main.c revision 501706565b2d4d2d40d0d301d5411ede099b8a6f
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <asm/unaligned.h> 46 47#include "b43.h" 48#include "main.h" 49#include "debugfs.h" 50#include "phy_common.h" 51#include "phy_g.h" 52#include "phy_n.h" 53#include "dma.h" 54#include "pio.h" 55#include "sysfs.h" 56#include "xmit.h" 57#include "lo.h" 58#include "pcmcia.h" 59#include "sdio.h" 60#include <linux/mmc/sdio_func.h> 61 62MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 63MODULE_AUTHOR("Martin Langer"); 64MODULE_AUTHOR("Stefano Brivio"); 65MODULE_AUTHOR("Michael Buesch"); 66MODULE_AUTHOR("Gábor Stefanik"); 67MODULE_LICENSE("GPL"); 68 69MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 70 71 72static int modparam_bad_frames_preempt; 73module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 74MODULE_PARM_DESC(bad_frames_preempt, 75 "enable(1) / disable(0) Bad Frames Preemption"); 76 77static char modparam_fwpostfix[16]; 78module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 79MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 80 81static int modparam_hwpctl; 82module_param_named(hwpctl, modparam_hwpctl, int, 0444); 83MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 84 85static int modparam_nohwcrypt; 86module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 87MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 88 89static int modparam_hwtkip; 90module_param_named(hwtkip, modparam_hwtkip, int, 0444); 91MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 92 93static int modparam_qos = 1; 94module_param_named(qos, modparam_qos, int, 0444); 95MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 96 97static int modparam_btcoex = 1; 98module_param_named(btcoex, modparam_btcoex, int, 0444); 99MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 100 101int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 102module_param_named(verbose, b43_modparam_verbose, int, 0644); 103MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 104 105 106static const struct ssb_device_id b43_ssb_tbl[] = { 107 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 108 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 109 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 110 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 111 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 112 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 113 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 114 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 115 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 116 SSB_DEVTABLE_END 117}; 118 119MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 120 121/* Channel and ratetables are shared for all devices. 122 * They can't be const, because ieee80211 puts some precalculated 123 * data in there. This data is the same for all devices, so we don't 124 * get concurrency issues */ 125#define RATETAB_ENT(_rateid, _flags) \ 126 { \ 127 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 128 .hw_value = (_rateid), \ 129 .flags = (_flags), \ 130 } 131 132/* 133 * NOTE: When changing this, sync with xmit.c's 134 * b43_plcp_get_bitrate_idx_* functions! 135 */ 136static struct ieee80211_rate __b43_ratetable[] = { 137 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 138 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 139 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 140 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 141 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 142 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 143 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 144 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 145 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 146 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 147 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 148 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 149}; 150 151#define b43_a_ratetable (__b43_ratetable + 4) 152#define b43_a_ratetable_size 8 153#define b43_b_ratetable (__b43_ratetable + 0) 154#define b43_b_ratetable_size 4 155#define b43_g_ratetable (__b43_ratetable + 0) 156#define b43_g_ratetable_size 12 157 158#define CHAN4G(_channel, _freq, _flags) { \ 159 .band = IEEE80211_BAND_2GHZ, \ 160 .center_freq = (_freq), \ 161 .hw_value = (_channel), \ 162 .flags = (_flags), \ 163 .max_antenna_gain = 0, \ 164 .max_power = 30, \ 165} 166static struct ieee80211_channel b43_2ghz_chantable[] = { 167 CHAN4G(1, 2412, 0), 168 CHAN4G(2, 2417, 0), 169 CHAN4G(3, 2422, 0), 170 CHAN4G(4, 2427, 0), 171 CHAN4G(5, 2432, 0), 172 CHAN4G(6, 2437, 0), 173 CHAN4G(7, 2442, 0), 174 CHAN4G(8, 2447, 0), 175 CHAN4G(9, 2452, 0), 176 CHAN4G(10, 2457, 0), 177 CHAN4G(11, 2462, 0), 178 CHAN4G(12, 2467, 0), 179 CHAN4G(13, 2472, 0), 180 CHAN4G(14, 2484, 0), 181}; 182#undef CHAN4G 183 184#define CHAN5G(_channel, _flags) { \ 185 .band = IEEE80211_BAND_5GHZ, \ 186 .center_freq = 5000 + (5 * (_channel)), \ 187 .hw_value = (_channel), \ 188 .flags = (_flags), \ 189 .max_antenna_gain = 0, \ 190 .max_power = 30, \ 191} 192static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 193 CHAN5G(32, 0), CHAN5G(34, 0), 194 CHAN5G(36, 0), CHAN5G(38, 0), 195 CHAN5G(40, 0), CHAN5G(42, 0), 196 CHAN5G(44, 0), CHAN5G(46, 0), 197 CHAN5G(48, 0), CHAN5G(50, 0), 198 CHAN5G(52, 0), CHAN5G(54, 0), 199 CHAN5G(56, 0), CHAN5G(58, 0), 200 CHAN5G(60, 0), CHAN5G(62, 0), 201 CHAN5G(64, 0), CHAN5G(66, 0), 202 CHAN5G(68, 0), CHAN5G(70, 0), 203 CHAN5G(72, 0), CHAN5G(74, 0), 204 CHAN5G(76, 0), CHAN5G(78, 0), 205 CHAN5G(80, 0), CHAN5G(82, 0), 206 CHAN5G(84, 0), CHAN5G(86, 0), 207 CHAN5G(88, 0), CHAN5G(90, 0), 208 CHAN5G(92, 0), CHAN5G(94, 0), 209 CHAN5G(96, 0), CHAN5G(98, 0), 210 CHAN5G(100, 0), CHAN5G(102, 0), 211 CHAN5G(104, 0), CHAN5G(106, 0), 212 CHAN5G(108, 0), CHAN5G(110, 0), 213 CHAN5G(112, 0), CHAN5G(114, 0), 214 CHAN5G(116, 0), CHAN5G(118, 0), 215 CHAN5G(120, 0), CHAN5G(122, 0), 216 CHAN5G(124, 0), CHAN5G(126, 0), 217 CHAN5G(128, 0), CHAN5G(130, 0), 218 CHAN5G(132, 0), CHAN5G(134, 0), 219 CHAN5G(136, 0), CHAN5G(138, 0), 220 CHAN5G(140, 0), CHAN5G(142, 0), 221 CHAN5G(144, 0), CHAN5G(145, 0), 222 CHAN5G(146, 0), CHAN5G(147, 0), 223 CHAN5G(148, 0), CHAN5G(149, 0), 224 CHAN5G(150, 0), CHAN5G(151, 0), 225 CHAN5G(152, 0), CHAN5G(153, 0), 226 CHAN5G(154, 0), CHAN5G(155, 0), 227 CHAN5G(156, 0), CHAN5G(157, 0), 228 CHAN5G(158, 0), CHAN5G(159, 0), 229 CHAN5G(160, 0), CHAN5G(161, 0), 230 CHAN5G(162, 0), CHAN5G(163, 0), 231 CHAN5G(164, 0), CHAN5G(165, 0), 232 CHAN5G(166, 0), CHAN5G(168, 0), 233 CHAN5G(170, 0), CHAN5G(172, 0), 234 CHAN5G(174, 0), CHAN5G(176, 0), 235 CHAN5G(178, 0), CHAN5G(180, 0), 236 CHAN5G(182, 0), CHAN5G(184, 0), 237 CHAN5G(186, 0), CHAN5G(188, 0), 238 CHAN5G(190, 0), CHAN5G(192, 0), 239 CHAN5G(194, 0), CHAN5G(196, 0), 240 CHAN5G(198, 0), CHAN5G(200, 0), 241 CHAN5G(202, 0), CHAN5G(204, 0), 242 CHAN5G(206, 0), CHAN5G(208, 0), 243 CHAN5G(210, 0), CHAN5G(212, 0), 244 CHAN5G(214, 0), CHAN5G(216, 0), 245 CHAN5G(218, 0), CHAN5G(220, 0), 246 CHAN5G(222, 0), CHAN5G(224, 0), 247 CHAN5G(226, 0), CHAN5G(228, 0), 248}; 249 250static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 251 CHAN5G(34, 0), CHAN5G(36, 0), 252 CHAN5G(38, 0), CHAN5G(40, 0), 253 CHAN5G(42, 0), CHAN5G(44, 0), 254 CHAN5G(46, 0), CHAN5G(48, 0), 255 CHAN5G(52, 0), CHAN5G(56, 0), 256 CHAN5G(60, 0), CHAN5G(64, 0), 257 CHAN5G(100, 0), CHAN5G(104, 0), 258 CHAN5G(108, 0), CHAN5G(112, 0), 259 CHAN5G(116, 0), CHAN5G(120, 0), 260 CHAN5G(124, 0), CHAN5G(128, 0), 261 CHAN5G(132, 0), CHAN5G(136, 0), 262 CHAN5G(140, 0), CHAN5G(149, 0), 263 CHAN5G(153, 0), CHAN5G(157, 0), 264 CHAN5G(161, 0), CHAN5G(165, 0), 265 CHAN5G(184, 0), CHAN5G(188, 0), 266 CHAN5G(192, 0), CHAN5G(196, 0), 267 CHAN5G(200, 0), CHAN5G(204, 0), 268 CHAN5G(208, 0), CHAN5G(212, 0), 269 CHAN5G(216, 0), 270}; 271#undef CHAN5G 272 273static struct ieee80211_supported_band b43_band_5GHz_nphy = { 274 .band = IEEE80211_BAND_5GHZ, 275 .channels = b43_5ghz_nphy_chantable, 276 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 277 .bitrates = b43_a_ratetable, 278 .n_bitrates = b43_a_ratetable_size, 279}; 280 281static struct ieee80211_supported_band b43_band_5GHz_aphy = { 282 .band = IEEE80211_BAND_5GHZ, 283 .channels = b43_5ghz_aphy_chantable, 284 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 285 .bitrates = b43_a_ratetable, 286 .n_bitrates = b43_a_ratetable_size, 287}; 288 289static struct ieee80211_supported_band b43_band_2GHz = { 290 .band = IEEE80211_BAND_2GHZ, 291 .channels = b43_2ghz_chantable, 292 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 293 .bitrates = b43_g_ratetable, 294 .n_bitrates = b43_g_ratetable_size, 295}; 296 297static void b43_wireless_core_exit(struct b43_wldev *dev); 298static int b43_wireless_core_init(struct b43_wldev *dev); 299static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 300static int b43_wireless_core_start(struct b43_wldev *dev); 301 302static int b43_ratelimit(struct b43_wl *wl) 303{ 304 if (!wl || !wl->current_dev) 305 return 1; 306 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 307 return 1; 308 /* We are up and running. 309 * Ratelimit the messages to avoid DoS over the net. */ 310 return net_ratelimit(); 311} 312 313void b43info(struct b43_wl *wl, const char *fmt, ...) 314{ 315 va_list args; 316 317 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 318 return; 319 if (!b43_ratelimit(wl)) 320 return; 321 va_start(args, fmt); 322 printk(KERN_INFO "b43-%s: ", 323 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 324 vprintk(fmt, args); 325 va_end(args); 326} 327 328void b43err(struct b43_wl *wl, const char *fmt, ...) 329{ 330 va_list args; 331 332 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 333 return; 334 if (!b43_ratelimit(wl)) 335 return; 336 va_start(args, fmt); 337 printk(KERN_ERR "b43-%s ERROR: ", 338 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 339 vprintk(fmt, args); 340 va_end(args); 341} 342 343void b43warn(struct b43_wl *wl, const char *fmt, ...) 344{ 345 va_list args; 346 347 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 348 return; 349 if (!b43_ratelimit(wl)) 350 return; 351 va_start(args, fmt); 352 printk(KERN_WARNING "b43-%s warning: ", 353 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 354 vprintk(fmt, args); 355 va_end(args); 356} 357 358void b43dbg(struct b43_wl *wl, const char *fmt, ...) 