main.c revision 3a999e6eb5d277cd6a321dcda3fc43c3d9e4e4b8
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <asm/unaligned.h> 46 47#include "b43.h" 48#include "main.h" 49#include "debugfs.h" 50#include "phy_common.h" 51#include "phy_g.h" 52#include "phy_n.h" 53#include "dma.h" 54#include "pio.h" 55#include "sysfs.h" 56#include "xmit.h" 57#include "lo.h" 58#include "pcmcia.h" 59#include "sdio.h" 60#include <linux/mmc/sdio_func.h> 61 62MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 63MODULE_AUTHOR("Martin Langer"); 64MODULE_AUTHOR("Stefano Brivio"); 65MODULE_AUTHOR("Michael Buesch"); 66MODULE_AUTHOR("Gábor Stefanik"); 67MODULE_LICENSE("GPL"); 68 69MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 70 71 72static int modparam_bad_frames_preempt; 73module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 74MODULE_PARM_DESC(bad_frames_preempt, 75 "enable(1) / disable(0) Bad Frames Preemption"); 76 77static char modparam_fwpostfix[16]; 78module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 79MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 80 81static int modparam_hwpctl; 82module_param_named(hwpctl, modparam_hwpctl, int, 0444); 83MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 84 85static int modparam_nohwcrypt; 86module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 87MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 88 89static int modparam_hwtkip; 90module_param_named(hwtkip, modparam_hwtkip, int, 0444); 91MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 92 93static int modparam_qos = 1; 94module_param_named(qos, modparam_qos, int, 0444); 95MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 96 97static int modparam_btcoex = 1; 98module_param_named(btcoex, modparam_btcoex, int, 0444); 99MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 100 101int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 102module_param_named(verbose, b43_modparam_verbose, int, 0644); 103MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 104 105static int modparam_pio; 106module_param_named(pio, modparam_pio, int, 0444); 107MODULE_PARM_DESC(pio, "enable(1) / disable(0) PIO mode"); 108 109static const struct ssb_device_id b43_ssb_tbl[] = { 110 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 111 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 112 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 113 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 114 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 115 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 116 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 119 SSB_DEVTABLE_END 120}; 121 122MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 123 124/* Channel and ratetables are shared for all devices. 125 * They can't be const, because ieee80211 puts some precalculated 126 * data in there. This data is the same for all devices, so we don't 127 * get concurrency issues */ 128#define RATETAB_ENT(_rateid, _flags) \ 129 { \ 130 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 131 .hw_value = (_rateid), \ 132 .flags = (_flags), \ 133 } 134 135/* 136 * NOTE: When changing this, sync with xmit.c's 137 * b43_plcp_get_bitrate_idx_* functions! 138 */ 139static struct ieee80211_rate __b43_ratetable[] = { 140 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 141 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 142 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 143 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 144 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 145 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 146 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 147 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 148 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 149 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 150 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 151 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 152}; 153 154#define b43_a_ratetable (__b43_ratetable + 4) 155#define b43_a_ratetable_size 8 156#define b43_b_ratetable (__b43_ratetable + 0) 157#define b43_b_ratetable_size 4 158#define b43_g_ratetable (__b43_ratetable + 0) 159#define b43_g_ratetable_size 12 160 161#define CHAN4G(_channel, _freq, _flags) { \ 162 .band = IEEE80211_BAND_2GHZ, \ 163 .center_freq = (_freq), \ 164 .hw_value = (_channel), \ 165 .flags = (_flags), \ 166 .max_antenna_gain = 0, \ 167 .max_power = 30, \ 168} 169static struct ieee80211_channel b43_2ghz_chantable[] = { 170 CHAN4G(1, 2412, 0), 171 CHAN4G(2, 2417, 0), 172 CHAN4G(3, 2422, 0), 173 CHAN4G(4, 2427, 0), 174 CHAN4G(5, 2432, 0), 175 CHAN4G(6, 2437, 0), 176 CHAN4G(7, 2442, 0), 177 CHAN4G(8, 2447, 0), 178 CHAN4G(9, 2452, 0), 179 CHAN4G(10, 2457, 0), 180 CHAN4G(11, 2462, 0), 181 CHAN4G(12, 2467, 0), 182 CHAN4G(13, 2472, 0), 183 CHAN4G(14, 2484, 0), 184}; 185#undef CHAN4G 186 187#define CHAN5G(_channel, _flags) { \ 188 .band = IEEE80211_BAND_5GHZ, \ 189 .center_freq = 5000 + (5 * (_channel)), \ 190 .hw_value = (_channel), \ 191 .flags = (_flags), \ 192 .max_antenna_gain = 0, \ 193 .max_power = 30, \ 194} 195static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 196 CHAN5G(32, 0), CHAN5G(34, 0), 197 CHAN5G(36, 0), CHAN5G(38, 0), 198 CHAN5G(40, 0), CHAN5G(42, 0), 199 CHAN5G(44, 0), CHAN5G(46, 0), 200 CHAN5G(48, 0), CHAN5G(50, 0), 201 CHAN5G(52, 0), CHAN5G(54, 0), 202 CHAN5G(56, 0), CHAN5G(58, 0), 203 CHAN5G(60, 0), CHAN5G(62, 0), 204 CHAN5G(64, 0), CHAN5G(66, 0), 205 CHAN5G(68, 0), CHAN5G(70, 0), 206 CHAN5G(72, 0), CHAN5G(74, 0), 207 CHAN5G(76, 0), CHAN5G(78, 0), 208 CHAN5G(80, 0), CHAN5G(82, 0), 209 CHAN5G(84, 0), CHAN5G(86, 0), 210 CHAN5G(88, 0), CHAN5G(90, 0), 211 CHAN5G(92, 0), CHAN5G(94, 0), 212 CHAN5G(96, 0), CHAN5G(98, 0), 213 CHAN5G(100, 0), CHAN5G(102, 0), 214 CHAN5G(104, 0), CHAN5G(106, 0), 215 CHAN5G(108, 0), CHAN5G(110, 0), 216 CHAN5G(112, 0), CHAN5G(114, 0), 217 CHAN5G(116, 0), CHAN5G(118, 0), 218 CHAN5G(120, 0), CHAN5G(122, 0), 219 CHAN5G(124, 0), CHAN5G(126, 0), 220 CHAN5G(128, 0), CHAN5G(130, 0), 221 CHAN5G(132, 0), CHAN5G(134, 0), 222 CHAN5G(136, 0), CHAN5G(138, 0), 223 CHAN5G(140, 0), CHAN5G(142, 0), 224 CHAN5G(144, 0), CHAN5G(145, 0), 225 CHAN5G(146, 0), CHAN5G(147, 0), 226 CHAN5G(148, 0), CHAN5G(149, 0), 227 CHAN5G(150, 0), CHAN5G(151, 0), 228 CHAN5G(152, 0), CHAN5G(153, 0), 229 CHAN5G(154, 0), CHAN5G(155, 0), 230 CHAN5G(156, 0), CHAN5G(157, 0), 231 CHAN5G(158, 0), CHAN5G(159, 0), 232 CHAN5G(160, 0), CHAN5G(161, 0), 233 CHAN5G(162, 0), CHAN5G(163, 0), 234 CHAN5G(164, 0), CHAN5G(165, 0), 235 CHAN5G(166, 0), CHAN5G(168, 0), 236 CHAN5G(170, 0), CHAN5G(172, 0), 237 CHAN5G(174, 0), CHAN5G(176, 0), 238 CHAN5G(178, 0), CHAN5G(180, 0), 239 CHAN5G(182, 0), CHAN5G(184, 0), 240 CHAN5G(186, 0), CHAN5G(188, 0), 241 CHAN5G(190, 0), CHAN5G(192, 0), 242 CHAN5G(194, 0), CHAN5G(196, 0), 243 CHAN5G(198, 0), CHAN5G(200, 0), 244 CHAN5G(202, 0), CHAN5G(204, 0), 245 CHAN5G(206, 0), CHAN5G(208, 0), 246 CHAN5G(210, 0), CHAN5G(212, 0), 247 CHAN5G(214, 0), CHAN5G(216, 0), 248 CHAN5G(218, 0), CHAN5G(220, 0), 249 CHAN5G(222, 0), CHAN5G(224, 0), 250 CHAN5G(226, 0), CHAN5G(228, 0), 251}; 252 253static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 254 CHAN5G(34, 0), CHAN5G(36, 0), 255 CHAN5G(38, 0), CHAN5G(40, 0), 256 CHAN5G(42, 0), CHAN5G(44, 0), 257 CHAN5G(46, 0), CHAN5G(48, 0), 258 CHAN5G(52, 0), CHAN5G(56, 0), 259 CHAN5G(60, 0), CHAN5G(64, 0), 260 CHAN5G(100, 0), CHAN5G(104, 0), 261 CHAN5G(108, 0), CHAN5G(112, 0), 262 CHAN5G(116, 0), CHAN5G(120, 0), 263 CHAN5G(124, 0), CHAN5G(128, 0), 264 CHAN5G(132, 0), CHAN5G(136, 0), 265 CHAN5G(140, 0), CHAN5G(149, 0), 266 CHAN5G(153, 0), CHAN5G(157, 0), 267 CHAN5G(161, 0), CHAN5G(165, 0), 268 CHAN5G(184, 0), CHAN5G(188, 0), 269 CHAN5G(192, 0), CHAN5G(196, 0), 270 CHAN5G(200, 0), CHAN5G(204, 0), 271 CHAN5G(208, 0), CHAN5G(212, 0), 272 CHAN5G(216, 0), 273}; 274#undef CHAN5G 275 276static struct ieee80211_supported_band b43_band_5GHz_nphy = { 277 .band = IEEE80211_BAND_5GHZ, 278 .channels = b43_5ghz_nphy_chantable, 279 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 280 .bitrates = b43_a_ratetable, 281 .n_bitrates = b43_a_ratetable_size, 282}; 283 284static struct ieee80211_supported_band b43_band_5GHz_aphy = { 285 .band = IEEE80211_BAND_5GHZ, 286 .channels = b43_5ghz_aphy_chantable, 287 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 288 .bitrates = b43_a_ratetable, 289 .n_bitrates = b43_a_ratetable_size, 290}; 291 292static struct ieee80211_supported_band b43_band_2GHz = { 293 .band = IEEE80211_BAND_2GHZ, 294 .channels = b43_2ghz_chantable, 295 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 296 .bitrates = b43_g_ratetable, 297 .n_bitrates = b43_g_ratetable_size, 298}; 299 300static void b43_wireless_core_exit(struct b43_wldev *dev); 301static int b43_wireless_core_init(struct b43_wldev *dev); 302static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 303static int b43_wireless_core_start(struct b43_wldev *dev); 304 305static int b43_ratelimit(struct b43_wl *wl) 306{ 307 if (!wl || !wl->current_dev) 308 return 1; 309 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 310 return 1; 311 /* We are up and running. 312 * Ratelimit the messages to avoid DoS over the net. */ 313 return net_ratelimit(); 314} 315 316void b43info(struct b43_wl *wl, const char *fmt, ...) 317{ 318 va_list args; 319 320 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 321 return; 322 if (!b43_ratelimit(wl)) 323 return; 324 va_start(args, fmt); 325 printk(KERN_INFO "b43-%s: ", 326 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 327 vprintk(fmt, args); 328 va_end(args); 329} 330 331void b43err(struct b43_wl *wl, const char *fmt, ...) 332{ 333 va_list args; 334 335 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 336 return; 337 if (!b43_ratelimit(wl)) 338 return; 339 va_start(args, fmt); 340 printk(KERN_ERR "b43-%s ERROR: ", 341 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 342 vprintk(fmt, args); 343 va_end(args); 344} 345 346void b43warn(struct b43_wl *wl, const char *fmt, ...) 347{ 348 va_list args; 349 350 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 351 return; 352 if (!b43_ratelimit(wl)) 353 return; 354 va_start(args, fmt); 355 printk(KERN_WARNING "b43-%s warning: ", 356 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 357 vprintk(fmt, args); 358 va_end(args); 359} 360 361void b43dbg(struct b43_wl *wl, const char *fmt, ...) 362{ 363 va_list args; 364 365 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 366 return; 367 va_start(args, fmt); 368 printk(KERN_DEBUG "b43-%s debug: ", 369 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 370 vprintk(fmt, args); 371 va_end(args); 372} 373 374static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 375{ 376 u32 macctl; 377 378 B43_WARN_ON(offset % 4 != 0); 379 380 macctl = b43_read32(dev, B43_MMIO_MACCTL); 381 if (macctl & B43_MACCTL_BE) 382 val = swab32(val); 383 384 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 385 mmiowb(); 386 b43_write32(dev, B43_MMIO_RAM_DATA, val); 387} 388 389static inline void b43_shm_control_word(struct b43_wldev *dev, 390 u16 routing, u16 offset) 391{ 392 u32 control; 393 394 /* "offset" is the WORD offset. */ 395 control = routing; 396 control <<= 16; 397 control |= offset; 398 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 399} 400 401u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 402{ 403 u32 ret; 404 405 if (routing == B43_SHM_SHARED) { 406 B43_WARN_ON(offset & 0x0001); 407 if (offset & 0x0003) { 408 /* Unaligned access */ 409 b43_shm_control_word(dev, routing, offset >> 2); 410 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 411 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 412 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 413 414 goto out; 415 } 416 offset >>= 2; 417 } 418 b43_shm_control_word(dev, routing, offset); 419 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 420out: 421 return ret; 422} 423 424u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 425{ 426 u16 ret; 427 428 if (routing == B43_SHM_SHARED) { 429 B43_WARN_ON(offset & 0x0001); 430 if (offset & 0x0003) { 431 /* Unaligned access */ 432 b43_shm_control_word(dev, routing, offset >> 2); 433 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 434 435 goto out; 436 } 437 offset >>= 2; 438 } 439 b43_shm_control_word(dev, routing, offset); 440 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 441out: 442 return ret; 443} 444 445void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 446{ 447 if (routing == B43_SHM_SHARED) { 448 B43_WARN_ON(offset & 0x0001); 449 if (offset & 0x0003) { 450 /* Unaligned access */ 451 b43_shm_control_word(dev, routing, offset >> 2); 452 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 453 value & 0xFFFF); 454 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 455 b43_write16(dev, B43_MMIO_SHM_DATA, 456 (value >> 16) & 0xFFFF); 457 return; 458 } 459 offset >>= 2; 460 } 461 b43_shm_control_word(dev, routing, offset); 462 b43_write32(dev, B43_MMIO_SHM_DATA, value); 463} 464 465void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 466{ 467 if (routing == B43_SHM_SHARED) { 468 B43_WARN_ON(offset & 0x0001); 469 if (offset & 0x0003) { 470 /* Unaligned access */ 471 b43_shm_control_word(dev, routing, offset >> 2); 472 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 473 return; 474 } 475 offset >>= 2; 476 } 477 b43_shm_control_word(dev, routing, offset); 478 b43_write16(dev, B43_MMIO_SHM_DATA, value); 479} 480 481/* Read HostFlags */ 482u64 b43_hf_read(struct b43_wldev *dev) 483{ 484 u64 ret; 485 486 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 487 ret <<= 16; 488 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 489 ret <<= 16; 490 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 491 492 return ret; 493} 494 495/* Write HostFlags */ 496void b43_hf_write(struct b43_wldev *dev, u64 value) 497{ 498 u16 lo, mi, hi; 499 500 lo = (value & 0x00000000FFFFULL); 501 mi = (value & 0x0000FFFF0000ULL) >> 16; 502 hi = (value & 0xFFFF00000000ULL) >> 32; 503 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 504 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 505 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 506} 507 508/* Read the firmware capabilities bitmask (Opensource firmware only) */ 509static u16 b43_fwcapa_read(struct b43_wldev *dev) 510{ 511 B43_WARN_ON(!dev->fw.opensource); 512 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 513} 514 515void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 516{ 517 u32 low, high; 518 519 B43_WARN_ON(dev->dev->id.revision < 3); 520 521 /* The hardware guarantees us an atomic read, if we 522 * read the low register first. */ 523 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 524 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 525 526 *tsf = high; 527 *tsf <<= 32; 528 *tsf |= low; 529} 530 531static void b43_time_lock(struct b43_wldev *dev) 532{ 533 u32 macctl; 534 535 macctl = b43_read32(dev, B43_MMIO_MACCTL); 536 macctl |= B43_MACCTL_TBTTHOLD; 537 b43_write32(dev, B43_MMIO_MACCTL, macctl); 538 /* Commit the write */ 539 b43_read32(dev, B43_MMIO_MACCTL); 540} 541 542static void b43_time_unlock(struct b43_wldev *dev) 543{ 544 u32 macctl; 545 546 macctl = b43_read32(dev, B43_MMIO_MACCTL); 547 macctl &= ~B43_MACCTL_TBTTHOLD; 548 b43_write32(dev, B43_MMIO_MACCTL, macctl); 549 /* Commit the write */ 550 b43_read32(dev, B43_MMIO_MACCTL); 551} 552 553static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 554{ 555 u32 low, high; 556 557 B43_WARN_ON(dev->dev->id.revision < 3); 558 559 low = tsf; 560 high = (tsf >> 32); 561 /* The hardware guarantees us an atomic write, if we 562 * write the low register first. */ 563 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 564 mmiowb(); 565 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 566 mmiowb(); 567} 568 569void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 570{ 571 b43_time_lock(dev); 572 b43_tsf_write_locked(dev, tsf); 573 b43_time_unlock(dev); 574} 575 576static 577void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 578{ 579 static const u8 zero_addr[ETH_ALEN] = { 0 }; 580 u16 data; 581 582 if (!mac) 583 mac = zero_addr; 584 585 offset |= 0x0020; 586 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 587 588 data = mac[0]; 589 data |= mac[1] << 8; 590 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 591 data = mac[2]; 592 data |= mac[3] << 8; 593 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 594 data = mac[4]; 595 data |= mac[5] << 8; 596 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 597} 598 599static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 600{ 601 const u8 *mac; 602 const u8 *bssid; 603 u8 mac_bssid[ETH_ALEN * 2]; 604 int i; 605 u32 tmp; 606 607 bssid = dev->wl->bssid; 608 mac = dev->wl->mac_addr; 609 610 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 611 612 memcpy(mac_bssid, mac, ETH_ALEN); 613 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 614 615 /* Write our MAC address and BSSID to template ram */ 616 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 617 tmp = (u32) (mac_bssid[i + 0]); 618 tmp |= (u32) (mac_bssid[i + 1]) << 8; 619 tmp |= (u32) (mac_bssid[i + 2]) << 16; 620 tmp |= (u32) (mac_bssid[i + 3]) << 24; 621 b43_ram_write(dev, 0x20 + i, tmp); 622 } 623} 624 625static void b43_upload_card_macaddress(struct b43_wldev *dev) 626{ 627 b43_write_mac_bssid_templates(dev); 628 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 629} 630 631static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 632{ 633 /* slot_time is in usec. */ 634 if (dev->phy.type != B43_PHYTYPE_G) 635 return; 636 b43_write16(dev, 0x684, 510 + slot_time); 637 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 638} 639 640static void b43_short_slot_timing_enable(struct b43_wldev *dev) 641{ 642 b43_set_slot_time(dev, 9); 643} 644 645static void b43_short_slot_timing_disable(struct b43_wldev *dev) 646{ 647 b43_set_slot_time(dev, 20); 648} 649 650/* DummyTransmission function, as documented on 651 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 652 */ 653void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 654{ 655 struct b43_phy *phy = &dev->phy; 656 unsigned int i, max_loop; 657 u16 value; 658 u32 buffer[5] = { 659 0x00000000, 660 0x00D40000, 661 0x00000000, 662 0x01000000, 663 0x00000000, 664 }; 665 666 if (ofdm) { 667 max_loop = 0x1E; 668 buffer[0] = 0x000201CC; 669 } else { 670 max_loop = 0xFA; 671 buffer[0] = 0x000B846E; 672 } 673 674 for (i = 0; i < 5; i++) 675 b43_ram_write(dev, i * 4, buffer[i]); 676 677 b43_write16(dev, 0x0568, 0x0000); 678 if (dev->dev->id.revision < 11) 679 b43_write16(dev, 0x07C0, 0x0000); 680 else 681 b43_write16(dev, 0x07C0, 0x0100); 682 value = (ofdm ? 