[SCSI] fix BUG when sum(scatterlist) > bufflen
[linux-2.6] / drivers / net / wireless / rtl8187_dev.c
1 /*
2  * Linux device driver for RTL8187
3  *
4  * Copyright 2007 Michael Wu <flamingice@sourmilk.net>
5  * Copyright 2007 Andrea Merello <andreamrl@tiscali.it>
6  *
7  * Based on the r8187 driver, which is:
8  * Copyright 2005 Andrea Merello <andreamrl@tiscali.it>, et al.
9  *
10  * Magic delays and register offsets below are taken from the original
11  * r8187 driver sources.  Thanks to Realtek for their support!
12  *
13  * This program is free software; you can redistribute it and/or modify
14  * it under the terms of the GNU General Public License version 2 as
15  * published by the Free Software Foundation.
16  */
17
18 #include <linux/init.h>
19 #include <linux/usb.h>
20 #include <linux/delay.h>
21 #include <linux/etherdevice.h>
22 #include <linux/eeprom_93cx6.h>
23 #include <net/mac80211.h>
24
25 #include "rtl8187.h"
26 #include "rtl8187_rtl8225.h"
27
28 MODULE_AUTHOR("Michael Wu <flamingice@sourmilk.net>");
29 MODULE_AUTHOR("Andrea Merello <andreamrl@tiscali.it>");
30 MODULE_DESCRIPTION("RTL8187 USB wireless driver");
31 MODULE_LICENSE("GPL");
32
33 static struct usb_device_id rtl8187_table[] __devinitdata = {
34         /* Realtek */
35         {USB_DEVICE(0x0bda, 0x8187)},
36         /* Netgear */
37         {USB_DEVICE(0x0846, 0x6100)},
38         {USB_DEVICE(0x0846, 0x6a00)},
39         /* HP */
40         {USB_DEVICE(0x03f0, 0xca02)},
41         /* Sitecom */
42         {USB_DEVICE(0x0df6, 0x000d)},
43         {}
44 };
45
46 MODULE_DEVICE_TABLE(usb, rtl8187_table);
47
48 static void rtl8187_iowrite_async_cb(struct urb *urb)
49 {
50         kfree(urb->context);
51         usb_free_urb(urb);
52 }
53
54 static void rtl8187_iowrite_async(struct rtl8187_priv *priv, __le16 addr,
55                                   void *data, u16 len)
56 {
57         struct usb_ctrlrequest *dr;
58         struct urb *urb;
59         struct rtl8187_async_write_data {
60                 u8 data[4];
61                 struct usb_ctrlrequest dr;
62         } *buf;
63
64         buf = kmalloc(sizeof(*buf), GFP_ATOMIC);
65         if (!buf)
66                 return;
67
68         urb = usb_alloc_urb(0, GFP_ATOMIC);
69         if (!urb) {
70                 kfree(buf);
71                 return;
72         }
73
74         dr = &buf->dr;
75
76         dr->bRequestType = RTL8187_REQT_WRITE;
77         dr->bRequest = RTL8187_REQ_SET_REG;
78         dr->wValue = addr;
79         dr->wIndex = 0;
80         dr->wLength = cpu_to_le16(len);
81
82         memcpy(buf, data, len);
83
84         usb_fill_control_urb(urb, priv->udev, usb_sndctrlpipe(priv->udev, 0),
85                              (unsigned char *)dr, buf, len,
86                              rtl8187_iowrite_async_cb, buf);
87         usb_submit_urb(urb, GFP_ATOMIC);
88 }
89
90 static inline void rtl818x_iowrite32_async(struct rtl8187_priv *priv,
91                                            __le32 *addr, u32 val)
92 {
93         __le32 buf = cpu_to_le32(val);
94
95         rtl8187_iowrite_async(priv, cpu_to_le16((unsigned long)addr),
96                               &buf, sizeof(buf));
97 }
98
99 void rtl8187_write_phy(struct ieee80211_hw *dev, u8 addr, u32 data)
100 {
101         struct rtl8187_priv *priv = dev->priv;
102
103         data <<= 8;
104         data |= addr | 0x80;
105
106         rtl818x_iowrite8(priv, &priv->map->PHY[3], (data >> 24) & 0xFF);
107         rtl818x_iowrite8(priv, &priv->map->PHY[2], (data >> 16) & 0xFF);
108         rtl818x_iowrite8(priv, &priv->map->PHY[1], (data >> 8) & 0xFF);
109         rtl818x_iowrite8(priv, &priv->map->PHY[0], data & 0xFF);
110
111         msleep(1);
112 }
113
114 static void rtl8187_tx_cb(struct urb *urb)
115 {
116         struct ieee80211_tx_status status = { {0} };
117         struct sk_buff *skb = (struct sk_buff *)urb->context;
118         struct rtl8187_tx_info *info = (struct rtl8187_tx_info *)skb->cb;
119
120         usb_free_urb(info->urb);
