main.c revision 21a75d7788f4e29b6c6d28e08f9f0310c4de828d
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 Some parts of the code in this file are derived from the ipw2200 12 driver Copyright(c) 2003 - 2004 Intel Corporation. 13 14 This program is free software; you can redistribute it and/or modify 15 it under the terms of the GNU General Public License as published by 16 the Free Software Foundation; either version 2 of the License, or 17 (at your option) any later version. 18 19 This program is distributed in the hope that it will be useful, 20 but WITHOUT ANY WARRANTY; without even the implied warranty of 21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 GNU General Public License for more details. 23 24 You should have received a copy of the GNU General Public License 25 along with this program; see the file COPYING. If not, write to 26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 27 Boston, MA 02110-1301, USA. 28 29*/ 30 31#include <linux/delay.h> 32#include <linux/init.h> 33#include <linux/moduleparam.h> 34#include <linux/if_arp.h> 35#include <linux/etherdevice.h> 36#include <linux/version.h> 37#include <linux/firmware.h> 38#include <linux/wireless.h> 39#include <linux/workqueue.h> 40#include <linux/skbuff.h> 41#include <linux/io.h> 42#include <linux/dma-mapping.h> 43#include <asm/unaligned.h> 44 45#include "b43.h" 46#include "main.h" 47#include "debugfs.h" 48#include "phy.h" 49#include "nphy.h" 50#include "dma.h" 51#include "pio.h" 52#include "sysfs.h" 53#include "xmit.h" 54#include "lo.h" 55#include "pcmcia.h" 56 57MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 58MODULE_AUTHOR("Martin Langer"); 59MODULE_AUTHOR("Stefano Brivio"); 60MODULE_AUTHOR("Michael Buesch"); 61MODULE_LICENSE("GPL"); 62 63MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 64 65 66static int modparam_bad_frames_preempt; 67module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 68MODULE_PARM_DESC(bad_frames_preempt, 69 "enable(1) / disable(0) Bad Frames Preemption"); 70 71static char modparam_fwpostfix[16]; 72module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 73MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 74 75static int modparam_hwpctl; 76module_param_named(hwpctl, modparam_hwpctl, int, 0444); 77MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 78 79static int modparam_nohwcrypt; 80module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 81MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 82 83int b43_modparam_qos = 1; 84module_param_named(qos, b43_modparam_qos, int, 0444); 85MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 86 87static int modparam_btcoex = 1; 88module_param_named(btcoex, modparam_btcoex, int, 0444); 89MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistance (default on)"); 90 91 92static const struct ssb_device_id b43_ssb_tbl[] = { 93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 96 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 97 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 98 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 99 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 100 SSB_DEVTABLE_END 101}; 102 103MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 104 105/* Channel and ratetables are shared for all devices. 106 * They can't be const, because ieee80211 puts some precalculated 107 * data in there. This data is the same for all devices, so we don't 108 * get concurrency issues */ 109#define RATETAB_ENT(_rateid, _flags) \ 110 { \ 111 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 112 .hw_value = (_rateid), \ 113 .flags = (_flags), \ 114 } 115 116/* 117 * NOTE: When changing this, sync with xmit.c's 118 * b43_plcp_get_bitrate_idx_* functions! 119 */ 120static struct ieee80211_rate __b43_ratetable[] = { 121 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 122 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 123 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 124 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 125 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 126 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 127 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 128 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 129 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 130 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 131 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 132 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 133}; 134 135#define b43_a_ratetable (__b43_ratetable + 4) 136#define b43_a_ratetable_size 8 137#define b43_b_ratetable (__b43_ratetable + 0) 138#define b43_b_ratetable_size 4 139#define b43_g_ratetable (__b43_ratetable + 0) 140#define b43_g_ratetable_size 12 141 142#define CHAN4G(_channel, _freq, _flags) { \ 143 .band = IEEE80211_BAND_2GHZ, \ 144 .center_freq = (_freq), \ 145 .hw_value = (_channel), \ 146 .flags = (_flags), \ 147 .max_antenna_gain = 0, \ 148 .max_power = 30, \ 149} 150static struct ieee80211_channel b43_2ghz_chantable[] = { 151 CHAN4G(1, 2412, 0), 152 CHAN4G(2, 2417, 0), 153 CHAN4G(3, 2422, 0), 154 CHAN4G(4, 2427, 0), 155 CHAN4G(5, 2432, 0), 156 CHAN4G(6, 2437, 0), 157 CHAN4G(7, 2442, 0), 158 CHAN4G(8, 2447, 0), 159 CHAN4G(9, 2452, 0), 160 CHAN4G(10, 2457, 0), 161 CHAN4G(11, 2462, 0), 162 CHAN4G(12, 2467, 0), 163 CHAN4G(13, 2472, 0), 164 CHAN4G(14, 2484, 0), 165}; 166#undef CHAN4G 167 168#define CHAN5G(_channel, _flags) { \ 169 .band = IEEE80211_BAND_5GHZ, \ 170 .center_freq = 5000 + (5 * (_channel)), \ 171 .hw_value = (_channel), \ 172 .flags = (_flags), \ 173 .max_antenna_gain = 0, \ 174 .max_power = 30, \ 175} 176static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 177 CHAN5G(32, 0), CHAN5G(34, 0), 178 CHAN5G(36, 0), CHAN5G(38, 0), 179 CHAN5G(40, 0), CHAN5G(42, 0), 180 CHAN5G(44, 0), CHAN5G(46, 0), 181 CHAN5G(48, 0), CHAN5G(50, 0), 182 CHAN5G(52, 0), CHAN5G(54, 0), 183 CHAN5G(56, 0), CHAN5G(58, 0), 184 CHAN5G(60, 0), CHAN5G(62, 0), 185 CHAN5G(64, 0), CHAN5G(66, 0), 186 CHAN5G(68, 0), CHAN5G(70, 0), 187 CHAN5G(72, 0), CHAN5G(74, 0), 188 CHAN5G(76, 0), CHAN5G(78, 0), 189 CHAN5G(80, 0), CHAN5G(82, 0), 190 CHAN5G(84, 0), CHAN5G(86, 0), 191 CHAN5G(88, 0), CHAN5G(90, 0), 192 CHAN5G(92, 0), CHAN5G(94, 0), 193 CHAN5G(96, 0), CHAN5G(98, 0), 194 CHAN5G(100, 0), CHAN5G(102, 0), 195 CHAN5G(104, 0), CHAN5G(106, 0), 196 CHAN5G(108, 0), CHAN5G(110, 0), 197 CHAN5G(112, 0), CHAN5G(114, 0), 198 CHAN5G(116, 0), CHAN5G(118, 0), 199 CHAN5G(120, 0), CHAN5G(122, 0), 200 CHAN5G(124, 0), CHAN5G(126, 0), 201 CHAN5G(128, 0), CHAN5G(130, 0), 202 CHAN5G(132, 0), CHAN5G(134, 0), 203 CHAN5G(136, 0), CHAN5G(138, 0), 204 CHAN5G(140, 0), CHAN5G(142, 0), 205 CHAN5G(144, 0), CHAN5G(145, 0), 206 CHAN5G(146, 0), CHAN5G(147, 0), 207 CHAN5G(148, 0), CHAN5G(149, 0), 208 CHAN5G(150, 0), CHAN5G(151, 0), 209 CHAN5G(152, 0), CHAN5G(153, 0), 210 CHAN5G(154, 0), CHAN5G(155, 0), 211 CHAN5G(156, 0), CHAN5G(157, 0), 212 CHAN5G(158, 0), CHAN5G(159, 0), 213 CHAN5G(160, 0), CHAN5G(161, 0), 214 CHAN5G(162, 0), CHAN5G(163, 0), 215 CHAN5G(164, 0), CHAN5G(165, 0), 216 CHAN5G(166, 0), CHAN5G(168, 0), 217 CHAN5G(170, 0), CHAN5G(172, 0), 218 CHAN5G(174, 0), CHAN5G(176, 0), 219 CHAN5G(178, 0), CHAN5G(180, 0), 220 CHAN5G(182, 0), CHAN5G(184, 0), 221 CHAN5G(186, 0), CHAN5G(188, 0), 222 CHAN5G(190, 0), CHAN5G(192, 0), 223 CHAN5G(194, 0), CHAN5G(196, 0), 224 CHAN5G(198, 0), CHAN5G(200, 0), 225 CHAN5G(202, 0), CHAN5G(204, 0), 226 CHAN5G(206, 0), CHAN5G(208, 0), 227 CHAN5G(210, 0), CHAN5G(212, 0), 228 CHAN5G(214, 0), CHAN5G(216, 0), 229 CHAN5G(218, 0), CHAN5G(220, 0), 230 CHAN5G(222, 0), CHAN5G(224, 0), 231 CHAN5G(226, 0), CHAN5G(228, 0), 232}; 233 234static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 235 CHAN5G(34, 0), CHAN5G(36, 0), 236 CHAN5G(38, 0), CHAN5G(40, 0), 237 CHAN5G(42, 0), CHAN5G(44, 0), 238 CHAN5G(46, 0), CHAN5G(48, 0), 239 CHAN5G(52, 0), CHAN5G(56, 0), 240 CHAN5G(60, 0), CHAN5G(64, 0), 241 CHAN5G(100, 0), CHAN5G(104, 0), 242 CHAN5G(108, 0), CHAN5G(112, 0), 243 CHAN5G(116, 0), CHAN5G(120, 0), 244 CHAN5G(124, 0), CHAN5G(128, 0), 245 CHAN5G(132, 0), CHAN5G(136, 0), 246 CHAN5G(140, 0), CHAN5G(149, 0), 247 CHAN5G(153, 0), CHAN5G(157, 0), 248 CHAN5G(161, 0), CHAN5G(165, 0), 249 CHAN5G(184, 0), CHAN5G(188, 0), 250 CHAN5G(192, 0), CHAN5G(196, 0), 251 CHAN5G(200, 0), CHAN5G(204, 0), 252 CHAN5G(208, 0), CHAN5G(212, 0), 253 CHAN5G(216, 0), 254}; 255#undef CHAN5G 256 257static struct ieee80211_supported_band b43_band_5GHz_nphy = { 258 .band = IEEE80211_BAND_5GHZ, 259 .channels = b43_5ghz_nphy_chantable, 260 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 261 .bitrates = b43_a_ratetable, 262 .n_bitrates = b43_a_ratetable_size, 263}; 264 265static struct ieee80211_supported_band b43_band_5GHz_aphy = { 266 .band = IEEE80211_BAND_5GHZ, 267 .channels = b43_5ghz_aphy_chantable, 268 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 269 .bitrates = b43_a_ratetable, 270 .n_bitrates = b43_a_ratetable_size, 271}; 272 273static struct ieee80211_supported_band b43_band_2GHz = { 274 .band = IEEE80211_BAND_2GHZ, 275 .channels = b43_2ghz_chantable, 276 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 277 .bitrates = b43_g_ratetable, 278 .n_bitrates = b43_g_ratetable_size, 279}; 280 281static void b43_wireless_core_exit(struct b43_wldev *dev); 282static int b43_wireless_core_init(struct b43_wldev *dev); 283static void b43_wireless_core_stop(struct b43_wldev *dev); 284static int b43_wireless_core_start(struct b43_wldev *dev); 285 286static int b43_ratelimit(struct b43_wl *wl) 287{ 288 if (!wl || !wl->current_dev) 289 return 1; 290 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 291 return 1; 292 /* We are up and running. 293 * Ratelimit the messages to avoid DoS over the net. */ 294 return net_ratelimit(); 295} 296 297void b43info(struct b43_wl *wl, const char *fmt, ...) 298{ 299 va_list args; 300 301 if (!b43_ratelimit(wl)) 302 return; 303 va_start(args, fmt); 304 printk(KERN_INFO "b43-%s: ", 305 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 306 vprintk(fmt, args); 307 va_end(args); 308} 309 310void b43err(struct b43_wl *wl, const char *fmt, ...) 311{ 312 va_list args; 313 314 if (!b43_ratelimit(wl)) 315 return; 316 va_start(args, fmt); 317 printk(KERN_ERR "b43-%s ERROR: ", 318 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 319 vprintk(fmt, args); 320 va_end(args); 321} 322 323void b43warn(struct b43_wl *wl, const char *fmt, ...) 324{ 325 va_list args; 326 327 if (!b43_ratelimit(wl)) 328 return; 329 va_start(args, fmt); 330 printk(KERN_WARNING "b43-%s warning: ", 331 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 332 vprintk(fmt, args); 333 va_end(args); 334} 335 336#if B43_DEBUG 337void b43dbg(struct b43_wl *wl, const char *fmt, ...) 338{ 339 va_list args; 340 341 va_start(args, fmt); 342 printk(KERN_DEBUG "b43-%s debug: ", 343 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 344 vprintk(fmt, args); 345 va_end(args); 346} 347#endif /* DEBUG */ 348 349static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 350{ 351 u32 macctl; 352 353 B43_WARN_ON(offset % 4 != 0); 354 355 macctl = b43_read32(dev, B43_MMIO_MACCTL); 356 if (macctl & B43_MACCTL_BE) 357 val = swab32(val); 358 359 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 360 mmiowb(); 361 b43_write32(dev, B43_MMIO_RAM_DATA, val); 362} 363 364static inline void b43_shm_control_word(struct b43_wldev *dev, 365 u16 routing, u16 offset) 366{ 367 u32 control; 368 369 /* "offset" is the WORD offset. */ 370 control = routing; 371 control <<= 16; 372 control |= offset; 373 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 374} 375 376u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 377{ 378 struct b43_wl *wl = dev->wl; 379 unsigned long flags; 380 u32 ret; 381 382 spin_lock_irqsave(&wl->shm_lock, flags); 383 if (routing == B43_SHM_SHARED) { 384 B43_WARN_ON(offset & 0x0001); 385 if (offset & 0x0003) { 386 /* Unaligned access */ 387 b43_shm_control_word(dev, routing, offset >> 2); 388 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 389 ret <<= 16; 390 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 391 ret |= b43_read16(dev, B43_MMIO_SHM_DATA); 392 393 goto out; 394 } 395 offset >>= 2; 396 } 397 b43_shm_control_word(dev, routing, offset); 398 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 399out: 400 spin_unlock_irqrestore(&wl->shm_lock, flags); 401 402 return ret; 403} 404 405u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset) 406{ 407 struct b43_wl *wl = dev->wl; 408 unsigned long flags; 409 u16 ret; 410 411 spin_lock_irqsave(&wl->shm_lock, flags); 412 if (routing == B43_SHM_SHARED) { 413 B43_WARN_ON(offset & 0x0001); 414 if (offset & 0x0003) { 415 /* Unaligned access */ 416 b43_shm_control_word(dev, routing, offset >> 2); 417 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 418 419 goto out; 420 } 421 offset >>= 2; 422 } 423 b43_shm_control_word(dev, routing, offset); 424 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 425out: 426 spin_unlock_irqrestore(&wl->shm_lock, flags); 427 428 return ret; 429} 430 431void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 432{ 433 struct b43_wl *wl = dev->wl; 434 unsigned long flags; 435 436 spin_lock_irqsave(&wl->shm_lock, flags); 437 if (routing == B43_SHM_SHARED) { 438 B43_WARN_ON(offset & 0x0001); 439 if (offset & 0x0003) { 440 /* Unaligned access */ 441 b43_shm_control_word(dev, routing, offset >> 2); 442 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 443 (value >> 16) & 0xffff); 444 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 445 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff); 446 goto out; 447 } 448 offset >>= 2; 449 } 450 b43_shm_control_word(dev, routing, offset); 451 b43_write32(dev, B43_MMIO_SHM_DATA, value); 452out: 453 spin_unlock_irqrestore(&wl->shm_lock, flags); 454} 455 456void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 457{ 458 struct b43_wl *wl = dev->wl; 459 unsigned long flags; 460 461 spin_lock_irqsave(&wl->shm_lock, flags); 462 if (routing == B43_SHM_SHARED) { 463 B43_WARN_ON(offset & 0x0001); 464 if (offset & 0x0003) { 465 /* Unaligned access */ 466 b43_shm_control_word(dev, routing, offset >> 2); 467 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 468 goto out; 469 } 470 offset >>= 2; 471 } 472 b43_shm_control_word(dev, routing, offset); 473 b43_write16(dev, B43_MMIO_SHM_DATA, value); 474out: 475 spin_unlock_irqrestore(&wl->shm_lock, flags); 476} 477 478/* Read HostFlags */ 479u64 b43_hf_read(struct b43_wldev * dev) 480{ 481 u64 ret; 482 483 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 484 ret <<= 16; 485 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 486 ret <<= 16; 487 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 488 489 return ret; 490} 491 492/* Write HostFlags */ 493void b43_hf_write(struct b43_wldev *dev, u64 value) 494{ 495 u16 lo, mi, hi; 496 497 lo = (value & 0x00000000FFFFULL); 498 mi = (value & 0x0000FFFF0000ULL) >> 16; 499 hi = (value & 0xFFFF00000000ULL) >> 32; 500 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 501 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 502 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 503} 504 505void b43_tsf_read(struct b43_wldev *dev, u64 * tsf) 506{ 507 /* We need to be careful. As we read the TSF from multiple 508 * registers, we should take care of register overflows. 509 * In theory, the whole tsf read process should be atomic. 510 * We try to be atomic here, by restaring the read process, 511 * if any of the high registers changed (overflew). 512 */ 513 if (dev->dev->id.revision >= 3) { 514 u32 low, high, high2; 515 516 do { 517 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 518 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 519 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 520 } while (unlikely(high != high2)); 521 522 *tsf = high; 523 *tsf <<= 32; 524 *tsf |= low; 525 } else { 526 u64 tmp; 527 u16 v0, v1, v2, v3; 528 u16 test1, test2, test3; 529 530 do { 531 v3 = b43_read16(dev, B43_MMIO_TSF_3); 532 v2 = b43_read16(dev, B43_MMIO_TSF_2); 533 v1 = b43_read16(dev, B43_MMIO_TSF_1); 534 v0 = b43_read16(dev, B43_MMIO_TSF_0); 535 536 test3 = b43_read16(dev, B43_MMIO_TSF_3); 537 test2 = b43_read16(dev, B43_MMIO_TSF_2); 538 test1 = b43_read16(dev, B43_MMIO_TSF_1); 539 } while (v3 != test3 || v2 != test2 || v1 != test1); 540 541 *tsf = v3; 542 *tsf <<= 48; 543 tmp = v2; 544 tmp <<= 32; 545 *tsf |= tmp; 546 tmp = v1; 547 tmp <<= 16; 548 *tsf |= tmp; 549 *tsf |= v0; 550 } 551} 552 553static void b43_time_lock(struct b43_wldev *dev) 554{ 555 u32 macctl; 556 557 macctl = b43_read32(dev, B43_MMIO_MACCTL); 558 macctl |= B43_MACCTL_TBTTHOLD; 559 b43_write32(dev, B43_MMIO_MACCTL, macctl); 560 /* Commit the write */ 561 b43_read32(dev, B43_MMIO_MACCTL); 562} 563 564static void b43_time_unlock(struct b43_wldev *dev) 565{ 566 u32 macctl; 567 568 macctl = b43_read32(dev, B43_MMIO_MACCTL); 569 macctl &= ~B43_MACCTL_TBTTHOLD; 570 b43_write32(dev, B43_MMIO_MACCTL, macctl); 571 /* Commit the write */ 572 b43_read32(dev, B43_MMIO_MACCTL); 573} 574 575static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 576{ 577 /* Be careful with the in-progress timer. 