xref: /linux/drivers/staging/rtl8723bs/hal/rtl8723b_cmd.c (revision 3a39d672e7f48b8d6b91a09afa4b55352773b4b5)
1 // SPDX-License-Identifier: GPL-2.0
2 /******************************************************************************
3  *
4  * Copyright(c) 2007 - 2012 Realtek Corporation. All rights reserved.
5  *
6  ******************************************************************************/
7 
8 #include <drv_types.h>
9 #include <rtl8723b_hal.h>
10 #include "hal_com_h2c.h"
11 
12 #define MAX_H2C_BOX_NUMS	4
13 #define MESSAGE_BOX_SIZE	4
14 
15 #define RTL8723B_MAX_CMD_LEN	7
16 #define RTL8723B_EX_MESSAGE_BOX_SIZE	4
17 
_is_fw_read_cmd_down(struct adapter * padapter,u8 msgbox_num)18 static u8 _is_fw_read_cmd_down(struct adapter *padapter, u8 msgbox_num)
19 {
20 	u8 read_down = false;
21 	int retry_cnts = 100;
22 
23 	u8 valid;
24 
25 	do {
26 		valid = rtw_read8(padapter, REG_HMETFR) & BIT(msgbox_num);
27 		if (0 == valid) {
28 			read_down = true;
29 		}
30 	} while ((!read_down) && (retry_cnts--));
31 
32 	return read_down;
33 
34 }
35 
36 
37 /*****************************************
38 * H2C Msg format :
39 *| 31 - 8		|7-5	| 4 - 0	|
40 *| h2c_msg	|Class	|CMD_ID	|
41 *| 31-0						|
42 *| Ext msg					|
43 *
44 ******************************************/
FillH2CCmd8723B(struct adapter * padapter,u8 ElementID,u32 CmdLen,u8 * pCmdBuffer)45 s32 FillH2CCmd8723B(struct adapter *padapter, u8 ElementID, u32 CmdLen, u8 *pCmdBuffer)
46 {
47 	u8 h2c_box_num;
48 	u32 msgbox_addr;
49 	u32 msgbox_ex_addr = 0;
50 	struct hal_com_data *pHalData;
51 	u32 h2c_cmd = 0;
52 	u32 h2c_cmd_ex = 0;
53 	s32 ret = _FAIL;
54 
55 	padapter = GET_PRIMARY_ADAPTER(padapter);
56 	pHalData = GET_HAL_DATA(padapter);
57 	if (mutex_lock_interruptible(&(adapter_to_dvobj(padapter)->h2c_fwcmd_mutex)))
58 		return ret;
59 
60 	if (!pCmdBuffer) {
61 		goto exit;
62 	}
63 
64 	if (CmdLen > RTL8723B_MAX_CMD_LEN) {
65 		goto exit;
66 	}
67 
68 	if (padapter->bSurpriseRemoved)
69 		goto exit;
70 
71 	/* pay attention to if  race condition happened in  H2C cmd setting. */
72 	do {
73 		h2c_box_num = pHalData->LastHMEBoxNum;
74 
75 		if (!_is_fw_read_cmd_down(padapter, h2c_box_num))
76 			goto exit;
77 
78 		if (CmdLen <= 3)
79 			memcpy((u8 *)(&h2c_cmd)+1, pCmdBuffer, CmdLen);
80 		else {
81 			memcpy((u8 *)(&h2c_cmd)+1, pCmdBuffer, 3);
82 			memcpy((u8 *)(&h2c_cmd_ex), pCmdBuffer+3, CmdLen-3);
83 /* 			*(u8 *)(&h2c_cmd) |= BIT(7); */
84 		}
85 
86 		*(u8 *)(&h2c_cmd) |= ElementID;
87 
88 		if (CmdLen > 3) {
89 			msgbox_ex_addr = REG_HMEBOX_EXT0_8723B + (h2c_box_num*RTL8723B_EX_MESSAGE_BOX_SIZE);
90 			rtw_write32(padapter, msgbox_ex_addr, h2c_cmd_ex);
91 		}
92 		msgbox_addr = REG_HMEBOX_0 + (h2c_box_num*MESSAGE_BOX_SIZE);
93 		rtw_write32(padapter, msgbox_addr, h2c_cmd);
94 
95 		pHalData->LastHMEBoxNum = (h2c_box_num+1) % MAX_H2C_BOX_NUMS;
96 
97 	} while (0);
98 
99 	ret = _SUCCESS;
100 
101 exit:
102 
103 	mutex_unlock(&(adapter_to_dvobj(padapter)->h2c_fwcmd_mutex));
104 	return ret;
105 }
106 
ConstructBeacon(struct adapter * padapter,u8 * pframe,u32 * pLength)107 static void ConstructBeacon(struct adapter *padapter, u8 *pframe, u32 *pLength)
108 {
109 	struct ieee80211_hdr *pwlanhdr;
110 	__le16 *fctrl;
111 	u32 rate_len, pktlen;
112 	struct mlme_ext_priv *pmlmeext = &(padapter->mlmeextpriv);
113 	struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
114 	struct wlan_bssid_ex *cur_network = &(pmlmeinfo->network);
115 
116 	pwlanhdr = (struct ieee80211_hdr *)pframe;
117 
118 	fctrl = &(pwlanhdr->frame_control);
119 	*(fctrl) = 0;
120 
121 	eth_broadcast_addr(pwlanhdr->addr1);
122 	memcpy(pwlanhdr->addr2, myid(&(padapter->eeprompriv)), ETH_ALEN);
123 	memcpy(pwlanhdr->addr3, get_my_bssid(cur_network), ETH_ALEN);
124 
125 	SetSeqNum(pwlanhdr, 0/*pmlmeext->mgnt_seq*/);
126 	/* pmlmeext->mgnt_seq++; */
127 	SetFrameSubType(pframe, WIFI_BEACON);
128 
129 	pframe += sizeof(struct ieee80211_hdr_3addr);
130 	pktlen = sizeof(struct ieee80211_hdr_3addr);
131 
132 	/* timestamp will be inserted by hardware */
133 	pframe += 8;
134 	pktlen += 8;
135 
136 	/*  beacon interval: 2 bytes */
137 	memcpy(pframe, (unsigned char *)(rtw_get_beacon_interval_from_ie(cur_network->ies)), 2);
138 
139 	pframe += 2;
140 	pktlen += 2;
141 
142 	/*  capability info: 2 bytes */
143 	memcpy(pframe, (unsigned char *)(rtw_get_capability_from_ie(cur_network->ies)), 2);
144 
145 	pframe += 2;
146 	pktlen += 2;
147 
148 	if ((pmlmeinfo->state&0x03) == WIFI_FW_AP_STATE) {
149 		pktlen += cur_network->ie_length - sizeof(struct ndis_802_11_fix_ie);