121         if (info->control)
122                 memcpy(&status.control, info->control, sizeof(status.control));
123         kfree(info->control);
124         skb_pull(skb, sizeof(struct rtl8187_tx_hdr));
125         status.flags |= IEEE80211_TX_STATUS_ACK;
126         ieee80211_tx_status_irqsafe(info->dev, skb, &status);
127 }
128
129 static int rtl8187_tx(struct ieee80211_hw *dev, struct sk_buff *skb,
130                       struct ieee80211_tx_control *control)
131 {
132         struct rtl8187_priv *priv = dev->priv;
133         struct rtl8187_tx_hdr *hdr;
134         struct rtl8187_tx_info *info;
135         struct urb *urb;
136         __le16 rts_dur = 0;
137         u32 flags;
138
139         urb = usb_alloc_urb(0, GFP_ATOMIC);
140         if (!urb) {
141                 kfree_skb(skb);
142                 return 0;
143         }
144
145         flags = skb->len;
146         flags |= RTL8187_TX_FLAG_NO_ENCRYPT;
147         flags |= control->rts_cts_rate << 19;
148         flags |= control->tx_rate << 24;
149         if (ieee80211_get_morefrag((struct ieee80211_hdr *)skb->data))
150                 flags |= RTL8187_TX_FLAG_MORE_FRAG;
151         if (control->flags & IEEE80211_TXCTL_USE_RTS_CTS) {
152                 flags |= RTL8187_TX_FLAG_RTS;
153                 rts_dur = ieee80211_rts_duration(dev, priv->vif,
154                                                  skb->len, control);
155         }
156         if (control->flags & IEEE80211_TXCTL_USE_CTS_PROTECT)
157                 flags |= RTL8187_TX_FLAG_CTS;
158
159         hdr = (struct rtl8187_tx_hdr *)skb_push(skb, sizeof(*hdr));
160         hdr->flags = cpu_to_le32(flags);
161         hdr->len = 0;
162         hdr->rts_duration = rts_dur;
163         hdr->retry = cpu_to_le32(control->retry_limit << 8);
164
165         info = (struct rtl8187_tx_info *)skb->cb;
166         info->control = kmemdup(control, sizeof(*control), GFP_ATOMIC);
167         info->urb = urb;
168         info->dev = dev;
169         usb_fill_bulk_urb(urb, priv->udev, usb_sndbulkpipe(priv->udev, 2),
170                           hdr, skb->len, rtl8187_tx_cb, skb);
171         usb_submit_urb(urb, GFP_ATOMIC);
172
173         return 0;
174 }
175
176 static void rtl8187_rx_cb(struct urb *urb)
177 {
178         struct sk_buff *skb = (struct sk_buff *)urb->context;
179         struct rtl8187_rx_info *info = (struct rtl8187_rx_info *)skb->cb;
180         struct ieee80211_hw *dev = info->dev;
181         struct rtl8187_priv *priv = dev->priv;
182         struct rtl8187_rx_hdr *hdr;
183         struct ieee80211_rx_status rx_status = { 0 };
184         int rate, signal;
185         u32 flags;
186
187         spin_lock(&priv->rx_queue.lock);
188         if (skb->next)
189                 __skb_unlink(skb, &priv->rx_queue);
190         else {
191                 spin_unlock(&priv->rx_queue.lock);
192                 return;
193         }
194         spin_unlock(&priv->rx_queue.lock);
195
196         if (unlikely(urb->status)) {
197                 usb_free_urb(urb);
198                 dev_kfree_skb_irq(skb);
199                 return;
200         }
201
202         skb_put(skb, urb->actual_length);
203         hdr = (struct rtl8187_rx_hdr *)(skb_tail_pointer(skb) - sizeof(*hdr));
204         flags = le32_to_cpu(hdr->flags);
205         skb_trim(skb, flags & 0x0FFF);
206
207         signal = hdr->agc >> 1;
208         rate = (flags >> 20) & 0xF;
209         if (rate > 3) { /* OFDM rate */
210                 if (signal > 90)
211                         signal = 90;
212                 else if (signal < 25)
213                         signal = 25;
214                 signal = 90 - signal;
215         } else {        /* CCK rate */
216                 if (signal > 95)
217                         signal = 95;
218                 else if (signal < 30)
219                         signal = 30;
220                 signal = 95 - signal;
221         }
222
223         rx_status.antenna = (hdr->signal >> 7) & 1;