0x41 : 0x40); 683 b43_write16(dev, 0x050C, value); 684 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 685 b43_write16(dev, 0x0514, 0x1A02); 686 b43_write16(dev, 0x0508, 0x0000); 687 b43_write16(dev, 0x050A, 0x0000); 688 b43_write16(dev, 0x054C, 0x0000); 689 b43_write16(dev, 0x056A, 0x0014); 690 b43_write16(dev, 0x0568, 0x0826); 691 b43_write16(dev, 0x0500, 0x0000); 692 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 693 //SPEC TODO 694 } 695 696 switch (phy->type) { 697 case B43_PHYTYPE_N: 698 b43_write16(dev, 0x0502, 0x00D0); 699 break; 700 case B43_PHYTYPE_LP: 701 b43_write16(dev, 0x0502, 0x0050); 702 break; 703 default: 704 b43_write16(dev, 0x0502, 0x0030); 705 } 706 707 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 708 b43_radio_write16(dev, 0x0051, 0x0017); 709 for (i = 0x00; i < max_loop; i++) { 710 value = b43_read16(dev, 0x050E); 711 if (value & 0x0080) 712 break; 713 udelay(10); 714 } 715 for (i = 0x00; i < 0x0A; i++) { 716 value = b43_read16(dev, 0x050E); 717 if (value & 0x0400) 718 break; 719 udelay(10); 720 } 721 for (i = 0x00; i < 0x19; i++) { 722 value = b43_read16(dev, 0x0690); 723 if (!(value & 0x0100)) 724 break; 725 udelay(10); 726 } 727 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 728 b43_radio_write16(dev, 0x0051, 0x0037); 729} 730 731static void key_write(struct b43_wldev *dev, 732 u8 index, u8 algorithm, const u8 *key) 733{ 734 unsigned int i; 735 u32 offset; 736 u16 value; 737 u16 kidx; 738 739 /* Key index/algo block */ 740 kidx = b43_kidx_to_fw(dev, index); 741 value = ((kidx << 4) | algorithm); 742 b43_shm_write16(dev, B43_SHM_SHARED, 743 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 744 745 /* Write the key to the Key Table Pointer offset */ 746 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 747 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 748 value = key[i]; 749 value |= (u16) (key[i + 1]) << 8; 750 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 751 } 752} 753 754static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 755{ 756 u32 addrtmp[2] = { 0, 0, }; 757 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 758 759 if (b43_new_kidx_api(dev)) 760 pairwise_keys_start = B43_NR_GROUP_KEYS; 761 762 B43_WARN_ON(index < pairwise_keys_start); 763 /* We have four default TX keys and possibly four default RX keys. 764 * Physical mac 0 is mapped to physical key 4 or 8, depending 765 * on the firmware version. 766 * So we must adjust the index here. 767 */ 768 index -= pairwise_keys_start; 769 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 770 771 if (addr) { 772 addrtmp[0] = addr[0]; 773 addrtmp[0] |= ((u32) (addr[1]) << 8); 774 addrtmp[0] |= ((u32) (addr[2]) << 16); 775 addrtmp[0] |= ((u32) (addr[3]) << 24); 776 addrtmp[1] = addr[4]; 777 addrtmp[1] |= ((u32) (addr[5]) << 8); 778 } 779 780 /* Receive match transmitter address (RCMTA) mechanism */ 781 b43_shm_write32(dev, B43_SHM_RCMTA, 782 (index * 2) + 0, addrtmp[0]); 783 b43_shm_write16(dev, B43_SHM_RCMTA, 784 (index * 2) + 1, addrtmp[1]); 785} 786 787/* The ucode will use phase1 key with TEK key to decrypt rx packets. 788 * When a packet is received, the iv32 is checked. 789 * - if it doesn't the packet is returned without modification (and software 790 * decryption can be done). That's what happen when iv16 wrap. 791 * - if it does, the rc4 key is computed, and decryption is tried. 792 * Either it will success and B43_RX_MAC_DEC is returned, 793 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 794 * and the packet is not usable (it got modified by the ucode). 795 * So in order to never have B43_RX_MAC_DECERR, we should provide 796 * a iv32 and phase1key that match. Because we drop packets in case of 797 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 798 * packets will be lost without higher layer knowing (ie no resync possible 799 * until next wrap). 800 * 801 * NOTE : this should support 50 key like RCMTA because 802 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 803 */ 804static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 805 u16 *phase1key) 806{ 807 unsigned int i; 808 u32 offset; 809 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 810 811 if (!modparam_hwtkip) 812 return; 813 814 if (b43_new_kidx_api(dev)) 815 pairwise_keys_start = B43_NR_GROUP_KEYS; 816 817 B43_WARN_ON(index < pairwise_keys_start); 818 /* We have four default TX keys and possibly four default RX keys. 819 * Physical mac 0 is mapped to physical key 4 or 8, depending 820 * on the firmware version. 821 * So we must adjust the index here. 822 */ 823 index -= pairwise_keys_start; 824 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 825 826 if (b43_debug(dev, B43_DBG_KEYS)) { 827 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 828 index, iv32); 829 } 830 /* Write the key to the RX tkip shared mem */ 831 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 832 for (i = 0; i < 10; i += 2) { 833 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 834 phase1key ? phase1key[i / 2] : 0); 835 } 836 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 837 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 838} 839 840static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 841 struct ieee80211_key_conf *keyconf, const u8 *addr, 842 u32 iv32, u16 *phase1key) 843{ 844 struct b43_wl *wl = hw_to_b43_wl(hw); 845 struct b43_wldev *dev; 846 int index = keyconf->hw_key_idx; 847 848 if (B43_WARN_ON(!modparam_hwtkip)) 849 return; 850 851 mutex_lock(&wl->mutex); 852 853 dev = wl->current_dev; 854 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 855 goto out_unlock; 856 857 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 858 859 rx_tkip_phase1_write(dev, index, iv32, phase1key); 860 keymac_write(dev, index, addr); 861 862out_unlock: 863 mutex_unlock(&wl->mutex); 864} 865 866static void do_key_write(struct b43_wldev *dev, 867 u8 index, u8 algorithm, 868 const u8 *key, size_t key_len, const u8 *mac_addr) 869{ 870 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 871 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 872 873 if (b43_new_kidx_api(dev)) 874 pairwise_keys_start = B43_NR_GROUP_KEYS; 875 876 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 877 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 878 879 if (index >= pairwise_keys_start) 880 keymac_write(dev, index, NULL); /* First zero out mac. */ 881 if (algorithm == B43_SEC_ALGO_TKIP) { 882 /* 883 * We should provide an initial iv32, phase1key pair. 884 * We could start with iv32=0 and compute the corresponding 885 * phase1key, but this means calling ieee80211_get_tkip_key 886 * with a fake skb (or export other tkip function). 887 * Because we are lazy we hope iv32 won't start with 888 * 0xffffffff and let's b43_op_update_tkip_key provide a 889 * correct pair. 890 */ 891 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 892 } else if (index >= pairwise_keys_start) /* clear it */ 893 rx_tkip_phase1_write(dev, index, 0, NULL); 894 if (key) 895 memcpy(buf, key, key_len); 896 key_write(dev, index, algorithm, buf); 897 if (index >= pairwise_keys_start) 898 keymac_write(dev, index, mac_addr); 899 900 dev->key[index].algorithm = algorithm; 901} 902 903static int b43_key_write(struct b43_wldev *dev, 904 int index, u8 algorithm, 905 const u8 *key, size_t key_len, 906 const u8 *mac_addr, 907 struct ieee80211_key_conf *keyconf) 908{ 909 int i; 910 int pairwise_keys_start; 911 912 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 913 * - Temporal Encryption Key (128 bits) 914 * - Temporal Authenticator Tx MIC Key (64 bits) 915 * - Temporal Authenticator Rx MIC Key (64 bits) 916 * 917 * Hardware only store TEK 918 */ 919 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 920 key_len = 16; 921 if (key_len > B43_SEC_KEYSIZE) 922 return -EINVAL; 923 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 924 /* Check that we don't already have this key. */ 925 B43_WARN_ON(dev->key[i].keyconf == keyconf); 926 } 927 if (index < 0) { 928 /* Pairwise key. Get an empty slot for the key. */ 929 if (b43_new_kidx_api(dev)) 930 pairwise_keys_start = B43_NR_GROUP_KEYS; 931 else 932 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 933 for (i = pairwise_keys_start; 934 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 935 i++) { 936 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 937 if (!dev->key[i].keyconf) { 938 /* found empty */ 939 index = i; 940 break; 941 } 942 } 943 if (index < 0) { 944 b43warn(dev->wl, "Out of hardware key memory\n"); 945 return -ENOSPC; 946 } 947 } else 948 B43_WARN_ON(index > 3); 949 950 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 951 if ((index <= 3) && !b43_new_kidx_api(dev)) { 952 /* Default RX key */ 953 B43_WARN_ON(mac_addr); 954 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 955 } 956 keyconf->hw_key_idx = index; 957 dev->key[index].keyconf = keyconf; 958 959 return 0; 960} 961 962static int b43_key_clear(struct b43_wldev *dev, int index) 963{ 964 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 965 return -EINVAL; 966 do_key_write(dev, index, B43_SEC_ALGO_NONE, 967 NULL, B43_SEC_KEYSIZE, NULL); 968 if ((index <= 3) && !b43_new_kidx_api(dev)) { 969 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 970 NULL, B43_SEC_KEYSIZE, NULL); 971 } 972 dev->key[index].keyconf = NULL; 973 974 return 0; 975} 976 977static void b43_clear_keys(struct b43_wldev *dev) 978{ 979 int i, count; 980 981 if (b43_new_kidx_api(dev)) 982 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 983 else 984 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 985 for (i = 0; i < count; i++) 986 b43_key_clear(dev, i); 987} 988 989static void b43_dump_keymemory(struct b43_wldev *dev) 990{ 991 unsigned int i, index, count, offset, pairwise_keys_start; 992 u8 mac[ETH_ALEN]; 993 u16 algo; 994 u32 rcmta0; 995 u16 rcmta1; 996 u64 hf; 997 struct b43_key *key; 998 999 if (!b43_debug(dev, B43_DBG_KEYS)) 1000 return; 1001 1002 hf = b43_hf_read(dev); 1003 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1004 !!(hf & B43_HF_USEDEFKEYS)); 1005 if (b43_new_kidx_api(dev)) { 1006 pairwise_keys_start = B43_NR_GROUP_KEYS; 1007 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1008 } else { 1009 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1010 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1011 } 1012 for (index = 0; index < count; index++) { 1013 key = &(dev->key[index]); 1014 printk(KERN_DEBUG "Key slot %02u: %s", 1015 index, (key->keyconf == NULL) ? " " : "*"); 1016 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1017 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1018 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1019 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1020 } 1021 1022 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1023 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1024 printk(" Algo: %04X/%02X", algo, key->algorithm); 1025 1026 if (index >= pairwise_keys_start) { 1027 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1028 printk(" TKIP: "); 1029 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1030 for (i = 0; i < 14; i += 2) { 1031 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1032 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1033 } 1034 } 1035 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1036 ((index - pairwise_keys_start) * 2) + 0); 1037 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1038 ((index - pairwise_keys_start) * 2) + 1); 1039 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1040 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1041 printk(" MAC: %pM", mac); 1042 } else 1043 printk(" DEFAULT KEY"); 1044 printk("\n"); 1045 } 1046} 1047 1048void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1049{ 1050 u32 macctl; 1051 u16 ucstat; 1052 bool hwps; 1053 bool awake; 1054 int i; 1055 1056 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1057 (ps_flags & B43_PS_DISABLED)); 1058 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1059 1060 if (ps_flags & B43_PS_ENABLED) { 1061 hwps = 1; 1062 } else if (ps_flags & B43_PS_DISABLED) { 1063 hwps = 0; 1064 } else { 1065 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1066 // and thus is not an AP and we are associated, set bit 25 1067 } 1068 if (ps_flags & B43_PS_AWAKE) { 1069 awake = 1; 1070 } else if (ps_flags & B43_PS_ASLEEP) { 1071 awake = 0; 1072 } else { 1073 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1074 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1075 // successful, set bit26 1076 } 1077 1078/* FIXME: For now we force awake-on and hwps-off */ 1079 hwps = 0; 1080 awake = 1; 1081 1082 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1083 if (hwps) 1084 macctl |= B43_MACCTL_HWPS; 1085 else 1086 macctl &= ~B43_MACCTL_HWPS; 1087 if (awake) 1088 macctl |= B43_MACCTL_AWAKE; 1089 else 1090 macctl &= ~B43_MACCTL_AWAKE; 1091 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1092 /* Commit write */ 1093 b43_read32(dev, B43_MMIO_MACCTL); 1094 if (awake && dev->dev->id.revision >= 5) { 1095 /* Wait for the microcode to wake up. */ 1096 for (i = 0; i < 100; i++) { 1097 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1098 B43_SHM_SH_UCODESTAT); 1099 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1100 break; 1101 udelay(10); 1102 } 1103 } 1104} 1105 1106void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1107{ 1108 u32 tmslow; 1109 u32 macctl; 1110 1111 flags |= B43_TMSLOW_PHYCLKEN; 1112 flags |= B43_TMSLOW_PHYRESET; 1113 ssb_device_enable(dev->dev, flags); 1114 msleep(2); /* Wait for the PLL to turn on. */ 1115 1116 /* Now take the PHY out of Reset again */ 1117 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1118 tmslow |= SSB_TMSLOW_FGC; 1119 tmslow &= ~B43_TMSLOW_PHYRESET; 1120 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1121 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1122 msleep(1); 1123 tmslow &= ~SSB_TMSLOW_FGC; 1124 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1125 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1126 msleep(1); 1127 1128 /* Turn Analog ON, but only if we already know the PHY-type. 1129 * This protects against very early setup where we don't know the 1130 * PHY-type, yet. wireless_core_reset will be called once again later, 1131 * when we know the PHY-type. */ 1132 if (dev->phy.ops) 1133 dev->phy.ops->switch_analog(dev, 1); 1134 1135 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1136 macctl &= ~B43_MACCTL_GMODE; 1137 if (flags & B43_TMSLOW_GMODE) 1138 macctl |= B43_MACCTL_GMODE; 1139 macctl |= B43_MACCTL_IHR_ENABLED; 1140 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1141} 1142 1143static void handle_irq_transmit_status(struct b43_wldev *dev) 1144{ 1145 u32 v0, v1; 1146 u16 tmp; 1147 struct b43_txstatus stat; 1148 1149 while (1) { 1150 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1151 if (!(v0 & 0x00000001)) 1152 break; 1153 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1154 1155 stat.cookie = (v0 >> 16); 1156 stat.seq = (v1 & 0x0000FFFF); 1157 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1158 tmp = (v0 & 0x0000FFFF); 1159 stat.frame_count = ((tmp & 0xF000) >> 12); 1160 stat.rts_count = ((tmp & 0x0F00) >> 8); 1161 stat.supp_reason = ((tmp & 0x001C) >> 2); 1162 stat.pm_indicated = !!(tmp & 0x0080); 1163 stat.intermediate = !!(tmp & 0x0040); 1164 stat.for_ampdu = !!(tmp & 0x0020); 1165 stat.acked = !!(tmp & 0x0002); 1166 1167 b43_handle_txstatus(dev, &stat); 1168 } 1169} 1170 1171static void drain_txstatus_queue(struct b43_wldev *dev) 1172{ 1173 u32 dummy; 1174 1175 if (dev->dev->id.revision < 5) 1176 return; 1177 /* Read all entries from the microcode TXstatus FIFO 1178 * and throw them away. 1179 */ 1180 while (1) { 1181 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1182 if (!(dummy & 0x00000001)) 1183 break; 1184 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1185 } 1186} 1187 1188static u32 b43_jssi_read(struct b43_wldev *dev) 1189{ 1190 u32 val = 0; 1191 1192 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1193 val <<= 16; 1194 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1195 1196 return val; 1197} 1198 1199static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1200{ 1201 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1202 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1203} 1204 1205static void b43_generate_noise_sample(struct b43_wldev *dev) 1206{ 1207 b43_jssi_write(dev, 0x7F7F7F7F); 1208 b43_write32(dev, B43_MMIO_MACCMD, 1209 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1210} 1211 1212static void b43_calculate_link_quality(struct b43_wldev *dev) 1213{ 1214 /* Top half of Link Quality calculation. */ 1215 1216 if (dev->phy.type != B43_PHYTYPE_G) 1217 return; 1218 if (dev->noisecalc.calculation_running) 1219 return; 1220 dev->noisecalc.calculation_running = 1; 1221 dev->noisecalc.nr_samples = 0; 1222 1223 b43_generate_noise_sample(dev); 1224} 1225 1226static void handle_irq_noise(struct b43_wldev *dev) 1227{ 1228 struct b43_phy_g *phy = dev->phy.g; 1229 u16 tmp; 1230 u8 noise[4]; 1231 u8 i, j; 1232 s32 average; 1233 1234 /* Bottom half of Link Quality calculation. */ 1235 1236 if (dev->phy.type != B43_PHYTYPE_G) 1237 return; 1238 1239 /* Possible race condition: It might be possible that the user 1240 * changed to a different channel in the meantime since we 1241 * started the calculation. We ignore that fact, since it's 1242 * not really that much of a problem. The background noise is 1243 * an estimation only anyway. Slightly wrong results will get damped 1244 * by the averaging of the 8 sample rounds. Additionally the 1245 * value is shortlived. So it will be replaced by the next noise 1246 * calculation round soon. */ 1247 1248 B43_WARN_ON(!dev->noisecalc.calculation_running); 1249 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1250 if (noise[0] == 0x7F || noise[1] == 0x7F || 1251 noise[2] == 0x7F || noise[3] == 0x7F) 1252 goto generate_new; 1253 1254 /* Get the noise samples. */ 1255 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1256 i = dev->noisecalc.nr_samples; 1257 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1258 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1259 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1260 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1261 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1262 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1263 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1264 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1265 dev->noisecalc.nr_samples++; 1266 if (dev->noisecalc.nr_samples == 8) { 1267 /* Calculate the Link Quality by the noise samples. */ 1268 average = 0; 1269 for (i = 0; i < 8; i++) { 1270 for (j = 0; j < 4; j++) 1271 average += dev->noisecalc.samples[i][j]; 1272 } 1273 average /= (8 * 4); 1274 average *= 125; 1275 average += 64; 1276 average /= 128; 1277 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1278 tmp = (tmp / 128) & 0x1F; 1279 if (tmp >= 8) 1280 average += 2; 1281 else 1282 average -= 25; 1283 if (tmp == 8) 1284 average -= 72; 1285 else 1286 average -= 48; 1287 1288 dev->stats.link_noise = average; 1289 dev->noisecalc.calculation_running = 0; 1290 return; 1291 } 1292generate_new: 1293 b43_generate_noise_sample(dev); 1294} 1295 1296static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1297{ 1298 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1299 ///TODO: PS TBTT 1300 } else { 1301 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1302 b43_power_saving_ctl_bits(dev, 0); 1303 } 1304 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1305 dev->dfq_valid = 1; 1306} 1307 1308static void handle_irq_atim_end(struct b43_wldev *dev) 1309{ 1310 if (dev->dfq_valid) { 1311 b43_write32(dev, B43_MMIO_MACCMD, 1312 b43_read32(dev, B43_MMIO_MACCMD) 1313 | B43_MACCMD_DFQ_VALID); 1314 dev->dfq_valid = 0; 1315 } 1316} 1317 1318static void handle_irq_pmq(struct b43_wldev *dev) 1319{ 1320 u32 tmp; 1321 1322 //TODO: AP mode. 1323 1324 while (1) { 1325 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1326 if (!