1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <m@bues.ch> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 Copyright (c) 2010-2011 RafaÅ MiÅecki <zajec5@gmail.com> 11 12 SDIO support 13 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 14 15 Some parts of the code in this file are derived from the ipw2200 16 driver Copyright(c) 2003 - 2004 Intel Corporation. 17 18 This program is free software; you can redistribute it and/or modify 19 it under the terms of the GNU General Public License as published by 20 the Free Software Foundation; either version 2 of the License, or 21 (at your option) any later version. 22 23 This program is distributed in the hope that it will be useful, 24 but WITHOUT ANY WARRANTY; without even the implied warranty of 25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 26 GNU General Public License for more details. 27 28 You should have received a copy of the GNU General Public License 29 along with this program; see the file COPYING. If not, write to 30 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 31 Boston, MA 02110-1301, USA. 32 33*/ 34 35#include <linux/delay.h> 36#include <linux/init.h> 37#include <linux/module.h> 38#include <linux/if_arp.h> 39#include <linux/etherdevice.h> 40#include <linux/firmware.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <linux/slab.h> 46#include <asm/unaligned.h> 47 48#include "b43.h" 49#include "main.h" 50#include "debugfs.h" 51#include "phy_common.h" 52#include "phy_g.h" 53#include "phy_n.h" 54#include "dma.h" 55#include "pio.h" 56#include "sysfs.h" 57#include "xmit.h" 58#include "lo.h" 59#include "pcmcia.h" 60#include "sdio.h" 61#include <linux/mmc/sdio_func.h> 62 63MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 64MODULE_AUTHOR("Martin Langer"); 65MODULE_AUTHOR("Stefano Brivio"); 66MODULE_AUTHOR("Michael Buesch"); 67MODULE_AUTHOR("Gábor Stefanik"); 68MODULE_AUTHOR("RafaÅ MiÅecki"); 69MODULE_LICENSE("GPL"); 70 71MODULE_FIRMWARE("b43/ucode11.fw"); 72MODULE_FIRMWARE("b43/ucode13.fw"); 73MODULE_FIRMWARE("b43/ucode14.fw"); 74MODULE_FIRMWARE("b43/ucode15.fw"); 75MODULE_FIRMWARE("b43/ucode16_mimo.fw"); 76MODULE_FIRMWARE("b43/ucode5.fw"); 77MODULE_FIRMWARE("b43/ucode9.fw"); 78 79static int modparam_bad_frames_preempt; 80module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 81MODULE_PARM_DESC(bad_frames_preempt, 82 "enable(1) / disable(0) Bad Frames Preemption"); 83 84static char modparam_fwpostfix[16]; 85module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 86MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 87 88static int modparam_hwpctl; 89module_param_named(hwpctl, modparam_hwpctl, int, 0444); 90MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 91 92static int modparam_nohwcrypt; 93module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 94MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 95 96static int modparam_hwtkip; 97module_param_named(hwtkip, modparam_hwtkip, int, 0444); 98MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 99 100static int modparam_qos = 1; 101module_param_named(qos, modparam_qos, int, 0444); 102MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 103 104static int modparam_btcoex = 1; 105module_param_named(btcoex, modparam_btcoex, int, 0444); 106MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 107 108int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 109module_param_named(verbose, b43_modparam_verbose, int, 0644); 110MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 111 112static int b43_modparam_pio = 0; 113module_param_named(pio, b43_modparam_pio, int, 0644); 114MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO"); 115 116#ifdef CONFIG_B43_BCMA 117static const struct bcma_device_id b43_bcma_tbl[] = { 118 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x11, BCMA_ANY_CLASS), 119#ifdef CONFIG_B43_BCMA_EXTRA 120 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS), 121 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS), 122#endif 123 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS), 124 BCMA_CORETABLE_END 125}; 126MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl); 127#endif 128 129#ifdef CONFIG_B43_SSB 130static const struct ssb_device_id b43_ssb_tbl[] = { 131 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 132 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 133 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 134 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 135 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 136 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 137 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12), 138 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 139 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 140 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 141 SSB_DEVTABLE_END 142}; 143MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 144#endif 145 146/* Channel and ratetables are shared for all devices. 147 * They can't be const, because ieee80211 puts some precalculated 148 * data in there. This data is the same for all devices, so we don't 149 * get concurrency issues */ 150#define RATETAB_ENT(_rateid, _flags) \ 151 { \ 152 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 153 .hw_value = (_rateid), \ 154 .flags = (_flags), \ 155 } 156 157/* 158 * NOTE: When changing this, sync with xmit.c's 159 * b43_plcp_get_bitrate_idx_* functions! 160 */ 161static struct ieee80211_rate __b43_ratetable[] = { 162 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 163 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 164 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 165 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 166 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 167 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 168 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 169 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 170 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 171 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 172 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 173 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 174}; 175 176#define b43_a_ratetable (__b43_ratetable + 4) 177#define b43_a_ratetable_size 8 178#define b43_b_ratetable (__b43_ratetable + 0) 179#define b43_b_ratetable_size 4 180#define b43_g_ratetable (__b43_ratetable + 0) 181#define b43_g_ratetable_size 12 182 183#define CHAN4G(_channel, _freq, _flags) { \ 184 .band = IEEE80211_BAND_2GHZ, \ 185 .center_freq = (_freq), \ 186 .hw_value = (_channel), \ 187 .flags = (_flags), \ 188 .max_antenna_gain = 0, \ 189 .max_power = 30, \ 190} 191static struct ieee80211_channel b43_2ghz_chantable[] = { 192 CHAN4G(1, 2412, 0), 193 CHAN4G(2, 2417, 0), 194 CHAN4G(3, 2422, 0), 195 CHAN4G(4, 2427, 0), 196 CHAN4G(5, 2432, 0), 197 CHAN4G(6, 2437, 0), 198 CHAN4G(7, 2442, 0), 199 CHAN4G(8, 2447, 0), 200 CHAN4G(9, 2452, 0), 201 CHAN4G(10, 2457, 0), 202 CHAN4G(11, 2462, 0), 203 CHAN4G(12, 2467, 0), 204 CHAN4G(13, 2472, 0), 205 CHAN4G(14, 2484, 0), 206}; 207#undef CHAN4G 208 209#define CHAN5G(_channel, _flags) { \ 210 .band = IEEE80211_BAND_5GHZ, \ 211 .center_freq = 5000 + (5 * (_channel)), \ 212 .hw_value = (_channel), \ 213 .flags = (_flags), \ 214 .max_antenna_gain = 0, \ 215 .max_power = 30, \ 216} 217static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 218 CHAN5G(32, 0), CHAN5G(34, 0), 219 CHAN5G(36, 0), CHAN5G(38, 0), 220 CHAN5G(40, 0), CHAN5G(42, 0), 221 CHAN5G(44, 0), CHAN5G(46, 0), 222 CHAN5G(48, 0), CHAN5G(50, 0), 223 CHAN5G(52, 0), CHAN5G(54, 0), 224 CHAN5G(56, 0), CHAN5G(58, 0), 225 CHAN5G(60, 0), CHAN5G(62, 0), 226 CHAN5G(64, 0), CHAN5G(66, 0), 227 CHAN5G(68, 0), CHAN5G(70, 0), 228 CHAN5G(72, 0), CHAN5G(74, 0), 229 CHAN5G(76, 0), CHAN5G(78, 0), 230 CHAN5G(80, 0), CHAN5G(82, 0), 231 CHAN5G(84, 0), CHAN5G(86, 0), 232 CHAN5G(88, 0), CHAN5G(90, 0), 233 CHAN5G(92, 0), CHAN5G(94, 0), 234 CHAN5G(96, 0), CHAN5G(98, 0), 235 CHAN5G(100, 0), CHAN5G(102, 0), 236 CHAN5G(104, 0), CHAN5G(106, 0), 237 CHAN5G(108, 0), CHAN5G(110, 0), 238 CHAN5G(112, 0), CHAN5G(114, 0), 239 CHAN5G(116, 0), CHAN5G(118, 0), 240 CHAN5G(120, 0), CHAN5G(122, 0), 241 CHAN5G(124, 0), CHAN5G(126, 0), 242 CHAN5G(128, 0), CHAN5G(130, 0), 243 CHAN5G(132, 0), CHAN5G(134, 0), 244 CHAN5G(136, 0), CHAN5G(138, 0), 245 CHAN5G(140, 0), CHAN5G(142, 0), 246 CHAN5G(144, 0), CHAN5G(145, 0), 247 CHAN5G(146, 0), CHAN5G(147, 0), 248 CHAN5G(148, 0), CHAN5G(149, 0), 249 CHAN5G(150, 0), CHAN5G(151, 0), 250 CHAN5G(152, 0), CHAN5G(153, 0), 251 CHAN5G(154, 0), CHAN5G(155, 0), 252 CHAN5G(156, 0), CHAN5G(157, 0), 253 CHAN5G(158, 0), CHAN5G(159, 0), 254 CHAN5G(160, 0), CHAN5G(161, 0), 255 CHAN5G(162, 0), CHAN5G(163, 0), 256 CHAN5G(164, 0), CHAN5G(165, 0), 257 CHAN5G(166, 0), CHAN5G(168, 0), 258 CHAN5G(170, 0), CHAN5G(172, 0), 259 CHAN5G(174, 0), CHAN5G(176, 0), 260 CHAN5G(178, 0), CHAN5G(180, 0), 261 CHAN5G(182, 0), CHAN5G(184, 0), 262 CHAN5G(186, 0), CHAN5G(188, 0), 263 CHAN5G(190, 0), CHAN5G(192, 0), 264 CHAN5G(194, 0), CHAN5G(196, 0), 265 CHAN5G(198, 0), CHAN5G(200, 0), 266 CHAN5G(202, 0), CHAN5G(204, 0), 267 CHAN5G(206, 0), CHAN5G(208, 0), 268 CHAN5G(210, 0), CHAN5G(212, 0), 269 CHAN5G(214, 0), CHAN5G(216, 0), 270 CHAN5G(218, 0), CHAN5G(220, 0), 271 CHAN5G(222, 0), CHAN5G(224, 0), 272 CHAN5G(226, 0), CHAN5G(228, 0), 273}; 274 275static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 276 CHAN5G(34, 0), CHAN5G(36, 0), 277 CHAN5G(38, 0), CHAN5G(40, 0), 278 CHAN5G(42, 0), CHAN5G(44, 0), 279 CHAN5G(46, 0), CHAN5G(48, 0), 280 CHAN5G(52, 0), CHAN5G(56, 0), 281 CHAN5G(60, 0), CHAN5G(64, 0), 282 CHAN5G(100, 0), CHAN5G(104, 0), 283 CHAN5G(108, 0), CHAN5G(112, 0), 284 CHAN5G(116, 0), CHAN5G(120, 0), 285 CHAN5G(124, 0), CHAN5G(128, 0), 286 CHAN5G(132, 0), CHAN5G(136, 0), 287 CHAN5G(140, 0), CHAN5G(149, 0), 288 CHAN5G(153, 0), CHAN5G(157, 0), 289 CHAN5G(161, 0), CHAN5G(165, 0), 290 CHAN5G(184, 0), CHAN5G(188, 0), 291 CHAN5G(192, 0), CHAN5G(196, 0), 292 CHAN5G(200, 0), CHAN5G(204, 0), 293 CHAN5G(208, 0), CHAN5G(212, 0), 294 CHAN5G(216, 0), 295}; 296#undef CHAN5G 297 298static struct ieee80211_supported_band b43_band_5GHz_nphy = { 299 .band = IEEE80211_BAND_5GHZ, 300 .channels = b43_5ghz_nphy_chantable, 301 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 302 .bitrates = b43_a_ratetable, 303 .n_bitrates = b43_a_ratetable_size, 304}; 305 306static struct ieee80211_supported_band b43_band_5GHz_aphy = { 307 .band = IEEE80211_BAND_5GHZ, 308 .channels = b43_5ghz_aphy_chantable, 309 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 310 .bitrates = b43_a_ratetable, 311 .n_bitrates = b43_a_ratetable_size, 312}; 313 314static struct ieee80211_supported_band b43_band_2GHz = { 315 .band = IEEE80211_BAND_2GHZ, 316 .channels = b43_2ghz_chantable, 317 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 318 .bitrates = b43_g_ratetable, 319 .n_bitrates = b43_g_ratetable_size, 320}; 321 322static void b43_wireless_core_exit(struct b43_wldev *dev); 323static int b43_wireless_core_init(struct b43_wldev *dev); 324static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 325static int b43_wireless_core_start(struct b43_wldev *dev); 326static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 327 struct ieee80211_vif *vif, 328 struct ieee80211_bss_conf *conf, 329 u32 changed); 330 331static int b43_ratelimit(struct b43_wl *wl) 332{ 333 if (!wl || !wl->current_dev) 334 return 1; 335 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 336 return 1; 337 /* We are up and running. 338 * Ratelimit the messages to avoid DoS over the net. */ 339 return net_ratelimit(); 340} 341 342void b43info(struct b43_wl *wl, const char *fmt, ...) 343{ 344 struct va_format vaf; 345 va_list args; 346 347 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 348 return; 349 if (!b43_ratelimit(wl)) 350 return; 351 352 va_start(args, fmt); 353 354 vaf.fmt = fmt; 355 vaf.va = &args; 356 357 printk(KERN_INFO "b43-%s: %pV", 358 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 359 360 va_end(args); 361} 362 363void b43err(struct b43_wl *wl, const char *fmt, ...) 364{ 365 struct va_format vaf; 366 va_list args; 367 368 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 369 return; 370 if (!b43_ratelimit(wl)) 371 return; 372 373 va_start(args, fmt); 374 375 vaf.fmt = fmt; 376 vaf.va = &args; 377 378 printk(KERN_ERR "b43-%s ERROR: %pV", 379 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 380 381 va_end(args); 382} 383 384void b43warn(struct b43_wl *wl, const char *fmt, ...) 385{ 386 struct va_format vaf; 387 va_list args; 388 389 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 390 return; 391 if (!b43_ratelimit(wl)) 392 return; 393 394 va_start(args, fmt); 395 396 vaf.fmt = fmt; 397 vaf.va = &args; 398 399 printk(KERN_WARNING "b43-%s warning: %pV", 400 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 401 402 va_end(args); 403} 404 405void b43dbg(struct b43_wl *wl, const char *fmt, ...) 406{ 407 struct va_format vaf; 408 va_list args; 409 410 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 411 return; 412 413 va_start(args, fmt); 414 415 vaf.fmt = fmt; 416 vaf.va = &args; 417 418 printk(KERN_DEBUG "b43-%s debug: %pV", 419 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 420 421 va_end(args); 422} 423 424static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 425{ 426 u32 macctl; 427 428 B43_WARN_ON(offset % 4 != 0); 429 430 macctl = b43_read32(dev, B43_MMIO_MACCTL); 431 if (macctl & B43_MACCTL_BE) 432 val = swab32(val); 433 434 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 435 mmiowb(); 436 b43_write32(dev, B43_MMIO_RAM_DATA, val); 437} 438 439static inline void b43_shm_control_word(struct b43_wldev *dev, 440 u16 routing, u16 offset) 441{ 442 u32 control; 443 444 /* "offset" is the WORD offset. */ 445 control = routing; 446 control <<= 16; 447 control |= offset; 448 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 449} 450 451u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 452{ 453 u32 ret; 454 455 if (routing == B43_SHM_SHARED) { 456 B43_WARN_ON(offset & 0x0001); 457 if (offset & 0x0003) { 458 /* Unaligned access */ 459 b43_shm_control_word(dev, routing, offset >> 2); 460 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 461 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 462 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 463 464 goto out; 465 } 466 offset >>= 2; 467 } 468 b43_shm_control_word(dev, routing, offset); 469 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 470out: 471 return ret; 472} 473 474u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 475{ 476 u16 ret; 477 478 if (routing == B43_SHM_SHARED) { 479 B43_WARN_ON(offset & 0x0001); 480 if (offset & 0x0003) { 481 /* Unaligned access */ 482 b43_shm_control_word(dev, routing, offset >> 2); 483 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 484 485 goto out; 486 } 487 offset >>= 2; 488 } 489 b43_shm_control_word(dev, routing, offset); 490 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 491out: 492 return ret; 493} 494 495void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 496{ 497 if (routing == B43_SHM_SHARED) { 498 B43_WARN_ON(offset & 0x0001); 499 if (offset & 0x0003) { 500 /* Unaligned access */ 501 b43_shm_control_word(dev, routing, offset >> 2); 502 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 503 value & 0xFFFF); 504 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 505 b43_write16(dev, B43_MMIO_SHM_DATA, 506 (value >> 16) & 0xFFFF); 507 return; 508 } 509 offset >>= 2; 510 } 511 b43_shm_control_word(dev, routing, offset); 512 b43_write32(dev, B43_MMIO_SHM_DATA, value); 513} 514 515void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 516{ 517 if (routing == B43_SHM_SHARED) { 518 B43_WARN_ON(offset & 0x0001); 519 if (offset & 0x0003) { 520 /* Unaligned access */ 521 b43_shm_control_word(dev, routing, offset >> 2); 522 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 523 return; 524 } 525 offset >>= 2; 526 } 527 b43_shm_control_word(dev, routing, offset); 528 b43_write16(dev, B43_MMIO_SHM_DATA, value); 529} 530 531/* Read HostFlags */ 532u64 b43_hf_read(struct b43_wldev *dev) 533{ 534 u64 ret; 535 536 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 537 ret <<= 16; 538 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 539 ret <<= 16; 540 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 541 542 return ret; 543} 544 545/* Write HostFlags */ 546void b43_hf_write(struct b43_wldev *dev, u64 value) 547{ 548 u16 lo, mi, hi; 549 550 lo = (value & 0x00000000FFFFULL); 551 mi = (value & 0x0000FFFF0000ULL) >> 16; 552 hi = (value & 0xFFFF00000000ULL) >> 32; 553 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 554 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 555 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 556} 557 558/* Read the firmware capabilities bitmask (Opensource firmware only) */ 559static u16 b43_fwcapa_read(struct b43_wldev *dev) 560{ 561 B43_WARN_ON(!dev->fw.opensource); 562 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 563} 564 565void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 566{ 567 u32 low, high; 568 569 B43_WARN_ON(dev->dev->core_rev < 3); 570 571 /* The hardware guarantees us an atomic read, if we 572 * read the low register first. */ 573 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 574 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 575 576 *tsf = high; 577 *tsf <<= 32; 578 *tsf |= low; 579} 580 581static void b43_time_lock(struct b43_wldev *dev) 582{ 583 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_TBTTHOLD); 584 /* Commit the write */ 585 b43_read32(dev, B43_MMIO_MACCTL); 586} 587 588static void b43_time_unlock(struct b43_wldev *dev) 589{ 590 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_TBTTHOLD, 0); 591 /* Commit the write */ 592 b43_read32(dev, B43_MMIO_MACCTL); 593} 594 595static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 596{ 597 u32 low, high; 598 599 B43_WARN_ON(dev->dev->core_rev < 3); 600 601 low = tsf; 602 high = (tsf >> 32); 603 /* The hardware guarantees us an atomic write, if we 604 * write the low register first. */ 605 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 606 mmiowb(); 607 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 608 mmiowb(); 609} 610 611void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 612{ 613 b43_time_lock(dev); 614 b43_tsf_write_locked(dev, tsf); 615 b43_time_unlock(dev); 616} 617 618static 619void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 620{ 621 static const u8 zero_addr[ETH_ALEN] = { 0 }; 622 u16 data; 623 624 if (!mac) 625 mac = zero_addr; 626 627 offset |= 0x0020; 628 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 629 630 data = mac[0]; 631 data |= mac[1] << 8; 632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 633 data = mac[2]; 634 data |= mac[3] << 8; 635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 636 data = mac[4]; 637 data |= mac[5] << 8; 638 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 639} 640 641static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 642{ 643 const u8 *mac; 644 const u8 *bssid; 645 u8 mac_bssid[ETH_ALEN * 2]; 646 int i; 647 u32 tmp; 648 649 bssid = dev->wl->bssid; 650 mac = dev->wl->mac_addr; 651 652 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 653 654 memcpy(mac_bssid, mac, ETH_ALEN); 655 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 656 657 /* Write our MAC address and BSSID to template ram */ 658 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 659 tmp = (u32) (mac_bssid[i + 0]); 660 tmp |= (u32) (mac_bssid[i + 1]) << 8; 661 tmp |= (u32) (mac_bssid[i + 2]) << 16; 662 tmp |= (u32) (mac_bssid[i + 3]) << 24; 663 b43_ram_write(dev, 0x20 + i, tmp); 664 } 665} 666 667static void b43_upload_card_macaddress(struct b43_wldev *dev) 668{ 669 b43_write_mac_bssid_templates(dev); 670 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 671} 672 673static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 674{ 675 /* slot_time is in usec. */ 676 /* This test used to exit for all but a G PHY. */ 677 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ) 678 return; 679 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time); 680 /* Shared memory location 0x0010 is the slot time and should be 681 * set to slot_time; however, this register is initially 0 and changing 682 * the value adversely affects the transmit rate for BCM4311 683 * devices. Until this behavior is unterstood, delete this step 684 * 685 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 686 */ 687} 688 689static void b43_short_slot_timing_enable(struct b43_wldev *dev) 690{ 691 b43_set_slot_time(dev, 9); 692} 693 694static void b43_short_slot_timing_disable(struct b43_wldev *dev) 695{ 696 b43_set_slot_time(dev, 20); 697} 698 699/* DummyTransmission function, as documented on 700 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 701 */ 702void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 703{ 704 struct b43_phy *phy = &dev->phy; 705 unsigned int i, max_loop; 706 u16 value; 707 u32 buffer[5] = { 708 0x00000000, 709 0x00D40000, 710 0x00000000, 711 0x01000000, 712 0x00000000, 713 }; 714 715 if (ofdm) { 716 max_loop = 0x1E; 717 buffer[0] = 0x000201CC; 718 } else { 719 max_loop = 0xFA; 720 buffer[0] = 0x000B846E; 721 } 722 723 for (i = 0; i < 5; i++) 724 b43_ram_write(dev, i * 4, buffer[i]); 725 726 b43_write16(dev, B43_MMIO_XMTSEL, 0x0000); 727 728 if (dev->dev->core_rev < 11) 729 b43_write16(dev, B43_MMIO_WEPCTL, 0x0000); 730 else 731 b43_write16(dev, B43_MMIO_WEPCTL, 0x0100); 732 733 value = (ofdm ? 