224         rx_status.signal = 64 - min(hdr->noise, (u8)64);
225         rx_status.ssi = signal;
226         rx_status.rate = rate;
227         rx_status.freq = dev->conf.freq;
228         rx_status.channel = dev->conf.channel;
229         rx_status.phymode = dev->conf.phymode;
230         rx_status.mactime = le64_to_cpu(hdr->mac_time);
231         rx_status.flag |= RX_FLAG_TSFT;
232         if (flags & (1 << 13))
233                 rx_status.flag |= RX_FLAG_FAILED_FCS_CRC;
234         ieee80211_rx_irqsafe(dev, skb, &rx_status);
235
236         skb = dev_alloc_skb(RTL8187_MAX_RX);
237         if (unlikely(!skb)) {
238                 usb_free_urb(urb);
239                 /* TODO check rx queue length and refill *somewhere* */
240                 return;
241         }
242
243         info = (struct rtl8187_rx_info *)skb->cb;
244         info->urb = urb;
245         info->dev = dev;
246         urb->transfer_buffer = skb_tail_pointer(skb);
247         urb->context = skb;
248         skb_queue_tail(&priv->rx_queue, skb);
249
250         usb_submit_urb(urb, GFP_ATOMIC);
251 }
252
253 static int rtl8187_init_urbs(struct ieee80211_hw *dev)
254 {
255         struct rtl8187_priv *priv = dev->priv;
256         struct urb *entry;
257         struct sk_buff *skb;
258         struct rtl8187_rx_info *info;
259
260         while (skb_queue_len(&priv->rx_queue) < 8) {
261                 skb = __dev_alloc_skb(RTL8187_MAX_RX, GFP_KERNEL);
262                 if (!skb)
263                         break;
264                 entry = usb_alloc_urb(0, GFP_KERNEL);
265                 if (!entry) {
266                         kfree_skb(skb);
267                         break;
268                 }
269                 usb_fill_bulk_urb(entry, priv->udev,
270                                   usb_rcvbulkpipe(priv->udev, 1),
271                                   skb_tail_pointer(skb),
272                                   RTL8187_MAX_RX, rtl8187_rx_cb, skb);
273                 info = (struct rtl8187_rx_info *)skb->cb;
274                 info->urb = entry;
275                 info->dev = dev;
276                 skb_queue_tail(&priv->rx_queue, skb);
277                 usb_submit_urb(entry, GFP_KERNEL);
278         }
279
280         return 0;
281 }
282
283 static int rtl8187_init_hw(struct ieee80211_hw *dev)
284 {
285         struct rtl8187_priv *priv = dev->priv;
286         u8 reg;
287         int i;
288
289         /* reset */
290         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
291         reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
292         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg | RTL818X_CONFIG3_ANAPARAM_WRITE);
293         rtl818x_iowrite32(priv, &priv->map->ANAPARAM, RTL8225_ANAPARAM_ON);
294         rtl818x_iowrite32(priv, &priv->map->ANAPARAM2, RTL8225_ANAPARAM2_ON);
295         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg & ~RTL818X_CONFIG3_ANAPARAM_WRITE);
296         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
297
298         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0);
299
300         msleep(200);
301         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x10);
302         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x11);
303         rtl818x_iowrite8(priv, (u8 *)0xFE18, 0x00);
304         msleep(200);
305
306         reg = rtl818x_ioread8(priv, &priv->map->CMD);
307         reg &= (1 << 1);
308         reg |= RTL818X_CMD_RESET;
309         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
310
311         i = 10;
312         do {
313                 msleep(2);
314                 if (!(rtl818x_ioread8(priv, &priv->map->CMD) &
315                       RTL818X_CMD_RESET))
316                         break;
317         } while (--i);
318
319         if (!i) {
320                 printk(KERN_ERR "%s: Reset timeout!\n", wiphy_name(dev->wiphy));
321                 return -ETIMEDOUT;
322         }
323
324         /* reload registers from eeprom */