(tmp & 0x00000008)) 1327 break; 1328 } 1329 /* 16bit write is odd, but correct. */ 1330 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1331} 1332 1333static void b43_write_template_common(struct b43_wldev *dev, 1334 const u8 *data, u16 size, 1335 u16 ram_offset, 1336 u16 shm_size_offset, u8 rate) 1337{ 1338 u32 i, tmp; 1339 struct b43_plcp_hdr4 plcp; 1340 1341 plcp.data = 0; 1342 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1343 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1344 ram_offset += sizeof(u32); 1345 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1346 * So leave the first two bytes of the next write blank. 1347 */ 1348 tmp = (u32) (data[0]) << 16; 1349 tmp |= (u32) (data[1]) << 24; 1350 b43_ram_write(dev, ram_offset, tmp); 1351 ram_offset += sizeof(u32); 1352 for (i = 2; i < size; i += sizeof(u32)) { 1353 tmp = (u32) (data[i + 0]); 1354 if (i + 1 < size) 1355 tmp |= (u32) (data[i + 1]) << 8; 1356 if (i + 2 < size) 1357 tmp |= (u32) (data[i + 2]) << 16; 1358 if (i + 3 < size) 1359 tmp |= (u32) (data[i + 3]) << 24; 1360 b43_ram_write(dev, ram_offset + i - 2, tmp); 1361 } 1362 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1363 size + sizeof(struct b43_plcp_hdr6)); 1364} 1365 1366/* Check if the use of the antenna that ieee80211 told us to 1367 * use is possible. This will fall back to DEFAULT. 1368 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1369u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1370 u8 antenna_nr) 1371{ 1372 u8 antenna_mask; 1373 1374 if (antenna_nr == 0) { 1375 /* Zero means "use default antenna". That's always OK. */ 1376 return 0; 1377 } 1378 1379 /* Get the mask of available antennas. */ 1380 if (dev->phy.gmode) 1381 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1382 else 1383 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1384 1385 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1386 /* This antenna is not available. Fall back to default. */ 1387 return 0; 1388 } 1389 1390 return antenna_nr; 1391} 1392 1393/* Convert a b43 antenna number value to the PHY TX control value. */ 1394static u16 b43_antenna_to_phyctl(int antenna) 1395{ 1396 switch (antenna) { 1397 case B43_ANTENNA0: 1398 return B43_TXH_PHY_ANT0; 1399 case B43_ANTENNA1: 1400 return B43_TXH_PHY_ANT1; 1401 case B43_ANTENNA2: 1402 return B43_TXH_PHY_ANT2; 1403 case B43_ANTENNA3: 1404 return B43_TXH_PHY_ANT3; 1405 case B43_ANTENNA_AUTO0: 1406 case B43_ANTENNA_AUTO1: 1407 return B43_TXH_PHY_ANT01AUTO; 1408 } 1409 B43_WARN_ON(1); 1410 return 0; 1411} 1412 1413static void b43_write_beacon_template(struct b43_wldev *dev, 1414 u16 ram_offset, 1415 u16 shm_size_offset) 1416{ 1417 unsigned int i, len, variable_len; 1418 const struct ieee80211_mgmt *bcn; 1419 const u8 *ie; 1420 bool tim_found = 0; 1421 unsigned int rate; 1422 u16 ctl; 1423 int antenna; 1424 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1425 1426 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1427 len = min((size_t) dev->wl->current_beacon->len, 1428 0x200 - sizeof(struct b43_plcp_hdr6)); 1429 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1430 1431 b43_write_template_common(dev, (const u8 *)bcn, 1432 len, ram_offset, shm_size_offset, rate); 1433 1434 /* Write the PHY TX control parameters. */ 1435 antenna = B43_ANTENNA_DEFAULT; 1436 antenna = b43_antenna_to_phyctl(antenna); 1437 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1438 /* We can't send beacons with short preamble. Would get PHY errors. */ 1439 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1440 ctl &= ~B43_TXH_PHY_ANT; 1441 ctl &= ~B43_TXH_PHY_ENC; 1442 ctl |= antenna; 1443 if (b43_is_cck_rate(rate)) 1444 ctl |= B43_TXH_PHY_ENC_CCK; 1445 else 1446 ctl |= B43_TXH_PHY_ENC_OFDM; 1447 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1448 1449 /* Find the position of the TIM and the DTIM_period value 1450 * and write them to SHM. */ 1451 ie = bcn->u.beacon.variable; 1452 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1453 for (i = 0; i < variable_len - 2; ) { 1454 uint8_t ie_id, ie_len; 1455 1456 ie_id = ie[i]; 1457 ie_len = ie[i + 1]; 1458 if (ie_id == 5) { 1459 u16 tim_position; 1460 u16 dtim_period; 1461 /* This is the TIM Information Element */ 1462 1463 /* Check whether the ie_len is in the beacon data range. */ 1464 if (variable_len < ie_len + 2 + i) 1465 break; 1466 /* A valid TIM is at least 4 bytes long. */ 1467 if (ie_len < 4) 1468 break; 1469 tim_found = 1; 1470 1471 tim_position = sizeof(struct b43_plcp_hdr6); 1472 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1473 tim_position += i; 1474 1475 dtim_period = ie[i + 3]; 1476 1477 b43_shm_write16(dev, B43_SHM_SHARED, 1478 B43_SHM_SH_TIMBPOS, tim_position); 1479 b43_shm_write16(dev, B43_SHM_SHARED, 1480 B43_SHM_SH_DTIMPER, dtim_period); 1481 break; 1482 } 1483 i += ie_len + 2; 1484 } 1485 if (!tim_found) { 1486 /* 1487 * If ucode wants to modify TIM do it behind the beacon, this 1488 * will happen, for example, when doing mesh networking. 1489 */ 1490 b43_shm_write16(dev, B43_SHM_SHARED, 1491 B43_SHM_SH_TIMBPOS, 1492 len + sizeof(struct b43_plcp_hdr6)); 1493 b43_shm_write16(dev, B43_SHM_SHARED, 1494 B43_SHM_SH_DTIMPER, 0); 1495 } 1496 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1497} 1498 1499static void b43_upload_beacon0(struct b43_wldev *dev) 1500{ 1501 struct b43_wl *wl = dev->wl; 1502 1503 if (wl->beacon0_uploaded) 1504 return; 1505 b43_write_beacon_template(dev, 0x68, 0x18); 1506 wl->beacon0_uploaded = 1; 1507} 1508 1509static void b43_upload_beacon1(struct b43_wldev *dev) 1510{ 1511 struct b43_wl *wl = dev->wl; 1512 1513 if (wl->beacon1_uploaded) 1514 return; 1515 b43_write_beacon_template(dev, 0x468, 0x1A); 1516 wl->beacon1_uploaded = 1; 1517} 1518 1519static void handle_irq_beacon(struct b43_wldev *dev) 1520{ 1521 struct b43_wl *wl = dev->wl; 1522 u32 cmd, beacon0_valid, beacon1_valid; 1523 1524 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1525 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1526 return; 1527 1528 /* This is the bottom half of the asynchronous beacon update. */ 1529 1530 /* Ignore interrupt in the future. */ 1531 dev->irq_mask &= ~B43_IRQ_BEACON; 1532 1533 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1534 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1535 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1536 1537 /* Schedule interrupt manually, if busy. */ 1538 if (beacon0_valid && beacon1_valid) { 1539 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1540 dev->irq_mask |= B43_IRQ_BEACON; 1541 return; 1542 } 1543 1544 if (unlikely(wl->beacon_templates_virgin)) { 1545 /* We never uploaded a beacon before. 1546 * Upload both templates now, but only mark one valid. */ 1547 wl->beacon_templates_virgin = 0; 1548 b43_upload_beacon0(dev); 1549 b43_upload_beacon1(dev); 1550 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1551 cmd |= B43_MACCMD_BEACON0_VALID; 1552 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1553 } else { 1554 if (!beacon0_valid) { 1555 b43_upload_beacon0(dev); 1556 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1557 cmd |= B43_MACCMD_BEACON0_VALID; 1558 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1559 } else if (!beacon1_valid) { 1560 b43_upload_beacon1(dev); 1561 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1562 cmd |= B43_MACCMD_BEACON1_VALID; 1563 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1564 } 1565 } 1566} 1567 1568static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1569{ 1570 u32 old_irq_mask = dev->irq_mask; 1571 1572 /* update beacon right away or defer to irq */ 1573 handle_irq_beacon(dev); 1574 if (old_irq_mask != dev->irq_mask) { 1575 /* The handler updated the IRQ mask. */ 1576 B43_WARN_ON(!dev->irq_mask); 1577 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1578 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1579 } else { 1580 /* Device interrupts are currently disabled. That means 1581 * we just ran the hardirq handler and scheduled the 1582 * IRQ thread. The thread will write the IRQ mask when 1583 * it finished, so there's nothing to do here. Writing 1584 * the mask _here_ would incorrectly re-enable IRQs. */ 1585 } 1586 } 1587} 1588 1589static void b43_beacon_update_trigger_work(struct work_struct *work) 1590{ 1591 struct b43_wl *wl = container_of(work, struct b43_wl, 1592 beacon_update_trigger); 1593 struct b43_wldev *dev; 1594 1595 mutex_lock(&wl->mutex); 1596 dev = wl->current_dev; 1597 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1598 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 1599 /* wl->mutex is enough. */ 1600 b43_do_beacon_update_trigger_work(dev); 1601 mmiowb(); 1602 } else { 1603 spin_lock_irq(&wl->hardirq_lock); 1604 b43_do_beacon_update_trigger_work(dev); 1605 mmiowb(); 1606 spin_unlock_irq(&wl->hardirq_lock); 1607 } 1608 } 1609 mutex_unlock(&wl->mutex); 1610} 1611 1612/* Asynchronously update the packet templates in template RAM. 1613 * Locking: Requires wl->mutex to be locked. */ 1614static void b43_update_templates(struct b43_wl *wl) 1615{ 1616 struct sk_buff *beacon; 1617 1618 /* This is the top half of the ansynchronous beacon update. 1619 * The bottom half is the beacon IRQ. 1620 * Beacon update must be asynchronous to avoid sending an 1621 * invalid beacon. This can happen for example, if the firmware 1622 * transmits a beacon while we are updating it. */ 1623 1624 /* We could modify the existing beacon and set the aid bit in 1625 * the TIM field, but that would probably require resizing and 1626 * moving of data within the beacon template. 1627 * Simply request a new beacon and let mac80211 do the hard work. */ 1628 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1629 if (unlikely(!beacon)) 1630 return; 1631 1632 if (wl->current_beacon) 1633 dev_kfree_skb_any(wl->current_beacon); 1634 wl->current_beacon = beacon; 1635 wl->beacon0_uploaded = 0; 1636 wl->beacon1_uploaded = 0; 1637 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1638} 1639 1640static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1641{ 1642 b43_time_lock(dev); 1643 if (dev->dev->id.revision >= 3) { 1644 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1645 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1646 } else { 1647 b43_write16(dev, 0x606, (beacon_int >> 6)); 1648 b43_write16(dev, 0x610, beacon_int); 1649 } 1650 b43_time_unlock(dev); 1651 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1652} 1653 1654static void b43_handle_firmware_panic(struct b43_wldev *dev) 1655{ 1656 u16 reason; 1657 1658 /* Read the register that contains the reason code for the panic. */ 1659 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1660 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1661 1662 switch (reason) { 1663 default: 1664 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1665 /* fallthrough */ 1666 case B43_FWPANIC_DIE: 1667 /* Do not restart the controller or firmware. 1668 * The device is nonfunctional from now on. 1669 * Restarting would result in this panic to trigger again, 1670 * so we avoid that recursion. */ 1671 break; 1672 case B43_FWPANIC_RESTART: 1673 b43_controller_restart(dev, "Microcode panic"); 1674 break; 1675 } 1676} 1677 1678static void handle_irq_ucode_debug(struct b43_wldev *dev) 1679{ 1680 unsigned int i, cnt; 1681 u16 reason, marker_id, marker_line; 1682 __le16 *buf; 1683 1684 /* The proprietary firmware doesn't have this IRQ. */ 1685 if (!dev->fw.opensource) 1686 return; 1687 1688 /* Read the register that contains the reason code for this IRQ. */ 1689 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1690 1691 switch (reason) { 1692 case B43_DEBUGIRQ_PANIC: 1693 b43_handle_firmware_panic(dev); 1694 break; 1695 case B43_DEBUGIRQ_DUMP_SHM: 1696 if (!B43_DEBUG) 1697 break; /* Only with driver debugging enabled. */ 1698 buf = kmalloc(4096, GFP_ATOMIC); 1699 if (!buf) { 1700 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1701 goto out; 1702 } 1703 for (i = 0; i < 4096; i += 2) { 1704 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1705 buf[i / 2] = cpu_to_le16(tmp); 1706 } 1707 b43info(dev->wl, "Shared memory dump:\n"); 1708 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1709 16, 2, buf, 4096, 1); 1710 kfree(buf); 1711 break; 1712 case B43_DEBUGIRQ_DUMP_REGS: 1713 if (!B43_DEBUG) 1714 break; /* Only with driver debugging enabled. */ 1715 b43info(dev->wl, "Microcode register dump:\n"); 1716 for (i = 0, cnt = 0; i < 64; i++) { 1717 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1718 if (cnt == 0) 1719 printk(KERN_INFO); 1720 printk("r%02u: 0x%04X ", i, tmp); 1721 cnt++; 1722 if (cnt == 6) { 1723 printk("\n"); 1724 cnt = 0; 1725 } 1726 } 1727 printk("\n"); 1728 break; 1729 case B43_DEBUGIRQ_MARKER: 1730 if (!B43_DEBUG) 1731 break; /* Only with driver debugging enabled. */ 1732 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1733 B43_MARKER_ID_REG); 1734 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1735 B43_MARKER_LINE_REG); 1736 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1737 "at line number %u\n", 1738 marker_id, marker_line); 1739 break; 1740 default: 1741 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1742 reason); 1743 } 1744out: 1745 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1746 b43_shm_write16(dev, B43_SHM_SCRATCH, 1747 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1748} 1749 1750static void b43_do_interrupt_thread(struct b43_wldev *dev) 1751{ 1752 u32 reason; 1753 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1754 u32 merged_dma_reason = 0; 1755 int i; 1756 1757 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1758 return; 1759 1760 reason = dev->irq_reason; 1761 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1762 dma_reason[i] = dev->dma_reason[i]; 1763 merged_dma_reason |= dma_reason[i]; 1764 } 1765 1766 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1767 b43err(dev->wl, "MAC transmission error\n"); 1768 1769 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1770 b43err(dev->wl, "PHY transmission error\n"); 1771 rmb(); 1772 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1773 atomic_set(&dev->phy.txerr_cnt, 1774 B43_PHY_TX_BADNESS_LIMIT); 1775 b43err(dev->wl, "Too many PHY TX errors, " 1776 "restarting the controller\n"); 1777 b43_controller_restart(dev, "PHY TX errors"); 1778 } 1779 } 1780 1781 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1782 B43_DMAIRQ_NONFATALMASK))) { 1783 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1784 b43err(dev->wl, "Fatal DMA error: " 1785 "0x%08X, 0x%08X, 0x%08X, " 1786 "0x%08X, 0x%08X, 0x%08X\n", 1787 dma_reason[0], dma_reason[1], 1788 dma_reason[2], dma_reason[3], 1789 dma_reason[4], dma_reason[5]); 1790 b43err(dev->wl, "This device does not support DMA " 1791 "on your system. Please use PIO instead.