359{ 360 va_list args; 361 362 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 363 return; 364 va_start(args, fmt); 365 printk(KERN_DEBUG "b43-%s debug: ", 366 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 367 vprintk(fmt, args); 368 va_end(args); 369} 370 371static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 372{ 373 u32 macctl; 374 375 B43_WARN_ON(offset % 4 != 0); 376 377 macctl = b43_read32(dev, B43_MMIO_MACCTL); 378 if (macctl & B43_MACCTL_BE) 379 val = swab32(val); 380 381 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 382 mmiowb(); 383 b43_write32(dev, B43_MMIO_RAM_DATA, val); 384} 385 386static inline void b43_shm_control_word(struct b43_wldev *dev, 387 u16 routing, u16 offset) 388{ 389 u32 control; 390 391 /* "offset" is the WORD offset. */ 392 control = routing; 393 control <<= 16; 394 control |= offset; 395 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 396} 397 398u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 399{ 400 u32 ret; 401 402 if (routing == B43_SHM_SHARED) { 403 B43_WARN_ON(offset & 0x0001); 404 if (offset & 0x0003) { 405 /* Unaligned access */ 406 b43_shm_control_word(dev, routing, offset >> 2); 407 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 408 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 409 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 410 411 goto out; 412 } 413 offset >>= 2; 414 } 415 b43_shm_control_word(dev, routing, offset); 416 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 417out: 418 return ret; 419} 420 421u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 422{ 423 u16 ret; 424 425 if (routing == B43_SHM_SHARED) { 426 B43_WARN_ON(offset & 0x0001); 427 if (offset & 0x0003) { 428 /* Unaligned access */ 429 b43_shm_control_word(dev, routing, offset >> 2); 430 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 431 432 goto out; 433 } 434 offset >>= 2; 435 } 436 b43_shm_control_word(dev, routing, offset); 437 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 438out: 439 return ret; 440} 441 442void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 443{ 444 if (routing == B43_SHM_SHARED) { 445 B43_WARN_ON(offset & 0x0001); 446 if (offset & 0x0003) { 447 /* Unaligned access */ 448 b43_shm_control_word(dev, routing, offset >> 2); 449 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 450 value & 0xFFFF); 451 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 452 b43_write16(dev, B43_MMIO_SHM_DATA, 453 (value >> 16) & 0xFFFF); 454 return; 455 } 456 offset >>= 2; 457 } 458 b43_shm_control_word(dev, routing, offset); 459 b43_write32(dev, B43_MMIO_SHM_DATA, value); 460} 461 462void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 463{ 464 if (routing == B43_SHM_SHARED) { 465 B43_WARN_ON(offset & 0x0001); 466 if (offset & 0x0003) { 467 /* Unaligned access */ 468 b43_shm_control_word(dev, routing, offset >> 2); 469 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 470 return; 471 } 472 offset >>= 2; 473 } 474 b43_shm_control_word(dev, routing, offset); 475 b43_write16(dev, B43_MMIO_SHM_DATA, value); 476} 477 478/* Read HostFlags */ 479u64 b43_hf_read(struct b43_wldev *dev) 480{ 481 u64 ret; 482 483 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 484 ret <<= 16; 485 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 486 ret <<= 16; 487 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 488 489 return ret; 490} 491 492/* Write HostFlags */ 493void b43_hf_write(struct b43_wldev *dev, u64 value) 494{ 495 u16 lo, mi, hi; 496 497 lo = (value & 0x00000000FFFFULL); 498 mi = (value & 0x0000FFFF0000ULL) >> 16; 499 hi = (value & 0xFFFF00000000ULL) >> 32; 500 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 501 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 502 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 503} 504 505/* Read the firmware capabilities bitmask (Opensource firmware only) */ 506static u16 b43_fwcapa_read(struct b43_wldev *dev) 507{ 508 B43_WARN_ON(!dev->fw.opensource); 509 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 510} 511 512void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 513{ 514 u32 low, high; 515 516 B43_WARN_ON(dev->dev->id.revision < 3); 517 518 /* The hardware guarantees us an atomic read, if we 519 * read the low register first. */ 520 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 521 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 522 523 *tsf = high; 524 *tsf <<= 32; 525 *tsf |= low; 526} 527 528static void b43_time_lock(struct b43_wldev *dev) 529{ 530 u32 macctl; 531 532 macctl = b43_read32(dev, B43_MMIO_MACCTL); 533 macctl |= B43_MACCTL_TBTTHOLD; 534 b43_write32(dev, B43_MMIO_MACCTL, macctl); 535 /* Commit the write */ 536 b43_read32(dev, B43_MMIO_MACCTL); 537} 538 539static void b43_time_unlock(struct b43_wldev *dev) 540{ 541 u32 macctl; 542 543 macctl = b43_read32(dev, B43_MMIO_MACCTL); 544 macctl &= ~B43_MACCTL_TBTTHOLD; 545 b43_write32(dev, B43_MMIO_MACCTL, macctl); 546 /* Commit the write */ 547 b43_read32(dev, B43_MMIO_MACCTL); 548} 549 550static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 551{ 552 u32 low, high; 553 554 B43_WARN_ON(dev->dev->id.revision < 3); 555 556 low = tsf; 557 high = (tsf >> 32); 558 /* The hardware guarantees us an atomic write, if we 559 * write the low register first. */ 560 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 561 mmiowb(); 562 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 563 mmiowb(); 564} 565 566void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 567{ 568 b43_time_lock(dev); 569 b43_tsf_write_locked(dev, tsf); 570 b43_time_unlock(dev); 571} 572 573static 574void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 575{ 576 static const u8 zero_addr[ETH_ALEN] = { 0 }; 577 u16 data; 578 579 if (!mac) 580 mac = zero_addr; 581 582 offset |= 0x0020; 583 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 584 585 data = mac[0]; 586 data |= mac[1] << 8; 587 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 588 data = mac[2]; 589 data |= mac[3] << 8; 590 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 591 data = mac[4]; 592 data |= mac[5] << 8; 593 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 594} 595 596static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 597{ 598 const u8 *mac; 599 const u8 *bssid; 600 u8 mac_bssid[ETH_ALEN * 2]; 601 int i; 602 u32 tmp; 603 604 bssid = dev->wl->bssid; 605 mac = dev->wl->mac_addr; 606 607 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 608 609 memcpy(mac_bssid, mac, ETH_ALEN); 610 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 611 612 /* Write our MAC address and BSSID to template ram */ 613 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 614 tmp = (u32) (mac_bssid[i + 0]); 615 tmp |= (u32) (mac_bssid[i + 1]) << 8; 616 tmp |= (u32) (mac_bssid[i + 2]) << 16; 617 tmp |= (u32) (mac_bssid[i + 3]) << 24; 618 b43_ram_write(dev, 0x20 + i, tmp); 619 } 620} 621 622static void b43_upload_card_macaddress(struct b43_wldev *dev) 623{ 624 b43_write_mac_bssid_templates(dev); 625 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 626} 627 628static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 629{ 630 /* slot_time is in usec. */ 631 if (dev->phy.type != B43_PHYTYPE_G) 632 return; 633 b43_write16(dev, 0x684, 510 + slot_time); 634 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 635} 636 637static void b43_short_slot_timing_enable(struct b43_wldev *dev) 638{ 639 b43_set_slot_time(dev, 9); 640} 641 642static void b43_short_slot_timing_disable(struct b43_wldev *dev) 643{ 644 b43_set_slot_time(dev, 20); 645} 646 647/* DummyTransmission function, as documented on 648 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 649 */ 650void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 651{ 652 struct b43_phy *phy = &dev->phy; 653 unsigned int i, max_loop; 654 u16 value; 655 u32 buffer[5] = { 656 0x00000000, 657 0x00D40000, 658 0x00000000, 659 0x01000000, 660 0x00000000, 661 }; 662 663 if (ofdm) { 664 max_loop = 0x1E; 665 buffer[0] = 0x000201CC; 666 } else { 667 max_loop = 0xFA; 668 buffer[0] = 0x000B846E; 669 } 670 671 for (i = 0; i < 5; i++) 672 b43_ram_write(dev, i * 4, buffer[i]); 673 674 b43_write16(dev, 0x0568, 0x0000); 675 if (dev->dev->id.revision < 11) 676 b43_write16(dev, 0x07C0, 0x0000); 677 else 678 b43_write16(dev, 0x07C0, 0x0100); 679 value = (ofdm ? 0x41 : 0x40); 680 b43_write16(dev, 0x050C, value); 681 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 682 b43_write16(dev, 0x0514, 0x1A02); 683 b43_write16(dev, 0x0508, 0x0000); 684 b43_write16(dev, 0x050A, 0x0000); 685 b43_write16(dev, 0x054C, 0x0000); 686 b43_write16(dev, 0x056A, 0x0014); 687 b43_write16(dev, 0x0568, 0x0826); 688 b43_write16(dev, 0x0500, 0x0000); 689 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 690 //SPEC TODO 691 } 692 693 switch (phy->type) { 694 case B43_PHYTYPE_N: 695 b43_write16(dev, 0x0502, 0x00D0); 696 break; 697 case B43_PHYTYPE_LP: 698 b43_write16(dev, 0x0502, 0x0050); 699 break; 700 default: 701 b43_write16(dev, 0x0502, 0x0030); 702 } 703 704 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 705 b43_radio_write16(dev, 0x0051, 0x0017); 706 for (i = 0x00; i < max_loop; i++) { 707 value = b43_read16(dev, 0x050E); 708 if (value & 0x0080) 709 break; 710 udelay(10); 711 } 712 for (i = 0x00; i < 0x0A; i++) { 713 value = b43_read16(dev, 0x050E); 714 if (value & 0x0400) 715 break; 716 udelay(10); 717 } 718 for (i = 0x00; i < 0x19; i++) { 719 value = b43_read16(dev, 0x0690); 720 if (!(value & 0x0100)) 721 break; 722 udelay(10); 723 } 724 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 725 b43_radio_write16(dev, 0x0051, 0x0037); 726} 727 728static void key_write(struct b43_wldev *dev, 729 u8 index, u8 algorithm, const u8 *key) 730{ 731 unsigned int i; 732 u32 offset; 733 u16 value; 734 u16 kidx; 735 736 /* Key index/algo block */ 737 kidx = b43_kidx_to_fw(dev, index); 738 value = ((kidx << 4) | algorithm); 739 b43_shm_write16(dev, B43_SHM_SHARED, 740 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 741 742 /* Write the key to the Key Table Pointer offset */ 743 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 744 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 745 value = key[i]; 746 value |= (u16) (key[i + 1]) << 8; 747 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 748 } 749} 750 751static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 752{ 753 u32 addrtmp[2] = { 0, 0, }; 754 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 755 756 if (b43_new_kidx_api(dev)) 757 pairwise_keys_start = B43_NR_GROUP_KEYS; 758 759 B43_WARN_ON(index < pairwise_keys_start); 760 /* We have four default TX keys and possibly four default RX keys. 761 * Physical mac 0 is mapped to physical key 4 or 8, depending 762 * on the firmware version. 763 * So we must adjust the index here. 764 */ 765 index -= pairwise_keys_start; 766 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 767 768 if (addr) { 769 addrtmp[0] = addr[0]; 770 addrtmp[0] |= ((u32) (addr[1]) << 8); 771 addrtmp[0] |= ((u32) (addr[2]) << 16); 772 addrtmp[0] |= ((u32) (addr[3]) << 24); 773 addrtmp[1] = addr[4]; 774 addrtmp[1] |= ((u32) (addr[5]) << 8); 775 } 776 777 /* Receive match transmitter address (RCMTA) mechanism */ 778 b43_shm_write32(dev, B43_SHM_RCMTA, 779 (index * 2) + 0, addrtmp[0]); 780 b43_shm_write16(dev, B43_SHM_RCMTA, 781 (index * 2) + 1, addrtmp[1]); 782} 783 784/* The ucode will use phase1 key with TEK key to decrypt rx packets. 785 * When a packet is received, the iv32 is checked. 786 * - if it doesn't the packet is returned without modification (and software 787 * decryption can be done). That's what happen when iv16 wrap. 788 * - if it does, the rc4 key is computed, and decryption is tried. 789 * Either it will success and B43_RX_MAC_DEC is returned, 790 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 791 * and the packet is not usable (it got modified by the ucode). 792 * So in order to never have B43_RX_MAC_DECERR, we should provide 793 * a iv32 and phase1key that match. Because we drop packets in case of 794 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 795 * packets will be lost without higher layer knowing (ie no resync possible 796 * until next wrap). 