578 * First zero out the low register, so we have a full 579 * register-overflow duration to complete the operation. 580 */ 581 if (dev->dev->id.revision >= 3) { 582 u32 lo = (tsf & 0x00000000FFFFFFFFULL); 583 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32; 584 585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0); 586 mmiowb(); 587 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi); 588 mmiowb(); 589 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo); 590 } else { 591 u16 v0 = (tsf & 0x000000000000FFFFULL); 592 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16; 593 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32; 594 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48; 595 596 b43_write16(dev, B43_MMIO_TSF_0, 0); 597 mmiowb(); 598 b43_write16(dev, B43_MMIO_TSF_3, v3); 599 mmiowb(); 600 b43_write16(dev, B43_MMIO_TSF_2, v2); 601 mmiowb(); 602 b43_write16(dev, B43_MMIO_TSF_1, v1); 603 mmiowb(); 604 b43_write16(dev, B43_MMIO_TSF_0, v0); 605 } 606} 607 608void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 609{ 610 b43_time_lock(dev); 611 b43_tsf_write_locked(dev, tsf); 612 b43_time_unlock(dev); 613} 614 615static 616void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac) 617{ 618 static const u8 zero_addr[ETH_ALEN] = { 0 }; 619 u16 data; 620 621 if (!mac) 622 mac = zero_addr; 623 624 offset |= 0x0020; 625 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 626 627 data = mac[0]; 628 data |= mac[1] << 8; 629 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 630 data = mac[2]; 631 data |= mac[3] << 8; 632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 633 data = mac[4]; 634 data |= mac[5] << 8; 635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 636} 637 638static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 639{ 640 const u8 *mac; 641 const u8 *bssid; 642 u8 mac_bssid[ETH_ALEN * 2]; 643 int i; 644 u32 tmp; 645 646 bssid = dev->wl->bssid; 647 mac = dev->wl->mac_addr; 648 649 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 650 651 memcpy(mac_bssid, mac, ETH_ALEN); 652 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 653 654 /* Write our MAC address and BSSID to template ram */ 655 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 656 tmp = (u32) (mac_bssid[i + 0]); 657 tmp |= (u32) (mac_bssid[i + 1]) << 8; 658 tmp |= (u32) (mac_bssid[i + 2]) << 16; 659 tmp |= (u32) (mac_bssid[i + 3]) << 24; 660 b43_ram_write(dev, 0x20 + i, tmp); 661 } 662} 663 664static void b43_upload_card_macaddress(struct b43_wldev *dev) 665{ 666 b43_write_mac_bssid_templates(dev); 667 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 668} 669 670static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 671{ 672 /* slot_time is in usec. */ 673 if (dev->phy.type != B43_PHYTYPE_G) 674 return; 675 b43_write16(dev, 0x684, 510 + slot_time); 676 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 677} 678 679static void b43_short_slot_timing_enable(struct b43_wldev *dev) 680{ 681 b43_set_slot_time(dev, 9); 682 dev->short_slot = 1; 683} 684 685static void b43_short_slot_timing_disable(struct b43_wldev *dev) 686{ 687 b43_set_slot_time(dev, 20); 688 dev->short_slot = 0; 689} 690 691/* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable. 692 * Returns the _previously_ enabled IRQ mask. 693 */ 694static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask) 695{ 696 u32 old_mask; 697 698 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 699 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask); 700 701 return old_mask; 702} 703 704/* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable. 705 * Returns the _previously_ enabled IRQ mask. 706 */ 707static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask) 708{ 709 u32 old_mask; 710 711 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 712 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask); 713 714 return old_mask; 715} 716 717/* Synchronize IRQ top- and bottom-half. 718 * IRQs must be masked before calling this. 719 * This must not be called with the irq_lock held. 720 */ 721static void b43_synchronize_irq(struct b43_wldev *dev) 722{ 723 synchronize_irq(dev->dev->irq); 724 tasklet_kill(&dev->isr_tasklet); 725} 726 727/* DummyTransmission function, as documented on 728 * http://bcm-specs.sipsolutions.net/DummyTransmission 729 */ 730void b43_dummy_transmission(struct b43_wldev *dev) 731{ 732 struct b43_wl *wl = dev->wl; 733 struct b43_phy *phy = &dev->phy; 734 unsigned int i, max_loop; 735 u16 value; 736 u32 buffer[5] = { 737 0x00000000, 738 0x00D40000, 739 0x00000000, 740 0x01000000, 741 0x00000000, 742 }; 743 744 switch (phy->type) { 745 case B43_PHYTYPE_A: 746 max_loop = 0x1E; 747 buffer[0] = 0x000201CC; 748 break; 749 case B43_PHYTYPE_B: 750 case B43_PHYTYPE_G: 751 max_loop = 0xFA; 752 buffer[0] = 0x000B846E; 753 break; 754 default: 755 B43_WARN_ON(1); 756 return; 757 } 758 759 spin_lock_irq(&wl->irq_lock); 760 write_lock(&wl->tx_lock); 761 762 for (i = 0; i < 5; i++) 763 b43_ram_write(dev, i * 4, buffer[i]); 764 765 /* Commit writes */ 766 b43_read32(dev, B43_MMIO_MACCTL); 767 768 b43_write16(dev, 0x0568, 0x0000); 769 b43_write16(dev, 0x07C0, 0x0000); 770 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0); 771 b43_write16(dev, 0x050C, value); 772 b43_write16(dev, 0x0508, 0x0000); 773 b43_write16(dev, 0x050A, 0x0000); 774 b43_write16(dev, 0x054C, 0x0000); 775 b43_write16(dev, 0x056A, 0x0014); 776 b43_write16(dev, 0x0568, 0x0826); 777 b43_write16(dev, 0x0500, 0x0000); 778 b43_write16(dev, 0x0502, 0x0030); 779 780 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 781 b43_radio_write16(dev, 0x0051, 0x0017); 782 for (i = 0x00; i < max_loop; i++) { 783 value = b43_read16(dev, 0x050E); 784 if (value & 0x0080) 785 break; 786 udelay(10); 787 } 788 for (i = 0x00; i < 0x0A; i++) { 789 value = b43_read16(dev, 0x050E); 790 if (value & 0x0400) 791 break; 792 udelay(10); 793 } 794 for (i = 0x00; i < 0x0A; i++) { 795 value = b43_read16(dev, 0x0690); 796 if (!(value & 0x0100)) 797 break; 798 udelay(10); 799 } 800 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 801 b43_radio_write16(dev, 0x0051, 0x0037); 802 803 write_unlock(&wl->tx_lock); 804 spin_unlock_irq(&wl->irq_lock); 805} 806 807static void key_write(struct b43_wldev *dev, 808 u8 index, u8 algorithm, const u8 * key) 809{ 810 unsigned int i; 811 u32 offset; 812 u16 value; 813 u16 kidx; 814 815 /* Key index/algo block */ 816 kidx = b43_kidx_to_fw(dev, index); 817 value = ((kidx << 4) | algorithm); 818 b43_shm_write16(dev, B43_SHM_SHARED, 819 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 820 821 /* Write the key to the Key Table Pointer offset */ 822 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 823 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 824 value = key[i]; 825 value |= (u16) (key[i + 1]) << 8; 826 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 827 } 828} 829 830static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr) 831{ 832 u32 addrtmp[2] = { 0, 0, }; 833 u8 per_sta_keys_start = 8; 834 835 if (b43_new_kidx_api(dev)) 836 per_sta_keys_start = 4; 837 838 B43_WARN_ON(index < per_sta_keys_start); 839 /* We have two default TX keys and possibly two default RX keys. 840 * Physical mac 0 is mapped to physical key 4 or 8, depending 841 * on the firmware version. 842 * So we must adjust the index here. 843 */ 844 index -= per_sta_keys_start; 845 846 if (addr) { 847 addrtmp[0] = addr[0]; 848 addrtmp[0] |= ((u32) (addr[1]) << 8); 849 addrtmp[0] |= ((u32) (addr[2]) << 16); 850 addrtmp[0] |= ((u32) (addr[3]) << 24); 851 addrtmp[1] = addr[4]; 852 addrtmp[1] |= ((u32) (addr[5]) << 8); 853 } 854 855 if (dev->dev->id.revision >= 5) { 856 /* Receive match transmitter address mechanism */ 857 b43_shm_write32(dev, B43_SHM_RCMTA, 858 (index * 2) + 0, addrtmp[0]); 859 b43_shm_write16(dev, B43_SHM_RCMTA, 860 (index * 2) + 1, addrtmp[1]); 861 } else { 862 /* RXE (Receive Engine) and 863 * PSM (Programmable State Machine) mechanism 864 */ 865 if (index < 8) { 866 /* TODO write to RCM 16, 19, 22 and 25 */ 867 } else { 868 b43_shm_write32(dev, B43_SHM_SHARED, 869 B43_SHM_SH_PSM + (index * 6) + 0, 870 addrtmp[0]); 871 b43_shm_write16(dev, B43_SHM_SHARED, 872 B43_SHM_SH_PSM + (index * 6) + 4, 873 addrtmp[1]); 874 } 875 } 876} 877 878static void do_key_write(struct b43_wldev *dev, 879 u8 index, u8 algorithm, 880 const u8 * key, size_t key_len, const u8 * mac_addr) 881{ 882 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 883 u8 per_sta_keys_start = 8; 884 885 if (b43_new_kidx_api(dev)) 886 per_sta_keys_start = 4; 887 888 B43_WARN_ON(index >= dev->max_nr_keys); 889 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 890 891 if (index >= per_sta_keys_start) 892 keymac_write(dev, index, NULL); /* First zero out mac. */ 893 if (key) 894 memcpy(buf, key, key_len); 895 key_write(dev, index, algorithm, buf); 896 if (index >= per_sta_keys_start) 897 keymac_write(dev, index, mac_addr); 898 899 dev->key[index].algorithm = algorithm; 900} 901 902static int b43_key_write(struct b43_wldev *dev, 903 int index, u8 algorithm, 904 const u8 * key, size_t key_len, 905 const u8 * mac_addr, 906 struct ieee80211_key_conf *keyconf) 907{ 908 int i; 909 int sta_keys_start; 910 911 if (key_len > B43_SEC_KEYSIZE) 912 return -EINVAL; 913 for (i = 0; i < dev->max_nr_keys; i++) { 914 /* Check that we don't already have this key. */ 915 B43_WARN_ON(dev->key[i].keyconf == keyconf); 916 } 917 if (index < 0) { 918 /* Either pairwise key or address is 00:00:00:00:00:00 919 * for transmit-only keys. Search the index. */ 920 if (b43_new_kidx_api(dev)) 921 sta_keys_start = 4; 922 else 923 sta_keys_start = 8; 924 for (i = sta_keys_start; i < dev->max_nr_keys; i++) { 925 if (!dev->key[i].keyconf) { 926 /* found empty */ 927 index = i; 928 break; 929 } 930 } 931 if (index < 0) { 932 b43err(dev->wl, "Out of hardware key memory\n"); 933 return -ENOSPC; 934 } 935 } else 936 B43_WARN_ON(index > 3); 937 938 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 939 if ((index <= 3) && !b43_new_kidx_api(dev)) { 940 /* Default RX key */ 941 B43_WARN_ON(mac_addr); 942 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 943 } 944 keyconf->hw_key_idx = index; 945 dev->key[index].keyconf = keyconf; 946 947 return 0; 948} 949 950static int b43_key_clear(struct b43_wldev *dev, int index) 951{ 952 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys))) 953 return -EINVAL; 954 do_key_write(dev, index, B43_SEC_ALGO_NONE, 955 NULL, B43_SEC_KEYSIZE, NULL); 956 if ((index <= 3) && !b43_new_kidx_api(dev)) { 957 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 958 NULL, B43_SEC_KEYSIZE, NULL); 959 } 960 dev->key[index].keyconf = NULL; 961 962 return 0; 963} 964 965static void b43_clear_keys(struct b43_wldev *dev) 966{ 967 int i; 968 969 for (i = 0; i < dev->max_nr_keys; i++) 970 b43_key_clear(dev, i); 971} 972 973void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 974{ 975 u32 macctl; 976 u16 ucstat; 977 bool hwps; 978 bool awake; 979 int i; 980 981 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 982 (ps_flags & B43_PS_DISABLED)); 983 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 984 985 if (ps_flags & B43_PS_ENABLED) { 986 hwps = 1; 987 } else if (ps_flags & B43_PS_DISABLED) { 988 hwps = 0; 989 } else { 990 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 991 // and thus is not an AP and we are associated, set bit 25 992 } 993 if (ps_flags & B43_PS_AWAKE) { 994 awake = 1; 995 } else if (ps_flags & B43_PS_ASLEEP) { 996 awake = 0; 997 } else { 998 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 999 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1000 // successful, set bit26 1001 } 1002 1003/* FIXME: For now we force awake-on and hwps-off */ 1004 hwps = 0; 1005 awake = 1; 1006 1007 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1008 if (hwps) 1009 macctl |= B43_MACCTL_HWPS; 1010 else 1011 macctl &= ~B43_MACCTL_HWPS; 1012 if (awake) 1013 macctl |= B43_MACCTL_AWAKE; 1014 else 1015 macctl &= ~B43_MACCTL_AWAKE; 1016 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1017 /* Commit write */ 1018 b43_read32(dev, B43_MMIO_MACCTL); 1019 if (awake && dev->dev->id.revision >= 5) { 1020 /* Wait for the microcode to wake up. */ 1021 for (i = 0; i < 100; i++) { 1022 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1023 B43_SHM_SH_UCODESTAT); 1024 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1025 break; 1026 udelay(10); 1027 } 1028 } 1029} 1030 1031/* Turn the Analog ON/OFF */ 1032static void b43_switch_analog(struct b43_wldev *dev, int on) 1033{ 1034 switch (dev->phy.type) { 1035 case B43_PHYTYPE_A: 1036 case B43_PHYTYPE_G: 1037 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4); 1038 break; 1039 case B43_PHYTYPE_N: 1040 b43_phy_write(dev, B43_NPHY_AFECTL_OVER, 1041 on ? 0 : 0x7FFF); 1042 break; 1043 default: 1044 B43_WARN_ON(1); 1045 } 1046} 1047 1048void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1049{ 1050 u32 tmslow; 1051 u32 macctl; 1052 1053 flags |= B43_TMSLOW_PHYCLKEN; 1054 flags |= B43_TMSLOW_PHYRESET; 1055 ssb_device_enable(dev->dev, flags); 1056 msleep(2); /* Wait for the PLL to turn on. */ 1057 1058 /* Now take the PHY out of Reset again */ 1059 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1060 tmslow |= SSB_TMSLOW_FGC; 1061 tmslow &= ~B43_TMSLOW_PHYRESET; 1062 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1063 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1064 msleep(1); 1065 tmslow &= ~SSB_TMSLOW_FGC; 1066 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1067 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1068 msleep(1); 1069 1070 /* Turn Analog ON */ 1071 b43_switch_analog(dev, 1); 1072 1073 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1074 macctl &= ~B43_MACCTL_GMODE; 1075 if (flags & B43_TMSLOW_GMODE) 1076 macctl |= B43_MACCTL_GMODE; 1077 macctl |= B43_MACCTL_IHR_ENABLED; 1078 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1079} 1080 1081static void handle_irq_transmit_status(struct b43_wldev *dev) 1082{ 1083 u32 v0, v1; 1084 u16 tmp; 1085 struct b43_txstatus stat; 1086 1087 while (1) { 1088 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1089 if (!(v0 & 0x00000001)) 1090 break; 1091 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1092 1093 stat.cookie = (v0 >> 16); 1094 stat.seq = (v1 & 0x0000FFFF); 1095 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1096 tmp = (v0 & 0x0000FFFF); 1097 stat.frame_count = ((tmp & 0xF000) >> 12); 1098 stat.rts_count = ((tmp & 0x0F00) >> 8); 1099 stat.supp_reason = ((tmp & 0x001C) >> 2); 1100 stat.pm_indicated = !!(tmp & 0x0080); 1101 stat.intermediate = !!(tmp & 0x0040); 1102 stat.for_ampdu = !!(tmp & 0x0020); 1103 stat.acked = !!(tmp & 0x0002); 1104 1105 b43_handle_txstatus(dev, &stat); 1106 } 1107} 1108 1109static void drain_txstatus_queue(struct b43_wldev *dev) 1110{ 1111 u32 dummy; 1112 1113 if (dev->dev->id.revision < 5) 1114 return; 1115 /* Read all entries from the microcode TXstatus FIFO 1116 * and throw them away. 1117 */ 1118 while (1) { 1119 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1120 if (!(dummy & 0x00000001)) 1121 break; 1122 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1123 } 1124} 1125 1126static u32 b43_jssi_read(struct b43_wldev *dev) 1127{ 1128 u32 val = 0; 1129 1130 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1131 val <<= 16; 1132 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1133 1134 return val; 1135} 1136 1137static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1138{ 1139 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1140 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1141} 1142 1143static void b43_generate_noise_sample(struct b43_wldev *dev) 1144{ 1145 b43_jssi_write(dev, 0x7F7F7F7F); 1146 b43_write32(dev, B43_MMIO_MACCMD, 1147 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1148 B43_WARN_ON(dev->noisecalc.channel_at_start != dev->phy.channel); 1149} 1150 1151static void b43_calculate_link_quality(struct b43_wldev *dev) 1152{ 1153 /* Top half of Link Quality calculation. */ 1154 1155 if (dev->noisecalc.calculation_running) 1156 return; 1157 dev->noisecalc.channel_at_start = dev->phy.channel; 1158 dev->noisecalc.calculation_running = 1; 1159 dev->noisecalc.nr_samples = 0; 1160 1161 b43_generate_noise_sample(dev); 1162} 1163 1164static void handle_irq_noise(struct b43_wldev *dev) 1165{ 1166 struct b43_phy *phy = &dev->phy; 1167 u16 tmp; 1168 u8 noise[4]; 1169 u8 i, j; 1170 s32 average; 1171 1172 /* Bottom half of Link Quality calculation. */ 1173 1174 B43_WARN_ON(!dev->noisecalc.calculation_running); 1175 if (dev->noisecalc.channel_at_start != phy->channel) 1176 goto drop_calculation; 1177 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1178 if (noise[0] == 0x7F || noise[1] == 0x7F || 1179 noise[2] == 0x7F || noise[3] == 0x7F) 1180 goto generate_new; 1181 1182 /* Get the noise samples. */ 1183 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1184 i = dev->noisecalc.nr_samples; 1185 noise[0] = limit_value(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1186 noise[1] = limit_value(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1187 noise[2] = limit_value(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1188 noise[3] = limit_value(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1189 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1190 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1191 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1192 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1193 dev->noisecalc.nr_samples++; 1194 if (dev->noisecalc.nr_samples == 8) { 1195 /* Calculate the Link Quality by the noise samples. */ 1196 average = 0; 1197 for (i = 0; i < 8; i++) { 1198 for (j = 0; j < 4; j++) 1199 average += dev->noisecalc.samples[i][j]; 1200 } 1201 average /= (8 * 4); 1202 average *= 125; 1203 average += 64; 1204 average /= 128; 1205 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1206 tmp = (tmp / 128) & 0x1F; 1207 if (tmp >= 8) 1208 average += 2; 1209 else 1210 average -= 25; 1211 if (tmp == 8) 1212 average -= 72; 1213 else 1214 average -= 48; 1215 1216 dev->stats.link_noise = average; 1217 drop_calculation: 1218 dev->noisecalc.calculation_running = 0; 1219 return; 1220 } 1221 generate_new: 1222 b43_generate_noise_sample(dev); 1223} 1224 1225static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1226{ 1227 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) { 1228 ///TODO: PS TBTT 1229 } else { 1230 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1231 b43_power_saving_ctl_bits(dev, 0); 1232 } 1233 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) 1234 dev->dfq_valid = 1; 1235} 1236 1237static void handle_irq_atim_end(struct b43_wldev *dev) 1238{ 1239 if (dev->dfq_valid) { 1240 b43_write32(dev, B43_MMIO_MACCMD, 1241 b43_read32(dev, B43_MMIO_MACCMD) 1242 | B43_MACCMD_DFQ_VALID); 1243 dev->dfq_valid = 0; 1244 } 1245} 1246 1247static void handle_irq_pmq(struct b43_wldev *dev) 1248{ 1249 u32 tmp; 1250 1251 //TODO: AP mode. 1252 1253 while (1) { 1254 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1255 if (!