\n"); 1792 b43err(dev->wl, "Unload the b43 module and reload " 1793 "with 'pio=1'\n"); 1794 return; 1795 } 1796 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1797 b43err(dev->wl, "DMA error: " 1798 "0x%08X, 0x%08X, 0x%08X, " 1799 "0x%08X, 0x%08X, 0x%08X\n", 1800 dma_reason[0], dma_reason[1], 1801 dma_reason[2], dma_reason[3], 1802 dma_reason[4], dma_reason[5]); 1803 } 1804 } 1805 1806 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1807 handle_irq_ucode_debug(dev); 1808 if (reason & B43_IRQ_TBTT_INDI) 1809 handle_irq_tbtt_indication(dev); 1810 if (reason & B43_IRQ_ATIM_END) 1811 handle_irq_atim_end(dev); 1812 if (reason & B43_IRQ_BEACON) 1813 handle_irq_beacon(dev); 1814 if (reason & B43_IRQ_PMQ) 1815 handle_irq_pmq(dev); 1816 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1817 ;/* TODO */ 1818 if (reason & B43_IRQ_NOISESAMPLE_OK) 1819 handle_irq_noise(dev); 1820 1821 /* Check the DMA reason registers for received data. */ 1822 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1823 if (b43_using_pio_transfers(dev)) 1824 b43_pio_rx(dev->pio.rx_queue); 1825 else 1826 b43_dma_rx(dev->dma.rx_ring); 1827 } 1828 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1829 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1830 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1831 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1832 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1833 1834 if (reason & B43_IRQ_TX_OK) 1835 handle_irq_transmit_status(dev); 1836 1837 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1838 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1839 1840#if B43_DEBUG 1841 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1842 dev->irq_count++; 1843 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1844 if (reason & (1 << i)) 1845 dev->irq_bit_count[i]++; 1846 } 1847 } 1848#endif 1849} 1850 1851/* Interrupt thread handler. Handles device interrupts in thread context. */ 1852static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1853{ 1854 struct b43_wldev *dev = dev_id; 1855 1856 mutex_lock(&dev->wl->mutex); 1857 b43_do_interrupt_thread(dev); 1858 mmiowb(); 1859 mutex_unlock(&dev->wl->mutex); 1860 1861 return IRQ_HANDLED; 1862} 1863 1864static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1865{ 1866 u32 reason; 1867 1868 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1869 * On SDIO, this runs under wl->mutex. */ 1870 1871 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1872 if (reason == 0xffffffff) /* shared IRQ */ 1873 return IRQ_NONE; 1874 reason &= dev->irq_mask; 1875 if (!reason) 1876 return IRQ_HANDLED; 1877 1878 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1879 & 0x0001DC00; 1880 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1881 & 0x0000DC00; 1882 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1883 & 0x0000DC00; 1884 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1885 & 0x0001DC00; 1886 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1887 & 0x0000DC00; 1888/* Unused ring 1889 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1890 & 0x0000DC00; 1891*/ 1892 1893 /* ACK the interrupt. */ 1894 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1895 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1896 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1897 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1898 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1899 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1900/* Unused ring 1901 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1902*/ 1903 1904 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1905 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1906 /* Save the reason bitmasks for the IRQ thread handler. */ 1907 dev->irq_reason = reason; 1908 1909 return IRQ_WAKE_THREAD; 1910} 1911 1912/* Interrupt handler top-half. This runs with interrupts disabled. */ 1913static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1914{ 1915 struct b43_wldev *dev = dev_id; 1916 irqreturn_t ret; 1917 1918 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1919 return IRQ_NONE; 1920 1921 spin_lock(&dev->wl->hardirq_lock); 1922 ret = b43_do_interrupt(dev); 1923 mmiowb(); 1924 spin_unlock(&dev->wl->hardirq_lock); 1925 1926 return ret; 1927} 1928 1929/* SDIO interrupt handler. This runs in process context. */ 1930static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1931{ 1932 struct b43_wl *wl = dev->wl; 1933 irqreturn_t ret; 1934 1935 mutex_lock(&wl->mutex); 1936 1937 ret = b43_do_interrupt(dev); 1938 if (ret == IRQ_WAKE_THREAD) 1939 b43_do_interrupt_thread(dev); 1940 1941 mutex_unlock(&wl->mutex); 1942} 1943 1944void b43_do_release_fw(struct b43_firmware_file *fw) 1945{ 1946 release_firmware(fw->data); 1947 fw->data = NULL; 1948 fw->filename = NULL; 1949} 1950 1951static void b43_release_firmware(struct b43_wldev *dev) 1952{ 1953 b43_do_release_fw(&dev->fw.ucode); 1954 b43_do_release_fw(&dev->fw.pcm); 1955 b43_do_release_fw(&dev->fw.initvals); 1956 b43_do_release_fw(&dev->fw.initvals_band); 1957} 1958 1959static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1960{ 1961 const char text[] = 1962 "You must go to " \ 1963 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 1964 "and download the correct firmware for this driver version. " \ 1965 "Please carefully read all instructions on this website.\n"; 1966 1967 if (error) 1968 b43err(wl, text); 1969 else 1970 b43warn(wl, text); 1971} 1972 1973int b43_do_request_fw(struct b43_request_fw_context *ctx, 1974 const char *name, 1975 struct b43_firmware_file *fw) 1976{ 1977 const struct firmware *blob; 1978 struct b43_fw_header *hdr; 1979 u32 size; 1980 int err; 1981 1982 if (!name) { 1983 /* Don't fetch anything. Free possibly cached firmware. */ 1984 /* FIXME: We should probably keep it anyway, to save some headache 1985 * on suspend/resume with multiband devices. */ 1986 b43_do_release_fw(fw); 1987 return 0; 1988 } 1989 if (fw->filename) { 1990 if ((fw->type == ctx->req_type) && 1991 (strcmp(fw->filename, name) == 0)) 1992 return 0; /* Already have this fw. */ 1993 /* Free the cached firmware first. */ 1994 /* FIXME: We should probably do this later after we successfully 1995 * got the new fw. This could reduce headache with multiband devices. 1996 * We could also redesign this to cache the firmware for all possible 1997 * bands all the time. */ 1998 b43_do_release_fw(fw); 1999 } 2000 2001 switch (ctx->req_type) { 2002 case B43_FWTYPE_PROPRIETARY: 2003 snprintf(ctx->fwname, sizeof(ctx->fwname), 2004 "b43%s/%s.fw", 2005 modparam_fwpostfix, name); 2006 break; 2007 case B43_FWTYPE_OPENSOURCE: 2008 snprintf(ctx->fwname, sizeof(ctx->fwname), 2009 "b43-open%s/%s.fw", 2010 modparam_fwpostfix, name); 2011 break; 2012 default: 2013 B43_WARN_ON(1); 2014 return -ENOSYS; 2015 } 2016 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2017 if (err == -ENOENT) { 2018 snprintf(ctx->errors[ctx->req_type], 2019 sizeof(ctx->errors[ctx->req_type]), 2020 "Firmware file \"%s\" not found\n", ctx->fwname); 2021 return err; 2022 } else if (err) { 2023 snprintf(ctx->errors[ctx->req_type], 2024 sizeof(ctx->errors[ctx->req_type]), 2025 "Firmware file \"%s\" request failed (err=%d)\n", 2026 ctx->fwname, err); 2027 return err; 2028 } 2029 if (blob->size < sizeof(struct b43_fw_header)) 2030 goto err_format; 2031 hdr = (struct b43_fw_header *)(blob->data); 2032 switch (hdr->type) { 2033 case B43_FW_TYPE_UCODE: 2034 case B43_FW_TYPE_PCM: 2035 size = be32_to_cpu(hdr->size); 2036 if (size != blob->size - sizeof(struct b43_fw_header)) 2037 goto err_format; 2038 /* fallthrough */ 2039 case B43_FW_TYPE_IV: 2040 if (hdr->ver != 1) 2041 goto err_format; 2042 break; 2043 default: 2044 goto err_format; 2045 } 2046 2047 fw->data = blob; 2048 fw->filename = name; 2049 fw->type = ctx->req_type; 2050 2051 return 0; 2052 2053err_format: 2054 snprintf(ctx->errors[ctx->req_type], 2055 sizeof(ctx->errors[ctx->req_type]), 2056 "Firmware file \"%s\" format error.\n", ctx->fwname); 2057 release_firmware(blob); 2058 2059 return -EPROTO; 2060} 2061 2062static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2063{ 2064 struct b43_wldev *dev = ctx->dev; 2065 struct b43_firmware *fw = &ctx->dev->fw; 2066 const u8 rev = ctx->dev->dev->id.revision; 2067 const char *filename; 2068 u32 tmshigh; 2069 int err; 2070 2071 /* Get microcode */ 2072 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 2073 if ((rev >= 5) && (rev <= 10)) 2074 filename = "ucode5"; 2075 else if ((rev >= 11) && (rev <= 12)) 2076 filename = "ucode11"; 2077 else if (rev == 13) 2078 filename = "ucode13"; 2079 else if (rev == 14) 2080 filename = "ucode14"; 2081 else if (rev >= 15) 2082 filename = "ucode15"; 2083 else 2084 goto err_no_ucode; 2085 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2086 if (err) 2087 goto err_load; 2088 2089 /* Get PCM code */ 2090 if ((rev >= 5) && (rev <= 10)) 2091 filename = "pcm5"; 2092 else if (rev >= 11) 2093 filename = NULL; 2094 else 2095 goto err_no_pcm; 2096 fw->pcm_request_failed = 0; 2097 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2098 if (err == -ENOENT) { 2099 /* We did not find a PCM file? Not fatal, but 2100 * core rev <= 10 must do without hwcrypto then. */ 2101 fw->pcm_request_failed = 1; 2102 } else if (err) 2103 goto err_load; 2104 2105 /* Get initvals */ 2106 switch (dev->phy.type) { 2107 case B43_PHYTYPE_A: 2108 if ((rev >= 5) && (rev <= 10)) { 2109 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2110 filename = "a0g1initvals5"; 2111 else 2112 filename = "a0g0initvals5"; 2113 } else 2114 goto err_no_initvals; 2115 break; 2116 case B43_PHYTYPE_G: 2117 if ((rev >= 5) && (rev <= 10)) 2118 filename = "b0g0initvals5"; 2119 else if (rev >= 13) 2120 filename = "b0g0initvals13"; 2121 else 2122 goto err_no_initvals; 2123 break; 2124 case B43_PHYTYPE_N: 2125 if ((rev >= 11) && (rev <= 12)) 2126 filename = "n0initvals11"; 2127 else 2128 goto err_no_initvals; 2129 break; 2130 case B43_PHYTYPE_LP: 2131 if (rev == 13) 2132 filename = "lp0initvals13"; 2133 else if (rev == 14) 2134 filename = "lp0initvals14"; 2135 else if (rev >= 15) 2136 filename = "lp0initvals15"; 2137 else 2138 goto err_no_initvals; 2139 break; 2140 default: 2141 goto err_no_initvals; 2142 } 2143 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2144 if (err) 2145 goto err_load; 2146 2147 /* Get bandswitch initvals */ 2148 switch (dev->phy.type) { 2149 case B43_PHYTYPE_A: 2150 if ((rev >= 5) && (rev <= 10)) { 2151 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2152 filename = "a0g1bsinitvals5"; 2153 else 2154 filename = "a0g0bsinitvals5"; 2155 } else if (rev >= 11) 2156 filename = NULL; 2157 else 2158 goto err_no_initvals; 2159 break; 2160 case B43_PHYTYPE_G: 2161 if ((rev >= 5) && (rev <= 10)) 2162 filename = "b0g0bsinitvals5"; 2163 else if (rev >= 11) 2164 filename = NULL; 2165 else 2166 goto err_no_initvals; 2167 break; 2168 case B43_PHYTYPE_N: 2169 if ((rev >= 11) && (rev <= 12)) 2170 filename = "n0bsinitvals11"; 2171 else 2172 goto err_no_initvals; 2173 break; 2174 case B43_PHYTYPE_LP: 2175 if (rev == 13) 2176 filename = "lp0bsinitvals13"; 2177 else if (rev == 14) 2178 filename = "lp0bsinitvals14"; 2179 else if (rev >= 15) 2180 filename = "lp0bsinitvals15"; 2181 else 2182 goto err_no_initvals; 2183 break; 2184 default: 2185 goto err_no_initvals; 2186 } 2187 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2188 if (err) 2189 goto err_load; 2190 2191 return 0; 2192 2193err_no_ucode: 2194 err = ctx->fatal_failure = -EOPNOTSUPP; 2195 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2196 "is required for your device (wl-core rev %u)\n", rev); 2197 goto error; 2198 2199err_no_pcm: 2200 err = ctx->fatal_failure = -EOPNOTSUPP; 2201 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2202 "is required for your device (wl-core rev %u)\n", rev); 2203 goto error; 2204 2205err_no_initvals: 2206 err = ctx->fatal_failure = -EOPNOTSUPP; 2207 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2208 "is required for your device (wl-core rev %u)\n", rev); 2209 goto error; 2210 2211err_load: 2212 /* We failed to load this firmware image. The error message 2213 * already is in ctx->errors. Return and let our caller decide 2214 * what to do. */ 2215 goto error; 2216 2217error: 2218 b43_release_firmware(dev); 2219 return err; 2220} 2221 2222static int b43_request_firmware(struct b43_wldev *dev) 2223{ 2224 struct b43_request_fw_context *ctx; 2225 unsigned int i; 2226 int err; 2227 const char *errmsg; 2228 2229 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2230 if (!ctx) 2231 return -ENOMEM; 2232 ctx->dev = dev; 2233 2234 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2235 err = b43_try_request_fw(ctx); 2236 if (!err) 2237 goto out; /* Successfully loaded it. */ 2238 err = ctx->fatal_failure; 2239 if (err) 2240 goto out; 2241 2242 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2243 err = b43_try_request_fw(ctx); 2244 if (!err) 2245 goto out; /* Successfully loaded it. */ 2246 err = ctx->fatal_failure; 2247 if (err) 2248 goto out; 2249 2250 /* Could not find a usable firmware. Print the errors. */ 2251 for (i = 0; i < B43_NR_FWTYPES; i++) { 2252 errmsg = ctx->errors[i]; 2253 if (strlen(errmsg)) 2254 b43err(dev->wl, errmsg); 2255 } 2256 b43_print_fw_helptext(dev->wl, 1); 2257 err = -ENOENT; 2258 2259out: 2260 kfree(ctx); 2261 return err; 2262} 2263 2264static int b43_upload_microcode(struct b43_wldev *dev) 2265{ 2266 const size_t hdr_len = sizeof(struct b43_fw_header); 2267 const __be32 *data; 2268 unsigned int i, len; 2269 u16 fwrev, fwpatch, fwdate, fwtime; 2270 u32 tmp, macctl; 2271 int err = 0; 2272 2273 /* Jump the microcode PSM to offset 0 */ 2274 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2275 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2276 macctl |= B43_MACCTL_PSM_JMP0; 2277 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2278 /* Zero out all microcode PSM registers and shared memory. */ 2279 for (i = 0; i < 64; i++) 2280 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2281 for (i = 0; i < 4096; i += 2) 2282 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2283 2284 /* Upload Microcode. */ 2285 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2286 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2287 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2288 for (i = 0; i < len; i++) { 2289 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2290 udelay(10); 2291 } 2292 2293 if (dev->fw.pcm.data) { 2294 /* Upload PCM data. */ 2295 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2296 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2297 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2298 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2299 /* No need for autoinc bit in SHM_HW */ 2300 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2301 for (i = 0; i < len; i++) { 2302 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2303 udelay(10); 2304 } 2305 } 2306 2307 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2308 2309 /* Start the microcode PSM */ 2310 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2311 macctl &= ~B43_MACCTL_PSM_JMP0; 2312 macctl |= B43_MACCTL_PSM_RUN; 2313 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2314 2315 /* Wait for the microcode to load and respond */ 2316 i = 0; 2317 while (1) { 2318 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2319 if (tmp == B43_IRQ_MAC_SUSPENDED) 2320 break; 2321 i++; 2322 if (i >= 20) { 2323 b43err(dev->wl, "Microcode not responding\n"); 2324 b43_print_fw_helptext(dev->wl, 1); 2325 err = -ENODEV; 2326 goto error; 2327 } 2328 msleep(50); 2329 } 2330 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2331 2332 /* Get and check the revisions. */ 2333 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2334 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2335 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2336 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2337 2338 if (fwrev <= 0x128) { 2339 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2340 "binary drivers older than version 4.x is unsupported. " 2341 "You must upgrade your firmware files.\n"); 2342 b43_print_fw_helptext(dev->wl, 1); 2343 err = -EOPNOTSUPP; 2344 goto error; 2345 } 2346 dev->fw.rev = fwrev; 2347 dev->fw.patch = fwpatch; 2348 dev->fw.opensource = (fwdate == 0xFFFF); 2349 2350 /* Default to use-all-queues. */ 2351 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2352 dev->qos_enabled = !!modparam_qos; 2353 /* Default to firmware/hardware crypto acceleration. */ 2354 dev->hwcrypto_enabled = 1; 2355 2356 if (dev->fw.opensource) { 2357 u16 fwcapa; 2358 2359 /* Patchlevel info is encoded in the "time" field. */ 2360 dev->fw.patch = fwtime; 2361 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2362 dev->fw.rev, dev->fw.patch); 2363 2364 fwcapa = b43_fwcapa_read(dev); 2365 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2366 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2367 /* Disable hardware crypto and fall back to software crypto. */ 2368 dev->hwcrypto_enabled = 0; 2369 } 2370 if (!(fwcapa & B43_FWCAPA_QOS)) { 2371 b43info(dev->wl, "QoS not supported by firmware\n"); 2372 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2373 * ieee80211_unregister to make sure the networking core can 2374 * properly free possible resources. */ 2375 dev->wl->hw->queues = 1; 2376 dev->qos_enabled = 0; 2377 } 2378 } else { 2379 b43info(dev->wl, "Loading firmware version %u.%u " 2380 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2381 fwrev, fwpatch, 2382 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2383 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2384 if (dev->fw.pcm_request_failed) { 2385 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2386 "Hardware accelerated cryptography is disabled.\n"); 2387 b43_print_fw_helptext(dev->wl, 0); 2388 } 2389 } 2390 2391 if (b43_is_old_txhdr_format(dev)) { 2392 /* We're over the deadline, but we keep support for old fw 2393 * until it turns out to be in major conflict with something new. */ 2394 b43warn(dev->wl, "You are using an old firmware image. " 2395 "Support for old firmware will be removed soon " 2396 "(official deadline was July 2008).\n"); 2397 b43_print_fw_helptext(dev->wl, 0); 2398 } 2399 2400 return 0; 2401 2402error: 2403 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2404 macctl &= ~B43_MACCTL_PSM_RUN; 2405 macctl |= B43_MACCTL_PSM_JMP0; 2406 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2407 2408 return err; 2409} 2410 2411static int b43_write_initvals(struct b43_wldev *dev, 2412 const struct b43_iv *ivals, 2413 size_t count, 2414 size_t array_size) 2415{ 2416 const struct b43_iv *iv; 2417 u16 offset; 2418 size_t i; 2419 bool bit32; 2420 2421 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2422 iv = ivals; 2423 for (i = 0; i < count; i++) { 2424 if (array_size < sizeof(iv->offset_size)) 2425 goto err_format; 2426 array_size -= sizeof(iv->offset_size); 2427 offset = be16_to_cpu(iv->offset_size); 2428 bit32 = !!