797 * 798 * NOTE : this should support 50 key like RCMTA because 799 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 800 */ 801static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 802 u16 *phase1key) 803{ 804 unsigned int i; 805 u32 offset; 806 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 807 808 if (!modparam_hwtkip) 809 return; 810 811 if (b43_new_kidx_api(dev)) 812 pairwise_keys_start = B43_NR_GROUP_KEYS; 813 814 B43_WARN_ON(index < pairwise_keys_start); 815 /* We have four default TX keys and possibly four default RX keys. 816 * Physical mac 0 is mapped to physical key 4 or 8, depending 817 * on the firmware version. 818 * So we must adjust the index here. 819 */ 820 index -= pairwise_keys_start; 821 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 822 823 if (b43_debug(dev, B43_DBG_KEYS)) { 824 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 825 index, iv32); 826 } 827 /* Write the key to the RX tkip shared mem */ 828 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 829 for (i = 0; i < 10; i += 2) { 830 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 831 phase1key ? phase1key[i / 2] : 0); 832 } 833 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 834 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 835} 836 837static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 838 struct ieee80211_key_conf *keyconf, const u8 *addr, 839 u32 iv32, u16 *phase1key) 840{ 841 struct b43_wl *wl = hw_to_b43_wl(hw); 842 struct b43_wldev *dev; 843 int index = keyconf->hw_key_idx; 844 845 if (B43_WARN_ON(!modparam_hwtkip)) 846 return; 847 848 mutex_lock(&wl->mutex); 849 850 dev = wl->current_dev; 851 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 852 goto out_unlock; 853 854 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 855 856 rx_tkip_phase1_write(dev, index, iv32, phase1key); 857 keymac_write(dev, index, addr); 858 859out_unlock: 860 mutex_unlock(&wl->mutex); 861} 862 863static void do_key_write(struct b43_wldev *dev, 864 u8 index, u8 algorithm, 865 const u8 *key, size_t key_len, const u8 *mac_addr) 866{ 867 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 868 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 869 870 if (b43_new_kidx_api(dev)) 871 pairwise_keys_start = B43_NR_GROUP_KEYS; 872 873 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 874 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 875 876 if (index >= pairwise_keys_start) 877 keymac_write(dev, index, NULL); /* First zero out mac. */ 878 if (algorithm == B43_SEC_ALGO_TKIP) { 879 /* 880 * We should provide an initial iv32, phase1key pair. 881 * We could start with iv32=0 and compute the corresponding 882 * phase1key, but this means calling ieee80211_get_tkip_key 883 * with a fake skb (or export other tkip function). 884 * Because we are lazy we hope iv32 won't start with 885 * 0xffffffff and let's b43_op_update_tkip_key provide a 886 * correct pair. 887 */ 888 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 889 } else if (index >= pairwise_keys_start) /* clear it */ 890 rx_tkip_phase1_write(dev, index, 0, NULL); 891 if (key) 892 memcpy(buf, key, key_len); 893 key_write(dev, index, algorithm, buf); 894 if (index >= pairwise_keys_start) 895 keymac_write(dev, index, mac_addr); 896 897 dev->key[index].algorithm = algorithm; 898} 899 900static int b43_key_write(struct b43_wldev *dev, 901 int index, u8 algorithm, 902 const u8 *key, size_t key_len, 903 const u8 *mac_addr, 904 struct ieee80211_key_conf *keyconf) 905{ 906 int i; 907 int pairwise_keys_start; 908 909 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 910 * - Temporal Encryption Key (128 bits) 911 * - Temporal Authenticator Tx MIC Key (64 bits) 912 * - Temporal Authenticator Rx MIC Key (64 bits) 913 * 914 * Hardware only store TEK 915 */ 916 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 917 key_len = 16; 918 if (key_len > B43_SEC_KEYSIZE) 919 return -EINVAL; 920 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 921 /* Check that we don't already have this key. */ 922 B43_WARN_ON(dev->key[i].keyconf == keyconf); 923 } 924 if (index < 0) { 925 /* Pairwise key. Get an empty slot for the key. */ 926 if (b43_new_kidx_api(dev)) 927 pairwise_keys_start = B43_NR_GROUP_KEYS; 928 else 929 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 930 for (i = pairwise_keys_start; 931 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 932 i++) { 933 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 934 if (!dev->key[i].keyconf) { 935 /* found empty */ 936 index = i; 937 break; 938 } 939 } 940 if (index < 0) { 941 b43warn(dev->wl, "Out of hardware key memory\n"); 942 return -ENOSPC; 943 } 944 } else 945 B43_WARN_ON(index > 3); 946 947 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 948 if ((index <= 3) && !b43_new_kidx_api(dev)) { 949 /* Default RX key */ 950 B43_WARN_ON(mac_addr); 951 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 952 } 953 keyconf->hw_key_idx = index; 954 dev->key[index].keyconf = keyconf; 955 956 return 0; 957} 958 959static int b43_key_clear(struct b43_wldev *dev, int index) 960{ 961 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 962 return -EINVAL; 963 do_key_write(dev, index, B43_SEC_ALGO_NONE, 964 NULL, B43_SEC_KEYSIZE, NULL); 965 if ((index <= 3) && !b43_new_kidx_api(dev)) { 966 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 967 NULL, B43_SEC_KEYSIZE, NULL); 968 } 969 dev->key[index].keyconf = NULL; 970 971 return 0; 972} 973 974static void b43_clear_keys(struct b43_wldev *dev) 975{ 976 int i, count; 977 978 if (b43_new_kidx_api(dev)) 979 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 980 else 981 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 982 for (i = 0; i < count; i++) 983 b43_key_clear(dev, i); 984} 985 986static void b43_dump_keymemory(struct b43_wldev *dev) 987{ 988 unsigned int i, index, count, offset, pairwise_keys_start; 989 u8 mac[ETH_ALEN]; 990 u16 algo; 991 u32 rcmta0; 992 u16 rcmta1; 993 u64 hf; 994 struct b43_key *key; 995 996 if (!b43_debug(dev, B43_DBG_KEYS)) 997 return; 998 999 hf = b43_hf_read(dev); 1000 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1001 !!(hf & B43_HF_USEDEFKEYS)); 1002 if (b43_new_kidx_api(dev)) { 1003 pairwise_keys_start = B43_NR_GROUP_KEYS; 1004 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1005 } else { 1006 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1007 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1008 } 1009 for (index = 0; index < count; index++) { 1010 key = &(dev->key[index]); 1011 printk(KERN_DEBUG "Key slot %02u: %s", 1012 index, (key->keyconf == NULL) ? " " : "*"); 1013 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1014 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1015 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1016 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1017 } 1018 1019 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1020 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1021 printk(" Algo: %04X/%02X", algo, key->algorithm); 1022 1023 if (index >= pairwise_keys_start) { 1024 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1025 printk(" TKIP: "); 1026 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1027 for (i = 0; i < 14; i += 2) { 1028 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1029 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1030 } 1031 } 1032 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1033 ((index - pairwise_keys_start) * 2) + 0); 1034 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1035 ((index - pairwise_keys_start) * 2) + 1); 1036 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1037 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1038 printk(" MAC: %pM", mac); 1039 } else 1040 printk(" DEFAULT KEY"); 1041 printk("\n"); 1042 } 1043} 1044 1045void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1046{ 1047 u32 macctl; 1048 u16 ucstat; 1049 bool hwps; 1050 bool awake; 1051 int i; 1052 1053 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1054 (ps_flags & B43_PS_DISABLED)); 1055 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1056 1057 if (ps_flags & B43_PS_ENABLED) { 1058 hwps = 1; 1059 } else if (ps_flags & B43_PS_DISABLED) { 1060 hwps = 0; 1061 } else { 1062 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1063 // and thus is not an AP and we are associated, set bit 25 1064 } 1065 if (ps_flags & B43_PS_AWAKE) { 1066 awake = 1; 1067 } else if (ps_flags & B43_PS_ASLEEP) { 1068 awake = 0; 1069 } else { 1070 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1071 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1072 // successful, set bit26 1073 } 1074 1075/* FIXME: For now we force awake-on and hwps-off */ 1076 hwps = 0; 1077 awake = 1; 1078 1079 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1080 if (hwps) 1081 macctl |= B43_MACCTL_HWPS; 1082 else 1083 macctl &= ~B43_MACCTL_HWPS; 1084 if (awake) 1085 macctl |= B43_MACCTL_AWAKE; 1086 else 1087 macctl &= ~B43_MACCTL_AWAKE; 1088 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1089 /* Commit write */ 1090 b43_read32(dev, B43_MMIO_MACCTL); 1091 if (awake && dev->dev->id.revision >= 5) { 1092 /* Wait for the microcode to wake up. */ 1093 for (i = 0; i < 100; i++) { 1094 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1095 B43_SHM_SH_UCODESTAT); 1096 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1097 break; 1098 udelay(10); 1099 } 1100 } 1101} 1102 1103void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1104{ 1105 u32 tmslow; 1106 u32 macctl; 1107 1108 flags |= B43_TMSLOW_PHYCLKEN; 1109 flags |= B43_TMSLOW_PHYRESET; 1110 ssb_device_enable(dev->dev, flags); 1111 msleep(2); /* Wait for the PLL to turn on. */ 1112 1113 /* Now take the PHY out of Reset again */ 1114 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1115 tmslow |= SSB_TMSLOW_FGC; 1116 tmslow &= ~B43_TMSLOW_PHYRESET; 1117 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1118 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1119 msleep(1); 1120 tmslow &= ~SSB_TMSLOW_FGC; 1121 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1122 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1123 msleep(1); 1124 1125 /* Turn Analog ON, but only if we already know the PHY-type. 1126 * This protects against very early setup where we don't know the 1127 * PHY-type, yet. wireless_core_reset will be called once again later, 1128 * when we know the PHY-type. */ 1129 if (dev->phy.ops) 1130 dev->phy.ops->switch_analog(dev, 1); 1131 1132 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1133 macctl &= ~B43_MACCTL_GMODE; 1134 if (flags & B43_TMSLOW_GMODE) 1135 macctl |= B43_MACCTL_GMODE; 1136 macctl |= B43_MACCTL_IHR_ENABLED; 1137 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1138} 1139 1140static void handle_irq_transmit_status(struct b43_wldev *dev) 1141{ 1142 u32 v0, v1; 1143 u16 tmp; 1144 struct b43_txstatus stat; 1145 1146 while (1) { 1147 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1148 if (!(v0 & 0x00000001)) 1149 break; 1150 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1151 1152 stat.cookie = (v0 >> 16); 1153 stat.seq = (v1 & 0x0000FFFF); 1154 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1155 tmp = (v0 & 0x0000FFFF); 1156 stat.frame_count = ((tmp & 0xF000) >> 12); 1157 stat.rts_count = ((tmp & 0x0F00) >> 8); 1158 stat.supp_reason = ((tmp & 0x001C) >> 2); 1159 stat.pm_indicated = !!