325         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_LOAD);
326
327         i = 10;
328         do {
329                 msleep(4);
330                 if (!(rtl818x_ioread8(priv, &priv->map->EEPROM_CMD) &
331                       RTL818X_EEPROM_CMD_CONFIG))
332                         break;
333         } while (--i);
334
335         if (!i) {
336                 printk(KERN_ERR "%s: eeprom reset timeout!\n",
337                        wiphy_name(dev->wiphy));
338                 return -ETIMEDOUT;
339         }
340
341         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
342         reg = rtl818x_ioread8(priv, &priv->map->CONFIG3);
343         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg | RTL818X_CONFIG3_ANAPARAM_WRITE);
344         rtl818x_iowrite32(priv, &priv->map->ANAPARAM, RTL8225_ANAPARAM_ON);
345         rtl818x_iowrite32(priv, &priv->map->ANAPARAM2, RTL8225_ANAPARAM2_ON);
346         rtl818x_iowrite8(priv, &priv->map->CONFIG3, reg & ~RTL818X_CONFIG3_ANAPARAM_WRITE);
347         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
348
349         /* setup card */
350         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0);
351         rtl818x_iowrite8(priv, &priv->map->GPIO, 0);
352
353         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, (4 << 8));
354         rtl818x_iowrite8(priv, &priv->map->GPIO, 1);
355         rtl818x_iowrite8(priv, &priv->map->GP_ENABLE, 0);
356
357         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
358
359         rtl818x_iowrite16(priv, (__le16 *)0xFFF4, 0xFFFF);
360         reg = rtl818x_ioread8(priv, &priv->map->CONFIG1);
361         reg &= 0x3F;
362         reg |= 0x80;
363         rtl818x_iowrite8(priv, &priv->map->CONFIG1, reg);
364
365         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
366
367         rtl818x_iowrite32(priv, &priv->map->INT_TIMEOUT, 0);
368         rtl818x_iowrite8(priv, &priv->map->WPA_CONF, 0);
369         rtl818x_iowrite8(priv, &priv->map->RATE_FALLBACK, 0x81);
370
371         // TODO: set RESP_RATE and BRSR properly
372         rtl818x_iowrite8(priv, &priv->map->RESP_RATE, (8 << 4) | 0);
373         rtl818x_iowrite16(priv, &priv->map->BRSR, 0x01F3);
374
375         /* host_usb_init */
376         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0);
377         rtl818x_iowrite8(priv, &priv->map->GPIO, 0);
378         reg = rtl818x_ioread8(priv, (u8 *)0xFE53);
379         rtl818x_iowrite8(priv, (u8 *)0xFE53, reg | (1 << 7));
380         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, (4 << 8));
381         rtl818x_iowrite8(priv, &priv->map->GPIO, 0x20);
382         rtl818x_iowrite8(priv, &priv->map->GP_ENABLE, 0);
383         rtl818x_iowrite16(priv, &priv->map->RFPinsOutput, 0x80);
384         rtl818x_iowrite16(priv, &priv->map->RFPinsSelect, 0x80);
385         rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x80);
386         msleep(100);
387
388         rtl818x_iowrite32(priv, &priv->map->RF_TIMING, 0x000a8008);
389         rtl818x_iowrite16(priv, &priv->map->BRSR, 0xFFFF);
390         rtl818x_iowrite32(priv, &priv->map->RF_PARA, 0x00100044);
391         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
392         rtl818x_iowrite8(priv, &priv->map->CONFIG3, 0x44);
393         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
394         rtl818x_iowrite16(priv, &priv->map->RFPinsEnable, 0x1FF7);
395         msleep(100);
396
397         priv->rf->init(dev);
398
399         rtl818x_iowrite16(priv, &priv->map->BRSR, 0x01F3);
400         reg = rtl818x_ioread8(priv, &priv->map->PGSELECT) & ~1;
401         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg | 1);
402         rtl818x_iowrite16(priv, (__le16 *)0xFFFE, 0x10);
403         rtl818x_iowrite8(priv, &priv->map->TALLY_SEL, 0x80);
404         rtl818x_iowrite8(priv, (u8 *)0xFFFF, 0x60);
405         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg);
406
407         return 0;
408 }
409
410 static int rtl8187_start(struct ieee80211_hw *dev)
411 {