0x41 : 0x40); 734 b43_write16(dev, B43_MMIO_TXE0_PHYCTL, value); 735 if (phy->type == B43_PHYTYPE_N || phy->type == B43_PHYTYPE_LP || 736 phy->type == B43_PHYTYPE_LCN) 737 b43_write16(dev, B43_MMIO_TXE0_PHYCTL1, 0x1A02); 738 739 b43_write16(dev, B43_MMIO_TXE0_WM_0, 0x0000); 740 b43_write16(dev, B43_MMIO_TXE0_WM_1, 0x0000); 741 742 b43_write16(dev, B43_MMIO_XMTTPLATETXPTR, 0x0000); 743 b43_write16(dev, B43_MMIO_XMTTXCNT, 0x0014); 744 b43_write16(dev, B43_MMIO_XMTSEL, 0x0826); 745 b43_write16(dev, B43_MMIO_TXE0_CTL, 0x0000); 746 747 if (!pa_on && phy->type == B43_PHYTYPE_N) 748 ; /*b43_nphy_pa_override(dev, false) */ 749 750 switch (phy->type) { 751 case B43_PHYTYPE_N: 752 case B43_PHYTYPE_LCN: 753 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x00D0); 754 break; 755 case B43_PHYTYPE_LP: 756 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0050); 757 break; 758 default: 759 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0030); 760 } 761 b43_read16(dev, B43_MMIO_TXE0_AUX); 762 763 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 764 b43_radio_write16(dev, 0x0051, 0x0017); 765 for (i = 0x00; i < max_loop; i++) { 766 value = b43_read16(dev, B43_MMIO_TXE0_STATUS); 767 if (value & 0x0080) 768 break; 769 udelay(10); 770 } 771 for (i = 0x00; i < 0x0A; i++) { 772 value = b43_read16(dev, B43_MMIO_TXE0_STATUS); 773 if (value & 0x0400) 774 break; 775 udelay(10); 776 } 777 for (i = 0x00; i < 0x19; i++) { 778 value = b43_read16(dev, B43_MMIO_IFSSTAT); 779 if (!(value & 0x0100)) 780 break; 781 udelay(10); 782 } 783 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 784 b43_radio_write16(dev, 0x0051, 0x0037); 785} 786 787static void key_write(struct b43_wldev *dev, 788 u8 index, u8 algorithm, const u8 *key) 789{ 790 unsigned int i; 791 u32 offset; 792 u16 value; 793 u16 kidx; 794 795 /* Key index/algo block */ 796 kidx = b43_kidx_to_fw(dev, index); 797 value = ((kidx << 4) | algorithm); 798 b43_shm_write16(dev, B43_SHM_SHARED, 799 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 800 801 /* Write the key to the Key Table Pointer offset */ 802 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 803 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 804 value = key[i]; 805 value |= (u16) (key[i + 1]) << 8; 806 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 807 } 808} 809 810static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 811{ 812 u32 addrtmp[2] = { 0, 0, }; 813 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 814 815 if (b43_new_kidx_api(dev)) 816 pairwise_keys_start = B43_NR_GROUP_KEYS; 817 818 B43_WARN_ON(index < pairwise_keys_start); 819 /* We have four default TX keys and possibly four default RX keys. 820 * Physical mac 0 is mapped to physical key 4 or 8, depending 821 * on the firmware version. 822 * So we must adjust the index here. 823 */ 824 index -= pairwise_keys_start; 825 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 826 827 if (addr) { 828 addrtmp[0] = addr[0]; 829 addrtmp[0] |= ((u32) (addr[1]) << 8); 830 addrtmp[0] |= ((u32) (addr[2]) << 16); 831 addrtmp[0] |= ((u32) (addr[3]) << 24); 832 addrtmp[1] = addr[4]; 833 addrtmp[1] |= ((u32) (addr[5]) << 8); 834 } 835 836 /* Receive match transmitter address (RCMTA) mechanism */ 837 b43_shm_write32(dev, B43_SHM_RCMTA, 838 (index * 2) + 0, addrtmp[0]); 839 b43_shm_write16(dev, B43_SHM_RCMTA, 840 (index * 2) + 1, addrtmp[1]); 841} 842 843/* The ucode will use phase1 key with TEK key to decrypt rx packets. 844 * When a packet is received, the iv32 is checked. 845 * - if it doesn't the packet is returned without modification (and software 846 * decryption can be done). That's what happen when iv16 wrap. 847 * - if it does, the rc4 key is computed, and decryption is tried. 848 * Either it will success and B43_RX_MAC_DEC is returned, 849 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 850 * and the packet is not usable (it got modified by the ucode). 851 * So in order to never have B43_RX_MAC_DECERR, we should provide 852 * a iv32 and phase1key that match. Because we drop packets in case of 853 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 854 * packets will be lost without higher layer knowing (ie no resync possible 855 * until next wrap). 856 * 857 * NOTE : this should support 50 key like RCMTA because 858 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 859 */ 860static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 861 u16 *phase1key) 862{ 863 unsigned int i; 864 u32 offset; 865 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 866 867 if (!modparam_hwtkip) 868 return; 869 870 if (b43_new_kidx_api(dev)) 871 pairwise_keys_start = B43_NR_GROUP_KEYS; 872 873 B43_WARN_ON(index < pairwise_keys_start); 874 /* We have four default TX keys and possibly four default RX keys. 875 * Physical mac 0 is mapped to physical key 4 or 8, depending 876 * on the firmware version. 877 * So we must adjust the index here. 878 */ 879 index -= pairwise_keys_start; 880 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 881 882 if (b43_debug(dev, B43_DBG_KEYS)) { 883 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 884 index, iv32); 885 } 886 /* Write the key to the RX tkip shared mem */ 887 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 888 for (i = 0; i < 10; i += 2) { 889 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 890 phase1key ? phase1key[i / 2] : 0); 891 } 892 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 893 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 894} 895 896static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 897 struct ieee80211_vif *vif, 898 struct ieee80211_key_conf *keyconf, 899 struct ieee80211_sta *sta, 900 u32 iv32, u16 *phase1key) 901{ 902 struct b43_wl *wl = hw_to_b43_wl(hw); 903 struct b43_wldev *dev; 904 int index = keyconf->hw_key_idx; 905 906 if (B43_WARN_ON(!modparam_hwtkip)) 907 return; 908 909 /* This is only called from the RX path through mac80211, where 910 * our mutex is already locked. */ 911 B43_WARN_ON(!mutex_is_locked(&wl->mutex)); 912 dev = wl->current_dev; 913 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED); 914 915 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 916 917 rx_tkip_phase1_write(dev, index, iv32, phase1key); 918 /* only pairwise TKIP keys are supported right now */ 919 if (WARN_ON(!sta)) 920 return; 921 keymac_write(dev, index, sta->addr); 922} 923 924static void do_key_write(struct b43_wldev *dev, 925 u8 index, u8 algorithm, 926 const u8 *key, size_t key_len, const u8 *mac_addr) 927{ 928 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 929 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 930 931 if (b43_new_kidx_api(dev)) 932 pairwise_keys_start = B43_NR_GROUP_KEYS; 933 934 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 935 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 936 937 if (index >= pairwise_keys_start) 938 keymac_write(dev, index, NULL); /* First zero out mac. */ 939 if (algorithm == B43_SEC_ALGO_TKIP) { 940 /* 941 * We should provide an initial iv32, phase1key pair. 942 * We could start with iv32=0 and compute the corresponding 943 * phase1key, but this means calling ieee80211_get_tkip_key 944 * with a fake skb (or export other tkip function). 945 * Because we are lazy we hope iv32 won't start with 946 * 0xffffffff and let's b43_op_update_tkip_key provide a 947 * correct pair. 948 */ 949 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 950 } else if (index >= pairwise_keys_start) /* clear it */ 951 rx_tkip_phase1_write(dev, index, 0, NULL); 952 if (key) 953 memcpy(buf, key, key_len); 954 key_write(dev, index, algorithm, buf); 955 if (index >= pairwise_keys_start) 956 keymac_write(dev, index, mac_addr); 957 958 dev->key[index].algorithm = algorithm; 959} 960 961static int b43_key_write(struct b43_wldev *dev, 962 int index, u8 algorithm, 963 const u8 *key, size_t key_len, 964 const u8 *mac_addr, 965 struct ieee80211_key_conf *keyconf) 966{ 967 int i; 968 int pairwise_keys_start; 969 970 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 971 * - Temporal Encryption Key (128 bits) 972 * - Temporal Authenticator Tx MIC Key (64 bits) 973 * - Temporal Authenticator Rx MIC Key (64 bits) 974 * 975 * Hardware only store TEK 976 */ 977 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 978 key_len = 16; 979 if (key_len > B43_SEC_KEYSIZE) 980 return -EINVAL; 981 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 982 /* Check that we don't already have this key. */ 983 B43_WARN_ON(dev->key[i].keyconf == keyconf); 984 } 985 if (index < 0) { 986 /* Pairwise key. Get an empty slot for the key. */ 987 if (b43_new_kidx_api(dev)) 988 pairwise_keys_start = B43_NR_GROUP_KEYS; 989 else 990 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 991 for (i = pairwise_keys_start; 992 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 993 i++) { 994 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 995 if (!dev->key[i].keyconf) { 996 /* found empty */ 997 index = i; 998 break; 999 } 1000 } 1001 if (index < 0) { 1002 b43warn(dev->wl, "Out of hardware key memory\n"); 1003 return -ENOSPC; 1004 } 1005 } else 1006 B43_WARN_ON(index > 3); 1007 1008 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 1009 if ((index <= 3) && !b43_new_kidx_api(dev)) { 1010 /* Default RX key */ 1011 B43_WARN_ON(mac_addr); 1012 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 1013 } 1014 keyconf->hw_key_idx = index; 1015 dev->key[index].keyconf = keyconf; 1016 1017 return 0; 1018} 1019 1020static int b43_key_clear(struct b43_wldev *dev, int index) 1021{ 1022 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 1023 return -EINVAL; 1024 do_key_write(dev, index, B43_SEC_ALGO_NONE, 1025 NULL, B43_SEC_KEYSIZE, NULL); 1026 if ((index <= 3) && !b43_new_kidx_api(dev)) { 1027 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 1028 NULL, B43_SEC_KEYSIZE, NULL); 1029 } 1030 dev->key[index].keyconf = NULL; 1031 1032 return 0; 1033} 1034 1035static void b43_clear_keys(struct b43_wldev *dev) 1036{ 1037 int i, count; 1038 1039 if (b43_new_kidx_api(dev)) 1040 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1041 else 1042 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1043 for (i = 0; i < count; i++) 1044 b43_key_clear(dev, i); 1045} 1046 1047static void b43_dump_keymemory(struct b43_wldev *dev) 1048{ 1049 unsigned int i, index, count, offset, pairwise_keys_start; 1050 u8 mac[ETH_ALEN]; 1051 u16 algo; 1052 u32 rcmta0; 1053 u16 rcmta1; 1054 u64 hf; 1055 struct b43_key *key; 1056 1057 if (!b43_debug(dev, B43_DBG_KEYS)) 1058 return; 1059 1060 hf = b43_hf_read(dev); 1061 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1062 !!(hf & B43_HF_USEDEFKEYS)); 1063 if (b43_new_kidx_api(dev)) { 1064 pairwise_keys_start = B43_NR_GROUP_KEYS; 1065 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1066 } else { 1067 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1068 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1069 } 1070 for (index = 0; index < count; index++) { 1071 key = &(dev->key[index]); 1072 printk(KERN_DEBUG "Key slot %02u: %s", 1073 index, (key->keyconf == NULL) ? " " : "*"); 1074 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1075 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1076 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1077 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1078 } 1079 1080 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1081 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1082 printk(" Algo: %04X/%02X", algo, key->algorithm); 1083 1084 if (index >= pairwise_keys_start) { 1085 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1086 printk(" TKIP: "); 1087 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1088 for (i = 0; i < 14; i += 2) { 1089 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1090 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1091 } 1092 } 1093 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1094 ((index - pairwise_keys_start) * 2) + 0); 1095 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1096 ((index - pairwise_keys_start) * 2) + 1); 1097 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1098 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1099 printk(" MAC: %pM", mac); 1100 } else 1101 printk(" DEFAULT KEY"); 1102 printk("\n"); 1103 } 1104} 1105 1106void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1107{ 1108 u32 macctl; 1109 u16 ucstat; 1110 bool hwps; 1111 bool awake; 1112 int i; 1113 1114 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1115 (ps_flags & B43_PS_DISABLED)); 1116 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1117 1118 if (ps_flags & B43_PS_ENABLED) { 1119 hwps = true; 1120 } else if (ps_flags & B43_PS_DISABLED) { 1121 hwps = false; 1122 } else { 1123 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1124 // and thus is not an AP and we are associated, set bit 25 1125 } 1126 if (ps_flags & B43_PS_AWAKE) { 1127 awake = true; 1128 } else if (ps_flags & B43_PS_ASLEEP) { 1129 awake = false; 1130 } else { 1131 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1132 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1133 // successful, set bit26 1134 } 1135 1136/* FIXME: For now we force awake-on and hwps-off */ 1137 hwps = false; 1138 awake = true; 1139 1140 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1141 if (hwps) 1142 macctl |= B43_MACCTL_HWPS; 1143 else 1144 macctl &= ~B43_MACCTL_HWPS; 1145 if (awake) 1146 macctl |= B43_MACCTL_AWAKE; 1147 else 1148 macctl &= ~B43_MACCTL_AWAKE; 1149 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1150 /* Commit write */ 1151 b43_read32(dev, B43_MMIO_MACCTL); 1152 if (awake && dev->dev->core_rev >= 5) { 1153 /* Wait for the microcode to wake up. */ 1154 for (i = 0; i < 100; i++) { 1155 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1156 B43_SHM_SH_UCODESTAT); 1157 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1158 break; 1159 udelay(10); 1160 } 1161 } 1162} 1163 1164#ifdef CONFIG_B43_BCMA 1165static void b43_bcma_phy_reset(struct b43_wldev *dev) 1166{ 1167 u32 flags; 1168 1169 /* Put PHY into reset */ 1170 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL); 1171 flags |= B43_BCMA_IOCTL_PHY_RESET; 1172 flags |= B43_BCMA_IOCTL_PHY_BW_20MHZ; /* Make 20 MHz def */ 1173 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags); 1174 udelay(2); 1175 1176 /* Take PHY out of reset */ 1177 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL); 1178 flags &= ~B43_BCMA_IOCTL_PHY_RESET; 1179 flags |= BCMA_IOCTL_FGC; 1180 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags); 1181 udelay(1); 1182 1183 /* Do not force clock anymore */ 1184 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL); 1185 flags &= ~BCMA_IOCTL_FGC; 1186 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags); 1187 udelay(1); 1188} 1189 1190static void b43_bcma_wireless_core_reset(struct b43_wldev *dev, bool gmode) 1191{ 1192 b43_device_enable(dev, B43_BCMA_IOCTL_PHY_CLKEN); 1193 bcma_core_set_clockmode(dev->dev->bdev, BCMA_CLKMODE_FAST); 1194 b43_bcma_phy_reset(dev); 1195 bcma_core_pll_ctl(dev->dev->bdev, 0x300, 0x3000000, true); 1196} 1197#endif 1198 1199static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode) 1200{ 1201 struct ssb_device *sdev = dev->dev->sdev; 1202 u32 tmslow; 1203 u32 flags = 0; 1204 1205 if (gmode) 1206 flags |= B43_TMSLOW_GMODE; 1207 flags |= B43_TMSLOW_PHYCLKEN; 1208 flags |= B43_TMSLOW_PHYRESET; 1209 if (dev->phy.type == B43_PHYTYPE_N) 1210 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */ 1211 b43_device_enable(dev, flags); 1212 msleep(2); /* Wait for the PLL to turn on. */ 1213 1214 /* Now take the PHY out of Reset again */ 1215 tmslow = ssb_read32(sdev, SSB_TMSLOW); 1216 tmslow |= SSB_TMSLOW_FGC; 1217 tmslow &= ~B43_TMSLOW_PHYRESET; 1218 ssb_write32(sdev, SSB_TMSLOW, tmslow); 1219 ssb_read32(sdev, SSB_TMSLOW); /* flush */ 1220 msleep(1); 1221 tmslow &= ~SSB_TMSLOW_FGC; 1222 ssb_write32(sdev, SSB_TMSLOW, tmslow); 1223 ssb_read32(sdev, SSB_TMSLOW); /* flush */ 1224 msleep(1); 1225} 1226 1227void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode) 1228{ 1229 u32 macctl; 1230 1231 switch (dev->dev->bus_type) { 1232#ifdef CONFIG_B43_BCMA 1233 case B43_BUS_BCMA: 1234 b43_bcma_wireless_core_reset(dev, gmode); 1235 break; 1236#endif 1237#ifdef CONFIG_B43_SSB 1238 case B43_BUS_SSB: 1239 b43_ssb_wireless_core_reset(dev, gmode); 1240 break; 1241#endif 1242 } 1243 1244 /* Turn Analog ON, but only if we already know the PHY-type. 1245 * This protects against very early setup where we don't know the 1246 * PHY-type, yet. wireless_core_reset will be called once again later, 1247 * when we know the PHY-type. */ 1248 if (dev->phy.ops) 1249 dev->phy.ops->switch_analog(dev, 1); 1250 1251 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1252 macctl &= ~B43_MACCTL_GMODE; 1253 if (gmode) 1254 macctl |= B43_MACCTL_GMODE; 1255 macctl |= B43_MACCTL_IHR_ENABLED; 1256 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1257} 1258 1259static void handle_irq_transmit_status(struct b43_wldev *dev) 1260{ 1261 u32 v0, v1; 1262 u16 tmp; 1263 struct b43_txstatus stat; 1264 1265 while (1) { 1266 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1267 if (!(v0 & 0x00000001)) 1268 break; 1269 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1270 1271 stat.cookie = (v0 >> 16); 1272 stat.seq = (v1 & 0x0000FFFF); 1273 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1274 tmp = (v0 & 0x0000FFFF); 1275 stat.frame_count = ((tmp & 0xF000) >> 12); 1276 stat.rts_count = ((tmp & 0x0F00) >> 8); 1277 stat.supp_reason = ((tmp & 0x001C) >> 2); 1278 stat.pm_indicated = !!(tmp & 0x0080); 1279 stat.intermediate = !!(tmp & 0x0040); 1280 stat.for_ampdu = !!(tmp & 0x0020); 1281 stat.acked = !!(tmp & 0x0002); 1282 1283 b43_handle_txstatus(dev, &stat); 1284 } 1285} 1286 1287static void drain_txstatus_queue(struct b43_wldev *dev) 1288{ 1289 u32 dummy; 1290 1291 if (dev->dev->core_rev < 5) 1292 return; 1293 /* Read all entries from the microcode TXstatus FIFO 1294 * and throw them away. 1295 */ 1296 while (1) { 1297 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1298 if (!