1 
2 /* Linux device driver for RTL8180 / RTL8185 / RTL8187SE
3  *
4  * Copyright 2007 Michael Wu <flamingice@sourmilk.net>
5  * Copyright 2007,2014 Andrea Merello <andrea.merello@gmail.com>
6  *
7  * Based on the r8180 driver, which is:
8  * Copyright 2004-2005 Andrea Merello <andrea.merello@gmail.com>, et al.
9  *
10  * Thanks to Realtek for their support!
11  *
12  ************************************************************************
13  *
14  * The driver was extended to the RTL8187SE in 2014 by
15  * Andrea Merello <andrea.merello@gmail.com>
16  *
17  * based also on:
18  *  - portions of rtl8187se Linux staging driver, Copyright Realtek corp.
19  *    (available in drivers/staging/rtl8187se directory of Linux 3.14)
20  *  - other GPL, unpublished (until now), Linux driver code,
21  *    Copyright Larry Finger <Larry.Finger@lwfinger.net>
22  *
23  * A huge thanks goes to Sara V. Nari who forgives me when I'm
24  * sitting in front of my laptop at evening, week-end, night...
25  *
26  * A special thanks goes to Antonio Cuni, who helped me with
27  * some python userspace stuff I used to debug RTL8187SE code, and who
28  * bought a laptop with an unsupported Wi-Fi card some years ago...
29  *
30  * Thanks to Larry Finger for writing some code for rtl8187se and for
31  * his suggestions.
32  *
33  * Thanks to Dan Carpenter for reviewing my initial patch and for his
34  * suggestions.
35  *
36  * Thanks to Bernhard Schiffner for his help in testing and for his
37  * suggestions.
38  *
39  ************************************************************************
40  *
41  * This program is free software; you can redistribute it and/or modify
42  * it under the terms of the GNU General Public License version 2 as
43  * published by the Free Software Foundation.
44  */
45 
46 #include <linux/interrupt.h>
47 #include <linux/pci.h>
48 #include <linux/slab.h>
49 #include <linux/delay.h>
50 #include <linux/etherdevice.h>
51 #include <linux/eeprom_93cx6.h>
52 #include <linux/module.h>
53 #include <net/mac80211.h>
54 
55 #include "rtl8180.h"
56 #include "rtl8225.h"
57 #include "sa2400.h"
58 #include "max2820.h"
59 #include "grf5101.h"
60 #include "rtl8225se.h"
61 
62 MODULE_AUTHOR("Michael Wu <flamingice@sourmilk.net>");
63 MODULE_AUTHOR("Andrea Merello <andrea.merello@gmail.com>");
64 MODULE_DESCRIPTION("RTL8180 / RTL8185 / RTL8187SE PCI wireless driver");
65 MODULE_LICENSE("GPL");
66 
67 static const struct pci_device_id rtl8180_table[] = {
68 
69 	/* rtl8187se */
70 	{ PCI_DEVICE(PCI_VENDOR_ID_REALTEK, 0x8199) },
71 
72 	/* rtl8185 */
73 	{ PCI_DEVICE(PCI_VENDOR_ID_REALTEK, 0x8185) },
74 	{ PCI_DEVICE(PCI_VENDOR_ID_BELKIN, 0x700f) },
75 	{ PCI_DEVICE(PCI_VENDOR_ID_BELKIN, 0x701f) },
76 
77 	/* rtl8180 */
78 	{ PCI_DEVICE(PCI_VENDOR_ID_REALTEK, 0x8180) },
79 	{ PCI_DEVICE(0x1799, 0x6001) },
80 	{ PCI_DEVICE(0x1799, 0x6020) },
81 	{ PCI_DEVICE(PCI_VENDOR_ID_DLINK, 0x3300) },
82 	{ PCI_DEVICE(0x1186, 0x3301) },
83 	{ PCI_DEVICE(0x1432, 0x7106) },
84 	{ }
85 };
86 
87 MODULE_DEVICE_TABLE(pci, rtl8180_table);
88 
89 static const struct ieee80211_rate rtl818x_rates[] = {
90 	{ .bitrate = 10, .hw_value = 0, },
91 	{ .bitrate = 20, .hw_value = 1, },
92 	{ .bitrate = 55, .hw_value = 2, },
93 	{ .bitrate = 110, .hw_value = 3, },
94 	{ .bitrate = 60, .hw_value = 4, },
95 	{ .bitrate = 90, .hw_value = 5, },
96 	{ .bitrate = 120, .hw_value = 6, },
97 	{ .bitrate = 180, .hw_value = 7, },
98 	{ .bitrate = 240, .hw_value = 8, },
99 	{ .bitrate = 360, .hw_value = 9, },
100 	{ .bitrate = 480, .hw_value = 10, },
101 	{ .bitrate = 540, .hw_value = 11, },
102 };
103 
104 static const struct ieee80211_channel rtl818x_channels[] = {
105 	{ .center_freq = 2412 },
106 	{ .center_freq = 2417 },
107 	{ .center_freq = 2422 },
108 	{ .center_freq = 2427 },
109 	{ .center_freq = 2432 },
110 	{ .center_freq = 2437 },
111 	{ .center_freq = 2442 },
112 	{ .center_freq = 2447 },
113 	{ .center_freq = 2452 },
114 	{ .center_freq = 2457 },
115 	{ .center_freq = 2462 },
116 	{ .center_freq = 2467 },
117 	{ .center_freq = 2472 },
118 	{ .center_freq = 2484 },
119 };
120 
121 /* Queues for rtl8187se card
122  *
123  * name | reg  |  queue
124  *  BC  |  7   |   6
125  *  MG  |  1   |   0
126  *  HI  |  6   |   1
127  *  VO  |  5   |   2
128  *  VI  |  4   |   3
129  *  BE  |  3   |   4
130  *  BK  |  2   |   5
131  *
132  * The complete map for DMA kick reg using use all queue is:
133  * static const int rtl8187se_queues_map[RTL8187SE_NR_TX_QUEUES] =
134  *	{1, 6, 5, 4, 3, 2, 7};
135  *
136  * .. but.. Because for mac80211 4 queues are enough for QoS we use this
137  *
138  * name | reg  |  queue
139  *  BC  |  7   |   4  <- currently not used yet
140  *  MG  |  1   |   x  <- Not used
141  *  HI  |  6   |   x  <- Not used
142  *  VO  |  5   |   0  <- used
143  *  VI  |  4   |   1  <- used
144  *  BE  |  3   |   2  <- used
145  *  BK  |  2   |   3  <- used
146  *
147  * Beacon queue could be used, but this is not finished yet.
148  *
149  * I thougth about using the other two queues but I decided not to do this:
150  *
151  * - I'm unsure whether the mac80211 will ever try to use more than 4 queues
152  *   by itself.
153  *
154  * - I could route MGMT frames (currently sent over VO queue) to the MGMT
155  *   queue but since mac80211 will do not know about it, I will probably gain
156  *   some HW priority whenever the VO queue is not empty, but this gain is
157  *   limited by the fact that I had to stop the mac80211 queue whenever one of
158  *   the VO or MGMT queues is full, stopping also submitting of MGMT frame
159  *   to the driver.
160  *
161  * - I don't know how to set in the HW the contention window params for MGMT
162  *   and HI-prio queues.
163  */
164 
165 static const int rtl8187se_queues_map[RTL8187SE_NR_TX_QUEUES] = {5, 4, 3, 2, 7};
166 
167 /* Queues for rtl8180/rtl8185 cards
168  *
169  * name | reg  |  prio
170  *  BC  |  7   |   3
171  *  HI  |  6   |   0
172  *  NO  |  5   |   1
173  *  LO  |  4   |   2
174  *
175  * The complete map for DMA kick reg using all queue is:
176  * static const int rtl8180_queues_map[RTL8180_NR_TX_QUEUES] = {6, 5, 4, 7};
177  *
178  * .. but .. Because the mac80211 needs at least 4 queues for QoS or
179  * otherwise QoS can't be done, we use just one.
180  * Beacon queue could be used, but this is not finished yet.
181  * Actual map is:
182  *
183  * name | reg  |  prio
184  *  BC  |  7   |   1  <- currently not used yet.
185  *  HI  |  6   |   x  <- not used
186  *  NO  |  5   |   x  <- not used
187  *  LO  |  4   |   0  <- used
188  */
189 
190 static const int rtl8180_queues_map[RTL8180_NR_TX_QUEUES] = {4, 7};
191 
192 /* LNA gain table for rtl8187se */
193 static const u8 rtl8187se_lna_gain[4] = {02, 17, 29, 39};
194 
195 void rtl8180_write_phy(struct ieee80211_hw *dev, u8 addr, u32 data)
196 {
197 	struct rtl8180_priv *priv = dev->priv;
198 	int i = 10;
199 	u32 buf;
200 
201 	buf = (data << 8) | addr;
202 
203 	rtl818x_iowrite32(priv, (__le32 __iomem *)&priv->map->PHY[0], buf | 0x80);
204 	while (i--) {
205 		rtl818x_iowrite32(priv, (__le32 __iomem *)&priv->map->PHY[0], buf);
206 		if (rtl818x_ioread8(priv, &priv->map->PHY[2]) == (data & 0xFF))
207 			return;
208 	}
209 }
210 
211 static void rtl8180_handle_rx(struct ieee80211_hw *dev)
212 {
213 	struct rtl8180_priv *priv = dev->priv;
214 	struct rtl818x_rx_cmd_desc *cmd_desc;
215 	unsigned int count = 32;
216 	u8 agc, sq;
217 	s8 signal = 1;
218 	dma_addr_t mapping;
219 
220 	while (count--) {
221 		void *entry = priv->rx_ring + priv->rx_idx * priv->rx_ring_sz;
222 		struct sk_buff *skb = priv->rx_buf[priv->rx_idx];
223 		u32 flags, flags2, flags3 = 0;
224 		u64 tsft;
225 
226 		if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
227 			struct rtl8187se_rx_desc *desc = entry;
228 
229 			flags = le32_to_cpu(desc->flags);
230 			/* if ownership flag is set, then we can trust the
231 			 * HW has written other fields. We must not trust
232 			 * other descriptor data read before we checked (read)
233 			 * the ownership flag
234 			 */
235 			rmb();
236 			flags3 = le32_to_cpu(desc->flags3);
237 			flags2 = le32_to_cpu(desc->flags2);
238 			tsft = le64_to_cpu(desc->tsft);
239 		} else {
240 			struct rtl8180_rx_desc *desc = entry;
241 
242 			flags = le32_to_cpu(desc->flags);
243 			/* same as above */
244 			rmb();
245 			flags2 = le32_to_cpu(desc->flags2);
246 			tsft = le64_to_cpu(desc->tsft);
247 		}
248 
249 		if (flags & RTL818X_RX_DESC_FLAG_OWN)
250 			return;
251 
252 		if (unlikely(flags & (RTL818X_RX_DESC_FLAG_DMA_FAIL |
253 				      RTL818X_RX_DESC_FLAG_FOF |
254 				      RTL818X_RX_DESC_FLAG_RX_ERR)))
255 			goto done;
256 		else {
257 			struct ieee80211_rx_status rx_status = {0};
258 			struct sk_buff *new_skb = dev_alloc_skb(MAX_RX_SIZE);
259 
260 			if (unlikely(!new_skb))
261 				goto done;
262 
263 			mapping = pci_map_single(priv->pdev,
264 					       skb_tail_pointer(new_skb),
265 					       MAX_RX_SIZE, PCI_DMA_FROMDEVICE);
266 
267 			if (pci_dma_mapping_error(priv->pdev, mapping)) {
268 				kfree_skb(new_skb);
269 				dev_err(&priv->pdev->dev, "RX DMA map error\n");
270 
271 				goto done;
272 			}
273 
274 			pci_unmap_single(priv->pdev,
275 					 *((dma_addr_t *)skb->cb),
276 					 MAX_RX_SIZE, PCI_DMA_FROMDEVICE);
277 			skb_put(skb, flags & 0xFFF);
278 
279 			rx_status.antenna = (flags2 >> 15) & 1;
280 			rx_status.rate_idx = (flags >> 20) & 0xF;
281 			agc = (flags2 >> 17) & 0x7F;
282 
283 			switch (priv->chip_family) {
284 			case RTL818X_CHIP_FAMILY_RTL8185:
285 				if (rx_status.rate_idx > 3)
286 					signal = -clamp_t(u8, agc, 25, 90) - 9;
287 				else
288 					signal = -clamp_t(u8, agc, 30, 95);
289 				break;
290 			case RTL818X_CHIP_FAMILY_RTL8180:
291 				sq = flags2 & 0xff;
292 				signal = priv->rf->calc_rssi(agc, sq);
293 				break;
294 			case RTL818X_CHIP_FAMILY_RTL8187SE:
295 				/* OFDM measure reported by HW is signed,
296 				 * in 0.5dBm unit, with zero centered @ -41dBm
297 				 * input signal.