412         struct rtl8187_priv *priv = dev->priv;
413         u32 reg;
414         int ret;
415
416         ret = rtl8187_init_hw(dev);
417         if (ret)
418                 return ret;
419
420         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0xFFFF);
421
422         rtl818x_iowrite32(priv, &priv->map->MAR[0], ~0);
423         rtl818x_iowrite32(priv, &priv->map->MAR[1], ~0);
424
425         rtl8187_init_urbs(dev);
426
427         reg = RTL818X_RX_CONF_ONLYERLPKT |
428               RTL818X_RX_CONF_RX_AUTORESETPHY |
429               RTL818X_RX_CONF_BSSID |
430               RTL818X_RX_CONF_MGMT |
431               RTL818X_RX_CONF_DATA |
432               (7 << 13 /* RX FIFO threshold NONE */) |
433               (7 << 10 /* MAX RX DMA */) |
434               RTL818X_RX_CONF_BROADCAST |
435               RTL818X_RX_CONF_NICMAC;
436
437         priv->rx_conf = reg;
438         rtl818x_iowrite32(priv, &priv->map->RX_CONF, reg);
439
440         reg = rtl818x_ioread8(priv, &priv->map->CW_CONF);
441         reg &= ~RTL818X_CW_CONF_PERPACKET_CW_SHIFT;
442         reg |= RTL818X_CW_CONF_PERPACKET_RETRY_SHIFT;
443         rtl818x_iowrite8(priv, &priv->map->CW_CONF, reg);
444
445         reg = rtl818x_ioread8(priv, &priv->map->TX_AGC_CTL);
446         reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_GAIN_SHIFT;
447         reg &= ~RTL818X_TX_AGC_CTL_PERPACKET_ANTSEL_SHIFT;
448         reg &= ~RTL818X_TX_AGC_CTL_FEEDBACK_ANT;
449         rtl818x_iowrite8(priv, &priv->map->TX_AGC_CTL, reg);
450
451         reg  = RTL818X_TX_CONF_CW_MIN |
452                (7 << 21 /* MAX TX DMA */) |
453                RTL818X_TX_CONF_NO_ICV;
454         rtl818x_iowrite32(priv, &priv->map->TX_CONF, reg);
455
456         reg = rtl818x_ioread8(priv, &priv->map->CMD);
457         reg |= RTL818X_CMD_TX_ENABLE;
458         reg |= RTL818X_CMD_RX_ENABLE;
459         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
460
461         return 0;
462 }
463
464 static void rtl8187_stop(struct ieee80211_hw *dev)
465 {
466         struct rtl8187_priv *priv = dev->priv;
467         struct rtl8187_rx_info *info;
468         struct sk_buff *skb;
469         u32 reg;
470
471         rtl818x_iowrite16(priv, &priv->map->INT_MASK, 0);
472
473         reg = rtl818x_ioread8(priv, &priv->map->CMD);
474         reg &= ~RTL818X_CMD_TX_ENABLE;
475         reg &= ~RTL818X_CMD_RX_ENABLE;
476         rtl818x_iowrite8(priv, &priv->map->CMD, reg);
477
478         priv->rf->stop(dev);
479
480         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
481         reg = rtl818x_ioread8(priv, &priv->map->CONFIG4);
482         rtl818x_iowrite8(priv, &priv->map->CONFIG4, reg | RTL818X_CONFIG4_VCOOFF);
483         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
484
485         while ((skb = skb_dequeue(&priv->rx_queue))) {
486                 info = (struct rtl8187_rx_info *)skb->cb;
487                 usb_kill_urb(info->urb);
488                 kfree_skb(skb);
489         }
490         return;
491 }
492
493 static int rtl8187_add_interface(struct ieee80211_hw *dev,
494                                  struct ieee80211_if_init_conf *conf)
495 {
496         struct rtl8187_priv *priv = dev->priv;
497         int i;
498
499         if (priv->mode != IEEE80211_IF_TYPE_MNTR)
500                 return -EOPNOTSUPP;
501
502         switch (conf->type) {
503         case IEEE80211_IF_TYPE_STA:
504                 priv->mode = conf->type;
505                 break;
506         default:
507                 return -EOPNOTSUPP;
508         }
509
510         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
511         for (i = 0; i < ETH_ALEN; i++)
512                 rtl818x_iowrite8(priv, &priv->map->MAC[i],
513                                  ((u8 *)conf->mac_addr)[i]);
514         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
515
516         return 0;
517 }
518
519 static void rtl8187_remove_interface(struct ieee80211_hw *dev,
520                                      struct ieee80211_if_init_conf *conf)