(offset & B43_IV_32BIT); 2429 offset &= B43_IV_OFFSET_MASK; 2430 if (offset >= 0x1000) 2431 goto err_format; 2432 if (bit32) { 2433 u32 value; 2434 2435 if (array_size < sizeof(iv->data.d32)) 2436 goto err_format; 2437 array_size -= sizeof(iv->data.d32); 2438 2439 value = get_unaligned_be32(&iv->data.d32); 2440 b43_write32(dev, offset, value); 2441 2442 iv = (const struct b43_iv *)((const uint8_t *)iv + 2443 sizeof(__be16) + 2444 sizeof(__be32)); 2445 } else { 2446 u16 value; 2447 2448 if (array_size < sizeof(iv->data.d16)) 2449 goto err_format; 2450 array_size -= sizeof(iv->data.d16); 2451 2452 value = be16_to_cpu(iv->data.d16); 2453 b43_write16(dev, offset, value); 2454 2455 iv = (const struct b43_iv *)((const uint8_t *)iv + 2456 sizeof(__be16) + 2457 sizeof(__be16)); 2458 } 2459 } 2460 if (array_size) 2461 goto err_format; 2462 2463 return 0; 2464 2465err_format: 2466 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2467 b43_print_fw_helptext(dev->wl, 1); 2468 2469 return -EPROTO; 2470} 2471 2472static int b43_upload_initvals(struct b43_wldev *dev) 2473{ 2474 const size_t hdr_len = sizeof(struct b43_fw_header); 2475 const struct b43_fw_header *hdr; 2476 struct b43_firmware *fw = &dev->fw; 2477 const struct b43_iv *ivals; 2478 size_t count; 2479 int err; 2480 2481 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2482 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2483 count = be32_to_cpu(hdr->size); 2484 err = b43_write_initvals(dev, ivals, count, 2485 fw->initvals.data->size - hdr_len); 2486 if (err) 2487 goto out; 2488 if (fw->initvals_band.data) { 2489 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2490 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2491 count = be32_to_cpu(hdr->size); 2492 err = b43_write_initvals(dev, ivals, count, 2493 fw->initvals_band.data->size - hdr_len); 2494 if (err) 2495 goto out; 2496 } 2497out: 2498 2499 return err; 2500} 2501 2502/* Initialize the GPIOs 2503 * http://bcm-specs.sipsolutions.net/GPIO 2504 */ 2505static int b43_gpio_init(struct b43_wldev *dev) 2506{ 2507 struct ssb_bus *bus = dev->dev->bus; 2508 struct ssb_device *gpiodev, *pcidev = NULL; 2509 u32 mask, set; 2510 2511 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2512 & ~B43_MACCTL_GPOUTSMSK); 2513 2514 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2515 | 0x000F); 2516 2517 mask = 0x0000001F; 2518 set = 0x0000000F; 2519 if (dev->dev->bus->chip_id == 0x4301) { 2520 mask |= 0x0060; 2521 set |= 0x0060; 2522 } 2523 if (0 /* FIXME: conditional unknown */ ) { 2524 b43_write16(dev, B43_MMIO_GPIO_MASK, 2525 b43_read16(dev, B43_MMIO_GPIO_MASK) 2526 | 0x0100); 2527 mask |= 0x0180; 2528 set |= 0x0180; 2529 } 2530 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2531 b43_write16(dev, B43_MMIO_GPIO_MASK, 2532 b43_read16(dev, B43_MMIO_GPIO_MASK) 2533 | 0x0200); 2534 mask |= 0x0200; 2535 set |= 0x0200; 2536 } 2537 if (dev->dev->id.revision >= 2) 2538 mask |= 0x0010; /* FIXME: This is redundant. */ 2539 2540#ifdef CONFIG_SSB_DRIVER_PCICORE 2541 pcidev = bus->pcicore.dev; 2542#endif 2543 gpiodev = bus->chipco.dev ? : pcidev; 2544 if (!gpiodev) 2545 return 0; 2546 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2547 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2548 & mask) | set); 2549 2550 return 0; 2551} 2552 2553/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2554static void b43_gpio_cleanup(struct b43_wldev *dev) 2555{ 2556 struct ssb_bus *bus = dev->dev->bus; 2557 struct ssb_device *gpiodev, *pcidev = NULL; 2558 2559#ifdef CONFIG_SSB_DRIVER_PCICORE 2560 pcidev = bus->pcicore.dev; 2561#endif 2562 gpiodev = bus->chipco.dev ? : pcidev; 2563 if (!gpiodev) 2564 return; 2565 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2566} 2567 2568/* http://bcm-specs.sipsolutions.net/EnableMac */ 2569void b43_mac_enable(struct b43_wldev *dev) 2570{ 2571 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2572 u16 fwstate; 2573 2574 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2575 B43_SHM_SH_UCODESTAT); 2576 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2577 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2578 b43err(dev->wl, "b43_mac_enable(): The firmware " 2579 "should be suspended, but current state is %u\n", 2580 fwstate); 2581 } 2582 } 2583 2584 dev->mac_suspended--; 2585 B43_WARN_ON(dev->mac_suspended < 0); 2586 if (dev->mac_suspended == 0) { 2587 b43_write32(dev, B43_MMIO_MACCTL, 2588 b43_read32(dev, B43_MMIO_MACCTL) 2589 | B43_MACCTL_ENABLED); 2590 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2591 B43_IRQ_MAC_SUSPENDED); 2592 /* Commit writes */ 2593 b43_read32(dev, B43_MMIO_MACCTL); 2594 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2595 b43_power_saving_ctl_bits(dev, 0); 2596 } 2597} 2598 2599/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2600void b43_mac_suspend(struct b43_wldev *dev) 2601{ 2602 int i; 2603 u32 tmp; 2604 2605 might_sleep(); 2606 B43_WARN_ON(dev->mac_suspended < 0); 2607 2608 if (dev->mac_suspended == 0) { 2609 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2610 b43_write32(dev, B43_MMIO_MACCTL, 2611 b43_read32(dev, B43_MMIO_MACCTL) 2612 & ~B43_MACCTL_ENABLED); 2613 /* force pci to flush the write */ 2614 b43_read32(dev, B43_MMIO_MACCTL); 2615 for (i = 35; i; i--) { 2616 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2617 if (tmp & B43_IRQ_MAC_SUSPENDED) 2618 goto out; 2619 udelay(10); 2620 } 2621 /* Hm, it seems this will take some time. Use msleep(). */ 2622 for (i = 40; i; i--) { 2623 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2624 if (tmp & B43_IRQ_MAC_SUSPENDED) 2625 goto out; 2626 msleep(1); 2627 } 2628 b43err(dev->wl, "MAC suspend failed\n"); 2629 } 2630out: 2631 dev->mac_suspended++; 2632} 2633 2634static void b43_adjust_opmode(struct b43_wldev *dev) 2635{ 2636 struct b43_wl *wl = dev->wl; 2637 u32 ctl; 2638 u16 cfp_pretbtt; 2639 2640 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2641 /* Reset status to STA infrastructure mode. */ 2642 ctl &= ~B43_MACCTL_AP; 2643 ctl &= ~B43_MACCTL_KEEP_CTL; 2644 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2645 ctl &= ~B43_MACCTL_KEEP_BAD; 2646 ctl &= ~B43_MACCTL_PROMISC; 2647 ctl &= ~B43_MACCTL_BEACPROMISC; 2648 ctl |= B43_MACCTL_INFRA; 2649 2650 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2651 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2652 ctl |= B43_MACCTL_AP; 2653 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2654 ctl &= ~B43_MACCTL_INFRA; 2655 2656 if (wl->filter_flags & FIF_CONTROL) 2657 ctl |= B43_MACCTL_KEEP_CTL; 2658 if (wl->filter_flags & FIF_FCSFAIL) 2659 ctl |= B43_MACCTL_KEEP_BAD; 2660 if (wl->filter_flags & FIF_PLCPFAIL) 2661 ctl |= B43_MACCTL_KEEP_BADPLCP; 2662 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2663 ctl |= B43_MACCTL_PROMISC; 2664 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2665 ctl |= B43_MACCTL_BEACPROMISC; 2666 2667 /* Workaround: On old hardware the HW-MAC-address-filter 2668 * doesn't work properly, so always run promisc in filter 2669 * it in software. */ 2670 if (dev->dev->id.revision <= 4) 2671 ctl |= B43_MACCTL_PROMISC; 2672 2673 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2674 2675 cfp_pretbtt = 2; 2676 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2677 if (dev->dev->bus->chip_id == 0x4306 && 2678 dev->dev->bus->chip_rev == 3) 2679 cfp_pretbtt = 100; 2680 else 2681 cfp_pretbtt = 50; 2682 } 2683 b43_write16(dev, 0x612, cfp_pretbtt); 2684 2685 /* FIXME: We don't currently implement the PMQ mechanism, 2686 * so always disable it. If we want to implement PMQ, 2687 * we need to enable it here (clear DISCPMQ) in AP mode. 2688 */ 2689 if (0 /* ctl & B43_MACCTL_AP */) { 2690 b43_write32(dev, B43_MMIO_MACCTL, 2691 b43_read32(dev, B43_MMIO_MACCTL) 2692 & ~B43_MACCTL_DISCPMQ); 2693 } else { 2694 b43_write32(dev, B43_MMIO_MACCTL, 2695 b43_read32(dev, B43_MMIO_MACCTL) 2696 | B43_MACCTL_DISCPMQ); 2697 } 2698} 2699 2700static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2701{ 2702 u16 offset; 2703 2704 if (is_ofdm) { 2705 offset = 0x480; 2706 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2707 } else { 2708 offset = 0x4C0; 2709 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2710 } 2711 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2712 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2713} 2714 2715static void b43_rate_memory_init(struct b43_wldev *dev) 2716{ 2717 switch (dev->phy.type) { 2718 case B43_PHYTYPE_A: 2719 case B43_PHYTYPE_G: 2720 case B43_PHYTYPE_N: 2721 case B43_PHYTYPE_LP: 2722 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2723 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2724 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2725 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2726 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2727 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2728 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2729 if (dev->phy.type == B43_PHYTYPE_A) 2730 break; 2731 /* fallthrough */ 2732 case B43_PHYTYPE_B: 2733 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2734 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2735 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2736 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2737 break; 2738 default: 2739 B43_WARN_ON(1); 2740 } 2741} 2742 2743/* Set the default values for the PHY TX Control Words. */ 2744static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2745{ 2746 u16 ctl = 0; 2747 2748 ctl |= B43_TXH_PHY_ENC_CCK; 2749 ctl |= B43_TXH_PHY_ANT01AUTO; 2750 ctl |= B43_TXH_PHY_TXPWR; 2751 2752 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2753 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2754 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2755} 2756 2757/* Set the TX-Antenna for management frames sent by firmware. */ 2758static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2759{ 2760 u16 ant; 2761 u16 tmp; 2762 2763 ant = b43_antenna_to_phyctl(antenna); 2764 2765 /* For ACK/CTS */ 2766 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2767 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2768 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2769 /* For Probe Resposes */ 2770 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2771 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2772 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2773} 2774 2775/* This is the opposite of b43_chip_init() */ 2776static void b43_chip_exit(struct b43_wldev *dev) 2777{ 2778 b43_phy_exit(dev); 2779 b43_gpio_cleanup(dev); 2780 /* firmware is released later */ 2781} 2782 2783/* Initialize the chip 2784 * http://bcm-specs.sipsolutions.net/ChipInit 2785 */ 2786static int b43_chip_init(struct b43_wldev *dev) 2787{ 2788 struct b43_phy *phy = &dev->phy; 2789 int err; 2790 u32 value32, macctl; 2791 u16 value16; 2792 2793 /* Initialize the MAC control */ 2794 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2795 if (dev->phy.gmode) 2796 macctl |= B43_MACCTL_GMODE; 2797 macctl |= B43_MACCTL_INFRA; 2798 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2799 2800 err = b43_request_firmware(dev); 2801 if (err) 2802 goto out; 2803 err = b43_upload_microcode(dev); 2804 if (err) 2805 goto out; /* firmware is released later */ 2806 2807 err = b43_gpio_init(dev); 2808 if (err) 2809 goto out; /* firmware is released later */ 2810 2811 err = b43_upload_initvals(dev); 2812 if (err) 2813 goto err_gpio_clean; 2814 2815 /* Turn the Analog on and initialize the PHY. */ 2816 phy->ops->switch_analog(dev, 1); 2817 err = b43_phy_init(dev); 2818 if (err) 2819 goto err_gpio_clean; 2820 2821 /* Disable Interference Mitigation. */ 2822 if (phy->ops->interf_mitigation) 2823 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2824 2825 /* Select the antennae */ 2826 if (phy->ops->set_rx_antenna) 2827 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2828 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2829 2830 if (phy->type == B43_PHYTYPE_B) { 2831 value16 = b43_read16(dev, 0x005E); 2832 value16 |= 0x0004; 2833 b43_write16(dev, 0x005E, value16); 2834 } 2835 b43_write32(dev, 0x0100, 0x01000000); 2836 if (dev->dev->id.revision < 5) 2837 b43_write32(dev, 0x010C, 0x01000000); 2838 2839 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2840 & ~B43_MACCTL_INFRA); 2841 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2842 | B43_MACCTL_INFRA); 2843 2844 /* Probe Response Timeout value */ 2845 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2846 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2847 2848 /* Initially set the wireless operation mode. */ 2849 b43_adjust_opmode(dev); 2850 2851 if (dev->dev->id.revision < 3) { 2852 b43_write16(dev, 0x060E, 0x0000); 2853 b43_write16(dev, 0x0610, 0x8000); 2854 b43_write16(dev, 0x0604, 0x0000); 2855 b43_write16(dev, 0x0606, 0x0200); 2856 } else { 2857 b43_write32(dev, 0x0188, 0x80000000); 2858 b43_write32(dev, 0x018C, 0x02000000); 2859 } 2860 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2861 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2862 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2863 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2864 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2865 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2866 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2867 2868 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2869 value32 |= 0x00100000; 2870 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2871 2872 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2873 dev->dev->bus->chipco.fast_pwrup_delay); 2874 2875 err = 0; 2876 b43dbg(dev->wl, "Chip initialized\n"); 2877out: 2878 return err; 2879 2880err_gpio_clean: 2881 b43_gpio_cleanup(dev); 2882 return err; 2883} 2884 2885static void b43_periodic_every60sec(struct b43_wldev *dev) 2886{ 2887 const struct b43_phy_operations *ops = dev->phy.ops; 2888 2889 if (ops->pwork_60sec) 2890 ops->pwork_60sec(dev); 2891 2892 /* Force check the TX power emission now. */ 2893 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2894} 2895 2896static void b43_periodic_every30sec(struct b43_wldev *dev) 2897{ 2898 /* Update device statistics. */ 2899 b43_calculate_link_quality(dev); 2900} 2901 2902static void b43_periodic_every15sec(struct b43_wldev *dev) 2903{ 2904 struct b43_phy *phy = &dev->phy; 2905 u16 wdr; 2906 2907 if (dev->fw.opensource) { 2908 /* Check if the firmware is still alive. 2909 * It will reset the watchdog counter to 0 in its idle loop. */ 2910 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2911 if (unlikely(wdr)) { 2912 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2913 b43_controller_restart(dev, "Firmware watchdog"); 2914 return; 2915 } else { 2916 b43_shm_write16(dev, B43_SHM_SCRATCH, 2917 B43_WATCHDOG_REG, 1); 2918 } 2919 } 2920 2921 if (phy->ops->pwork_15sec) 2922 phy->ops->pwork_15sec(dev); 2923 2924 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2925 wmb(); 2926 2927#if B43_DEBUG 2928 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 2929 unsigned int i; 2930 2931 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 2932 dev->irq_count / 15, 2933 dev->tx_count / 15, 2934 dev->rx_count / 15); 2935 dev->irq_count = 0; 2936 dev->tx_count = 0; 2937 dev->rx_count = 0; 2938 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 2939 if (dev->irq_bit_count[i]) { 2940 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 2941 dev->irq_bit_count[i] / 15, i, (1 << i)); 2942 dev->irq_bit_count[i] = 0; 2943 } 2944 } 2945 } 2946#endif 2947} 2948 2949static void do_periodic_work(struct b43_wldev *dev) 2950{ 2951 unsigned int state; 2952 2953 state = dev->periodic_state; 2954 if (state % 4 == 0) 2955 b43_periodic_every60sec(dev); 2956 if (state % 2 == 0) 2957 b43_periodic_every30sec(dev); 2958 b43_periodic_every15sec(dev); 2959} 2960 2961/* Periodic work locking policy: 2962 * The whole periodic work handler is protected by 2963 * wl->mutex. If another lock is needed somewhere in the 2964 * pwork callchain, it's acquired in-place, where it's needed. 2965 */ 2966static void b43_periodic_work_handler(struct work_struct *work) 2967{ 2968 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2969 periodic_work.work); 2970 struct b43_wl *wl = dev->wl; 2971 unsigned long delay; 2972 2973 mutex_lock(&wl->mutex); 2974 2975 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2976 goto out; 2977 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2978 goto out_requeue; 2979 2980 do_periodic_work(dev); 2981 2982 dev->periodic_state++; 2983out_requeue: 2984 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2985 delay = msecs_to_jiffies(50); 2986 else 2987 delay = round_jiffies_relative(HZ * 15); 2988 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 2989out: 2990 mutex_unlock(&wl->mutex); 2991} 2992 2993static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2994{ 2995 struct delayed_work *work = &dev->periodic_work; 2996 2997 dev->periodic_state = 0; 2998 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2999 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 3000} 3001 3002/* Check if communication with the device works correctly. */ 3003static int b43_validate_chipaccess(struct b43_wldev *dev) 3004{ 3005 u32 v, backup0, backup4; 3006 3007 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3008 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3009 3010 /* Check for read/write and endianness problems. */ 3011 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3012 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3013 goto error; 3014 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3015 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3016 goto error; 3017 3018 /* Check if unaligned 32bit SHM_SHARED access works properly. 3019 * However, don't bail out on failure, because it's noncritical. */ 3020 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3021 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3022 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3023 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3024 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3025 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3026 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3027 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3028 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3029 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3030 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3031 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3032 3033 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3034 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3035 3036 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 3037 /* The 32bit register shadows the two 16bit registers 3038 * with update sideeffects. Validate this. */ 3039 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3040 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3041 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3042 goto error; 3043 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3044 goto error; 3045 } 3046 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3047 3048 v = b43_read32(dev, B43_MMIO_MACCTL); 3049 v |= B43_MACCTL_GMODE; 3050 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3051 goto error; 3052 3053 return 0; 3054error: 3055 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3056 return -ENODEV; 3057} 3058 3059static void b43_security_init(struct b43_wldev *dev) 3060{ 3061 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3062 /* KTP is a word address, but we address SHM bytewise. 