(tmp & 0x00000008)) 1256 break; 1257 } 1258 /* 16bit write is odd, but correct. */ 1259 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1260} 1261 1262static void b43_write_template_common(struct b43_wldev *dev, 1263 const u8 * data, u16 size, 1264 u16 ram_offset, 1265 u16 shm_size_offset, u8 rate) 1266{ 1267 u32 i, tmp; 1268 struct b43_plcp_hdr4 plcp; 1269 1270 plcp.data = 0; 1271 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1272 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1273 ram_offset += sizeof(u32); 1274 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1275 * So leave the first two bytes of the next write blank. 1276 */ 1277 tmp = (u32) (data[0]) << 16; 1278 tmp |= (u32) (data[1]) << 24; 1279 b43_ram_write(dev, ram_offset, tmp); 1280 ram_offset += sizeof(u32); 1281 for (i = 2; i < size; i += sizeof(u32)) { 1282 tmp = (u32) (data[i + 0]); 1283 if (i + 1 < size) 1284 tmp |= (u32) (data[i + 1]) << 8; 1285 if (i + 2 < size) 1286 tmp |= (u32) (data[i + 2]) << 16; 1287 if (i + 3 < size) 1288 tmp |= (u32) (data[i + 3]) << 24; 1289 b43_ram_write(dev, ram_offset + i - 2, tmp); 1290 } 1291 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1292 size + sizeof(struct b43_plcp_hdr6)); 1293} 1294 1295/* Check if the use of the antenna that ieee80211 told us to 1296 * use is possible. This will fall back to DEFAULT. 1297 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1298u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1299 u8 antenna_nr) 1300{ 1301 u8 antenna_mask; 1302 1303 if (antenna_nr == 0) { 1304 /* Zero means "use default antenna". That's always OK. */ 1305 return 0; 1306 } 1307 1308 /* Get the mask of available antennas. */ 1309 if (dev->phy.gmode) 1310 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1311 else 1312 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1313 1314 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1315 /* This antenna is not available. Fall back to default. */ 1316 return 0; 1317 } 1318 1319 return antenna_nr; 1320} 1321 1322static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna) 1323{ 1324 antenna = b43_ieee80211_antenna_sanitize(dev, antenna); 1325 switch (antenna) { 1326 case 0: /* default/diversity */ 1327 return B43_ANTENNA_DEFAULT; 1328 case 1: /* Antenna 0 */ 1329 return B43_ANTENNA0; 1330 case 2: /* Antenna 1 */ 1331 return B43_ANTENNA1; 1332 case 3: /* Antenna 2 */ 1333 return B43_ANTENNA2; 1334 case 4: /* Antenna 3 */ 1335 return B43_ANTENNA3; 1336 default: 1337 return B43_ANTENNA_DEFAULT; 1338 } 1339} 1340 1341/* Convert a b43 antenna number value to the PHY TX control value. */ 1342static u16 b43_antenna_to_phyctl(int antenna) 1343{ 1344 switch (antenna) { 1345 case B43_ANTENNA0: 1346 return B43_TXH_PHY_ANT0; 1347 case B43_ANTENNA1: 1348 return B43_TXH_PHY_ANT1; 1349 case B43_ANTENNA2: 1350 return B43_TXH_PHY_ANT2; 1351 case B43_ANTENNA3: 1352 return B43_TXH_PHY_ANT3; 1353 case B43_ANTENNA_AUTO: 1354 return B43_TXH_PHY_ANT01AUTO; 1355 } 1356 B43_WARN_ON(1); 1357 return 0; 1358} 1359 1360static void b43_write_beacon_template(struct b43_wldev *dev, 1361 u16 ram_offset, 1362 u16 shm_size_offset) 1363{ 1364 unsigned int i, len, variable_len; 1365 const struct ieee80211_mgmt *bcn; 1366 const u8 *ie; 1367 bool tim_found = 0; 1368 unsigned int rate; 1369 u16 ctl; 1370 int antenna; 1371 1372 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1373 len = min((size_t) dev->wl->current_beacon->len, 1374 0x200 - sizeof(struct b43_plcp_hdr6)); 1375 rate = dev->wl->beacon_txctl.tx_rate->hw_value; 1376 1377 b43_write_template_common(dev, (const u8 *)bcn, 1378 len, ram_offset, shm_size_offset, rate); 1379 1380 /* Write the PHY TX control parameters. */ 1381 antenna = b43_antenna_from_ieee80211(dev, 1382 dev->wl->beacon_txctl.antenna_sel_tx); 1383 antenna = b43_antenna_to_phyctl(antenna); 1384 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1385 /* We can't send beacons with short preamble. Would get PHY errors. */ 1386 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1387 ctl &= ~B43_TXH_PHY_ANT; 1388 ctl &= ~B43_TXH_PHY_ENC; 1389 ctl |= antenna; 1390 if (b43_is_cck_rate(rate)) 1391 ctl |= B43_TXH_PHY_ENC_CCK; 1392 else 1393 ctl |= B43_TXH_PHY_ENC_OFDM; 1394 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1395 1396 /* Find the position of the TIM and the DTIM_period value 1397 * and write them to SHM. */ 1398 ie = bcn->u.beacon.variable; 1399 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1400 for (i = 0; i < variable_len - 2; ) { 1401 uint8_t ie_id, ie_len; 1402 1403 ie_id = ie[i]; 1404 ie_len = ie[i + 1]; 1405 if (ie_id == 5) { 1406 u16 tim_position; 1407 u16 dtim_period; 1408 /* This is the TIM Information Element */ 1409 1410 /* Check whether the ie_len is in the beacon data range. */ 1411 if (variable_len < ie_len + 2 + i) 1412 break; 1413 /* A valid TIM is at least 4 bytes long. */ 1414 if (ie_len < 4) 1415 break; 1416 tim_found = 1; 1417 1418 tim_position = sizeof(struct b43_plcp_hdr6); 1419 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1420 tim_position += i; 1421 1422 dtim_period = ie[i + 3]; 1423 1424 b43_shm_write16(dev, B43_SHM_SHARED, 1425 B43_SHM_SH_TIMBPOS, tim_position); 1426 b43_shm_write16(dev, B43_SHM_SHARED, 1427 B43_SHM_SH_DTIMPER, dtim_period); 1428 break; 1429 } 1430 i += ie_len + 2; 1431 } 1432 if (!tim_found) { 1433 b43warn(dev->wl, "Did not find a valid TIM IE in " 1434 "the beacon template packet. AP or IBSS operation " 1435 "may be broken.\n"); 1436 } else 1437 b43dbg(dev->wl, "Updated beacon template\n"); 1438} 1439 1440static void b43_write_probe_resp_plcp(struct b43_wldev *dev, 1441 u16 shm_offset, u16 size, 1442 struct ieee80211_rate *rate) 1443{ 1444 struct b43_plcp_hdr4 plcp; 1445 u32 tmp; 1446 __le16 dur; 1447 1448 plcp.data = 0; 1449 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value); 1450 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1451 dev->wl->vif, size, 1452 rate); 1453 /* Write PLCP in two parts and timing for packet transfer */ 1454 tmp = le32_to_cpu(plcp.data); 1455 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF); 1456 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16); 1457 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur)); 1458} 1459 1460/* Instead of using custom probe response template, this function 1461 * just patches custom beacon template by: 1462 * 1) Changing packet type 1463 * 2) Patching duration field 1464 * 3) Stripping TIM 1465 */ 1466static const u8 * b43_generate_probe_resp(struct b43_wldev *dev, 1467 u16 *dest_size, 1468 struct ieee80211_rate *rate) 1469{ 1470 const u8 *src_data; 1471 u8 *dest_data; 1472 u16 src_size, elem_size, src_pos, dest_pos; 1473 __le16 dur; 1474 struct ieee80211_hdr *hdr; 1475 size_t ie_start; 1476 1477 src_size = dev->wl->current_beacon->len; 1478 src_data = (const u8 *)dev->wl->current_beacon->data; 1479 1480 /* Get the start offset of the variable IEs in the packet. */ 1481 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable); 1482 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable)); 1483 1484 if (B43_WARN_ON(src_size < ie_start)) 1485 return NULL; 1486 1487 dest_data = kmalloc(src_size, GFP_ATOMIC); 1488 if (unlikely(!dest_data)) 1489 return NULL; 1490 1491 /* Copy the static data and all Information Elements, except the TIM. */ 1492 memcpy(dest_data, src_data, ie_start); 1493 src_pos = ie_start; 1494 dest_pos = ie_start; 1495 for ( ; src_pos < src_size - 2; src_pos += elem_size) { 1496 elem_size = src_data[src_pos + 1] + 2; 1497 if (src_data[src_pos] == 5) { 1498 /* This is the TIM. */ 1499 continue; 1500 } 1501 memcpy(dest_data + dest_pos, src_data + src_pos, 1502 elem_size); 1503 dest_pos += elem_size; 1504 } 1505 *dest_size = dest_pos; 1506 hdr = (struct ieee80211_hdr *)dest_data; 1507 1508 /* Set the frame control. */ 1509 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 1510 IEEE80211_STYPE_PROBE_RESP); 1511 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1512 dev->wl->vif, *dest_size, 1513 rate); 1514 hdr->duration_id = dur; 1515 1516 return dest_data; 1517} 1518 1519static void b43_write_probe_resp_template(struct b43_wldev *dev, 1520 u16 ram_offset, 1521 u16 shm_size_offset, 1522 struct ieee80211_rate *rate) 1523{ 1524 const u8 *probe_resp_data; 1525 u16 size; 1526 1527 size = dev->wl->current_beacon->len; 1528 probe_resp_data = b43_generate_probe_resp(dev, &size, rate); 1529 if (unlikely(!probe_resp_data)) 1530 return; 1531 1532 /* Looks like PLCP headers plus packet timings are stored for 1533 * all possible basic rates 1534 */ 1535 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]); 1536 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]); 1537 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]); 1538 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]); 1539 1540 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6)); 1541 b43_write_template_common(dev, probe_resp_data, 1542 size, ram_offset, shm_size_offset, 1543 rate->hw_value); 1544 kfree(probe_resp_data); 1545} 1546 1547static void handle_irq_beacon(struct b43_wldev *dev) 1548{ 1549 struct b43_wl *wl = dev->wl; 1550 u32 cmd, beacon0_valid, beacon1_valid; 1551 1552 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 1553 return; 1554 1555 /* This is the bottom half of the asynchronous beacon update. */ 1556 1557 /* Ignore interrupt in the future. */ 1558 dev->irq_savedstate &= ~B43_IRQ_BEACON; 1559 1560 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1561 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1562 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1563 1564 /* Schedule interrupt manually, if busy. */ 1565 if (beacon0_valid && beacon1_valid) { 1566 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1567 dev->irq_savedstate |= B43_IRQ_BEACON; 1568 return; 1569 } 1570 1571 if (!beacon0_valid) { 1572 if (!wl->beacon0_uploaded) { 1573 b43_write_beacon_template(dev, 0x68, 0x18); 1574 b43_write_probe_resp_template(dev, 0x268, 0x4A, 1575 &__b43_ratetable[3]); 1576 wl->beacon0_uploaded = 1; 1577 } 1578 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1579 cmd |= B43_MACCMD_BEACON0_VALID; 1580 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1581 } else if (!beacon1_valid) { 1582 if (!wl->beacon1_uploaded) { 1583 b43_write_beacon_template(dev, 0x468, 0x1A); 1584 wl->beacon1_uploaded = 1; 1585 } 1586 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1587 cmd |= B43_MACCMD_BEACON1_VALID; 1588 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1589 } 1590} 1591 1592static void b43_beacon_update_trigger_work(struct work_struct *work) 1593{ 1594 struct b43_wl *wl = container_of(work, struct b43_wl, 1595 beacon_update_trigger); 1596 struct b43_wldev *dev; 1597 1598 mutex_lock(&wl->mutex); 1599 dev = wl->current_dev; 1600 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1601 spin_lock_irq(&wl->irq_lock); 1602 /* update beacon right away or defer to irq */ 1603 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1604 handle_irq_beacon(dev); 1605 /* The handler might have updated the IRQ mask. */ 1606 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 1607 dev->irq_savedstate); 1608 mmiowb(); 1609 spin_unlock_irq(&wl->irq_lock); 1610 } 1611 mutex_unlock(&wl->mutex); 1612} 1613 1614/* Asynchronously update the packet templates in template RAM. 1615 * Locking: Requires wl->irq_lock to be locked. */ 1616static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon, 1617 const struct ieee80211_tx_control *txctl) 1618{ 1619 /* This is the top half of the ansynchronous beacon update. 1620 * The bottom half is the beacon IRQ. 1621 * Beacon update must be asynchronous to avoid sending an 1622 * invalid beacon. This can happen for example, if the firmware 1623 * transmits a beacon while we are updating it. */ 1624 1625 if (wl->current_beacon) 1626 dev_kfree_skb_any(wl->current_beacon); 1627 wl->current_beacon = beacon; 1628 memcpy(&wl->beacon_txctl, txctl, sizeof(wl->beacon_txctl)); 1629 wl->beacon0_uploaded = 0; 1630 wl->beacon1_uploaded = 0; 1631 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger); 1632} 1633 1634static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len) 1635{ 1636 u32 tmp; 1637 u16 i, len; 1638 1639 len = min((u16) ssid_len, (u16) 0x100); 1640 for (i = 0; i < len; i += sizeof(u32)) { 1641 tmp = (u32) (ssid[i + 0]); 1642 if (i + 1 < len) 1643 tmp |= (u32) (ssid[i + 1]) << 8; 1644 if (i + 2 < len) 1645 tmp |= (u32) (ssid[i + 2]) << 16; 1646 if (i + 3 < len) 1647 tmp |= (u32) (ssid[i + 3]) << 24; 1648 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp); 1649 } 1650 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len); 1651} 1652 1653static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1654{ 1655 b43_time_lock(dev); 1656 if (dev->dev->id.revision >= 3) { 1657 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1658 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1659 } else { 1660 b43_write16(dev, 0x606, (beacon_int >> 6)); 1661 b43_write16(dev, 0x610, beacon_int); 1662 } 1663 b43_time_unlock(dev); 1664 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1665} 1666 1667static void handle_irq_ucode_debug(struct b43_wldev *dev) 1668{ 1669 //TODO 1670} 1671 1672/* Interrupt handler bottom-half */ 1673static void b43_interrupt_tasklet(struct b43_wldev *dev) 1674{ 1675 u32 reason; 1676 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1677 u32 merged_dma_reason = 0; 1678 int i; 1679 unsigned long flags; 1680 1681 spin_lock_irqsave(&dev->wl->irq_lock, flags); 1682 1683 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED); 1684 1685 reason = dev->irq_reason; 1686 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1687 dma_reason[i] = dev->dma_reason[i]; 1688 merged_dma_reason |= dma_reason[i]; 1689 } 1690 1691 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1692 b43err(dev->wl, "MAC transmission error\n"); 1693 1694 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1695 b43err(dev->wl, "PHY transmission error\n"); 1696 rmb(); 1697 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1698 atomic_set(&dev->phy.txerr_cnt, 1699 B43_PHY_TX_BADNESS_LIMIT); 1700 b43err(dev->wl, "Too many PHY TX errors, " 1701 "restarting the controller\n"); 1702 b43_controller_restart(dev, "PHY TX errors"); 1703 } 1704 } 1705 1706 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1707 B43_DMAIRQ_NONFATALMASK))) { 1708 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1709 b43err(dev->wl, "Fatal DMA error: " 1710 "0x%08X, 0x%08X, 0x%08X, " 1711 "0x%08X, 0x%08X, 0x%08X\n", 1712 dma_reason[0], dma_reason[1], 1713 dma_reason[2], dma_reason[3], 1714 dma_reason[4], dma_reason[5]); 1715 b43_controller_restart(dev, "DMA error"); 1716 mmiowb(); 1717 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1718 return; 1719 } 1720 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1721 b43err(dev->wl, "DMA error: " 1722 "0x%08X, 0x%08X, 0x%08X, " 1723 "0x%08X, 0x%08X, 0x%08X\n", 1724 dma_reason[0], dma_reason[1], 1725 dma_reason[2], dma_reason[3], 1726 dma_reason[4], dma_reason[5]); 1727 } 1728 } 1729 1730 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1731 handle_irq_ucode_debug(dev); 1732 if (reason & B43_IRQ_TBTT_INDI) 1733 handle_irq_tbtt_indication(dev); 1734 if (reason & B43_IRQ_ATIM_END) 1735 handle_irq_atim_end(dev); 1736 if (reason & B43_IRQ_BEACON) 1737 handle_irq_beacon(dev); 