(dummy & 0x00000001)) 1299 break; 1300 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1301 } 1302} 1303 1304static u32 b43_jssi_read(struct b43_wldev *dev) 1305{ 1306 u32 val = 0; 1307 1308 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1309 val <<= 16; 1310 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1311 1312 return val; 1313} 1314 1315static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1316{ 1317 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1318 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1319} 1320 1321static void b43_generate_noise_sample(struct b43_wldev *dev) 1322{ 1323 b43_jssi_write(dev, 0x7F7F7F7F); 1324 b43_write32(dev, B43_MMIO_MACCMD, 1325 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1326} 1327 1328static void b43_calculate_link_quality(struct b43_wldev *dev) 1329{ 1330 /* Top half of Link Quality calculation. */ 1331 1332 if (dev->phy.type != B43_PHYTYPE_G) 1333 return; 1334 if (dev->noisecalc.calculation_running) 1335 return; 1336 dev->noisecalc.calculation_running = true; 1337 dev->noisecalc.nr_samples = 0; 1338 1339 b43_generate_noise_sample(dev); 1340} 1341 1342static void handle_irq_noise(struct b43_wldev *dev) 1343{ 1344 struct b43_phy_g *phy = dev->phy.g; 1345 u16 tmp; 1346 u8 noise[4]; 1347 u8 i, j; 1348 s32 average; 1349 1350 /* Bottom half of Link Quality calculation. */ 1351 1352 if (dev->phy.type != B43_PHYTYPE_G) 1353 return; 1354 1355 /* Possible race condition: It might be possible that the user 1356 * changed to a different channel in the meantime since we 1357 * started the calculation. We ignore that fact, since it's 1358 * not really that much of a problem. The background noise is 1359 * an estimation only anyway. Slightly wrong results will get damped 1360 * by the averaging of the 8 sample rounds. Additionally the 1361 * value is shortlived. So it will be replaced by the next noise 1362 * calculation round soon. */ 1363 1364 B43_WARN_ON(!dev->noisecalc.calculation_running); 1365 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1366 if (noise[0] == 0x7F || noise[1] == 0x7F || 1367 noise[2] == 0x7F || noise[3] == 0x7F) 1368 goto generate_new; 1369 1370 /* Get the noise samples. */ 1371 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1372 i = dev->noisecalc.nr_samples; 1373 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1374 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1375 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1376 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1377 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1378 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1379 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1380 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1381 dev->noisecalc.nr_samples++; 1382 if (dev->noisecalc.nr_samples == 8) { 1383 /* Calculate the Link Quality by the noise samples. */ 1384 average = 0; 1385 for (i = 0; i < 8; i++) { 1386 for (j = 0; j < 4; j++) 1387 average += dev->noisecalc.samples[i][j]; 1388 } 1389 average /= (8 * 4); 1390 average *= 125; 1391 average += 64; 1392 average /= 128; 1393 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1394 tmp = (tmp / 128) & 0x1F; 1395 if (tmp >= 8) 1396 average += 2; 1397 else 1398 average -= 25; 1399 if (tmp == 8) 1400 average -= 72; 1401 else 1402 average -= 48; 1403 1404 dev->stats.link_noise = average; 1405 dev->noisecalc.calculation_running = false; 1406 return; 1407 } 1408generate_new: 1409 b43_generate_noise_sample(dev); 1410} 1411 1412static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1413{ 1414 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1415 ///TODO: PS TBTT 1416 } else { 1417 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1418 b43_power_saving_ctl_bits(dev, 0); 1419 } 1420 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1421 dev->dfq_valid = true; 1422} 1423 1424static void handle_irq_atim_end(struct b43_wldev *dev) 1425{ 1426 if (dev->dfq_valid) { 1427 b43_write32(dev, B43_MMIO_MACCMD, 1428 b43_read32(dev, B43_MMIO_MACCMD) 1429 | B43_MACCMD_DFQ_VALID); 1430 dev->dfq_valid = false; 1431 } 1432} 1433 1434static void handle_irq_pmq(struct b43_wldev *dev) 1435{ 1436 u32 tmp; 1437 1438 //TODO: AP mode. 1439 1440 while (1) { 1441 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1442 if (!(tmp & 0x00000008)) 1443 break; 1444 } 1445 /* 16bit write is odd, but correct. */ 1446 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1447} 1448 1449static void b43_write_template_common(struct b43_wldev *dev, 1450 const u8 *data, u16 size, 1451 u16 ram_offset, 1452 u16 shm_size_offset, u8 rate) 1453{ 1454 u32 i, tmp; 1455 struct b43_plcp_hdr4 plcp; 1456 1457 plcp.data = 0; 1458 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1459 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1460 ram_offset += sizeof(u32); 1461 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1462 * So leave the first two bytes of the next write blank. 1463 */ 1464 tmp = (u32) (data[0]) << 16; 1465 tmp |= (u32) (data[1]) << 24; 1466 b43_ram_write(dev, ram_offset, tmp); 1467 ram_offset += sizeof(u32); 1468 for (i = 2; i < size; i += sizeof(u32)) { 1469 tmp = (u32) (data[i + 0]); 1470 if (i + 1 < size) 1471 tmp |= (u32) (data[i + 1]) << 8; 1472 if (i + 2 < size) 1473 tmp |= (u32) (data[i + 2]) << 16; 1474 if (i + 3 < size) 1475 tmp |= (u32) (data[i + 3]) << 24; 1476 b43_ram_write(dev, ram_offset + i - 2, tmp); 1477 } 1478 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1479 size + sizeof(struct b43_plcp_hdr6)); 1480} 1481 1482/* Check if the use of the antenna that ieee80211 told us to 1483 * use is possible. This will fall back to DEFAULT. 1484 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1485u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1486 u8 antenna_nr) 1487{ 1488 u8 antenna_mask; 1489 1490 if (antenna_nr == 0) { 1491 /* Zero means "use default antenna". That's always OK. */ 1492 return 0; 1493 } 1494 1495 /* Get the mask of available antennas. */ 1496 if (dev->phy.gmode) 1497 antenna_mask = dev->dev->bus_sprom->ant_available_bg; 1498 else 1499 antenna_mask = dev->dev->bus_sprom->ant_available_a; 1500 1501 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1502 /* This antenna is not available. Fall back to default. */ 1503 return 0; 1504 } 1505 1506 return antenna_nr; 1507} 1508 1509/* Convert a b43 antenna number value to the PHY TX control value. */ 1510static u16 b43_antenna_to_phyctl(int antenna) 1511{ 1512 switch (antenna) { 1513 case B43_ANTENNA0: 1514 return B43_TXH_PHY_ANT0; 1515 case B43_ANTENNA1: 1516 return B43_TXH_PHY_ANT1; 1517 case B43_ANTENNA2: 1518 return B43_TXH_PHY_ANT2; 1519 case B43_ANTENNA3: 1520 return B43_TXH_PHY_ANT3; 1521 case B43_ANTENNA_AUTO0: 1522 case B43_ANTENNA_AUTO1: 1523 return B43_TXH_PHY_ANT01AUTO; 1524 } 1525 B43_WARN_ON(1); 1526 return 0; 1527} 1528 1529static void b43_write_beacon_template(struct b43_wldev *dev, 1530 u16 ram_offset, 1531 u16 shm_size_offset) 1532{ 1533 unsigned int i, len, variable_len; 1534 const struct ieee80211_mgmt *bcn; 1535 const u8 *ie; 1536 bool tim_found = false; 1537 unsigned int rate; 1538 u16 ctl; 1539 int antenna; 1540 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1541 1542 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1543 len = min((size_t) dev->wl->current_beacon->len, 1544 0x200 - sizeof(struct b43_plcp_hdr6)); 1545 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1546 1547 b43_write_template_common(dev, (const u8 *)bcn, 1548 len, ram_offset, shm_size_offset, rate); 1549 1550 /* Write the PHY TX control parameters. */ 1551 antenna = B43_ANTENNA_DEFAULT; 1552 antenna = b43_antenna_to_phyctl(antenna); 1553 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1554 /* We can't send beacons with short preamble. Would get PHY errors. */ 1555 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1556 ctl &= ~B43_TXH_PHY_ANT; 1557 ctl &= ~B43_TXH_PHY_ENC; 1558 ctl |= antenna; 1559 if (b43_is_cck_rate(rate)) 1560 ctl |= B43_TXH_PHY_ENC_CCK; 1561 else 1562 ctl |= B43_TXH_PHY_ENC_OFDM; 1563 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1564 1565 /* Find the position of the TIM and the DTIM_period value 1566 * and write them to SHM. */ 1567 ie = bcn->u.beacon.variable; 1568 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1569 for (i = 0; i < variable_len - 2; ) { 1570 uint8_t ie_id, ie_len; 1571 1572 ie_id = ie[i]; 1573 ie_len = ie[i + 1]; 1574 if (ie_id == 5) { 1575 u16 tim_position; 1576 u16 dtim_period; 1577 /* This is the TIM Information Element */ 1578 1579 /* Check whether the ie_len is in the beacon data range. */ 1580 if (variable_len < ie_len + 2 + i) 1581 break; 1582 /* A valid TIM is at least 4 bytes long. */ 1583 if (ie_len < 4) 1584 break; 1585 tim_found = true; 1586 1587 tim_position = sizeof(struct b43_plcp_hdr6); 1588 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1589 tim_position += i; 1590 1591 dtim_period = ie[i + 3]; 1592 1593 b43_shm_write16(dev, B43_SHM_SHARED, 1594 B43_SHM_SH_TIMBPOS, tim_position); 1595 b43_shm_write16(dev, B43_SHM_SHARED, 1596 B43_SHM_SH_DTIMPER, dtim_period); 1597 break; 1598 } 1599 i += ie_len + 2; 1600 } 1601 if (!tim_found) { 1602 /* 1603 * If ucode wants to modify TIM do it behind the beacon, this 1604 * will happen, for example, when doing mesh networking. 1605 */ 1606 b43_shm_write16(dev, B43_SHM_SHARED, 1607 B43_SHM_SH_TIMBPOS, 1608 len + sizeof(struct b43_plcp_hdr6)); 1609 b43_shm_write16(dev, B43_SHM_SHARED, 1610 B43_SHM_SH_DTIMPER, 0); 1611 } 1612 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1613} 1614 1615static void b43_upload_beacon0(struct b43_wldev *dev) 1616{ 1617 struct b43_wl *wl = dev->wl; 1618 1619 if (wl->beacon0_uploaded) 1620 return; 1621 b43_write_beacon_template(dev, 0x68, 0x18); 1622 wl->beacon0_uploaded = true; 1623} 1624 1625static void b43_upload_beacon1(struct b43_wldev *dev) 1626{ 1627 struct b43_wl *wl = dev->wl; 1628 1629 if (wl->beacon1_uploaded) 1630 return; 1631 b43_write_beacon_template(dev, 0x468, 0x1A); 1632 wl->beacon1_uploaded = true; 1633} 1634 1635static void handle_irq_beacon(struct b43_wldev *dev) 1636{ 1637 struct b43_wl *wl = dev->wl; 1638 u32 cmd, beacon0_valid, beacon1_valid; 1639 1640 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1641 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) && 1642 !b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 1643 return; 1644 1645 /* This is the bottom half of the asynchronous beacon update. */ 1646 1647 /* Ignore interrupt in the future. */ 1648 dev->irq_mask &= ~B43_IRQ_BEACON; 1649 1650 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1651 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1652 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1653 1654 /* Schedule interrupt manually, if busy. */ 1655 if (beacon0_valid && beacon1_valid) { 1656 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1657 dev->irq_mask |= B43_IRQ_BEACON; 1658 return; 1659 } 1660 1661 if (unlikely(wl->beacon_templates_virgin)) { 1662 /* We never uploaded a beacon before. 1663 * Upload both templates now, but only mark one valid. */ 1664 wl->beacon_templates_virgin = false; 1665 b43_upload_beacon0(dev); 1666 b43_upload_beacon1(dev); 1667 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1668 cmd |= B43_MACCMD_BEACON0_VALID; 1669 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1670 } else { 1671 if (!beacon0_valid) { 1672 b43_upload_beacon0(dev); 1673 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1674 cmd |= B43_MACCMD_BEACON0_VALID; 1675 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1676 } else if (!beacon1_valid) { 1677 b43_upload_beacon1(dev); 1678 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1679 cmd |= B43_MACCMD_BEACON1_VALID; 1680 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1681 } 1682 } 1683} 1684 1685static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1686{ 1687 u32 old_irq_mask = dev->irq_mask; 1688 1689 /* update beacon right away or defer to irq */ 1690 handle_irq_beacon(dev); 1691 if (old_irq_mask != dev->irq_mask) { 1692 /* The handler updated the IRQ mask. */ 1693 B43_WARN_ON(!dev->irq_mask); 1694 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1695 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1696 } else { 1697 /* Device interrupts are currently disabled. That means 1698 * we just ran the hardirq handler and scheduled the 1699 * IRQ thread. The thread will write the IRQ mask when 1700 * it finished, so there's nothing to do here. Writing 1701 * the mask _here_ would incorrectly re-enable IRQs. */ 1702 } 1703 } 1704} 1705 1706static void b43_beacon_update_trigger_work(struct work_struct *work) 1707{ 1708 struct b43_wl *wl = container_of(work, struct b43_wl, 1709 beacon_update_trigger); 1710 struct b43_wldev *dev; 1711 1712 mutex_lock(&wl->mutex); 1713 dev = wl->current_dev; 1714 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1715 if (b43_bus_host_is_sdio(dev->dev)) { 1716 /* wl->mutex is enough. */ 1717 b43_do_beacon_update_trigger_work(dev); 1718 mmiowb(); 1719 } else { 1720 spin_lock_irq(&wl->hardirq_lock); 1721 b43_do_beacon_update_trigger_work(dev); 1722 mmiowb(); 1723 spin_unlock_irq(&wl->hardirq_lock); 1724 } 1725 } 1726 mutex_unlock(&wl->mutex); 1727} 1728 1729/* Asynchronously update the packet templates in template RAM. 1730 * Locking: Requires wl->mutex to be locked. */ 1731static void b43_update_templates(struct b43_wl *wl) 1732{ 1733 struct sk_buff *beacon; 1734 1735 /* This is the top half of the ansynchronous beacon update. 1736 * The bottom half is the beacon IRQ. 1737 * Beacon update must be asynchronous to avoid sending an 1738 * invalid beacon. This can happen for example, if the firmware 1739 * transmits a beacon while we are updating it. */ 1740 1741 /* We could modify the existing beacon and set the aid bit in 1742 * the TIM field, but that would probably require resizing and 1743 * moving of data within the beacon template. 1744 * Simply request a new beacon and let mac80211 do the hard work. */ 1745 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1746 if (unlikely(!beacon)) 1747 return; 1748 1749 if (wl->current_beacon) 1750 dev_kfree_skb_any(wl->current_beacon); 1751 wl->current_beacon = beacon; 1752 wl->beacon0_uploaded = false; 1753 wl->beacon1_uploaded = false; 1754 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1755} 1756 1757static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1758{ 1759 b43_time_lock(dev); 1760 if (dev->dev->core_rev >= 3) { 1761 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1762 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1763 } else { 1764 b43_write16(dev, 0x606, (beacon_int >> 6)); 1765 b43_write16(dev, 0x610, beacon_int); 1766 } 1767 b43_time_unlock(dev); 1768 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1769} 1770 1771static void b43_handle_firmware_panic(struct b43_wldev *dev) 1772{ 1773 u16 reason; 1774 1775 /* Read the register that contains the reason code for the panic. */ 1776 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1777 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1778 1779 switch (reason) { 1780 default: 1781 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1782 /* fallthrough */ 1783 case B43_FWPANIC_DIE: 1784 /* Do not restart the controller or firmware. 1785 * The device is nonfunctional from now on. 1786 * Restarting would result in this panic to trigger again, 1787 * so we avoid that recursion. */ 1788 break; 1789 case B43_FWPANIC_RESTART: 1790 b43_controller_restart(dev, "Microcode panic"); 1791 break; 1792 } 1793} 1794 1795static void handle_irq_ucode_debug(struct b43_wldev *dev) 1796{ 1797 unsigned int i, cnt; 1798 u16 reason, marker_id, marker_line; 1799 __le16 *buf; 1800 1801 /* The proprietary firmware doesn't have this IRQ. */ 1802 if (!dev->fw.opensource) 1803 return; 1804 1805 /* Read the register that contains the reason code for this IRQ. */ 1806 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1807 1808 switch (reason) { 1809 case B43_DEBUGIRQ_PANIC: 1810 b43_handle_firmware_panic(dev); 1811 break; 1812 case B43_DEBUGIRQ_DUMP_SHM: 1813 if (!B43_DEBUG) 1814 break; /* Only with driver debugging enabled. */ 1815 buf = kmalloc(4096, GFP_ATOMIC); 1816 if (!buf) { 1817 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1818 goto out; 1819 } 1820 for (i = 0; i < 4096; i += 2) { 1821 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1822 buf[i / 2] = cpu_to_le16(tmp); 1823 } 1824 b43info(dev->wl, "Shared memory dump:\n"); 1825 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1826 16, 2, buf, 4096, 1); 1827 kfree(buf); 1828 break; 1829 case B43_DEBUGIRQ_DUMP_REGS: 1830 if (!B43_DEBUG) 1831 break; /* Only with driver debugging enabled. */ 1832 b43info(dev->wl, "Microcode register dump:\n"); 1833 for (i = 0, cnt = 0; i < 64; i++) { 1834 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1835 if (cnt == 0) 1836 printk(KERN_INFO); 1837 printk("r%02u: 0x%04X ", i, tmp); 1838 cnt++; 1839 if (cnt == 6) { 1840 printk("\n"); 1841 cnt = 0; 1842 } 1843 } 1844 printk("\n"); 1845 break; 1846 case B43_DEBUGIRQ_MARKER: 1847 if (!B43_DEBUG) 1848 break; /* Only with driver debugging enabled. */ 1849 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1850 B43_MARKER_ID_REG); 1851 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1852 B43_MARKER_LINE_REG); 1853 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1854 "at line number %u\n", 1855 marker_id, marker_line); 1856 break; 1857 default: 1858 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1859 reason); 1860 } 1861out: 1862 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1863 b43_shm_write16(dev, B43_SHM_SCRATCH, 1864 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1865} 1866 1867static void b43_do_interrupt_thread(struct b43_wldev *dev) 1868{ 1869 u32 reason; 1870 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1871 u32 merged_dma_reason = 0; 1872 int i; 1873 1874 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1875 return; 1876 1877 reason = dev->irq_reason; 1878 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1879 dma_reason[i] = dev->dma_reason[i]; 1880 merged_dma_reason |= dma_reason[i]; 1881 } 1882 1883 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1884 b43err(dev->wl, "MAC transmission error\n"); 1885 1886 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1887 b43err(dev->wl, "PHY transmission error\n"); 1888 rmb(); 1889 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1890 atomic_set(&dev->phy.txerr_cnt, 1891 B43_PHY_TX_BADNESS_LIMIT); 1892 b43err(dev->wl, "Too many PHY TX errors, " 1893 "restarting the controller\n"); 1894 b43_controller_restart(dev, "PHY TX errors"); 1895 } 1896 } 1897 1898 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1899 B43_DMAIRQ_NONFATALMASK))) { 1900 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1901 b43err(dev->wl, "Fatal DMA error: " 1902 "0x%08X, 0x%08X, 0x%08X, " 1903 "0x%08X, 0x%08X, 0x%08X\n", 1904 dma_reason[0], dma_reason[1], 1905 dma_reason[2], dma_reason[3], 1906 dma_reason[4], dma_reason[5]); 1907 b43err(dev->wl, "This device does not support DMA " 1908 "on your system. It will now be switched to PIO.