298 				 */
299 				if (rx_status.rate_idx > 3) {
300 					signal = (s8)((flags3 >> 16) & 0xff);
301 					signal = signal / 2 - 41;
302 				} else {
303 					int idx, bb;
304 
305 					idx = (agc & 0x60) >> 5;
306 					bb = (agc & 0x1F) * 2;
307 					/* bias + BB gain + LNA gain */
308 					signal = 4 - bb - rtl8187se_lna_gain[idx];
309 				}
310 				break;
311 			}
312 			rx_status.signal = signal;
313 			rx_status.freq = dev->conf.chandef.chan->center_freq;
314 			rx_status.band = dev->conf.chandef.chan->band;
315 			rx_status.mactime = tsft;
316 			rx_status.flag |= RX_FLAG_MACTIME_START;
317 			if (flags & RTL818X_RX_DESC_FLAG_SPLCP)
318 				rx_status.enc_flags |= RX_ENC_FLAG_SHORTPRE;
319 			if (flags & RTL818X_RX_DESC_FLAG_CRC32_ERR)
320 				rx_status.flag |= RX_FLAG_FAILED_FCS_CRC;
321 
322 			memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
323 			ieee80211_rx_irqsafe(dev, skb);
324 
325 			skb = new_skb;
326 			priv->rx_buf[priv->rx_idx] = skb;
327 			*((dma_addr_t *) skb->cb) = mapping;
328 		}
329 
330 	done:
331 		cmd_desc = entry;
332 		cmd_desc->rx_buf = cpu_to_le32(*((dma_addr_t *)skb->cb));
333 		cmd_desc->flags = cpu_to_le32(RTL818X_RX_DESC_FLAG_OWN |
334 					   MAX_RX_SIZE);
335 		if (priv->rx_idx == 31)
336 			cmd_desc->flags |=
337 				cpu_to_le32(RTL818X_RX_DESC_FLAG_EOR);
338 		priv->rx_idx = (priv->rx_idx + 1) % 32;
339 	}
340 }
341 
342 static void rtl8180_handle_tx(struct ieee80211_hw *dev, unsigned int prio)
343 {
344 	struct rtl8180_priv *priv = dev->priv;
345 	struct rtl8180_tx_ring *ring = &priv->tx_ring[prio];
346 
347 	while (skb_queue_len(&ring->queue)) {
348 		struct rtl8180_tx_desc *entry = &ring->desc[ring->idx];
349 		struct sk_buff *skb;
350 		struct ieee80211_tx_info *info;
351 		u32 flags = le32_to_cpu(entry->flags);
352 
353 		if (flags & RTL818X_TX_DESC_FLAG_OWN)
354 			return;
355 
356 		ring->idx = (ring->idx + 1) % ring->entries;
357 		skb = __skb_dequeue(&ring->queue);
358 		pci_unmap_single(priv->pdev, le32_to_cpu(entry->tx_buf),
359 				 skb->len, PCI_DMA_TODEVICE);
360 
361 		info = IEEE80211_SKB_CB(skb);
362 		ieee80211_tx_info_clear_status(info);
363 
364 		if (!(info->flags & IEEE80211_TX_CTL_NO_ACK) &&
365 		    (flags & RTL818X_TX_DESC_FLAG_TX_OK))
366 			info->flags |= IEEE80211_TX_STAT_ACK;
367 
368 		info->status.rates[0].count = (flags & 0xFF) + 1;
369 
370 		ieee80211_tx_status_irqsafe(dev, skb);
371 		if (ring->entries - skb_queue_len(&ring->queue) == 2)
372 			ieee80211_wake_queue(dev, prio);
373 	}
374 }
375 
376 static irqreturn_t rtl8187se_interrupt(int irq, void *dev_id)
377 {
378 	struct ieee80211_hw *dev = dev_id;
379 	struct rtl8180_priv *priv = dev->priv;
380 	u32 reg;
381 	unsigned long flags;
382 	static int desc_err;
383 
384 	spin_lock_irqsave(&priv->lock, flags);
385 	/* Note: 32-bit interrupt status */
386 	reg = rtl818x_ioread32(priv, &priv->map->INT_STATUS_SE);
387 	if (unlikely(reg == 0xFFFFFFFF)) {
388 		spin_unlock_irqrestore(&priv->lock, flags);
389 		return IRQ_HANDLED;
390 	}
391 
392 	rtl818x_iowrite32(priv, &priv->map->INT_STATUS_SE, reg);
393 
394 	if (reg & IMR_TIMEOUT1)
395 		rtl818x_iowrite32(priv, &priv->map->INT_TIMEOUT, 0);
396 
397 	if (reg & (IMR_TBDOK | IMR_TBDER))
398 		rtl8180_handle_tx(dev, 4);
399 
400 	if (reg & (IMR_TVODOK | IMR_TVODER))
401 		rtl8180_handle_tx(dev, 0);
402 
403 	if (reg & (IMR_TVIDOK | IMR_TVIDER))
404 		rtl8180_handle_tx(dev, 1);
405 
406 	if (reg & (IMR_TBEDOK | IMR_TBEDER))
407 		rtl8180_handle_tx(dev, 2);
408 
409 	if (reg & (IMR_TBKDOK | IMR_TBKDER))
410 		rtl8180_handle_tx(dev, 3);
411 
412 	if (reg & (IMR_ROK | IMR_RER | RTL818X_INT_SE_RX_DU | IMR_RQOSOK))
413 		rtl8180_handle_rx(dev);
414 	/* The interface sometimes generates several RX DMA descriptor errors
415 	 * at startup. Do not report these.
416 	 */
417 	if ((reg & RTL818X_INT_SE_RX_DU) && desc_err++ > 2)
418 		if (net_ratelimit())
419 			wiphy_err(dev->wiphy, "No RX DMA Descriptor avail\n");
420 
421 	spin_unlock_irqrestore(&priv->lock, flags);
422 	return IRQ_HANDLED;
423 }
424 
425 static irqreturn_t rtl8180_interrupt(int irq, void *dev_id)
426 {
427 	struct ieee80211_hw *dev = dev_id;
428 	struct rtl8180_priv *priv = dev->priv;
429 	u16 reg;
430 
431 	spin_lock(&priv->lock);
432 	reg = rtl818x_ioread16(priv, &priv->map->INT_STATUS);
433 	if (unlikely(reg == 0xFFFF)) {
434 		spin_unlock(&priv->lock);
435 		return IRQ_HANDLED;
436 	}
437 
438 	rtl818x_iowrite16(priv, &priv->map->INT_STATUS, reg);
439 
440 	if (reg & (RTL818X_INT_TXB_OK | RTL818X_INT_TXB_ERR))
441 		rtl8180_handle_tx(dev, 1);
442 
443 	if (reg & (RTL818X_INT_TXL_OK | RTL818X_INT_TXL_ERR))
444 		rtl8180_handle_tx(dev, 0);
445 
446 	if (reg & (RTL818X_INT_RX_OK | RTL818X_INT_RX_ERR))
447 		rtl8180_handle_rx(dev);
448 
449 	spin_unlock(&priv->lock);
450 
451 	return IRQ_HANDLED;
452 }
453 
454 static void rtl8180_tx(struct ieee80211_hw *dev,
455 		       struct ieee80211_tx_control *control,
456 		       struct sk_buff *skb)
457 {
458 	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
459 	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data;
460 	struct rtl8180_priv *priv = dev->priv;
461 	struct rtl8180_tx_ring *ring;
462 	struct rtl8180_tx_desc *entry;
463 	unsigned long flags;
464 	unsigned int idx, prio, hw_prio;
465 	dma_addr_t mapping;
466 	u32 tx_flags;
467 	u8 rc_flags;
468 	u16 plcp_len = 0;
469 	__le16 rts_duration = 0;
470 	/* do arithmetic and then convert to le16 */
471 	u16 frame_duration = 0;
472 
473 	prio = skb_get_queue_mapping(skb);
474 	ring = &priv->tx_ring[prio];
475 
476 	mapping = pci_map_single(priv->pdev, skb->data,
477 				 skb->len, PCI_DMA_TODEVICE);
478 
479 	if (pci_dma_mapping_error(priv->pdev, mapping)) {
480 		kfree_skb(skb);
481 		dev_err(&priv->pdev->dev, "TX DMA mapping error\n");
482 		return;
483 	}
484 
485 	tx_flags = RTL818X_TX_DESC_FLAG_OWN | RTL818X_TX_DESC_FLAG_FS |
486 		   RTL818X_TX_DESC_FLAG_LS |
487 		   (ieee80211_get_tx_rate(dev, info)->hw_value << 24) |
488 		   skb->len;
489 
490 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180)
491 		tx_flags |= RTL818X_TX_DESC_FLAG_DMA |
492 			    RTL818X_TX_DESC_FLAG_NO_ENC;
493 
494 	rc_flags = info->control.rates[0].flags;
495 
496 	/* HW will perform RTS-CTS when only RTS flags is set.
497 	 * HW will perform CTS-to-self when both RTS and CTS flags are set.
498 	 * RTS rate and RTS duration will be used also for CTS-to-self.