150 		memcpy(pframe, cur_network->ies+sizeof(struct ndis_802_11_fix_ie), pktlen);
151 
152 		goto _ConstructBeacon;
153 	}
154 
155 	/* below for ad-hoc mode */
156 
157 	/*  SSID */
158 	pframe = rtw_set_ie(pframe, WLAN_EID_SSID, cur_network->ssid.ssid_length, cur_network->ssid.ssid, &pktlen);
159 
160 	/*  supported rates... */
161 	rate_len = rtw_get_rateset_len(cur_network->supported_rates);
162 	pframe = rtw_set_ie(pframe, WLAN_EID_SUPP_RATES, ((rate_len > 8) ? 8 : rate_len), cur_network->supported_rates, &pktlen);
163 
164 	/*  DS parameter set */
165 	pframe = rtw_set_ie(pframe, WLAN_EID_DS_PARAMS, 1, (unsigned char *)&(cur_network->configuration.ds_config), &pktlen);
166 
167 	if ((pmlmeinfo->state&0x03) == WIFI_FW_ADHOC_STATE) {
168 		u32 ATIMWindow;
169 		/*  IBSS Parameter Set... */
170 		/* ATIMWindow = cur->configuration.ATIMWindow; */
171 		ATIMWindow = 0;
172 		pframe = rtw_set_ie(pframe, WLAN_EID_IBSS_PARAMS, 2, (unsigned char *)(&ATIMWindow), &pktlen);
173 	}
174 
175 
176 	/* todo: ERP IE */
177 
178 
179 	/*  EXTERNDED SUPPORTED RATE */
180 	if (rate_len > 8)
181 		pframe = rtw_set_ie(pframe, WLAN_EID_EXT_SUPP_RATES, (rate_len - 8), (cur_network->supported_rates + 8), &pktlen);
182 
183 
184 	/* todo:HT for adhoc */
185 
186 _ConstructBeacon:
187 
188 	if ((pktlen + TXDESC_SIZE) > 512)
189 		return;
190 
191 	*pLength = pktlen;
192 
193 }
194 
ConstructPSPoll(struct adapter * padapter,u8 * pframe,u32 * pLength)195 static void ConstructPSPoll(struct adapter *padapter, u8 *pframe, u32 *pLength)
196 {
197 	struct ieee80211_hdr *pwlanhdr;
198 	__le16 *fctrl;
199 	struct mlme_ext_priv *pmlmeext = &(padapter->mlmeextpriv);
200 	struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
201 
202 	pwlanhdr = (struct ieee80211_hdr *)pframe;
203 
204 	/*  Frame control. */
205 	fctrl = &(pwlanhdr->frame_control);
206 	*(fctrl) = 0;
207 	SetPwrMgt(fctrl);
208 	SetFrameSubType(pframe, WIFI_PSPOLL);
209 
210 	/*  AID. */
211 	SetDuration(pframe, (pmlmeinfo->aid | 0xc000));
212 
213 	/*  BSSID. */
214 	memcpy(pwlanhdr->addr1, get_my_bssid(&(pmlmeinfo->network)), ETH_ALEN);
215 
216 	/*  TA. */
217 	memcpy(pwlanhdr->addr2, myid(&(padapter->eeprompriv)), ETH_ALEN);
218 
219 	*pLength = 16;
220 }
221 
ConstructNullFunctionData(struct adapter * padapter,u8 * pframe,u32 * pLength,u8 * StaAddr,u8 bQoS,u8 AC,u8 bEosp,u8 bForcePowerSave)222 static void ConstructNullFunctionData(
223 	struct adapter *padapter,
224 	u8 *pframe,
225 	u32 *pLength,
226 	u8 *StaAddr,
227 	u8 bQoS,
228 	u8 AC,
229 	u8 bEosp,
230 	u8 bForcePowerSave
231 )
232 {
233 	struct ieee80211_hdr *pwlanhdr;
234 	__le16 *fctrl;
235 	u32 pktlen;
236 	struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
237 	struct wlan_network *cur_network = &pmlmepriv->cur_network;
238 	struct mlme_ext_priv *pmlmeext = &(padapter->mlmeextpriv);
239 	struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
240 
241 	pwlanhdr = (struct ieee80211_hdr *)pframe;
242 
243 	fctrl = &pwlanhdr->frame_control;
244 	*(fctrl) = 0;
245 	if (bForcePowerSave)
246 		SetPwrMgt(fctrl);
247 
248 	switch (cur_network->network.infrastructure_mode) {
249 	case Ndis802_11Infrastructure:
250 		SetToDs(fctrl);
251 		memcpy(pwlanhdr->addr1, get_my_bssid(&(pmlmeinfo->network)), ETH_ALEN);
252 		memcpy(pwlanhdr->addr2, myid(&(padapter->eeprompriv)), ETH_ALEN);
253 		memcpy(pwlanhdr->addr3, StaAddr, ETH_ALEN);
254 		break;
255 	case Ndis802_11APMode:
256 		SetFrDs(fctrl);
257 		memcpy(pwlanhdr->addr1, StaAddr, ETH_ALEN);
258 		memcpy(pwlanhdr->addr2, get_my_bssid(&(pmlmeinfo->network)), ETH_ALEN);
259 		memcpy(pwlanhdr->addr3, myid(&(padapter->eeprompriv)), ETH_ALEN);
260 		break;
261 	case Ndis802_11IBSS:
262 	default:
263 		memcpy(pwlanhdr->addr1, StaAddr, ETH_ALEN);
264 		memcpy(pwlanhdr->addr2, myid(&(padapter->eeprompriv)), ETH_ALEN);
265 		memcpy(pwlanhdr->addr3, get_my_bssid(&(pmlmeinfo->network)), ETH_ALEN);
266 		break;
267 	}
268 
269 	SetSeqNum(pwlanhdr, 0);
270 
271 	if (bQoS) {
272 		struct ieee80211_qos_hdr *pwlanqoshdr;
273 
274 		SetFrameSubType(pframe, WIFI_QOS_DATA_NULL);
275 
276 		pwlanqoshdr = (struct ieee80211_qos_hdr *)pframe;
277 		SetPriority(&pwlanqoshdr->qos_ctrl, AC);
278 		SetEOSP(&pwlanqoshdr->qos_ctrl, bEosp);
279 
280 		pktlen = sizeof(struct ieee80211_qos_hdr);
281 	} else {
282 		SetFrameSubType(pframe, WIFI_DATA_NULL);
283 
284 		pktlen = sizeof(struct ieee80211_hdr_3addr);
285 	}
286 
287 	*pLength = pktlen;
288 }
289 
290 /*
291  * To check if reserved page content is destroyed by beacon because beacon
292  * is too large.