(tmp & 0x0080); 1160 stat.intermediate = !!(tmp & 0x0040); 1161 stat.for_ampdu = !!(tmp & 0x0020); 1162 stat.acked = !!(tmp & 0x0002); 1163 1164 b43_handle_txstatus(dev, &stat); 1165 } 1166} 1167 1168static void drain_txstatus_queue(struct b43_wldev *dev) 1169{ 1170 u32 dummy; 1171 1172 if (dev->dev->id.revision < 5) 1173 return; 1174 /* Read all entries from the microcode TXstatus FIFO 1175 * and throw them away. 1176 */ 1177 while (1) { 1178 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1179 if (!(dummy & 0x00000001)) 1180 break; 1181 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1182 } 1183} 1184 1185static u32 b43_jssi_read(struct b43_wldev *dev) 1186{ 1187 u32 val = 0; 1188 1189 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1190 val <<= 16; 1191 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1192 1193 return val; 1194} 1195 1196static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1197{ 1198 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1199 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1200} 1201 1202static void b43_generate_noise_sample(struct b43_wldev *dev) 1203{ 1204 b43_jssi_write(dev, 0x7F7F7F7F); 1205 b43_write32(dev, B43_MMIO_MACCMD, 1206 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1207} 1208 1209static void b43_calculate_link_quality(struct b43_wldev *dev) 1210{ 1211 /* Top half of Link Quality calculation. */ 1212 1213 if (dev->phy.type != B43_PHYTYPE_G) 1214 return; 1215 if (dev->noisecalc.calculation_running) 1216 return; 1217 dev->noisecalc.calculation_running = 1; 1218 dev->noisecalc.nr_samples = 0; 1219 1220 b43_generate_noise_sample(dev); 1221} 1222 1223static void handle_irq_noise(struct b43_wldev *dev) 1224{ 1225 struct b43_phy_g *phy = dev->phy.g; 1226 u16 tmp; 1227 u8 noise[4]; 1228 u8 i, j; 1229 s32 average; 1230 1231 /* Bottom half of Link Quality calculation. */ 1232 1233 if (dev->phy.type != B43_PHYTYPE_G) 1234 return; 1235 1236 /* Possible race condition: It might be possible that the user 1237 * changed to a different channel in the meantime since we 1238 * started the calculation. We ignore that fact, since it's 1239 * not really that much of a problem. The background noise is 1240 * an estimation only anyway. Slightly wrong results will get damped 1241 * by the averaging of the 8 sample rounds. Additionally the 1242 * value is shortlived. So it will be replaced by the next noise 1243 * calculation round soon. */ 1244 1245 B43_WARN_ON(!dev->noisecalc.calculation_running); 1246 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1247 if (noise[0] == 0x7F || noise[1] == 0x7F || 1248 noise[2] == 0x7F || noise[3] == 0x7F) 1249 goto generate_new; 1250 1251 /* Get the noise samples. */ 1252 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1253 i = dev->noisecalc.nr_samples; 1254 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1255 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1256 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1257 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1258 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1259 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1260 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1261 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1262 dev->noisecalc.nr_samples++; 1263 if (dev->noisecalc.nr_samples == 8) { 1264 /* Calculate the Link Quality by the noise samples. */ 1265 average = 0; 1266 for (i = 0; i < 8; i++) { 1267 for (j = 0; j < 4; j++) 1268 average += dev->noisecalc.samples[i][j]; 1269 } 1270 average /= (8 * 4); 1271 average *= 125; 1272 average += 64; 1273 average /= 128; 1274 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1275 tmp = (tmp / 128) & 0x1F; 1276 if (tmp >= 8) 1277 average += 2; 1278 else 1279 average -= 25; 1280 if (tmp == 8) 1281 average -= 72; 1282 else 1283 average -= 48; 1284 1285 dev->stats.link_noise = average; 1286 dev->noisecalc.calculation_running = 0; 1287 return; 1288 } 1289generate_new: 1290 b43_generate_noise_sample(dev); 1291} 1292 1293static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1294{ 1295 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1296 ///TODO: PS TBTT 1297 } else { 1298 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1299 b43_power_saving_ctl_bits(dev, 0); 1300 } 1301 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1302 dev->dfq_valid = 1; 1303} 1304 1305static void handle_irq_atim_end(struct b43_wldev *dev) 1306{ 1307 if (dev->dfq_valid) { 1308 b43_write32(dev, B43_MMIO_MACCMD, 1309 b43_read32(dev, B43_MMIO_MACCMD) 1310 | B43_MACCMD_DFQ_VALID); 1311 dev->dfq_valid = 0; 1312 } 1313} 1314 1315static void handle_irq_pmq(struct b43_wldev *dev) 1316{ 1317 u32 tmp; 1318 1319 //TODO: AP mode. 1320 1321 while (1) { 1322 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1323 if (!(tmp & 0x00000008)) 1324 break; 1325 } 1326 /* 16bit write is odd, but correct. */ 1327 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1328} 1329 1330static void b43_write_template_common(struct b43_wldev *dev, 1331 const u8 *data, u16 size, 1332 u16 ram_offset, 1333 u16 shm_size_offset, u8 rate) 1334{ 1335 u32 i, tmp; 1336 struct b43_plcp_hdr4 plcp; 1337 1338 plcp.data = 0; 1339 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1340 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1341 ram_offset += sizeof(u32); 1342 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1343 * So leave the first two bytes of the next write blank. 1344 */ 1345 tmp = (u32) (data[0]) << 16; 1346 tmp |= (u32) (data[1]) << 24; 1347 b43_ram_write(dev, ram_offset, tmp); 1348 ram_offset += sizeof(u32); 1349 for (i = 2; i < size; i += sizeof(u32)) { 1350 tmp = (u32) (data[i + 0]); 1351 if (i + 1 < size) 1352 tmp |= (u32) (data[i + 1]) << 8; 1353 if (i + 2 < size) 1354 tmp |= (u32) (data[i + 2]) << 16; 1355 if (i + 3 < size) 1356 tmp |= (u32) (data[i + 3]) << 24; 1357 b43_ram_write(dev, ram_offset + i - 2, tmp); 1358 } 1359 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1360 size + sizeof(struct b43_plcp_hdr6)); 1361} 1362 1363/* Check if the use of the antenna that ieee80211 told us to 1364 * use is possible. This will fall back to DEFAULT. 1365 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1366u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1367 u8 antenna_nr) 1368{ 1369 u8 antenna_mask; 1370 1371 if (antenna_nr == 0) { 1372 /* Zero means "use default antenna". That's always OK. */ 1373 return 0; 1374 } 1375 1376 /* Get the mask of available antennas. */ 1377 if (dev->phy.gmode) 1378 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1379 else 1380 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1381 1382 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1383 /* This antenna is not available. Fall back to default. */ 1384 return 0; 1385 } 1386 1387 return antenna_nr; 1388} 1389 1390/* Convert a b43 antenna number value to the PHY TX control value. */ 1391static u16 b43_antenna_to_phyctl(int antenna) 1392{ 1393 switch (antenna) { 1394 case B43_ANTENNA0: 1395 return B43_TXH_PHY_ANT0; 1396 case B43_ANTENNA1: 1397 return B43_TXH_PHY_ANT1; 1398 case B43_ANTENNA2: 1399 return B43_TXH_PHY_ANT2; 1400 case B43_ANTENNA3: 1401 return B43_TXH_PHY_ANT3; 1402 case B43_ANTENNA_AUTO0: 1403 case B43_ANTENNA_AUTO1: 1404 return B43_TXH_PHY_ANT01AUTO; 1405 } 1406 B43_WARN_ON(1); 1407 return 0; 1408} 1409 1410static void b43_write_beacon_template(struct b43_wldev *dev, 1411 u16 ram_offset, 1412 u16 shm_size_offset) 1413{ 1414 unsigned int i, len, variable_len; 1415 const struct ieee80211_mgmt *bcn; 1416 const u8 *ie; 1417 bool tim_found = 0; 1418 unsigned int rate; 1419 u16 ctl; 1420 int antenna; 1421 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1422 1423 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1424 len = min((size_t) dev->wl->current_beacon->len, 1425 0x200 - sizeof(struct b43_plcp_hdr6)); 1426 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1427 1428 b43_write_template_common(dev, (const u8 *)bcn, 1429 len, ram_offset, shm_size_offset, rate); 1430 1431 /* Write the PHY TX control parameters. */ 1432 antenna = B43_ANTENNA_DEFAULT; 1433 antenna = b43_antenna_to_phyctl(antenna); 1434 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1435 /* We can't send beacons with short preamble. Would get PHY errors. */ 1436 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1437 ctl &= ~B43_TXH_PHY_ANT; 1438 ctl &= ~B43_TXH_PHY_ENC; 1439 ctl |= antenna; 1440 if (b43_is_cck_rate(rate)) 1441 ctl |= B43_TXH_PHY_ENC_CCK; 1442 else 1443 ctl |= B43_TXH_PHY_ENC_OFDM; 1444 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1445 1446 /* Find the position of the TIM and the DTIM_period value 1447 * and write them to SHM. */ 1448 ie = bcn->u.beacon.variable; 1449 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1450 for (i = 0; i < variable_len - 2; ) { 1451 uint8_t ie_id, ie_len; 1452 1453 ie_id = ie[i]; 1454 ie_len = ie[i + 1]; 1455 if (ie_id == 5) { 1456 u16 tim_position; 1457 u16 dtim_period; 1458 /* This is the TIM Information Element */ 1459 1460 /* Check whether the ie_len is in the beacon data range. */ 1461 if (variable_len < ie_len + 2 + i) 1462 break; 1463 /* A valid TIM is at least 4 bytes long. */ 1464 if (ie_len < 4) 1465 break; 1466 tim_found = 1; 1467 1468 tim_position = sizeof(struct b43_plcp_hdr6); 1469 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1470 tim_position += i; 1471 1472 dtim_period = ie[i + 3]; 1473 1474 b43_shm_write16(dev, B43_SHM_SHARED, 1475 B43_SHM_SH_TIMBPOS, tim_position); 1476 b43_shm_write16(dev, B43_SHM_SHARED, 1477 B43_SHM_SH_DTIMPER, dtim_period); 1478 break; 1479 } 1480 i += ie_len + 2; 1481 } 1482 if (!tim_found) { 1483 /* 1484 * If ucode wants to modify TIM do it behind the beacon, this 1485 * will happen, for example, when doing mesh networking. 1486 */ 1487 b43_shm_write16(dev, B43_SHM_SHARED, 1488 B43_SHM_SH_TIMBPOS, 1489 len + sizeof(struct b43_plcp_hdr6)); 1490 b43_shm_write16(dev, B43_SHM_SHARED, 1491 B43_SHM_SH_DTIMPER, 0); 1492 } 1493 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1494} 1495 1496static void b43_upload_beacon0(struct b43_wldev *dev) 1497{ 1498 struct b43_wl *wl = dev->wl; 1499 1500 if (wl->beacon0_uploaded) 1501 return; 1502 b43_write_beacon_template(dev, 0x68, 0x18); 1503 wl->beacon0_uploaded = 1; 1504} 1505 1506static void b43_upload_beacon1(struct b43_wldev *dev) 1507{ 1508 struct b43_wl *wl = dev->wl; 1509 1510 if (wl->beacon1_uploaded) 1511 return; 1512 b43_write_beacon_template(dev, 0x468, 0x1A); 1513 wl->beacon1_uploaded = 1; 1514} 1515 1516static void handle_irq_beacon(struct b43_wldev *dev) 1517{ 1518 struct b43_wl *wl = dev->wl; 1519 u32 cmd, beacon0_valid, beacon1_valid; 1520 1521 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1522 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1523 return; 1524 1525 /* This is the bottom half of the asynchronous beacon update. */ 1526 1527 /* Ignore interrupt in the future. */ 1528 dev->irq_mask &= ~B43_IRQ_BEACON; 1529 1530 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1531 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1532 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1533 1534 /* Schedule interrupt manually, if busy. */ 1535 if (beacon0_valid && beacon1_valid) { 1536 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1537 dev->irq_mask |= B43_IRQ_BEACON; 1538 return; 1539 } 1540 1541 if (unlikely(wl->beacon_templates_virgin)) { 1542 /* We never uploaded a beacon before. 