\n"); 1909 /* Fall back to PIO transfers if we get fatal DMA errors! */ 1910 dev->use_pio = true; 1911 b43_controller_restart(dev, "DMA error"); 1912 return; 1913 } 1914 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1915 b43err(dev->wl, "DMA error: " 1916 "0x%08X, 0x%08X, 0x%08X, " 1917 "0x%08X, 0x%08X, 0x%08X\n", 1918 dma_reason[0], dma_reason[1], 1919 dma_reason[2], dma_reason[3], 1920 dma_reason[4], dma_reason[5]); 1921 } 1922 } 1923 1924 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1925 handle_irq_ucode_debug(dev); 1926 if (reason & B43_IRQ_TBTT_INDI) 1927 handle_irq_tbtt_indication(dev); 1928 if (reason & B43_IRQ_ATIM_END) 1929 handle_irq_atim_end(dev); 1930 if (reason & B43_IRQ_BEACON) 1931 handle_irq_beacon(dev); 1932 if (reason & B43_IRQ_PMQ) 1933 handle_irq_pmq(dev); 1934 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1935 ;/* TODO */ 1936 if (reason & B43_IRQ_NOISESAMPLE_OK) 1937 handle_irq_noise(dev); 1938 1939 /* Check the DMA reason registers for received data. */ 1940 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1941 if (b43_using_pio_transfers(dev)) 1942 b43_pio_rx(dev->pio.rx_queue); 1943 else 1944 b43_dma_rx(dev->dma.rx_ring); 1945 } 1946 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1947 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1948 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1949 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1950 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1951 1952 if (reason & B43_IRQ_TX_OK) 1953 handle_irq_transmit_status(dev); 1954 1955 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1956 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1957 1958#if B43_DEBUG 1959 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1960 dev->irq_count++; 1961 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1962 if (reason & (1 << i)) 1963 dev->irq_bit_count[i]++; 1964 } 1965 } 1966#endif 1967} 1968 1969/* Interrupt thread handler. Handles device interrupts in thread context. */ 1970static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1971{ 1972 struct b43_wldev *dev = dev_id; 1973 1974 mutex_lock(&dev->wl->mutex); 1975 b43_do_interrupt_thread(dev); 1976 mmiowb(); 1977 mutex_unlock(&dev->wl->mutex); 1978 1979 return IRQ_HANDLED; 1980} 1981 1982static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1983{ 1984 u32 reason; 1985 1986 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1987 * On SDIO, this runs under wl->mutex. */ 1988 1989 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1990 if (reason == 0xffffffff) /* shared IRQ */ 1991 return IRQ_NONE; 1992 reason &= dev->irq_mask; 1993 if (!reason) 1994 return IRQ_NONE; 1995 1996 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1997 & 0x0001DC00; 1998 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1999 & 0x0000DC00; 2000 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 2001 & 0x0000DC00; 2002 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 2003 & 0x0001DC00; 2004 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 2005 & 0x0000DC00; 2006/* Unused ring 2007 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 2008 & 0x0000DC00; 2009*/ 2010 2011 /* ACK the interrupt. */ 2012 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 2013 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 2014 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 2015 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 2016 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 2017 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 2018/* Unused ring 2019 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 2020*/ 2021 2022 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 2023 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 2024 /* Save the reason bitmasks for the IRQ thread handler. */ 2025 dev->irq_reason = reason; 2026 2027 return IRQ_WAKE_THREAD; 2028} 2029 2030/* Interrupt handler top-half. This runs with interrupts disabled. */ 2031static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 2032{ 2033 struct b43_wldev *dev = dev_id; 2034 irqreturn_t ret; 2035 2036 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 2037 return IRQ_NONE; 2038 2039 spin_lock(&dev->wl->hardirq_lock); 2040 ret = b43_do_interrupt(dev); 2041 mmiowb(); 2042 spin_unlock(&dev->wl->hardirq_lock); 2043 2044 return ret; 2045} 2046 2047/* SDIO interrupt handler. This runs in process context. */ 2048static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 2049{ 2050 struct b43_wl *wl = dev->wl; 2051 irqreturn_t ret; 2052 2053 mutex_lock(&wl->mutex); 2054 2055 ret = b43_do_interrupt(dev); 2056 if (ret == IRQ_WAKE_THREAD) 2057 b43_do_interrupt_thread(dev); 2058 2059 mutex_unlock(&wl->mutex); 2060} 2061 2062void b43_do_release_fw(struct b43_firmware_file *fw) 2063{ 2064 release_firmware(fw->data); 2065 fw->data = NULL; 2066 fw->filename = NULL; 2067} 2068 2069static void b43_release_firmware(struct b43_wldev *dev) 2070{ 2071 b43_do_release_fw(&dev->fw.ucode); 2072 b43_do_release_fw(&dev->fw.pcm); 2073 b43_do_release_fw(&dev->fw.initvals); 2074 b43_do_release_fw(&dev->fw.initvals_band); 2075} 2076 2077static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 2078{ 2079 const char text[] = 2080 "You must go to " \ 2081 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 2082 "and download the correct firmware for this driver version. " \ 2083 "Please carefully read all instructions on this website.\n"; 2084 2085 if (error) 2086 b43err(wl, text); 2087 else 2088 b43warn(wl, text); 2089} 2090 2091int b43_do_request_fw(struct b43_request_fw_context *ctx, 2092 const char *name, 2093 struct b43_firmware_file *fw) 2094{ 2095 const struct firmware *blob; 2096 struct b43_fw_header *hdr; 2097 u32 size; 2098 int err; 2099 2100 if (!name) { 2101 /* Don't fetch anything. Free possibly cached firmware. */ 2102 /* FIXME: We should probably keep it anyway, to save some headache 2103 * on suspend/resume with multiband devices. */ 2104 b43_do_release_fw(fw); 2105 return 0; 2106 } 2107 if (fw->filename) { 2108 if ((fw->type == ctx->req_type) && 2109 (strcmp(fw->filename, name) == 0)) 2110 return 0; /* Already have this fw. */ 2111 /* Free the cached firmware first. */ 2112 /* FIXME: We should probably do this later after we successfully 2113 * got the new fw. This could reduce headache with multiband devices. 2114 * We could also redesign this to cache the firmware for all possible 2115 * bands all the time. */ 2116 b43_do_release_fw(fw); 2117 } 2118 2119 switch (ctx->req_type) { 2120 case B43_FWTYPE_PROPRIETARY: 2121 snprintf(ctx->fwname, sizeof(ctx->fwname), 2122 "b43%s/%s.fw", 2123 modparam_fwpostfix, name); 2124 break; 2125 case B43_FWTYPE_OPENSOURCE: 2126 snprintf(ctx->fwname, sizeof(ctx->fwname), 2127 "b43-open%s/%s.fw", 2128 modparam_fwpostfix, name); 2129 break; 2130 default: 2131 B43_WARN_ON(1); 2132 return -ENOSYS; 2133 } 2134 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2135 if (err == -ENOENT) { 2136 snprintf(ctx->errors[ctx->req_type], 2137 sizeof(ctx->errors[ctx->req_type]), 2138 "Firmware file \"%s\" not found\n", ctx->fwname); 2139 return err; 2140 } else if (err) { 2141 snprintf(ctx->errors[ctx->req_type], 2142 sizeof(ctx->errors[ctx->req_type]), 2143 "Firmware file \"%s\" request failed (err=%d)\n", 2144 ctx->fwname, err); 2145 return err; 2146 } 2147 if (blob->size < sizeof(struct b43_fw_header)) 2148 goto err_format; 2149 hdr = (struct b43_fw_header *)(blob->data); 2150 switch (hdr->type) { 2151 case B43_FW_TYPE_UCODE: 2152 case B43_FW_TYPE_PCM: 2153 size = be32_to_cpu(hdr->size); 2154 if (size != blob->size - sizeof(struct b43_fw_header)) 2155 goto err_format; 2156 /* fallthrough */ 2157 case B43_FW_TYPE_IV: 2158 if (hdr->ver != 1) 2159 goto err_format; 2160 break; 2161 default: 2162 goto err_format; 2163 } 2164 2165 fw->data = blob; 2166 fw->filename = name; 2167 fw->type = ctx->req_type; 2168 2169 return 0; 2170 2171err_format: 2172 snprintf(ctx->errors[ctx->req_type], 2173 sizeof(ctx->errors[ctx->req_type]), 2174 "Firmware file \"%s\" format error.\n", ctx->fwname); 2175 release_firmware(blob); 2176 2177 return -EPROTO; 2178} 2179 2180static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2181{ 2182 struct b43_wldev *dev = ctx->dev; 2183 struct b43_firmware *fw = &ctx->dev->fw; 2184 const u8 rev = ctx->dev->dev->core_rev; 2185 const char *filename; 2186 u32 tmshigh; 2187 int err; 2188 2189 /* Files for HT and LCN were found by trying one by one */ 2190 2191 /* Get microcode */ 2192 if ((rev >= 5) && (rev <= 10)) { 2193 filename = "ucode5"; 2194 } else if ((rev >= 11) && (rev <= 12)) { 2195 filename = "ucode11"; 2196 } else if (rev == 13) { 2197 filename = "ucode13"; 2198 } else if (rev == 14) { 2199 filename = "ucode14"; 2200 } else if (rev == 15) { 2201 filename = "ucode15"; 2202 } else { 2203 switch (dev->phy.type) { 2204 case B43_PHYTYPE_N: 2205 if (rev >= 16) 2206 filename = "ucode16_mimo"; 2207 else 2208 goto err_no_ucode; 2209 break; 2210 case B43_PHYTYPE_HT: 2211 if (rev == 29) 2212 filename = "ucode29_mimo"; 2213 else 2214 goto err_no_ucode; 2215 break; 2216 case B43_PHYTYPE_LCN: 2217 if (rev == 24) 2218 filename = "ucode24_mimo"; 2219 else 2220 goto err_no_ucode; 2221 break; 2222 default: 2223 goto err_no_ucode; 2224 } 2225 } 2226 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2227 if (err) 2228 goto err_load; 2229 2230 /* Get PCM code */ 2231 if ((rev >= 5) && (rev <= 10)) 2232 filename = "pcm5"; 2233 else if (rev >= 11) 2234 filename = NULL; 2235 else 2236 goto err_no_pcm; 2237 fw->pcm_request_failed = false; 2238 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2239 if (err == -ENOENT) { 2240 /* We did not find a PCM file? Not fatal, but 2241 * core rev <= 10 must do without hwcrypto then. */ 2242 fw->pcm_request_failed = true; 2243 } else if (err) 2244 goto err_load; 2245 2246 /* Get initvals */ 2247 switch (dev->phy.type) { 2248 case B43_PHYTYPE_A: 2249 if ((rev >= 5) && (rev <= 10)) { 2250 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH); 2251 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2252 filename = "a0g1initvals5"; 2253 else 2254 filename = "a0g0initvals5"; 2255 } else 2256 goto err_no_initvals; 2257 break; 2258 case B43_PHYTYPE_G: 2259 if ((rev >= 5) && (rev <= 10)) 2260 filename = "b0g0initvals5"; 2261 else if (rev >= 13) 2262 filename = "b0g0initvals13"; 2263 else 2264 goto err_no_initvals; 2265 break; 2266 case B43_PHYTYPE_N: 2267 if (rev >= 16) 2268 filename = "n0initvals16"; 2269 else if ((rev >= 11) && (rev <= 12)) 2270 filename = "n0initvals11"; 2271 else 2272 goto err_no_initvals; 2273 break; 2274 case B43_PHYTYPE_LP: 2275 if (rev == 13) 2276 filename = "lp0initvals13"; 2277 else if (rev == 14) 2278 filename = "lp0initvals14"; 2279 else if (rev >= 15) 2280 filename = "lp0initvals15"; 2281 else 2282 goto err_no_initvals; 2283 break; 2284 case B43_PHYTYPE_HT: 2285 if (rev == 29) 2286 filename = "ht0initvals29"; 2287 else 2288 goto err_no_initvals; 2289 break; 2290 case B43_PHYTYPE_LCN: 2291 if (rev == 24) 2292 filename = "lcn0initvals24"; 2293 else 2294 goto err_no_initvals; 2295 break; 2296 default: 2297 goto err_no_initvals; 2298 } 2299 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2300 if (err) 2301 goto err_load; 2302 2303 /* Get bandswitch initvals */ 2304 switch (dev->phy.type) { 2305 case B43_PHYTYPE_A: 2306 if ((rev >= 5) && (rev <= 10)) { 2307 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH); 2308 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2309 filename = "a0g1bsinitvals5"; 2310 else 2311 filename = "a0g0bsinitvals5"; 2312 } else if (rev >= 11) 2313 filename = NULL; 2314 else 2315 goto err_no_initvals; 2316 break; 2317 case B43_PHYTYPE_G: 2318 if ((rev >= 5) && (rev <= 10)) 2319 filename = "b0g0bsinitvals5"; 2320 else if (rev >= 11) 2321 filename = NULL; 2322 else 2323 goto err_no_initvals; 2324 break; 2325 case B43_PHYTYPE_N: 2326 if (rev >= 16) 2327 filename = "n0bsinitvals16"; 2328 else if ((rev >= 11) && (rev <= 12)) 2329 filename = "n0bsinitvals11"; 2330 else 2331 goto err_no_initvals; 2332 break; 2333 case B43_PHYTYPE_LP: 2334 if (rev == 13) 2335 filename = "lp0bsinitvals13"; 2336 else if (rev == 14) 2337 filename = "lp0bsinitvals14"; 2338 else if (rev >= 15) 2339 filename = "lp0bsinitvals15"; 2340 else 2341 goto err_no_initvals; 2342 break; 2343 case B43_PHYTYPE_HT: 2344 if (rev == 29) 2345 filename = "ht0bsinitvals29"; 2346 else 2347 goto err_no_initvals; 2348 break; 2349 case B43_PHYTYPE_LCN: 2350 if (rev == 24) 2351 filename = "lcn0bsinitvals24"; 2352 else 2353 goto err_no_initvals; 2354 break; 2355 default: 2356 goto err_no_initvals; 2357 } 2358 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2359 if (err) 2360 goto err_load; 2361 2362 return 0; 2363 2364err_no_ucode: 2365 err = ctx->fatal_failure = -EOPNOTSUPP; 2366 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2367 "is required for your device (wl-core rev %u)\n", rev); 2368 goto error; 2369 2370err_no_pcm: 2371 err = ctx->fatal_failure = -EOPNOTSUPP; 2372 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2373 "is required for your device (wl-core rev %u)\n", rev); 2374 goto error; 2375 2376err_no_initvals: 2377 err = ctx->fatal_failure = -EOPNOTSUPP; 2378 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2379 "is required for your device (wl-core rev %u)\n", rev); 2380 goto error; 2381 2382err_load: 2383 /* We failed to load this firmware image. The error message 2384 * already is in ctx->errors. Return and let our caller decide 2385 * what to do. */ 2386 goto error; 2387 2388error: 2389 b43_release_firmware(dev); 2390 return err; 2391} 2392 2393static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl); 2394static void b43_one_core_detach(struct b43_bus_dev *dev); 2395 2396static void b43_request_firmware(struct work_struct *work) 2397{ 2398 struct b43_wl *wl = container_of(work, 2399 struct b43_wl, firmware_load); 2400 struct b43_wldev *dev = wl->current_dev; 2401 struct b43_request_fw_context *ctx; 2402 unsigned int i; 2403 int err; 2404 const char *errmsg; 2405 2406 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2407 if (!ctx) 2408 return; 2409 ctx->dev = dev; 2410 2411 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2412 err = b43_try_request_fw(ctx); 2413 if (!err) 2414 goto start_ieee80211; /* Successfully loaded it. */ 2415 /* Was fw version known? */ 2416 if (ctx->fatal_failure) 2417 goto out; 2418 2419 /* proprietary fw not found, try open source */ 2420 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2421 err = b43_try_request_fw(ctx); 2422 if (!err) 2423 goto start_ieee80211; /* Successfully loaded it. */ 2424 if(ctx->fatal_failure) 2425 goto out; 2426 2427 /* Could not find a usable firmware. Print the errors. */ 2428 for (i = 0; i < B43_NR_FWTYPES; i++) { 2429 errmsg = ctx->errors[i]; 2430 if (strlen(errmsg)) 2431 b43err(dev->wl, errmsg); 2432 } 2433 b43_print_fw_helptext(dev->wl, 1); 2434 goto out; 2435 2436start_ieee80211: 2437 err = ieee80211_register_hw(wl->hw); 2438 if (err) 2439 goto err_one_core_detach; 2440 b43_leds_register(wl->current_dev); 2441 goto out; 2442 2443err_one_core_detach: 2444 b43_one_core_detach(dev->dev); 2445 2446out: 2447 kfree(ctx); 2448} 2449 2450static int b43_upload_microcode(struct b43_wldev *dev) 2451{ 2452 struct wiphy *wiphy = dev->wl->hw->wiphy; 2453 const size_t hdr_len = sizeof(struct b43_fw_header); 2454 const __be32 *data; 2455 unsigned int i, len; 2456 u16 fwrev, fwpatch, fwdate, fwtime; 2457 u32 tmp, macctl; 2458 int err = 0; 2459 2460 /* Jump the microcode PSM to offset 0 */ 2461 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2462 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2463 macctl |= B43_MACCTL_PSM_JMP0; 2464 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2465 /* Zero out all microcode PSM registers and shared memory. */ 2466 for (i = 0; i < 64; i++) 2467 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2468 for (i = 0; i < 4096; i += 2) 2469 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2470 2471 /* Upload Microcode. */ 2472 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2473 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2474 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2475 for (i = 0; i < len; i++) { 2476 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2477 udelay(10); 2478 } 2479 2480 if (dev->fw.pcm.data) { 2481 /* Upload PCM data. */ 2482 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2483 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2484 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2485 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2486 /* No need for autoinc bit in SHM_HW */ 2487 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2488 for (i = 0; i < len; i++) { 2489 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2490 udelay(10); 2491 } 2492 } 2493 2494 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2495 2496 /* Start the microcode PSM */ 2497 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_JMP0, 2498 B43_MACCTL_PSM_RUN); 2499 2500 /* Wait for the microcode to load and respond */ 2501 i = 0; 2502 while (1) { 2503 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2504 if (tmp == B43_IRQ_MAC_SUSPENDED) 2505 break; 2506 i++; 2507 if (i >= 20) { 2508 b43err(dev->wl, "Microcode not responding\n"); 2509 b43_print_fw_helptext(dev->wl, 1); 2510 err = -ENODEV; 2511 goto error; 2512 } 2513 msleep(50); 2514 } 2515 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2516 2517 /* Get and check the revisions. */ 2518 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2519 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2520 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2521 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2522 2523 if (fwrev <= 0x128) { 2524 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2525 "binary drivers older than version 4.x is unsupported. " 2526 "You must upgrade your firmware files.\n"); 2527 b43_print_fw_helptext(dev->wl, 1); 2528 err = -EOPNOTSUPP; 2529 goto error; 2530 } 2531 dev->fw.rev = fwrev; 2532 dev->fw.patch = fwpatch; 2533 if (dev->fw.rev >= 598) 2534 dev->fw.hdr_format = B43_FW_HDR_598; 2535 else if (dev->fw.rev >= 410) 2536 dev->fw.hdr_format = B43_FW_HDR_410; 2537 else 2538 dev->fw.hdr_format = B43_FW_HDR_351; 2539 dev->fw.opensource = (fwdate == 0xFFFF); 2540 2541 /* Default to use-all-queues. */ 2542 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2543 dev->qos_enabled = !!modparam_qos; 2544 /* Default to firmware/hardware crypto acceleration. */ 2545 dev->hwcrypto_enabled = true; 2546 2547 if (dev->fw.opensource) { 2548 u16 fwcapa; 2549 2550 /* Patchlevel info is encoded in the "time" field. */ 2551 dev->fw.patch = fwtime; 2552 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2553 dev->fw.rev, dev->fw.patch); 2554 2555 fwcapa = b43_fwcapa_read(dev); 2556 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2557 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2558 /* Disable hardware crypto and fall back to software crypto. */ 2559 dev->hwcrypto_enabled = false; 2560 } 2561 if (!(fwcapa & B43_FWCAPA_QOS)) { 2562 b43info(dev->wl, "QoS not supported by firmware\n"); 2563 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2564 * ieee80211_unregister to make sure the networking core can 2565 * properly free possible resources. */ 2566 dev->wl->hw->queues = 1; 2567 dev->qos_enabled = false; 2568 } 2569 } else { 2570 b43info(dev->wl, "Loading firmware version %u.%u " 2571 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2572 fwrev, fwpatch, 2573 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2574 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2575 if (dev->fw.pcm_request_failed) { 2576 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2577 "Hardware accelerated cryptography is disabled.\n"); 2578 b43_print_fw_helptext(dev->wl, 0); 2579 } 2580 } 2581 2582 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u", 2583 dev->fw.rev, dev->fw.patch); 2584 wiphy->hw_version = dev->dev->core_id; 2585 2586 if (dev->fw.hdr_format == B43_FW_HDR_351) { 2587 /* We're over the deadline, but we keep support for old fw 2588 * until it turns out to be in major conflict with something new. */ 2589 b43warn(dev->wl, "You are using an old firmware image. " 2590 "Support for old firmware will be removed soon " 2591 "(official deadline was July 2008).\n"); 2592 b43_print_fw_helptext(dev->wl, 0); 2593 } 2594 2595 return 0; 2596 2597error: 2598 /* Stop the microcode PSM. */ 2599 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN, 2600 B43_MACCTL_PSM_JMP0); 2601 2602 return err; 2603} 2604 2605static int b43_write_initvals(struct b43_wldev *dev, 2606 const struct b43_iv *ivals, 2607 size_t count, 2608 size_t array_size) 2609{ 2610 const struct b43_iv *iv; 2611 u16 offset; 2612 size_t i; 2613 bool bit32; 2614 2615 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2616 iv = ivals; 2617 for (i = 0; i < count; i++) { 2618 if (array_size < sizeof(iv->offset_size)) 2619 goto err_format; 2620 array_size -= sizeof(iv->offset_size); 2621 offset = be16_to_cpu(iv->offset_size); 2622 bit32 = !!