293  */
294 /* 2010.06.23. Added by tynli. */
CheckFwRsvdPageContent(struct adapter * Adapter)295 void CheckFwRsvdPageContent(struct adapter *Adapter)
296 {
297 }
298 
rtl8723b_set_FwRsvdPage_cmd(struct adapter * padapter,struct rsvdpage_loc * rsvdpageloc)299 static void rtl8723b_set_FwRsvdPage_cmd(struct adapter *padapter, struct rsvdpage_loc *rsvdpageloc)
300 {
301 	u8 u1H2CRsvdPageParm[H2C_RSVDPAGE_LOC_LEN] = {0};
302 
303 	SET_8723B_H2CCMD_RSVDPAGE_LOC_PROBE_RSP(u1H2CRsvdPageParm, rsvdpageloc->LocProbeRsp);
304 	SET_8723B_H2CCMD_RSVDPAGE_LOC_PSPOLL(u1H2CRsvdPageParm, rsvdpageloc->LocPsPoll);
305 	SET_8723B_H2CCMD_RSVDPAGE_LOC_NULL_DATA(u1H2CRsvdPageParm, rsvdpageloc->LocNullData);
306 	SET_8723B_H2CCMD_RSVDPAGE_LOC_QOS_NULL_DATA(u1H2CRsvdPageParm, rsvdpageloc->LocQosNull);
307 	SET_8723B_H2CCMD_RSVDPAGE_LOC_BT_QOS_NULL_DATA(u1H2CRsvdPageParm, rsvdpageloc->LocBTQosNull);
308 
309 	FillH2CCmd8723B(padapter, H2C_8723B_RSVD_PAGE, H2C_RSVDPAGE_LOC_LEN, u1H2CRsvdPageParm);
310 }
311 
rtl8723b_set_FwAoacRsvdPage_cmd(struct adapter * padapter,struct rsvdpage_loc * rsvdpageloc)312 static void rtl8723b_set_FwAoacRsvdPage_cmd(struct adapter *padapter, struct rsvdpage_loc *rsvdpageloc)
313 {
314 }
315 
rtl8723b_set_FwMediaStatusRpt_cmd(struct adapter * padapter,u8 mstatus,u8 macid)316 void rtl8723b_set_FwMediaStatusRpt_cmd(struct adapter *padapter, u8 mstatus, u8 macid)
317 {
318 	u8 u1H2CMediaStatusRptParm[H2C_MEDIA_STATUS_RPT_LEN] = {0};
319 	u8 macid_end = 0;
320 
321 	SET_8723B_H2CCMD_MSRRPT_PARM_OPMODE(u1H2CMediaStatusRptParm, mstatus);
322 	SET_8723B_H2CCMD_MSRRPT_PARM_MACID_IND(u1H2CMediaStatusRptParm, 0);
323 	SET_8723B_H2CCMD_MSRRPT_PARM_MACID(u1H2CMediaStatusRptParm, macid);
324 	SET_8723B_H2CCMD_MSRRPT_PARM_MACID_END(u1H2CMediaStatusRptParm, macid_end);
325 
326 	FillH2CCmd8723B(padapter, H2C_8723B_MEDIA_STATUS_RPT, H2C_MEDIA_STATUS_RPT_LEN, u1H2CMediaStatusRptParm);
327 }
328 
rtl8723b_set_FwMacIdConfig_cmd(struct adapter * padapter,u8 mac_id,u8 raid,u8 bw,u8 sgi,u32 mask)329 void rtl8723b_set_FwMacIdConfig_cmd(struct adapter *padapter, u8 mac_id, u8 raid, u8 bw, u8 sgi, u32 mask)
330 {
331 	u8 u1H2CMacIdConfigParm[H2C_MACID_CFG_LEN] = {0};
332 
333 	SET_8723B_H2CCMD_MACID_CFG_MACID(u1H2CMacIdConfigParm, mac_id);
334 	SET_8723B_H2CCMD_MACID_CFG_RAID(u1H2CMacIdConfigParm, raid);
335 	SET_8723B_H2CCMD_MACID_CFG_SGI_EN(u1H2CMacIdConfigParm, sgi ? 1 : 0);
336 	SET_8723B_H2CCMD_MACID_CFG_BW(u1H2CMacIdConfigParm, bw);
337 	SET_8723B_H2CCMD_MACID_CFG_RATE_MASK0(u1H2CMacIdConfigParm, (u8)(mask & 0x000000ff));
338 	SET_8723B_H2CCMD_MACID_CFG_RATE_MASK1(u1H2CMacIdConfigParm, (u8)((mask & 0x0000ff00) >> 8));
339 	SET_8723B_H2CCMD_MACID_CFG_RATE_MASK2(u1H2CMacIdConfigParm, (u8)((mask & 0x00ff0000) >> 16));
340 	SET_8723B_H2CCMD_MACID_CFG_RATE_MASK3(u1H2CMacIdConfigParm, (u8)((mask & 0xff000000) >> 24));
341 
342 	FillH2CCmd8723B(padapter, H2C_8723B_MACID_CFG, H2C_MACID_CFG_LEN, u1H2CMacIdConfigParm);
343 }
344 
rtl8723b_set_rssi_cmd(struct adapter * padapter,u8 * param)345 void rtl8723b_set_rssi_cmd(struct adapter *padapter, u8 *param)
346 {
347 	u8 u1H2CRssiSettingParm[H2C_RSSI_SETTING_LEN] = {0};
348 	u8 mac_id = *param;
349 	u8 rssi = *(param+2);
350 	u8 uldl_state = 0;
351 
352 	SET_8723B_H2CCMD_RSSI_SETTING_MACID(u1H2CRssiSettingParm, mac_id);
353 	SET_8723B_H2CCMD_RSSI_SETTING_RSSI(u1H2CRssiSettingParm, rssi);
354 	SET_8723B_H2CCMD_RSSI_SETTING_ULDL_STATE(u1H2CRssiSettingParm, uldl_state);
355 
356 	FillH2CCmd8723B(padapter, H2C_8723B_RSSI_SETTING, H2C_RSSI_SETTING_LEN, u1H2CRssiSettingParm);
357 }
358 
rtl8723b_set_FwPwrMode_cmd(struct adapter * padapter,u8 psmode)359 void rtl8723b_set_FwPwrMode_cmd(struct adapter *padapter, u8 psmode)
360 {
361 	int i;
362 	struct pwrctrl_priv *pwrpriv = adapter_to_pwrctl(padapter);
363 	struct mlme_ext_priv *pmlmeext = &padapter->mlmeextpriv;
364 	u8 u1H2CPwrModeParm[H2C_PWRMODE_LEN] = {0};
365 	u8 PowerState = 0, awake_intvl = 1, byte5 = 0, rlbm = 0;
366 
367 	if (pwrpriv->dtim > 0 && pwrpriv->dtim < 16)
368 		awake_intvl = pwrpriv->dtim+1;/* DTIM = (awake_intvl - 1) */
369 	else
370 		awake_intvl = 3;/* DTIM =2 */
371 
372 	rlbm = 2;