1543 * Upload both templates now, but only mark one valid. */ 1544 wl->beacon_templates_virgin = 0; 1545 b43_upload_beacon0(dev); 1546 b43_upload_beacon1(dev); 1547 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1548 cmd |= B43_MACCMD_BEACON0_VALID; 1549 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1550 } else { 1551 if (!beacon0_valid) { 1552 b43_upload_beacon0(dev); 1553 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1554 cmd |= B43_MACCMD_BEACON0_VALID; 1555 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1556 } else if (!beacon1_valid) { 1557 b43_upload_beacon1(dev); 1558 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1559 cmd |= B43_MACCMD_BEACON1_VALID; 1560 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1561 } 1562 } 1563} 1564 1565static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1566{ 1567 u32 old_irq_mask = dev->irq_mask; 1568 1569 /* update beacon right away or defer to irq */ 1570 handle_irq_beacon(dev); 1571 if (old_irq_mask != dev->irq_mask) { 1572 /* The handler updated the IRQ mask. */ 1573 B43_WARN_ON(!dev->irq_mask); 1574 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1575 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1576 } else { 1577 /* Device interrupts are currently disabled. That means 1578 * we just ran the hardirq handler and scheduled the 1579 * IRQ thread. The thread will write the IRQ mask when 1580 * it finished, so there's nothing to do here. Writing 1581 * the mask _here_ would incorrectly re-enable IRQs. */ 1582 } 1583 } 1584} 1585 1586static void b43_beacon_update_trigger_work(struct work_struct *work) 1587{ 1588 struct b43_wl *wl = container_of(work, struct b43_wl, 1589 beacon_update_trigger); 1590 struct b43_wldev *dev; 1591 1592 mutex_lock(&wl->mutex); 1593 dev = wl->current_dev; 1594 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1595 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 1596 /* wl->mutex is enough. */ 1597 b43_do_beacon_update_trigger_work(dev); 1598 mmiowb(); 1599 } else { 1600 spin_lock_irq(&wl->hardirq_lock); 1601 b43_do_beacon_update_trigger_work(dev); 1602 mmiowb(); 1603 spin_unlock_irq(&wl->hardirq_lock); 1604 } 1605 } 1606 mutex_unlock(&wl->mutex); 1607} 1608 1609/* Asynchronously update the packet templates in template RAM. 1610 * Locking: Requires wl->mutex to be locked. */ 1611static void b43_update_templates(struct b43_wl *wl) 1612{ 1613 struct sk_buff *beacon; 1614 1615 /* This is the top half of the ansynchronous beacon update. 1616 * The bottom half is the beacon IRQ. 1617 * Beacon update must be asynchronous to avoid sending an 1618 * invalid beacon. This can happen for example, if the firmware 1619 * transmits a beacon while we are updating it. */ 1620 1621 /* We could modify the existing beacon and set the aid bit in 1622 * the TIM field, but that would probably require resizing and 1623 * moving of data within the beacon template. 1624 * Simply request a new beacon and let mac80211 do the hard work. */ 1625 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1626 if (unlikely(!beacon)) 1627 return; 1628 1629 if (wl->current_beacon) 1630 dev_kfree_skb_any(wl->current_beacon); 1631 wl->current_beacon = beacon; 1632 wl->beacon0_uploaded = 0; 1633 wl->beacon1_uploaded = 0; 1634 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1635} 1636 1637static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1638{ 1639 b43_time_lock(dev); 1640 if (dev->dev->id.revision >= 3) { 1641 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1642 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1643 } else { 1644 b43_write16(dev, 0x606, (beacon_int >> 6)); 1645 b43_write16(dev, 0x610, beacon_int); 1646 } 1647 b43_time_unlock(dev); 1648 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1649} 1650 1651static void b43_handle_firmware_panic(struct b43_wldev *dev) 1652{ 1653 u16 reason; 1654 1655 /* Read the register that contains the reason code for the panic. */ 1656 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1657 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1658 1659 switch (reason) { 1660 default: 1661 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1662 /* fallthrough */ 1663 case B43_FWPANIC_DIE: 1664 /* Do not restart the controller or firmware. 1665 * The device is nonfunctional from now on. 1666 * Restarting would result in this panic to trigger again, 1667 * so we avoid that recursion. */ 1668 break; 1669 case B43_FWPANIC_RESTART: 1670 b43_controller_restart(dev, "Microcode panic"); 1671 break; 1672 } 1673} 1674 1675static void handle_irq_ucode_debug(struct b43_wldev *dev) 1676{ 1677 unsigned int i, cnt; 1678 u16 reason, marker_id, marker_line; 1679 __le16 *buf; 1680 1681 /* The proprietary firmware doesn't have this IRQ. */ 1682 if (!dev->fw.opensource) 1683 return; 1684 1685 /* Read the register that contains the reason code for this IRQ. */ 1686 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1687 1688 switch (reason) { 1689 case B43_DEBUGIRQ_PANIC: 1690 b43_handle_firmware_panic(dev); 1691 break; 1692 case B43_DEBUGIRQ_DUMP_SHM: 1693 if (!B43_DEBUG) 1694 break; /* Only with driver debugging enabled. */ 1695 buf = kmalloc(4096, GFP_ATOMIC); 1696 if (!buf) { 1697 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1698 goto out; 1699 } 1700 for (i = 0; i < 4096; i += 2) { 1701 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1702 buf[i / 2] = cpu_to_le16(tmp); 1703 } 1704 b43info(dev->wl, "Shared memory dump:\n"); 1705 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1706 16, 2, buf, 4096, 1); 1707 kfree(buf); 1708 break; 1709 case B43_DEBUGIRQ_DUMP_REGS: 1710 if (!B43_DEBUG) 1711 break; /* Only with driver debugging enabled. */ 1712 b43info(dev->wl, "Microcode register dump:\n"); 1713 for (i = 0, cnt = 0; i < 64; i++) { 1714 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1715 if (cnt == 0) 1716 printk(KERN_INFO); 1717 printk("r%02u: 0x%04X ", i, tmp); 1718 cnt++; 1719 if (cnt == 6) { 1720 printk("\n"); 1721 cnt = 0; 1722 } 1723 } 1724 printk("\n"); 1725 break; 1726 case B43_DEBUGIRQ_MARKER: 1727 if (!B43_DEBUG) 1728 break; /* Only with driver debugging enabled. */ 1729 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1730 B43_MARKER_ID_REG); 1731 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1732 B43_MARKER_LINE_REG); 1733 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1734 "at line number %u\n", 1735 marker_id, marker_line); 1736 break; 1737 default: 1738 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1739 reason); 1740 } 1741out: 1742 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1743 b43_shm_write16(dev, B43_SHM_SCRATCH, 1744 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1745} 1746 1747static void b43_do_interrupt_thread(struct b43_wldev *dev) 1748{ 1749 u32 reason; 1750 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1751 u32 merged_dma_reason = 0; 1752 int i; 1753 1754 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1755 return; 1756 1757 reason = dev->irq_reason; 1758 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1759 dma_reason[i] = dev->dma_reason[i]; 1760 merged_dma_reason |= dma_reason[i]; 1761 } 1762 1763 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1764 b43err(dev->wl, "MAC transmission error\n"); 1765 1766 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1767 b43err(dev->wl, "PHY transmission error\n"); 1768 rmb(); 1769 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1770 atomic_set(&dev->phy.txerr_cnt, 1771 B43_PHY_TX_BADNESS_LIMIT); 1772 b43err(dev->wl, "Too many PHY TX errors, " 1773 "restarting the controller\n"); 1774 b43_controller_restart(dev, "PHY TX errors"); 1775 } 1776 } 1777 1778 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1779 B43_DMAIRQ_NONFATALMASK))) { 1780 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1781 b43err(dev->wl, "Fatal DMA error: " 1782 "0x%08X, 0x%08X, 0x%08X, " 1783 "0x%08X, 0x%08X, 0x%08X\n", 1784 dma_reason[0], dma_reason[1], 1785 dma_reason[2], dma_reason[3], 1786 dma_reason[4], dma_reason[5]); 1787 b43err(dev->wl, "This device does not support DMA " 1788 "on your system. Please use PIO instead.\n"); 1789 b43err(dev->wl, "CONFIG_B43_FORCE_PIO must be set in " 1790 "your kernel configuration.\n"); 1791 return; 1792 } 1793 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1794 b43err(dev->wl, "DMA error: " 1795 "0x%08X, 0x%08X, 0x%08X, " 1796 "0x%08X, 0x%08X, 0x%08X\n", 1797 dma_reason[0], dma_reason[1], 1798 dma_reason[2], dma_reason[3], 1799 dma_reason[4], dma_reason[5]); 1800 } 1801 } 1802 1803 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1804 handle_irq_ucode_debug(dev); 1805 if (reason & B43_IRQ_TBTT_INDI) 1806 handle_irq_tbtt_indication(dev); 1807 if (reason & B43_IRQ_ATIM_END) 1808 handle_irq_atim_end(dev); 1809 if (reason & B43_IRQ_BEACON) 1810 handle_irq_beacon(dev); 1811 if (reason & B43_IRQ_PMQ) 1812 handle_irq_pmq(dev); 1813 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1814 ;/* TODO */ 1815 if (reason & B43_IRQ_NOISESAMPLE_OK) 1816 handle_irq_noise(dev); 1817 1818 /* Check the DMA reason registers for received data. */ 1819 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1820 if (b43_using_pio_transfers(dev)) 1821 b43_pio_rx(dev->pio.rx_queue); 1822 else 1823 b43_dma_rx(dev->dma.rx_ring); 1824 } 1825 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1826 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1827 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1828 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1829 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1830 1831 if (reason & B43_IRQ_TX_OK) 1832 handle_irq_transmit_status(dev); 1833 1834 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1835 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1836 1837#if B43_DEBUG 1838 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1839 dev->irq_count++; 1840 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1841 if (reason & (1 << i)) 1842 dev->irq_bit_count[i]++; 1843 } 1844 } 1845#endif 1846} 1847 1848/* Interrupt thread handler. Handles device interrupts in thread context. */ 1849static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1850{ 1851 struct b43_wldev *dev = dev_id; 1852 1853 mutex_lock(&dev->wl->mutex); 1854 b43_do_interrupt_thread(dev); 1855 mmiowb(); 1856 mutex_unlock(&dev->wl->mutex); 1857 1858 return IRQ_HANDLED; 1859} 1860 1861static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1862{ 1863 u32 reason; 1864 1865 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1866 * On SDIO, this runs under wl->mutex. */ 1867 1868 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1869 if (reason == 0xffffffff) /* shared IRQ */ 1870 return IRQ_NONE; 1871 reason &= dev->irq_mask; 1872 if (!reason) 1873 return IRQ_HANDLED; 1874 1875 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1876 & 0x0001DC00; 