1738 if (reason & B43_IRQ_PMQ) 1739 handle_irq_pmq(dev); 1740 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1741 ;/* TODO */ 1742 if (reason & B43_IRQ_NOISESAMPLE_OK) 1743 handle_irq_noise(dev); 1744 1745 /* Check the DMA reason registers for received data. */ 1746 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1747 if (b43_using_pio_transfers(dev)) 1748 b43_pio_rx(dev->pio.rx_queue); 1749 else 1750 b43_dma_rx(dev->dma.rx_ring); 1751 } 1752 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1753 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1754 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1755 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1756 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1757 1758 if (reason & B43_IRQ_TX_OK) 1759 handle_irq_transmit_status(dev); 1760 1761 b43_interrupt_enable(dev, dev->irq_savedstate); 1762 mmiowb(); 1763 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1764} 1765 1766static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason) 1767{ 1768 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1769 1770 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1771 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1772 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1773 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1774 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1775 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1776} 1777 1778/* Interrupt handler top-half */ 1779static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1780{ 1781 irqreturn_t ret = IRQ_NONE; 1782 struct b43_wldev *dev = dev_id; 1783 u32 reason; 1784 1785 if (!dev) 1786 return IRQ_NONE; 1787 1788 spin_lock(&dev->wl->irq_lock); 1789 1790 if (b43_status(dev) < B43_STAT_STARTED) 1791 goto out; 1792 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1793 if (reason == 0xffffffff) /* shared IRQ */ 1794 goto out; 1795 ret = IRQ_HANDLED; 1796 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1797 if (!reason) 1798 goto out; 1799 1800 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1801 & 0x0001DC00; 1802 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1803 & 0x0000DC00; 1804 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1805 & 0x0000DC00; 1806 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1807 & 0x0001DC00; 1808 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1809 & 0x0000DC00; 1810 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1811 & 0x0000DC00; 1812 1813 b43_interrupt_ack(dev, reason); 1814 /* disable all IRQs. They are enabled again in the bottom half. */ 1815 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 1816 /* save the reason code and call our bottom half. */ 1817 dev->irq_reason = reason; 1818 tasklet_schedule(&dev->isr_tasklet); 1819 out: 1820 mmiowb(); 1821 spin_unlock(&dev->wl->irq_lock); 1822 1823 return ret; 1824} 1825 1826static void do_release_fw(struct b43_firmware_file *fw) 1827{ 1828 release_firmware(fw->data); 1829 fw->data = NULL; 1830 fw->filename = NULL; 1831} 1832 1833static void b43_release_firmware(struct b43_wldev *dev) 1834{ 1835 do_release_fw(&dev->fw.ucode); 1836 do_release_fw(&dev->fw.pcm); 1837 do_release_fw(&dev->fw.initvals); 1838 do_release_fw(&dev->fw.initvals_band); 1839} 1840 1841static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1842{ 1843 const char *text; 1844 1845 text = "You must go to " 1846 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware " 1847 "and download the latest firmware (version 4).\n"; 1848 if (error) 1849 b43err(wl, text); 1850 else 1851 b43warn(wl, text); 1852} 1853 1854static int do_request_fw(struct b43_wldev *dev, 1855 const char *name, 1856 struct b43_firmware_file *fw) 1857{ 1858 char path[sizeof(modparam_fwpostfix) + 32]; 1859 const struct firmware *blob; 1860 struct b43_fw_header *hdr; 1861 u32 size; 1862 int err; 1863 1864 if (!name) { 1865 /* Don't fetch anything. Free possibly cached firmware. */ 1866 do_release_fw(fw); 1867 return 0; 1868 } 1869 if (fw->filename) { 1870 if (strcmp(fw->filename, name) == 0) 1871 return 0; /* Already have this fw. */ 1872 /* Free the cached firmware first. */ 1873 do_release_fw(fw); 1874 } 1875 1876 snprintf(path, ARRAY_SIZE(path), 1877 "b43%s/%s.fw", 1878 modparam_fwpostfix, name); 1879 err = request_firmware(&blob, path, dev->dev->dev); 1880 if (err) { 1881 b43err(dev->wl, "Firmware file \"%s\" not found " 1882 "or load failed.\n", path); 1883 return err; 1884 } 1885 if (blob->size < sizeof(struct b43_fw_header)) 1886 goto err_format; 1887 hdr = (struct b43_fw_header *)(blob->data); 1888 switch (hdr->type) { 1889 case B43_FW_TYPE_UCODE: 1890 case B43_FW_TYPE_PCM: 1891 size = be32_to_cpu(hdr->size); 1892 if (size != blob->size - sizeof(struct b43_fw_header)) 1893 goto err_format; 1894 /* fallthrough */ 1895 case B43_FW_TYPE_IV: 1896 if (hdr->ver != 1) 1897 goto err_format; 1898 break; 1899 default: 1900 goto err_format; 1901 } 1902 1903 fw->data = blob; 1904 fw->filename = name; 1905 1906 return 0; 1907 1908err_format: 1909 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path); 1910 release_firmware(blob); 1911 1912 return -EPROTO; 1913} 1914 1915static int b43_request_firmware(struct b43_wldev *dev) 1916{ 1917 struct b43_firmware *fw = &dev->fw; 1918 const u8 rev = dev->dev->id.revision; 1919 const char *filename; 1920 u32 tmshigh; 1921 int err; 1922 1923 /* Get microcode */ 1924 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 1925 if ((rev >= 5) && (rev <= 10)) 1926 filename = "ucode5"; 1927 else if ((rev >= 11) && (rev <= 12)) 1928 filename = "ucode11"; 1929 else if (rev >= 13) 1930 filename = "ucode13"; 1931 else 1932 goto err_no_ucode; 1933 err = do_request_fw(dev, filename, &fw->ucode); 1934 if (err) 1935 goto err_load; 1936 1937 /* Get PCM code */ 1938 if ((rev >= 5) && (rev <= 10)) 1939 filename = "pcm5"; 1940 else if (rev >= 11) 1941 filename = NULL; 1942 else 1943 goto err_no_pcm; 1944 err = do_request_fw(dev, filename, &fw->pcm); 1945 if (err) 1946 goto err_load; 1947 1948 /* Get initvals */ 1949 switch (dev->phy.type) { 1950 case B43_PHYTYPE_A: 1951 if ((rev >= 5) && (rev <= 10)) { 1952 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1953 filename = "a0g1initvals5"; 1954 else 1955 filename = "a0g0initvals5"; 1956 } else 1957 goto err_no_initvals; 1958 break; 1959 case B43_PHYTYPE_G: 1960 if ((rev >= 5) && (rev <= 10)) 1961 filename = "b0g0initvals5"; 1962 else if (rev >= 13) 1963 filename = "lp0initvals13"; 1964 else 1965 goto err_no_initvals; 1966 break; 1967 case B43_PHYTYPE_N: 1968 if ((rev >= 11) && (rev <= 12)) 1969 filename = "n0initvals11"; 1970 else 1971 goto err_no_initvals; 1972 break; 1973 default: 1974 goto err_no_initvals; 1975 } 1976 err = do_request_fw(dev, filename, &fw->initvals); 1977 if (err) 1978 goto err_load; 1979 1980 /* Get bandswitch initvals */ 1981 switch (dev->phy.type) { 1982 case B43_PHYTYPE_A: 1983 if ((rev >= 5) && (rev <= 10)) { 1984 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1985 filename = "a0g1bsinitvals5"; 1986 else 1987 filename = "a0g0bsinitvals5"; 1988 } else if (rev >= 11) 1989 filename = NULL; 1990 else 1991 goto err_no_initvals; 1992 break; 1993 case B43_PHYTYPE_G: 1994 if ((rev >= 5) && (rev <= 10)) 1995 filename = "b0g0bsinitvals5"; 1996 else if (rev >= 11) 1997 filename = NULL; 1998 else 1999 goto err_no_initvals; 2000 break; 2001 case B43_PHYTYPE_N: 2002 if ((rev >= 11) && (rev <= 12)) 2003 filename = "n0bsinitvals11"; 2004 else 2005 goto err_no_initvals; 2006 break; 2007 default: 2008 goto err_no_initvals; 2009 } 2010 err = do_request_fw(dev, filename, &fw->initvals_band); 2011 if (err) 2012 goto err_load; 2013 2014 return 0; 2015 2016err_load: 2017 b43_print_fw_helptext(dev->wl, 1); 2018 goto error; 2019 2020err_no_ucode: 2021 err = -ENODEV; 2022 b43err(dev->wl, "No microcode available for core rev %u\n", rev); 2023 goto error; 2024 2025err_no_pcm: 2026 err = -ENODEV; 2027 b43err(dev->wl, "No PCM available for core rev %u\n", rev); 2028 goto error; 2029 2030err_no_initvals: 2031 err = -ENODEV; 2032 b43err(dev->wl, "No Initial Values firmware file for PHY %u, " 2033 "core rev %u\n", dev->phy.type, rev); 2034 goto error; 2035 2036error: 2037 b43_release_firmware(dev); 2038 return err; 2039} 2040 2041static int b43_upload_microcode(struct b43_wldev *dev) 2042{ 2043 const size_t hdr_len = sizeof(struct b43_fw_header); 2044 const __be32 *data; 2045 unsigned int i, len; 2046 u16 fwrev, fwpatch, fwdate, fwtime; 2047 u32 tmp, macctl; 2048 int err = 0; 2049 2050 /* Jump the microcode PSM to offset 0 */ 2051 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2052 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2053 macctl |= B43_MACCTL_PSM_JMP0; 2054 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2055 /* Zero out all microcode PSM registers and shared memory. */ 2056 for (i = 0; i < 64; i++) 2057 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2058 for (i = 0; i < 4096; i += 2) 2059 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2060 2061 /* Upload Microcode. */ 2062 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2063 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2064 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2065 for (i = 0; i < len; i++) { 2066 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2067 udelay(10); 2068 } 2069 2070 if (dev->fw.pcm.data) { 2071 /* Upload PCM data. */ 2072 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2073 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2074 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2075 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2076 /* No need for autoinc bit in SHM_HW */ 2077 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2078 for (i = 0; i < len; i++) { 2079 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2080 udelay(10); 2081 } 2082 } 2083 2084 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2085 2086 /* Start the microcode PSM */ 2087 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2088 macctl &= ~B43_MACCTL_PSM_JMP0; 2089 macctl |= B43_MACCTL_PSM_RUN; 2090 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2091 2092 /* Wait for the microcode to load and respond */ 2093 i = 0; 2094 while (1) { 2095 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2096 if (tmp == B43_IRQ_MAC_SUSPENDED) 2097 break; 2098 i++; 2099 if (i >= 20) { 2100 b43err(dev->wl, "Microcode not responding\n"); 2101 b43_print_fw_helptext(dev->wl, 1); 2102 err = -ENODEV; 2103 goto error; 2104 } 2105 msleep_interruptible(50); 2106 if (signal_pending(current)) { 2107 err = -EINTR; 2108 goto error; 2109 } 2110 } 2111 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2112 2113 /* Get and check the revisions. */ 2114 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2115 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2116 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2117 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2118 2119 if (fwrev <= 0x128) { 2120 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2121 "binary drivers older than version 4.x is unsupported. " 2122 "You must upgrade your firmware files.\n"); 2123 b43_print_fw_helptext(dev->wl, 1); 2124 err = -EOPNOTSUPP; 2125 goto error; 2126 } 2127 b43info(dev->wl, "Loading firmware version %u.%u " 2128 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2129 fwrev, fwpatch, 2130 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2131 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2132 2133 dev->fw.rev = fwrev; 2134 dev->fw.patch = fwpatch; 2135 2136 if (b43_is_old_txhdr_format(dev)) { 2137 b43warn(dev->wl, "You are using an old firmware image. " 2138 "Support for old firmware will be removed in July 2008.\n"); 2139 b43_print_fw_helptext(dev->wl, 0); 2140 } 2141 2142 return 0; 2143 2144error: 2145 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2146 macctl &= ~B43_MACCTL_PSM_RUN; 2147 macctl |= B43_MACCTL_PSM_JMP0; 2148 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2149 2150 return err; 2151} 2152 2153static int b43_write_initvals(struct b43_wldev *dev, 2154 const struct b43_iv *ivals, 2155 size_t count, 2156 size_t array_size) 2157{ 2158 const struct b43_iv *iv; 2159 u16 offset; 2160 size_t i; 2161 bool bit32; 2162 2163 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2164 iv = ivals; 2165 for (i = 0; i < count; i++) { 2166 if (array_size < sizeof(iv->offset_size)) 2167 goto err_format; 2168 array_size -= sizeof(iv->offset_size); 2169 offset = be16_to_cpu(iv->offset_size); 2170 bit32 = !!(offset & B43_IV_32BIT); 2171 offset &= B43_IV_OFFSET_MASK; 2172 if (offset >= 0x1000) 2173 goto err_format; 2174 if (bit32) { 2175 u32 value; 2176 2177 if (array_size < sizeof(iv->data.d32)) 2178 goto err_format; 2179 array_size -= sizeof(iv->data.d32); 2180 2181 value = get_unaligned_be32(&iv->data.d32); 2182 b43_write32(dev, offset, value); 2183 2184 iv = (const struct b43_iv *)((const uint8_t *)iv + 2185 sizeof(__be16) + 2186 sizeof(__be32)); 2187 } else { 2188 u16 value; 2189 2190 if (array_size < sizeof(iv->data.d16)) 2191 goto err_format; 2192 array_size -= sizeof(iv->data.d16); 2193 2194 value = be16_to_cpu(iv->data.d16); 2195 b43_write16(dev, offset, value); 2196 2197 iv = (const struct b43_iv *)((const uint8_t *)iv + 2198 sizeof(__be16) + 2199 sizeof(__be16)); 2200 } 2201 } 2202 if (array_size) 2203 goto err_format; 2204 2205 return 0; 2206 2207err_format: 2208 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2209 b43_print_fw_helptext(dev->wl, 1); 2210 2211 return -EPROTO; 2212} 2213 2214static int b43_upload_initvals(struct b43_wldev *dev) 2215{ 2216 const size_t hdr_len = sizeof(struct b43_fw_header); 2217 const struct b43_fw_header *hdr; 2218 struct b43_firmware *fw = &dev->fw; 2219 const struct b43_iv *ivals; 2220 size_t count; 2221 int err; 2222 2223 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2224 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2225 count = be32_to_cpu(hdr->size); 2226 err = b43_write_initvals(dev, ivals, count, 2227 fw->initvals.data->size - hdr_len); 2228 if (err) 2229 goto out; 2230 if (fw->initvals_band.data) { 2231 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2232 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2233 count = be32_to_cpu(hdr->size); 2234 err = b43_write_initvals(dev, ivals, count, 2235 fw->initvals_band.data->size - hdr_len); 2236 if (err) 2237 goto out; 2238 } 2239out: 2240 2241 return err; 2242} 2243 2244/* Initialize the GPIOs 2245 * http://bcm-specs.sipsolutions.net/GPIO 2246 */ 2247static int b43_gpio_init(struct b43_wldev *dev) 2248{ 2249 struct ssb_bus *bus = dev->dev->bus; 2250 struct ssb_device *gpiodev, *pcidev = NULL; 2251 u32 mask, set; 2252 2253 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2254 & ~B43_MACCTL_GPOUTSMSK); 2255 2256 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2257 | 0x000F); 2258 2259 mask = 0x0000001F; 2260 set = 0x0000000F; 2261 if (dev->dev->bus->chip_id == 0x4301) { 2262 mask |= 0x0060; 2263 set |= 0x0060; 2264 } 2265 if (0 /* FIXME: conditional unknown */ ) { 2266 b43_write16(dev, B43_MMIO_GPIO_MASK, 2267 b43_read16(dev, B43_MMIO_GPIO_MASK) 2268 | 0x0100); 2269 mask |= 0x0180; 2270 set |= 0x0180; 2271 } 2272 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2273 b43_write16(dev, B43_MMIO_GPIO_MASK, 2274 b43_read16(dev, B43_MMIO_GPIO_MASK) 2275 | 0x0200); 2276 mask |= 0x0200; 2277 set |= 0x0200; 2278 } 2279 if (dev->dev->id.revision >= 2) 2280 mask |= 0x0010; /* FIXME: This is redundant. */ 2281 2282#ifdef CONFIG_SSB_DRIVER_PCICORE 2283 pcidev = bus->pcicore.dev; 2284#endif 2285 gpiodev = bus->chipco.dev ? : pcidev; 2286 if (!gpiodev) 2287 return 0; 2288 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2289 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2290 & mask) | set); 2291 2292 return 0; 2293} 2294 2295/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2296static void b43_gpio_cleanup(struct b43_wldev *dev) 2297{ 2298 struct ssb_bus *bus = dev->dev->bus; 2299 struct ssb_device *gpiodev, *pcidev = NULL; 2300 2301#ifdef CONFIG_SSB_DRIVER_PCICORE 2302 pcidev = bus->pcicore.dev; 2303#endif 2304 gpiodev = bus->chipco.dev ? : pcidev; 2305 if (!gpiodev) 2306 return; 2307 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2308} 2309 2310/* http://bcm-specs.sipsolutions.net/EnableMac */ 2311static void b43_mac_enable(struct b43_wldev *dev) 2312{ 2313 dev->mac_suspended--; 2314 B43_WARN_ON(dev->mac_suspended < 0); 2315 if (dev->mac_suspended == 0) { 2316 b43_write32(dev, B43_MMIO_MACCTL, 2317 b43_read32(dev, B43_MMIO_MACCTL) 2318 | B43_MACCTL_ENABLED); 2319 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2320 B43_IRQ_MAC_SUSPENDED); 2321 /* Commit writes */ 2322 b43_read32(dev, B43_MMIO_MACCTL); 2323 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2324 b43_power_saving_ctl_bits(dev, 0); 2325 2326 /* Re-enable IRQs. */ 2327 spin_lock_irq(&dev->wl->irq_lock); 2328 b43_interrupt_enable(dev, dev->irq_savedstate); 2329 spin_unlock_irq(&dev->wl->irq_lock); 2330 } 2331} 2332 2333/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2334static void b43_mac_suspend(struct b43_wldev *dev) 2335{ 2336 int i; 2337 u32 tmp; 2338 2339 