499 	 */
500 	if (rc_flags & IEEE80211_TX_RC_USE_RTS_CTS) {
501 		tx_flags |= RTL818X_TX_DESC_FLAG_RTS;
502 		tx_flags |= ieee80211_get_rts_cts_rate(dev, info)->hw_value << 19;
503 		rts_duration = ieee80211_rts_duration(dev, priv->vif,
504 						skb->len, info);
505 	} else if (rc_flags & IEEE80211_TX_RC_USE_CTS_PROTECT) {
506 		tx_flags |= RTL818X_TX_DESC_FLAG_RTS | RTL818X_TX_DESC_FLAG_CTS;
507 		tx_flags |= ieee80211_get_rts_cts_rate(dev, info)->hw_value << 19;
508 		rts_duration = ieee80211_ctstoself_duration(dev, priv->vif,
509 						skb->len, info);
510 	}
511 
512 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180) {
513 		unsigned int remainder;
514 
515 		plcp_len = DIV_ROUND_UP(16 * (skb->len + 4),
516 				(ieee80211_get_tx_rate(dev, info)->bitrate * 2) / 10);
517 		remainder = (16 * (skb->len + 4)) %
518 			    ((ieee80211_get_tx_rate(dev, info)->bitrate * 2) / 10);
519 		if (remainder <= 6)
520 			plcp_len |= 1 << 15;
521 	}
522 
523 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
524 		__le16 duration;
525 		/* SIFS time (required by HW) is already included by
526 		 * ieee80211_generic_frame_duration
527 		 */
528 		duration = ieee80211_generic_frame_duration(dev, priv->vif,
529 					NL80211_BAND_2GHZ, skb->len,
530 					ieee80211_get_tx_rate(dev, info));
531 
532 		frame_duration =  priv->ack_time + le16_to_cpu(duration);
533 	}
534 
535 	spin_lock_irqsave(&priv->lock, flags);
536 
537 	if (info->flags & IEEE80211_TX_CTL_ASSIGN_SEQ) {
538 		if (info->flags & IEEE80211_TX_CTL_FIRST_FRAGMENT)
539 			priv->seqno += 0x10;
540 		hdr->seq_ctrl &= cpu_to_le16(IEEE80211_SCTL_FRAG);
541 		hdr->seq_ctrl |= cpu_to_le16(priv->seqno);
542 	}
543 
544 	idx = (ring->idx + skb_queue_len(&ring->queue)) % ring->entries;
545 	entry = &ring->desc[idx];
546 
547 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
548 		entry->frame_duration = cpu_to_le16(frame_duration);
549 		entry->frame_len_se = cpu_to_le16(skb->len);
550 
551 		/* tpc polarity */
552 		entry->flags3 = cpu_to_le16(1<<4);
553 	} else
554 		entry->frame_len = cpu_to_le32(skb->len);
555 
556 	entry->rts_duration = rts_duration;
557 	entry->plcp_len = cpu_to_le16(plcp_len);
558 	entry->tx_buf = cpu_to_le32(mapping);
559 
560 	entry->retry_limit = info->control.rates[0].count - 1;
561 
562 	/* We must be sure that tx_flags is written last because the HW
563 	 * looks at it to check if the rest of data is valid or not
564 	 */
565 	wmb();
566 	entry->flags = cpu_to_le32(tx_flags);
567 	/* We must be sure this has been written before followings HW
568 	 * register write, because this write will made the HW attempts
569 	 * to DMA the just-written data
570 	 */
571 	wmb();
572 
573 	__skb_queue_tail(&ring->queue, skb);
574 	if (ring->entries - skb_queue_len(&ring->queue) < 2)
575 		ieee80211_stop_queue(dev, prio);
576 
577 	spin_unlock_irqrestore(&priv->lock, flags);
578 
579 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
580 		/* just poll: rings are stopped with TPPollStop reg */
581 		hw_prio = rtl8187se_queues_map[prio];
582 		rtl818x_iowrite8(priv, &priv->map->TX_DMA_POLLING,
583 			 (1 << hw_prio));
584 	} else {
585 		hw_prio = rtl8180_queues_map[prio];
586 		rtl818x_iowrite8(priv, &priv->map->TX_DMA_POLLING,
587 			 (1 << hw_prio) | /* ring to poll  */
588 			 (1<<1) | (1<<2));/* stopped rings */
589 	}
590 }
591 
592 static void rtl8180_set_anaparam3(struct rtl8180_priv *priv, u16 anaparam3)
593 {
594 	u8 reg;
595 
596 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
597 			 RTL818X_EEPROM_CMD_CONFIG);
598 
599 	reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
600 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
601 		 reg | RTL818X_CONFIG3_ANAPARAM_WRITE);
602 
603 	rtl818x_iowrite16(priv, &priv->map->ANAPARAM3, anaparam3);
604 
605 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
606 		 reg & ~RTL818X_CONFIG3_ANAPARAM_WRITE);
607 
608 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
609 			 RTL818X_EEPROM_CMD_NORMAL);
610 }
611 
612 void rtl8180_set_anaparam2(struct rtl8180_priv *priv, u32 anaparam2)
613 {
614 	u8 reg;
615 
616 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
617 			 RTL818X_EEPROM_CMD_CONFIG);
618 
619 	reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
620 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
621 		 reg | RTL818X_CONFIG3_ANAPARAM_WRITE);
622 
623 	rtl818x_iowrite32(priv, &priv->map->ANAPARAM2, anaparam2);
624 
625 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
626 		 reg & ~RTL818X_CONFIG3_ANAPARAM_WRITE);
627 
628 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
629 			 RTL818X_EEPROM_CMD_NORMAL);
630 }
631 
632 void rtl8180_set_anaparam(struct rtl8180_priv *priv, u32 anaparam)
633 {
634 	u8 reg;
635 
636 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
637 	reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
638 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
639 		 reg | RTL818X_CONFIG3_ANAPARAM_WRITE);
640 	rtl818x_iowrite32(priv, &priv->map->ANAPARAM, anaparam);
641 	rtl818x_iowrite8(priv, &priv->map->CONFIG3,
642 		 reg & ~RTL818X_CONFIG3_ANAPARAM_WRITE);
643 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
644 }
645 
646 static void rtl8187se_mac_config(struct ieee80211_hw *dev)
647 {
648 	struct rtl8180_priv *priv = dev->priv;
649 	u8 reg;
650 
651 	rtl818x_iowrite32(priv, REG_ADDR4(0x1F0), 0);
652 	rtl818x_ioread32(priv, REG_ADDR4(0x1F0));
653 	rtl818x_iowrite32(priv, REG_ADDR4(0x1F4), 0);
654 	rtl818x_ioread32(priv, REG_ADDR4(0x1F4));
655 	rtl818x_iowrite8(priv, REG_ADDR1(0x1F8), 0);
656 	rtl818x_ioread8(priv, REG_ADDR1(0x1F8));
657 	/* Enable DA10 TX power saving */
658 	reg = rtl818x_ioread8(priv, &priv->map->PHY_PR);
659 	rtl818x_iowrite8(priv, &priv->map->PHY_PR, reg | 0x04);
660 	/* Power */
661 	rtl818x_iowrite16(priv, PI_DATA_REG, 0x1000);
662 	rtl818x_iowrite16(priv, SI_DATA_REG, 0x1000);
663 	/* AFE - default to power ON */
664 	rtl818x_iowrite16(priv, REG_ADDR2(0x370), 0x0560);
665 	rtl818x_iowrite16(priv, REG_ADDR2(0x372), 0x0560);
666 	rtl818x_iowrite16(priv, REG_ADDR2(0x374), 0x0DA4);
667 	rtl818x_iowrite16(priv, REG_ADDR2(0x376), 0x0DA4);
668 	rtl818x_iowrite16(priv, REG_ADDR2(0x378), 0x0560);
669 	rtl818x_iowrite16(priv, REG_ADDR2(0x37A), 0x0560);
670 	rtl818x_iowrite16(priv, REG_ADDR2(0x37C), 0x00EC);
671 	rtl818x_iowrite16(priv, REG_ADDR2(0x37E), 0x00EC);
672 	rtl818x_iowrite8(priv, REG_ADDR1(0x24E), 0x01);
673 	/* unknown, needed for suspend to RAM resume */
674 	rtl818x_iowrite8(priv, REG_ADDR1(0x0A), 0x72);
675 }
676 
677 static void rtl8187se_set_antenna_config(struct ieee80211_hw *dev, u8 def_ant,
678 					 bool diversity)
679 {
680 	struct rtl8180_priv *priv = dev->priv;
681 
682 	rtl8225_write_phy_cck(dev, 0x0C, 0x09);
683 	if (diversity) {
684 		if (def_ant == 1) {
685 			rtl818x_iowrite8(priv, &priv->map->TX_ANTENNA, 0x00);
686 			rtl8225_write_phy_cck(dev, 0x11, 0xBB);
687 			rtl8225_write_phy_cck(dev, 0x01, 0xC7);
688 			rtl8225_write_phy_ofdm(dev, 0x0D, 0x54);
689 			rtl8225_write_phy_ofdm(dev, 0x18, 0xB2);
690 		} else { /* main antenna */
691 			rtl818x_iowrite8(priv, &priv->map->TX_ANTENNA, 0x03);
692 			rtl8225_write_phy_cck(dev, 0x11, 0x9B);
693 			rtl8225_write_phy_cck(dev, 0x01, 0xC7);
694 			rtl8225_write_phy_ofdm(dev, 0x0D, 0x5C);
695 			rtl8225_write_phy_ofdm(dev, 0x18, 0xB2);
696 		}
697 	} else { /* disable antenna diversity */
698 		if (def_ant == 1) {
699 			rtl818x_iowrite8(priv, &priv->map->TX_ANTENNA, 0x00);
700 			rtl8225_write_phy_cck(dev, 0x11, 0xBB);
701 			rtl8225_write_phy_cck(dev, 0x01, 0x47);
702 			rtl8225_write_phy_ofdm(dev, 0x0D, 0x54);
703 			rtl8225_write_phy_ofdm(dev, 0x18, 0x32);
704 		} else { /* main antenna */
705 			rtl818x_iowrite8(priv, &priv->map->TX_ANTENNA, 0x03);
706 			rtl8225_write_phy_cck(dev, 0x11, 0x9B);
707 			rtl8225_write_phy_cck(dev, 0x01, 0x47);
708 			rtl8225_write_phy_ofdm(dev, 0x0D, 0x5C);
709 			rtl8225_write_phy_ofdm(dev, 0x18, 0x32);
710 		}
711 	}
712 	/* priv->curr_ant = def_ant; */
713 }
714 
715 static void rtl8180_int_enable(struct ieee80211_hw *dev)
716 {
717 	struct rtl8180_priv *priv = dev->priv;
718 
719 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
720 		rtl818x_iowrite32(priv, &priv->map->IMR,
721 			  IMR_TBDER | IMR_TBDOK |
722 			  IMR_TVODER | IMR_TVODOK |
723 			  IMR_TVIDER | IMR_TVIDOK |
724 			  IMR_TBEDER | IMR_TBEDOK |
725 			  IMR_TBKDER | IMR_TBKDOK |
726 			  IMR_RDU | IMR_RER |
727 			  IMR_ROK | IMR_RQOSOK);
728 	} else {
729 		rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0xFFFF);
730 	}
731 }
732 
733 static void rtl8180_int_disable(struct ieee80211_hw *dev)
734 {
735 	struct rtl8180_priv *priv = dev->priv;
736 
737 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
738 		rtl818x_iowrite32(priv, &priv->map->IMR, 0);
739 	} else {
740 		rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0);
741 	}
742 }
743 
744 static void rtl8180_conf_basic_rates(struct ieee80211_hw *dev,
745 			    u32 basic_mask)
746 {
747 	struct rtl8180_priv *priv = dev->priv;
748 	u16 reg;
749 	u32 resp_mask;
750 	u8 basic_max;
751 	u8 resp_max, resp_min;
752 
753 	resp_mask = basic_mask;
754 	/* IEEE80211 says the response rate should be equal to the highest basic
755 	 * rate that is not faster than received frame. But it says also that if
756 	 * the basic rate set does not contains any rate for the current
757 	 * modulation class then mandatory rate set must be used for that
758 	 * modulation class. Eventually add OFDM mandatory rates..