1877 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1878 & 0x0000DC00; 1879 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1880 & 0x0000DC00; 1881 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1882 & 0x0001DC00; 1883 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1884 & 0x0000DC00; 1885/* Unused ring 1886 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1887 & 0x0000DC00; 1888*/ 1889 1890 /* ACK the interrupt. */ 1891 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1892 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1893 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1894 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1895 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1896 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1897/* Unused ring 1898 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1899*/ 1900 1901 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1902 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1903 /* Save the reason bitmasks for the IRQ thread handler. */ 1904 dev->irq_reason = reason; 1905 1906 return IRQ_WAKE_THREAD; 1907} 1908 1909/* Interrupt handler top-half. This runs with interrupts disabled. */ 1910static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1911{ 1912 struct b43_wldev *dev = dev_id; 1913 irqreturn_t ret; 1914 1915 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1916 return IRQ_NONE; 1917 1918 spin_lock(&dev->wl->hardirq_lock); 1919 ret = b43_do_interrupt(dev); 1920 mmiowb(); 1921 spin_unlock(&dev->wl->hardirq_lock); 1922 1923 return ret; 1924} 1925 1926/* SDIO interrupt handler. This runs in process context. */ 1927static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1928{ 1929 struct b43_wl *wl = dev->wl; 1930 irqreturn_t ret; 1931 1932 mutex_lock(&wl->mutex); 1933 1934 ret = b43_do_interrupt(dev); 1935 if (ret == IRQ_WAKE_THREAD) 1936 b43_do_interrupt_thread(dev); 1937 1938 mutex_unlock(&wl->mutex); 1939} 1940 1941void b43_do_release_fw(struct b43_firmware_file *fw) 1942{ 1943 release_firmware(fw->data); 1944 fw->data = NULL; 1945 fw->filename = NULL; 1946} 1947 1948static void b43_release_firmware(struct b43_wldev *dev) 1949{ 1950 b43_do_release_fw(&dev->fw.ucode); 1951 b43_do_release_fw(&dev->fw.pcm); 1952 b43_do_release_fw(&dev->fw.initvals); 1953 b43_do_release_fw(&dev->fw.initvals_band); 1954} 1955 1956static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1957{ 1958 const char text[] = 1959 "You must go to " \ 1960 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 1961 "and download the correct firmware for this driver version. " \ 1962 "Please carefully read all instructions on this website.\n"; 1963 1964 if (error) 1965 b43err(wl, text); 1966 else 1967 b43warn(wl, text); 1968} 1969 1970int b43_do_request_fw(struct b43_request_fw_context *ctx, 1971 const char *name, 1972 struct b43_firmware_file *fw) 1973{ 1974 const struct firmware *blob; 1975 struct b43_fw_header *hdr; 1976 u32 size; 1977 int err; 1978 1979 if (!name) { 1980 /* Don't fetch anything. Free possibly cached firmware. */ 1981 /* FIXME: We should probably keep it anyway, to save some headache 1982 * on suspend/resume with multiband devices. */ 1983 b43_do_release_fw(fw); 1984 return 0; 1985 } 1986 if (fw->filename) { 1987 if ((fw->type == ctx->req_type) && 1988 (strcmp(fw->filename, name) == 0)) 1989 return 0; /* Already have this fw. */ 1990 /* Free the cached firmware first. */ 1991 /* FIXME: We should probably do this later after we successfully 1992 * got the new fw. This could reduce headache with multiband devices. 1993 * We could also redesign this to cache the firmware for all possible 1994 * bands all the time. */ 1995 b43_do_release_fw(fw); 1996 } 1997 1998 switch (ctx->req_type) { 1999 case B43_FWTYPE_PROPRIETARY: 2000 snprintf(ctx->fwname, sizeof(ctx->fwname), 2001 "b43%s/%s.fw", 2002 modparam_fwpostfix, name); 2003 break; 2004 case B43_FWTYPE_OPENSOURCE: 2005 snprintf(ctx->fwname, sizeof(ctx->fwname), 2006 "b43-open%s/%s.fw", 2007 modparam_fwpostfix, name); 2008 break; 2009 default: 2010 B43_WARN_ON(1); 2011 return -ENOSYS; 2012 } 2013 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2014 if (err == -ENOENT) { 2015 snprintf(ctx->errors[ctx->req_type], 2016 sizeof(ctx->errors[ctx->req_type]), 2017 "Firmware file \"%s\" not found\n", ctx->fwname); 2018 return err; 2019 } else if (err) { 2020 snprintf(ctx->errors[ctx->req_type], 2021 sizeof(ctx->errors[ctx->req_type]), 2022 "Firmware file \"%s\" request failed (err=%d)\n", 2023 ctx->fwname, err); 2024 return err; 2025 } 2026 if (blob->size < sizeof(struct b43_fw_header)) 2027 goto err_format; 2028 hdr = (struct b43_fw_header *)(blob->data); 2029 switch (hdr->type) { 2030 case B43_FW_TYPE_UCODE: 2031 case B43_FW_TYPE_PCM: 2032 size = be32_to_cpu(hdr->size); 2033 if (size != blob->size - sizeof(struct b43_fw_header)) 2034 goto err_format; 2035 /* fallthrough */ 2036 case B43_FW_TYPE_IV: 2037 if (hdr->ver != 1) 2038 goto err_format; 2039 break; 2040 default: 2041 goto err_format; 2042 } 2043 2044 fw->data = blob; 2045 fw->filename = name; 2046 fw->type = ctx->req_type; 2047 2048 return 0; 2049 2050err_format: 2051 snprintf(ctx->errors[ctx->req_type], 2052 sizeof(ctx->errors[ctx->req_type]), 2053 "Firmware file \"%s\" format error.\n", ctx->fwname); 2054 release_firmware(blob); 2055 2056 return -EPROTO; 2057} 2058 2059static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2060{ 2061 struct b43_wldev *dev = ctx->dev; 2062 struct b43_firmware *fw = &ctx->dev->fw; 2063 const u8 rev = ctx->dev->dev->id.revision; 2064 const char *filename; 2065 u32 tmshigh; 2066 int err; 2067 2068 /* Get microcode */ 2069 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 2070 if ((rev >= 5) && (rev <= 10)) 2071 filename = "ucode5"; 2072 else if ((rev >= 11) && (rev <= 12)) 2073 filename = "ucode11"; 2074 else if (rev == 13) 2075 filename = "ucode13"; 2076 else if (rev == 14) 2077 filename = "ucode14"; 2078 else if (rev >= 15) 2079 filename = "ucode15"; 2080 else 2081 goto err_no_ucode; 2082 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2083 if (err) 2084 goto err_load; 2085 2086 /* Get PCM code */ 2087 if ((rev >= 5) && (rev <= 10)) 2088 filename = "pcm5"; 2089 else if (rev >= 11) 2090 filename = NULL; 2091 else 2092 goto err_no_pcm; 2093 fw->pcm_request_failed = 0; 2094 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2095 if (err == -ENOENT) { 2096 /* We did not find a PCM file? Not fatal, but 2097 * core rev <= 10 must do without hwcrypto then. */ 2098 fw->pcm_request_failed = 1; 2099 } else if (err) 2100 goto err_load; 2101 2102 /* Get initvals */ 2103 switch (dev->phy.type) { 2104 case B43_PHYTYPE_A: 2105 if ((rev >= 5) && (rev <= 10)) { 2106 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2107 filename = "a0g1initvals5"; 2108 else 2109 filename = "a0g0initvals5"; 2110 } else 2111 goto err_no_initvals; 2112 break; 2113 case B43_PHYTYPE_G: 2114 if ((rev >= 5) && (rev <= 10)) 2115 filename = "b0g0initvals5"; 2116 else if (rev >= 13) 2117 filename = "b0g0initvals13"; 2118 else 2119 goto err_no_initvals; 2120 break; 2121 case B43_PHYTYPE_N: 2122 if ((rev >= 11) && (rev <= 12)) 2123 filename = "n0initvals11"; 2124 else 2125 goto err_no_initvals; 2126 break; 2127 case B43_PHYTYPE_LP: 2128 if (rev == 13) 2129 filename = "lp0initvals13"; 2130 else if (rev == 14) 2131 filename = "lp0initvals14"; 2132 else if (rev >= 15) 2133 filename = "lp0initvals15"; 2134 else 2135 goto err_no_initvals; 2136 break; 2137 default: 2138 goto err_no_initvals; 2139 } 2140 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2141 if (err) 2142 goto err_load; 2143 2144 /* Get bandswitch initvals */ 2145 switch (dev->phy.type) { 2146 case B43_PHYTYPE_A: 2147 if ((rev >= 5) && (rev <= 10)) { 2148 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2149 filename = "a0g1bsinitvals5"; 2150 else 2151 filename = "a0g0bsinitvals5"; 2152 } else if (rev >= 11) 2153 filename = NULL; 2154 else 2155 goto err_no_initvals; 2156 break; 2157 case B43_PHYTYPE_G: 2158 if ((rev >= 5) && (rev <= 10)) 2159 filename = "b0g0bsinitvals5"; 2160 else if (rev >= 11) 2161 filename = NULL; 2162 else 2163 goto err_no_initvals; 2164 break; 2165 case B43_PHYTYPE_N: 2166 if ((rev >= 11) && (rev <= 12)) 2167 filename = "n0bsinitvals11"; 2168 else 2169 goto err_no_initvals; 2170 break; 2171 case B43_PHYTYPE_LP: 2172 if (rev == 13) 2173 filename = "lp0bsinitvals13"; 2174 else if (rev == 14) 2175 filename = "lp0bsinitvals14"; 2176 else if (rev >= 15) 2177 filename = "lp0bsinitvals15"; 2178 else 2179 goto err_no_initvals; 2180 break; 2181 default: 2182 goto err_no_initvals; 2183 } 2184 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2185 if (err) 2186 goto err_load; 2187 2188 return 0; 2189 2190err_no_ucode: 2191 err = ctx->fatal_failure = -EOPNOTSUPP; 2192 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2193 "is required for your device (wl-core rev %u)\n", rev); 2194 goto error; 2195 2196err_no_pcm: 2197 err = ctx->fatal_failure = -EOPNOTSUPP; 2198 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2199 "is required for your device (wl-core rev %u)\n", rev); 2200 goto error; 2201 2202err_no_initvals: 2203 err = ctx->fatal_failure = -EOPNOTSUPP; 2204 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2205 "is required for your device (wl-core rev %u)\n", rev); 2206 goto error; 2207 2208err_load: 2209 /* We failed to load this firmware image. The error message 2210 * already is in ctx->errors. Return and let our caller decide 2211 * what to do. */ 2212 goto error; 2213 2214error: 2215 b43_release_firmware(dev); 2216 return err; 2217} 2218 2219static int b43_request_firmware(struct b43_wldev *dev) 2220{ 2221 struct b43_request_fw_context *ctx; 2222 unsigned int i; 2223 int err; 2224 const char *errmsg; 2225 2226 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2227 if (!ctx) 2228 return -ENOMEM; 2229 ctx->dev = dev; 2230 2231 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2232 err = b43_try_request_fw(ctx); 2233 if (!err) 2234 goto out; /* Successfully loaded it. */ 2235 err = ctx->fatal_failure; 2236 if (err) 2237 goto out; 2238 2239 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2240 err = b43_try_request_fw(ctx); 2241 if (!err) 2242 goto out; /* Successfully loaded it. */ 2243 err = ctx->fatal_failure; 2244 if (err) 2245 goto out; 2246 2247 /* Could not find a usable firmware. Print the errors. */ 2248 for (i = 0; i < B43_NR_FWTYPES; i++) { 2249 errmsg = ctx->errors[i]; 2250 if (strlen(errmsg)) 2251 b43err(dev->wl, errmsg); 2252 } 2253 b43_print_fw_helptext(dev->wl, 1); 2254 err = -ENOENT; 2255 2256out: 2257 kfree(ctx); 2258 return err; 2259} 2260 2261static int b43_upload_microcode(struct b43_wldev *dev) 2262{ 2263 const size_t hdr_len = sizeof(struct b43_fw_header); 2264 const __be32 *data; 2265 unsigned int i, len; 2266 u16 fwrev, fwpatch, fwdate, fwtime; 2267 u32 tmp, macctl; 2268 int err = 0; 2269 2270 /* Jump the microcode PSM to offset 0 */ 2271 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2272 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2273 macctl |= B43_MACCTL_PSM_JMP0; 2274 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2275 /* Zero out all microcode PSM registers and shared memory. */ 2276 for (i = 0; i < 