373 
374 	if (padapter->registrypriv.wifi_spec == 1) {
375 		awake_intvl = 2;
376 		rlbm = 2;
377 	}
378 
379 	if (psmode > 0) {
380 		if (hal_btcoex_IsBtControlLps(padapter) == true) {
381 			PowerState = hal_btcoex_RpwmVal(padapter);
382 			byte5 = hal_btcoex_LpsVal(padapter);
383 
384 			if ((rlbm == 2) && (byte5 & BIT(4))) {
385 				/*  Keep awake interval to 1 to prevent from */
386 				/*  decreasing coex performance */
387 				awake_intvl = 2;
388 				rlbm = 2;
389 			}
390 		} else {
391 			PowerState = 0x00;/*  AllON(0x0C), RFON(0x04), RFOFF(0x00) */
392 			byte5 = 0x40;
393 		}
394 	} else {
395 		PowerState = 0x0C;/*  AllON(0x0C), RFON(0x04), RFOFF(0x00) */
396 		byte5 = 0x40;
397 	}
398 
399 	SET_8723B_H2CCMD_PWRMODE_PARM_MODE(u1H2CPwrModeParm, (psmode > 0) ? 1 : 0);
400 	SET_8723B_H2CCMD_PWRMODE_PARM_SMART_PS(u1H2CPwrModeParm, pwrpriv->smart_ps);
401 	SET_8723B_H2CCMD_PWRMODE_PARM_RLBM(u1H2CPwrModeParm, rlbm);
402 	SET_8723B_H2CCMD_PWRMODE_PARM_BCN_PASS_TIME(u1H2CPwrModeParm, awake_intvl);
403 	SET_8723B_H2CCMD_PWRMODE_PARM_ALL_QUEUE_UAPSD(u1H2CPwrModeParm, padapter->registrypriv.uapsd_enable);
404 	SET_8723B_H2CCMD_PWRMODE_PARM_PWR_STATE(u1H2CPwrModeParm, PowerState);
405 	SET_8723B_H2CCMD_PWRMODE_PARM_BYTE5(u1H2CPwrModeParm, byte5);
406 	if (psmode != PS_MODE_ACTIVE) {
407 		if (!pmlmeext->adaptive_tsf_done && pmlmeext->bcn_cnt > 0) {
408 			u8 ratio_20_delay, ratio_80_delay;
409 
410 			/* byte 6 for adaptive_early_32k */
411 			/* 0:3] = DrvBcnEarly  (ms) , [4:7] = DrvBcnTimeOut  (ms) */
412 			/*  20% for DrvBcnEarly, 80% for DrvBcnTimeOut */
413 			ratio_20_delay = 0;
414 			ratio_80_delay = 0;
415 			pmlmeext->DrvBcnEarly = 0xff;
416 			pmlmeext->DrvBcnTimeOut = 0xff;
417 
418 			for (i = 0; i < 9; i++) {
419 				pmlmeext->bcn_delay_ratio[i] = (pmlmeext->bcn_delay_cnt[i]*100)/pmlmeext->bcn_cnt;
420 
421 				ratio_20_delay += pmlmeext->bcn_delay_ratio[i];
422 				ratio_80_delay += pmlmeext->bcn_delay_ratio[i];
423 
424 				if (ratio_20_delay > 20 && pmlmeext->DrvBcnEarly == 0xff)
425 					pmlmeext->DrvBcnEarly = i;
426 
427 				if (ratio_80_delay > 80 && pmlmeext->DrvBcnTimeOut == 0xff)
428 					pmlmeext->DrvBcnTimeOut = i;
429 
430 				/* reset adaptive_early_32k cnt */
431 				pmlmeext->bcn_delay_cnt[i] = 0;
432 				pmlmeext->bcn_delay_ratio[i] = 0;
433 
434 			}
435 
436 			pmlmeext->bcn_cnt = 0;
437 			pmlmeext->adaptive_tsf_done = true;
438 
439 		}
440 
441 /* offload to FW if fw version > v15.10
442 		pmlmeext->DrvBcnEarly = 0;
443 		pmlmeext->DrvBcnTimeOut =7;
444 
445 		if ((pmlmeext->DrvBcnEarly!= 0Xff) && (pmlmeext->DrvBcnTimeOut!= 0xff))
446 			u1H2CPwrModeParm[H2C_PWRMODE_LEN-1] = BIT(0) | ((pmlmeext->DrvBcnEarly<<1)&0x0E) |((pmlmeext->DrvBcnTimeOut<<4)&0xf0) ;
447 */
448 
449 	}
450 
451 	hal_btcoex_RecordPwrMode(padapter, u1H2CPwrModeParm, H2C_PWRMODE_LEN);
452 
453 	FillH2CCmd8723B(padapter, H2C_8723B_SET_PWR_MODE, H2C_PWRMODE_LEN, u1H2CPwrModeParm);
454 }
455 
rtl8723b_set_FwPsTuneParam_cmd(struct adapter * padapter)456 void rtl8723b_set_FwPsTuneParam_cmd(struct adapter *padapter)
457 {
458 	u8 u1H2CPsTuneParm[H2C_PSTUNEPARAM_LEN] = {0};
459 	u8 bcn_to_limit = 10; /* 10 * 100 * awakeinterval (ms) */
460 	u8 dtim_timeout = 5; /* ms wait broadcast data timer */
461 	u8 ps_timeout = 20;  /* ms Keep awake when tx */
462 	u8 dtim_period = 3;
463 
464 	SET_8723B_H2CCMD_PSTUNE_PARM_BCN_TO_LIMIT(u1H2CPsTuneParm, bcn_to_limit);
465 	SET_8723B_H2CCMD_PSTUNE_PARM_DTIM_TIMEOUT(u1H2CPsTuneParm, dtim_timeout);
466 	SET_8723B_H2CCMD_PSTUNE_PARM_PS_TIMEOUT(u1H2CPsTuneParm, ps_timeout);
467 	SET_8723B_H2CCMD_PSTUNE_PARM_ADOPT(u1H2CPsTuneParm, 1);
468 	SET_8723B_H2CCMD_PSTUNE_PARM_DTIM_PERIOD(u1H2CPsTuneParm, dtim_period);
469 
470 	FillH2CCmd8723B(padapter, H2C_8723B_PS_TUNING_PARA, H2C_PSTUNEPARAM_LEN, u1H2CPsTuneParm);
471 }
472 
rtl8723b_set_FwPwrModeInIPS_cmd(struct adapter * padapter,u8 cmd_param)473 void rtl8723b_set_FwPwrModeInIPS_cmd(struct adapter *padapter, u8 cmd_param)
474 {
475 
476 	FillH2CCmd8723B(padapter, H2C_8723B_FWLPS_IN_IPS_, 1, &cmd_param);
477 }
478 
479 /*
480  * Description: Fill the reserved packets that FW will use to RSVD page.