(offset & B43_IV_32BIT); 2623 offset &= B43_IV_OFFSET_MASK; 2624 if (offset >= 0x1000) 2625 goto err_format; 2626 if (bit32) { 2627 u32 value; 2628 2629 if (array_size < sizeof(iv->data.d32)) 2630 goto err_format; 2631 array_size -= sizeof(iv->data.d32); 2632 2633 value = get_unaligned_be32(&iv->data.d32); 2634 b43_write32(dev, offset, value); 2635 2636 iv = (const struct b43_iv *)((const uint8_t *)iv + 2637 sizeof(__be16) + 2638 sizeof(__be32)); 2639 } else { 2640 u16 value; 2641 2642 if (array_size < sizeof(iv->data.d16)) 2643 goto err_format; 2644 array_size -= sizeof(iv->data.d16); 2645 2646 value = be16_to_cpu(iv->data.d16); 2647 b43_write16(dev, offset, value); 2648 2649 iv = (const struct b43_iv *)((const uint8_t *)iv + 2650 sizeof(__be16) + 2651 sizeof(__be16)); 2652 } 2653 } 2654 if (array_size) 2655 goto err_format; 2656 2657 return 0; 2658 2659err_format: 2660 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2661 b43_print_fw_helptext(dev->wl, 1); 2662 2663 return -EPROTO; 2664} 2665 2666static int b43_upload_initvals(struct b43_wldev *dev) 2667{ 2668 const size_t hdr_len = sizeof(struct b43_fw_header); 2669 const struct b43_fw_header *hdr; 2670 struct b43_firmware *fw = &dev->fw; 2671 const struct b43_iv *ivals; 2672 size_t count; 2673 int err; 2674 2675 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2676 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2677 count = be32_to_cpu(hdr->size); 2678 err = b43_write_initvals(dev, ivals, count, 2679 fw->initvals.data->size - hdr_len); 2680 if (err) 2681 goto out; 2682 if (fw->initvals_band.data) { 2683 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2684 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2685 count = be32_to_cpu(hdr->size); 2686 err = b43_write_initvals(dev, ivals, count, 2687 fw->initvals_band.data->size - hdr_len); 2688 if (err) 2689 goto out; 2690 } 2691out: 2692 2693 return err; 2694} 2695 2696/* Initialize the GPIOs 2697 * http://bcm-specs.sipsolutions.net/GPIO 2698 */ 2699static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev) 2700{ 2701 struct ssb_bus *bus = dev->dev->sdev->bus; 2702 2703#ifdef CONFIG_SSB_DRIVER_PCICORE 2704 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev); 2705#else 2706 return bus->chipco.dev; 2707#endif 2708} 2709 2710static int b43_gpio_init(struct b43_wldev *dev) 2711{ 2712 struct ssb_device *gpiodev; 2713 u32 mask, set; 2714 2715 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_GPOUTSMSK, 0); 2716 b43_maskset16(dev, B43_MMIO_GPIO_MASK, ~0, 0xF); 2717 2718 mask = 0x0000001F; 2719 set = 0x0000000F; 2720 if (dev->dev->chip_id == 0x4301) { 2721 mask |= 0x0060; 2722 set |= 0x0060; 2723 } 2724 if (dev->dev->chip_id == 0x5354) 2725 set &= 0xff02; 2726 if (0 /* FIXME: conditional unknown */ ) { 2727 b43_write16(dev, B43_MMIO_GPIO_MASK, 2728 b43_read16(dev, B43_MMIO_GPIO_MASK) 2729 | 0x0100); 2730 mask |= 0x0180; 2731 set |= 0x0180; 2732 } 2733 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) { 2734 b43_write16(dev, B43_MMIO_GPIO_MASK, 2735 b43_read16(dev, B43_MMIO_GPIO_MASK) 2736 | 0x0200); 2737 mask |= 0x0200; 2738 set |= 0x0200; 2739 } 2740 if (dev->dev->core_rev >= 2) 2741 mask |= 0x0010; /* FIXME: This is redundant. */ 2742 2743 switch (dev->dev->bus_type) { 2744#ifdef CONFIG_B43_BCMA 2745 case B43_BUS_BCMA: 2746 bcma_cc_write32(&dev->dev->bdev->bus->drv_cc, BCMA_CC_GPIOCTL, 2747 (bcma_cc_read32(&dev->dev->bdev->bus->drv_cc, 2748 BCMA_CC_GPIOCTL) & mask) | set); 2749 break; 2750#endif 2751#ifdef CONFIG_B43_SSB 2752 case B43_BUS_SSB: 2753 gpiodev = b43_ssb_gpio_dev(dev); 2754 if (gpiodev) 2755 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2756 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2757 & mask) | set); 2758 break; 2759#endif 2760 } 2761 2762 return 0; 2763} 2764 2765/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2766static void b43_gpio_cleanup(struct b43_wldev *dev) 2767{ 2768 struct ssb_device *gpiodev; 2769 2770 switch (dev->dev->bus_type) { 2771#ifdef CONFIG_B43_BCMA 2772 case B43_BUS_BCMA: 2773 bcma_cc_write32(&dev->dev->bdev->bus->drv_cc, BCMA_CC_GPIOCTL, 2774 0); 2775 break; 2776#endif 2777#ifdef CONFIG_B43_SSB 2778 case B43_BUS_SSB: 2779 gpiodev = b43_ssb_gpio_dev(dev); 2780 if (gpiodev) 2781 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2782 break; 2783#endif 2784 } 2785} 2786 2787/* http://bcm-specs.sipsolutions.net/EnableMac */ 2788void b43_mac_enable(struct b43_wldev *dev) 2789{ 2790 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2791 u16 fwstate; 2792 2793 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2794 B43_SHM_SH_UCODESTAT); 2795 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2796 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2797 b43err(dev->wl, "b43_mac_enable(): The firmware " 2798 "should be suspended, but current state is %u\n", 2799 fwstate); 2800 } 2801 } 2802 2803 dev->mac_suspended--; 2804 B43_WARN_ON(dev->mac_suspended < 0); 2805 if (dev->mac_suspended == 0) { 2806 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_ENABLED); 2807 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2808 B43_IRQ_MAC_SUSPENDED); 2809 /* Commit writes */ 2810 b43_read32(dev, B43_MMIO_MACCTL); 2811 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2812 b43_power_saving_ctl_bits(dev, 0); 2813 } 2814} 2815 2816/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2817void b43_mac_suspend(struct b43_wldev *dev) 2818{ 2819 int i; 2820 u32 tmp; 2821 2822 might_sleep(); 2823 B43_WARN_ON(dev->mac_suspended < 0); 2824 2825 if (dev->mac_suspended == 0) { 2826 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2827 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_ENABLED, 0); 2828 /* force pci to flush the write */ 2829 b43_read32(dev, B43_MMIO_MACCTL); 2830 for (i = 35; i; i--) { 2831 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2832 if (tmp & B43_IRQ_MAC_SUSPENDED) 2833 goto out; 2834 udelay(10); 2835 } 2836 /* Hm, it seems this will take some time. Use msleep(). */ 2837 for (i = 40; i; i--) { 2838 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2839 if (tmp & B43_IRQ_MAC_SUSPENDED) 2840 goto out; 2841 msleep(1); 2842 } 2843 b43err(dev->wl, "MAC suspend failed\n"); 2844 } 2845out: 2846 dev->mac_suspended++; 2847} 2848 2849/* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */ 2850void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on) 2851{ 2852 u32 tmp; 2853 2854 switch (dev->dev->bus_type) { 2855#ifdef CONFIG_B43_BCMA 2856 case B43_BUS_BCMA: 2857 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL); 2858 if (on) 2859 tmp |= B43_BCMA_IOCTL_MACPHYCLKEN; 2860 else 2861 tmp &= ~B43_BCMA_IOCTL_MACPHYCLKEN; 2862 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp); 2863 break; 2864#endif 2865#ifdef CONFIG_B43_SSB 2866 case B43_BUS_SSB: 2867 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW); 2868 if (on) 2869 tmp |= B43_TMSLOW_MACPHYCLKEN; 2870 else 2871 tmp &= ~B43_TMSLOW_MACPHYCLKEN; 2872 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp); 2873 break; 2874#endif 2875 } 2876} 2877 2878static void b43_adjust_opmode(struct b43_wldev *dev) 2879{ 2880 struct b43_wl *wl = dev->wl; 2881 u32 ctl; 2882 u16 cfp_pretbtt; 2883 2884 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2885 /* Reset status to STA infrastructure mode. */ 2886 ctl &= ~B43_MACCTL_AP; 2887 ctl &= ~B43_MACCTL_KEEP_CTL; 2888 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2889 ctl &= ~B43_MACCTL_KEEP_BAD; 2890 ctl &= ~B43_MACCTL_PROMISC; 2891 ctl &= ~B43_MACCTL_BEACPROMISC; 2892 ctl |= B43_MACCTL_INFRA; 2893 2894 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2895 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2896 ctl |= B43_MACCTL_AP; 2897 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2898 ctl &= ~B43_MACCTL_INFRA; 2899 2900 if (wl->filter_flags & FIF_CONTROL) 2901 ctl |= B43_MACCTL_KEEP_CTL; 2902 if (wl->filter_flags & FIF_FCSFAIL) 2903 ctl |= B43_MACCTL_KEEP_BAD; 2904 if (wl->filter_flags & FIF_PLCPFAIL) 2905 ctl |= B43_MACCTL_KEEP_BADPLCP; 2906 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2907 ctl |= B43_MACCTL_PROMISC; 2908 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2909 ctl |= B43_MACCTL_BEACPROMISC; 2910 2911 /* Workaround: On old hardware the HW-MAC-address-filter 2912 * doesn't work properly, so always run promisc in filter 2913 * it in software. */ 2914 if (dev->dev->core_rev <= 4) 2915 ctl |= B43_MACCTL_PROMISC; 2916 2917 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2918 2919 cfp_pretbtt = 2; 2920 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2921 if (dev->dev->chip_id == 0x4306 && 2922 dev->dev->chip_rev == 3) 2923 cfp_pretbtt = 100; 2924 else 2925 cfp_pretbtt = 50; 2926 } 2927 b43_write16(dev, 0x612, cfp_pretbtt); 2928 2929 /* FIXME: We don't currently implement the PMQ mechanism, 2930 * so always disable it. If we want to implement PMQ, 2931 * we need to enable it here (clear DISCPMQ) in AP mode. 2932 */ 2933 if (0 /* ctl & B43_MACCTL_AP */) 2934 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_DISCPMQ, 0); 2935 else 2936 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_DISCPMQ); 2937} 2938 2939static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2940{ 2941 u16 offset; 2942 2943 if (is_ofdm) { 2944 offset = 0x480; 2945 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2946 } else { 2947 offset = 0x4C0; 2948 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2949 } 2950 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2951 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2952} 2953 2954static void b43_rate_memory_init(struct b43_wldev *dev) 2955{ 2956 switch (dev->phy.type) { 2957 case B43_PHYTYPE_A: 2958 case B43_PHYTYPE_G: 2959 case B43_PHYTYPE_N: 2960 case B43_PHYTYPE_LP: 2961 case B43_PHYTYPE_HT: 2962 case B43_PHYTYPE_LCN: 2963 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2964 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2965 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2966 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2967 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2968 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2969 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2970 if (dev->phy.type == B43_PHYTYPE_A) 2971 break; 2972 /* fallthrough */ 2973 case B43_PHYTYPE_B: 2974 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2975 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2976 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2977 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2978 break; 2979 default: 2980 B43_WARN_ON(1); 2981 } 2982} 2983 2984/* Set the default values for the PHY TX Control Words. */ 2985static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2986{ 2987 u16 ctl = 0; 2988 2989 ctl |= B43_TXH_PHY_ENC_CCK; 2990 ctl |= B43_TXH_PHY_ANT01AUTO; 2991 ctl |= B43_TXH_PHY_TXPWR; 2992 2993 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2994 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2995 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2996} 2997 2998/* Set the TX-Antenna for management frames sent by firmware. */ 2999static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 3000{ 3001 u16 ant; 3002 u16 tmp; 3003 3004 ant = b43_antenna_to_phyctl(antenna); 3005 3006 /* For ACK/CTS */ 3007 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 3008 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 3009 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 3010 /* For Probe Resposes */ 3011 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 3012 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 3013 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 3014} 3015 3016/* This is the opposite of b43_chip_init() */ 3017static void b43_chip_exit(struct b43_wldev *dev) 3018{ 3019 b43_phy_exit(dev); 3020 b43_gpio_cleanup(dev); 3021 /* firmware is released later */ 3022} 3023 3024/* Initialize the chip 3025 * http://bcm-specs.sipsolutions.net/ChipInit 3026 */ 3027static int b43_chip_init(struct b43_wldev *dev) 3028{ 3029 struct b43_phy *phy = &dev->phy; 3030 int err; 3031 u32 macctl; 3032 u16 value16; 3033 3034 /* Initialize the MAC control */ 3035 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 3036 if (dev->phy.gmode) 3037 macctl |= B43_MACCTL_GMODE; 3038 macctl |= B43_MACCTL_INFRA; 3039 b43_write32(dev, B43_MMIO_MACCTL, macctl); 3040 3041 err = b43_upload_microcode(dev); 3042 if (err) 3043 goto out; /* firmware is released later */ 3044 3045 err = b43_gpio_init(dev); 3046 if (err) 3047 goto out; /* firmware is released later */ 3048 3049 err = b43_upload_initvals(dev); 3050 if (err) 3051 goto err_gpio_clean; 3052 3053 /* Turn the Analog on and initialize the PHY. */ 3054 phy->ops->switch_analog(dev, 1); 3055 err = b43_phy_init(dev); 3056 if (err) 3057 goto err_gpio_clean; 3058 3059 /* Disable Interference Mitigation. */ 3060 if (phy->ops->interf_mitigation) 3061 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 3062 3063 /* Select the antennae */ 3064 if (phy->ops->set_rx_antenna) 3065 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 3066 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 3067 3068 if (phy->type == B43_PHYTYPE_B) { 3069 value16 = b43_read16(dev, 0x005E); 3070 value16 |= 0x0004; 3071 b43_write16(dev, 0x005E, value16); 3072 } 3073 b43_write32(dev, 0x0100, 0x01000000); 3074 if (dev->dev->core_rev < 5) 3075 b43_write32(dev, 0x010C, 0x01000000); 3076 3077 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_INFRA, 0); 3078 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_INFRA); 3079 3080 /* Probe Response Timeout value */ 3081 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 3082 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 3083 3084 /* Initially set the wireless operation mode. */ 3085 b43_adjust_opmode(dev); 3086 3087 if (dev->dev->core_rev < 3) { 3088 b43_write16(dev, 0x060E, 0x0000); 3089 b43_write16(dev, 0x0610, 0x8000); 3090 b43_write16(dev, 0x0604, 0x0000); 3091 b43_write16(dev, 0x0606, 0x0200); 3092 } else { 3093 b43_write32(dev, 0x0188, 0x80000000); 3094 b43_write32(dev, 0x018C, 0x02000000); 3095 } 3096 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 3097 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 3098 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 3099 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 3100 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 3101 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 3102 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 3103 3104 b43_mac_phy_clock_set(dev, true); 3105 3106 switch (dev->dev->bus_type) { 3107#ifdef CONFIG_B43_BCMA 3108 case B43_BUS_BCMA: 3109 /* FIXME: 0xE74 is quite common, but should be read from CC */ 3110 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 0xE74); 3111 break; 3112#endif 3113#ifdef CONFIG_B43_SSB 3114 case B43_BUS_SSB: 3115 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 3116 dev->dev->sdev->bus->chipco.fast_pwrup_delay); 3117 break; 3118#endif 3119 } 3120 3121 err = 0; 3122 b43dbg(dev->wl, "Chip initialized\n"); 3123out: 3124 return err; 3125 3126err_gpio_clean: 3127 b43_gpio_cleanup(dev); 3128 return err; 3129} 3130 3131static void b43_periodic_every60sec(struct b43_wldev *dev) 3132{ 3133 const struct b43_phy_operations *ops = dev->phy.ops; 3134 3135 if (ops->pwork_60sec) 3136 ops->pwork_60sec(dev); 3137 3138 /* Force check the TX power emission now. */ 3139 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 3140} 3141 3142static void b43_periodic_every30sec(struct b43_wldev *dev) 3143{ 3144 /* Update device statistics. */ 3145 b43_calculate_link_quality(dev); 3146} 3147 3148static void b43_periodic_every15sec(struct b43_wldev *dev) 3149{ 3150 struct b43_phy *phy = &dev->phy; 3151 u16 wdr; 3152 3153 if (dev->fw.opensource) { 3154 /* Check if the firmware is still alive. 3155 * It will reset the watchdog counter to 0 in its idle loop. */ 3156 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 3157 if (unlikely(wdr)) { 3158 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 3159 b43_controller_restart(dev, "Firmware watchdog"); 3160 return; 3161 } else { 3162 b43_shm_write16(dev, B43_SHM_SCRATCH, 3163 B43_WATCHDOG_REG, 1); 3164 } 3165 } 3166 3167 if (phy->ops->pwork_15sec) 3168 phy->ops->pwork_15sec(dev); 3169 3170 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3171 wmb(); 3172 3173#if B43_DEBUG 3174 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 3175 unsigned int i; 3176 3177 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 3178 dev->irq_count / 15, 3179 dev->tx_count / 15, 3180 dev->rx_count / 15); 3181 dev->irq_count = 0; 3182 dev->tx_count = 0; 3183 dev->rx_count = 0; 3184 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 3185 if (dev->irq_bit_count[i]) { 3186 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 3187 dev->irq_bit_count[i] / 15, i, (1 << i)); 3188 dev->irq_bit_count[i] = 0; 3189 } 3190 } 3191 } 3192#endif 3193} 3194 3195static void do_periodic_work(struct b43_wldev *dev) 3196{ 3197 unsigned int state; 3198 3199 state = dev->periodic_state; 3200 if (state % 4 == 0) 3201 b43_periodic_every60sec(dev); 3202 if (state % 2 == 0) 3203 b43_periodic_every30sec(dev); 3204 b43_periodic_every15sec(dev); 3205} 3206 3207/* Periodic work locking policy: 3208 * The whole periodic work handler is protected by 3209 * wl->mutex. If another lock is needed somewhere in the 3210 * pwork callchain, it's acquired in-place, where it's needed. 3211 */ 3212static void b43_periodic_work_handler(struct work_struct *work) 3213{ 3214 struct b43_wldev *dev = container_of(work, struct b43_wldev, 3215 periodic_work.work); 3216 struct b43_wl *wl = dev->wl; 3217 unsigned long delay; 3218 3219 mutex_lock(&wl->mutex); 3220 3221 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 3222 goto out; 3223 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 3224 goto out_requeue; 3225 3226 do_periodic_work(dev); 3227 3228 dev->periodic_state++; 3229out_requeue: 3230 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 3231 delay = msecs_to_jiffies(50); 3232 else 3233 delay = round_jiffies_relative(HZ * 15); 3234 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 3235out: 3236 mutex_unlock(&wl->mutex); 3237} 3238 3239static void b43_periodic_tasks_setup(struct b43_wldev *dev) 3240{ 3241 struct delayed_work *work = &dev->periodic_work; 3242 3243 dev->periodic_state = 0; 3244 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 3245 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 3246} 3247 3248/* Check if communication with the device works correctly. */ 3249static int b43_validate_chipaccess(struct b43_wldev *dev) 3250{ 3251 u32 v, backup0, backup4; 3252 3253 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3254 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3255 3256 /* Check for read/write and endianness problems. */ 3257 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3258 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3259 goto error; 3260 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3261 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3262 goto error; 3263 3264 /* Check if unaligned 32bit SHM_SHARED access works properly. 3265 * However, don't bail out on failure, because it's noncritical. */ 3266 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3267 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3268 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3269 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3270 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3271 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3272 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3273 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3274 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3275 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3276 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3277 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3278 3279 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3280 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3281 3282 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) { 3283 /* The 32bit register shadows the two 16bit registers 3284 * with update sideeffects. Validate this. */ 3285 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3286 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3287 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3288 goto error; 3289 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3290 goto error; 3291 } 3292 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3293 3294 v = b43_read32(dev, B43_MMIO_MACCTL); 3295 v |= B43_MACCTL_GMODE; 3296 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3297 goto error; 3298 3299 return 0; 3300error: 3301 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3302 return -ENODEV; 3303} 3304 3305static void b43_security_init(struct b43_wldev *dev) 3306{ 3307 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3308 /* KTP is a word address, but we address SHM bytewise. 