759 	 */
760 	if ((resp_mask & 0xf) == resp_mask)
761 		resp_mask |= 0x150; /* 6, 12, 24Mbps */
762 
763 	switch (priv->chip_family) {
764 
765 	case RTL818X_CHIP_FAMILY_RTL8180:
766 		/* in 8180 this is NOT a BITMAP */
767 		basic_max = fls(basic_mask) - 1;
768 		reg = rtl818x_ioread16(priv, &priv->map->BRSR);
769 		reg &= ~3;
770 		reg |= basic_max;
771 		rtl818x_iowrite16(priv, &priv->map->BRSR, reg);
772 		break;
773 
774 	case RTL818X_CHIP_FAMILY_RTL8185:
775 		resp_max = fls(resp_mask) - 1;
776 		resp_min = ffs(resp_mask) - 1;
777 		/* in 8185 this is a BITMAP */
778 		rtl818x_iowrite16(priv, &priv->map->BRSR, basic_mask);
779 		rtl818x_iowrite8(priv, &priv->map->RESP_RATE, (resp_max << 4) |
780 				resp_min);
781 		break;
782 
783 	case RTL818X_CHIP_FAMILY_RTL8187SE:
784 		/* in 8187se this is a BITMAP. BRSR reg actually sets
785 		 * response rates.
786 		 */
787 		rtl818x_iowrite16(priv, &priv->map->BRSR_8187SE, resp_mask);
788 		break;
789 	}
790 }
791 
792 static void rtl8180_config_cardbus(struct ieee80211_hw *dev)
793 {
794 	struct rtl8180_priv *priv = dev->priv;
795 	u16 reg16;
796 	u8 reg8;
797 
798 	reg8 = rtl818x_ioread8(priv, &priv->map->CONFIG3);
799 	reg8 |= 1 << 1;
800 	rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg8);
801 
802 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
803 		rtl818x_iowrite16(priv, FEMR_SE, 0xffff);
804 	} else {
805 		reg16 = rtl818x_ioread16(priv, &priv->map->FEMR);
806 			reg16 |= (1 << 15) | (1 << 14) | (1 << 4);
807 		rtl818x_iowrite16(priv, &priv->map->FEMR, reg16);
808 	}
809 
810 }
811 
812 static int rtl8180_init_hw(struct ieee80211_hw *dev)
813 {
814 	struct rtl8180_priv *priv = dev->priv;
815 	u16 reg;
816 	u32 reg32;
817 
818 	rtl818x_iowrite8(priv, &priv->map->CMD, 0);
819 	rtl818x_ioread8(priv, &priv->map->CMD);
820 	msleep(10);
821 
822 	/* reset */
823 	rtl8180_int_disable(dev);
824 	rtl818x_ioread8(priv, &priv->map->CMD);
825 
826 	reg = rtl818x_ioread8(priv, &priv->map->CMD);
827 	reg &= (1 << 1);
828 	reg |= RTL818X_CMD_RESET;
829 	rtl818x_iowrite8(priv, &priv->map->CMD, RTL818X_CMD_RESET);
830 	rtl818x_ioread8(priv, &priv->map->CMD);
831 	msleep(200);
832 
833 	/* check success of reset */
834 	if (rtl818x_ioread8(priv, &priv->map->CMD) & RTL818X_CMD_RESET) {
835 		wiphy_err(dev->wiphy, "reset timeout!\n");
836 		return -ETIMEDOUT;
837 	}
838 
839 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_LOAD);
840 	rtl818x_ioread8(priv, &priv->map->CMD);
841 	msleep(200);
842 
843 	if (rtl818x_ioread8(priv, &priv->map->CONFIG3) & (1 << 3)) {
844 		rtl8180_config_cardbus(dev);
845 	}
846 
847 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
848 		rtl818x_iowrite8(priv, &priv->map->MSR, RTL818X_MSR_ENEDCA);
849 	else
850 		rtl818x_iowrite8(priv, &priv->map->MSR, 0);
851 
852 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180)
853 		rtl8180_set_anaparam(priv, priv->anaparam);
854 
855 	rtl818x_iowrite32(priv, &priv->map->RDSAR, priv->rx_ring_dma);
856 	/* mac80211 queue have higher prio for lower index. The last queue
857 	 * (that mac80211 is not aware of) is reserved for beacons (and have
858 	 * the highest priority on the NIC)
859 	 */
860 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8187SE) {
861 		rtl818x_iowrite32(priv, &priv->map->TBDA,
862 				  priv->tx_ring[1].dma);
863 		rtl818x_iowrite32(priv, &priv->map->TLPDA,
864 				  priv->tx_ring[0].dma);
865 	} else {
866 		rtl818x_iowrite32(priv, &priv->map->TBDA,
867 				  priv->tx_ring[4].dma);
868 		rtl818x_iowrite32(priv, &priv->map->TVODA,
869 				  priv->tx_ring[0].dma);
870 		rtl818x_iowrite32(priv, &priv->map->TVIDA,
871 				  priv->tx_ring[1].dma);
872 		rtl818x_iowrite32(priv, &priv->map->TBEDA,
873 				  priv->tx_ring[2].dma);
874 		rtl818x_iowrite32(priv, &priv->map->TBKDA,
875 				  priv->tx_ring[3].dma);
876 	}
877 
878 	/* TODO: necessary? specs indicate not */
879 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
880 	reg = rtl818x_ioread8(priv, &priv->map->CONFIG2);
881 	rtl818x_iowrite8(priv, &priv->map->CONFIG2, reg & ~(1 << 3));
882 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8185) {
883 		reg = rtl818x_ioread8(priv, &priv->map->CONFIG2);
884 		rtl818x_iowrite8(priv, &priv->map->CONFIG2, reg | (1 << 4));
885 	}
886 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
887 
888 	/* TODO: set CONFIG5 for calibrating AGC on rtl8180 + philips radio? */
889 
890 	/* TODO: turn off hw wep on rtl8180 */
891 
892 	rtl818x_iowrite32(priv, &priv->map->INT_TIMEOUT, 0);
893 
894 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180) {
895 		rtl818x_iowrite8(priv, &priv->map->WPA_CONF, 0);
896 		rtl818x_iowrite8(priv, &priv->map->RATE_FALLBACK, 0);
897 	} else {
898 		rtl818x_iowrite8(priv, &priv->map->SECURITY, 0);
899 
900 		rtl818x_iowrite8(priv, &priv->map->PHY_DELAY, 0x6);
901 		rtl818x_iowrite8(priv, &priv->map->CARRIER_SENSE_COUNTER, 0x4C);
902 	}
903 
904 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8185) {
905 		/* TODO: set ClkRun enable? necessary? */
906 		reg = rtl818x_ioread8(priv, &priv->map->GP_ENABLE);
907 		rtl818x_iowrite8(priv, &priv->map->GP_ENABLE, reg & ~(1 << 6));
908 		rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
909 		reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
910 		rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg | (1 << 2));
911 		rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
912 		/* fix eccessive IFS after CTS-to-self */
913 		if (priv->map_pio) {
914 			u8 reg;
915 
916 			reg = rtl818x_ioread8(priv, &priv->map->PGSELECT);
917 			rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg | 1);
918 			rtl818x_iowrite8(priv, REG_ADDR1(0xff), 0x35);
919 			rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg);
920 		} else
921 			rtl818x_iowrite8(priv, REG_ADDR1(0x1ff), 0x35);
922 	}
923 
924 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
925 
926 		/* the set auto rate fallback bitmask from 1M to 54 Mb/s */
927 		rtl818x_iowrite16(priv, ARFR, 0xFFF);
928 		rtl818x_ioread16(priv, ARFR);
929 
930 		/* stop unused queus (no dma alloc) */
931 		rtl818x_iowrite8(priv, &priv->map->TPPOLL_STOP,
932 			       RTL818x_TPPOLL_STOP_MG | RTL818x_TPPOLL_STOP_HI);
933 
934 		rtl818x_iowrite8(priv, &priv->map->ACM_CONTROL, 0x00);
935 		rtl818x_iowrite16(priv, &priv->map->TID_AC_MAP, 0xFA50);
936 
937 		rtl818x_iowrite16(priv, &priv->map->INT_MIG, 0);
938 
939 		/* some black magic here.. */
940 		rtl8187se_mac_config(dev);
941 
942 		rtl818x_iowrite16(priv, RFSW_CTRL, 0x569A);
943 		rtl818x_ioread16(priv, RFSW_CTRL);
944 
945 		rtl8180_set_anaparam(priv, RTL8225SE_ANAPARAM_ON);
946 		rtl8180_set_anaparam2(priv, RTL8225SE_ANAPARAM2_ON);
947 		rtl8180_set_anaparam3(priv, RTL8225SE_ANAPARAM3);
948 
949 
950 		rtl818x_iowrite8(priv, &priv->map->CONFIG5,
951 			    rtl818x_ioread8(priv, &priv->map->CONFIG5) & 0x7F);
952 
953 		/*probably this switch led on */
954 		rtl818x_iowrite8(priv, &priv->map->PGSELECT,
955 			    rtl818x_ioread8(priv, &priv->map->PGSELECT) | 0x08);
956 
957 		rtl818x_iowrite16(priv, &priv->map->RFPinsOutput, 0x0480);
958 		rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x1BFF);
959 		rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0x2488);
960 
961 		rtl818x_iowrite32(priv, &priv->map->RF_TIMING, 0x4003);
962 
963 		/* the reference code mac hardcode table write
964 		 * this reg by doing byte-wide accesses.
965 		 * It does it just for lowest and highest byte..
966 		 */
967 		reg32 = rtl818x_ioread32(priv, &priv->map->RF_PARA);
968 		reg32 &= 0x00ffff00;
969 		reg32 |= 0xb8000054;
970 		rtl818x_iowrite32(priv, &priv->map->RF_PARA, reg32);
971 	} else
972 		/* stop unused queus (no dma alloc) */
973 		rtl818x_iowrite8(priv, &priv->map->TX_DMA_POLLING,
974 			    (1<<1) | (1<<2));
975 
976 	priv->rf->init(dev);
977 
978 	/* default basic rates are 1,2 Mbps for rtl8180. 1,2,6,9,12,18,24 Mbps
979 	 * otherwise. bitmask 0x3 and 0x01f3 respectively.
980 	 * NOTE: currenty rtl8225 RF code changes basic rates, so we need to do
981 	 * this after rf init.
982 	 * TODO: try to find out whether RF code really needs to do this..