3063 * So multiply by two. 3064 */ 3065 dev->ktp *= 2; 3066 /* Number of RCMTA address slots */ 3067 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3068 /* Clear the key memory. */ 3069 b43_clear_keys(dev); 3070} 3071 3072#ifdef CONFIG_B43_HWRNG 3073static int b43_rng_read(struct hwrng *rng, u32 *data) 3074{ 3075 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3076 struct b43_wldev *dev; 3077 int count = -ENODEV; 3078 3079 mutex_lock(&wl->mutex); 3080 dev = wl->current_dev; 3081 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3082 *data = b43_read16(dev, B43_MMIO_RNG); 3083 count = sizeof(u16); 3084 } 3085 mutex_unlock(&wl->mutex); 3086 3087 return count; 3088} 3089#endif /* CONFIG_B43_HWRNG */ 3090 3091static void b43_rng_exit(struct b43_wl *wl) 3092{ 3093#ifdef CONFIG_B43_HWRNG 3094 if (wl->rng_initialized) 3095 hwrng_unregister(&wl->rng); 3096#endif /* CONFIG_B43_HWRNG */ 3097} 3098 3099static int b43_rng_init(struct b43_wl *wl) 3100{ 3101 int err = 0; 3102 3103#ifdef CONFIG_B43_HWRNG 3104 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3105 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3106 wl->rng.name = wl->rng_name; 3107 wl->rng.data_read = b43_rng_read; 3108 wl->rng.priv = (unsigned long)wl; 3109 wl->rng_initialized = 1; 3110 err = hwrng_register(&wl->rng); 3111 if (err) { 3112 wl->rng_initialized = 0; 3113 b43err(wl, "Failed to register the random " 3114 "number generator (%d)\n", err); 3115 } 3116#endif /* CONFIG_B43_HWRNG */ 3117 3118 return err; 3119} 3120 3121static void b43_tx_work(struct work_struct *work) 3122{ 3123 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3124 struct b43_wldev *dev; 3125 struct sk_buff *skb; 3126 int err = 0; 3127 3128 mutex_lock(&wl->mutex); 3129 dev = wl->current_dev; 3130 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3131 mutex_unlock(&wl->mutex); 3132 return; 3133 } 3134 3135 while (skb_queue_len(&wl->tx_queue)) { 3136 skb = skb_dequeue(&wl->tx_queue); 3137 3138 if (b43_using_pio_transfers(dev)) 3139 err = b43_pio_tx(dev, skb); 3140 else 3141 err = b43_dma_tx(dev, skb); 3142 if (unlikely(err)) 3143 dev_kfree_skb(skb); /* Drop it */ 3144 } 3145 3146#if B43_DEBUG 3147 dev->tx_count++; 3148#endif 3149 mutex_unlock(&wl->mutex); 3150} 3151 3152static int b43_op_tx(struct ieee80211_hw *hw, 3153 struct sk_buff *skb) 3154{ 3155 struct b43_wl *wl = hw_to_b43_wl(hw); 3156 3157 if (unlikely(skb->len < 2 + 2 + 6)) { 3158 /* Too short, this can't be a valid frame. */ 3159 dev_kfree_skb_any(skb); 3160 return NETDEV_TX_OK; 3161 } 3162 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3163 3164 skb_queue_tail(&wl->tx_queue, skb); 3165 ieee80211_queue_work(wl->hw, &wl->tx_work); 3166 3167 return NETDEV_TX_OK; 3168} 3169 3170static void b43_qos_params_upload(struct b43_wldev *dev, 3171 const struct ieee80211_tx_queue_params *p, 3172 u16 shm_offset) 3173{ 3174 u16 params[B43_NR_QOSPARAMS]; 3175 int bslots, tmp; 3176 unsigned int i; 3177 3178 if (!dev->qos_enabled) 3179 return; 3180 3181 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3182 3183 memset(¶ms, 0, sizeof(params)); 3184 3185 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3186 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3187 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3188 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3189 params[B43_QOSPARAM_AIFS] = p->aifs; 3190 params[B43_QOSPARAM_BSLOTS] = bslots; 3191 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3192 3193 for (i = 0; i < ARRAY_SIZE(params); i++) { 3194 if (i == B43_QOSPARAM_STATUS) { 3195 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3196 shm_offset + (i * 2)); 3197 /* Mark the parameters as updated. */ 3198 tmp |= 0x100; 3199 b43_shm_write16(dev, B43_SHM_SHARED, 3200 shm_offset + (i * 2), 3201 tmp); 3202 } else { 3203 b43_shm_write16(dev, B43_SHM_SHARED, 3204 shm_offset + (i * 2), 3205 params[i]); 3206 } 3207 } 3208} 3209 3210/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3211static const u16 b43_qos_shm_offsets[] = { 3212 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3213 [0] = B43_QOS_VOICE, 3214 [1] = B43_QOS_VIDEO, 3215 [2] = B43_QOS_BESTEFFORT, 3216 [3] = B43_QOS_BACKGROUND, 3217}; 3218 3219/* Update all QOS parameters in hardware. */ 3220static void b43_qos_upload_all(struct b43_wldev *dev) 3221{ 3222 struct b43_wl *wl = dev->wl; 3223 struct b43_qos_params *params; 3224 unsigned int i; 3225 3226 if (!dev->qos_enabled) 3227 return; 3228 3229 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3230 ARRAY_SIZE(wl->qos_params)); 3231 3232 b43_mac_suspend(dev); 3233 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3234 params = &(wl->qos_params[i]); 3235 b43_qos_params_upload(dev, &(params->p), 3236 b43_qos_shm_offsets[i]); 3237 } 3238 b43_mac_enable(dev); 3239} 3240 3241static void b43_qos_clear(struct b43_wl *wl) 3242{ 3243 struct b43_qos_params *params; 3244 unsigned int i; 3245 3246 /* Initialize QoS parameters to sane defaults. */ 3247 3248 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3249 ARRAY_SIZE(wl->qos_params)); 3250 3251 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3252 params = &(wl->qos_params[i]); 3253 3254 switch (b43_qos_shm_offsets[i]) { 3255 case B43_QOS_VOICE: 3256 params->p.txop = 0; 3257 params->p.aifs = 2; 3258 params->p.cw_min = 0x0001; 3259 params->p.cw_max = 0x0001; 3260 break; 3261 case B43_QOS_VIDEO: 3262 params->p.txop = 0; 3263 params->p.aifs = 2; 3264 params->p.cw_min = 0x0001; 3265 params->p.cw_max = 0x0001; 3266 break; 3267 case B43_QOS_BESTEFFORT: 3268 params->p.txop = 0; 3269 params->p.aifs = 3; 3270 params->p.cw_min = 0x0001; 3271 params->p.cw_max = 0x03FF; 3272 break; 3273 case B43_QOS_BACKGROUND: 3274 params->p.txop = 0; 3275 params->p.aifs = 7; 3276 params->p.cw_min = 0x0001; 3277 params->p.cw_max = 0x03FF; 3278 break; 3279 default: 3280 B43_WARN_ON(1); 3281 } 3282 } 3283} 3284 3285/* Initialize the core's QOS capabilities */ 3286static void b43_qos_init(struct b43_wldev *dev) 3287{ 3288 if (!dev->qos_enabled) { 3289 /* Disable QOS support. */ 3290 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3291 b43_write16(dev, B43_MMIO_IFSCTL, 3292 b43_read16(dev, B43_MMIO_IFSCTL) 3293 & ~B43_MMIO_IFSCTL_USE_EDCF); 3294 b43dbg(dev->wl, "QoS disabled\n"); 3295 return; 3296 } 3297 3298 /* Upload the current QOS parameters. */ 3299 b43_qos_upload_all(dev); 3300 3301 /* Enable QOS support. */ 3302 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3303 b43_write16(dev, B43_MMIO_IFSCTL, 3304 b43_read16(dev, B43_MMIO_IFSCTL) 3305 | B43_MMIO_IFSCTL_USE_EDCF); 3306 b43dbg(dev->wl, "QoS enabled\n"); 3307} 3308 3309static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3310 const struct ieee80211_tx_queue_params *params) 3311{ 3312 struct b43_wl *wl = hw_to_b43_wl(hw); 3313 struct b43_wldev *dev; 3314 unsigned int queue = (unsigned int)_queue; 3315 int err = -ENODEV; 3316 3317 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3318 /* Queue not available or don't support setting 3319 * params on this queue. Return success to not 3320 * confuse mac80211. */ 3321 return 0; 3322 } 3323 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3324 ARRAY_SIZE(wl->qos_params)); 3325 3326 mutex_lock(&wl->mutex); 3327 dev = wl->current_dev; 3328 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3329 goto out_unlock; 3330 3331 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3332 b43_mac_suspend(dev); 3333 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3334 b43_qos_shm_offsets[queue]); 3335 b43_mac_enable(dev); 3336 err = 0; 3337 3338out_unlock: 3339 mutex_unlock(&wl->mutex); 3340 3341 return err; 3342} 3343 3344static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3345 struct ieee80211_tx_queue_stats *stats) 3346{ 3347 struct b43_wl *wl = hw_to_b43_wl(hw); 3348 struct b43_wldev *dev; 3349 int err = -ENODEV; 3350 3351 mutex_lock(&wl->mutex); 3352 dev = wl->current_dev; 3353 if (dev && b43_status(dev) >= B43_STAT_STARTED) { 3354 if (b43_using_pio_transfers(dev)) 3355 b43_pio_get_tx_stats(dev, stats); 3356 else 3357 b43_dma_get_tx_stats(dev, stats); 3358 err = 0; 3359 } 3360 mutex_unlock(&wl->mutex); 3361 3362 return err; 3363} 3364 3365static int b43_op_get_stats(struct ieee80211_hw *hw, 3366 struct ieee80211_low_level_stats *stats) 3367{ 3368 struct b43_wl *wl = hw_to_b43_wl(hw); 3369 3370 mutex_lock(&wl->mutex); 3371 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3372 mutex_unlock(&wl->mutex); 3373 3374 return 0; 3375} 3376 3377static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3378{ 3379 struct b43_wl *wl = hw_to_b43_wl(hw); 3380 struct b43_wldev *dev; 3381 u64 tsf; 3382 3383 mutex_lock(&wl->mutex); 3384 dev = wl->current_dev; 3385 3386 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3387 b43_tsf_read(dev, &tsf); 3388 else 3389 tsf = 0; 3390 3391 mutex_unlock(&wl->mutex); 3392 3393 return tsf; 3394} 3395 3396static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3397{ 3398 struct b43_wl *wl = hw_to_b43_wl(hw); 3399 struct b43_wldev *dev; 3400 3401 mutex_lock(&wl->mutex); 3402 dev = wl->current_dev; 3403 3404 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3405 b43_tsf_write(dev, tsf); 3406 3407 mutex_unlock(&wl->mutex); 3408} 3409 3410static void b43_put_phy_into_reset(struct b43_wldev *dev) 3411{ 3412 struct ssb_device *sdev = dev->dev; 3413 u32 tmslow; 3414 3415 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3416 tmslow &= ~B43_TMSLOW_GMODE; 3417 tmslow |= B43_TMSLOW_PHYRESET; 3418 tmslow |= SSB_TMSLOW_FGC; 3419 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3420 msleep(1); 3421 3422 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3423 tmslow &= ~SSB_TMSLOW_FGC; 3424 tmslow |= B43_TMSLOW_PHYRESET; 3425 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3426 msleep(1); 3427} 3428 3429static const char *band_to_string(enum ieee80211_band band) 3430{ 3431 switch (band) { 3432 case IEEE80211_BAND_5GHZ: 3433 return "5"; 3434 case IEEE80211_BAND_2GHZ: 3435 return "2.4"; 3436 default: 3437 break; 3438 } 3439 B43_WARN_ON(1); 3440 return ""; 3441} 3442 3443/* Expects wl->mutex locked */ 3444static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3445{ 3446 struct b43_wldev *up_dev = NULL; 3447 struct b43_wldev *down_dev; 3448 struct b43_wldev *d; 3449 int err; 3450 bool uninitialized_var(gmode); 3451 int prev_status; 3452 3453 /* Find a device and PHY which supports the band. */ 3454 list_for_each_entry(d, &wl->devlist, list) { 3455 switch (chan->band) { 3456 case IEEE80211_BAND_5GHZ: 3457 if (d->phy.supports_5ghz) { 3458 up_dev = d; 3459 gmode = 0; 3460 } 3461 break; 3462 case IEEE80211_BAND_2GHZ: 3463 if (d->phy.supports_2ghz) { 3464 up_dev = d; 3465 gmode = 1; 3466 } 3467 break; 3468 default: 3469 B43_WARN_ON(1); 3470 return -EINVAL; 3471 } 3472 if (up_dev) 3473 break; 3474 } 3475 if (!up_dev) { 3476 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3477 band_to_string(chan->band)); 3478 return -ENODEV; 3479 } 3480 if ((up_dev == wl->current_dev) && 3481 (!!wl->current_dev->phy.gmode == !!gmode)) { 3482 /* This device is already running. */ 3483 return 0; 3484 } 3485 b43dbg(wl, "Switching to %s-GHz band\n", 3486 band_to_string(chan->band)); 3487 down_dev = wl->current_dev; 3488 3489 prev_status = b43_status(down_dev); 3490 /* Shutdown the currently running core. */ 3491 if (prev_status >= B43_STAT_STARTED) 3492 down_dev = b43_wireless_core_stop(down_dev); 3493 if (prev_status >= B43_STAT_INITIALIZED) 3494 b43_wireless_core_exit(down_dev); 3495 3496 if (down_dev != up_dev) { 3497 /* We switch to a different core, so we put PHY into 3498 * RESET on the old core. */ 3499 b43_put_phy_into_reset(down_dev); 3500 } 3501 3502 /* Now start the new core. */ 3503 up_dev->phy.gmode = gmode; 3504 if (prev_status >= B43_STAT_INITIALIZED) { 3505 err = b43_wireless_core_init(up_dev); 3506 if (err) { 3507 b43err(wl, "Fatal: Could not initialize device for " 3508 "selected %s-GHz band\n", 3509 band_to_string(chan->band)); 3510 goto init_failure; 3511 } 3512 } 3513 if (prev_status >= B43_STAT_STARTED) { 3514 err = b43_wireless_core_start(up_dev); 3515 if (err) { 3516 b43err(wl, "Fatal: Coult not start device for " 3517 "selected %s-GHz band\n", 3518 band_to_string(chan->band)); 3519 b43_wireless_core_exit(up_dev); 3520 goto init_failure; 3521 } 3522 } 3523 B43_WARN_ON(b43_status(up_dev) != prev_status); 3524 3525 wl->current_dev = up_dev; 3526 3527 return 0; 3528init_failure: 3529 /* Whoops, failed to init the new core. No core is operating now. */ 3530 wl->current_dev = NULL; 3531 return err; 3532} 3533 3534/* Write the short and long frame retry limit values. */ 3535static void b43_set_retry_limits(struct b43_wldev *dev, 3536 unsigned int short_retry, 3537 unsigned int long_retry) 3538{ 3539 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3540 * the chip-internal counter. */ 3541 short_retry = min(short_retry, (unsigned int)0xF); 3542 long_retry = min(long_retry, (unsigned int)0xF); 3543 3544 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3545 short_retry); 3546 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3547 long_retry); 3548} 3549 3550static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3551{ 3552 struct b43_wl *wl = hw_to_b43_wl(hw); 3553 struct b43_wldev *dev; 3554 struct b43_phy *phy; 3555 struct ieee80211_conf *conf = &hw->conf; 3556 int antenna; 3557 int err = 0; 3558 3559 mutex_lock(&wl->mutex); 3560 3561 /* Switch the band (if necessary). This might change the active core. */ 3562 err = b43_switch_band(wl, conf->channel); 3563 if (err) 3564 goto out_unlock_mutex; 3565 dev = wl->current_dev; 3566 phy = &dev->phy; 3567 3568 b43_mac_suspend(dev); 3569 3570 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3571 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3572 conf->long_frame_max_tx_count); 3573 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3574 if (!changed) 3575 goto out_mac_enable; 3576 3577 /* Switch to the requested channel. 3578 * The firmware takes care of races with the TX handler. */ 3579 if (conf->channel->hw_value != phy->channel) 3580 b43_switch_channel(dev, conf->channel->hw_value); 3581 3582 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3583 3584 /* Adjust the desired TX power level. */ 3585 if (conf->power_level != 0) { 3586 if (conf->power_level != phy->desired_txpower) { 3587 phy->desired_txpower = conf->power_level; 3588 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3589 B43_TXPWR_IGNORE_TSSI); 3590 } 3591 } 3592 3593 /* Antennas for RX and management frame TX. */ 3594 antenna = B43_ANTENNA_DEFAULT; 3595 b43_mgmtframe_txantenna(dev, antenna); 3596 antenna = B43_ANTENNA_DEFAULT; 3597 if (phy->ops->set_rx_antenna) 3598 phy->ops->set_rx_antenna(dev, antenna); 3599 3600 if (wl->radio_enabled != phy->radio_on) { 3601 if (wl->radio_enabled) { 3602 b43_software_rfkill(dev, false); 3603 b43info(dev->wl, "Radio turned on by software\n"); 3604 if (!dev->radio_hw_enable) { 3605 b43info(dev->wl, "The hardware RF-kill button " 3606 "still turns the radio physically off. " 3607 "Press the button to turn it on.\n"); 3608 } 3609 } else { 3610 b43_software_rfkill(dev, true); 3611 b43info(dev->wl, "Radio turned off by software\n"); 3612 } 3613 } 3614 3615out_mac_enable: 3616 b43_mac_enable(dev); 3617out_unlock_mutex: 3618 mutex_unlock(&wl->mutex); 3619 3620 return err; 3621} 3622 3623static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3624{ 3625 struct ieee80211_supported_band *sband = 3626 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3627 struct ieee80211_rate *rate; 3628 int i; 3629 u16 basic, direct, offset, basic_offset, rateptr; 3630 3631 for (i = 0; i < sband->n_bitrates; i++) { 3632 rate = &sband->bitrates[i]; 3633 3634 if (b43_is_cck_rate(rate->hw_value)) { 3635 direct = B43_SHM_SH_CCKDIRECT; 3636 basic = B43_SHM_SH_CCKBASIC; 3637 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3638 offset &= 0xF; 3639 } else { 3640 direct = B43_SHM_SH_OFDMDIRECT; 3641 basic = B43_SHM_SH_OFDMBASIC; 3642 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3643 offset &= 0xF; 3644 } 3645 3646 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3647 3648 if (b43_is_cck_rate(rate->hw_value)) { 3649 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3650 basic_offset &= 0xF; 3651 } else { 3652 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3653 basic_offset &= 0xF; 3654 } 3655 3656 /* 3657 * Get the pointer that we need to point to 3658 * from the direct map 3659 */ 3660 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3661 direct + 2 * basic_offset); 3662 /* and write it to the basic map */ 3663 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3664 rateptr); 3665 } 3666} 3667 3668static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3669 struct ieee80211_vif *vif, 3670 struct ieee80211_bss_conf *conf, 3671 u32 changed) 3672{ 3673 struct b43_wl *wl = hw_to_b43_wl(hw); 3674 struct b43_wldev *dev; 3675 3676 mutex_lock(&wl->mutex); 3677 3678 dev = wl->current_dev; 3679 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3680 goto out_unlock_mutex; 3681 3682 B43_WARN_ON(wl->vif != vif); 3683 3684 if (changed & BSS_CHANGED_BSSID) { 3685 if (conf->bssid) 3686 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3687 else 3688 memset(wl->bssid, 0, ETH_ALEN); 3689 } 3690 3691 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3692 if (changed & BSS_CHANGED_BEACON && 3693 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3694 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3695 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3696 b43_update_templates(wl); 3697 3698 if (changed & BSS_CHANGED_BSSID) 3699 b43_write_mac_bssid_templates(dev); 3700 } 3701 3702 b43_mac_suspend(dev); 3703 3704 /* Update templates for AP/mesh mode. */ 3705 if (changed & BSS_CHANGED_BEACON_INT && 3706 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3707 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3708 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3709 b43_set_beacon_int(dev, conf->beacon_int); 3710 3711 if (changed & BSS_CHANGED_BASIC_RATES) 3712 b43_update_basic_rates(dev, conf->basic_rates); 3713 3714 if (changed & BSS_CHANGED_ERP_SLOT) { 3715 if (conf->use_short_slot) 3716 b43_short_slot_timing_enable(dev); 3717 else 3718 b43_short_slot_timing_disable(dev); 3719 } 3720 3721 b43_mac_enable(dev); 3722out_unlock_mutex: 3723 mutex_unlock(&wl->mutex); 3724} 3725 3726static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3727 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3728 struct ieee80211_key_conf *key) 3729{ 3730 struct b43_wl *wl = hw_to_b43_wl(hw); 3731 struct b43_wldev *dev; 3732 u8 algorithm; 3733 u8 index; 3734 int err; 3735 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3736 3737 if (modparam_nohwcrypt) 3738 return -ENOSPC; /* User disabled HW-crypto */ 3739 3740 mutex_lock(&wl->mutex); 3741 3742 dev = wl->current_dev; 3743 err = -ENODEV; 3744 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3745 goto out_unlock; 3746 3747 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3748 /* We don't have firmware for the crypto engine. 