3309 * So multiply by two. 3310 */ 3311 dev->ktp *= 2; 3312 /* Number of RCMTA address slots */ 3313 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3314 /* Clear the key memory. */ 3315 b43_clear_keys(dev); 3316} 3317 3318#ifdef CONFIG_B43_HWRNG 3319static int b43_rng_read(struct hwrng *rng, u32 *data) 3320{ 3321 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3322 struct b43_wldev *dev; 3323 int count = -ENODEV; 3324 3325 mutex_lock(&wl->mutex); 3326 dev = wl->current_dev; 3327 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3328 *data = b43_read16(dev, B43_MMIO_RNG); 3329 count = sizeof(u16); 3330 } 3331 mutex_unlock(&wl->mutex); 3332 3333 return count; 3334} 3335#endif /* CONFIG_B43_HWRNG */ 3336 3337static void b43_rng_exit(struct b43_wl *wl) 3338{ 3339#ifdef CONFIG_B43_HWRNG 3340 if (wl->rng_initialized) 3341 hwrng_unregister(&wl->rng); 3342#endif /* CONFIG_B43_HWRNG */ 3343} 3344 3345static int b43_rng_init(struct b43_wl *wl) 3346{ 3347 int err = 0; 3348 3349#ifdef CONFIG_B43_HWRNG 3350 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3351 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3352 wl->rng.name = wl->rng_name; 3353 wl->rng.data_read = b43_rng_read; 3354 wl->rng.priv = (unsigned long)wl; 3355 wl->rng_initialized = true; 3356 err = hwrng_register(&wl->rng); 3357 if (err) { 3358 wl->rng_initialized = false; 3359 b43err(wl, "Failed to register the random " 3360 "number generator (%d)\n", err); 3361 } 3362#endif /* CONFIG_B43_HWRNG */ 3363 3364 return err; 3365} 3366 3367static void b43_tx_work(struct work_struct *work) 3368{ 3369 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3370 struct b43_wldev *dev; 3371 struct sk_buff *skb; 3372 int queue_num; 3373 int err = 0; 3374 3375 mutex_lock(&wl->mutex); 3376 dev = wl->current_dev; 3377 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3378 mutex_unlock(&wl->mutex); 3379 return; 3380 } 3381 3382 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) { 3383 while (skb_queue_len(&wl->tx_queue[queue_num])) { 3384 skb = skb_dequeue(&wl->tx_queue[queue_num]); 3385 if (b43_using_pio_transfers(dev)) 3386 err = b43_pio_tx(dev, skb); 3387 else 3388 err = b43_dma_tx(dev, skb); 3389 if (err == -ENOSPC) { 3390 wl->tx_queue_stopped[queue_num] = 1; 3391 ieee80211_stop_queue(wl->hw, queue_num); 3392 skb_queue_head(&wl->tx_queue[queue_num], skb); 3393 break; 3394 } 3395 if (unlikely(err)) 3396 dev_kfree_skb(skb); /* Drop it */ 3397 err = 0; 3398 } 3399 3400 if (!err) 3401 wl->tx_queue_stopped[queue_num] = 0; 3402 } 3403 3404#if B43_DEBUG 3405 dev->tx_count++; 3406#endif 3407 mutex_unlock(&wl->mutex); 3408} 3409 3410static void b43_op_tx(struct ieee80211_hw *hw, 3411 struct sk_buff *skb) 3412{ 3413 struct b43_wl *wl = hw_to_b43_wl(hw); 3414 3415 if (unlikely(skb->len < 2 + 2 + 6)) { 3416 /* Too short, this can't be a valid frame. */ 3417 dev_kfree_skb_any(skb); 3418 return; 3419 } 3420 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3421 3422 skb_queue_tail(&wl->tx_queue[skb->queue_mapping], skb); 3423 if (!wl->tx_queue_stopped[skb->queue_mapping]) { 3424 ieee80211_queue_work(wl->hw, &wl->tx_work); 3425 } else { 3426 ieee80211_stop_queue(wl->hw, skb->queue_mapping); 3427 } 3428} 3429 3430static void b43_qos_params_upload(struct b43_wldev *dev, 3431 const struct ieee80211_tx_queue_params *p, 3432 u16 shm_offset) 3433{ 3434 u16 params[B43_NR_QOSPARAMS]; 3435 int bslots, tmp; 3436 unsigned int i; 3437 3438 if (!dev->qos_enabled) 3439 return; 3440 3441 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3442 3443 memset(¶ms, 0, sizeof(params)); 3444 3445 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3446 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3447 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3448 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3449 params[B43_QOSPARAM_AIFS] = p->aifs; 3450 params[B43_QOSPARAM_BSLOTS] = bslots; 3451 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3452 3453 for (i = 0; i < ARRAY_SIZE(params); i++) { 3454 if (i == B43_QOSPARAM_STATUS) { 3455 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3456 shm_offset + (i * 2)); 3457 /* Mark the parameters as updated. */ 3458 tmp |= 0x100; 3459 b43_shm_write16(dev, B43_SHM_SHARED, 3460 shm_offset + (i * 2), 3461 tmp); 3462 } else { 3463 b43_shm_write16(dev, B43_SHM_SHARED, 3464 shm_offset + (i * 2), 3465 params[i]); 3466 } 3467 } 3468} 3469 3470/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3471static const u16 b43_qos_shm_offsets[] = { 3472 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3473 [0] = B43_QOS_VOICE, 3474 [1] = B43_QOS_VIDEO, 3475 [2] = B43_QOS_BESTEFFORT, 3476 [3] = B43_QOS_BACKGROUND, 3477}; 3478 3479/* Update all QOS parameters in hardware. */ 3480static void b43_qos_upload_all(struct b43_wldev *dev) 3481{ 3482 struct b43_wl *wl = dev->wl; 3483 struct b43_qos_params *params; 3484 unsigned int i; 3485 3486 if (!dev->qos_enabled) 3487 return; 3488 3489 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3490 ARRAY_SIZE(wl->qos_params)); 3491 3492 b43_mac_suspend(dev); 3493 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3494 params = &(wl->qos_params[i]); 3495 b43_qos_params_upload(dev, &(params->p), 3496 b43_qos_shm_offsets[i]); 3497 } 3498 b43_mac_enable(dev); 3499} 3500 3501static void b43_qos_clear(struct b43_wl *wl) 3502{ 3503 struct b43_qos_params *params; 3504 unsigned int i; 3505 3506 /* Initialize QoS parameters to sane defaults. */ 3507 3508 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3509 ARRAY_SIZE(wl->qos_params)); 3510 3511 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3512 params = &(wl->qos_params[i]); 3513 3514 switch (b43_qos_shm_offsets[i]) { 3515 case B43_QOS_VOICE: 3516 params->p.txop = 0; 3517 params->p.aifs = 2; 3518 params->p.cw_min = 0x0001; 3519 params->p.cw_max = 0x0001; 3520 break; 3521 case B43_QOS_VIDEO: 3522 params->p.txop = 0; 3523 params->p.aifs = 2; 3524 params->p.cw_min = 0x0001; 3525 params->p.cw_max = 0x0001; 3526 break; 3527 case B43_QOS_BESTEFFORT: 3528 params->p.txop = 0; 3529 params->p.aifs = 3; 3530 params->p.cw_min = 0x0001; 3531 params->p.cw_max = 0x03FF; 3532 break; 3533 case B43_QOS_BACKGROUND: 3534 params->p.txop = 0; 3535 params->p.aifs = 7; 3536 params->p.cw_min = 0x0001; 3537 params->p.cw_max = 0x03FF; 3538 break; 3539 default: 3540 B43_WARN_ON(1); 3541 } 3542 } 3543} 3544 3545/* Initialize the core's QOS capabilities */ 3546static void b43_qos_init(struct b43_wldev *dev) 3547{ 3548 if (!dev->qos_enabled) { 3549 /* Disable QOS support. */ 3550 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3551 b43_write16(dev, B43_MMIO_IFSCTL, 3552 b43_read16(dev, B43_MMIO_IFSCTL) 3553 & ~B43_MMIO_IFSCTL_USE_EDCF); 3554 b43dbg(dev->wl, "QoS disabled\n"); 3555 return; 3556 } 3557 3558 /* Upload the current QOS parameters. */ 3559 b43_qos_upload_all(dev); 3560 3561 /* Enable QOS support. */ 3562 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3563 b43_write16(dev, B43_MMIO_IFSCTL, 3564 b43_read16(dev, B43_MMIO_IFSCTL) 3565 | B43_MMIO_IFSCTL_USE_EDCF); 3566 b43dbg(dev->wl, "QoS enabled\n"); 3567} 3568 3569static int b43_op_conf_tx(struct ieee80211_hw *hw, 3570 struct ieee80211_vif *vif, u16 _queue, 3571 const struct ieee80211_tx_queue_params *params) 3572{ 3573 struct b43_wl *wl = hw_to_b43_wl(hw); 3574 struct b43_wldev *dev; 3575 unsigned int queue = (unsigned int)_queue; 3576 int err = -ENODEV; 3577 3578 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3579 /* Queue not available or don't support setting 3580 * params on this queue. Return success to not 3581 * confuse mac80211. */ 3582 return 0; 3583 } 3584 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3585 ARRAY_SIZE(wl->qos_params)); 3586 3587 mutex_lock(&wl->mutex); 3588 dev = wl->current_dev; 3589 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3590 goto out_unlock; 3591 3592 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3593 b43_mac_suspend(dev); 3594 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3595 b43_qos_shm_offsets[queue]); 3596 b43_mac_enable(dev); 3597 err = 0; 3598 3599out_unlock: 3600 mutex_unlock(&wl->mutex); 3601 3602 return err; 3603} 3604 3605static int b43_op_get_stats(struct ieee80211_hw *hw, 3606 struct ieee80211_low_level_stats *stats) 3607{ 3608 struct b43_wl *wl = hw_to_b43_wl(hw); 3609 3610 mutex_lock(&wl->mutex); 3611 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3612 mutex_unlock(&wl->mutex); 3613 3614 return 0; 3615} 3616 3617static u64 b43_op_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif) 3618{ 3619 struct b43_wl *wl = hw_to_b43_wl(hw); 3620 struct b43_wldev *dev; 3621 u64 tsf; 3622 3623 mutex_lock(&wl->mutex); 3624 dev = wl->current_dev; 3625 3626 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3627 b43_tsf_read(dev, &tsf); 3628 else 3629 tsf = 0; 3630 3631 mutex_unlock(&wl->mutex); 3632 3633 return tsf; 3634} 3635 3636static void b43_op_set_tsf(struct ieee80211_hw *hw, 3637 struct ieee80211_vif *vif, u64 tsf) 3638{ 3639 struct b43_wl *wl = hw_to_b43_wl(hw); 3640 struct b43_wldev *dev; 3641 3642 mutex_lock(&wl->mutex); 3643 dev = wl->current_dev; 3644 3645 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3646 b43_tsf_write(dev, tsf); 3647 3648 mutex_unlock(&wl->mutex); 3649} 3650 3651static void b43_put_phy_into_reset(struct b43_wldev *dev) 3652{ 3653 u32 tmp; 3654 3655 switch (dev->dev->bus_type) { 3656#ifdef CONFIG_B43_BCMA 3657 case B43_BUS_BCMA: 3658 b43err(dev->wl, 3659 "Putting PHY into reset not supported on BCMA\n"); 3660 break; 3661#endif 3662#ifdef CONFIG_B43_SSB 3663 case B43_BUS_SSB: 3664 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW); 3665 tmp &= ~B43_TMSLOW_GMODE; 3666 tmp |= B43_TMSLOW_PHYRESET; 3667 tmp |= SSB_TMSLOW_FGC; 3668 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp); 3669 msleep(1); 3670 3671 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW); 3672 tmp &= ~SSB_TMSLOW_FGC; 3673 tmp |= B43_TMSLOW_PHYRESET; 3674 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp); 3675 msleep(1); 3676 3677 break; 3678#endif 3679 } 3680} 3681 3682static const char *band_to_string(enum ieee80211_band band) 3683{ 3684 switch (band) { 3685 case IEEE80211_BAND_5GHZ: 3686 return "5"; 3687 case IEEE80211_BAND_2GHZ: 3688 return "2.4"; 3689 default: 3690 break; 3691 } 3692 B43_WARN_ON(1); 3693 return ""; 3694} 3695 3696/* Expects wl->mutex locked */ 3697static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3698{ 3699 struct b43_wldev *up_dev = NULL; 3700 struct b43_wldev *down_dev; 3701 struct b43_wldev *d; 3702 int err; 3703 bool uninitialized_var(gmode); 3704 int prev_status; 3705 3706 /* Find a device and PHY which supports the band. */ 3707 list_for_each_entry(d, &wl->devlist, list) { 3708 switch (chan->band) { 3709 case IEEE80211_BAND_5GHZ: 3710 if (d->phy.supports_5ghz) { 3711 up_dev = d; 3712 gmode = false; 3713 } 3714 break; 3715 case IEEE80211_BAND_2GHZ: 3716 if (d->phy.supports_2ghz) { 3717 up_dev = d; 3718 gmode = true; 3719 } 3720 break; 3721 default: 3722 B43_WARN_ON(1); 3723 return -EINVAL; 3724 } 3725 if (up_dev) 3726 break; 3727 } 3728 if (!up_dev) { 3729 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3730 band_to_string(chan->band)); 3731 return -ENODEV; 3732 } 3733 if ((up_dev == wl->current_dev) && 3734 (!!wl->current_dev->phy.gmode == !!gmode)) { 3735 /* This device is already running. */ 3736 return 0; 3737 } 3738 b43dbg(wl, "Switching to %s-GHz band\n", 3739 band_to_string(chan->band)); 3740 down_dev = wl->current_dev; 3741 3742 prev_status = b43_status(down_dev); 3743 /* Shutdown the currently running core. */ 3744 if (prev_status >= B43_STAT_STARTED) 3745 down_dev = b43_wireless_core_stop(down_dev); 3746 if (prev_status >= B43_STAT_INITIALIZED) 3747 b43_wireless_core_exit(down_dev); 3748 3749 if (down_dev != up_dev) { 3750 /* We switch to a different core, so we put PHY into 3751 * RESET on the old core. */ 3752 b43_put_phy_into_reset(down_dev); 3753 } 3754 3755 /* Now start the new core. */ 3756 up_dev->phy.gmode = gmode; 3757 if (prev_status >= B43_STAT_INITIALIZED) { 3758 err = b43_wireless_core_init(up_dev); 3759 if (err) { 3760 b43err(wl, "Fatal: Could not initialize device for " 3761 "selected %s-GHz band\n", 3762 band_to_string(chan->band)); 3763 goto init_failure; 3764 } 3765 } 3766 if (prev_status >= B43_STAT_STARTED) { 3767 err = b43_wireless_core_start(up_dev); 3768 if (err) { 3769 b43err(wl, "Fatal: Coult not start device for " 3770 "selected %s-GHz band\n", 3771 band_to_string(chan->band)); 3772 b43_wireless_core_exit(up_dev); 3773 goto init_failure; 3774 } 3775 } 3776 B43_WARN_ON(b43_status(up_dev) != prev_status); 3777 3778 wl->current_dev = up_dev; 3779 3780 return 0; 3781init_failure: 3782 /* Whoops, failed to init the new core. No core is operating now. */ 3783 wl->current_dev = NULL; 3784 return err; 3785} 3786 3787/* Write the short and long frame retry limit values. */ 3788static void b43_set_retry_limits(struct b43_wldev *dev, 3789 unsigned int short_retry, 3790 unsigned int long_retry) 3791{ 3792 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3793 * the chip-internal counter. */ 3794 short_retry = min(short_retry, (unsigned int)0xF); 3795 long_retry = min(long_retry, (unsigned int)0xF); 3796 3797 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3798 short_retry); 3799 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3800 long_retry); 3801} 3802 3803static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3804{ 3805 struct b43_wl *wl = hw_to_b43_wl(hw); 3806 struct b43_wldev *dev; 3807 struct b43_phy *phy; 3808 struct ieee80211_conf *conf = &hw->conf; 3809 int antenna; 3810 int err = 0; 3811 bool reload_bss = false; 3812 3813 mutex_lock(&wl->mutex); 3814 3815 dev = wl->current_dev; 3816 3817 /* Switch the band (if necessary). This might change the active core. */ 3818 err = b43_switch_band(wl, conf->channel); 3819 if (err) 3820 goto out_unlock_mutex; 3821 3822 /* Need to reload all settings if the core changed */ 3823 if (dev != wl->current_dev) { 3824 dev = wl->current_dev; 3825 changed = ~0; 3826 reload_bss = true; 3827 } 3828 3829 phy = &dev->phy; 3830 3831 if (conf_is_ht(conf)) 3832 phy->is_40mhz = 3833 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf)); 3834 else 3835 phy->is_40mhz = false; 3836 3837 b43_mac_suspend(dev); 3838 3839 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3840 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3841 conf->long_frame_max_tx_count); 3842 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3843 if (!changed) 3844 goto out_mac_enable; 3845 3846 /* Switch to the requested channel. 3847 * The firmware takes care of races with the TX handler. */ 3848 if (conf->channel->hw_value != phy->channel) 3849 b43_switch_channel(dev, conf->channel->hw_value); 3850 3851 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3852 3853 /* Adjust the desired TX power level. */ 3854 if (conf->power_level != 0) { 3855 if (conf->power_level != phy->desired_txpower) { 3856 phy->desired_txpower = conf->power_level; 3857 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3858 B43_TXPWR_IGNORE_TSSI); 3859 } 3860 } 3861 3862 /* Antennas for RX and management frame TX. */ 3863 antenna = B43_ANTENNA_DEFAULT; 3864 b43_mgmtframe_txantenna(dev, antenna); 3865 antenna = B43_ANTENNA_DEFAULT; 3866 if (phy->ops->set_rx_antenna) 3867 phy->ops->set_rx_antenna(dev, antenna); 3868 3869 if (wl->radio_enabled != phy->radio_on) { 3870 if (wl->radio_enabled) { 3871 b43_software_rfkill(dev, false); 3872 b43info(dev->wl, "Radio turned on by software\n"); 3873 if (!dev->radio_hw_enable) { 3874 b43info(dev->wl, "The hardware RF-kill button " 3875 "still turns the radio physically off. " 3876 "Press the button to turn it on.\n"); 3877 } 3878 } else { 3879 b43_software_rfkill(dev, true); 3880 b43info(dev->wl, "Radio turned off by software\n"); 3881 } 3882 } 3883 3884out_mac_enable: 3885 b43_mac_enable(dev); 3886out_unlock_mutex: 3887 mutex_unlock(&wl->mutex); 3888 3889 if (wl->vif && reload_bss) 3890 b43_op_bss_info_changed(hw, wl->vif, &wl->vif->bss_conf, ~0); 3891 3892 return err; 3893} 3894 3895static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3896{ 3897 struct ieee80211_supported_band *sband = 3898 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3899 struct ieee80211_rate *rate; 3900 int i; 3901 u16 basic, direct, offset, basic_offset, rateptr; 3902 3903 for (i = 0; i < sband->n_bitrates; i++) { 3904 rate = &sband->bitrates[i]; 3905 3906 if (b43_is_cck_rate(rate->hw_value)) { 3907 direct = B43_SHM_SH_CCKDIRECT; 3908 basic = B43_SHM_SH_CCKBASIC; 3909 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3910 offset &= 0xF; 3911 } else { 3912 direct = B43_SHM_SH_OFDMDIRECT; 3913 basic = B43_SHM_SH_OFDMBASIC; 3914 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3915 offset &= 0xF; 3916 } 3917 3918 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3919 3920 if (b43_is_cck_rate(rate->hw_value)) { 3921 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3922 basic_offset &= 0xF; 3923 } else { 3924 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3925 basic_offset &= 0xF; 3926 } 3927 3928 /* 3929 * Get the pointer that we need to point to 3930 * from the direct map 3931 */ 3932 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3933 direct + 2 * basic_offset); 3934 /* and write it to the basic map */ 3935 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3936 rateptr); 3937 } 3938} 3939 3940static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3941 struct ieee80211_vif *vif, 3942 struct ieee80211_bss_conf *conf, 3943 u32 changed) 3944{ 3945 struct b43_wl *wl = hw_to_b43_wl(hw); 3946 struct b43_wldev *dev; 3947 3948 mutex_lock(&wl->mutex); 3949 3950 dev = wl->current_dev; 3951 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3952 goto out_unlock_mutex; 3953 3954 B43_WARN_ON(wl->vif != vif); 3955 3956 if (changed & BSS_CHANGED_BSSID) { 3957 if (conf->bssid) 3958 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3959 else 3960 memset(wl->bssid, 0, ETH_ALEN); 3961 } 3962 3963 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3964 if (changed & BSS_CHANGED_BEACON && 3965 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3966 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3967 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3968 b43_update_templates(wl); 3969 3970 if (changed & BSS_CHANGED_BSSID) 3971 b43_write_mac_bssid_templates(dev); 3972 } 3973 3974 b43_mac_suspend(dev); 3975 3976 /* Update templates for AP/mesh mode. */ 3977 if (changed & BSS_CHANGED_BEACON_INT && 3978 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3979 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3980 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) && 3981 conf->beacon_int) 3982 b43_set_beacon_int(dev, conf->beacon_int); 3983 3984 if (changed & BSS_CHANGED_BASIC_RATES) 3985 b43_update_basic_rates(dev, conf->basic_rates); 3986 3987 if (changed & BSS_CHANGED_ERP_SLOT) { 3988 if (conf->use_short_slot) 3989 b43_short_slot_timing_enable(dev); 3990 else 3991 b43_short_slot_timing_disable(dev); 3992 } 3993 3994 b43_mac_enable(dev); 3995out_unlock_mutex: 3996 mutex_unlock(&wl->mutex); 3997} 3998 3999static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 4000 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 4001 struct ieee80211_key_conf *key) 4002{ 4003 struct b43_wl *wl = hw_to_b43_wl(hw); 4004 struct b43_wldev *dev; 4005 u8 algorithm; 4006 u8 index; 4007 int err; 4008 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 4009 4010 if (modparam_nohwcrypt) 4011 return -ENOSPC; /* User disabled HW-crypto */ 4012 4013 mutex_lock(&wl->mutex); 4014 4015 dev = wl->current_dev; 4016 err = -ENODEV; 4017 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 4018 goto out_unlock; 4019 4020 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 4021 /* We don't have firmware for the crypto engine. 