481  * Now we just send 4 types packet to rsvd page.
482  * (1)Beacon, (2)Ps-poll, (3)Null data, (4)ProbeRsp.
483  *
484  * Input:
485  *
486  * bDLFinished - false: At the first time we will send all the packets as
487  * a large packet to Hw, so we need to set the packet length to total length.
488  *
489  * true: At the second time, we should send the first packet (default:beacon)
490  * to Hw again and set the length in descriptor to the real beacon length.
491  */
492 /* 2009.10.15 by tynli. */
rtl8723b_set_FwRsvdPagePkt(struct adapter * padapter,bool bDLFinished)493 static void rtl8723b_set_FwRsvdPagePkt(
494 	struct adapter *padapter, bool bDLFinished
495 )
496 {
497 	struct xmit_frame *pcmdframe;
498 	struct pkt_attrib *pattrib;
499 	struct xmit_priv *pxmitpriv;
500 	struct mlme_ext_priv *pmlmeext;
501 	struct mlme_ext_info *pmlmeinfo;
502 	struct mlme_priv *pmlmepriv = &padapter->mlmepriv;
503 	u32 BeaconLength = 0, PSPollLength = 0;
504 	u32 NullDataLength = 0, QosNullLength = 0, BTQosNullLength = 0;
505 	u8 *ReservedPagePacket;
506 	u8 TxDescLen = TXDESC_SIZE, TxDescOffset = TXDESC_OFFSET;
507 	u8 TotalPageNum = 0, CurtPktPageNum = 0, RsvdPageNum = 0;
508 	u16 BufIndex, PageSize = 128;
509 	u32 TotalPacketLen, MaxRsvdPageBufSize = 0;
510 
511 	struct rsvdpage_loc RsvdPageLoc;
512 
513 	pxmitpriv = &padapter->xmitpriv;
514 	pmlmeext = &padapter->mlmeextpriv;
515 	pmlmeinfo = &pmlmeext->mlmext_info;
516 
517 	RsvdPageNum = BCNQ_PAGE_NUM_8723B + WOWLAN_PAGE_NUM_8723B;
518 	MaxRsvdPageBufSize = RsvdPageNum*PageSize;
519 
520 	pcmdframe = rtw_alloc_cmdxmitframe(pxmitpriv);
521 	if (!pcmdframe)
522 		return;
523 
524 	ReservedPagePacket = pcmdframe->buf_addr;
525 	memset(&RsvdPageLoc, 0, sizeof(struct rsvdpage_loc));
526 
527 	/* 3 (1) beacon */
528 	BufIndex = TxDescOffset;
529 	ConstructBeacon(padapter, &ReservedPagePacket[BufIndex], &BeaconLength);
530 
531 	/*  When we count the first page size, we need to reserve description size for the RSVD */
532 	/*  packet, it will be filled in front of the packet in TXPKTBUF. */
533 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + BeaconLength);
534 	/* If we don't add 1 more page, the WOWLAN function has a problem. Baron thinks it's a bug of firmware */
535 	if (CurtPktPageNum == 1)
536 		CurtPktPageNum += 1;
537 
538 	TotalPageNum += CurtPktPageNum;
539 
540 	BufIndex += (CurtPktPageNum*PageSize);
541 
542 	/* 3 (2) ps-poll */
543 	RsvdPageLoc.LocPsPoll = TotalPageNum;
544 	ConstructPSPoll(padapter, &ReservedPagePacket[BufIndex], &PSPollLength);
545 	rtl8723b_fill_fake_txdesc(padapter, &ReservedPagePacket[BufIndex-TxDescLen], PSPollLength, true, false, false);
546 
547 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + PSPollLength);
548 
549 	TotalPageNum += CurtPktPageNum;
550 
551 	BufIndex += (CurtPktPageNum*PageSize);
552 
553 	/* 3 (3) null data */
554 	RsvdPageLoc.LocNullData = TotalPageNum;
555 	ConstructNullFunctionData(
556 		padapter,
557 		&ReservedPagePacket[BufIndex],
558 		&NullDataLength,
559 		get_my_bssid(&pmlmeinfo->network),
560 		false, 0, 0, false
561 	);
562 	rtl8723b_fill_fake_txdesc(padapter, &ReservedPagePacket[BufIndex-TxDescLen], NullDataLength, false, false, false);
563 
564 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + NullDataLength);
565 
566 	TotalPageNum += CurtPktPageNum;
567 
568 	BufIndex += (CurtPktPageNum*PageSize);
569 
570 	/* 3 (5) Qos null data */
571 	RsvdPageLoc.LocQosNull = TotalPageNum;
572 	ConstructNullFunctionData(
573 		padapter,
574 		&ReservedPagePacket[BufIndex],
575 		&QosNullLength,
576 		get_my_bssid(&pmlmeinfo->network),
577 		true, 0, 0, false
578 	);
579 	rtl8723b_fill_fake_txdesc(padapter, &ReservedPagePacket[BufIndex-TxDescLen], QosNullLength, false, false, false);
580 
581 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + QosNullLength);
582 
583 	TotalPageNum += CurtPktPageNum;
584 
585 	BufIndex += (CurtPktPageNum*PageSize);
586 
587 	/* 3 (6) BT Qos null data */
588 	RsvdPageLoc.LocBTQosNull = TotalPageNum;
589 	ConstructNullFunctionData(
590 		padapter,
591 		&ReservedPagePacket[BufIndex],
592 		&BTQosNullLength,
593 		get_my_bssid(&pmlmeinfo->network),
594 		true, 0, 0, false
595 	);
596 	rtl8723b_fill_fake_txdesc(padapter, &ReservedPagePacket[BufIndex-TxDescLen], BTQosNullLength, false, true, false);
597 
598 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + BTQosNullLength);
599 
600 	TotalPageNum += CurtPktPageNum;