might_sleep(); 2340 B43_WARN_ON(dev->mac_suspended < 0); 2341 2342 if (dev->mac_suspended == 0) { 2343 /* Mask IRQs before suspending MAC. Otherwise 2344 * the MAC stays busy and won't suspend. */ 2345 spin_lock_irq(&dev->wl->irq_lock); 2346 tmp = b43_interrupt_disable(dev, B43_IRQ_ALL); 2347 spin_unlock_irq(&dev->wl->irq_lock); 2348 b43_synchronize_irq(dev); 2349 dev->irq_savedstate = tmp; 2350 2351 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2352 b43_write32(dev, B43_MMIO_MACCTL, 2353 b43_read32(dev, B43_MMIO_MACCTL) 2354 & ~B43_MACCTL_ENABLED); 2355 /* force pci to flush the write */ 2356 b43_read32(dev, B43_MMIO_MACCTL); 2357 for (i = 35; i; i--) { 2358 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2359 if (tmp & B43_IRQ_MAC_SUSPENDED) 2360 goto out; 2361 udelay(10); 2362 } 2363 /* Hm, it seems this will take some time. Use msleep(). */ 2364 for (i = 40; i; i--) { 2365 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2366 if (tmp & B43_IRQ_MAC_SUSPENDED) 2367 goto out; 2368 msleep(1); 2369 } 2370 b43err(dev->wl, "MAC suspend failed\n"); 2371 } 2372out: 2373 dev->mac_suspended++; 2374} 2375 2376static void b43_adjust_opmode(struct b43_wldev *dev) 2377{ 2378 struct b43_wl *wl = dev->wl; 2379 u32 ctl; 2380 u16 cfp_pretbtt; 2381 2382 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2383 /* Reset status to STA infrastructure mode. */ 2384 ctl &= ~B43_MACCTL_AP; 2385 ctl &= ~B43_MACCTL_KEEP_CTL; 2386 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2387 ctl &= ~B43_MACCTL_KEEP_BAD; 2388 ctl &= ~B43_MACCTL_PROMISC; 2389 ctl &= ~B43_MACCTL_BEACPROMISC; 2390 ctl |= B43_MACCTL_INFRA; 2391 2392 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 2393 ctl |= B43_MACCTL_AP; 2394 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS)) 2395 ctl &= ~B43_MACCTL_INFRA; 2396 2397 if (wl->filter_flags & FIF_CONTROL) 2398 ctl |= B43_MACCTL_KEEP_CTL; 2399 if (wl->filter_flags & FIF_FCSFAIL) 2400 ctl |= B43_MACCTL_KEEP_BAD; 2401 if (wl->filter_flags & FIF_PLCPFAIL) 2402 ctl |= B43_MACCTL_KEEP_BADPLCP; 2403 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2404 ctl |= B43_MACCTL_PROMISC; 2405 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2406 ctl |= B43_MACCTL_BEACPROMISC; 2407 2408 /* Workaround: On old hardware the HW-MAC-address-filter 2409 * doesn't work properly, so always run promisc in filter 2410 * it in software. */ 2411 if (dev->dev->id.revision <= 4) 2412 ctl |= B43_MACCTL_PROMISC; 2413 2414 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2415 2416 cfp_pretbtt = 2; 2417 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2418 if (dev->dev->bus->chip_id == 0x4306 && 2419 dev->dev->bus->chip_rev == 3) 2420 cfp_pretbtt = 100; 2421 else 2422 cfp_pretbtt = 50; 2423 } 2424 b43_write16(dev, 0x612, cfp_pretbtt); 2425} 2426 2427static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2428{ 2429 u16 offset; 2430 2431 if (is_ofdm) { 2432 offset = 0x480; 2433 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2434 } else { 2435 offset = 0x4C0; 2436 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2437 } 2438 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2439 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2440} 2441 2442static void b43_rate_memory_init(struct b43_wldev *dev) 2443{ 2444 switch (dev->phy.type) { 2445 case B43_PHYTYPE_A: 2446 case B43_PHYTYPE_G: 2447 case B43_PHYTYPE_N: 2448 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2449 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2450 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2451 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2452 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2453 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2454 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2455 if (dev->phy.type == B43_PHYTYPE_A) 2456 break; 2457 /* fallthrough */ 2458 case B43_PHYTYPE_B: 2459 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2460 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2461 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2462 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2463 break; 2464 default: 2465 B43_WARN_ON(1); 2466 } 2467} 2468 2469/* Set the default values for the PHY TX Control Words. */ 2470static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2471{ 2472 u16 ctl = 0; 2473 2474 ctl |= B43_TXH_PHY_ENC_CCK; 2475 ctl |= B43_TXH_PHY_ANT01AUTO; 2476 ctl |= B43_TXH_PHY_TXPWR; 2477 2478 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2479 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2480 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2481} 2482 2483/* Set the TX-Antenna for management frames sent by firmware. */ 2484static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2485{ 2486 u16 ant; 2487 u16 tmp; 2488 2489 ant = b43_antenna_to_phyctl(antenna); 2490 2491 /* For ACK/CTS */ 2492 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2493 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2494 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2495 /* For Probe Resposes */ 2496 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2497 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2498 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2499} 2500 2501/* This is the opposite of b43_chip_init() */ 2502static void b43_chip_exit(struct b43_wldev *dev) 2503{ 2504 b43_radio_turn_off(dev, 1); 2505 b43_gpio_cleanup(dev); 2506 /* firmware is released later */ 2507} 2508 2509/* Initialize the chip 2510 * http://bcm-specs.sipsolutions.net/ChipInit 2511 */ 2512static int b43_chip_init(struct b43_wldev *dev) 2513{ 2514 struct b43_phy *phy = &dev->phy; 2515 int err, tmp; 2516 u32 value32, macctl; 2517 u16 value16; 2518 2519 /* Initialize the MAC control */ 2520 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2521 if (dev->phy.gmode) 2522 macctl |= B43_MACCTL_GMODE; 2523 macctl |= B43_MACCTL_INFRA; 2524 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2525 2526 err = b43_request_firmware(dev); 2527 if (err) 2528 goto out; 2529 err = b43_upload_microcode(dev); 2530 if (err) 2531 goto out; /* firmware is released later */ 2532 2533 err = b43_gpio_init(dev); 2534 if (err) 2535 goto out; /* firmware is released later */ 2536 2537 err = b43_upload_initvals(dev); 2538 if (err) 2539 goto err_gpio_clean; 2540 b43_radio_turn_on(dev); 2541 2542 b43_write16(dev, 0x03E6, 0x0000); 2543 err = b43_phy_init(dev); 2544 if (err) 2545 goto err_radio_off; 2546 2547 /* Select initial Interference Mitigation. */ 2548 tmp = phy->interfmode; 2549 phy->interfmode = B43_INTERFMODE_NONE; 2550 b43_radio_set_interference_mitigation(dev, tmp); 2551 2552 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2553 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2554 2555 if (phy->type == B43_PHYTYPE_B) { 2556 value16 = b43_read16(dev, 0x005E); 2557 value16 |= 0x0004; 2558 b43_write16(dev, 0x005E, value16); 2559 } 2560 b43_write32(dev, 0x0100, 0x01000000); 2561 if (dev->dev->id.revision < 5) 2562 b43_write32(dev, 0x010C, 0x01000000); 2563 2564 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2565 & ~B43_MACCTL_INFRA); 2566 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2567 | B43_MACCTL_INFRA); 2568 2569 /* Probe Response Timeout value */ 2570 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2571 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2572 2573 /* Initially set the wireless operation mode. */ 2574 b43_adjust_opmode(dev); 2575 2576 if (dev->dev->id.revision < 3) { 2577 b43_write16(dev, 0x060E, 0x0000); 2578 b43_write16(dev, 0x0610, 0x8000); 2579 b43_write16(dev, 0x0604, 0x0000); 2580 b43_write16(dev, 0x0606, 0x0200); 2581 } else { 2582 b43_write32(dev, 0x0188, 0x80000000); 2583 b43_write32(dev, 0x018C, 0x02000000); 2584 } 2585 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2586 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2587 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2588 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2589 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2590 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2591 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2592 2593 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2594 value32 |= 0x00100000; 2595 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2596 2597 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2598 dev->dev->bus->chipco.fast_pwrup_delay); 2599 2600 err = 0; 2601 b43dbg(dev->wl, "Chip initialized\n"); 2602out: 2603 return err; 2604 2605err_radio_off: 2606 b43_radio_turn_off(dev, 1); 2607err_gpio_clean: 2608 b43_gpio_cleanup(dev); 2609 return err; 2610} 2611 2612static void b43_periodic_every120sec(struct b43_wldev *dev) 2613{ 2614 struct b43_phy *phy = &dev->phy; 2615 2616 if (phy->type != B43_PHYTYPE_G || phy->rev < 2) 2617 return; 2618 2619 b43_mac_suspend(dev); 2620 b43_lo_g_measure(dev); 2621 b43_mac_enable(dev); 2622 if (b43_has_hardware_pctl(phy)) 2623 b43_lo_g_ctl_mark_all_unused(dev); 2624} 2625 2626static void b43_periodic_every60sec(struct b43_wldev *dev) 2627{ 2628 struct b43_phy *phy = &dev->phy; 2629 2630 if (phy->type != B43_PHYTYPE_G) 2631 return; 2632 if (!b43_has_hardware_pctl(phy)) 2633 b43_lo_g_ctl_mark_all_unused(dev); 2634 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) { 2635 b43_mac_suspend(dev); 2636 b43_calc_nrssi_slope(dev); 2637 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) { 2638 u8 old_chan = phy->channel; 2639 2640 /* VCO Calibration */ 2641 if (old_chan >= 8) 2642 b43_radio_selectchannel(dev, 1, 0); 2643 else 2644 b43_radio_selectchannel(dev, 13, 0); 2645 b43_radio_selectchannel(dev, old_chan, 0); 2646 } 2647 b43_mac_enable(dev); 2648 } 2649} 2650 2651static void b43_periodic_every30sec(struct b43_wldev *dev) 2652{ 2653 /* Update device statistics. */ 2654 b43_calculate_link_quality(dev); 2655} 2656 2657static void b43_periodic_every15sec(struct b43_wldev *dev) 2658{ 2659 struct b43_phy *phy = &dev->phy; 2660 2661 if (phy->type == B43_PHYTYPE_G) { 2662 //TODO: update_aci_moving_average 2663 if (phy->aci_enable && phy->aci_wlan_automatic) { 2664 b43_mac_suspend(dev); 2665 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) { 2666 if (0 /*TODO: bunch of conditions */ ) { 2667 b43_radio_set_interference_mitigation 2668 (dev, B43_INTERFMODE_MANUALWLAN); 2669 } 2670 } else if (1 /*TODO*/) { 2671 /* 2672 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) { 2673 b43_radio_set_interference_mitigation(dev, 2674 B43_INTERFMODE_NONE); 2675 } 2676 */ 2677 } 2678 b43_mac_enable(dev); 2679 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN && 2680 phy->rev == 1) { 2681 //TODO: implement rev1 workaround 2682 } 2683 } 2684 b43_phy_xmitpower(dev); //FIXME: unless scanning? 2685 //TODO for APHY (temperature?) 2686 2687 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2688 wmb(); 2689} 2690 2691static void do_periodic_work(struct b43_wldev *dev) 2692{ 2693 unsigned int state; 2694 2695 state = dev->periodic_state; 2696 if (state % 8 == 0) 2697 b43_periodic_every120sec(dev); 2698 if (state % 4 == 0) 2699 b43_periodic_every60sec(dev); 2700 if (state % 2 == 0) 2701 b43_periodic_every30sec(dev); 2702 b43_periodic_every15sec(dev); 2703} 2704 2705/* Periodic work locking policy: 2706 * The whole periodic work handler is protected by 2707 * wl->mutex. If another lock is needed somewhere in the 2708 * pwork callchain, it's aquired in-place, where it's needed. 2709 */ 2710static void b43_periodic_work_handler(struct work_struct *work) 2711{ 2712 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2713 periodic_work.work); 2714 struct b43_wl *wl = dev->wl; 2715 unsigned long delay; 2716 2717 mutex_lock(&wl->mutex); 2718 2719 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2720 goto out; 2721 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2722 goto out_requeue; 2723 2724 do_periodic_work(dev); 2725 2726 dev->periodic_state++; 2727out_requeue: 2728 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2729 delay = msecs_to_jiffies(50); 2730 else 2731 delay = round_jiffies_relative(HZ * 15); 2732 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay); 2733out: 2734 mutex_unlock(&wl->mutex); 2735} 2736 2737static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2738{ 2739 struct delayed_work *work = &dev->periodic_work; 2740 2741 dev->periodic_state = 0; 2742 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2743 queue_delayed_work(dev->wl->hw->workqueue, work, 0); 2744} 2745 2746/* Check if communication with the device works correctly. */ 2747static int b43_validate_chipaccess(struct b43_wldev *dev) 2748{ 2749 u32 v, backup; 2750 2751 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0); 2752 2753 /* Check for read/write and endianness problems. */ 2754 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 2755 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 2756 goto error; 2757 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 2758 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 2759 goto error; 2760 2761 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup); 2762 2763 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 2764 /* The 32bit register shadows the two 16bit registers 2765 * with update sideeffects. Validate this. */ 2766 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 2767 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 2768 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 2769 goto error; 2770 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 2771 goto error; 2772 } 2773 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 2774 2775 v = b43_read32(dev, B43_MMIO_MACCTL); 2776 v |= B43_MACCTL_GMODE; 2777 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 2778 goto error; 2779 2780 return 0; 2781error: 2782 b43err(dev->wl, "Failed to validate the chipaccess\n"); 2783 return -ENODEV; 2784} 2785 2786static void b43_security_init(struct b43_wldev *dev) 2787{ 2788 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20; 2789 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key)); 2790 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 2791 /* KTP is a word address, but we address SHM bytewise. 2792 * So multiply by two. 2793 */ 2794 dev->ktp *= 2; 2795 if (dev->dev->id.revision >= 5) { 2796 /* Number of RCMTA address slots */ 2797 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8); 2798 } 2799 b43_clear_keys(dev); 2800} 2801 2802static int b43_rng_read(struct hwrng *rng, u32 * data) 2803{ 2804 struct b43_wl *wl = (struct b43_wl *)rng->priv; 2805 unsigned long flags; 2806 2807 /* Don't take wl->mutex here, as it could deadlock with 2808 * hwrng internal locking. It's not needed to take 2809 * wl->mutex here, anyway. */ 2810 2811 spin_lock_irqsave(&wl->irq_lock, flags); 2812 *data = b43_read16(wl->current_dev, B43_MMIO_RNG); 2813 spin_unlock_irqrestore(&wl->irq_lock, flags); 2814 2815 return (sizeof(u16)); 2816} 2817 2818static void b43_rng_exit(struct b43_wl *wl) 2819{ 2820 if (wl->rng_initialized) 2821 hwrng_unregister(&wl->rng); 2822} 2823 2824static int b43_rng_init(struct b43_wl *wl) 2825{ 2826 int err; 2827 2828 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 2829 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 2830 wl->rng.name = wl->rng_name; 2831 wl->rng.data_read = b43_rng_read; 2832 wl->rng.priv = (unsigned long)wl; 2833 wl->rng_initialized = 1; 2834 err = hwrng_register(&wl->rng); 2835 if (err) { 2836 wl->rng_initialized = 0; 2837 b43err(wl, "Failed to register the random " 2838 "number generator (%d)\n", err); 2839 } 2840 2841 return err; 2842} 2843 2844static int b43_op_tx(struct ieee80211_hw *hw, 2845 struct sk_buff *skb, 2846 struct ieee80211_tx_control *ctl) 2847{ 2848 struct b43_wl *wl = hw_to_b43_wl(hw); 2849 struct b43_wldev *dev = wl->current_dev; 2850 unsigned long flags; 2851 int err; 2852 2853 if (unlikely(skb->len < 2 + 2 + 6)) { 2854 /* Too short, this can't be a valid frame. */ 2855 dev_kfree_skb_any(skb); 2856 return NETDEV_TX_OK; 2857 } 2858 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 2859 if (unlikely(!dev)) 2860 return NETDEV_TX_BUSY; 2861 2862 /* Transmissions on seperate queues can run concurrently. */ 2863 read_lock_irqsave(&wl->tx_lock, flags); 2864 2865 err = -ENODEV; 2866 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 2867 if (b43_using_pio_transfers(dev)) 2868 err = b43_pio_tx(dev, skb, ctl); 2869 else 2870 err = b43_dma_tx(dev, skb, ctl); 2871 } 2872 2873 read_unlock_irqrestore(&wl->tx_lock, flags); 2874 2875 if (unlikely(err)) 2876 return NETDEV_TX_BUSY; 2877 return NETDEV_TX_OK; 2878} 2879 2880/* Locking: wl->irq_lock */ 2881static void b43_qos_params_upload(struct b43_wldev *dev, 2882 const struct ieee80211_tx_queue_params *p, 2883 u16 shm_offset) 2884{ 2885 u16 params[B43_NR_QOSPARAMS]; 2886 int cw_min, cw_max, aifs, bslots, tmp; 2887 unsigned int i; 2888 2889 const u16 aCWmin = 0x0001; 2890 const u16 aCWmax = 0x03FF; 2891 2892 /* Calculate the default values for the parameters, if needed. */ 2893 switch (shm_offset) { 2894 case B43_QOS_VOICE: 2895 aifs = (p->aifs == -1) ? 2 : p->aifs; 2896 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min; 2897 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max; 2898 break; 2899 case B43_QOS_VIDEO: 2900 aifs = (p->aifs == -1) ? 