3749 * Must use software-crypto. */ 3750 err = -EOPNOTSUPP; 3751 goto out_unlock; 3752 } 3753 3754 err = -EINVAL; 3755 switch (key->alg) { 3756 case ALG_WEP: 3757 if (key->keylen == WLAN_KEY_LEN_WEP40) 3758 algorithm = B43_SEC_ALGO_WEP40; 3759 else 3760 algorithm = B43_SEC_ALGO_WEP104; 3761 break; 3762 case ALG_TKIP: 3763 algorithm = B43_SEC_ALGO_TKIP; 3764 break; 3765 case ALG_CCMP: 3766 algorithm = B43_SEC_ALGO_AES; 3767 break; 3768 default: 3769 B43_WARN_ON(1); 3770 goto out_unlock; 3771 } 3772 index = (u8) (key->keyidx); 3773 if (index > 3) 3774 goto out_unlock; 3775 3776 switch (cmd) { 3777 case SET_KEY: 3778 if (algorithm == B43_SEC_ALGO_TKIP && 3779 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3780 !modparam_hwtkip)) { 3781 /* We support only pairwise key */ 3782 err = -EOPNOTSUPP; 3783 goto out_unlock; 3784 } 3785 3786 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3787 if (WARN_ON(!sta)) { 3788 err = -EOPNOTSUPP; 3789 goto out_unlock; 3790 } 3791 /* Pairwise key with an assigned MAC address. */ 3792 err = b43_key_write(dev, -1, algorithm, 3793 key->key, key->keylen, 3794 sta->addr, key); 3795 } else { 3796 /* Group key */ 3797 err = b43_key_write(dev, index, algorithm, 3798 key->key, key->keylen, NULL, key); 3799 } 3800 if (err) 3801 goto out_unlock; 3802 3803 if (algorithm == B43_SEC_ALGO_WEP40 || 3804 algorithm == B43_SEC_ALGO_WEP104) { 3805 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3806 } else { 3807 b43_hf_write(dev, 3808 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3809 } 3810 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3811 if (algorithm == B43_SEC_ALGO_TKIP) 3812 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3813 break; 3814 case DISABLE_KEY: { 3815 err = b43_key_clear(dev, key->hw_key_idx); 3816 if (err) 3817 goto out_unlock; 3818 break; 3819 } 3820 default: 3821 B43_WARN_ON(1); 3822 } 3823 3824out_unlock: 3825 if (!err) { 3826 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3827 "mac: %pM\n", 3828 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3829 sta ? sta->addr : bcast_addr); 3830 b43_dump_keymemory(dev); 3831 } 3832 mutex_unlock(&wl->mutex); 3833 3834 return err; 3835} 3836 3837static void b43_op_configure_filter(struct ieee80211_hw *hw, 3838 unsigned int changed, unsigned int *fflags, 3839 u64 multicast) 3840{ 3841 struct b43_wl *wl = hw_to_b43_wl(hw); 3842 struct b43_wldev *dev; 3843 3844 mutex_lock(&wl->mutex); 3845 dev = wl->current_dev; 3846 if (!dev) { 3847 *fflags = 0; 3848 goto out_unlock; 3849 } 3850 3851 *fflags &= FIF_PROMISC_IN_BSS | 3852 FIF_ALLMULTI | 3853 FIF_FCSFAIL | 3854 FIF_PLCPFAIL | 3855 FIF_CONTROL | 3856 FIF_OTHER_BSS | 3857 FIF_BCN_PRBRESP_PROMISC; 3858 3859 changed &= FIF_PROMISC_IN_BSS | 3860 FIF_ALLMULTI | 3861 FIF_FCSFAIL | 3862 FIF_PLCPFAIL | 3863 FIF_CONTROL | 3864 FIF_OTHER_BSS | 3865 FIF_BCN_PRBRESP_PROMISC; 3866 3867 wl->filter_flags = *fflags; 3868 3869 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3870 b43_adjust_opmode(dev); 3871 3872out_unlock: 3873 mutex_unlock(&wl->mutex); 3874} 3875 3876/* Locking: wl->mutex 3877 * Returns the current dev. This might be different from the passed in dev, 3878 * because the core might be gone away while we unlocked the mutex. */ 3879static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3880{ 3881 struct b43_wl *wl = dev->wl; 3882 struct b43_wldev *orig_dev; 3883 u32 mask; 3884 3885redo: 3886 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3887 return dev; 3888 3889 /* Cancel work. Unlock to avoid deadlocks. */ 3890 mutex_unlock(&wl->mutex); 3891 cancel_delayed_work_sync(&dev->periodic_work); 3892 cancel_work_sync(&wl->tx_work); 3893 mutex_lock(&wl->mutex); 3894 dev = wl->current_dev; 3895 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3896 /* Whoops, aliens ate up the device while we were unlocked. */ 3897 return dev; 3898 } 3899 3900 /* Disable interrupts on the device. */ 3901 b43_set_status(dev, B43_STAT_INITIALIZED); 3902 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3903 /* wl->mutex is locked. That is enough. */ 3904 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3905 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3906 } else { 3907 spin_lock_irq(&wl->hardirq_lock); 3908 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3909 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3910 spin_unlock_irq(&wl->hardirq_lock); 3911 } 3912 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3913 orig_dev = dev; 3914 mutex_unlock(&wl->mutex); 3915 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3916 b43_sdio_free_irq(dev); 3917 } else { 3918 synchronize_irq(dev->dev->irq); 3919 free_irq(dev->dev->irq, dev); 3920 } 3921 mutex_lock(&wl->mutex); 3922 dev = wl->current_dev; 3923 if (!dev) 3924 return dev; 3925 if (dev != orig_dev) { 3926 if (b43_status(dev) >= B43_STAT_STARTED) 3927 goto redo; 3928 return dev; 3929 } 3930 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 3931 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 3932 3933 /* Drain the TX queue */ 3934 while (skb_queue_len(&wl->tx_queue)) 3935 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 3936 3937 b43_mac_suspend(dev); 3938 b43_leds_exit(dev); 3939 b43dbg(wl, "Wireless interface stopped\n"); 3940 3941 return dev; 3942} 3943 3944/* Locking: wl->mutex */ 3945static int b43_wireless_core_start(struct b43_wldev *dev) 3946{ 3947 int err; 3948 3949 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3950 3951 drain_txstatus_queue(dev); 3952 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3953 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 3954 if (err) { 3955 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 3956 goto out; 3957 } 3958 } else { 3959 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 3960 b43_interrupt_thread_handler, 3961 IRQF_SHARED, KBUILD_MODNAME, dev); 3962 if (err) { 3963 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3964 goto out; 3965 } 3966 } 3967 3968 /* We are ready to run. */ 3969 b43_set_status(dev, B43_STAT_STARTED); 3970 3971 /* Start data flow (TX/RX). */ 3972 b43_mac_enable(dev); 3973 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 3974 3975 /* Start maintainance work */ 3976 b43_periodic_tasks_setup(dev); 3977 3978 b43_leds_init(dev); 3979 3980 b43dbg(dev->wl, "Wireless interface started\n"); 3981out: 3982 return err; 3983} 3984 3985/* Get PHY and RADIO versioning numbers */ 3986static int b43_phy_versioning(struct b43_wldev *dev) 3987{ 3988 struct b43_phy *phy = &dev->phy; 3989 u32 tmp; 3990 u8 analog_type; 3991 u8 phy_type; 3992 u8 phy_rev; 3993 u16 radio_manuf; 3994 u16 radio_ver; 3995 u16 radio_rev; 3996 int unsupported = 0; 3997 3998 /* Get PHY versioning */ 3999 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 4000 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 4001 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 4002 phy_rev = (tmp & B43_PHYVER_VERSION); 4003 switch (phy_type) { 4004 case B43_PHYTYPE_A: 4005 if (phy_rev >= 4) 4006 unsupported = 1; 4007 break; 4008 case B43_PHYTYPE_B: 4009 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4010 && phy_rev != 7) 4011 unsupported = 1; 4012 break; 4013 case B43_PHYTYPE_G: 4014 if (phy_rev > 9) 4015 unsupported = 1; 4016 break; 4017#ifdef CONFIG_B43_NPHY 4018 case B43_PHYTYPE_N: 4019 if (phy_rev > 4) 4020 unsupported = 1; 4021 break; 4022#endif 4023#ifdef CONFIG_B43_PHY_LP 4024 case B43_PHYTYPE_LP: 4025 if (phy_rev > 2) 4026 unsupported = 1; 4027 break; 4028#endif 4029 default: 4030 unsupported = 1; 4031 }; 4032 if (unsupported) { 4033 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4034 "(Analog %u, Type %u, Revision %u)\n", 4035 analog_type, phy_type, phy_rev); 4036 return -EOPNOTSUPP; 4037 } 4038 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4039 analog_type, phy_type, phy_rev); 4040 4041 /* Get RADIO versioning */ 4042 if (dev->dev->bus->chip_id == 0x4317) { 4043 if (dev->dev->bus->chip_rev == 0) 4044 tmp = 0x3205017F; 4045 else if (dev->dev->bus->chip_rev == 1) 4046 tmp = 0x4205017F; 4047 else 4048 tmp = 0x5205017F; 4049 } else { 4050 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4051 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4052 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4053 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4054 } 4055 radio_manuf = (tmp & 0x00000FFF); 4056 radio_ver = (tmp & 0x0FFFF000) >> 12; 4057 radio_rev = (tmp & 0xF0000000) >> 28; 4058 if (radio_manuf != 0x17F /* Broadcom */) 4059 unsupported = 1; 4060 switch (phy_type) { 4061 case B43_PHYTYPE_A: 4062 if (radio_ver != 0x2060) 4063 unsupported = 1; 4064 if (radio_rev != 1) 4065 unsupported = 1; 4066 if (radio_manuf != 0x17F) 4067 unsupported = 1; 4068 break; 4069 case B43_PHYTYPE_B: 4070 if ((radio_ver & 0xFFF0) != 0x2050) 4071 unsupported = 1; 4072 break; 4073 case B43_PHYTYPE_G: 4074 if (radio_ver != 0x2050) 4075 unsupported = 1; 4076 break; 4077 case B43_PHYTYPE_N: 4078 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4079 unsupported = 1; 4080 break; 4081 case B43_PHYTYPE_LP: 4082 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4083 unsupported = 1; 4084 break; 4085 default: 4086 B43_WARN_ON(1); 4087 } 4088 if (unsupported) { 4089 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4090 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4091 radio_manuf, radio_ver, radio_rev); 4092 return -EOPNOTSUPP; 4093 } 4094 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4095 radio_manuf, radio_ver, radio_rev); 4096 4097 phy->radio_manuf = radio_manuf; 4098 phy->radio_ver = radio_ver; 4099 phy->radio_rev = radio_rev; 4100 4101 phy->analog = analog_type; 4102 phy->type = phy_type; 4103 phy->rev = phy_rev; 4104 4105 return 0; 4106} 4107 4108static void setup_struct_phy_for_init(struct b43_wldev *dev, 4109 struct b43_phy *phy) 4110{ 4111 phy->hardware_power_control = !!modparam_hwpctl; 4112 phy->next_txpwr_check_time = jiffies; 4113 /* PHY TX errors counter. */ 4114 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4115 4116#if B43_DEBUG 4117 phy->phy_locked = 0; 4118 phy->radio_locked = 0; 4119#endif 4120} 4121 4122static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4123{ 4124 dev->dfq_valid = 0; 4125 4126 /* Assume the radio is enabled. If it's not enabled, the state will 4127 * immediately get fixed on the first periodic work run. */ 4128 dev->radio_hw_enable = 1; 4129 4130 /* Stats */ 4131 memset(&dev->stats, 0, sizeof(dev->stats)); 4132 4133 setup_struct_phy_for_init(dev, &dev->phy); 4134 4135 /* IRQ related flags */ 4136 dev->irq_reason = 0; 4137 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4138 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4139 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4140 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4141 4142 dev->mac_suspended = 1; 4143 4144 /* Noise calculation context */ 4145 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4146} 4147 4148static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4149{ 4150 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 4151 u64 hf; 4152 4153 if (!modparam_btcoex) 4154 return; 4155 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4156 return; 4157 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4158 return; 4159 4160 hf = b43_hf_read(dev); 4161 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4162 hf |= B43_HF_BTCOEXALT; 4163 else 4164 hf |= B43_HF_BTCOEX; 4165 b43_hf_write(dev, hf); 4166} 4167 4168static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4169{ 4170 if (!modparam_btcoex) 4171 return; 4172 //TODO 4173} 4174 4175static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4176{ 4177#ifdef CONFIG_SSB_DRIVER_PCICORE 4178 struct ssb_bus *bus = dev->dev->bus; 4179 u32 tmp; 4180 4181 if (bus->pcicore.dev && 4182 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 4183 bus->pcicore.dev->id.revision <= 5) { 4184 /* IMCFGLO timeouts workaround. */ 4185 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 4186 switch (bus->bustype) { 4187 case SSB_BUSTYPE_PCI: 4188 case SSB_BUSTYPE_PCMCIA: 4189 tmp &= ~SSB_IMCFGLO_REQTO; 4190 tmp &= ~SSB_IMCFGLO_SERTO; 4191 tmp |= 0x32; 4192 break; 4193 case SSB_BUSTYPE_SSB: 4194 tmp &= ~SSB_IMCFGLO_REQTO; 4195 tmp &= ~SSB_IMCFGLO_SERTO; 4196 tmp |= 0x53; 4197 break; 4198 default: 4199 break; 4200 } 4201 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 4202 } 4203#endif /* CONFIG_SSB_DRIVER_PCICORE */ 4204} 4205 4206static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4207{ 4208 u16 pu_delay; 4209 4210 /* The time value is in microseconds. */ 4211 if (dev->phy.type == B43_PHYTYPE_A) 4212 pu_delay = 3700; 4213 else 4214 pu_delay = 1050; 4215 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4216 pu_delay = 500; 4217 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4218 pu_delay = max(pu_delay, (u16)2400); 4219 4220 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4221} 4222 4223/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4224static void b43_set_pretbtt(struct b43_wldev *dev) 4225{ 4226 u16 pretbtt; 4227 4228 /* The time value is in microseconds. */ 4229 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4230 pretbtt = 2; 4231 } else { 4232 if (dev->phy.type == B43_PHYTYPE_A) 4233 pretbtt = 120; 4234 else 4235 pretbtt = 250; 4236 } 4237 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4238 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4239} 4240 4241/* Shutdown a wireless core */ 4242/* Locking: wl->mutex */ 4243static void b43_wireless_core_exit(struct b43_wldev *dev) 4244{ 4245 u32 macctl; 4246 4247 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4248 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4249 return; 4250 b43_set_status(dev, B43_STAT_UNINIT); 4251 4252 /* Stop the microcode PSM. */ 4253 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4254 macctl &= ~B43_MACCTL_PSM_RUN; 4255 macctl |= B43_MACCTL_PSM_JMP0; 4256 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4257 4258 b43_dma_free(dev); 4259 b43_pio_free(dev); 4260 b43_chip_exit(dev); 4261 dev->phy.ops->switch_analog(dev, 0); 4262 if (dev->wl->current_beacon) { 4263 dev_kfree_skb_any(dev->wl->current_beacon); 4264 dev->wl->current_beacon = NULL; 4265 } 4266 4267 ssb_device_disable(dev->dev, 0); 4268 ssb_bus_may_powerdown(dev->dev->bus); 4269} 4270 4271/* Initialize a wireless core */ 4272static int b43_wireless_core_init(struct b43_wldev *dev) 4273{ 4274 struct ssb_bus *bus = dev->dev->bus; 4275 struct ssb_sprom *sprom = &bus->sprom; 4276 struct b43_phy *phy = &dev->phy; 4277 int err; 4278 u64 hf; 4279 u32 tmp; 4280 4281 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4282 4283 err = ssb_bus_powerup(bus, 0); 4284 if (err) 4285 goto out; 4286 if (!ssb_device_is_enabled(dev->dev)) { 4287 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 4288 b43_wireless_core_reset(dev, tmp); 4289 } 4290 4291 /* Reset all data structures. */ 4292 setup_struct_wldev_for_init(dev); 4293 phy->ops->prepare_structs(dev); 4294 4295 /* Enable IRQ routing to this device. */ 4296 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 4297 4298 b43_imcfglo_timeouts_workaround(dev); 4299 b43_bluetooth_coext_disable(dev); 4300 if (phy->ops->prepare_hardware) { 4301 err = phy->ops->prepare_hardware(dev); 4302 if (err) 4303 goto err_busdown; 4304 } 4305 err = b43_chip_init(dev); 4306 if (err) 4307 goto err_busdown; 4308 b43_shm_write16(dev, B43_SHM_SHARED, 4309 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 4310 hf = b43_hf_read(dev); 4311 if (phy->type == B43_PHYTYPE_G) { 4312 hf |= B43_HF_SYMW; 4313 if (phy->rev == 1) 4314 hf |= B43_HF_GDCW; 4315 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4316 hf |= B43_HF_OFDMPABOOST; 4317 } 4318 if (phy->radio_ver == 0x2050) { 4319 if (phy->radio_rev == 6) 4320 hf |= B43_HF_4318TSSI; 4321 if (phy->radio_rev < 6) 4322 hf |= B43_HF_VCORECALC; 4323 } 4324 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4325 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4326#ifdef CONFIG_SSB_DRIVER_PCICORE 4327 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4328 (bus->pcicore.dev->id.revision <= 10)) 4329 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4330#endif 4331 hf &= ~B43_HF_SKCFPUP; 4332 b43_hf_write(dev, hf); 4333 4334 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4335 B43_DEFAULT_LONG_RETRY_LIMIT); 4336 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4337 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4338 4339 /* Disable sending probe responses from firmware. 