601 
602 	BufIndex += (CurtPktPageNum*PageSize);
603 
604 	TotalPacketLen = BufIndex + BTQosNullLength;
605 
606 	if (TotalPacketLen > MaxRsvdPageBufSize) {
607 		goto error;
608 	} else {
609 		/*  update attribute */
610 		pattrib = &pcmdframe->attrib;
611 		update_mgntframe_attrib(padapter, pattrib);
612 		pattrib->qsel = 0x10;
613 		pattrib->pktlen = pattrib->last_txcmdsz = TotalPacketLen - TxDescOffset;
614 		dump_mgntframe_and_wait(padapter, pcmdframe, 100);
615 	}
616 
617 	if (check_fwstate(pmlmepriv, _FW_LINKED)) {
618 		rtl8723b_set_FwRsvdPage_cmd(padapter, &RsvdPageLoc);
619 		rtl8723b_set_FwAoacRsvdPage_cmd(padapter, &RsvdPageLoc);
620 	} else {
621 		rtl8723b_set_FwAoacRsvdPage_cmd(padapter, &RsvdPageLoc);
622 	}
623 	return;
624 
625 error:
626 
627 	rtw_free_xmitframe(pxmitpriv, pcmdframe);
628 }
629 
rtl8723b_download_rsvd_page(struct adapter * padapter,u8 mstatus)630 void rtl8723b_download_rsvd_page(struct adapter *padapter, u8 mstatus)
631 {
632 	struct hal_com_data	*pHalData = GET_HAL_DATA(padapter);
633 	struct mlme_ext_priv *pmlmeext = &(padapter->mlmeextpriv);
634 	struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
635 	bool bcn_valid = false;
636 	u8 DLBcnCount = 0;
637 	u32 poll = 0;
638 	u8 val8;
639 
640 	if (mstatus == RT_MEDIA_CONNECT) {
641 		bool bRecover = false;
642 		u8 v8;
643 
644 		/*  We should set AID, correct TSF, HW seq enable before set JoinBssReport to Fw in 88/92C. */
645 		/*  Suggested by filen. Added by tynli. */
646 		rtw_write16(padapter, REG_BCN_PSR_RPT, (0xC000|pmlmeinfo->aid));
647 
648 		/*  set REG_CR bit 8 */
649 		v8 = rtw_read8(padapter, REG_CR+1);
650 		v8 |= BIT(0); /*  ENSWBCN */
651 		rtw_write8(padapter, REG_CR+1, v8);
652 
653 		/*  Disable Hw protection for a time which revserd for Hw sending beacon. */
654 		/*  Fix download reserved page packet fail that access collision with the protection time. */
655 		/*  2010.05.11. Added by tynli. */
656 		val8 = rtw_read8(padapter, REG_BCN_CTRL);
657 		val8 &= ~EN_BCN_FUNCTION;
658 		val8 |= DIS_TSF_UDT;
659 		rtw_write8(padapter, REG_BCN_CTRL, val8);
660 
661 		/*  Set FWHW_TXQ_CTRL 0x422[6]= 0 to tell Hw the packet is not a real beacon frame. */
662 		if (pHalData->RegFwHwTxQCtrl & BIT(6))
663 			bRecover = true;
664 
665 		/*  To tell Hw the packet is not a real beacon frame. */
666 		rtw_write8(padapter, REG_FWHW_TXQ_CTRL+2, pHalData->RegFwHwTxQCtrl & ~BIT(6));
667 		pHalData->RegFwHwTxQCtrl &= ~BIT(6);
668 
669 		/*  Clear beacon valid check bit. */
670 		rtw_hal_set_hwreg(padapter, HW_VAR_BCN_VALID, NULL);
671 		rtw_hal_set_hwreg(padapter, HW_VAR_DL_BCN_SEL, NULL);
672 
673 		DLBcnCount = 0;
674 		poll = 0;
675 		do {
676 			/*  download rsvd page. */
677 			rtl8723b_set_FwRsvdPagePkt(padapter, 0);
678 			DLBcnCount++;
679 			do {
680 				yield();
681 				/* mdelay(10); */
682 				/*  check rsvd page download OK. */
683 				rtw_hal_get_hwreg(padapter, HW_VAR_BCN_VALID, (u8 *)(&bcn_valid));
684 				poll++;
685 			} while (!bcn_valid && (poll%10) != 0 && !padapter->bSurpriseRemoved && !padapter->bDriverStopped);
686 
687 		} while (!bcn_valid && DLBcnCount <= 100 && !padapter->bSurpriseRemoved && !padapter->bDriverStopped);
688 
689 		if (padapter->bSurpriseRemoved || padapter->bDriverStopped) {
690 		} else {
691 			struct pwrctrl_priv *pwrctl = adapter_to_pwrctl(padapter);
692 			pwrctl->fw_psmode_iface_id = padapter->iface_id;
693 		}
694 
695 		/*  2010.05.11. Added by tynli. */
696 		val8 = rtw_read8(padapter, REG_BCN_CTRL);
697 		val8 |= EN_BCN_FUNCTION;
698 		val8 &= ~DIS_TSF_UDT;
699 		rtw_write8(padapter, REG_BCN_CTRL, val8);
700 
701 		/*  To make sure that if there exists an adapter which would like to send beacon. */
702 		/*  If exists, the original value of 0x422[6] will be 1, we should check this to */
703 		/*  prevent from setting 0x422[6] to 0 after download reserved page, or it will cause */
704 		/*  the beacon cannot be sent by HW. */
705 		/*  2010.06.23. Added by tynli. */
706 		if (bRecover) {
707 			rtw_write8(padapter, REG_FWHW_TXQ_CTRL+2, pHalData->RegFwHwTxQCtrl | BIT(6));
708 			pHalData->RegFwHwTxQCtrl |= BIT(6);
709 		}
710 
711 		/*  Clear CR[8] or beacon packet will not be send to TxBuf anymore. */
712 		v8 = rtw_read8(padapter, REG_CR+1);
713 		v8 &= ~BIT(0); /*  ~ENSWBCN */
714 		rtw_write8(padapter, REG_CR+1, v8);
715 	}
716 }
717 
rtl8723b_set_FwJoinBssRpt_cmd(struct adapter * padapter,u8 mstatus)718 void rtl8723b_set_FwJoinBssRpt_cmd(struct adapter *padapter, u8 mstatus)