2 : p->aifs; 2901 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min; 2902 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max; 2903 break; 2904 case B43_QOS_BESTEFFORT: 2905 aifs = (p->aifs == -1) ? 3 : p->aifs; 2906 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2907 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2908 break; 2909 case B43_QOS_BACKGROUND: 2910 aifs = (p->aifs == -1) ? 7 : p->aifs; 2911 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2912 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2913 break; 2914 default: 2915 B43_WARN_ON(1); 2916 return; 2917 } 2918 if (cw_min <= 0) 2919 cw_min = aCWmin; 2920 if (cw_max <= 0) 2921 cw_max = aCWmin; 2922 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min; 2923 2924 memset(¶ms, 0, sizeof(params)); 2925 2926 params[B43_QOSPARAM_TXOP] = p->txop * 32; 2927 params[B43_QOSPARAM_CWMIN] = cw_min; 2928 params[B43_QOSPARAM_CWMAX] = cw_max; 2929 params[B43_QOSPARAM_CWCUR] = cw_min; 2930 params[B43_QOSPARAM_AIFS] = aifs; 2931 params[B43_QOSPARAM_BSLOTS] = bslots; 2932 params[B43_QOSPARAM_REGGAP] = bslots + aifs; 2933 2934 for (i = 0; i < ARRAY_SIZE(params); i++) { 2935 if (i == B43_QOSPARAM_STATUS) { 2936 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 2937 shm_offset + (i * 2)); 2938 /* Mark the parameters as updated. */ 2939 tmp |= 0x100; 2940 b43_shm_write16(dev, B43_SHM_SHARED, 2941 shm_offset + (i * 2), 2942 tmp); 2943 } else { 2944 b43_shm_write16(dev, B43_SHM_SHARED, 2945 shm_offset + (i * 2), 2946 params[i]); 2947 } 2948 } 2949} 2950 2951/* Update the QOS parameters in hardware. */ 2952static void b43_qos_update(struct b43_wldev *dev) 2953{ 2954 struct b43_wl *wl = dev->wl; 2955 struct b43_qos_params *params; 2956 unsigned long flags; 2957 unsigned int i; 2958 2959 /* Mapping of mac80211 queues to b43 SHM offsets. */ 2960 static const u16 qos_shm_offsets[] = { 2961 [0] = B43_QOS_VOICE, 2962 [1] = B43_QOS_VIDEO, 2963 [2] = B43_QOS_BESTEFFORT, 2964 [3] = B43_QOS_BACKGROUND, 2965 }; 2966 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params)); 2967 2968 b43_mac_suspend(dev); 2969 spin_lock_irqsave(&wl->irq_lock, flags); 2970 2971 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2972 params = &(wl->qos_params[i]); 2973 if (params->need_hw_update) { 2974 b43_qos_params_upload(dev, &(params->p), 2975 qos_shm_offsets[i]); 2976 params->need_hw_update = 0; 2977 } 2978 } 2979 2980 spin_unlock_irqrestore(&wl->irq_lock, flags); 2981 b43_mac_enable(dev); 2982} 2983 2984static void b43_qos_clear(struct b43_wl *wl) 2985{ 2986 struct b43_qos_params *params; 2987 unsigned int i; 2988 2989 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2990 params = &(wl->qos_params[i]); 2991 2992 memset(&(params->p), 0, sizeof(params->p)); 2993 params->p.aifs = -1; 2994 params->need_hw_update = 1; 2995 } 2996} 2997 2998/* Initialize the core's QOS capabilities */ 2999static void b43_qos_init(struct b43_wldev *dev) 3000{ 3001 struct b43_wl *wl = dev->wl; 3002 unsigned int i; 3003 3004 /* Upload the current QOS parameters. */ 3005 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) 3006 wl->qos_params[i].need_hw_update = 1; 3007 b43_qos_update(dev); 3008 3009 /* Enable QOS support. */ 3010 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3011 b43_write16(dev, B43_MMIO_IFSCTL, 3012 b43_read16(dev, B43_MMIO_IFSCTL) 3013 | B43_MMIO_IFSCTL_USE_EDCF); 3014} 3015 3016static void b43_qos_update_work(struct work_struct *work) 3017{ 3018 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work); 3019 struct b43_wldev *dev; 3020 3021 mutex_lock(&wl->mutex); 3022 dev = wl->current_dev; 3023 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) 3024 b43_qos_update(dev); 3025 mutex_unlock(&wl->mutex); 3026} 3027 3028static int b43_op_conf_tx(struct ieee80211_hw *hw, 3029 int _queue, 3030 const struct ieee80211_tx_queue_params *params) 3031{ 3032 struct b43_wl *wl = hw_to_b43_wl(hw); 3033 unsigned long flags; 3034 unsigned int queue = (unsigned int)_queue; 3035 struct b43_qos_params *p; 3036 3037 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3038 /* Queue not available or don't support setting 3039 * params on this queue. Return success to not 3040 * confuse mac80211. */ 3041 return 0; 3042 } 3043 3044 spin_lock_irqsave(&wl->irq_lock, flags); 3045 p = &(wl->qos_params[queue]); 3046 memcpy(&(p->p), params, sizeof(p->p)); 3047 p->need_hw_update = 1; 3048 spin_unlock_irqrestore(&wl->irq_lock, flags); 3049 3050 queue_work(hw->workqueue, &wl->qos_update_work); 3051 3052 return 0; 3053} 3054 3055static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3056 struct ieee80211_tx_queue_stats *stats) 3057{ 3058 struct b43_wl *wl = hw_to_b43_wl(hw); 3059 struct b43_wldev *dev = wl->current_dev; 3060 unsigned long flags; 3061 int err = -ENODEV; 3062 3063 if (!dev) 3064 goto out; 3065 spin_lock_irqsave(&wl->irq_lock, flags); 3066 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 3067 if (b43_using_pio_transfers(dev)) 3068 b43_pio_get_tx_stats(dev, stats); 3069 else 3070 b43_dma_get_tx_stats(dev, stats); 3071 err = 0; 3072 } 3073 spin_unlock_irqrestore(&wl->irq_lock, flags); 3074out: 3075 return err; 3076} 3077 3078static int b43_op_get_stats(struct ieee80211_hw *hw, 3079 struct ieee80211_low_level_stats *stats) 3080{ 3081 struct b43_wl *wl = hw_to_b43_wl(hw); 3082 unsigned long flags; 3083 3084 spin_lock_irqsave(&wl->irq_lock, flags); 3085 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3086 spin_unlock_irqrestore(&wl->irq_lock, flags); 3087 3088 return 0; 3089} 3090 3091static void b43_put_phy_into_reset(struct b43_wldev *dev) 3092{ 3093 struct ssb_device *sdev = dev->dev; 3094 u32 tmslow; 3095 3096 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3097 tmslow &= ~B43_TMSLOW_GMODE; 3098 tmslow |= B43_TMSLOW_PHYRESET; 3099 tmslow |= SSB_TMSLOW_FGC; 3100 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3101 msleep(1); 3102 3103 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3104 tmslow &= ~SSB_TMSLOW_FGC; 3105 tmslow |= B43_TMSLOW_PHYRESET; 3106 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3107 msleep(1); 3108} 3109 3110static const char * band_to_string(enum ieee80211_band band) 3111{ 3112 switch (band) { 3113 case IEEE80211_BAND_5GHZ: 3114 return "5"; 3115 case IEEE80211_BAND_2GHZ: 3116 return "2.4"; 3117 default: 3118 break; 3119 } 3120 B43_WARN_ON(1); 3121 return ""; 3122} 3123 3124/* Expects wl->mutex locked */ 3125static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3126{ 3127 struct b43_wldev *up_dev = NULL; 3128 struct b43_wldev *down_dev; 3129 struct b43_wldev *d; 3130 int err; 3131 bool gmode; 3132 int prev_status; 3133 3134 /* Find a device and PHY which supports the band. */ 3135 list_for_each_entry(d, &wl->devlist, list) { 3136 switch (chan->band) { 3137 case IEEE80211_BAND_5GHZ: 3138 if (d->phy.supports_5ghz) { 3139 up_dev = d; 3140 gmode = 0; 3141 } 3142 break; 3143 case IEEE80211_BAND_2GHZ: 3144 if (d->phy.supports_2ghz) { 3145 up_dev = d; 3146 gmode = 1; 3147 } 3148 break; 3149 default: 3150 B43_WARN_ON(1); 3151 return -EINVAL; 3152 } 3153 if (up_dev) 3154 break; 3155 } 3156 if (!up_dev) { 3157 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3158 band_to_string(chan->band)); 3159 return -ENODEV; 3160 } 3161 if ((up_dev == wl->current_dev) && 3162 (!!wl->current_dev->phy.gmode == !!gmode)) { 3163 /* This device is already running. */ 3164 return 0; 3165 } 3166 b43dbg(wl, "Switching to %s-GHz band\n", 3167 band_to_string(chan->band)); 3168 down_dev = wl->current_dev; 3169 3170 prev_status = b43_status(down_dev); 3171 /* Shutdown the currently running core. */ 3172 if (prev_status >= B43_STAT_STARTED) 3173 b43_wireless_core_stop(down_dev); 3174 if (prev_status >= B43_STAT_INITIALIZED) 3175 b43_wireless_core_exit(down_dev); 3176 3177 if (down_dev != up_dev) { 3178 /* We switch to a different core, so we put PHY into 3179 * RESET on the old core. */ 3180 b43_put_phy_into_reset(down_dev); 3181 } 3182 3183 /* Now start the new core. */ 3184 up_dev->phy.gmode = gmode; 3185 if (prev_status >= B43_STAT_INITIALIZED) { 3186 err = b43_wireless_core_init(up_dev); 3187 if (err) { 3188 b43err(wl, "Fatal: Could not initialize device for " 3189 "selected %s-GHz band\n", 3190 band_to_string(chan->band)); 3191 goto init_failure; 3192 } 3193 } 3194 if (prev_status >= B43_STAT_STARTED) { 3195 err = b43_wireless_core_start(up_dev); 3196 if (err) { 3197 b43err(wl, "Fatal: Coult not start device for " 3198 "selected %s-GHz band\n", 3199 band_to_string(chan->band)); 3200 b43_wireless_core_exit(up_dev); 3201 goto init_failure; 3202 } 3203 } 3204 B43_WARN_ON(b43_status(up_dev) != prev_status); 3205 3206 wl->current_dev = up_dev; 3207 3208 return 0; 3209init_failure: 3210 /* Whoops, failed to init the new core. No core is operating now. */ 3211 wl->current_dev = NULL; 3212 return err; 3213} 3214 3215static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf) 3216{ 3217 struct b43_wl *wl = hw_to_b43_wl(hw); 3218 struct b43_wldev *dev; 3219 struct b43_phy *phy; 3220 unsigned long flags; 3221 int antenna; 3222 int err = 0; 3223 u32 savedirqs; 3224 3225 mutex_lock(&wl->mutex); 3226 3227 /* Switch the band (if necessary). This might change the active core. */ 3228 err = b43_switch_band(wl, conf->channel); 3229 if (err) 3230 goto out_unlock_mutex; 3231 dev = wl->current_dev; 3232 phy = &dev->phy; 3233 3234 /* Disable IRQs while reconfiguring the device. 3235 * This makes it possible to drop the spinlock throughout 3236 * the reconfiguration process. */ 3237 spin_lock_irqsave(&wl->irq_lock, flags); 3238 if (b43_status(dev) < B43_STAT_STARTED) { 3239 spin_unlock_irqrestore(&wl->irq_lock, flags); 3240 goto out_unlock_mutex; 3241 } 3242 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL); 3243 spin_unlock_irqrestore(&wl->irq_lock, flags); 3244 b43_synchronize_irq(dev); 3245 3246 /* Switch to the requested channel. 3247 * The firmware takes care of races with the TX handler. */ 3248 if (conf->channel->hw_value != phy->channel) 3249 b43_radio_selectchannel(dev, conf->channel->hw_value, 0); 3250 3251 /* Enable/Disable ShortSlot timing. */ 3252 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) != 3253 dev->short_slot) { 3254 B43_WARN_ON(phy->type != B43_PHYTYPE_G); 3255 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME) 3256 b43_short_slot_timing_enable(dev); 3257 else 3258 b43_short_slot_timing_disable(dev); 3259 } 3260 3261 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP); 3262 3263 /* Adjust the desired TX power level. */ 3264 if (conf->power_level != 0) { 3265 if (conf->power_level != phy->power_level) { 3266 phy->power_level = conf->power_level; 3267 b43_phy_xmitpower(dev); 3268 } 3269 } 3270 3271 /* Antennas for RX and management frame TX. */ 3272 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx); 3273 b43_mgmtframe_txantenna(dev, antenna); 3274 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx); 3275 b43_set_rx_antenna(dev, antenna); 3276 3277 /* Update templates for AP mode. */ 3278 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 3279 b43_set_beacon_int(dev, conf->beacon_int); 3280 3281 if (!!conf->radio_enabled != phy->radio_on) { 3282 if (conf->radio_enabled) { 3283 b43_radio_turn_on(dev); 3284 b43info(dev->wl, "Radio turned on by software\n"); 3285 if (!dev->radio_hw_enable) { 3286 b43info(dev->wl, "The hardware RF-kill button " 3287 "still turns the radio physically off. " 3288 "Press the button to turn it on.\n"); 3289 } 3290 } else { 3291 b43_radio_turn_off(dev, 0); 3292 b43info(dev->wl, "Radio turned off by software\n"); 3293 } 3294 } 3295 3296 spin_lock_irqsave(&wl->irq_lock, flags); 3297 b43_interrupt_enable(dev, savedirqs); 3298 mmiowb(); 3299 spin_unlock_irqrestore(&wl->irq_lock, flags); 3300 out_unlock_mutex: 3301 mutex_unlock(&wl->mutex); 3302 3303 return err; 3304} 3305 3306static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3307 const u8 *local_addr, const u8 *addr, 3308 struct ieee80211_key_conf *key) 3309{ 3310 struct b43_wl *wl = hw_to_b43_wl(hw); 3311 struct b43_wldev *dev; 3312 unsigned long flags; 3313 u8 algorithm; 3314 u8 index; 3315 int err; 3316 DECLARE_MAC_BUF(mac); 3317 3318 if (modparam_nohwcrypt) 3319 return -ENOSPC; /* User disabled HW-crypto */ 3320 3321 mutex_lock(&wl->mutex); 3322 spin_lock_irqsave(&wl->irq_lock, flags); 3323 3324 dev = wl->current_dev; 3325 err = -ENODEV; 3326 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3327 goto out_unlock; 3328 3329 err = -EINVAL; 3330 switch (key->alg) { 3331 case ALG_WEP: 3332 if (key->keylen == 5) 3333 algorithm = B43_SEC_ALGO_WEP40; 3334 else 3335 algorithm = B43_SEC_ALGO_WEP104; 3336 break; 3337 case ALG_TKIP: 3338 algorithm = B43_SEC_ALGO_TKIP; 3339 break; 3340 case ALG_CCMP: 3341 algorithm = B43_SEC_ALGO_AES; 3342 break; 3343 default: 3344 B43_WARN_ON(1); 3345 goto out_unlock; 3346 } 3347 index = (u8) (key->keyidx); 3348 if (index > 3) 3349 goto out_unlock; 3350 3351 switch (cmd) { 3352 case SET_KEY: 3353 if (algorithm == B43_SEC_ALGO_TKIP) { 3354 /* FIXME: No TKIP hardware encryption for now. */ 3355 err = -EOPNOTSUPP; 3356 goto out_unlock; 3357 } 3358 3359 if (is_broadcast_ether_addr(addr)) { 3360 /* addr is FF:FF:FF:FF:FF:FF for default keys */ 3361 err = b43_key_write(dev, index, algorithm, 3362 key->key, key->keylen, NULL, key); 3363 } else { 3364 /* 3365 * either pairwise key or address is 00:00:00:00:00:00 3366 * for transmit-only keys 3367 */ 3368 err = b43_key_write(dev, -1, algorithm, 3369 key->key, key->keylen, addr, key); 3370 } 3371 if (err) 3372 goto out_unlock; 3373 3374 if (algorithm == B43_SEC_ALGO_WEP40 || 3375 algorithm == B43_SEC_ALGO_WEP104) { 3376 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3377 } else { 3378 b43_hf_write(dev, 3379 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3380 } 3381 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3382 break; 3383 case DISABLE_KEY: { 3384 err = b43_key_clear(dev, key->hw_key_idx); 3385 if (err) 3386 goto out_unlock; 3387 break; 3388 } 3389 default: 3390 B43_WARN_ON(1); 3391 } 3392out_unlock: 3393 spin_unlock_irqrestore(&wl->irq_lock, flags); 3394 mutex_unlock(&wl->mutex); 3395 if (!err) { 3396 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3397 "mac: %s\n", 3398 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3399 print_mac(mac, addr)); 3400 } 3401 return err; 3402} 3403 3404static void b43_op_configure_filter(struct ieee80211_hw *hw, 3405 unsigned int changed, unsigned int *fflags, 3406 int mc_count, struct dev_addr_list *mc_list) 3407{ 3408 struct b43_wl *wl = hw_to_b43_wl(hw); 3409 struct b43_wldev *dev = wl->current_dev; 3410 unsigned long flags; 3411 3412 if (!dev) { 3413 *fflags = 0; 3414 return; 3415 } 3416 3417 spin_lock_irqsave(&wl->irq_lock, flags); 3418 *fflags &= FIF_PROMISC_IN_BSS | 3419 FIF_ALLMULTI | 3420 FIF_FCSFAIL | 3421 FIF_PLCPFAIL | 3422 FIF_CONTROL | 3423 FIF_OTHER_BSS | 3424 FIF_BCN_PRBRESP_PROMISC; 3425 3426 changed &= FIF_PROMISC_IN_BSS | 3427 FIF_ALLMULTI | 3428 FIF_FCSFAIL | 3429 FIF_PLCPFAIL | 3430 FIF_CONTROL | 3431 FIF_OTHER_BSS | 3432 FIF_BCN_PRBRESP_PROMISC; 3433 3434 wl->filter_flags = *fflags; 3435 3436 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3437 b43_adjust_opmode(dev); 3438 spin_unlock_irqrestore(&wl->irq_lock, flags); 3439} 3440 3441static int b43_op_config_interface(struct ieee80211_hw *hw, 3442 struct ieee80211_vif *vif, 3443 struct ieee80211_if_conf *conf) 3444{ 3445 struct b43_wl *wl = hw_to_b43_wl(hw); 3446 struct b43_wldev *dev = wl->current_dev; 3447 unsigned long flags; 3448 3449 if (!dev) 3450 return -ENODEV; 3451 mutex_lock(&wl->mutex); 3452 spin_lock_irqsave(&wl->irq_lock, flags); 3453 B43_WARN_ON(wl->vif != vif); 3454 if (conf->bssid) 3455 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3456 else 3457 memset(wl->bssid, 0, ETH_ALEN); 3458 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3459 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) { 3460 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP); 3461 b43_set_ssid(dev, conf->ssid, conf->ssid_len); 3462 if (conf->beacon) { 3463 b43_update_templates(wl, conf->beacon, 3464 conf->beacon_control); 3465 } 3466 } 3467 b43_write_mac_bssid_templates(dev); 3468 } 3469 spin_unlock_irqrestore(&wl->irq_lock, flags); 3470 mutex_unlock(&wl->mutex); 3471 3472 return 0; 3473} 3474 3475/* Locking: wl->mutex */ 3476static void b43_wireless_core_stop(struct b43_wldev *dev) 3477{ 3478 struct b43_wl *wl = dev->wl; 3479 unsigned long flags; 3480 3481 if (b43_status(dev) < B43_STAT_STARTED) 3482 return; 3483 3484 /* Disable and sync interrupts. We must do this before than 3485 * setting the status to INITIALIZED, as the interrupt handler 3486 * won't care about IRQs then. */ 3487 spin_lock_irqsave(&wl->irq_lock, flags); 3488 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 3489 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */ 3490 spin_unlock_irqrestore(&wl->irq_lock, flags); 3491 b43_synchronize_irq(dev); 3492 3493 write_lock_irqsave(&wl->tx_lock, flags); 3494 b43_set_status(dev, B43_STAT_INITIALIZED); 3495 write_unlock_irqrestore(&wl->tx_lock, flags); 3496 3497 b43_pio_stop(dev); 