983 	 */
984 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180)
985 		rtl8180_conf_basic_rates(dev, 0x3);
986 	else
987 		rtl8180_conf_basic_rates(dev, 0x1f3);
988 
989 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
990 		rtl8187se_set_antenna_config(dev,
991 					     priv->antenna_diversity_default,
992 					     priv->antenna_diversity_en);
993 	return 0;
994 }
995 
996 static int rtl8180_init_rx_ring(struct ieee80211_hw *dev)
997 {
998 	struct rtl8180_priv *priv = dev->priv;
999 	struct rtl818x_rx_cmd_desc *entry;
1000 	int i;
1001 
1002 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1003 		priv->rx_ring_sz = sizeof(struct rtl8187se_rx_desc);
1004 	else
1005 		priv->rx_ring_sz = sizeof(struct rtl8180_rx_desc);
1006 
1007 	priv->rx_ring = pci_zalloc_consistent(priv->pdev, priv->rx_ring_sz * 32,
1008 					      &priv->rx_ring_dma);
1009 	if (!priv->rx_ring || (unsigned long)priv->rx_ring & 0xFF) {
1010 		wiphy_err(dev->wiphy, "Cannot allocate RX ring\n");
1011 		return -ENOMEM;
1012 	}
1013 
1014 	priv->rx_idx = 0;
1015 
1016 	for (i = 0; i < 32; i++) {
1017 		struct sk_buff *skb = dev_alloc_skb(MAX_RX_SIZE);
1018 		dma_addr_t *mapping;
1019 		entry = priv->rx_ring + priv->rx_ring_sz*i;
1020 		if (!skb) {
1021 			pci_free_consistent(priv->pdev, priv->rx_ring_sz * 32,
1022 					priv->rx_ring, priv->rx_ring_dma);
1023 			wiphy_err(dev->wiphy, "Cannot allocate RX skb\n");
1024 			return -ENOMEM;
1025 		}
1026 		priv->rx_buf[i] = skb;
1027 		mapping = (dma_addr_t *)skb->cb;
1028 		*mapping = pci_map_single(priv->pdev, skb_tail_pointer(skb),
1029 					  MAX_RX_SIZE, PCI_DMA_FROMDEVICE);
1030 
1031 		if (pci_dma_mapping_error(priv->pdev, *mapping)) {
1032 			kfree_skb(skb);
1033 			pci_free_consistent(priv->pdev, priv->rx_ring_sz * 32,
1034 					priv->rx_ring, priv->rx_ring_dma);
1035 			wiphy_err(dev->wiphy, "Cannot map DMA for RX skb\n");
1036 			return -ENOMEM;
1037 		}
1038 
1039 		entry->rx_buf = cpu_to_le32(*mapping);
1040 		entry->flags = cpu_to_le32(RTL818X_RX_DESC_FLAG_OWN |
1041 					   MAX_RX_SIZE);
1042 	}
1043 	entry->flags |= cpu_to_le32(RTL818X_RX_DESC_FLAG_EOR);
1044 	return 0;
1045 }
1046 
1047 static void rtl8180_free_rx_ring(struct ieee80211_hw *dev)
1048 {
1049 	struct rtl8180_priv *priv = dev->priv;
1050 	int i;
1051 
1052 	for (i = 0; i < 32; i++) {
1053 		struct sk_buff *skb = priv->rx_buf[i];
1054 		if (!skb)
1055 			continue;
1056 
1057 		pci_unmap_single(priv->pdev,
1058 				 *((dma_addr_t *)skb->cb),
1059 				 MAX_RX_SIZE, PCI_DMA_FROMDEVICE);
1060 		kfree_skb(skb);
1061 	}
1062 
1063 	pci_free_consistent(priv->pdev, priv->rx_ring_sz * 32,
1064 			    priv->rx_ring, priv->rx_ring_dma);
1065 	priv->rx_ring = NULL;
1066 }
1067 
1068 static int rtl8180_init_tx_ring(struct ieee80211_hw *dev,
1069 				unsigned int prio, unsigned int entries)
1070 {
1071 	struct rtl8180_priv *priv = dev->priv;
1072 	struct rtl8180_tx_desc *ring;
1073 	dma_addr_t dma;
1074 	int i;
1075 
1076 	ring = pci_zalloc_consistent(priv->pdev, sizeof(*ring) * entries,
1077 				     &dma);
1078 	if (!ring || (unsigned long)ring & 0xFF) {
1079 		wiphy_err(dev->wiphy, "Cannot allocate TX ring (prio = %d)\n",
1080 			  prio);
1081 		return -ENOMEM;
1082 	}
1083 
1084 	priv->tx_ring[prio].desc = ring;
1085 	priv->tx_ring[prio].dma = dma;
1086 	priv->tx_ring[prio].idx = 0;
1087 	priv->tx_ring[prio].entries = entries;
1088 	skb_queue_head_init(&priv->tx_ring[prio].queue);
1089 
1090 	for (i = 0; i < entries; i++)
1091 		ring[i].next_tx_desc =
1092 			cpu_to_le32((u32)dma + ((i + 1) % entries) * sizeof(*ring));
1093 
1094 	return 0;
1095 }
1096 
1097 static void rtl8180_free_tx_ring(struct ieee80211_hw *dev, unsigned int prio)
1098 {
1099 	struct rtl8180_priv *priv = dev->priv;
1100 	struct rtl8180_tx_ring *ring = &priv->tx_ring[prio];
1101 
1102 	while (skb_queue_len(&ring->queue)) {
1103 		struct rtl8180_tx_desc *entry = &ring->desc[ring->idx];
1104 		struct sk_buff *skb = __skb_dequeue(&ring->queue);
1105 
1106 		pci_unmap_single(priv->pdev, le32_to_cpu(entry->tx_buf),
1107 				 skb->len, PCI_DMA_TODEVICE);
1108 		kfree_skb(skb);
1109 		ring->idx = (ring->idx + 1) % ring->entries;
1110 	}
1111 
1112 	pci_free_consistent(priv->pdev, sizeof(*ring->desc)*ring->entries,
1113 			    ring->desc, ring->dma);
1114 	ring->desc = NULL;
1115 }
1116 
1117 static int rtl8180_start(struct ieee80211_hw *dev)
1118 {
1119 	struct rtl8180_priv *priv = dev->priv;
1120 	int ret, i;
1121 	u32 reg;
1122 
1123 	ret = rtl8180_init_rx_ring(dev);
1124 	if (ret)
1125 		return ret;
1126 
1127 	for (i = 0; i < (dev->queues + 1); i++)
1128 		if ((ret = rtl8180_init_tx_ring(dev, i, 16)))
1129 			goto err_free_rings;
1130 
1131 	ret = rtl8180_init_hw(dev);
1132 	if (ret)
1133 		goto err_free_rings;
1134 
1135 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
1136 		ret = request_irq(priv->pdev->irq, rtl8187se_interrupt,
1137 			  IRQF_SHARED, KBUILD_MODNAME, dev);
1138 	} else {
1139 		ret = request_irq(priv->pdev->irq, rtl8180_interrupt,
1140 			  IRQF_SHARED, KBUILD_MODNAME, dev);
1141 	}
1142 
1143 	if (ret) {
1144 		wiphy_err(dev->wiphy, "failed to register IRQ handler\n");
1145 		goto err_free_rings;
1146 	}
1147 
1148 	rtl8180_int_enable(dev);
1149 
1150 	/* in rtl8187se at MAR regs offset there is the management
1151 	 * TX descriptor DMA addres..
1152 	 */
1153 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8187SE) {
1154 		rtl818x_iowrite32(priv, &priv->map->MAR[0], ~0);
1155 		rtl818x_iowrite32(priv, &priv->map->MAR[1], ~0);
1156 	}
1157 
1158 	reg = RTL818X_RX_CONF_ONLYERLPKT |
1159 	      RTL818X_RX_CONF_RX_AUTORESETPHY |
1160 	      RTL818X_RX_CONF_MGMT |
1161 	      RTL818X_RX_CONF_DATA |
1162 	      (7 << 8 /* MAX RX DMA */) |
1163 	      RTL818X_RX_CONF_BROADCAST |
1164 	      RTL818X_RX_CONF_NICMAC;
1165 
1166 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8185)
1167 		reg |= RTL818X_RX_CONF_CSDM1 | RTL818X_RX_CONF_CSDM2;
1168 	else if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180) {
1169 		reg |= (priv->rfparam & RF_PARAM_CARRIERSENSE1)
1170 			? RTL818X_RX_CONF_CSDM1 : 0;
1171 		reg |= (priv->rfparam & RF_PARAM_CARRIERSENSE2)
1172 			? RTL818X_RX_CONF_CSDM2 : 0;
1173 	} else {
1174 		reg &= ~(RTL818X_RX_CONF_CSDM1 | RTL818X_RX_CONF_CSDM2);
1175 	}
1176 
1177 	priv->rx_conf = reg;
1178 	rtl818x_iowrite32(priv, &priv->map->RX_CONF, reg);
1179 
1180 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180) {
1181 		reg = rtl818x_ioread8(priv, &priv->map->CW_CONF);
1182 
1183 		/* CW is not on per-packet basis.
1184 		 * in rtl8185 the CW_VALUE reg is used.
1185 		 * in rtl8187se the AC param regs are used.
1186 		 */
1187 		reg &= ~RTL818X_CW_CONF_PERPACKET_CW;
1188 		/* retry limit IS on per-packet basis.
1189 		 * the short and long retry limit in TX_CONF
1190 		 * reg are ignored
1191 		 */
1192 		reg |= RTL818X_CW_CONF_PERPACKET_RETRY;
1193 		rtl818x_iowrite8(priv, &priv->map->CW_CONF, reg);
1194 
1195 		reg = rtl818x_ioread8(priv, &priv->map->TX_AGC_CTL);
1196 		/* TX antenna and TX gain are not on per-packet basis.
1197 		 * TX Antenna is selected by ANTSEL reg (RX in BB regs).