719 {
720 	if (mstatus == 1)
721 		rtl8723b_download_rsvd_page(padapter, RT_MEDIA_CONNECT);
722 }
723 
724 /* arg[0] = macid */
725 /* arg[1] = raid */
726 /* arg[2] = shortGIrate */
727 /* arg[3] = init_rate */
rtl8723b_Add_RateATid(struct adapter * padapter,u32 bitmap,u8 * arg,u8 rssi_level)728 void rtl8723b_Add_RateATid(
729 	struct adapter *padapter,
730 	u32 bitmap,
731 	u8 *arg,
732 	u8 rssi_level
733 )
734 {
735 	struct hal_com_data	*pHalData = GET_HAL_DATA(padapter);
736 	struct mlme_ext_priv *pmlmeext = &padapter->mlmeextpriv;
737 	struct mlme_ext_info *pmlmeinfo = &(pmlmeext->mlmext_info);
738 	struct sta_info *psta;
739 	u8 mac_id = arg[0];
740 	u8 raid = arg[1];
741 	u8 shortGI = arg[2];
742 	u8 bw;
743 	u32 mask = bitmap&0x0FFFFFFF;
744 
745 	psta = pmlmeinfo->FW_sta_info[mac_id].psta;
746 	if (!psta)
747 		return;
748 
749 	bw = psta->bw_mode;
750 
751 	if (rssi_level != DM_RATR_STA_INIT)
752 		mask = ODM_Get_Rate_Bitmap(&pHalData->odmpriv, mac_id, mask, rssi_level);
753 
754 	rtl8723b_set_FwMacIdConfig_cmd(padapter, mac_id, raid, bw, shortGI, mask);
755 }
756 
ConstructBtNullFunctionData(struct adapter * padapter,u8 * pframe,u32 * pLength,u8 * StaAddr,u8 bQoS,u8 AC,u8 bEosp,u8 bForcePowerSave)757 static void ConstructBtNullFunctionData(
758 	struct adapter *padapter,
759 	u8 *pframe,
760 	u32 *pLength,
761 	u8 *StaAddr,
762 	u8 bQoS,
763 	u8 AC,
764 	u8 bEosp,
765 	u8 bForcePowerSave
766 )
767 {
768 	struct ieee80211_hdr *pwlanhdr;
769 	__le16 *fctrl;
770 	u32 pktlen;
771 	u8 bssid[ETH_ALEN];
772 
773 	pwlanhdr = (struct ieee80211_hdr *)pframe;
774 
775 	if (!StaAddr) {
776 		memcpy(bssid, myid(&padapter->eeprompriv), ETH_ALEN);
777 		StaAddr = bssid;
778 	}
779 
780 	fctrl = &pwlanhdr->frame_control;
781 	*fctrl = 0;
782 	if (bForcePowerSave)
783 		SetPwrMgt(fctrl);
784 
785 	SetFrDs(fctrl);
786 	memcpy(pwlanhdr->addr1, StaAddr, ETH_ALEN);
787 	memcpy(pwlanhdr->addr2, myid(&padapter->eeprompriv), ETH_ALEN);
788 	memcpy(pwlanhdr->addr3, myid(&padapter->eeprompriv), ETH_ALEN);
789 
790 	SetDuration(pwlanhdr, 0);
791 	SetSeqNum(pwlanhdr, 0);
792 
793 	if (bQoS) {
794 		struct ieee80211_qos_hdr *pwlanqoshdr;
795 
796 		SetFrameSubType(pframe, WIFI_QOS_DATA_NULL);
797 
798 		pwlanqoshdr = (struct ieee80211_qos_hdr *)pframe;
799 		SetPriority(&pwlanqoshdr->qos_ctrl, AC);
800 		SetEOSP(&pwlanqoshdr->qos_ctrl, bEosp);
801 
802 		pktlen = sizeof(struct ieee80211_qos_hdr);
803 	} else {
804 		SetFrameSubType(pframe, WIFI_DATA_NULL);
805 
806 		pktlen = sizeof(struct ieee80211_hdr_3addr);
807 	}
808 
809 	*pLength = pktlen;
810 }
811 
SetFwRsvdPagePkt_BTCoex(struct adapter * padapter)812 static void SetFwRsvdPagePkt_BTCoex(struct adapter *padapter)
813 {
814 	struct xmit_frame *pcmdframe;
815 	struct pkt_attrib *pattrib;
816 	struct xmit_priv *pxmitpriv;
817 	u32 BeaconLength = 0;
818 	u32 BTQosNullLength = 0;
819 	u8 *ReservedPagePacket;
820 	u8 TxDescLen, TxDescOffset;
821 	u8 TotalPageNum = 0, CurtPktPageNum = 0, RsvdPageNum = 0;
822 	u16 BufIndex, PageSize;
823 	u32 TotalPacketLen, MaxRsvdPageBufSize = 0;
824 	struct rsvdpage_loc RsvdPageLoc;
825 
826 	pxmitpriv = &padapter->xmitpriv;
827 	TxDescLen = TXDESC_SIZE;
828 	TxDescOffset = TXDESC_OFFSET;
829 	PageSize = PAGE_SIZE_TX_8723B;
830 
831 	RsvdPageNum = BCNQ_PAGE_NUM_8723B;
832 	MaxRsvdPageBufSize = RsvdPageNum*PageSize;
833 
834 	pcmdframe = rtw_alloc_cmdxmitframe(pxmitpriv);
835 	if (!pcmdframe)
836 		return;
837 
838 	ReservedPagePacket = pcmdframe->buf_addr;
839 	memset(&RsvdPageLoc, 0, sizeof(struct rsvdpage_loc));
840 
841 	/* 3 (1) beacon */
842 	BufIndex = TxDescOffset;
843 	ConstructBeacon(padapter, &ReservedPagePacket[BufIndex], &BeaconLength);
844 
845 	/*  When we count the first page size, we need to reserve description size for the RSVD */
846 	/*  packet, it will be filled in front of the packet in TXPKTBUF. */
847 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + BeaconLength);
848 	/* If we don't add 1 more page, the WOWLAN function has a problem. Baron thinks it's a bug of firmware */
849 	if (CurtPktPageNum == 1)
850 		CurtPktPageNum += 1;
851 	TotalPageNum += CurtPktPageNum;
852 
853 	BufIndex += (CurtPktPageNum*PageSize);
854 
855 	/*  Jump to lastest page */
856 	if (BufIndex < (MaxRsvdPageBufSize - PageSize)) {
857 		BufIndex = TxDescOffset + (MaxRsvdPageBufSize - PageSize);
858 		TotalPageNum = BCNQ_PAGE_NUM_8723B - 1;