521 {
522         struct rtl8187_priv *priv = dev->priv;
523         priv->mode = IEEE80211_IF_TYPE_MNTR;
524 }
525
526 static int rtl8187_config(struct ieee80211_hw *dev, struct ieee80211_conf *conf)
527 {
528         struct rtl8187_priv *priv = dev->priv;
529         u32 reg;
530
531         reg = rtl818x_ioread32(priv, &priv->map->TX_CONF);
532         /* Enable TX loopback on MAC level to avoid TX during channel
533          * changes, as this has be seen to causes problems and the
534          * card will stop work until next reset
535          */
536         rtl818x_iowrite32(priv, &priv->map->TX_CONF,
537                           reg | RTL818X_TX_CONF_LOOPBACK_MAC);
538         msleep(10);
539         priv->rf->set_chan(dev, conf);
540         msleep(10);
541         rtl818x_iowrite32(priv, &priv->map->TX_CONF, reg);
542
543         rtl818x_iowrite8(priv, &priv->map->SIFS, 0x22);
544
545         if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME) {
546                 rtl818x_iowrite8(priv, &priv->map->SLOT, 0x9);
547                 rtl818x_iowrite8(priv, &priv->map->DIFS, 0x14);
548                 rtl818x_iowrite8(priv, &priv->map->EIFS, 91 - 0x14);
549                 rtl818x_iowrite8(priv, &priv->map->CW_VAL, 0x73);
550         } else {
551                 rtl818x_iowrite8(priv, &priv->map->SLOT, 0x14);
552                 rtl818x_iowrite8(priv, &priv->map->DIFS, 0x24);
553                 rtl818x_iowrite8(priv, &priv->map->EIFS, 91 - 0x24);
554                 rtl818x_iowrite8(priv, &priv->map->CW_VAL, 0xa5);
555         }
556
557         rtl818x_iowrite16(priv, &priv->map->ATIM_WND, 2);
558         rtl818x_iowrite16(priv, &priv->map->ATIMTR_INTERVAL, 100);
559         rtl818x_iowrite16(priv, &priv->map->BEACON_INTERVAL, 100);
560         rtl818x_iowrite16(priv, &priv->map->BEACON_INTERVAL_TIME, 100);
561         return 0;
562 }
563
564 static int rtl8187_config_interface(struct ieee80211_hw *dev,
565                                     struct ieee80211_vif *vif,
566                                     struct ieee80211_if_conf *conf)
567 {
568         struct rtl8187_priv *priv = dev->priv;
569         int i;
570
571         for (i = 0; i < ETH_ALEN; i++)
572                 rtl818x_iowrite8(priv, &priv->map->BSSID[i], conf->bssid[i]);
573
574         if (is_valid_ether_addr(conf->bssid))
575                 rtl818x_iowrite8(priv, &priv->map->MSR, RTL818X_MSR_INFRA);
576         else
577                 rtl818x_iowrite8(priv, &priv->map->MSR, RTL818X_MSR_NO_LINK);
578
579         return 0;
580 }
581
582 static void rtl8187_configure_filter(struct ieee80211_hw *dev,
583                                      unsigned int changed_flags,
584                                      unsigned int *total_flags,
585                                      int mc_count, struct dev_addr_list *mclist)
586 {
587         struct rtl8187_priv *priv = dev->priv;
588
589         if (changed_flags & FIF_FCSFAIL)
590                 priv->rx_conf ^= RTL818X_RX_CONF_FCS;
591         if (changed_flags & FIF_CONTROL)
592                 priv->rx_conf ^= RTL818X_RX_CONF_CTRL;
593         if (changed_flags & FIF_OTHER_BSS)
594                 priv->rx_conf ^= RTL818X_RX_CONF_MONITOR;
595         if (*total_flags & FIF_ALLMULTI || mc_count > 0)
596                 priv->rx_conf |= RTL818X_RX_CONF_MULTICAST;
597         else
598                 priv->rx_conf &= ~RTL818X_RX_CONF_MULTICAST;
599
600         *total_flags = 0;
601
602         if (priv->rx_conf & RTL818X_RX_CONF_FCS)
603                 *total_flags |= FIF_FCSFAIL;
604         if (priv->rx_conf & RTL818X_RX_CONF_CTRL)
605                 *total_flags |= FIF_CONTROL;
606         if (priv->rx_conf & RTL818X_RX_CONF_MONITOR)
607                 *total_flags |= FIF_OTHER_BSS;
608         if (priv->rx_conf & RTL818X_RX_CONF_MULTICAST)
609                 *total_flags |= FIF_ALLMULTI;
610
611         rtl818x_iowrite32_async(priv, &priv->map->RX_CONF, priv->rx_conf);