3498 mutex_unlock(&wl->mutex); 3499 /* Must unlock as it would otherwise deadlock. No races here. 3500 * Cancel the possibly running self-rearming periodic work. */ 3501 cancel_delayed_work_sync(&dev->periodic_work); 3502 mutex_lock(&wl->mutex); 3503 3504 b43_mac_suspend(dev); 3505 free_irq(dev->dev->irq, dev); 3506 b43dbg(wl, "Wireless interface stopped\n"); 3507} 3508 3509/* Locking: wl->mutex */ 3510static int b43_wireless_core_start(struct b43_wldev *dev) 3511{ 3512 int err; 3513 3514 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3515 3516 drain_txstatus_queue(dev); 3517 err = request_irq(dev->dev->irq, b43_interrupt_handler, 3518 IRQF_SHARED, KBUILD_MODNAME, dev); 3519 if (err) { 3520 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3521 goto out; 3522 } 3523 3524 /* We are ready to run. */ 3525 b43_set_status(dev, B43_STAT_STARTED); 3526 3527 /* Start data flow (TX/RX). */ 3528 b43_mac_enable(dev); 3529 b43_interrupt_enable(dev, dev->irq_savedstate); 3530 ieee80211_start_queues(dev->wl->hw); 3531 3532 /* Start maintainance work */ 3533 b43_periodic_tasks_setup(dev); 3534 3535 b43dbg(dev->wl, "Wireless interface started\n"); 3536 out: 3537 return err; 3538} 3539 3540/* Get PHY and RADIO versioning numbers */ 3541static int b43_phy_versioning(struct b43_wldev *dev) 3542{ 3543 struct b43_phy *phy = &dev->phy; 3544 u32 tmp; 3545 u8 analog_type; 3546 u8 phy_type; 3547 u8 phy_rev; 3548 u16 radio_manuf; 3549 u16 radio_ver; 3550 u16 radio_rev; 3551 int unsupported = 0; 3552 3553 /* Get PHY versioning */ 3554 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3555 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3556 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3557 phy_rev = (tmp & B43_PHYVER_VERSION); 3558 switch (phy_type) { 3559 case B43_PHYTYPE_A: 3560 if (phy_rev >= 4) 3561 unsupported = 1; 3562 break; 3563 case B43_PHYTYPE_B: 3564 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 3565 && phy_rev != 7) 3566 unsupported = 1; 3567 break; 3568 case B43_PHYTYPE_G: 3569 if (phy_rev > 9) 3570 unsupported = 1; 3571 break; 3572#ifdef CONFIG_B43_NPHY 3573 case B43_PHYTYPE_N: 3574 if (phy_rev > 1) 3575 unsupported = 1; 3576 break; 3577#endif 3578 default: 3579 unsupported = 1; 3580 }; 3581 if (unsupported) { 3582 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 3583 "(Analog %u, Type %u, Revision %u)\n", 3584 analog_type, phy_type, phy_rev); 3585 return -EOPNOTSUPP; 3586 } 3587 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 3588 analog_type, phy_type, phy_rev); 3589 3590 /* Get RADIO versioning */ 3591 if (dev->dev->bus->chip_id == 0x4317) { 3592 if (dev->dev->bus->chip_rev == 0) 3593 tmp = 0x3205017F; 3594 else if (dev->dev->bus->chip_rev == 1) 3595 tmp = 0x4205017F; 3596 else 3597 tmp = 0x5205017F; 3598 } else { 3599 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3600 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 3601 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3602 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 3603 } 3604 radio_manuf = (tmp & 0x00000FFF); 3605 radio_ver = (tmp & 0x0FFFF000) >> 12; 3606 radio_rev = (tmp & 0xF0000000) >> 28; 3607 if (radio_manuf != 0x17F /* Broadcom */) 3608 unsupported = 1; 3609 switch (phy_type) { 3610 case B43_PHYTYPE_A: 3611 if (radio_ver != 0x2060) 3612 unsupported = 1; 3613 if (radio_rev != 1) 3614 unsupported = 1; 3615 if (radio_manuf != 0x17F) 3616 unsupported = 1; 3617 break; 3618 case B43_PHYTYPE_B: 3619 if ((radio_ver & 0xFFF0) != 0x2050) 3620 unsupported = 1; 3621 break; 3622 case B43_PHYTYPE_G: 3623 if (radio_ver != 0x2050) 3624 unsupported = 1; 3625 break; 3626 case B43_PHYTYPE_N: 3627 if (radio_ver != 0x2055) 3628 unsupported = 1; 3629 break; 3630 default: 3631 B43_WARN_ON(1); 3632 } 3633 if (unsupported) { 3634 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 3635 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 3636 radio_manuf, radio_ver, radio_rev); 3637 return -EOPNOTSUPP; 3638 } 3639 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 3640 radio_manuf, radio_ver, radio_rev); 3641 3642 phy->radio_manuf = radio_manuf; 3643 phy->radio_ver = radio_ver; 3644 phy->radio_rev = radio_rev; 3645 3646 phy->analog = analog_type; 3647 phy->type = phy_type; 3648 phy->rev = phy_rev; 3649 3650 return 0; 3651} 3652 3653static void setup_struct_phy_for_init(struct b43_wldev *dev, 3654 struct b43_phy *phy) 3655{ 3656 struct b43_txpower_lo_control *lo; 3657 int i; 3658 3659 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig)); 3660 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos)); 3661 3662 phy->aci_enable = 0; 3663 phy->aci_wlan_automatic = 0; 3664 phy->aci_hw_rssi = 0; 3665 3666 phy->radio_off_context.valid = 0; 3667 3668 lo = phy->lo_control; 3669 if (lo) { 3670 memset(lo, 0, sizeof(*(phy->lo_control))); 3671 lo->rebuild = 1; 3672 lo->tx_bias = 0xFF; 3673 } 3674 phy->max_lb_gain = 0; 3675 phy->trsw_rx_gain = 0; 3676 phy->txpwr_offset = 0; 3677 3678 /* NRSSI */ 3679 phy->nrssislope = 0; 3680 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++) 3681 phy->nrssi[i] = -1000; 3682 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++) 3683 phy->nrssi_lt[i] = i; 3684 3685 phy->lofcal = 0xFFFF; 3686 phy->initval = 0xFFFF; 3687 3688 phy->interfmode = B43_INTERFMODE_NONE; 3689 phy->channel = 0xFF; 3690 3691 phy->hardware_power_control = !!modparam_hwpctl; 3692 3693 /* PHY TX errors counter. */ 3694 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3695 3696 /* OFDM-table address caching. */ 3697 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN; 3698} 3699 3700static void setup_struct_wldev_for_init(struct b43_wldev *dev) 3701{ 3702 dev->dfq_valid = 0; 3703 3704 /* Assume the radio is enabled. If it's not enabled, the state will 3705 * immediately get fixed on the first periodic work run. */ 3706 dev->radio_hw_enable = 1; 3707 3708 /* Stats */ 3709 memset(&dev->stats, 0, sizeof(dev->stats)); 3710 3711 setup_struct_phy_for_init(dev, &dev->phy); 3712 3713 /* IRQ related flags */ 3714 dev->irq_reason = 0; 3715 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 3716 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE; 3717 3718 dev->mac_suspended = 1; 3719 3720 /* Noise calculation context */ 3721 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 3722} 3723 3724static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 3725{ 3726 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 3727 u64 hf; 3728 3729 if (!modparam_btcoex) 3730 return; 3731 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 3732 return; 3733 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 3734 return; 3735 3736 hf = b43_hf_read(dev); 3737 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 3738 hf |= B43_HF_BTCOEXALT; 3739 else 3740 hf |= B43_HF_BTCOEX; 3741 b43_hf_write(dev, hf); 3742} 3743 3744static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 3745{ 3746 if (!modparam_btcoex) 3747 return; 3748 //TODO 3749} 3750 3751static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 3752{ 3753#ifdef CONFIG_SSB_DRIVER_PCICORE 3754 struct ssb_bus *bus = dev->dev->bus; 3755 u32 tmp; 3756 3757 if (bus->pcicore.dev && 3758 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 3759 bus->pcicore.dev->id.revision <= 5) { 3760 /* IMCFGLO timeouts workaround. */ 3761 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 3762 tmp &= ~SSB_IMCFGLO_REQTO; 3763 tmp &= ~SSB_IMCFGLO_SERTO; 3764 switch (bus->bustype) { 3765 case SSB_BUSTYPE_PCI: 3766 case SSB_BUSTYPE_PCMCIA: 3767 tmp |= 0x32; 3768 break; 3769 case SSB_BUSTYPE_SSB: 3770 tmp |= 0x53; 3771 break; 3772 } 3773 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 3774 } 3775#endif /* CONFIG_SSB_DRIVER_PCICORE */ 3776} 3777 3778/* Write the short and long frame retry limit values. */ 3779static void b43_set_retry_limits(struct b43_wldev *dev, 3780 unsigned int short_retry, 3781 unsigned int long_retry) 3782{ 3783 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3784 * the chip-internal counter. */ 3785 short_retry = min(short_retry, (unsigned int)0xF); 3786 long_retry = min(long_retry, (unsigned int)0xF); 3787 3788 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3789 short_retry); 3790 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3791 long_retry); 3792} 3793 3794static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 3795{ 3796 u16 pu_delay; 3797 3798 /* The time value is in microseconds. */ 3799 if (dev->phy.type == B43_PHYTYPE_A) 3800 pu_delay = 3700; 3801 else 3802 pu_delay = 1050; 3803 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS) || idle) 3804 pu_delay = 500; 3805 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 3806 pu_delay = max(pu_delay, (u16)2400); 3807 3808 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 3809} 3810 3811/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 3812static void b43_set_pretbtt(struct b43_wldev *dev) 3813{ 3814 u16 pretbtt; 3815 3816 /* The time value is in microseconds. */ 3817 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) { 3818 pretbtt = 2; 3819 } else { 3820 if (dev->phy.type == B43_PHYTYPE_A) 3821 pretbtt = 120; 3822 else 3823 pretbtt = 250; 3824 } 3825 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 3826 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 3827} 3828 3829/* Shutdown a wireless core */ 3830/* Locking: wl->mutex */ 3831static void b43_wireless_core_exit(struct b43_wldev *dev) 3832{ 3833 struct b43_phy *phy = &dev->phy; 3834 u32 macctl; 3835 3836 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED); 3837 if (b43_status(dev) != B43_STAT_INITIALIZED) 3838 return; 3839 b43_set_status(dev, B43_STAT_UNINIT); 3840 3841 /* Stop the microcode PSM. */ 3842 macctl = b43_read32(dev, B43_MMIO_MACCTL); 3843 macctl &= ~B43_MACCTL_PSM_RUN; 3844 macctl |= B43_MACCTL_PSM_JMP0; 3845 b43_write32(dev, B43_MMIO_MACCTL, macctl); 3846 3847 if (!dev->suspend_in_progress) { 3848 b43_leds_exit(dev); 3849 b43_rng_exit(dev->wl); 3850 } 3851 b43_dma_free(dev); 3852 b43_pio_free(dev); 3853 b43_chip_exit(dev); 3854 b43_radio_turn_off(dev, 1); 3855 b43_switch_analog(dev, 0); 3856 if (phy->dyn_tssi_tbl) 3857 kfree(phy->tssi2dbm); 3858 kfree(phy->lo_control); 3859 phy->lo_control = NULL; 3860 if (dev->wl->current_beacon) { 3861 dev_kfree_skb_any(dev->wl->current_beacon); 3862 dev->wl->current_beacon = NULL; 3863 } 3864 3865 ssb_device_disable(dev->dev, 0); 3866 ssb_bus_may_powerdown(dev->dev->bus); 3867} 3868 3869/* Initialize a wireless core */ 3870static int b43_wireless_core_init(struct b43_wldev *dev) 3871{ 3872 struct b43_wl *wl = dev->wl; 3873 struct ssb_bus *bus = dev->dev->bus; 3874 struct ssb_sprom *sprom = &bus->sprom; 3875 struct b43_phy *phy = &dev->phy; 3876 int err; 3877 u64 hf; 3878 u32 tmp; 3879 3880 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3881 3882 err = ssb_bus_powerup(bus, 0); 3883 if (err) 3884 goto out; 3885 if (!ssb_device_is_enabled(dev->dev)) { 3886 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 3887 b43_wireless_core_reset(dev, tmp); 3888 } 3889 3890 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) { 3891 phy->lo_control = 3892 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL); 3893 if (!phy->lo_control) { 3894 err = -ENOMEM; 3895 goto err_busdown; 3896 } 3897 } 3898 setup_struct_wldev_for_init(dev); 3899 3900 err = b43_phy_init_tssi2dbm_table(dev); 3901 if (err) 3902 goto err_kfree_lo_control; 3903 3904 /* Enable IRQ routing to this device. */ 3905 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 3906 3907 b43_imcfglo_timeouts_workaround(dev); 3908 b43_bluetooth_coext_disable(dev); 3909 b43_phy_early_init(dev); 3910 err = b43_chip_init(dev); 3911 if (err) 3912 goto err_kfree_tssitbl; 3913 b43_shm_write16(dev, B43_SHM_SHARED, 3914 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 3915 hf = b43_hf_read(dev); 3916 if (phy->type == B43_PHYTYPE_G) { 3917 hf |= B43_HF_SYMW; 3918 if (phy->rev == 1) 3919 hf |= B43_HF_GDCW; 3920 if (sprom->boardflags_lo & B43_BFL_PACTRL) 3921 hf |= B43_HF_OFDMPABOOST; 3922 } else if (phy->type == B43_PHYTYPE_B) { 3923 hf |= B43_HF_SYMW; 3924 if (phy->rev >= 2 && phy->radio_ver == 0x2050) 3925 hf &= ~B43_HF_GDCW; 3926 } 3927 b43_hf_write(dev, hf); 3928 3929 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 3930 B43_DEFAULT_LONG_RETRY_LIMIT); 3931 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 3932 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 3933 3934 /* Disable sending probe responses from firmware. 3935 * Setting the MaxTime to one usec will always trigger 3936 * a timeout, so we never send any probe resp. 3937 * A timeout of zero is infinite. */ 3938 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 3939 3940 b43_rate_memory_init(dev); 3941 b43_set_phytxctl_defaults(dev); 3942 3943 /* Minimum Contention Window */ 3944 if (phy->type == B43_PHYTYPE_B) { 3945 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 3946 } else { 3947 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 3948 } 3949 /* Maximum Contention Window */ 3950 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 3951 3952 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) { 3953 dev->__using_pio_transfers = 1; 3954 err = b43_pio_init(dev); 3955 } else { 3956 dev->__using_pio_transfers = 0; 3957 err = b43_dma_init(dev); 3958 } 3959 if (err) 3960 goto err_chip_exit; 3961 b43_qos_init(dev); 3962 b43_set_synth_pu_delay(dev, 1); 3963 b43_bluetooth_coext_enable(dev); 3964 3965 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */ 3966 b43_upload_card_macaddress(dev); 3967 b43_security_init(dev); 3968 if (!dev->suspend_in_progress) 3969 b43_rng_init(wl); 3970 3971 b43_set_status(dev, B43_STAT_INITIALIZED); 3972 3973 if (!dev->suspend_in_progress) 3974 b43_leds_init(dev); 3975out: 3976 return err; 3977 3978 err_chip_exit: 3979 b43_chip_exit(dev); 3980 err_kfree_tssitbl: 3981 if (phy->dyn_tssi_tbl) 3982 kfree(phy->tssi2dbm); 3983 err_kfree_lo_control: 3984 kfree(phy->lo_control); 3985 phy->lo_control = NULL; 3986 err_busdown: 3987 ssb_bus_may_powerdown(bus); 3988 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3989 return err; 3990} 3991 3992static int b43_op_add_interface(struct ieee80211_hw *hw, 3993 struct ieee80211_if_init_conf *conf) 3994{ 3995 struct b43_wl *wl = hw_to_b43_wl(hw); 3996 struct b43_wldev *dev; 3997 unsigned long flags; 3998 int err = -EOPNOTSUPP; 3999 4000 /* TODO: allow WDS/AP devices to coexist */ 4001 4002 if (conf->type != IEEE80211_IF_TYPE_AP && 4003 conf->type != IEEE80211_IF_TYPE_STA && 4004 conf->type != IEEE80211_IF_TYPE_WDS && 4005 conf->type != IEEE80211_IF_TYPE_IBSS) 4006 return -EOPNOTSUPP; 4007 4008 mutex_lock(&wl->mutex); 4009 if (wl->operating) 4010 goto out_mutex_unlock; 4011 4012 b43dbg(wl, "Adding Interface type %d\n", conf->type); 4013 4014 dev = wl->current_dev; 4015 wl->operating = 1; 4016 wl->vif = conf->vif; 4017 wl->if_type = conf->type; 4018 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 4019 4020 spin_lock_irqsave(&wl->irq_lock, flags); 4021 b43_adjust_opmode(dev); 4022 b43_set_pretbtt(dev); 4023 b43_set_synth_pu_delay(dev, 0); 4024 b43_upload_card_macaddress(dev); 4025 spin_unlock_irqrestore(&wl->irq_lock, flags); 4026 4027 err = 0; 4028 out_mutex_unlock: 4029 mutex_unlock(&wl->mutex); 4030 4031 return err; 4032} 4033 4034static void b43_op_remove_interface(struct ieee80211_hw *hw, 4035 struct ieee80211_if_init_conf *conf) 4036{ 4037 struct b43_wl *wl = hw_to_b43_wl(hw); 4038 struct b43_wldev *dev = wl->current_dev; 4039 unsigned long flags; 4040 4041 b43dbg(wl, "Removing Interface type %d\n", conf->type); 4042 4043 mutex_lock(&wl->mutex); 4044 4045 B43_WARN_ON(!wl->operating); 4046 B43_WARN_ON(wl->vif != conf->vif); 4047 wl->vif = NULL; 4048 4049 wl->operating = 0; 4050 4051 spin_lock_irqsave(&wl->irq_lock, flags); 4052 b43_adjust_opmode(dev); 4053 memset(wl->mac_addr, 0, ETH_ALEN); 4054 b43_upload_card_macaddress(dev); 4055 spin_unlock_irqrestore(&wl->irq_lock, flags); 4056 4057 mutex_unlock(&wl->mutex); 4058} 4059 4060static int b43_op_start(struct ieee80211_hw *hw) 4061{ 4062 struct b43_wl *wl = hw_to_b43_wl(hw); 4063 struct b43_wldev *dev = wl->current_dev; 4064 int did_init = 0; 4065 int err = 0; 4066 bool do_rfkill_exit = 0; 4067 4068 /* Kill all old instance specific information to make sure 4069 * the card won't use it in the short timeframe between start 4070 * and mac80211 reconfiguring it. */ 4071 memset(wl->bssid, 0, ETH_ALEN); 4072 memset(wl->mac_addr, 0, ETH_ALEN); 4073 wl->filter_flags = 0; 4074 wl->radiotap_enabled = 0; 4075 b43_qos_clear(wl); 4076 4077 /* First register RFkill. 