtl818x_channels);
1474         priv->band.bitrates = priv->rates;
1475         priv->band.n_bitrates = ARRAY_SIZE(rtl818x_rates);
1476         dev->wiphy->bands[NL80211_BAND_2GHZ] = &priv->band;
1477 
1478 
1479         ieee80211_hw_set(dev, RX_INCLUDES_FCS);
1480         ieee80211_hw_set(dev, HOST_BROADCAST_PS_BUFFERING);
1481         ieee80211_hw_set(dev, SIGNAL_DBM);
1482         /* Initialize rate-control variables */
1483         dev->max_rates = 1;
1484         dev->max_rate_tries = RETRY_COUNT;
1485 
1486         eeprom.data = dev;
1487         eeprom.register_read = rtl8187_eeprom_register_read;
1488         eeprom.register_write = rtl8187_eeprom_register_write;
1489         if (rtl818x_ioread32(priv, &priv->map->RX_CONF) & (1 << 6))
1490                 eeprom.width = PCI_EEPROM_WIDTH_93C66;
1491         else
1492                 eeprom.width = PCI_EEPROM_WIDTH_93C46;
1493 
1494         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
1495         udelay(10);
1496 
1497         eeprom_93cx6_multiread(&eeprom, RTL8187_EEPROM_MAC_ADDR,
1498                                (__le16 __force *)mac_addr, 3);
1499         if (!is_valid_ether_addr(mac_addr)) {
1500                 printk(KERN_WARNING "rtl8187: Invalid hwaddr! Using randomly "
1501                        "generated MAC address\n");
1502                 eth_random_addr(mac_addr);
1503         }
1504         SET_IEEE80211_PERM_ADDR(dev, mac_addr);
1505 
1506         channel = priv->channels;
1507         for (i = 0; i < 3; i++) {
1508                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_1 + i,
1509                                   &txpwr);
1510                 (*channel++).hw_value = txpwr & 0xFF;
1511                 (*channel++).hw_value = txpwr >> 8;
1512         }
1513         for (i = 0; i < 2; i++) {
1514                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_4 + i,
1515                                   &txpwr);
1516                 (*channel++).hw_value = txpwr & 0xFF;
1517                 (*channel++).hw_value = txpwr >> 8;
1518         }
1519 
1520         eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_BASE,
1521                           &priv->txpwr_base);
1522 
1523         reg = rtl818x_ioread8(priv, &priv->map->PGSELECT) & ~1;
1524         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg | 1);
1525         /* 0 means asic B-cut, we should use SW 3 wire
1526          * bit-by-bit banging for radio. 1 means we can use
1527          * USB specific request to write radio registers */
1528         priv->asic_rev = rtl818x_ioread8(priv, (u8 *)0xFFFE) & 0x3;
1529         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg);
1530         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
1531 
1532         if (!priv->is_rtl8187b) {
1533                 u32 reg32;
1534                 reg32 = rtl818x_ioread32(priv, &priv->map->TX_CONF);
1535                 reg32 &= RTL818X_TX_CONF_HWVER_MASK;
1536                 switch (reg32) {
1537                 case RTL818X_TX_CONF_R8187vD_B:
1538                         /* Some RTL8187B devices have a USB ID of 0x8187
1539                          * detect them here */
1540                         chip_name = "RTL8187BvB(early)";
1541                         priv->is_rtl8187b = 1;
1542                         priv->hw_rev = RTL8187BvB;
1543                         break;
1544                 case RTL818X_TX_CONF_R8187vD:
1545                         chip_name = "RTL8187vD";
1546                         break;
1547                 default:
1548                         chip_name = "RTL8187vB (default)";
1549                 }
1550        } else {
1551                 /*
1552                  * Force USB request to write radio registers for 8187B, Realtek
1553                  * only uses it in their sources
1554                  */
1555                 /*if (priv->asic_rev == 0) {
1556                         printk(KERN_WARNING "rtl8187: Forcing use of USB "
1557                                "requests to write to radio registers\n");
1558                         priv->asic_rev = 1;
1559                 }*/
1560                 switch (rtl818x_ioread8(priv, (u8 *)0xFFE1)) {
1561                 case RTL818X_R8187B_B:
1562                         chip_name = "RTL8187BvB";
1563                         priv->hw_rev = RTL8187BvB;
1564                         break;
1565                 case RTL818X_R8187B_D:
1566                         chip_name = "RTL8187BvD";
1567                         priv->hw_rev = RTL8187BvD;
1568                         break;