4340 * Setting the MaxTime to one usec will always trigger 4341 * a timeout, so we never send any probe resp. 4342 * A timeout of zero is infinite. */ 4343 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4344 4345 b43_rate_memory_init(dev); 4346 b43_set_phytxctl_defaults(dev); 4347 4348 /* Minimum Contention Window */ 4349 if (phy->type == B43_PHYTYPE_B) { 4350 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4351 } else { 4352 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4353 } 4354 /* Maximum Contention Window */ 4355 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4356 4357 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || 4358 (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) || 4359 modparam_pio) { 4360 dev->__using_pio_transfers = 1; 4361 err = b43_pio_init(dev); 4362 } else { 4363 dev->__using_pio_transfers = 0; 4364 err = b43_dma_init(dev); 4365 } 4366 if (err) 4367 goto err_chip_exit; 4368 b43_qos_init(dev); 4369 b43_set_synth_pu_delay(dev, 1); 4370 b43_bluetooth_coext_enable(dev); 4371 4372 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4373 b43_upload_card_macaddress(dev); 4374 b43_security_init(dev); 4375 4376 ieee80211_wake_queues(dev->wl->hw); 4377 4378 ieee80211_wake_queues(dev->wl->hw); 4379 4380 b43_set_status(dev, B43_STAT_INITIALIZED); 4381 4382out: 4383 return err; 4384 4385err_chip_exit: 4386 b43_chip_exit(dev); 4387err_busdown: 4388 ssb_bus_may_powerdown(bus); 4389 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4390 return err; 4391} 4392 4393static int b43_op_add_interface(struct ieee80211_hw *hw, 4394 struct ieee80211_vif *vif) 4395{ 4396 struct b43_wl *wl = hw_to_b43_wl(hw); 4397 struct b43_wldev *dev; 4398 int err = -EOPNOTSUPP; 4399 4400 /* TODO: allow WDS/AP devices to coexist */ 4401 4402 if (vif->type != NL80211_IFTYPE_AP && 4403 vif->type != NL80211_IFTYPE_MESH_POINT && 4404 vif->type != NL80211_IFTYPE_STATION && 4405 vif->type != NL80211_IFTYPE_WDS && 4406 vif->type != NL80211_IFTYPE_ADHOC) 4407 return -EOPNOTSUPP; 4408 4409 mutex_lock(&wl->mutex); 4410 if (wl->operating) 4411 goto out_mutex_unlock; 4412 4413 b43dbg(wl, "Adding Interface type %d\n", vif->type); 4414 4415 dev = wl->current_dev; 4416 wl->operating = 1; 4417 wl->vif = vif; 4418 wl->if_type = vif->type; 4419 memcpy(wl->mac_addr, vif->addr, ETH_ALEN); 4420 4421 b43_adjust_opmode(dev); 4422 b43_set_pretbtt(dev); 4423 b43_set_synth_pu_delay(dev, 0); 4424 b43_upload_card_macaddress(dev); 4425 4426 err = 0; 4427 out_mutex_unlock: 4428 mutex_unlock(&wl->mutex); 4429 4430 return err; 4431} 4432 4433static void b43_op_remove_interface(struct ieee80211_hw *hw, 4434 struct ieee80211_vif *vif) 4435{ 4436 struct b43_wl *wl = hw_to_b43_wl(hw); 4437 struct b43_wldev *dev = wl->current_dev; 4438 4439 b43dbg(wl, "Removing Interface type %d\n", vif->type); 4440 4441 mutex_lock(&wl->mutex); 4442 4443 B43_WARN_ON(!wl->operating); 4444 B43_WARN_ON(wl->vif != vif); 4445 wl->vif = NULL; 4446 4447 wl->operating = 0; 4448 4449 b43_adjust_opmode(dev); 4450 memset(wl->mac_addr, 0, ETH_ALEN); 4451 b43_upload_card_macaddress(dev); 4452 4453 mutex_unlock(&wl->mutex); 4454} 4455 4456static int b43_op_start(struct ieee80211_hw *hw) 4457{ 4458 struct b43_wl *wl = hw_to_b43_wl(hw); 4459 struct b43_wldev *dev = wl->current_dev; 4460 int did_init = 0; 4461 int err = 0; 4462 4463 /* Kill all old instance specific information to make sure 4464 * the card won't use it in the short timeframe between start 4465 * and mac80211 reconfiguring it. */ 4466 memset(wl->bssid, 0, ETH_ALEN); 4467 memset(wl->mac_addr, 0, ETH_ALEN); 4468 wl->filter_flags = 0; 4469 wl->radiotap_enabled = 0; 4470 b43_qos_clear(wl); 4471 wl->beacon0_uploaded = 0; 4472 wl->beacon1_uploaded = 0; 4473 wl->beacon_templates_virgin = 1; 4474 wl->radio_enabled = 1; 4475 4476 mutex_lock(&wl->mutex); 4477 4478 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4479 err = b43_wireless_core_init(dev); 4480 if (err) 4481 goto out_mutex_unlock; 4482 did_init = 1; 4483 } 4484 4485 if (b43_status(dev) < B43_STAT_STARTED) { 4486 err = b43_wireless_core_start(dev); 4487 if (err) { 4488 if (did_init) 4489 b43_wireless_core_exit(dev); 4490 goto out_mutex_unlock; 4491 } 4492 } 4493 4494 /* XXX: only do if device doesn't support rfkill irq */ 4495 wiphy_rfkill_start_polling(hw->wiphy); 4496 4497 out_mutex_unlock: 4498 mutex_unlock(&wl->mutex); 4499 4500 return err; 4501} 4502 4503static void b43_op_stop(struct ieee80211_hw *hw) 4504{ 4505 struct b43_wl *wl = hw_to_b43_wl(hw); 4506 struct b43_wldev *dev = wl->current_dev; 4507 4508 cancel_work_sync(&(wl->beacon_update_trigger)); 4509 4510 mutex_lock(&wl->mutex); 4511 if (b43_status(dev) >= B43_STAT_STARTED) { 4512 dev = b43_wireless_core_stop(dev); 4513 if (!dev) 4514 goto out_unlock; 4515 } 4516 b43_wireless_core_exit(dev); 4517 wl->radio_enabled = 0; 4518 4519out_unlock: 4520 mutex_unlock(&wl->mutex); 4521 4522 cancel_work_sync(&(wl->txpower_adjust_work)); 4523} 4524 4525static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4526 struct ieee80211_sta *sta, bool set) 4527{ 4528 struct b43_wl *wl = hw_to_b43_wl(hw); 4529 4530 /* FIXME: add locking */ 4531 b43_update_templates(wl); 4532 4533 return 0; 4534} 4535 4536static void b43_op_sta_notify(struct ieee80211_hw *hw, 4537 struct ieee80211_vif *vif, 4538 enum sta_notify_cmd notify_cmd, 4539 struct ieee80211_sta *sta) 4540{ 4541 struct b43_wl *wl = hw_to_b43_wl(hw); 4542 4543 B43_WARN_ON(!vif || wl->vif != vif); 4544} 4545 4546static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4547{ 4548 struct b43_wl *wl = hw_to_b43_wl(hw); 4549 struct b43_wldev *dev; 4550 4551 mutex_lock(&wl->mutex); 4552 dev = wl->current_dev; 4553 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4554 /* Disable CFP update during scan on other channels. */ 4555 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4556 } 4557 mutex_unlock(&wl->mutex); 4558} 4559 4560static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4561{ 4562 struct b43_wl *wl = hw_to_b43_wl(hw); 4563 struct b43_wldev *dev; 4564 4565 mutex_lock(&wl->mutex); 4566 dev = wl->current_dev; 4567 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4568 /* Re-enable CFP update. */ 4569 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4570 } 4571 mutex_unlock(&wl->mutex); 4572} 4573 4574static const struct ieee80211_ops b43_hw_ops = { 4575 .tx = b43_op_tx, 4576 .conf_tx = b43_op_conf_tx, 4577 .add_interface = b43_op_add_interface, 4578 .remove_interface = b43_op_remove_interface, 4579 .config = b43_op_config, 4580 .bss_info_changed = b43_op_bss_info_changed, 4581 .configure_filter = b43_op_configure_filter, 4582 .set_key = b43_op_set_key, 4583 .update_tkip_key = b43_op_update_tkip_key, 4584 .get_stats = b43_op_get_stats, 4585 .get_tx_stats = b43_op_get_tx_stats, 4586 .get_tsf = b43_op_get_tsf, 4587 .set_tsf = b43_op_set_tsf, 4588 .start = b43_op_start, 4589 .stop = b43_op_stop, 4590 .set_tim = b43_op_beacon_set_tim, 4591 .sta_notify = b43_op_sta_notify, 4592 .sw_scan_start = b43_op_sw_scan_start_notifier, 4593 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4594 .rfkill_poll = b43_rfkill_poll, 4595}; 4596 4597/* Hard-reset the chip. Do not call this directly. 4598 * Use b43_controller_restart() 4599 */ 4600static void b43_chip_reset(struct work_struct *work) 4601{ 4602 struct b43_wldev *dev = 4603 container_of(work, struct b43_wldev, restart_work); 4604 struct b43_wl *wl = dev->wl; 4605 int err = 0; 4606 int prev_status; 4607 4608 mutex_lock(&wl->mutex); 4609 4610 prev_status = b43_status(dev); 4611 /* Bring the device down... */ 4612 if (prev_status >= B43_STAT_STARTED) { 4613 dev = b43_wireless_core_stop(dev); 4614 if (!dev) { 4615 err = -ENODEV; 4616 goto out; 4617 } 4618 } 4619 if (prev_status >= B43_STAT_INITIALIZED) 4620 b43_wireless_core_exit(dev); 4621 4622 /* ...and up again. */ 4623 if (prev_status >= B43_STAT_INITIALIZED) { 4624 err = b43_wireless_core_init(dev); 4625 if (err) 4626 goto out; 4627 } 4628 if (prev_status >= B43_STAT_STARTED) { 4629 err = b43_wireless_core_start(dev); 4630 if (err) { 4631 b43_wireless_core_exit(dev); 4632 goto out; 4633 } 4634 } 4635out: 4636 if (err) 4637 wl->current_dev = NULL; /* Failed to init the dev. */ 4638 mutex_unlock(&wl->mutex); 4639 if (err) 4640 b43err(wl, "Controller restart FAILED\n"); 4641 else 4642 b43info(wl, "Controller restarted\n"); 4643} 4644 4645static int b43_setup_bands(struct b43_wldev *dev, 4646 bool have_2ghz_phy, bool have_5ghz_phy) 4647{ 4648 struct ieee80211_hw *hw = dev->wl->hw; 4649 4650 if (have_2ghz_phy) 4651 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4652 if (dev->phy.type == B43_PHYTYPE_N) { 4653 if (have_5ghz_phy) 4654 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4655 } else { 4656 if (have_5ghz_phy) 4657 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4658 } 4659 4660 dev->phy.supports_2ghz = have_2ghz_phy; 4661 dev->phy.supports_5ghz = have_5ghz_phy; 4662 4663 return 0; 4664} 4665 4666static void b43_wireless_core_detach(struct b43_wldev *dev) 4667{ 4668 /* We release firmware that late to not be required to re-request 4669 * is all the time when we reinit the core. */ 4670 b43_release_firmware(dev); 4671 b43_phy_free(dev); 4672} 4673 4674static int b43_wireless_core_attach(struct b43_wldev *dev) 4675{ 4676 struct b43_wl *wl = dev->wl; 4677 struct ssb_bus *bus = dev->dev->bus; 4678 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL; 4679 int err; 4680 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4681 u32 tmp; 4682 4683 /* Do NOT do any device initialization here. 4684 * Do it in wireless_core_init() instead. 4685 * This function is for gathering basic information about the HW, only. 4686 * Also some structs may be set up here. But most likely you want to have 4687 * that in core_init(), too. 4688 */ 4689 4690 err = ssb_bus_powerup(bus, 0); 4691 if (err) { 4692 b43err(wl, "Bus powerup failed\n"); 4693 goto out; 4694 } 4695 /* Get the PHY type. */ 4696 if (dev->dev->id.revision >= 5) { 4697 u32 tmshigh; 4698 4699 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4700 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4701 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4702 } else 4703 B43_WARN_ON(1); 4704 4705 dev->phy.gmode = have_2ghz_phy; 4706 dev->phy.radio_on = 1; 4707 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4708 b43_wireless_core_reset(dev, tmp); 4709 4710 err = b43_phy_versioning(dev); 4711 if (err) 4712 goto err_powerdown; 4713 /* Check if this device supports multiband. */ 4714 if (!pdev || 4715 (pdev->device != 0x4312 && 4716 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4717 /* No multiband support. */ 4718 have_2ghz_phy = 0; 4719 have_5ghz_phy = 0; 4720 switch (dev->phy.type) { 4721 case B43_PHYTYPE_A: 4722 have_5ghz_phy = 1; 4723 break; 4724 case B43_PHYTYPE_LP: //FIXME not always! 4725#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4726 have_5ghz_phy = 1; 4727#endif 4728 case B43_PHYTYPE_G: 4729 case B43_PHYTYPE_N: 4730 have_2ghz_phy = 1; 4731 break; 4732 default: 4733 B43_WARN_ON(1); 4734 } 4735 } 4736 if (dev->phy.type == B43_PHYTYPE_A) { 4737 /* FIXME */ 4738 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4739 err = -EOPNOTSUPP; 4740 goto err_powerdown; 4741 } 4742 if (1 /* disable A-PHY */) { 4743 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4744 if (dev->phy.type != B43_PHYTYPE_N && 4745 dev->phy.type != B43_PHYTYPE_LP) { 4746 have_2ghz_phy = 1; 4747 have_5ghz_phy = 0; 4748 } 4749 } 4750 4751 err = b43_phy_allocate(dev); 4752 if (err) 4753 goto err_powerdown; 4754 4755 dev->phy.gmode = have_2ghz_phy; 4756 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4757 b43_wireless_core_reset(dev, tmp); 4758 4759 err = b43_validate_chipaccess(dev); 4760 if (err) 4761 goto err_phy_free; 4762 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4763 if (err) 4764 goto err_phy_free; 4765 4766 /* Now set some default "current_dev" */ 4767 if (!wl->current_dev) 4768 wl->current_dev = dev; 4769 INIT_WORK(&dev->restart_work, b43_chip_reset); 4770 4771 dev->phy.ops->switch_analog(dev, 0); 4772 ssb_device_disable(dev->dev, 0); 4773 ssb_bus_may_powerdown(bus); 4774 4775out: 4776 return err; 4777 4778err_phy_free: 4779 b43_phy_free(dev); 4780err_powerdown: 4781 ssb_bus_may_powerdown(bus); 4782 return err; 4783} 4784 4785static void b43_one_core_detach(struct ssb_device *dev) 4786{ 4787 struct b43_wldev *wldev; 4788 struct b43_wl *wl; 4789 4790 /* Do not cancel ieee80211-workqueue based work here. 4791 * See comment in b43_remove(). */ 4792 4793 wldev = ssb_get_drvdata(dev); 4794 wl = wldev->wl; 4795 b43_debugfs_remove_device(wldev); 4796 b43_wireless_core_detach(wldev); 4797 list_del(&wldev->list); 4798 wl->nr_devs--; 4799 ssb_set_drvdata(dev, NULL); 4800 kfree(wldev); 4801} 4802 4803static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4804{ 4805 struct b43_wldev *wldev; 4806 struct pci_dev *pdev; 4807 int err = -ENOMEM; 4808 4809 if (!list_empty(&wl->devlist)) { 4810 /* We are not the first core on this chip. */ 4811 pdev = (dev->bus->bustype == SSB_BUSTYPE_PCI) ? dev->bus->host_pci : NULL; 4812 /* Only special chips support more than one wireless 4813 * core, although some of the other chips have more than 4814 * one wireless core as well. Check for this and 4815 * bail out early. 4816 */ 4817 if (!pdev || 4818 ((pdev->device != 0x4321) && 4819 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4820 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4821 return -ENODEV; 4822 } 4823 } 4824 4825 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4826 if (!wldev) 4827 goto out; 4828 4829 wldev->dev = dev; 4830 wldev->wl = wl; 4831 b43_set_status(wldev, B43_STAT_UNINIT); 4832 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4833 INIT_LIST_HEAD(&wldev->list); 4834 4835 err = b43_wireless_core_attach(wldev); 4836 if (err) 4837 goto err_kfree_wldev; 4838 4839 list_add(&wldev->list, &wl->devlist); 4840 wl->nr_devs++; 4841 ssb_set_drvdata(dev, wldev); 4842 b43_debugfs_add_device(wldev); 4843 4844 out: 4845 return err; 4846 4847 err_kfree_wldev: 4848 kfree(wldev); 4849 return err; 4850} 4851 4852#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4853 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4854 (pdev->device == _device) && \ 4855 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4856 (pdev->subsystem_device == _subdevice) ) 4857 4858static void b43_sprom_fixup(struct ssb_bus *bus) 4859{ 4860 struct pci_dev *pdev; 4861 4862 /* boardflags workarounds */ 4863 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4864 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4865 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4866 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4867 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4868 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4869 if (bus->bustype == SSB_BUSTYPE_PCI) { 4870 pdev = bus->host_pci; 4871 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4872 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4873 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4874 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4875 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4876 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4877 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4878 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4879 } 4880} 4881 4882static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4883{ 4884 struct ieee80211_hw *hw = wl->hw; 4885 4886 ssb_set_devtypedata(dev, NULL); 4887 ieee80211_free_hw(hw); 4888} 4889 4890static int b43_wireless_init(struct ssb_device *dev) 4891{ 4892 struct ssb_sprom *sprom = &dev->bus->sprom; 4893 struct ieee80211_hw *hw; 4894 struct b43_wl *wl; 4895 int err = -ENOMEM; 4896 4897 b43_sprom_fixup(dev->bus); 4898 4899 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4900 if (!hw) { 4901 b43err(NULL, "Could not allocate ieee80211 device\n"); 4902 goto out; 4903 } 4904 wl = hw_to_b43_wl(hw); 4905 4906 /* fill hw info */ 4907 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4908 IEEE80211_HW_SIGNAL_DBM | 4909 IEEE80211_HW_NOISE_DBM; 4910 4911 hw->wiphy->interface_modes = 4912 BIT(NL80211_IFTYPE_AP) | 4913 BIT(NL80211_IFTYPE_MESH_POINT) | 4914 BIT(NL80211_IFTYPE_STATION) | 4915 BIT(NL80211_IFTYPE_WDS) | 4916 BIT(NL80211_IFTYPE_ADHOC); 4917 4918 hw->queues = modparam_qos ? 4 : 1; 4919 wl->mac80211_initially_registered_queues = hw->queues; 4920 hw->max_rates = 2; 4921 SET_IEEE80211_DEV(hw, dev->dev); 4922 if (is_valid_ether_addr(sprom->et1mac)) 4923 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4924 else 4925 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4926 4927 /* Initialize struct b43_wl */ 4928 wl->hw = hw; 4929 mutex_init(&wl->mutex); 4930 spin_lock_init(&wl->hardirq_lock); 4931 INIT_LIST_HEAD(&wl->devlist); 4932 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4933 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 4934 INIT_WORK(&wl->tx_work, b43_tx_work); 4935 skb_queue_head_init(&wl->tx_queue); 4936 4937 ssb_set_devtypedata(dev, wl); 4938 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 4939 dev->bus->chip_id, dev->id.revision); 4940 err = 0; 4941out: 4942 return err; 4943} 4944 4945static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4946{ 4947 struct b43_wl *wl; 4948 int err; 4949 int first = 0; 4950 4951 wl = ssb_get_devtypedata(dev); 4952 if (!wl) { 4953 /* Probing the first core. Must setup common struct b43_wl */ 4954 first = 1; 4955 err = b43_wireless_init(dev); 4956 if (err) 4957 goto out; 4958 wl = ssb_get_devtypedata(dev); 4959 B43_WARN_ON(!wl); 4960 } 4961 err = b43_one_core_attach(dev, wl); 4962 if (err) 4963 goto err_wireless_exit; 4964 4965 if (first) { 4966 err = ieee80211_register_hw(wl->hw); 4967 if (err) 4968 goto err_one_core_detach; 4969 b43_leds_register(wl->current_dev); 4970 b43_rng_init(wl); 4971 } 4972 4973 out: 4974 return err; 4975 4976 err_one_core_detach: 4977 b43_one_core_detach(dev); 4978 err_wireless_exit: 4979 if (first) 4980 b43_wireless_exit(dev, wl); 4981 return err; 4982} 4983 4984static void b43_remove(struct ssb_device *dev) 4985{ 4986 struct b43_wl *wl = ssb_get_devtypedata(dev); 4987 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4988 4989 /* We must cancel any work here before unregistering from ieee80211, 4990 * as the ieee80211 unreg will destroy the workqueue. */ 4991 cancel_work_sync(&wldev->restart_work); 4992 4993 B43_WARN_ON(!wl); 4994 if (wl->current_dev == wldev) { 4995 /* Restore the queues count before unregistering, because firmware detect 4996 * might have modified it. Restoring is important, so the networking 4997 * stack can properly free resources. */ 4998 wl->hw->queues = wl->mac80211_initially_registered_queues; 4999 b43_leds_stop(wldev); 5000 ieee80211_unregister_hw(wl->hw); 5001 } 5002 5003 b43_one_core_detach(dev); 5004 5005 if (list_empty(&wl->devlist)) { 5006 b43_rng_exit(wl); 5007 b43_leds_unregister(wl); 5008 /* Last core on the chip unregistered. 5009 * We can destroy common struct b43_wl. 5010 */ 5011 b43_wireless_exit(dev, wl); 5012 } 5013} 5014 5015/* Perform a hardware reset. This can be called from any context. */ 5016void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5017{ 5018 /* Must avoid requeueing, if we are in shutdown. */ 5019 if (b43_status(dev) < B43_STAT_INITIALIZED) 5020 return; 5021 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5022 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5023} 5024 5025static struct ssb_driver b43_ssb_driver = { 5026 .name = KBUILD_MODNAME, 5027 .id_table = b43_ssb_tbl, 5028 .probe = b43_probe, 5029 .remove = b43_remove, 5030}; 5031 5032static void b43_print_driverinfo(void) 5033{ 5034 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5035 *feat_leds = "", *feat_sdio = ""; 5036 5037#ifdef CONFIG_B43_PCI_AUTOSELECT 5038 feat_pci = "P"; 5039#endif 5040#ifdef CONFIG_B43_PCMCIA 5041 feat_pcmcia = "M"; 5042#endif 5043#ifdef CONFIG_B43_NPHY 5044 feat_nphy = "N"; 5045#endif 5046#ifdef CONFIG_B43_LEDS 5047 feat_leds = "L"; 5048#endif 5049#ifdef CONFIG_B43_SDIO 5050 feat_sdio = "S"; 5051#endif 5052 printk(KERN_INFO "Broadcom 43xx driver loaded " 5053 "[ Features: %s%s%s%s%s, Firmware-ID: " 5054 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5055 feat_pci, feat_pcmcia, feat_nphy, 5056 feat_leds, feat_sdio); 5057} 5058 5059static int __init b43_init(void) 5060{ 5061 int err; 5062 5063 b43_debugfs_init(); 5064 err = b43_pcmcia_init(); 5065 if (err) 5066 goto err_dfs_exit; 5067 err = b43_sdio_init(); 5068 if (err) 5069 goto err_pcmcia_exit; 5070 err = ssb_driver_register(&b43_ssb_driver); 5071 if (err) 5072 goto err_sdio_exit; 5073 b43_print_driverinfo(); 5074 5075 return err; 5076 5077err_sdio_exit: 5078 b43_sdio_exit(); 5079err_pcmcia_exit: 5080 b43_pcmcia_exit(); 5081err_dfs_exit: 5082 b43_debugfs_exit(); 5083 return err; 5084} 5085 5086static void __exit b43_exit(void) 5087{ 5088 ssb_driver_unregister(&b43_ssb_driver); 5089 b43_sdio_exit(); 5090 b43_pcmcia_exit(); 5091 b43_debugfs_exit(); 5092} 5093 5094module_init(b43_init) 5095module_exit(b43_exit) 5096