4022 * Must use software-crypto. */ 4023 err = -EOPNOTSUPP; 4024 goto out_unlock; 4025 } 4026 4027 err = -EINVAL; 4028 switch (key->cipher) { 4029 case WLAN_CIPHER_SUITE_WEP40: 4030 algorithm = B43_SEC_ALGO_WEP40; 4031 break; 4032 case WLAN_CIPHER_SUITE_WEP104: 4033 algorithm = B43_SEC_ALGO_WEP104; 4034 break; 4035 case WLAN_CIPHER_SUITE_TKIP: 4036 algorithm = B43_SEC_ALGO_TKIP; 4037 break; 4038 case WLAN_CIPHER_SUITE_CCMP: 4039 algorithm = B43_SEC_ALGO_AES; 4040 break; 4041 default: 4042 B43_WARN_ON(1); 4043 goto out_unlock; 4044 } 4045 index = (u8) (key->keyidx); 4046 if (index > 3) 4047 goto out_unlock; 4048 4049 switch (cmd) { 4050 case SET_KEY: 4051 if (algorithm == B43_SEC_ALGO_TKIP && 4052 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 4053 !modparam_hwtkip)) { 4054 /* We support only pairwise key */ 4055 err = -EOPNOTSUPP; 4056 goto out_unlock; 4057 } 4058 4059 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 4060 if (WARN_ON(!sta)) { 4061 err = -EOPNOTSUPP; 4062 goto out_unlock; 4063 } 4064 /* Pairwise key with an assigned MAC address. */ 4065 err = b43_key_write(dev, -1, algorithm, 4066 key->key, key->keylen, 4067 sta->addr, key); 4068 } else { 4069 /* Group key */ 4070 err = b43_key_write(dev, index, algorithm, 4071 key->key, key->keylen, NULL, key); 4072 } 4073 if (err) 4074 goto out_unlock; 4075 4076 if (algorithm == B43_SEC_ALGO_WEP40 || 4077 algorithm == B43_SEC_ALGO_WEP104) { 4078 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 4079 } else { 4080 b43_hf_write(dev, 4081 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 4082 } 4083 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 4084 if (algorithm == B43_SEC_ALGO_TKIP) 4085 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 4086 break; 4087 case DISABLE_KEY: { 4088 err = b43_key_clear(dev, key->hw_key_idx); 4089 if (err) 4090 goto out_unlock; 4091 break; 4092 } 4093 default: 4094 B43_WARN_ON(1); 4095 } 4096 4097out_unlock: 4098 if (!err) { 4099 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 4100 "mac: %pM\n", 4101 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 4102 sta ? sta->addr : bcast_addr); 4103 b43_dump_keymemory(dev); 4104 } 4105 mutex_unlock(&wl->mutex); 4106 4107 return err; 4108} 4109 4110static void b43_op_configure_filter(struct ieee80211_hw *hw, 4111 unsigned int changed, unsigned int *fflags, 4112 u64 multicast) 4113{ 4114 struct b43_wl *wl = hw_to_b43_wl(hw); 4115 struct b43_wldev *dev; 4116 4117 mutex_lock(&wl->mutex); 4118 dev = wl->current_dev; 4119 if (!dev) { 4120 *fflags = 0; 4121 goto out_unlock; 4122 } 4123 4124 *fflags &= FIF_PROMISC_IN_BSS | 4125 FIF_ALLMULTI | 4126 FIF_FCSFAIL | 4127 FIF_PLCPFAIL | 4128 FIF_CONTROL | 4129 FIF_OTHER_BSS | 4130 FIF_BCN_PRBRESP_PROMISC; 4131 4132 changed &= FIF_PROMISC_IN_BSS | 4133 FIF_ALLMULTI | 4134 FIF_FCSFAIL | 4135 FIF_PLCPFAIL | 4136 FIF_CONTROL | 4137 FIF_OTHER_BSS | 4138 FIF_BCN_PRBRESP_PROMISC; 4139 4140 wl->filter_flags = *fflags; 4141 4142 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 4143 b43_adjust_opmode(dev); 4144 4145out_unlock: 4146 mutex_unlock(&wl->mutex); 4147} 4148 4149/* Locking: wl->mutex 4150 * Returns the current dev. This might be different from the passed in dev, 4151 * because the core might be gone away while we unlocked the mutex. */ 4152static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 4153{ 4154 struct b43_wl *wl; 4155 struct b43_wldev *orig_dev; 4156 u32 mask; 4157 int queue_num; 4158 4159 if (!dev) 4160 return NULL; 4161 wl = dev->wl; 4162redo: 4163 if (!dev || b43_status(dev) < B43_STAT_STARTED) 4164 return dev; 4165 4166 /* Cancel work. Unlock to avoid deadlocks. */ 4167 mutex_unlock(&wl->mutex); 4168 cancel_delayed_work_sync(&dev->periodic_work); 4169 cancel_work_sync(&wl->tx_work); 4170 cancel_work_sync(&wl->firmware_load); 4171 mutex_lock(&wl->mutex); 4172 dev = wl->current_dev; 4173 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 4174 /* Whoops, aliens ate up the device while we were unlocked. */ 4175 return dev; 4176 } 4177 4178 /* Disable interrupts on the device. */ 4179 b43_set_status(dev, B43_STAT_INITIALIZED); 4180 if (b43_bus_host_is_sdio(dev->dev)) { 4181 /* wl->mutex is locked. That is enough. */ 4182 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 4183 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 4184 } else { 4185 spin_lock_irq(&wl->hardirq_lock); 4186 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 4187 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 4188 spin_unlock_irq(&wl->hardirq_lock); 4189 } 4190 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 4191 orig_dev = dev; 4192 mutex_unlock(&wl->mutex); 4193 if (b43_bus_host_is_sdio(dev->dev)) { 4194 b43_sdio_free_irq(dev); 4195 } else { 4196 synchronize_irq(dev->dev->irq); 4197 free_irq(dev->dev->irq, dev); 4198 } 4199 mutex_lock(&wl->mutex); 4200 dev = wl->current_dev; 4201 if (!dev) 4202 return dev; 4203 if (dev != orig_dev) { 4204 if (b43_status(dev) >= B43_STAT_STARTED) 4205 goto redo; 4206 return dev; 4207 } 4208 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 4209 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 4210 4211 /* Drain all TX queues. */ 4212 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) { 4213 while (skb_queue_len(&wl->tx_queue[queue_num])) 4214 dev_kfree_skb(skb_dequeue(&wl->tx_queue[queue_num])); 4215 } 4216 4217 b43_mac_suspend(dev); 4218 b43_leds_exit(dev); 4219 b43dbg(wl, "Wireless interface stopped\n"); 4220 4221 return dev; 4222} 4223 4224/* Locking: wl->mutex */ 4225static int b43_wireless_core_start(struct b43_wldev *dev) 4226{ 4227 int err; 4228 4229 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 4230 4231 drain_txstatus_queue(dev); 4232 if (b43_bus_host_is_sdio(dev->dev)) { 4233 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 4234 if (err) { 4235 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 4236 goto out; 4237 } 4238 } else { 4239 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 4240 b43_interrupt_thread_handler, 4241 IRQF_SHARED, KBUILD_MODNAME, dev); 4242 if (err) { 4243 b43err(dev->wl, "Cannot request IRQ-%d\n", 4244 dev->dev->irq); 4245 goto out; 4246 } 4247 } 4248 4249 /* We are ready to run. */ 4250 ieee80211_wake_queues(dev->wl->hw); 4251 b43_set_status(dev, B43_STAT_STARTED); 4252 4253 /* Start data flow (TX/RX). */ 4254 b43_mac_enable(dev); 4255 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 4256 4257 /* Start maintenance work */ 4258 b43_periodic_tasks_setup(dev); 4259 4260 b43_leds_init(dev); 4261 4262 b43dbg(dev->wl, "Wireless interface started\n"); 4263out: 4264 return err; 4265} 4266 4267/* Get PHY and RADIO versioning numbers */ 4268static int b43_phy_versioning(struct b43_wldev *dev) 4269{ 4270 struct b43_phy *phy = &dev->phy; 4271 u32 tmp; 4272 u8 analog_type; 4273 u8 phy_type; 4274 u8 phy_rev; 4275 u16 radio_manuf; 4276 u16 radio_ver; 4277 u16 radio_rev; 4278 int unsupported = 0; 4279 4280 /* Get PHY versioning */ 4281 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 4282 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 4283 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 4284 phy_rev = (tmp & B43_PHYVER_VERSION); 4285 switch (phy_type) { 4286 case B43_PHYTYPE_A: 4287 if (phy_rev >= 4) 4288 unsupported = 1; 4289 break; 4290 case B43_PHYTYPE_B: 4291 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4292 && phy_rev != 7) 4293 unsupported = 1; 4294 break; 4295 case B43_PHYTYPE_G: 4296 if (phy_rev > 9) 4297 unsupported = 1; 4298 break; 4299#ifdef CONFIG_B43_PHY_N 4300 case B43_PHYTYPE_N: 4301 if (phy_rev > 9) 4302 unsupported = 1; 4303 break; 4304#endif 4305#ifdef CONFIG_B43_PHY_LP 4306 case B43_PHYTYPE_LP: 4307 if (phy_rev > 2) 4308 unsupported = 1; 4309 break; 4310#endif 4311#ifdef CONFIG_B43_PHY_HT 4312 case B43_PHYTYPE_HT: 4313 if (phy_rev > 1) 4314 unsupported = 1; 4315 break; 4316#endif 4317#ifdef CONFIG_B43_PHY_LCN 4318 case B43_PHYTYPE_LCN: 4319 if (phy_rev > 1) 4320 unsupported = 1; 4321 break; 4322#endif 4323 default: 4324 unsupported = 1; 4325 } 4326 if (unsupported) { 4327 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4328 "(Analog %u, Type %u, Revision %u)\n", 4329 analog_type, phy_type, phy_rev); 4330 return -EOPNOTSUPP; 4331 } 4332 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4333 analog_type, phy_type, phy_rev); 4334 4335 /* Get RADIO versioning */ 4336 if (dev->dev->core_rev >= 24) { 4337 u16 radio24[3]; 4338 4339 for (tmp = 0; tmp < 3; tmp++) { 4340 b43_write16(dev, B43_MMIO_RADIO24_CONTROL, tmp); 4341 radio24[tmp] = b43_read16(dev, B43_MMIO_RADIO24_DATA); 4342 } 4343 4344 /* Broadcom uses "id" for our "ver" and has separated "ver" */ 4345 /* radio_ver = (radio24[0] & 0xF0) >> 4; */ 4346 4347 radio_manuf = 0x17F; 4348 radio_ver = (radio24[2] << 8) | radio24[1]; 4349 radio_rev = (radio24[0] & 0xF); 4350 } else { 4351 if (dev->dev->chip_id == 0x4317) { 4352 if (dev->dev->chip_rev == 0) 4353 tmp = 0x3205017F; 4354 else if (dev->dev->chip_rev == 1) 4355 tmp = 0x4205017F; 4356 else 4357 tmp = 0x5205017F; 4358 } else { 4359 b43_write16(dev, B43_MMIO_RADIO_CONTROL, 4360 B43_RADIOCTL_ID); 4361 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4362 b43_write16(dev, B43_MMIO_RADIO_CONTROL, 4363 B43_RADIOCTL_ID); 4364 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) 4365 << 16; 4366 } 4367 radio_manuf = (tmp & 0x00000FFF); 4368 radio_ver = (tmp & 0x0FFFF000) >> 12; 4369 radio_rev = (tmp & 0xF0000000) >> 28; 4370 } 4371 4372 if (radio_manuf != 0x17F /* Broadcom */) 4373 unsupported = 1; 4374 switch (phy_type) { 4375 case B43_PHYTYPE_A: 4376 if (radio_ver != 0x2060) 4377 unsupported = 1; 4378 if (radio_rev != 1) 4379 unsupported = 1; 4380 if (radio_manuf != 0x17F) 4381 unsupported = 1; 4382 break; 4383 case B43_PHYTYPE_B: 4384 if ((radio_ver & 0xFFF0) != 0x2050) 4385 unsupported = 1; 4386 break; 4387 case B43_PHYTYPE_G: 4388 if (radio_ver != 0x2050) 4389 unsupported = 1; 4390 break; 4391 case B43_PHYTYPE_N: 4392 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4393 unsupported = 1; 4394 break; 4395 case B43_PHYTYPE_LP: 4396 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4397 unsupported = 1; 4398 break; 4399 case B43_PHYTYPE_HT: 4400 if (radio_ver != 0x2059) 4401 unsupported = 1; 4402 break; 4403 case B43_PHYTYPE_LCN: 4404 if (radio_ver != 0x2064) 4405 unsupported = 1; 4406 break; 4407 default: 4408 B43_WARN_ON(1); 4409 } 4410 if (unsupported) { 4411 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4412 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4413 radio_manuf, radio_ver, radio_rev); 4414 return -EOPNOTSUPP; 4415 } 4416 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4417 radio_manuf, radio_ver, radio_rev); 4418 4419 phy->radio_manuf = radio_manuf; 4420 phy->radio_ver = radio_ver; 4421 phy->radio_rev = radio_rev; 4422 4423 phy->analog = analog_type; 4424 phy->type = phy_type; 4425 phy->rev = phy_rev; 4426 4427 return 0; 4428} 4429 4430static void setup_struct_phy_for_init(struct b43_wldev *dev, 4431 struct b43_phy *phy) 4432{ 4433 phy->hardware_power_control = !!modparam_hwpctl; 4434 phy->next_txpwr_check_time = jiffies; 4435 /* PHY TX errors counter. */ 4436 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4437 4438#if B43_DEBUG 4439 phy->phy_locked = false; 4440 phy->radio_locked = false; 4441#endif 4442} 4443 4444static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4445{ 4446 dev->dfq_valid = false; 4447 4448 /* Assume the radio is enabled. If it's not enabled, the state will 4449 * immediately get fixed on the first periodic work run. */ 4450 dev->radio_hw_enable = true; 4451 4452 /* Stats */ 4453 memset(&dev->stats, 0, sizeof(dev->stats)); 4454 4455 setup_struct_phy_for_init(dev, &dev->phy); 4456 4457 /* IRQ related flags */ 4458 dev->irq_reason = 0; 4459 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4460 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4461 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4462 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4463 4464 dev->mac_suspended = 1; 4465 4466 /* Noise calculation context */ 4467 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4468} 4469 4470static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4471{ 4472 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4473 u64 hf; 4474 4475 if (!modparam_btcoex) 4476 return; 4477 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4478 return; 4479 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4480 return; 4481 4482 hf = b43_hf_read(dev); 4483 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4484 hf |= B43_HF_BTCOEXALT; 4485 else 4486 hf |= B43_HF_BTCOEX; 4487 b43_hf_write(dev, hf); 4488} 4489 4490static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4491{ 4492 if (!modparam_btcoex) 4493 return; 4494 //TODO 4495} 4496 4497static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4498{ 4499 struct ssb_bus *bus; 4500 u32 tmp; 4501 4502 if (dev->dev->bus_type != B43_BUS_SSB) 4503 return; 4504 4505 bus = dev->dev->sdev->bus; 4506 4507 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) || 4508 (bus->chip_id == 0x4312)) { 4509 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO); 4510 tmp &= ~SSB_IMCFGLO_REQTO; 4511 tmp &= ~SSB_IMCFGLO_SERTO; 4512 tmp |= 0x3; 4513 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp); 4514 ssb_commit_settings(bus); 4515 } 4516} 4517 4518static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4519{ 4520 u16 pu_delay; 4521 4522 /* The time value is in microseconds. */ 4523 if (dev->phy.type == B43_PHYTYPE_A) 4524 pu_delay = 3700; 4525 else 4526 pu_delay = 1050; 4527 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4528 pu_delay = 500; 4529 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4530 pu_delay = max(pu_delay, (u16)2400); 4531 4532 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4533} 4534 4535/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4536static void b43_set_pretbtt(struct b43_wldev *dev) 4537{ 4538 u16 pretbtt; 4539 4540 /* The time value is in microseconds. */ 4541 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4542 pretbtt = 2; 4543 } else { 4544 if (dev->phy.type == B43_PHYTYPE_A) 4545 pretbtt = 120; 4546 else 4547 pretbtt = 250; 4548 } 4549 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4550 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4551} 4552 4553/* Shutdown a wireless core */ 4554/* Locking: wl->mutex */ 4555static void b43_wireless_core_exit(struct b43_wldev *dev) 4556{ 4557 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4558 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4559 return; 4560 4561 /* Unregister HW RNG driver */ 4562 b43_rng_exit(dev->wl); 4563 4564 b43_set_status(dev, B43_STAT_UNINIT); 4565 4566 /* Stop the microcode PSM. */ 4567 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN, 4568 B43_MACCTL_PSM_JMP0); 4569 4570 b43_dma_free(dev); 4571 b43_pio_free(dev); 4572 b43_chip_exit(dev); 4573 dev->phy.ops->switch_analog(dev, 0); 4574 if (dev->wl->current_beacon) { 4575 dev_kfree_skb_any(dev->wl->current_beacon); 4576 dev->wl->current_beacon = NULL; 4577 } 4578 4579 b43_device_disable(dev, 0); 4580 b43_bus_may_powerdown(dev); 4581} 4582 4583/* Initialize a wireless core */ 4584static int b43_wireless_core_init(struct b43_wldev *dev) 4585{ 4586 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4587 struct b43_phy *phy = &dev->phy; 4588 int err; 4589 u64 hf; 4590 4591 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4592 4593 err = b43_bus_powerup(dev, 0); 4594 if (err) 4595 goto out; 4596 if (!b43_device_is_enabled(dev)) 4597 b43_wireless_core_reset(dev, phy->gmode); 4598 4599 /* Reset all data structures. */ 4600 setup_struct_wldev_for_init(dev); 4601 phy->ops->prepare_structs(dev); 4602 4603 /* Enable IRQ routing to this device. */ 4604 switch (dev->dev->bus_type) { 4605#ifdef CONFIG_B43_BCMA 4606 case B43_BUS_BCMA: 4607 bcma_core_pci_irq_ctl(&dev->dev->bdev->bus->drv_pci, 4608 dev->dev->bdev, true); 4609 break; 4610#endif 4611#ifdef CONFIG_B43_SSB 4612 case B43_BUS_SSB: 4613 ssb_pcicore_dev_irqvecs_enable(&dev->dev->sdev->bus->pcicore, 4614 dev->dev->sdev); 4615 break; 4616#endif 4617 } 4618 4619 b43_imcfglo_timeouts_workaround(dev); 4620 b43_bluetooth_coext_disable(dev); 4621 if (phy->ops->prepare_hardware) { 4622 err = phy->ops->prepare_hardware(dev); 4623 if (err) 4624 goto err_busdown; 4625 } 4626 err = b43_chip_init(dev); 4627 if (err) 4628 goto err_busdown; 4629 b43_shm_write16(dev, B43_SHM_SHARED, 4630 B43_SHM_SH_WLCOREREV, dev->dev->core_rev); 4631 hf = b43_hf_read(dev); 4632 if (phy->type == B43_PHYTYPE_G) { 4633 hf |= B43_HF_SYMW; 4634 if (phy->rev == 1) 4635 hf |= B43_HF_GDCW; 4636 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4637 hf |= B43_HF_OFDMPABOOST; 4638 } 4639 if (phy->radio_ver == 0x2050) { 4640 if (phy->radio_rev == 6) 4641 hf |= B43_HF_4318TSSI; 4642 if (phy->radio_rev < 6) 4643 hf |= B43_HF_VCORECALC; 4644 } 4645 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4646 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4647#ifdef CONFIG_SSB_DRIVER_PCICORE 4648 if (dev->dev->bus_type == B43_BUS_SSB && 4649 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI && 4650 dev->dev->sdev->bus->pcicore.dev->id.revision <= 10) 4651 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4652#endif 4653 hf &= ~B43_HF_SKCFPUP; 4654 b43_hf_write(dev, hf); 4655 4656 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4657 B43_DEFAULT_LONG_RETRY_LIMIT); 4658 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4659 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4660 4661 /* Disable sending probe responses from firmware. 4662 * Setting the MaxTime to one usec will always trigger 4663 * a timeout, so we never send any probe resp. 4664 * A timeout of zero is infinite. */ 4665 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4666 4667 b43_rate_memory_init(dev); 4668 b43_set_phytxctl_defaults(dev); 4669 4670 /* Minimum Contention Window */ 4671 if (phy->type == B43_PHYTYPE_B) 4672 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4673 else 4674 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4675 /* Maximum Contention Window */ 4676 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4677 4678 if (b43_bus_host_is_pcmcia(dev->dev) || 4679 b43_bus_host_is_sdio(dev->dev)) { 4680 dev->__using_pio_transfers = true; 4681 err = b43_pio_init(dev); 4682 } else if (dev->use_pio) { 4683 b43warn(dev->wl, "Forced PIO by use_pio module parameter. " 4684 "This should not be needed and will result in lower " 4685 "performance.\n"); 4686 dev->__using_pio_transfers = true; 4687 err = b43_pio_init(dev); 4688 } else { 4689 dev->__using_pio_transfers = false; 4690 err = b43_dma_init(dev); 4691 } 4692 if (err) 4693 goto err_chip_exit; 4694 b43_qos_init(dev); 4695 b43_set_synth_pu_delay(dev, 1); 4696 b43_bluetooth_coext_enable(dev); 4697 4698 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4699 b43_upload_card_macaddress(dev); 4700 b43_security_init(dev); 4701 4702 ieee80211_wake_queues(dev->wl->hw); 4703 4704 b43_set_status(dev, B43_STAT_INITIALIZED); 4705 4706 /* Register HW RNG driver */ 4707 b43_rng_init(dev->wl); 4708 4709out: 4710 return err; 4711 4712err_chip_exit: 4713 b43_chip_exit(dev); 4714err_busdown: 4715 b43_bus_may_powerdown(dev); 4716 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4717 return err; 4718} 4719 4720static int b43_op_add_interface(struct ieee80211_hw *hw, 4721 struct ieee80211_vif *vif) 4722{ 4723 struct b43_wl *wl = hw_to_b43_wl(hw); 4724 struct b43_wldev *dev; 4725 int err = -EOPNOTSUPP; 4726 4727 /* TODO: allow WDS/AP devices to coexist */ 4728 4729 if (vif->type != NL80211_IFTYPE_AP && 4730 vif->type != NL80211_IFTYPE_MESH_POINT && 4731 vif->type != NL80211_IFTYPE_STATION && 4732 vif->type != NL80211_IFTYPE_WDS && 4733 vif->type != NL80211_IFTYPE_ADHOC) 4734 return -EOPNOTSUPP; 4735 4736 mutex_lock(&wl->mutex); 4737 if (wl->operating) 4738 goto out_mutex_unlock; 4739 4740 b43dbg(wl, "Adding Interface type %d\n", vif->type); 4741 4742 dev = wl->current_dev; 4743 wl->operating = true; 4744 wl->vif = vif; 4745 wl->if_type = vif->type; 4746 memcpy(wl->mac_addr, vif->addr, ETH_ALEN); 4747 4748 b43_adjust_opmode(dev); 4749 b43_set_pretbtt(dev); 4750 b43_set_synth_pu_delay(dev, 0); 4751 b43_upload_card_macaddress(dev); 4752 4753 err = 0; 4754 out_mutex_unlock: 4755 mutex_unlock(&wl->mutex); 4756 4757 if (err == 0) 4758 b43_op_bss_info_changed(hw, vif, &vif->bss_conf, ~0); 4759 4760 return err; 4761} 4762 4763static void b43_op_remove_interface(struct ieee80211_hw *hw, 4764 struct ieee80211_vif *vif) 4765{ 4766 struct b43_wl *wl = hw_to_b43_wl(hw); 4767 struct b43_wldev *dev = wl->current_dev; 4768 4769 b43dbg(wl, "Removing Interface type %d\n", vif->type); 4770 4771 mutex_lock(&wl->mutex); 4772 4773 B43_WARN_ON(!wl->operating); 4774 B43_WARN_ON(wl->vif != vif); 4775 wl->vif = NULL; 4776 4777 wl->operating = false; 4778 4779 b43_adjust_opmode(dev); 4780 memset(wl->mac_addr, 0, ETH_ALEN); 4781 b43_upload_card_macaddress(dev); 4782 4783 mutex_unlock(&wl->mutex); 4784} 4785 4786static int b43_op_start(struct ieee80211_hw *hw) 4787{ 4788 struct b43_wl *wl = hw_to_b43_wl(hw); 4789 struct b43_wldev *dev = wl->current_dev; 4790 int did_init = 0; 4791 int err = 0; 4792 4793 /* Kill all old instance specific information to make sure 4794 * the card won't use it in the short timeframe between start 4795 * and mac80211 reconfiguring it. */ 4796 memset(wl->bssid, 0, ETH_ALEN); 4797 memset(wl->mac_addr, 0, ETH_ALEN); 4798 wl->filter_flags = 0; 4799 wl->radiotap_enabled = false; 4800 b43_qos_clear(wl); 4801 wl->beacon0_uploaded = false; 4802 wl->beacon1_uploaded = false; 4803 wl->beacon_templates_virgin = true; 4804 wl->radio_enabled = true; 4805 4806 mutex_lock(&wl->mutex); 4807 4808 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4809 err = b43_wireless_core_init(dev); 4810 if (err) 4811 goto out_mutex_unlock; 4812 did_init = 1; 4813 } 4814 4815 if (b43_status(dev) < B43_STAT_STARTED) { 4816 err = b43_wireless_core_start(dev); 4817 if (err) { 4818 if (did_init) 4819 b43_wireless_core_exit(dev); 4820 goto out_mutex_unlock; 4821 } 4822 } 4823 4824 /* XXX: only do if device doesn't support rfkill irq */ 4825 wiphy_rfkill_start_polling(hw->wiphy); 4826 4827 out_mutex_unlock: 4828 mutex_unlock(&wl->mutex); 4829 4830 /* 4831 * Configuration may have been overwritten during initialization. 