612 }
613
614 static const struct ieee80211_ops rtl8187_ops = {
615         .tx                     = rtl8187_tx,
616         .start                  = rtl8187_start,
617         .stop                   = rtl8187_stop,
618         .add_interface          = rtl8187_add_interface,
619         .remove_interface       = rtl8187_remove_interface,
620         .config                 = rtl8187_config,
621         .config_interface       = rtl8187_config_interface,
622         .configure_filter       = rtl8187_configure_filter,
623 };
624
625 static void rtl8187_eeprom_register_read(struct eeprom_93cx6 *eeprom)
626 {
627         struct ieee80211_hw *dev = eeprom->data;
628         struct rtl8187_priv *priv = dev->priv;
629         u8 reg = rtl818x_ioread8(priv, &priv->map->EEPROM_CMD);
630
631         eeprom->reg_data_in = reg & RTL818X_EEPROM_CMD_WRITE;
632         eeprom->reg_data_out = reg & RTL818X_EEPROM_CMD_READ;
633         eeprom->reg_data_clock = reg & RTL818X_EEPROM_CMD_CK;
634         eeprom->reg_chip_select = reg & RTL818X_EEPROM_CMD_CS;
635 }
636
637 static void rtl8187_eeprom_register_write(struct eeprom_93cx6 *eeprom)
638 {
639         struct ieee80211_hw *dev = eeprom->data;
640         struct rtl8187_priv *priv = dev->priv;
641         u8 reg = RTL818X_EEPROM_CMD_PROGRAM;
642
643         if (eeprom->reg_data_in)
644                 reg |= RTL818X_EEPROM_CMD_WRITE;
645         if (eeprom->reg_data_out)
646                 reg |= RTL818X_EEPROM_CMD_READ;
647         if (eeprom->reg_data_clock)
648                 reg |= RTL818X_EEPROM_CMD_CK;
649         if (eeprom->reg_chip_select)
650                 reg |= RTL818X_EEPROM_CMD_CS;
651
652         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, reg);
653         udelay(10);
654 }
655
656 static int __devinit rtl8187_probe(struct usb_interface *intf,
657                                    const struct usb_device_id *id)
658 {
659         struct usb_device *udev = interface_to_usbdev(intf);
660         struct ieee80211_hw *dev;
661         struct rtl8187_priv *priv;
662         struct eeprom_93cx6 eeprom;
663         struct ieee80211_channel *channel;
664         u16 txpwr, reg;
665         int err, i;
666         DECLARE_MAC_BUF(mac);
667
668         dev = ieee80211_alloc_hw(sizeof(*priv), &rtl8187_ops);
669         if (!dev) {
670                 printk(KERN_ERR "rtl8187: ieee80211 alloc failed\n");
671                 return -ENOMEM;
672         }
673
674         priv = dev->priv;
675
676         SET_IEEE80211_DEV(dev, &intf->dev);
677         usb_set_intfdata(intf, dev);
678         priv->udev = udev;
679
680         usb_get_dev(udev);
681
682         skb_queue_head_init(&priv->rx_queue);
683         memcpy(priv->channels, rtl818x_channels, sizeof(rtl818x_channels));
684         memcpy(priv->rates, rtl818x_rates, sizeof(rtl818x_rates));
685         priv->map = (struct rtl818x_csr *)0xFF00;
686         priv->modes[0].mode = MODE_IEEE80211G;
687         priv->modes[0].num_rates = ARRAY_SIZE(rtl818x_rates);
688         priv->modes[0].rates = priv->rates;
689         priv->modes[0].num_channels = ARRAY_SIZE(rtl818x_channels);
690         priv->modes[0].channels = priv->channels;
691         priv->modes[1].mode = MODE_IEEE80211B;
692         priv->modes[1].num_rates = 4;
693         priv->modes[1].rates = priv->rates;
694         priv->modes[1].num_channels = ARRAY_SIZE(rtl818x_channels);
695         priv->modes[1].channels = priv->channels;
696         priv->mode = IEEE80211_IF_TYPE_MNTR;
697         dev->flags = IEEE80211_HW_HOST_BROADCAST_PS_BUFFERING |
698                      IEEE80211_HW_RX_INCLUDES_FCS;
699         dev->extra_tx_headroom = sizeof(struct rtl8187_tx_hdr);
700         dev->queues = 1;
701         dev->max_rssi = 65;
702         dev->max_signal = 64;
703
704         for (i = 0; i < 2; i++)
705                 if ((err = ieee80211_register_hwmode(dev, &priv->modes[i])))
706                         goto err_free_dev;
707
708         eeprom.data = dev;