1198 		 * TX gain is selected with CCK_TX_AGC and OFDM_TX_AGC regs
1199 		 */
1200 		reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_GAIN;
1201 		reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_ANTSEL;
1202 		reg |=  RTL818X_TX_AGC_CTL_FEEDBACK_ANT;
1203 		rtl818x_iowrite8(priv, &priv->map->TX_AGC_CTL, reg);
1204 
1205 		/* disable early TX */
1206 		rtl818x_iowrite8(priv, (u8 __iomem *)priv->map + 0xec, 0x3f);
1207 	}
1208 
1209 	reg = rtl818x_ioread32(priv, &priv->map->TX_CONF);
1210 	reg |= (6 << 21 /* MAX TX DMA */) |
1211 	       RTL818X_TX_CONF_NO_ICV;
1212 
1213 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1214 		reg |= 1<<30;  /*  "duration procedure mode" */
1215 
1216 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180)
1217 		reg &= ~RTL818X_TX_CONF_PROBE_DTS;
1218 	else
1219 		reg &= ~RTL818X_TX_CONF_HW_SEQNUM;
1220 
1221 	reg &= ~RTL818X_TX_CONF_DISCW;
1222 
1223 	/* different meaning, same value on both rtl8185 and rtl8180 */
1224 	reg &= ~RTL818X_TX_CONF_SAT_HWPLCP;
1225 
1226 	rtl818x_iowrite32(priv, &priv->map->TX_CONF, reg);
1227 
1228 	reg = rtl818x_ioread8(priv, &priv->map->CMD);
1229 	reg |= RTL818X_CMD_RX_ENABLE;
1230 	reg |= RTL818X_CMD_TX_ENABLE;
1231 	rtl818x_iowrite8(priv, &priv->map->CMD, reg);
1232 
1233 	return 0;
1234 
1235  err_free_rings:
1236 	rtl8180_free_rx_ring(dev);
1237 	for (i = 0; i < (dev->queues + 1); i++)
1238 		if (priv->tx_ring[i].desc)
1239 			rtl8180_free_tx_ring(dev, i);
1240 
1241 	return ret;
1242 }
1243 
1244 static void rtl8180_stop(struct ieee80211_hw *dev)
1245 {
1246 	struct rtl8180_priv *priv = dev->priv;
1247 	u8 reg;
1248 	int i;
1249 
1250 	rtl8180_int_disable(dev);
1251 
1252 	reg = rtl818x_ioread8(priv, &priv->map->CMD);
1253 	reg &= ~RTL818X_CMD_TX_ENABLE;
1254 	reg &= ~RTL818X_CMD_RX_ENABLE;
1255 	rtl818x_iowrite8(priv, &priv->map->CMD, reg);
1256 
1257 	priv->rf->stop(dev);
1258 
1259 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
1260 	reg = rtl818x_ioread8(priv, &priv->map->CONFIG4);
1261 	rtl818x_iowrite8(priv, &priv->map->CONFIG4, reg | RTL818X_CONFIG4_VCOOFF);
1262 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
1263 
1264 	free_irq(priv->pdev->irq, dev);
1265 
1266 	rtl8180_free_rx_ring(dev);
1267 	for (i = 0; i < (dev->queues + 1); i++)
1268 		rtl8180_free_tx_ring(dev, i);
1269 }
1270 
1271 static u64 rtl8180_get_tsf(struct ieee80211_hw *dev,
1272 			   struct ieee80211_vif *vif)
1273 {
1274 	struct rtl8180_priv *priv = dev->priv;
1275 
1276 	return rtl818x_ioread32(priv, &priv->map->TSFT[0]) |
1277 	       (u64)(rtl818x_ioread32(priv, &priv->map->TSFT[1])) << 32;
1278 }
1279 
1280 static void rtl8180_beacon_work(struct work_struct *work)
1281 {
1282 	struct rtl8180_vif *vif_priv =
1283 		container_of(work, struct rtl8180_vif, beacon_work.work);
1284 	struct ieee80211_vif *vif =
1285 		container_of((void *)vif_priv, struct ieee80211_vif, drv_priv);
1286 	struct ieee80211_hw *dev = vif_priv->dev;
1287 	struct ieee80211_mgmt *mgmt;
1288 	struct sk_buff *skb;
1289 
1290 	/* don't overflow the tx ring */
1291 	if (ieee80211_queue_stopped(dev, 0))
1292 		goto resched;
1293 
1294 	/* grab a fresh beacon */
1295 	skb = ieee80211_beacon_get(dev, vif);
1296 	if (!skb)
1297 		goto resched;
1298 
1299 	/*
1300 	 * update beacon timestamp w/ TSF value
1301 	 * TODO: make hardware update beacon timestamp
1302 	 */
1303 	mgmt = (struct ieee80211_mgmt *)skb->data;
1304 	mgmt->u.beacon.timestamp = cpu_to_le64(rtl8180_get_tsf(dev, vif));
1305 
1306 	/* TODO: use actual beacon queue */
1307 	skb_set_queue_mapping(skb, 0);
1308 
1309 	rtl8180_tx(dev, NULL, skb);
1310 
1311 resched:
1312 	/*
1313 	 * schedule next beacon
1314 	 * TODO: use hardware support for beacon timing
1315 	 */
1316 	schedule_delayed_work(&vif_priv->beacon_work,
1317 			usecs_to_jiffies(1024 * vif->bss_conf.beacon_int));
1318 }
1319 
1320 static int rtl8180_add_interface(struct ieee80211_hw *dev,
1321 				 struct ieee80211_vif *vif)
1322 {
1323 	struct rtl8180_priv *priv = dev->priv;
1324 	struct rtl8180_vif *vif_priv;
1325 
1326 	/*
1327 	 * We only support one active interface at a time.
1328 	 */
1329 	if (priv->vif)
1330 		return -EBUSY;
1331 
1332 	switch (vif->type) {
1333 	case NL80211_IFTYPE_STATION:
1334 	case NL80211_IFTYPE_ADHOC:
1335 		break;
1336 	default:
1337 		return -EOPNOTSUPP;
1338 	}
1339 
1340 	priv->vif = vif;
1341 
1342 	/* Initialize driver private area */
1343 	vif_priv = (struct rtl8180_vif *)&vif->drv_priv;
1344 	vif_priv->dev = dev;
1345 	INIT_DELAYED_WORK(&vif_priv->beacon_work, rtl8180_beacon_work);
1346 	vif_priv->enable_beacon = false;
1347 
1348 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
1349 	rtl818x_iowrite32(priv, (__le32 __iomem *)&priv->map->MAC[0],
1350 			  le32_to_cpu(*(__le32 *)vif->addr));
1351 	rtl818x_iowrite16(priv, (__le16 __iomem *)&priv->map->MAC[4],
1352 			  le16_to_cpu(*(__le16 *)(vif->addr + 4)));
1353 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
1354 
1355 	return 0;
1356 }
1357 
1358 static void rtl8180_remove_interface(struct ieee80211_hw *dev,
1359 				     struct ieee80211_vif *vif)
1360 {
1361 	struct rtl8180_priv *priv = dev->priv;
1362 	priv->vif = NULL;
1363 }
1364 
1365 static int rtl8180_config(struct ieee80211_hw *dev, u32 changed)
1366 {
1367 	struct rtl8180_priv *priv = dev->priv;
1368 	struct ieee80211_conf *conf = &dev->conf;
1369 
1370 	priv->rf->set_chan(dev, conf);
1371 
1372 	return 0;
1373 }
1374 
1375 static void rtl8187se_conf_ac_parm(struct ieee80211_hw *dev, u8 queue)
1376 {
1377 	const struct ieee80211_tx_queue_params *params;
1378 	struct rtl8180_priv *priv = dev->priv;
1379 
1380 	/* hw value */
1381 	u32 ac_param;
1382 
1383 	u8 aifs;
1384 	u8 txop;
1385 	u8 cw_min, cw_max;
1386 
1387 	params = &priv->queue_param[queue];
1388 
1389 	cw_min = fls(params->cw_min);
1390 	cw_max = fls(params->cw_max);
1391 
1392 	aifs = 10 + params->aifs * priv->slot_time;
1393 
1394 	/* TODO: check if txop HW is in us (mult by 32) */
1395 	txop = params->txop;
1396 
1397 	ac_param = txop << AC_PARAM_TXOP_LIMIT_SHIFT |
1398 		cw_max << AC_PARAM_ECW_MAX_SHIFT |
1399 		cw_min << AC_PARAM_ECW_MIN_SHIFT |
1400 		aifs << AC_PARAM_AIFS_SHIFT;
1401 
1402 	switch (queue) {
1403 	case IEEE80211_AC_BK:
1404 		rtl818x_iowrite32(priv, &priv->map->AC_BK_PARAM, ac_param);
1405 		break;
1406 	case IEEE80211_AC_BE:
1407 		rtl818x_iowrite32(priv, &priv->map->AC_BE_PARAM, ac_param);
1408 		break;
1409 	case IEEE80211_AC_VI:
1410 		rtl818x_iowrite32(priv, &priv->map->AC_VI_PARAM, ac_param);
1411 		break;
1412 	case IEEE80211_AC_VO:
1413 		rtl818x_iowrite32(priv, &priv->map->AC_VO_PARAM, ac_param);
1414 		break;
1415 	}
1416 }
1417 
1418 static int rtl8180_conf_tx(struct ieee80211_hw *dev,
1419 			    struct ieee80211_vif *vif, u16 queue,
1420 			    const struct ieee80211_tx_queue_params *params)
1421 {
1422 	struct rtl8180_priv *priv = dev->priv;
1423 	u8 cw_min, cw_max;
1424 
1425 	/* nothing to do ? */
1426 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180)
1427 		return 0;
1428 
1429 	cw_min = fls(params->cw_min);
1430 	cw_max = fls(params->cw_max);
1431 
1432 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
1433 		priv->queue_param[queue] = *params;
1434 		rtl8187se_conf_ac_parm(dev, queue);
1435 	} else
1436 		rtl818x_iowrite8(priv, &priv->map->CW_VAL,
1437 				 (cw_max << 4) | cw_min);
1438 	return 0;
1439 }
1440 
1441 static void rtl8180_conf_erp(struct ieee80211_hw *dev,
1442 			    struct ieee80211_bss_conf *info)
1443 {
1444 	struct rtl8180_priv *priv = dev->priv;
1445 	u8 sifs, difs;
1446 	int eifs;
1447 	u8 hw_eifs;
1448 
1449 	/* TODO: should we do something ? */
1450 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180)
1451 		return;
1452 
1453 	/* I _hope_ this means 10uS for the HW.
1454 	 * In reference code it is 0x22 for
1455 	 * both rtl8187L and rtl8187SE
1456 	 */
1457 	sifs = 0x22;
1458 
1459 	if (info->use_short_slot)
1460 		priv->slot_time = 9;
1461 	else
1462 		priv->slot_time = 20;
1463 
1464 	/* 10 is SIFS time in uS */
1465 	difs = 10 + 2 * priv->slot_time;
1466 	eifs = 10 + difs + priv->ack_time;
1467 
1468 	/* HW should use 4uS units for EIFS (I'm sure for rtl8185)*/
1469 	hw_eifs = DIV_ROUND_UP(eifs, 4);
1470 
1471 
1472 	rtl818x_iowrite8(priv, &priv->map->SLOT, priv->slot_time);
1473 	rtl818x_iowrite8(priv, &priv->map->SIFS, sifs);
1474 	rtl818x_iowrite8(priv, &priv->map->DIFS, difs);
1475 
1476 	/* from reference code. set ack timeout reg = eifs reg */
1477 	rtl818x_iowrite8(priv, &priv->map->CARRIER_SENSE_COUNTER, hw_eifs);
1478 
1479 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1480 		rtl818x_iowrite8(priv, &priv->map->EIFS_8187SE, hw_eifs);
1481 	else if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8185) {
1482 		/* rtl8187/rtl8185 HW bug. After EIFS is elapsed,
1483 		 * the HW still wait for DIFS.
1484 		 * HW uses 4uS units for EIFS.