4832 * Reload the configuration, but only if initialization was 4833 * successful. Reloading the configuration after a failed init 4834 * may hang the system. 4835 */ 4836 if (!err) 4837 b43_op_config(hw, ~0); 4838 4839 return err; 4840} 4841 4842static void b43_op_stop(struct ieee80211_hw *hw) 4843{ 4844 struct b43_wl *wl = hw_to_b43_wl(hw); 4845 struct b43_wldev *dev = wl->current_dev; 4846 4847 cancel_work_sync(&(wl->beacon_update_trigger)); 4848 4849 if (!dev) 4850 goto out; 4851 4852 mutex_lock(&wl->mutex); 4853 if (b43_status(dev) >= B43_STAT_STARTED) { 4854 dev = b43_wireless_core_stop(dev); 4855 if (!dev) 4856 goto out_unlock; 4857 } 4858 b43_wireless_core_exit(dev); 4859 wl->radio_enabled = false; 4860 4861out_unlock: 4862 mutex_unlock(&wl->mutex); 4863out: 4864 cancel_work_sync(&(wl->txpower_adjust_work)); 4865} 4866 4867static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4868 struct ieee80211_sta *sta, bool set) 4869{ 4870 struct b43_wl *wl = hw_to_b43_wl(hw); 4871 4872 /* FIXME: add locking */ 4873 b43_update_templates(wl); 4874 4875 return 0; 4876} 4877 4878static void b43_op_sta_notify(struct ieee80211_hw *hw, 4879 struct ieee80211_vif *vif, 4880 enum sta_notify_cmd notify_cmd, 4881 struct ieee80211_sta *sta) 4882{ 4883 struct b43_wl *wl = hw_to_b43_wl(hw); 4884 4885 B43_WARN_ON(!vif || wl->vif != vif); 4886} 4887 4888static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4889{ 4890 struct b43_wl *wl = hw_to_b43_wl(hw); 4891 struct b43_wldev *dev; 4892 4893 mutex_lock(&wl->mutex); 4894 dev = wl->current_dev; 4895 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4896 /* Disable CFP update during scan on other channels. */ 4897 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4898 } 4899 mutex_unlock(&wl->mutex); 4900} 4901 4902static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4903{ 4904 struct b43_wl *wl = hw_to_b43_wl(hw); 4905 struct b43_wldev *dev; 4906 4907 mutex_lock(&wl->mutex); 4908 dev = wl->current_dev; 4909 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4910 /* Re-enable CFP update. */ 4911 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4912 } 4913 mutex_unlock(&wl->mutex); 4914} 4915 4916static int b43_op_get_survey(struct ieee80211_hw *hw, int idx, 4917 struct survey_info *survey) 4918{ 4919 struct b43_wl *wl = hw_to_b43_wl(hw); 4920 struct b43_wldev *dev = wl->current_dev; 4921 struct ieee80211_conf *conf = &hw->conf; 4922 4923 if (idx != 0) 4924 return -ENOENT; 4925 4926 survey->channel = conf->channel; 4927 survey->filled = SURVEY_INFO_NOISE_DBM; 4928 survey->noise = dev->stats.link_noise; 4929 4930 return 0; 4931} 4932 4933static const struct ieee80211_ops b43_hw_ops = { 4934 .tx = b43_op_tx, 4935 .conf_tx = b43_op_conf_tx, 4936 .add_interface = b43_op_add_interface, 4937 .remove_interface = b43_op_remove_interface, 4938 .config = b43_op_config, 4939 .bss_info_changed = b43_op_bss_info_changed, 4940 .configure_filter = b43_op_configure_filter, 4941 .set_key = b43_op_set_key, 4942 .update_tkip_key = b43_op_update_tkip_key, 4943 .get_stats = b43_op_get_stats, 4944 .get_tsf = b43_op_get_tsf, 4945 .set_tsf = b43_op_set_tsf, 4946 .start = b43_op_start, 4947 .stop = b43_op_stop, 4948 .set_tim = b43_op_beacon_set_tim, 4949 .sta_notify = b43_op_sta_notify, 4950 .sw_scan_start = b43_op_sw_scan_start_notifier, 4951 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4952 .get_survey = b43_op_get_survey, 4953 .rfkill_poll = b43_rfkill_poll, 4954}; 4955 4956/* Hard-reset the chip. Do not call this directly. 4957 * Use b43_controller_restart() 4958 */ 4959static void b43_chip_reset(struct work_struct *work) 4960{ 4961 struct b43_wldev *dev = 4962 container_of(work, struct b43_wldev, restart_work); 4963 struct b43_wl *wl = dev->wl; 4964 int err = 0; 4965 int prev_status; 4966 4967 mutex_lock(&wl->mutex); 4968 4969 prev_status = b43_status(dev); 4970 /* Bring the device down... */ 4971 if (prev_status >= B43_STAT_STARTED) { 4972 dev = b43_wireless_core_stop(dev); 4973 if (!dev) { 4974 err = -ENODEV; 4975 goto out; 4976 } 4977 } 4978 if (prev_status >= B43_STAT_INITIALIZED) 4979 b43_wireless_core_exit(dev); 4980 4981 /* ...and up again. */ 4982 if (prev_status >= B43_STAT_INITIALIZED) { 4983 err = b43_wireless_core_init(dev); 4984 if (err) 4985 goto out; 4986 } 4987 if (prev_status >= B43_STAT_STARTED) { 4988 err = b43_wireless_core_start(dev); 4989 if (err) { 4990 b43_wireless_core_exit(dev); 4991 goto out; 4992 } 4993 } 4994out: 4995 if (err) 4996 wl->current_dev = NULL; /* Failed to init the dev. */ 4997 mutex_unlock(&wl->mutex); 4998 4999 if (err) { 5000 b43err(wl, "Controller restart FAILED\n"); 5001 return; 5002 } 5003 5004 /* reload configuration */ 5005 b43_op_config(wl->hw, ~0); 5006 if (wl->vif) 5007 b43_op_bss_info_changed(wl->hw, wl->vif, &wl->vif->bss_conf, ~0); 5008 5009 b43info(wl, "Controller restarted\n"); 5010} 5011 5012static int b43_setup_bands(struct b43_wldev *dev, 5013 bool have_2ghz_phy, bool have_5ghz_phy) 5014{ 5015 struct ieee80211_hw *hw = dev->wl->hw; 5016 5017 if (have_2ghz_phy) 5018 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 5019 if (dev->phy.type == B43_PHYTYPE_N) { 5020 if (have_5ghz_phy) 5021 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 5022 } else { 5023 if (have_5ghz_phy) 5024 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 5025 } 5026 5027 dev->phy.supports_2ghz = have_2ghz_phy; 5028 dev->phy.supports_5ghz = have_5ghz_phy; 5029 5030 return 0; 5031} 5032 5033static void b43_wireless_core_detach(struct b43_wldev *dev) 5034{ 5035 /* We release firmware that late to not be required to re-request 5036 * is all the time when we reinit the core. */ 5037 b43_release_firmware(dev); 5038 b43_phy_free(dev); 5039} 5040 5041static int b43_wireless_core_attach(struct b43_wldev *dev) 5042{ 5043 struct b43_wl *wl = dev->wl; 5044 struct pci_dev *pdev = NULL; 5045 int err; 5046 u32 tmp; 5047 bool have_2ghz_phy = false, have_5ghz_phy = false; 5048 5049 /* Do NOT do any device initialization here. 5050 * Do it in wireless_core_init() instead. 5051 * This function is for gathering basic information about the HW, only. 5052 * Also some structs may be set up here. But most likely you want to have 5053 * that in core_init(), too. 5054 */ 5055 5056#ifdef CONFIG_B43_SSB 5057 if (dev->dev->bus_type == B43_BUS_SSB && 5058 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI) 5059 pdev = dev->dev->sdev->bus->host_pci; 5060#endif 5061 5062 err = b43_bus_powerup(dev, 0); 5063 if (err) { 5064 b43err(wl, "Bus powerup failed\n"); 5065 goto out; 5066 } 5067 5068 /* Get the PHY type. */ 5069 switch (dev->dev->bus_type) { 5070#ifdef CONFIG_B43_BCMA 5071 case B43_BUS_BCMA: 5072 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOST); 5073 have_2ghz_phy = !!(tmp & B43_BCMA_IOST_2G_PHY); 5074 have_5ghz_phy = !!(tmp & B43_BCMA_IOST_5G_PHY); 5075 break; 5076#endif 5077#ifdef CONFIG_B43_SSB 5078 case B43_BUS_SSB: 5079 if (dev->dev->core_rev >= 5) { 5080 tmp = ssb_read32(dev->dev->sdev, SSB_TMSHIGH); 5081 have_2ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_2GHZ_PHY); 5082 have_5ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_5GHZ_PHY); 5083 } else 5084 B43_WARN_ON(1); 5085 break; 5086#endif 5087 } 5088 5089 dev->phy.gmode = have_2ghz_phy; 5090 dev->phy.radio_on = true; 5091 b43_wireless_core_reset(dev, dev->phy.gmode); 5092 5093 err = b43_phy_versioning(dev); 5094 if (err) 5095 goto err_powerdown; 5096 /* Check if this device supports multiband. */ 5097 if (!pdev || 5098 (pdev->device != 0x4312 && 5099 pdev->device != 0x4319 && pdev->device != 0x4324)) { 5100 /* No multiband support. */ 5101 have_2ghz_phy = false; 5102 have_5ghz_phy = false; 5103 switch (dev->phy.type) { 5104 case B43_PHYTYPE_A: 5105 have_5ghz_phy = true; 5106 break; 5107 case B43_PHYTYPE_LP: //FIXME not always! 5108#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 5109 have_5ghz_phy = 1; 5110#endif 5111 case B43_PHYTYPE_G: 5112 case B43_PHYTYPE_N: 5113 case B43_PHYTYPE_HT: 5114 case B43_PHYTYPE_LCN: 5115 have_2ghz_phy = true; 5116 break; 5117 default: 5118 B43_WARN_ON(1); 5119 } 5120 } 5121 if (dev->phy.type == B43_PHYTYPE_A) { 5122 /* FIXME */ 5123 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 5124 err = -EOPNOTSUPP; 5125 goto err_powerdown; 5126 } 5127 if (1 /* disable A-PHY */) { 5128 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 5129 if (dev->phy.type != B43_PHYTYPE_N && 5130 dev->phy.type != B43_PHYTYPE_LP) { 5131 have_2ghz_phy = true; 5132 have_5ghz_phy = false; 5133 } 5134 } 5135 5136 err = b43_phy_allocate(dev); 5137 if (err) 5138 goto err_powerdown; 5139 5140 dev->phy.gmode = have_2ghz_phy; 5141 b43_wireless_core_reset(dev, dev->phy.gmode); 5142 5143 err = b43_validate_chipaccess(dev); 5144 if (err) 5145 goto err_phy_free; 5146 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 5147 if (err) 5148 goto err_phy_free; 5149 5150 /* Now set some default "current_dev" */ 5151 if (!wl->current_dev) 5152 wl->current_dev = dev; 5153 INIT_WORK(&dev->restart_work, b43_chip_reset); 5154 5155 dev->phy.ops->switch_analog(dev, 0); 5156 b43_device_disable(dev, 0); 5157 b43_bus_may_powerdown(dev); 5158 5159out: 5160 return err; 5161 5162err_phy_free: 5163 b43_phy_free(dev); 5164err_powerdown: 5165 b43_bus_may_powerdown(dev); 5166 return err; 5167} 5168 5169static void b43_one_core_detach(struct b43_bus_dev *dev) 5170{ 5171 struct b43_wldev *wldev; 5172 struct b43_wl *wl; 5173 5174 /* Do not cancel ieee80211-workqueue based work here. 5175 * See comment in b43_remove(). */ 5176 5177 wldev = b43_bus_get_wldev(dev); 5178 wl = wldev->wl; 5179 b43_debugfs_remove_device(wldev); 5180 b43_wireless_core_detach(wldev); 5181 list_del(&wldev->list); 5182 wl->nr_devs--; 5183 b43_bus_set_wldev(dev, NULL); 5184 kfree(wldev); 5185} 5186 5187static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl) 5188{ 5189 struct b43_wldev *wldev; 5190 int err = -ENOMEM; 5191 5192 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 5193 if (!wldev) 5194 goto out; 5195 5196 wldev->use_pio = b43_modparam_pio; 5197 wldev->dev = dev; 5198 wldev->wl = wl; 5199 b43_set_status(wldev, B43_STAT_UNINIT); 5200 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 5201 INIT_LIST_HEAD(&wldev->list); 5202 5203 err = b43_wireless_core_attach(wldev); 5204 if (err) 5205 goto err_kfree_wldev; 5206 5207 list_add(&wldev->list, &wl->devlist); 5208 wl->nr_devs++; 5209 b43_bus_set_wldev(dev, wldev); 5210 b43_debugfs_add_device(wldev); 5211 5212 out: 5213 return err; 5214 5215 err_kfree_wldev: 5216 kfree(wldev); 5217 return err; 5218} 5219 5220#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 5221 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 5222 (pdev->device == _device) && \ 5223 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 5224 (pdev->subsystem_device == _subdevice) ) 5225 5226static void b43_sprom_fixup(struct ssb_bus *bus) 5227{ 5228 struct pci_dev *pdev; 5229 5230 /* boardflags workarounds */ 5231 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 5232 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 5233 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 5234 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 5235 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 5236 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 5237 if (bus->bustype == SSB_BUSTYPE_PCI) { 5238 pdev = bus->host_pci; 5239 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 5240 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 5241 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 5242 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 5243 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 5244 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 5245 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 5246 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 5247 } 5248} 5249 5250static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl) 5251{ 5252 struct ieee80211_hw *hw = wl->hw; 5253 5254 ssb_set_devtypedata(dev->sdev, NULL); 5255 ieee80211_free_hw(hw); 5256} 5257 5258static struct b43_wl *b43_wireless_init(struct b43_bus_dev *dev) 5259{ 5260 struct ssb_sprom *sprom = dev->bus_sprom; 5261 struct ieee80211_hw *hw; 5262 struct b43_wl *wl; 5263 char chip_name[6]; 5264 int queue_num; 5265 5266 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 5267 if (!hw) { 5268 b43err(NULL, "Could not allocate ieee80211 device\n"); 5269 return ERR_PTR(-ENOMEM); 5270 } 5271 wl = hw_to_b43_wl(hw); 5272 5273 /* fill hw info */ 5274 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 5275 IEEE80211_HW_SIGNAL_DBM; 5276 5277 hw->wiphy->interface_modes = 5278 BIT(NL80211_IFTYPE_AP) | 5279 BIT(NL80211_IFTYPE_MESH_POINT) | 5280 BIT(NL80211_IFTYPE_STATION) | 5281 BIT(NL80211_IFTYPE_WDS) | 5282 BIT(NL80211_IFTYPE_ADHOC); 5283 5284 hw->queues = modparam_qos ? B43_QOS_QUEUE_NUM : 1; 5285 wl->mac80211_initially_registered_queues = hw->queues; 5286 hw->max_rates = 2; 5287 SET_IEEE80211_DEV(hw, dev->dev); 5288 if (is_valid_ether_addr(sprom->et1mac)) 5289 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 5290 else 5291 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 5292 5293 /* Initialize struct b43_wl */ 5294 wl->hw = hw; 5295 mutex_init(&wl->mutex); 5296 spin_lock_init(&wl->hardirq_lock); 5297 INIT_LIST_HEAD(&wl->devlist); 5298 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 5299 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 5300 INIT_WORK(&wl->tx_work, b43_tx_work); 5301 5302 /* Initialize queues and flags. */ 5303 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) { 5304 skb_queue_head_init(&wl->tx_queue[queue_num]); 5305 wl->tx_queue_stopped[queue_num] = 0; 5306 } 5307 5308 snprintf(chip_name, ARRAY_SIZE(chip_name), 5309 (dev->chip_id > 0x9999) ? "%d" : "%04X", dev->chip_id); 5310 b43info(wl, "Broadcom %s WLAN found (core revision %u)\n", chip_name, 5311 dev->core_rev); 5312 return wl; 5313} 5314 5315#ifdef CONFIG_B43_BCMA 5316static int b43_bcma_probe(struct bcma_device *core) 5317{ 5318 struct b43_bus_dev *dev; 5319 struct b43_wl *wl; 5320 int err; 5321 5322 dev = b43_bus_dev_bcma_init(core); 5323 if (!dev) 5324 return -ENODEV; 5325 5326 wl = b43_wireless_init(dev); 5327 if (IS_ERR(wl)) { 5328 err = PTR_ERR(wl); 5329 goto bcma_out; 5330 } 5331 5332 err = b43_one_core_attach(dev, wl); 5333 if (err) 5334 goto bcma_err_wireless_exit; 5335 5336 /* setup and start work to load firmware */ 5337 INIT_WORK(&wl->firmware_load, b43_request_firmware); 5338 schedule_work(&wl->firmware_load); 5339 5340bcma_out: 5341 return err; 5342 5343bcma_err_wireless_exit: 5344 ieee80211_free_hw(wl->hw); 5345 return err; 5346} 5347 5348static void b43_bcma_remove(struct bcma_device *core) 5349{ 5350 struct b43_wldev *wldev = bcma_get_drvdata(core); 5351 struct b43_wl *wl = wldev->wl; 5352 5353 /* We must cancel any work here before unregistering from ieee80211, 5354 * as the ieee80211 unreg will destroy the workqueue. */ 5355 cancel_work_sync(&wldev->restart_work); 5356 5357 /* Restore the queues count before unregistering, because firmware detect 5358 * might have modified it. Restoring is important, so the networking 5359 * stack can properly free resources. */ 5360 wl->hw->queues = wl->mac80211_initially_registered_queues; 5361 b43_leds_stop(wldev); 5362 ieee80211_unregister_hw(wl->hw); 5363 5364 b43_one_core_detach(wldev->dev); 5365 5366 b43_leds_unregister(wl); 5367 5368 ieee80211_free_hw(wl->hw); 5369} 5370 5371static struct bcma_driver b43_bcma_driver = { 5372 .name = KBUILD_MODNAME, 5373 .id_table = b43_bcma_tbl, 5374 .probe = b43_bcma_probe, 5375 .remove = b43_bcma_remove, 5376}; 5377#endif 5378 5379#ifdef CONFIG_B43_SSB 5380static 5381int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id) 5382{ 5383 struct b43_bus_dev *dev; 5384 struct b43_wl *wl; 5385 int err; 5386 int first = 0; 5387 5388 dev = b43_bus_dev_ssb_init(sdev); 5389 if (!dev) 5390 return -ENOMEM; 5391 5392 wl = ssb_get_devtypedata(sdev); 5393 if (!wl) { 5394 /* Probing the first core. Must setup common struct b43_wl */ 5395 first = 1; 5396 b43_sprom_fixup(sdev->bus); 5397 wl = b43_wireless_init(dev); 5398 if (IS_ERR(wl)) { 5399 err = PTR_ERR(wl); 5400 goto out; 5401 } 5402 ssb_set_devtypedata(sdev, wl); 5403 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl); 5404 } 5405 err = b43_one_core_attach(dev, wl); 5406 if (err) 5407 goto err_wireless_exit; 5408 5409 /* setup and start work to load firmware */ 5410 INIT_WORK(&wl->firmware_load, b43_request_firmware); 5411 schedule_work(&wl->firmware_load); 5412 5413 out: 5414 return err; 5415 5416 err_wireless_exit: 5417 if (first) 5418 b43_wireless_exit(dev, wl); 5419 return err; 5420} 5421 5422static void b43_ssb_remove(struct ssb_device *sdev) 5423{ 5424 struct b43_wl *wl = ssb_get_devtypedata(sdev); 5425 struct b43_wldev *wldev = ssb_get_drvdata(sdev); 5426 struct b43_bus_dev *dev = wldev->dev; 5427 5428 /* We must cancel any work here before unregistering from ieee80211, 5429 * as the ieee80211 unreg will destroy the workqueue. */ 5430 cancel_work_sync(&wldev->restart_work); 5431 5432 B43_WARN_ON(!wl); 5433 if (wl->current_dev == wldev) { 5434 /* Restore the queues count before unregistering, because firmware detect 5435 * might have modified it. Restoring is important, so the networking 5436 * stack can properly free resources. */ 5437 wl->hw->queues = wl->mac80211_initially_registered_queues; 5438 b43_leds_stop(wldev); 5439 ieee80211_unregister_hw(wl->hw); 5440 } 5441 5442 b43_one_core_detach(dev); 5443 5444 if (list_empty(&wl->devlist)) { 5445 b43_leds_unregister(wl); 5446 /* Last core on the chip unregistered. 5447 * We can destroy common struct b43_wl. 5448 */ 5449 b43_wireless_exit(dev, wl); 5450 } 5451} 5452 5453static struct ssb_driver b43_ssb_driver = { 5454 .name = KBUILD_MODNAME, 5455 .id_table = b43_ssb_tbl, 5456 .probe = b43_ssb_probe, 5457 .remove = b43_ssb_remove, 5458}; 5459#endif /* CONFIG_B43_SSB */ 5460 5461/* Perform a hardware reset. This can be called from any context. */ 5462void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5463{ 5464 /* Must avoid requeueing, if we are in shutdown. */ 5465 if (b43_status(dev) < B43_STAT_INITIALIZED) 5466 return; 5467 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5468 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5469} 5470 5471static void b43_print_driverinfo(void) 5472{ 5473 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5474 *feat_leds = "", *feat_sdio = ""; 5475 5476#ifdef CONFIG_B43_PCI_AUTOSELECT 5477 feat_pci = "P"; 5478#endif 5479#ifdef CONFIG_B43_PCMCIA 5480 feat_pcmcia = "M"; 5481#endif 5482#ifdef CONFIG_B43_PHY_N 5483 feat_nphy = "N"; 5484#endif 5485#ifdef CONFIG_B43_LEDS 5486 feat_leds = "L"; 5487#endif 5488#ifdef CONFIG_B43_SDIO 5489 feat_sdio = "S"; 5490#endif 5491 printk(KERN_INFO "Broadcom 43xx driver loaded " 5492 "[ Features: %s%s%s%s%s ]\n", 5493 feat_pci, feat_pcmcia, feat_nphy, 5494 feat_leds, feat_sdio); 5495} 5496 5497static int __init b43_init(void) 5498{ 5499 int err; 5500 5501 b43_debugfs_init(); 5502 err = b43_pcmcia_init(); 5503 if (err) 5504 goto err_dfs_exit; 5505 err = b43_sdio_init(); 5506 if (err) 5507 goto err_pcmcia_exit; 5508#ifdef CONFIG_B43_BCMA 5509 err = bcma_driver_register(&b43_bcma_driver); 5510 if (err) 5511 goto err_sdio_exit; 5512#endif 5513#ifdef CONFIG_B43_SSB 5514 err = ssb_driver_register(&b43_ssb_driver); 5515 if (err) 5516 goto err_bcma_driver_exit; 5517#endif 5518 b43_print_driverinfo(); 5519 5520 return err; 5521 5522#ifdef CONFIG_B43_SSB 5523err_bcma_driver_exit: 5524#endif 5525#ifdef CONFIG_B43_BCMA 5526 bcma_driver_unregister(&b43_bcma_driver); 5527err_sdio_exit: 5528#endif 5529 b43_sdio_exit(); 5530err_pcmcia_exit: 5531 b43_pcmcia_exit(); 5532err_dfs_exit: 5533 b43_debugfs_exit(); 5534 return err; 5535} 5536 5537static void __exit b43_exit(void) 5538{ 5539#ifdef CONFIG_B43_SSB 5540 ssb_driver_unregister(&b43_ssb_driver); 5541#endif 5542#ifdef CONFIG_B43_BCMA 5543 bcma_driver_unregister(&b43_bcma_driver); 5544#endif 5545 b43_sdio_exit(); 5546 b43_pcmcia_exit(); 5547 b43_debugfs_exit(); 5548} 5549 5550module_init(b43_init) 5551module_exit(b43_exit) 5552