709         eeprom.register_read = rtl8187_eeprom_register_read;
710         eeprom.register_write = rtl8187_eeprom_register_write;
711         if (rtl818x_ioread32(priv, &priv->map->RX_CONF) & (1 << 6))
712                 eeprom.width = PCI_EEPROM_WIDTH_93C66;
713         else
714                 eeprom.width = PCI_EEPROM_WIDTH_93C46;
715
716         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_CONFIG);
717         udelay(10);
718
719         eeprom_93cx6_multiread(&eeprom, RTL8187_EEPROM_MAC_ADDR,
720                                (__le16 __force *)dev->wiphy->perm_addr, 3);
721         if (!is_valid_ether_addr(dev->wiphy->perm_addr)) {
722                 printk(KERN_WARNING "rtl8187: Invalid hwaddr! Using randomly "
723                        "generated MAC address\n");
724                 random_ether_addr(dev->wiphy->perm_addr);
725         }
726
727         channel = priv->channels;
728         for (i = 0; i < 3; i++) {
729                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_1 + i,
730                                   &txpwr);
731                 (*channel++).val = txpwr & 0xFF;
732                 (*channel++).val = txpwr >> 8;
733         }
734         for (i = 0; i < 2; i++) {
735                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_4 + i,
736                                   &txpwr);
737                 (*channel++).val = txpwr & 0xFF;
738                 (*channel++).val = txpwr >> 8;
739         }
740         for (i = 0; i < 2; i++) {
741                 eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_CHAN_6 + i,
742                                   &txpwr);
743                 (*channel++).val = txpwr & 0xFF;
744                 (*channel++).val = txpwr >> 8;
745         }
746
747         eeprom_93cx6_read(&eeprom, RTL8187_EEPROM_TXPWR_BASE,
748                           &priv->txpwr_base);
749
750         reg = rtl818x_ioread8(priv, &priv->map->PGSELECT) & ~1;
751         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg | 1);
752         /* 0 means asic B-cut, we should use SW 3 wire
753          * bit-by-bit banging for radio. 1 means we can use
754          * USB specific request to write radio registers */
755         priv->asic_rev = rtl818x_ioread8(priv, (u8 *)0xFFFE) & 0x3;
756         rtl818x_iowrite8(priv, &priv->map->PGSELECT, reg);
757         rtl818x_iowrite8(priv, &priv->map->EEPROM_CMD, RTL818X_EEPROM_CMD_NORMAL);
758
759         priv->rf = rtl8187_detect_rf(dev);
760
761         err = ieee80211_register_hw(dev);
762         if (err) {
763                 printk(KERN_ERR "rtl8187: Cannot register device\n");
764                 goto err_free_dev;
765         }
766
767         printk(KERN_INFO "%s: hwaddr %s, rtl8187 V%d + %s\n",
768                wiphy_name(dev->wiphy), print_mac(mac, dev->wiphy->perm_addr),
769                priv->asic_rev, priv->rf->name);
770
771         return 0;
772
773  err_free_dev:
774         ieee80211_free_hw(dev);
775         usb_set_intfdata(intf, NULL);
776         usb_put_dev(udev);
777         return err;
778 }
779
780 static void __devexit rtl8187_disconnect(struct usb_interface *intf)
781 {
782         struct ieee80211_hw *dev = usb_get_intfdata(intf);
783         struct rtl8187_priv *priv;
784
785         if (!dev)
786                 return;
787
788         ieee80211_unregister_hw(dev);
789
790         priv = dev->priv;
791         usb_put_dev(interface_to_usbdev(intf));
792         ieee80211_free_hw(dev);
793 }
794
795 static struct usb_driver rtl8187_driver = {
796         .name           = KBUILD_MODNAME,
797         .id_table       = rtl8187_table,
798         .probe          = rtl8187_probe,
799         .disconnect     = rtl8187_disconnect,
800 };
801
802 static int __init rtl8187_init(void)
803 {
804         return usb_register(&rtl8187_driver);
805 }
806
807 static void __exit rtl8187_exit(void)
808 {
809         usb_deregister(&rtl8187_driver);
810 }
811
812 module_init(rtl8187_init);
813 module_exit(rtl8187_exit);