1485 		 */
1486 		hw_eifs = DIV_ROUND_UP(eifs - difs, 4);
1487 
1488 		rtl818x_iowrite8(priv, &priv->map->EIFS, hw_eifs);
1489 	}
1490 }
1491 
1492 static void rtl8180_bss_info_changed(struct ieee80211_hw *dev,
1493 				     struct ieee80211_vif *vif,
1494 				     struct ieee80211_bss_conf *info,
1495 				     u32 changed)
1496 {
1497 	struct rtl8180_priv *priv = dev->priv;
1498 	struct rtl8180_vif *vif_priv;
1499 	int i;
1500 	u8 reg;
1501 
1502 	vif_priv = (struct rtl8180_vif *)&vif->drv_priv;
1503 
1504 	if (changed & BSS_CHANGED_BSSID) {
1505 		rtl818x_iowrite16(priv, (__le16 __iomem *)&priv->map->BSSID[0],
1506 				  le16_to_cpu(*(__le16 *)info->bssid));
1507 		rtl818x_iowrite32(priv, (__le32 __iomem *)&priv->map->BSSID[2],
1508 				  le32_to_cpu(*(__le32 *)(info->bssid + 2)));
1509 
1510 		if (is_valid_ether_addr(info->bssid)) {
1511 			if (vif->type == NL80211_IFTYPE_ADHOC)
1512 				reg = RTL818X_MSR_ADHOC;
1513 			else
1514 				reg = RTL818X_MSR_INFRA;
1515 		} else
1516 			reg = RTL818X_MSR_NO_LINK;
1517 
1518 		if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1519 			reg |= RTL818X_MSR_ENEDCA;
1520 
1521 		rtl818x_iowrite8(priv, &priv->map->MSR, reg);
1522 	}
1523 
1524 	if (changed & BSS_CHANGED_BASIC_RATES)
1525 		rtl8180_conf_basic_rates(dev, info->basic_rates);
1526 
1527 	if (changed & (BSS_CHANGED_ERP_SLOT | BSS_CHANGED_ERP_PREAMBLE)) {
1528 
1529 		/* when preamble changes, acktime duration changes, and erp must
1530 		 * be recalculated. ACK time is calculated at lowest rate.
1531 		 * Since mac80211 include SIFS time we remove it (-10)
1532 		 */
1533 		priv->ack_time =
1534 			le16_to_cpu(ieee80211_generic_frame_duration(dev,
1535 					priv->vif,
1536 					NL80211_BAND_2GHZ, 10,
1537 					&priv->rates[0])) - 10;
1538 
1539 		rtl8180_conf_erp(dev, info);
1540 
1541 		/* mac80211 supplies aifs_n to driver and calls
1542 		 * conf_tx callback whether aifs_n changes, NOT
1543 		 * when aifs changes.
1544 		 * Aifs should be recalculated if slot changes.
1545 		 */
1546 		if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
1547 			for (i = 0; i < 4; i++)
1548 				rtl8187se_conf_ac_parm(dev, i);
1549 		}
1550 	}
1551 
1552 	if (changed & BSS_CHANGED_BEACON_ENABLED)
1553 		vif_priv->enable_beacon = info->enable_beacon;
1554 
1555 	if (changed & (BSS_CHANGED_BEACON_ENABLED | BSS_CHANGED_BEACON)) {
1556 		cancel_delayed_work_sync(&vif_priv->beacon_work);
1557 		if (vif_priv->enable_beacon)
1558 			schedule_work(&vif_priv->beacon_work.work);
1559 	}
1560 }
1561 
1562 static u64 rtl8180_prepare_multicast(struct ieee80211_hw *dev,
1563 				     struct netdev_hw_addr_list *mc_list)
1564 {
1565 	return netdev_hw_addr_list_count(mc_list);
1566 }
1567 
1568 static void rtl8180_configure_filter(struct ieee80211_hw *dev,
1569 				     unsigned int changed_flags,
1570 				     unsigned int *total_flags,
1571 				     u64 multicast)
1572 {
1573 	struct rtl8180_priv *priv = dev->priv;
1574 
1575 	if (changed_flags & FIF_FCSFAIL)
1576 		priv->rx_conf ^= RTL818X_RX_CONF_FCS;
1577 	if (changed_flags & FIF_CONTROL)
1578 		priv->rx_conf ^= RTL818X_RX_CONF_CTRL;
1579 	if (changed_flags & FIF_OTHER_BSS)
1580 		priv->rx_conf ^= RTL818X_RX_CONF_MONITOR;
1581 	if (*total_flags & FIF_ALLMULTI || multicast > 0)
1582 		priv->rx_conf |= RTL818X_RX_CONF_MULTICAST;
1583 	else
1584 		priv->rx_conf &= ~RTL818X_RX_CONF_MULTICAST;
1585 
1586 	*total_flags = 0;
1587 
1588 	if (priv->rx_conf & RTL818X_RX_CONF_FCS)
1589 		*total_flags |= FIF_FCSFAIL;
1590 	if (priv->rx_conf & RTL818X_RX_CONF_CTRL)
1591 		*total_flags |= FIF_CONTROL;
1592 	if (priv->rx_conf & RTL818X_RX_CONF_MONITOR)
1593 		*total_flags |= FIF_OTHER_BSS;
1594 	if (priv->rx_conf & RTL818X_RX_CONF_MULTICAST)
1595 		*total_flags |= FIF_ALLMULTI;
1596 
1597 	rtl818x_iowrite32(priv, &priv->map->RX_CONF, priv->rx_conf);
1598 }
1599 
1600 static const struct ieee80211_ops rtl8180_ops = {
1601 	.tx			= rtl8180_tx,
1602 	.start			= rtl8180_start,
1603 	.stop			= rtl8180_stop,
1604 	.add_interface		= rtl8180_add_interface,
1605 	.remove_interface	= rtl8180_remove_interface,
1606 	.config			= rtl8180_config,
1607 	.bss_info_changed	= rtl8180_bss_info_changed,
1608 	.conf_tx		= rtl8180_conf_tx,
1609 	.prepare_multicast	= rtl8180_prepare_multicast,
1610 	.configure_filter	= rtl8180_configure_filter,
1611 	.get_tsf		= rtl8180_get_tsf,
1612 };
1613 
1614 static void rtl8180_eeprom_register_read(struct eeprom_93cx6 *eeprom)
1615 {
1616 	struct rtl8180_priv *priv = eeprom->data;
1617 	u8 reg = rtl818x_ioread8(priv, &priv->map->EEPROM_CMD);
1618 
1619 	eeprom->reg_data_in = reg & RTL818X_EEPROM_CMD_WRITE;
1620 	eeprom->reg_data_out = reg & RTL818X_EEPROM_CMD_READ;
1621 	eeprom->reg_data_clock = reg & RTL818X_EEPROM_CMD_CK;
1622 	eeprom->reg_chip_select = reg & RTL818X_EEPROM_CMD_CS;
1623 }
1624 
1625 static void rtl8180_eeprom_register_write(struct eeprom_93cx6 *eeprom)
1626 {
1627 	struct rtl8180_priv *priv = eeprom->data;
1628 	u8 reg = 2 << 6;
1629 
1630 	if (eeprom->reg_data_in)
1631 		reg |= RTL818X_EEPROM_CMD_WRITE;
1632 	if (eeprom->reg_data_out)
1633 		reg |= RTL818X_EEPROM_CMD_READ;
1634 	if (eeprom->reg_data_clock)
1635 		reg |= RTL818X_EEPROM_CMD_CK;
1636 	if (eeprom->reg_chip_select)
1637 		reg |= RTL818X_EEPROM_CMD_CS;
1638 
1639 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, reg);
1640 	rtl818x_ioread8(priv, &priv->map->EEPROM_CMD);
1641 	udelay(10);
1642 }
1643 
1644 static void rtl8180_eeprom_read(struct rtl8180_priv *priv)
1645 {
1646 	struct eeprom_93cx6 eeprom;
1647 	int eeprom_cck_table_adr;
1648 	u16 eeprom_val;
1649 	int i;
1650 
1651 	eeprom.data = priv;
1652 	eeprom.register_read = rtl8180_eeprom_register_read;
1653 	eeprom.register_write = rtl8180_eeprom_register_write;
1654 	if (rtl818x_ioread32(priv, &priv->map->RX_CONF) & (1 << 6))
1655 		eeprom.width = PCI_EEPROM_WIDTH_93C66;
1656 	else
1657 		eeprom.width = PCI_EEPROM_WIDTH_93C46;
1658 
1659 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
1660 			RTL818X_EEPROM_CMD_PROGRAM);
1661 	rtl818x_ioread8(priv, &priv->map->EEPROM_CMD);
1662 	udelay(10);
1663 
1664 	eeprom_93cx6_read(&eeprom, 0x06, &eeprom_val);
1665 	eeprom_val &= 0xFF;
1666 	priv->rf_type = eeprom_val;
1667 
1668 	eeprom_93cx6_read(&eeprom, 0x17, &eeprom_val);
1669 	priv->csthreshold = eeprom_val >> 8;
1670 
1671 	eeprom_93cx6_multiread(&eeprom, 0x7, (__le16 *)priv->mac_addr, 3);
1672 
1673 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1674 		eeprom_cck_table_adr = 0x30;
1675 	else
1676 		eeprom_cck_table_adr = 0x10;
1677 
1678 	/* CCK TX power */
1679 	for (i = 0; i < 14; i += 2) {
1680 		u16 txpwr;
1681 		eeprom_93cx6_read(&eeprom, eeprom_cck_table_adr + (i >> 1),
1682 				&txpwr);
1683 		priv->channels[i].hw_value = txpwr & 0xFF;
1684 		priv->channels[i + 1].hw_value = txpwr >> 8;
1685 	}
1686 
1687 	/* OFDM TX power */
1688 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180) {
1689 		for (i = 0; i < 14; i += 2) {
1690 			u16 txpwr;
1691 			eeprom_93cx6_read(&eeprom, 0x20 + (i >> 1), &txpwr);
1692 			priv->channels[i].hw_value |= (txpwr & 0xFF) << 8;
1693 			priv->channels[i + 1].hw_value |= txpwr & 0xFF00;
1694 		}
1695 	}
1696 
1697 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8180) {
1698 		__le32 anaparam;
1699 		eeprom_93cx6_multiread(&eeprom, 0xD, (__le16 *)&anaparam, 2);
1700 		priv->anaparam = le32_to_cpu(anaparam);
1701 		eeprom_93cx6_read(&eeprom, 0x19, &priv->rfparam);
1702 	}
1703 
1704 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE) {
1705 		eeprom_93cx6_read(&eeprom, 0x3F, &eeprom_val);
1706 		priv->antenna_diversity_en = !!(eeprom_val & 0x100);
1707 		priv->antenna_diversity_default = (eeprom_val & 0xC00) == 0x400;
1708 
1709 		eeprom_93cx6_read(&eeprom, 0x7C, &eeprom_val);
1710 		priv->xtal_out = eeprom_val & 0xF;
1711 		priv->xtal_in = (eeprom_val & 0xF0) >> 4;
1712 		priv->xtal_cal = !!(eeprom_val & 0x1000);
1713 		priv->thermal_meter_val = (eeprom_val & 0xF00) >> 8;
1714 		priv->thermal_meter_en = !!(eeprom_val & 0x2000);
1715 	}
1716 
1717 	rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD,
1718 			RTL818X_EEPROM_CMD_NORMAL);
1719 }
1720 
1721 static int rtl8180_probe(struct pci_dev *pdev,
1722 				   const struct pci_device_id *id)