1569                 case RTL818X_R8187B_E:
1570                         chip_name = "RTL8187BvE";
1571                         priv->hw_rev = RTL8187BvE;
1572                         break;
1573                 default:
1574                         chip_name = "RTL8187BvB (default)";
1575                         priv->hw_rev = RTL8187BvB;
1576                 }
1577         }
1578 
1579         if (!priv->is_rtl8187b) {
1580                 for (i = 0; i < 2; i++) {
1581                         eeprom_93cx6_read(&eeprom,
1582                                           RTL8187_EEPROM_TXPWR_CHAN_6 + i,
1583                                           &txpwr);
1584                         (*channel++).hw_value = txpwr & 0xFF;
1585                         (*channel++).hw_value = txpwr >> 8;
1586                 }
1587         } else {
1588                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_6,
1589                                   &txpwr);
1590                 (*channel++).hw_value = txpwr & 0xFF;
1591 
1592                 eeprom_93cx6_read(&eeprom, 0x0A, &txpwr);
1593                 (*channel++).hw_value = txpwr & 0xFF;
1594 
1595                 eeprom_93cx6_read(&eeprom, 0x1C, &txpwr);
1596                 (*channel++).hw_value = txpwr & 0xFF;
1597                 (*channel++).hw_value = txpwr >> 8;
1598         }
1599         /* Handle the differing rfkill GPIO bit in different models */
1600         priv->rfkill_mask = RFKILL_MASK_8187_89_97;
1601         if (product_id == 0x8197 || product_id == 0x8198) {
1602                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_SELECT_GPIO, &reg);
1603                 if (reg & 0xFF00)
1604                         priv->rfkill_mask = RFKILL_MASK_8198;
1605         }
1606         dev->vif_data_size = sizeof(struct rtl8187_vif);
1607         dev->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1608                                       BIT(NL80211_IFTYPE_ADHOC) ;
1609 
1610         wiphy_ext_feature_set(dev->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
1611 
1612         if ((id->driver_info == DEVICE_RTL8187) && priv->is_rtl8187b)
1613                 printk(KERN_INFO "rtl8187: inconsistency between id with OEM"
1614                        " info!\n");
1615 
1616         priv->rf = rtl8187_detect_rf(dev);
1617         dev->extra_tx_headroom = (!priv->is_rtl8187b) ?
1618                                   sizeof(struct rtl8187_tx_hdr) :
1619                                   sizeof(struct rtl8187b_tx_hdr);
1620         if (!priv->is_rtl8187b)
1621                 dev->queues = 1;
1622         else
1623                 dev->queues = 4;
1624 
1625         err = ieee80211_register_hw(dev);
1626         if (err) {
1627                 printk(KERN_ERR "rtl8187: Cannot register device\n");
1628                 goto err_free_dmabuf;
1629         }
1630         skb_queue_head_init(&priv->b_tx_status.queue);
1631 
1632         wiphy_info(dev->wiphy, "hwaddr %pM, %s V%d + %s, rfkill mask %d\n",
1633                    mac_addr, chip_name, priv->asic_rev, priv->rf->name,
1634                    priv->rfkill_mask);
1635 
1636 #ifdef CONFIG_RTL8187_LEDS
1637         eeprom_93cx6_read(&eeprom, 0x3F, &reg);
1638         reg &= 0xFF;
1639         rtl8187_leds_init(dev, reg);
1640 #endif
1641         rtl8187_rfkill_init(dev);
1642 
1643         return 0;
1644 
1645  err_free_dmabuf:
1646         kfree(priv->io_dmabuf);
1647         usb_set_intfdata(intf, NULL);
1648         usb_put_dev(udev);
1649  err_free_dev:
1650         ieee80211_free_hw(dev);
1651         return err;
1652 }
1653 
1654 static void rtl8187_disconnect(struct usb_interface *intf)
1655 {
1656         struct ieee80211_hw *dev = usb_get_intfdata(intf);
1657         struct rtl8187_priv *priv;
1658 
1659         if (!dev)
1660                 return;
1661 
1662 #ifdef CONFIG_RTL8187_LEDS
1663         rtl8187_leds_exit(dev);
1664 #endif
1665         rtl8187_rfkill_exit(dev);
1666         ieee80211_unregister_hw(dev);
1667 
1668         priv = dev->priv;
1669         usb_reset_device(priv->udev);
1670         usb_put_dev(interface_to_usbdev(intf));
1671         kfree(priv->io_dmabuf);
1672         ieee80211_free_hw(dev);
1673 }
1674 
1675 static struct usb_driver rtl8187_driver = {
1676         .name           = KBUILD_MODNAME,
1677         .id_table       = rtl8187_table,
1678         .probe          = rtl8187_probe,
1679         .disconnect     = rtl8187_disconnect,
1680         .disable_hub_initiated_lpm = 1,
1681 };
1682 
1683 module_usb_driver(rtl8187_driver);
/* [<][>][^][v][top][bottom][index][help] */