64; i++) 2277 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2278 for (i = 0; i < 4096; i += 2) 2279 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2280 2281 /* Upload Microcode. */ 2282 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2283 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2284 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2285 for (i = 0; i < len; i++) { 2286 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2287 udelay(10); 2288 } 2289 2290 if (dev->fw.pcm.data) { 2291 /* Upload PCM data. */ 2292 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2293 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2294 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2295 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2296 /* No need for autoinc bit in SHM_HW */ 2297 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2298 for (i = 0; i < len; i++) { 2299 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2300 udelay(10); 2301 } 2302 } 2303 2304 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2305 2306 /* Start the microcode PSM */ 2307 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2308 macctl &= ~B43_MACCTL_PSM_JMP0; 2309 macctl |= B43_MACCTL_PSM_RUN; 2310 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2311 2312 /* Wait for the microcode to load and respond */ 2313 i = 0; 2314 while (1) { 2315 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2316 if (tmp == B43_IRQ_MAC_SUSPENDED) 2317 break; 2318 i++; 2319 if (i >= 20) { 2320 b43err(dev->wl, "Microcode not responding\n"); 2321 b43_print_fw_helptext(dev->wl, 1); 2322 err = -ENODEV; 2323 goto error; 2324 } 2325 msleep(50); 2326 } 2327 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2328 2329 /* Get and check the revisions. */ 2330 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2331 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2332 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2333 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2334 2335 if (fwrev <= 0x128) { 2336 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2337 "binary drivers older than version 4.x is unsupported. " 2338 "You must upgrade your firmware files.\n"); 2339 b43_print_fw_helptext(dev->wl, 1); 2340 err = -EOPNOTSUPP; 2341 goto error; 2342 } 2343 dev->fw.rev = fwrev; 2344 dev->fw.patch = fwpatch; 2345 dev->fw.opensource = (fwdate == 0xFFFF); 2346 2347 /* Default to use-all-queues. */ 2348 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2349 dev->qos_enabled = !!modparam_qos; 2350 /* Default to firmware/hardware crypto acceleration. */ 2351 dev->hwcrypto_enabled = 1; 2352 2353 if (dev->fw.opensource) { 2354 u16 fwcapa; 2355 2356 /* Patchlevel info is encoded in the "time" field. */ 2357 dev->fw.patch = fwtime; 2358 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2359 dev->fw.rev, dev->fw.patch); 2360 2361 fwcapa = b43_fwcapa_read(dev); 2362 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2363 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2364 /* Disable hardware crypto and fall back to software crypto. */ 2365 dev->hwcrypto_enabled = 0; 2366 } 2367 if (!(fwcapa & B43_FWCAPA_QOS)) { 2368 b43info(dev->wl, "QoS not supported by firmware\n"); 2369 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2370 * ieee80211_unregister to make sure the networking core can 2371 * properly free possible resources. */ 2372 dev->wl->hw->queues = 1; 2373 dev->qos_enabled = 0; 2374 } 2375 } else { 2376 b43info(dev->wl, "Loading firmware version %u.%u " 2377 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2378 fwrev, fwpatch, 2379 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2380 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2381 if (dev->fw.pcm_request_failed) { 2382 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2383 "Hardware accelerated cryptography is disabled.\n"); 2384 b43_print_fw_helptext(dev->wl, 0); 2385 } 2386 } 2387 2388 if (b43_is_old_txhdr_format(dev)) { 2389 /* We're over the deadline, but we keep support for old fw 2390 * until it turns out to be in major conflict with something new. */ 2391 b43warn(dev->wl, "You are using an old firmware image. " 2392 "Support for old firmware will be removed soon " 2393 "(official deadline was July 2008).\n"); 2394 b43_print_fw_helptext(dev->wl, 0); 2395 } 2396 2397 return 0; 2398 2399error: 2400 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2401 macctl &= ~B43_MACCTL_PSM_RUN; 2402 macctl |= B43_MACCTL_PSM_JMP0; 2403 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2404 2405 return err; 2406} 2407 2408static int b43_write_initvals(struct b43_wldev *dev, 2409 const struct b43_iv *ivals, 2410 size_t count, 2411 size_t array_size) 2412{ 2413 const struct b43_iv *iv; 2414 u16 offset; 2415 size_t i; 2416 bool bit32; 2417 2418 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2419 iv = ivals; 2420 for (i = 0; i < count; i++) { 2421 if (array_size < sizeof(iv->offset_size)) 2422 goto err_format; 2423 array_size -= sizeof(iv->offset_size); 2424 offset = be16_to_cpu(iv->offset_size); 2425 bit32 = !!(offset & B43_IV_32BIT); 2426 offset &= B43_IV_OFFSET_MASK; 2427 if (offset >= 0x1000) 2428 goto err_format; 2429 if (bit32) { 2430 u32 value; 2431 2432 if (array_size < sizeof(iv->data.d32)) 2433 goto err_format; 2434 array_size -= sizeof(iv->data.d32); 2435 2436 value = get_unaligned_be32(&iv->data.d32); 2437 b43_write32(dev, offset, value); 2438 2439 iv = (const struct b43_iv *)((const uint8_t *)iv + 2440 sizeof(__be16) + 2441 sizeof(__be32)); 2442 } else { 2443 u16 value; 2444 2445 if (array_size < sizeof(iv->data.d16)) 2446 goto err_format; 2447 array_size -= sizeof(iv->data.d16); 2448 2449 value = be16_to_cpu(iv->data.d16); 2450 b43_write16(dev, offset, value); 2451 2452 iv = (const struct b43_iv *)((const uint8_t *)iv + 2453 sizeof(__be16) + 2454 sizeof(__be16)); 2455 } 2456 } 2457 if (array_size) 2458 goto err_format; 2459 2460 return 0; 2461 2462err_format: 2463 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2464 b43_print_fw_helptext(dev->wl, 1); 2465 2466 return -EPROTO; 2467} 2468 2469static int b43_upload_initvals(struct b43_wldev *dev) 2470{ 2471 const size_t hdr_len = sizeof(struct b43_fw_header); 2472 const struct b43_fw_header *hdr; 2473 struct b43_firmware *fw = &dev->fw; 2474 const struct b43_iv *ivals; 2475 size_t count; 2476 int err; 2477 2478 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2479 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2480 count = be32_to_cpu(hdr->size); 2481 err = b43_write_initvals(dev, ivals, count, 2482 fw->initvals.data->size - hdr_len); 2483 if (err) 2484 goto out; 2485 if (fw->initvals_band.data) { 2486 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2487 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2488 count = be32_to_cpu(hdr->size); 2489 err = b43_write_initvals(dev, ivals, count, 2490 fw->initvals_band.data->size - hdr_len); 2491 if (err) 2492 goto out; 2493 } 2494out: 2495 2496 return err; 2497} 2498 2499/* Initialize the GPIOs 2500 * http://bcm-specs.sipsolutions.net/GPIO 2501 */ 2502static int b43_gpio_init(struct b43_wldev *dev) 2503{ 2504 struct ssb_bus *bus = dev->dev->bus; 2505 struct ssb_device *gpiodev, *pcidev = NULL; 2506 u32 mask, set; 2507 2508 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2509 & ~B43_MACCTL_GPOUTSMSK); 2510 2511 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2512 | 0x000F); 2513 2514 mask = 0x0000001F; 2515 set = 0x0000000F; 2516 if (dev->dev->bus->chip_id == 0x4301) { 2517 mask |= 0x0060; 2518 set |= 0x0060; 2519 } 2520 if (0 /* FIXME: conditional unknown */ ) { 2521 b43_write16(dev, B43_MMIO_GPIO_MASK, 2522 b43_read16(dev, B43_MMIO_GPIO_MASK) 2523 | 0x0100); 2524 mask |= 0x0180; 2525 set |= 0x0180; 2526 } 2527 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2528 b43_write16(dev, B43_MMIO_GPIO_MASK, 2529 b43_read16(dev, B43_MMIO_GPIO_MASK) 2530 | 0x0200); 2531 mask |= 0x0200; 2532 set |= 0x0200; 2533 } 2534 if (dev->dev->id.revision >= 2) 2535 mask |= 0x0010; /* FIXME: This is redundant. */ 2536 2537#ifdef CONFIG_SSB_DRIVER_PCICORE 2538 pcidev = bus->pcicore.dev; 2539#endif 2540 gpiodev = bus->chipco.dev ? : pcidev; 2541 if (!gpiodev) 2542 return 0; 2543 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2544 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2545 & mask) | set); 2546 2547 return 0; 2548} 2549 2550/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2551static void b43_gpio_cleanup(struct b43_wldev *dev) 2552{ 2553 struct ssb_bus *bus = dev->dev->bus; 2554 struct ssb_device *gpiodev, *pcidev = NULL; 2555 2556#ifdef CONFIG_SSB_DRIVER_PCICORE 2557 pcidev = bus->pcicore.dev; 2558#endif 2559 gpiodev = bus->chipco.dev ? : pcidev; 2560 if (!gpiodev) 2561 return; 2562 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2563} 2564 2565/* http://bcm-specs.sipsolutions.net/EnableMac */ 2566void b43_mac_enable(struct b43_wldev *dev) 2567{ 2568 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2569 u16 fwstate; 2570 2571 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2572 B43_SHM_SH_UCODESTAT); 2573 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2574 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2575 b43err(dev->wl, "b43_mac_enable(): The firmware " 2576 "should be suspended, but current state is %u\n", 2577 fwstate); 2578 } 2579 } 2580 2581 dev->mac_suspended--; 2582 B43_WARN_ON(dev->mac_suspended < 0); 2583 if (dev->mac_suspended == 0) { 2584 b43_write32(dev, B43_MMIO_MACCTL, 2585 b43_read32(dev, B43_MMIO_MACCTL) 2586 | B43_MACCTL_ENABLED); 2587 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2588 B43_IRQ_MAC_SUSPENDED); 2589 /* Commit writes */ 2590 b43_read32(dev, B43_MMIO_MACCTL); 2591 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2592 b43_power_saving_ctl_bits(dev, 0); 2593 } 2594} 2595 2596/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2597void b43_mac_suspend(struct b43_wldev *dev) 2598{ 2599 int i; 2600 u32 tmp; 2601 2602 might_sleep(); 2603 B43_WARN_ON(dev->mac_suspended < 0); 2604 2605 if (dev->mac_suspended == 0) { 2606 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2607 b43_write32(dev, B43_MMIO_MACCTL, 2608 b43_read32(dev, B43_MMIO_MACCTL) 2609 & ~B43_MACCTL_ENABLED); 2610 /* force pci to flush the write */ 2611 b43_read32(dev, B43_MMIO_MACCTL); 2612 for (i = 35; i; i--) { 2613 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2614 if (tmp & B43_IRQ_MAC_SUSPENDED) 2615 goto out; 2616 udelay(10); 2617 } 2618 /* Hm, it seems this will take some time. Use msleep(). */ 2619 for (i = 40; i; i--) { 2620 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2621 if (tmp & B43_IRQ_MAC_SUSPENDED) 2622 goto out; 2623 msleep(1); 2624 } 2625 b43err(dev->wl, "MAC suspend failed\n"); 2626 } 2627out: 2628 dev->mac_suspended++; 2629} 2630 2631static void b43_adjust_opmode(struct b43_wldev *dev) 2632{ 2633 struct b43_wl *wl = dev->wl; 2634 u32 ctl; 2635 u16 cfp_pretbtt; 2636 2637 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2638 /* Reset status to STA infrastructure mode. */ 2639 ctl &= ~B43_MACCTL_AP; 2640 ctl &= ~B43_MACCTL_KEEP_CTL; 2641 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2642 ctl &= ~B43_MACCTL_KEEP_BAD; 2643 ctl &= ~B43_MACCTL_PROMISC; 2644 ctl &= ~B43_MACCTL_BEACPROMISC; 