4078 * LEDs that are registered later depend on it. */ 4079 b43_rfkill_init(dev); 4080 4081 mutex_lock(&wl->mutex); 4082 4083 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4084 err = b43_wireless_core_init(dev); 4085 if (err) { 4086 do_rfkill_exit = 1; 4087 goto out_mutex_unlock; 4088 } 4089 did_init = 1; 4090 } 4091 4092 if (b43_status(dev) < B43_STAT_STARTED) { 4093 err = b43_wireless_core_start(dev); 4094 if (err) { 4095 if (did_init) 4096 b43_wireless_core_exit(dev); 4097 do_rfkill_exit = 1; 4098 goto out_mutex_unlock; 4099 } 4100 } 4101 4102 out_mutex_unlock: 4103 mutex_unlock(&wl->mutex); 4104 4105 if (do_rfkill_exit) 4106 b43_rfkill_exit(dev); 4107 4108 return err; 4109} 4110 4111static void b43_op_stop(struct ieee80211_hw *hw) 4112{ 4113 struct b43_wl *wl = hw_to_b43_wl(hw); 4114 struct b43_wldev *dev = wl->current_dev; 4115 4116 b43_rfkill_exit(dev); 4117 cancel_work_sync(&(wl->qos_update_work)); 4118 cancel_work_sync(&(wl->beacon_update_trigger)); 4119 4120 mutex_lock(&wl->mutex); 4121 if (b43_status(dev) >= B43_STAT_STARTED) 4122 b43_wireless_core_stop(dev); 4123 b43_wireless_core_exit(dev); 4124 mutex_unlock(&wl->mutex); 4125} 4126 4127static int b43_op_set_retry_limit(struct ieee80211_hw *hw, 4128 u32 short_retry_limit, u32 long_retry_limit) 4129{ 4130 struct b43_wl *wl = hw_to_b43_wl(hw); 4131 struct b43_wldev *dev; 4132 int err = 0; 4133 4134 mutex_lock(&wl->mutex); 4135 dev = wl->current_dev; 4136 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) { 4137 err = -ENODEV; 4138 goto out_unlock; 4139 } 4140 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit); 4141out_unlock: 4142 mutex_unlock(&wl->mutex); 4143 4144 return err; 4145} 4146 4147static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set) 4148{ 4149 struct b43_wl *wl = hw_to_b43_wl(hw); 4150 struct sk_buff *beacon; 4151 unsigned long flags; 4152 struct ieee80211_tx_control txctl; 4153 4154 /* We could modify the existing beacon and set the aid bit in 4155 * the TIM field, but that would probably require resizing and 4156 * moving of data within the beacon template. 4157 * Simply request a new beacon and let mac80211 do the hard work. */ 4158 beacon = ieee80211_beacon_get(hw, wl->vif, &txctl); 4159 if (unlikely(!beacon)) 4160 return -ENOMEM; 4161 spin_lock_irqsave(&wl->irq_lock, flags); 4162 b43_update_templates(wl, beacon, &txctl); 4163 spin_unlock_irqrestore(&wl->irq_lock, flags); 4164 4165 return 0; 4166} 4167 4168static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw, 4169 struct sk_buff *beacon, 4170 struct ieee80211_tx_control *ctl) 4171{ 4172 struct b43_wl *wl = hw_to_b43_wl(hw); 4173 unsigned long flags; 4174 4175 spin_lock_irqsave(&wl->irq_lock, flags); 4176 b43_update_templates(wl, beacon, ctl); 4177 spin_unlock_irqrestore(&wl->irq_lock, flags); 4178 4179 return 0; 4180} 4181 4182static void b43_op_sta_notify(struct ieee80211_hw *hw, 4183 struct ieee80211_vif *vif, 4184 enum sta_notify_cmd notify_cmd, 4185 const u8 *addr) 4186{ 4187 struct b43_wl *wl = hw_to_b43_wl(hw); 4188 4189 B43_WARN_ON(!vif || wl->vif != vif); 4190} 4191 4192static const struct ieee80211_ops b43_hw_ops = { 4193 .tx = b43_op_tx, 4194 .conf_tx = b43_op_conf_tx, 4195 .add_interface = b43_op_add_interface, 4196 .remove_interface = b43_op_remove_interface, 4197 .config = b43_op_config, 4198 .config_interface = b43_op_config_interface, 4199 .configure_filter = b43_op_configure_filter, 4200 .set_key = b43_op_set_key, 4201 .get_stats = b43_op_get_stats, 4202 .get_tx_stats = b43_op_get_tx_stats, 4203 .start = b43_op_start, 4204 .stop = b43_op_stop, 4205 .set_retry_limit = b43_op_set_retry_limit, 4206 .set_tim = b43_op_beacon_set_tim, 4207 .beacon_update = b43_op_ibss_beacon_update, 4208 .sta_notify = b43_op_sta_notify, 4209}; 4210 4211/* Hard-reset the chip. Do not call this directly. 4212 * Use b43_controller_restart() 4213 */ 4214static void b43_chip_reset(struct work_struct *work) 4215{ 4216 struct b43_wldev *dev = 4217 container_of(work, struct b43_wldev, restart_work); 4218 struct b43_wl *wl = dev->wl; 4219 int err = 0; 4220 int prev_status; 4221 4222 mutex_lock(&wl->mutex); 4223 4224 prev_status = b43_status(dev); 4225 /* Bring the device down... */ 4226 if (prev_status >= B43_STAT_STARTED) 4227 b43_wireless_core_stop(dev); 4228 if (prev_status >= B43_STAT_INITIALIZED) 4229 b43_wireless_core_exit(dev); 4230 4231 /* ...and up again. */ 4232 if (prev_status >= B43_STAT_INITIALIZED) { 4233 err = b43_wireless_core_init(dev); 4234 if (err) 4235 goto out; 4236 } 4237 if (prev_status >= B43_STAT_STARTED) { 4238 err = b43_wireless_core_start(dev); 4239 if (err) { 4240 b43_wireless_core_exit(dev); 4241 goto out; 4242 } 4243 } 4244 out: 4245 mutex_unlock(&wl->mutex); 4246 if (err) 4247 b43err(wl, "Controller restart FAILED\n"); 4248 else 4249 b43info(wl, "Controller restarted\n"); 4250} 4251 4252static int b43_setup_bands(struct b43_wldev *dev, 4253 bool have_2ghz_phy, bool have_5ghz_phy) 4254{ 4255 struct ieee80211_hw *hw = dev->wl->hw; 4256 4257 if (have_2ghz_phy) 4258 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4259 if (dev->phy.type == B43_PHYTYPE_N) { 4260 if (have_5ghz_phy) 4261 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4262 } else { 4263 if (have_5ghz_phy) 4264 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4265 } 4266 4267 dev->phy.supports_2ghz = have_2ghz_phy; 4268 dev->phy.supports_5ghz = have_5ghz_phy; 4269 4270 return 0; 4271} 4272 4273static void b43_wireless_core_detach(struct b43_wldev *dev) 4274{ 4275 /* We release firmware that late to not be required to re-request 4276 * is all the time when we reinit the core. */ 4277 b43_release_firmware(dev); 4278} 4279 4280static int b43_wireless_core_attach(struct b43_wldev *dev) 4281{ 4282 struct b43_wl *wl = dev->wl; 4283 struct ssb_bus *bus = dev->dev->bus; 4284 struct pci_dev *pdev = bus->host_pci; 4285 int err; 4286 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4287 u32 tmp; 4288 4289 /* Do NOT do any device initialization here. 4290 * Do it in wireless_core_init() instead. 4291 * This function is for gathering basic information about the HW, only. 4292 * Also some structs may be set up here. But most likely you want to have 4293 * that in core_init(), too. 4294 */ 4295 4296 err = ssb_bus_powerup(bus, 0); 4297 if (err) { 4298 b43err(wl, "Bus powerup failed\n"); 4299 goto out; 4300 } 4301 /* Get the PHY type. */ 4302 if (dev->dev->id.revision >= 5) { 4303 u32 tmshigh; 4304 4305 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4306 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4307 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4308 } else 4309 B43_WARN_ON(1); 4310 4311 dev->phy.gmode = have_2ghz_phy; 4312 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4313 b43_wireless_core_reset(dev, tmp); 4314 4315 err = b43_phy_versioning(dev); 4316 if (err) 4317 goto err_powerdown; 4318 /* Check if this device supports multiband. */ 4319 if (!pdev || 4320 (pdev->device != 0x4312 && 4321 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4322 /* No multiband support. */ 4323 have_2ghz_phy = 0; 4324 have_5ghz_phy = 0; 4325 switch (dev->phy.type) { 4326 case B43_PHYTYPE_A: 4327 have_5ghz_phy = 1; 4328 break; 4329 case B43_PHYTYPE_G: 4330 case B43_PHYTYPE_N: 4331 have_2ghz_phy = 1; 4332 break; 4333 default: 4334 B43_WARN_ON(1); 4335 } 4336 } 4337 if (dev->phy.type == B43_PHYTYPE_A) { 4338 /* FIXME */ 4339 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4340 err = -EOPNOTSUPP; 4341 goto err_powerdown; 4342 } 4343 if (1 /* disable A-PHY */) { 4344 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4345 if (dev->phy.type != B43_PHYTYPE_N) { 4346 have_2ghz_phy = 1; 4347 have_5ghz_phy = 0; 4348 } 4349 } 4350 4351 dev->phy.gmode = have_2ghz_phy; 4352 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4353 b43_wireless_core_reset(dev, tmp); 4354 4355 err = b43_validate_chipaccess(dev); 4356 if (err) 4357 goto err_powerdown; 4358 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4359 if (err) 4360 goto err_powerdown; 4361 4362 /* Now set some default "current_dev" */ 4363 if (!wl->current_dev) 4364 wl->current_dev = dev; 4365 INIT_WORK(&dev->restart_work, b43_chip_reset); 4366 4367 b43_radio_turn_off(dev, 1); 4368 b43_switch_analog(dev, 0); 4369 ssb_device_disable(dev->dev, 0); 4370 ssb_bus_may_powerdown(bus); 4371 4372out: 4373 return err; 4374 4375err_powerdown: 4376 ssb_bus_may_powerdown(bus); 4377 return err; 4378} 4379 4380static void b43_one_core_detach(struct ssb_device *dev) 4381{ 4382 struct b43_wldev *wldev; 4383 struct b43_wl *wl; 4384 4385 wldev = ssb_get_drvdata(dev); 4386 wl = wldev->wl; 4387 cancel_work_sync(&wldev->restart_work); 4388 b43_debugfs_remove_device(wldev); 4389 b43_wireless_core_detach(wldev); 4390 list_del(&wldev->list); 4391 wl->nr_devs--; 4392 ssb_set_drvdata(dev, NULL); 4393 kfree(wldev); 4394} 4395 4396static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4397{ 4398 struct b43_wldev *wldev; 4399 struct pci_dev *pdev; 4400 int err = -ENOMEM; 4401 4402 if (!list_empty(&wl->devlist)) { 4403 /* We are not the first core on this chip. */ 4404 pdev = dev->bus->host_pci; 4405 /* Only special chips support more than one wireless 4406 * core, although some of the other chips have more than 4407 * one wireless core as well. Check for this and 4408 * bail out early. 4409 */ 4410 if (!pdev || 4411 ((pdev->device != 0x4321) && 4412 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4413 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4414 return -ENODEV; 4415 } 4416 } 4417 4418 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4419 if (!wldev) 4420 goto out; 4421 4422 wldev->dev = dev; 4423 wldev->wl = wl; 4424 b43_set_status(wldev, B43_STAT_UNINIT); 4425 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4426 tasklet_init(&wldev->isr_tasklet, 4427 (void (*)(unsigned long))b43_interrupt_tasklet, 4428 (unsigned long)wldev); 4429 INIT_LIST_HEAD(&wldev->list); 4430 4431 err = b43_wireless_core_attach(wldev); 4432 if (err) 4433 goto err_kfree_wldev; 4434 4435 list_add(&wldev->list, &wl->devlist); 4436 wl->nr_devs++; 4437 ssb_set_drvdata(dev, wldev); 4438 b43_debugfs_add_device(wldev); 4439 4440 out: 4441 return err; 4442 4443 err_kfree_wldev: 4444 kfree(wldev); 4445 return err; 4446} 4447 4448#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4449 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4450 (pdev->device == _device) && \ 4451 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4452 (pdev->subsystem_device == _subdevice) ) 4453 4454static void b43_sprom_fixup(struct ssb_bus *bus) 4455{ 4456 struct pci_dev *pdev; 4457 4458 /* boardflags workarounds */ 4459 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4460 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4461 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4462 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4463 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4464 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4465 if (bus->bustype == SSB_BUSTYPE_PCI) { 4466 pdev = bus->host_pci; 4467 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4468 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4469 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013)) 4470 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4471 } 4472} 4473 4474static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4475{ 4476 struct ieee80211_hw *hw = wl->hw; 4477 4478 ssb_set_devtypedata(dev, NULL); 4479 ieee80211_free_hw(hw); 4480} 4481 4482static int b43_wireless_init(struct ssb_device *dev) 4483{ 4484 struct ssb_sprom *sprom = &dev->bus->sprom; 4485 struct ieee80211_hw *hw; 4486 struct b43_wl *wl; 4487 int err = -ENOMEM; 4488 4489 b43_sprom_fixup(dev->bus); 4490 4491 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4492 if (!hw) { 4493 b43err(NULL, "Could not allocate ieee80211 device\n"); 4494 goto out; 4495 } 4496 4497 /* fill hw info */ 4498 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE | 4499 IEEE80211_HW_RX_INCLUDES_FCS; 4500 hw->max_signal = 100; 4501 hw->max_rssi = -110; 4502 hw->max_noise = -110; 4503 hw->queues = b43_modparam_qos ? 4 : 1; 4504 SET_IEEE80211_DEV(hw, dev->dev); 4505 if (is_valid_ether_addr(sprom->et1mac)) 4506 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4507 else 4508 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4509 4510 /* Get and initialize struct b43_wl */ 4511 wl = hw_to_b43_wl(hw); 4512 memset(wl, 0, sizeof(*wl)); 4513 wl->hw = hw; 4514 spin_lock_init(&wl->irq_lock); 4515 rwlock_init(&wl->tx_lock); 4516 spin_lock_init(&wl->leds_lock); 4517 spin_lock_init(&wl->shm_lock); 4518 mutex_init(&wl->mutex); 4519 INIT_LIST_HEAD(&wl->devlist); 4520 INIT_WORK(&wl->qos_update_work, b43_qos_update_work); 4521 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4522 4523 ssb_set_devtypedata(dev, wl); 4524 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id); 4525 err = 0; 4526 out: 4527 return err; 4528} 4529 4530static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4531{ 4532 struct b43_wl *wl; 4533 int err; 4534 int first = 0; 4535 4536 wl = ssb_get_devtypedata(dev); 4537 if (!wl) { 4538 /* Probing the first core. Must setup common struct b43_wl */ 4539 first = 1; 4540 err = b43_wireless_init(dev); 4541 if (err) 4542 goto out; 4543 wl = ssb_get_devtypedata(dev); 4544 B43_WARN_ON(!wl); 4545 } 4546 err = b43_one_core_attach(dev, wl); 4547 if (err) 4548 goto err_wireless_exit; 4549 4550 if (first) { 4551 err = ieee80211_register_hw(wl->hw); 4552 if (err) 4553 goto err_one_core_detach; 4554 } 4555 4556 out: 4557 return err; 4558 4559 err_one_core_detach: 4560 b43_one_core_detach(dev); 4561 err_wireless_exit: 4562 if (first) 4563 b43_wireless_exit(dev, wl); 4564 return err; 4565} 4566 4567static void b43_remove(struct ssb_device *dev) 4568{ 4569 struct b43_wl *wl = ssb_get_devtypedata(dev); 4570 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4571 4572 B43_WARN_ON(!wl); 4573 if (wl->current_dev == wldev) 4574 ieee80211_unregister_hw(wl->hw); 4575 4576 b43_one_core_detach(dev); 4577 4578 if (list_empty(&wl->devlist)) { 4579 /* Last core on the chip unregistered. 4580 * We can destroy common struct b43_wl. 4581 */ 4582 b43_wireless_exit(dev, wl); 4583 } 4584} 4585 4586/* Perform a hardware reset. This can be called from any context. */ 4587void b43_controller_restart(struct b43_wldev *dev, const char *reason) 4588{ 4589 /* Must avoid requeueing, if we are in shutdown. */ 4590 if (b43_status(dev) < B43_STAT_INITIALIZED) 4591 return; 4592 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 4593 queue_work(dev->wl->hw->workqueue, &dev->restart_work); 4594} 4595 4596#ifdef CONFIG_PM 4597 4598static int b43_suspend(struct ssb_device *dev, pm_message_t state) 4599{ 4600 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4601 struct b43_wl *wl = wldev->wl; 4602 4603 b43dbg(wl, "Suspending...\n"); 4604 4605 mutex_lock(&wl->mutex); 4606 wldev->suspend_in_progress = true; 4607 wldev->suspend_init_status = b43_status(wldev); 4608 if (wldev->suspend_init_status >= B43_STAT_STARTED) 4609 b43_wireless_core_stop(wldev); 4610 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) 4611 b43_wireless_core_exit(wldev); 4612 mutex_unlock(&wl->mutex); 4613 4614 b43dbg(wl, "Device suspended.\n"); 4615 4616 return 0; 4617} 4618 4619static int b43_resume(struct ssb_device *dev) 4620{ 4621 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4622 struct b43_wl *wl = wldev->wl; 4623 int err = 0; 4624 4625 b43dbg(wl, "Resuming...\n"); 4626 4627 mutex_lock(&wl->mutex); 4628 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) { 4629 err = b43_wireless_core_init(wldev); 4630 if (err) { 4631 b43err(wl, "Resume failed at core init\n"); 4632 goto out; 4633 } 4634 } 4635 if (wldev->suspend_init_status >= B43_STAT_STARTED) { 4636 err = b43_wireless_core_start(wldev); 4637 if (err) { 4638 b43_leds_exit(wldev); 4639 b43_rng_exit(wldev->wl); 4640 b43_wireless_core_exit(wldev); 4641 b43err(wl, "Resume failed at core start\n"); 4642 goto out; 4643 } 4644 } 4645 b43dbg(wl, "Device resumed.\n"); 4646 out: 4647 wldev->suspend_in_progress = false; 4648 mutex_unlock(&wl->mutex); 4649 return err; 4650} 4651 4652#else /* CONFIG_PM */ 4653# define b43_suspend NULL 4654# define b43_resume NULL 4655#endif /* CONFIG_PM */ 4656 4657static struct ssb_driver b43_ssb_driver = { 4658 .name = KBUILD_MODNAME, 4659 .id_table = b43_ssb_tbl, 4660 .probe = b43_probe, 4661 .remove = b43_remove, 4662 .suspend = b43_suspend, 4663 .resume = b43_resume, 4664}; 4665 4666static void b43_print_driverinfo(void) 4667{ 4668 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 4669 *feat_leds = "", *feat_rfkill = ""; 4670 4671#ifdef CONFIG_B43_PCI_AUTOSELECT 4672 feat_pci = "P"; 4673#endif 4674#ifdef CONFIG_B43_PCMCIA 4675 feat_pcmcia = "M"; 4676#endif 4677#ifdef CONFIG_B43_NPHY 4678 feat_nphy = "N"; 4679#endif 4680#ifdef CONFIG_B43_LEDS 4681 feat_leds = "L"; 4682#endif 4683#ifdef CONFIG_B43_RFKILL 4684 feat_rfkill = "R"; 4685#endif 4686 printk(KERN_INFO "Broadcom 43xx driver loaded " 4687 "[ Features: %s%s%s%s%s, Firmware-ID: " 4688 B43_SUPPORTED_FIRMWARE_ID " ]\n", 4689 feat_pci, feat_pcmcia, feat_nphy, 4690 feat_leds, feat_rfkill); 4691} 4692 4693static int __init b43_init(void) 4694{ 4695 int err; 4696 4697 b43_debugfs_init(); 4698 err = b43_pcmcia_init(); 4699 if (err) 4700 goto err_dfs_exit; 4701 err = ssb_driver_register(&b43_ssb_driver); 4702 if (err) 4703 goto err_pcmcia_exit; 4704 b43_print_driverinfo(); 4705 4706 return err; 4707 4708err_pcmcia_exit: 4709 b43_pcmcia_exit(); 4710err_dfs_exit: 4711 b43_debugfs_exit(); 4712 return err; 4713} 4714 4715static void __exit b43_exit(void) 4716{ 4717 ssb_driver_unregister(&b43_ssb_driver); 4718 b43_pcmcia_exit(); 4719 b43_debugfs_exit(); 4720} 4721 4722module_init(b43_init) 4723module_exit(b43_exit) 4724