859 	}
860 
861 	/* 3 (6) BT Qos null data */
862 	RsvdPageLoc.LocBTQosNull = TotalPageNum;
863 	ConstructBtNullFunctionData(
864 		padapter,
865 		&ReservedPagePacket[BufIndex],
866 		&BTQosNullLength,
867 		NULL,
868 		true, 0, 0, false
869 	);
870 	rtl8723b_fill_fake_txdesc(padapter, &ReservedPagePacket[BufIndex-TxDescLen], BTQosNullLength, false, true, false);
871 
872 	CurtPktPageNum = (u8)PageNum_128(TxDescLen + BTQosNullLength);
873 
874 	TotalPageNum += CurtPktPageNum;
875 
876 	TotalPacketLen = BufIndex + BTQosNullLength;
877 	if (TotalPacketLen > MaxRsvdPageBufSize)
878 		goto error;
879 
880 	/*  update attribute */
881 	pattrib = &pcmdframe->attrib;
882 	update_mgntframe_attrib(padapter, pattrib);
883 	pattrib->qsel = 0x10;
884 	pattrib->pktlen = pattrib->last_txcmdsz = TotalPacketLen - TxDescOffset;
885 	dump_mgntframe_and_wait(padapter, pcmdframe, 100);
886 
887 	rtl8723b_set_FwRsvdPage_cmd(padapter, &RsvdPageLoc);
888 	rtl8723b_set_FwAoacRsvdPage_cmd(padapter, &RsvdPageLoc);
889 
890 	return;
891 
892 error:
893 	rtw_free_xmitframe(pxmitpriv, pcmdframe);
894 }
895 
rtl8723b_download_BTCoex_AP_mode_rsvd_page(struct adapter * padapter)896 void rtl8723b_download_BTCoex_AP_mode_rsvd_page(struct adapter *padapter)
897 {
898 	struct hal_com_data *pHalData;
899 	struct mlme_ext_priv *pmlmeext;
900 	struct mlme_ext_info *pmlmeinfo;
901 	u8 bRecover = false;
902 	u8 bcn_valid = false;
903 	u8 DLBcnCount = 0;
904 	u32 poll = 0;
905 	u8 val8;
906 
907 	pHalData = GET_HAL_DATA(padapter);
908 	pmlmeext = &padapter->mlmeextpriv;
909 	pmlmeinfo = &pmlmeext->mlmext_info;
910 
911 	/*  We should set AID, correct TSF, HW seq enable before set JoinBssReport to Fw in 88/92C. */
912 	/*  Suggested by filen. Added by tynli. */
913 	rtw_write16(padapter, REG_BCN_PSR_RPT, (0xC000|pmlmeinfo->aid));
914 
915 	/*  set REG_CR bit 8 */
916 	val8 = rtw_read8(padapter, REG_CR+1);
917 	val8 |= BIT(0); /*  ENSWBCN */
918 	rtw_write8(padapter,  REG_CR+1, val8);
919 
920 	/*  Disable Hw protection for a time which revserd for Hw sending beacon. */
921 	/*  Fix download reserved page packet fail that access collision with the protection time. */
922 	/*  2010.05.11. Added by tynli. */
923 	val8 = rtw_read8(padapter, REG_BCN_CTRL);
924 	val8 &= ~EN_BCN_FUNCTION;
925 	val8 |= DIS_TSF_UDT;
926 	rtw_write8(padapter, REG_BCN_CTRL, val8);
927 
928 	/*  Set FWHW_TXQ_CTRL 0x422[6]= 0 to tell Hw the packet is not a real beacon frame. */
929 	if (pHalData->RegFwHwTxQCtrl & BIT(6))
930 		bRecover = true;
931 
932 	/*  To tell Hw the packet is not a real beacon frame. */
933 	pHalData->RegFwHwTxQCtrl &= ~BIT(6);
934 	rtw_write8(padapter, REG_FWHW_TXQ_CTRL+2, pHalData->RegFwHwTxQCtrl);
935 
936 	/*  Clear beacon valid check bit. */
937 	rtw_hal_set_hwreg(padapter, HW_VAR_BCN_VALID, NULL);
938 	rtw_hal_set_hwreg(padapter, HW_VAR_DL_BCN_SEL, NULL);
939 
940 	DLBcnCount = 0;
941 	poll = 0;
942 	do {
943 		SetFwRsvdPagePkt_BTCoex(padapter);
944 		DLBcnCount++;
945 		do {
946 			yield();
947 /* 			mdelay(10); */
948 			/*  check rsvd page download OK. */
949 			rtw_hal_get_hwreg(padapter, HW_VAR_BCN_VALID, &bcn_valid);
950 			poll++;
951 		} while (!bcn_valid && (poll%10) != 0 && !padapter->bSurpriseRemoved && !padapter->bDriverStopped);
952 	} while (!bcn_valid && (DLBcnCount <= 100) && !padapter->bSurpriseRemoved && !padapter->bDriverStopped);
953 
954 	if (bcn_valid) {
955 		struct pwrctrl_priv *pwrctl = adapter_to_pwrctl(padapter);
956 		pwrctl->fw_psmode_iface_id = padapter->iface_id;
957 	}
958 
959 	/*  2010.05.11. Added by tynli. */
960 	val8 = rtw_read8(padapter, REG_BCN_CTRL);
961 	val8 |= EN_BCN_FUNCTION;
962 	val8 &= ~DIS_TSF_UDT;
963 	rtw_write8(padapter, REG_BCN_CTRL, val8);
964 
965 	/*  To make sure that if there exists an adapter which would like to send beacon. */
966 	/*  If exists, the original value of 0x422[6] will be 1, we should check this to */
967 	/*  prevent from setting 0x422[6] to 0 after download reserved page, or it will cause */
968 	/*  the beacon cannot be sent by HW. */
969 	/*  2010.06.23. Added by tynli. */
970 	if (bRecover) {
971 		pHalData->RegFwHwTxQCtrl |= BIT(6);
972 		rtw_write8(padapter, REG_FWHW_TXQ_CTRL+2, pHalData->RegFwHwTxQCtrl);
973 	}
974 
975 	/*  Clear CR[8] or beacon packet will not be send to TxBuf anymore. */
976 	val8 = rtw_read8(padapter, REG_CR+1);
977 	val8 &= ~BIT(0); /*  ~ENSWBCN */
978 	rtw_write8(padapter, REG_CR+1, val8);
979 }
980