1723 {
1724 	struct ieee80211_hw *dev;
1725 	struct rtl8180_priv *priv;
1726 	unsigned long mem_addr, mem_len;
1727 	unsigned int io_addr, io_len;
1728 	int err;
1729 	const char *chip_name, *rf_name = NULL;
1730 	u32 reg;
1731 
1732 	err = pci_enable_device(pdev);
1733 	if (err) {
1734 		printk(KERN_ERR "%s (rtl8180): Cannot enable new PCI device\n",
1735 		       pci_name(pdev));
1736 		return err;
1737 	}
1738 
1739 	err = pci_request_regions(pdev, KBUILD_MODNAME);
1740 	if (err) {
1741 		printk(KERN_ERR "%s (rtl8180): Cannot obtain PCI resources\n",
1742 		       pci_name(pdev));
1743 		goto err_disable_dev;
1744 	}
1745 
1746 	io_addr = pci_resource_start(pdev, 0);
1747 	io_len = pci_resource_len(pdev, 0);
1748 	mem_addr = pci_resource_start(pdev, 1);
1749 	mem_len = pci_resource_len(pdev, 1);
1750 
1751 	if (mem_len < sizeof(struct rtl818x_csr) ||
1752 	    io_len < sizeof(struct rtl818x_csr)) {
1753 		printk(KERN_ERR "%s (rtl8180): Too short PCI resources\n",
1754 		       pci_name(pdev));
1755 		err = -ENOMEM;
1756 		goto err_free_reg;
1757 	}
1758 
1759 	if ((err = pci_set_dma_mask(pdev, DMA_BIT_MASK(32))) ||
1760 	    (err = pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(32)))) {
1761 		printk(KERN_ERR "%s (rtl8180): No suitable DMA available\n",
1762 		       pci_name(pdev));
1763 		goto err_free_reg;
1764 	}
1765 
1766 	pci_set_master(pdev);
1767 
1768 	dev = ieee80211_alloc_hw(sizeof(*priv), &rtl8180_ops);
1769 	if (!dev) {
1770 		printk(KERN_ERR "%s (rtl8180): ieee80211 alloc failed\n",
1771 		       pci_name(pdev));
1772 		err = -ENOMEM;
1773 		goto err_free_reg;
1774 	}
1775 
1776 	priv = dev->priv;
1777 	priv->pdev = pdev;
1778 
1779 	dev->max_rates = 1;
1780 	SET_IEEE80211_DEV(dev, &pdev->dev);
1781 	pci_set_drvdata(pdev, dev);
1782 
1783 	priv->map_pio = false;
1784 	priv->map = pci_iomap(pdev, 1, mem_len);
1785 	if (!priv->map) {
1786 		priv->map = pci_iomap(pdev, 0, io_len);
1787 		priv->map_pio = true;
1788 	}
1789 
1790 	if (!priv->map) {
1791 		dev_err(&pdev->dev, "Cannot map device memory/PIO\n");
1792 		err = -ENOMEM;
1793 		goto err_free_dev;
1794 	}
1795 
1796 	BUILD_BUG_ON(sizeof(priv->channels) != sizeof(rtl818x_channels));
1797 	BUILD_BUG_ON(sizeof(priv->rates) != sizeof(rtl818x_rates));
1798 
1799 	memcpy(priv->channels, rtl818x_channels, sizeof(rtl818x_channels));
1800 	memcpy(priv->rates, rtl818x_rates, sizeof(rtl818x_rates));
1801 
1802 	priv->band.band = NL80211_BAND_2GHZ;
1803 	priv->band.channels = priv->channels;
1804 	priv->band.n_channels = ARRAY_SIZE(rtl818x_channels);
1805 	priv->band.bitrates = priv->rates;
1806 	priv->band.n_bitrates = 4;
1807 	dev->wiphy->bands[NL80211_BAND_2GHZ] = &priv->band;
1808 
1809 	ieee80211_hw_set(dev, HOST_BROADCAST_PS_BUFFERING);
1810 	ieee80211_hw_set(dev, RX_INCLUDES_FCS);
1811 
1812 	dev->vif_data_size = sizeof(struct rtl8180_vif);
1813 	dev->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
1814 					BIT(NL80211_IFTYPE_ADHOC);
1815 	dev->max_signal = 65;
1816 
1817 	reg = rtl818x_ioread32(priv, &priv->map->TX_CONF);
1818 	reg &= RTL818X_TX_CONF_HWVER_MASK;
1819 	switch (reg) {
1820 	case RTL818X_TX_CONF_R8180_ABCD:
1821 		chip_name = "RTL8180";
1822 		priv->chip_family = RTL818X_CHIP_FAMILY_RTL8180;
1823 		break;
1824 
1825 	case RTL818X_TX_CONF_R8180_F:
1826 		chip_name = "RTL8180vF";
1827 		priv->chip_family = RTL818X_CHIP_FAMILY_RTL8180;
1828 		break;
1829 
1830 	case RTL818X_TX_CONF_R8185_ABC:
1831 		chip_name = "RTL8185";
1832 		priv->chip_family = RTL818X_CHIP_FAMILY_RTL8185;
1833 		break;
1834 
1835 	case RTL818X_TX_CONF_R8185_D:
1836 		chip_name = "RTL8185vD";
1837 		priv->chip_family = RTL818X_CHIP_FAMILY_RTL8185;
1838 		break;
1839 
1840 	case RTL818X_TX_CONF_RTL8187SE:
1841 		chip_name = "RTL8187SE";
1842 		if (priv->map_pio) {
1843 			dev_err(&pdev->dev,
1844 				"MMIO failed. PIO not supported on RTL8187SE\n");
1845 			err = -ENOMEM;
1846 			goto err_iounmap;
1847 		}
1848 		priv->chip_family = RTL818X_CHIP_FAMILY_RTL8187SE;
1849 		break;
1850 
1851 	default:
1852 		printk(KERN_ERR "%s (rtl8180): Unknown chip! (0x%x)\n",
1853 		       pci_name(pdev), reg >> 25);
1854 		err = -ENODEV;
1855 		goto err_iounmap;
1856 	}
1857 
1858 	/* we declare to MAC80211 all the queues except for beacon queue
1859 	 * that will be eventually handled by DRV.
1860 	 * TX rings are arranged in such a way that lower is the IDX,
1861 	 * higher is the priority, in order to achieve direct mapping
1862 	 * with mac80211, however the beacon queue is an exception and it
1863 	 * is mapped on the highst tx ring IDX.
1864 	 */
1865 	if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1866 		dev->queues = RTL8187SE_NR_TX_QUEUES - 1;
1867 	else
1868 		dev->queues = RTL8180_NR_TX_QUEUES - 1;
1869 
1870 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180) {
1871 		priv->band.n_bitrates = ARRAY_SIZE(rtl818x_rates);
1872 		pci_try_set_mwi(pdev);
1873 	}
1874 
1875 	if (priv->chip_family != RTL818X_CHIP_FAMILY_RTL8180)
1876 		ieee80211_hw_set(dev, SIGNAL_DBM);
1877 	else
1878 		ieee80211_hw_set(dev, SIGNAL_UNSPEC);
1879 
1880 	wiphy_ext_feature_set(dev->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
1881 
1882 	rtl8180_eeprom_read(priv);
1883 
1884 	switch (priv->rf_type) {
1885 	case 1:	rf_name = "Intersil";
1886 		break;
1887 	case 2:	rf_name = "RFMD";
1888 		break;
1889 	case 3:	priv->rf = &sa2400_rf_ops;
1890 		break;
1891 	case 4:	priv->rf = &max2820_rf_ops;
1892 		break;
1893 	case 5:	priv->rf = &grf5101_rf_ops;
1894 		break;
1895 	case 9:
1896 		if (priv->chip_family == RTL818X_CHIP_FAMILY_RTL8187SE)
1897 			priv->rf = rtl8187se_detect_rf(dev);
1898 		else
1899 			priv->rf = rtl8180_detect_rf(dev);
1900 		break;
1901 	case 10:
1902 		rf_name = "RTL8255";
1903 		break;
1904 	default:
1905 		printk(KERN_ERR "%s (rtl8180): Unknown RF! (0x%x)\n",
1906 		       pci_name(pdev), priv->rf_type);
1907 		err = -ENODEV;
1908 		goto err_iounmap;
1909 	}
1910 
1911 	if (!priv->rf) {
1912 		printk(KERN_ERR "%s (rtl8180): %s RF frontend not supported!\n",
1913 		       pci_name(pdev), rf_name);
1914 		err = -ENODEV;
1915 		goto err_iounmap;
1916 	}
1917 
1918 	if (!is_valid_ether_addr(priv->mac_addr)) {
1919 		printk(KERN_WARNING "%s (rtl8180): Invalid hwaddr! Using"
1920 		       " randomly generated MAC addr\n", pci_name(pdev));
1921 		eth_random_addr(priv->mac_addr);
1922 	}
1923 	SET_IEEE80211_PERM_ADDR(dev, priv->mac_addr);
1924 
1925 	spin_lock_init(&priv->lock);
1926 
1927 	err = ieee80211_register_hw(dev);
1928 	if (err) {
1929 		printk(KERN_ERR "%s (rtl8180): Cannot register device\n",
1930 		       pci_name(pdev));
1931 		goto err_iounmap;
1932 	}
1933 
1934 	wiphy_info(dev->wiphy, "hwaddr %pm, %s + %s\n",
1935 		   priv->mac_addr, chip_name, priv->rf->name);
1936 
1937 	return 0;
1938 
1939  err_iounmap:
1940 	pci_iounmap(pdev, priv->map);
1941 
1942  err_free_dev:
1943 	ieee80211_free_hw(dev);
1944 
1945  err_free_reg:
1946 	pci_release_regions(pdev);
1947 
1948  err_disable_dev:
1949 	pci_disable_device(pdev);
1950 	return err;
1951 }
1952 
1953 static void rtl8180_remove(struct pci_dev *pdev)
1954 {
1955 	struct ieee80211_hw *dev = pci_get_drvdata(pdev);
1956 	struct rtl8180_priv *priv;
1957 
1958 	if (!dev)
1959 		return;
1960 
1961 	ieee80211_unregister_hw(dev);
1962 
1963 	priv = dev->priv;
1964 
1965 	pci_iounmap(pdev, priv->map);
1966 	pci_release_regions(pdev);
1967 	pci_disable_device(pdev);
1968 	ieee80211_free_hw(dev);
1969 }
1970 
1971 #ifdef CONFIG_PM
1972 static int rtl8180_suspend(struct pci_dev *pdev, pm_message_t state)
1973 {
1974 	pci_save_state(pdev);
1975 	pci_set_power_state(pdev, pci_choose_state(pdev, state));
1976 	return 0;
1977 }
1978 
1979 static int rtl8180_resume(struct pci_dev *pdev)
1980 {
1981 	pci_set_power_state(pdev, PCI_D0);
1982 	pci_restore_state(pdev);
1983 	return 0;
1984 }
1985 
1986 #endif /* CONFIG_PM */
1987 
1988 static struct pci_driver rtl8180_driver = {
1989 	.name		= KBUILD_MODNAME,
1990 	.id_table	= rtl8180_table,
1991 	.probe		= rtl8180_probe,
1992 	.remove		= rtl8180_remove,
1993 #ifdef CONFIG_PM
1994 	.suspend	= rtl8180_suspend,
1995 	.resume		= rtl8180_resume,
1996 #endif /* CONFIG_PM */
1997 };
1998 
1999 module_pci_driver(rtl8180_driver);
2000