2645 ctl |= B43_MACCTL_INFRA; 2646 2647 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2648 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2649 ctl |= B43_MACCTL_AP; 2650 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2651 ctl &= ~B43_MACCTL_INFRA; 2652 2653 if (wl->filter_flags & FIF_CONTROL) 2654 ctl |= B43_MACCTL_KEEP_CTL; 2655 if (wl->filter_flags & FIF_FCSFAIL) 2656 ctl |= B43_MACCTL_KEEP_BAD; 2657 if (wl->filter_flags & FIF_PLCPFAIL) 2658 ctl |= B43_MACCTL_KEEP_BADPLCP; 2659 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2660 ctl |= B43_MACCTL_PROMISC; 2661 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2662 ctl |= B43_MACCTL_BEACPROMISC; 2663 2664 /* Workaround: On old hardware the HW-MAC-address-filter 2665 * doesn't work properly, so always run promisc in filter 2666 * it in software. */ 2667 if (dev->dev->id.revision <= 4) 2668 ctl |= B43_MACCTL_PROMISC; 2669 2670 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2671 2672 cfp_pretbtt = 2; 2673 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2674 if (dev->dev->bus->chip_id == 0x4306 && 2675 dev->dev->bus->chip_rev == 3) 2676 cfp_pretbtt = 100; 2677 else 2678 cfp_pretbtt = 50; 2679 } 2680 b43_write16(dev, 0x612, cfp_pretbtt); 2681 2682 /* FIXME: We don't currently implement the PMQ mechanism, 2683 * so always disable it. If we want to implement PMQ, 2684 * we need to enable it here (clear DISCPMQ) in AP mode. 2685 */ 2686 if (0 /* ctl & B43_MACCTL_AP */) { 2687 b43_write32(dev, B43_MMIO_MACCTL, 2688 b43_read32(dev, B43_MMIO_MACCTL) 2689 & ~B43_MACCTL_DISCPMQ); 2690 } else { 2691 b43_write32(dev, B43_MMIO_MACCTL, 2692 b43_read32(dev, B43_MMIO_MACCTL) 2693 | B43_MACCTL_DISCPMQ); 2694 } 2695} 2696 2697static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2698{ 2699 u16 offset; 2700 2701 if (is_ofdm) { 2702 offset = 0x480; 2703 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2704 } else { 2705 offset = 0x4C0; 2706 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2707 } 2708 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2709 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2710} 2711 2712static void b43_rate_memory_init(struct b43_wldev *dev) 2713{ 2714 switch (dev->phy.type) { 2715 case B43_PHYTYPE_A: 2716 case B43_PHYTYPE_G: 2717 case B43_PHYTYPE_N: 2718 case B43_PHYTYPE_LP: 2719 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2720 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2721 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2722 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2723 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2724 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2725 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2726 if (dev->phy.type == B43_PHYTYPE_A) 2727 break; 2728 /* fallthrough */ 2729 case B43_PHYTYPE_B: 2730 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2731 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2732 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2733 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2734 break; 2735 default: 2736 B43_WARN_ON(1); 2737 } 2738} 2739 2740/* Set the default values for the PHY TX Control Words. */ 2741static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2742{ 2743 u16 ctl = 0; 2744 2745 ctl |= B43_TXH_PHY_ENC_CCK; 2746 ctl |= B43_TXH_PHY_ANT01AUTO; 2747 ctl |= B43_TXH_PHY_TXPWR; 2748 2749 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2750 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2751 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2752} 2753 2754/* Set the TX-Antenna for management frames sent by firmware. */ 2755static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2756{ 2757 u16 ant; 2758 u16 tmp; 2759 2760 ant = b43_antenna_to_phyctl(antenna); 2761 2762 /* For ACK/CTS */ 2763 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2764 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2765 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2766 /* For Probe Resposes */ 2767 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2768 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2769 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2770} 2771 2772/* This is the opposite of b43_chip_init() */ 2773static void b43_chip_exit(struct b43_wldev *dev) 2774{ 2775 b43_phy_exit(dev); 2776 b43_gpio_cleanup(dev); 2777 /* firmware is released later */ 2778} 2779 2780/* Initialize the chip 2781 * http://bcm-specs.sipsolutions.net/ChipInit 2782 */ 2783static int b43_chip_init(struct b43_wldev *dev) 2784{ 2785 struct b43_phy *phy = &dev->phy; 2786 int err; 2787 u32 value32, macctl; 2788 u16 value16; 2789 2790 /* Initialize the MAC control */ 2791 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2792 if (dev->phy.gmode) 2793 macctl |= B43_MACCTL_GMODE; 2794 macctl |= B43_MACCTL_INFRA; 2795 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2796 2797 err = b43_request_firmware(dev); 2798 if (err) 2799 goto out; 2800 err = b43_upload_microcode(dev); 2801 if (err) 2802 goto out; /* firmware is released later */ 2803 2804 err = b43_gpio_init(dev); 2805 if (err) 2806 goto out; /* firmware is released later */ 2807 2808 err = b43_upload_initvals(dev); 2809 if (err) 2810 goto err_gpio_clean; 2811 2812 /* Turn the Analog on and initialize the PHY. */ 2813 phy->ops->switch_analog(dev, 1); 2814 err = b43_phy_init(dev); 2815 if (err) 2816 goto err_gpio_clean; 2817 2818 /* Disable Interference Mitigation. */ 2819 if (phy->ops->interf_mitigation) 2820 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2821 2822 /* Select the antennae */ 2823 if (phy->ops->set_rx_antenna) 2824 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2825 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2826 2827 if (phy->type == B43_PHYTYPE_B) { 2828 value16 = b43_read16(dev, 0x005E); 2829 value16 |= 0x0004; 2830 b43_write16(dev, 0x005E, value16); 2831 } 2832 b43_write32(dev, 0x0100, 0x01000000); 2833 if (dev->dev->id.revision < 5) 2834 b43_write32(dev, 0x010C, 0x01000000); 2835 2836 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2837 & ~B43_MACCTL_INFRA); 2838 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2839 | B43_MACCTL_INFRA); 2840 2841 /* Probe Response Timeout value */ 2842 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2843 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2844 2845 /* Initially set the wireless operation mode. */ 2846 b43_adjust_opmode(dev); 2847 2848 if (dev->dev->id.revision < 3) { 2849 b43_write16(dev, 0x060E, 0x0000); 2850 b43_write16(dev, 0x0610, 0x8000); 2851 b43_write16(dev, 0x0604, 0x0000); 2852 b43_write16(dev, 0x0606, 0x0200); 2853 } else { 2854 b43_write32(dev, 0x0188, 0x80000000); 2855 b43_write32(dev, 0x018C, 0x02000000); 2856 } 2857 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2858 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2859 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2860 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2861 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2862 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2863 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2864 2865 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2866 value32 |= 0x00100000; 2867 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2868 2869 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2870 dev->dev->bus->chipco.fast_pwrup_delay); 2871 2872 err = 0; 2873 b43dbg(dev->wl, "Chip initialized\n"); 2874out: 2875 return err; 2876 2877err_gpio_clean: 2878 b43_gpio_cleanup(dev); 2879 return err; 2880} 2881 2882static void b43_periodic_every60sec(struct b43_wldev *dev) 2883{ 2884 const struct b43_phy_operations *ops = dev->phy.ops; 2885 2886 if (ops->pwork_60sec) 2887 ops->pwork_60sec(dev); 2888 2889 /* Force check the TX power emission now. */ 2890 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2891} 2892 2893static void b43_periodic_every30sec(struct b43_wldev *dev) 2894{ 2895 /* Update device statistics. */ 2896 b43_calculate_link_quality(dev); 2897} 2898 2899static void b43_periodic_every15sec(struct b43_wldev *dev) 2900{ 2901 struct b43_phy *phy = &dev->phy; 2902 u16 wdr; 2903 2904 if (dev->fw.opensource) { 2905 /* Check if the firmware is still alive. 2906 * It will reset the watchdog counter to 0 in its idle loop. */ 2907 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2908 if (unlikely(wdr)) { 2909 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2910 b43_controller_restart(dev, "Firmware watchdog"); 2911 return; 2912 } else { 2913 b43_shm_write16(dev, B43_SHM_SCRATCH, 2914 B43_WATCHDOG_REG, 1); 2915 } 2916 } 2917 2918 if (phy->ops->pwork_15sec) 2919 phy->ops->pwork_15sec(dev); 2920 2921 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2922 wmb(); 2923 2924#if B43_DEBUG 2925 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 2926 unsigned int i; 2927 2928 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 2929 dev->irq_count / 15, 2930 dev->tx_count / 15, 2931 dev->rx_count / 15); 2932 dev->irq_count = 0; 2933 dev->tx_count = 0; 2934 dev->rx_count = 0; 2935 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 2936 if (dev->irq_bit_count[i]) { 2937 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 2938 dev->irq_bit_count[i] / 15, i, (1 << i)); 2939 dev->irq_bit_count[i] = 0; 2940 } 2941 } 2942 } 2943#endif 2944} 2945 2946static void do_periodic_work(struct b43_wldev *dev) 2947{ 2948 unsigned int state; 2949 2950 state = dev->periodic_state; 2951 if (state % 4 == 0) 2952 b43_periodic_every60sec(dev); 2953 if (state % 2 == 0) 2954 b43_periodic_every30sec(dev); 2955 b43_periodic_every15sec(dev); 2956} 2957 2958/* Periodic work locking policy: 2959 * The whole periodic work handler is protected by 2960 * wl->mutex. If another lock is needed somewhere in the 2961 * pwork callchain, it's acquired in-place, where it's needed. 2962 */ 2963static void b43_periodic_work_handler(struct work_struct *work) 2964{ 2965 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2966 periodic_work.work); 2967 struct b43_wl *wl = dev->wl; 2968 unsigned long delay; 2969 2970 mutex_lock(&wl->mutex); 2971 2972 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2973 goto out; 2974 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2975 goto out_requeue; 2976 2977 do_periodic_work(dev); 2978 2979 dev->periodic_state++; 2980out_requeue: 2981 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2982 delay = msecs_to_jiffies(50); 2983 else 2984 delay = round_jiffies_relative(HZ * 15); 2985 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 2986out: 2987 mutex_unlock(&wl->mutex); 2988} 2989 2990static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2991{ 2992 struct delayed_work *work = &dev->periodic_work; 2993 2994 dev->periodic_state = 0; 2995 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2996 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 2997} 2998 2999/* Check if communication with the device works correctly. */ 3000static int b43_validate_chipaccess(struct b43_wldev *dev) 3001{ 3002 u32 v, backup0, backup4; 3003 3004 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3005 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3006 3007 /* Check for read/write and endianness problems. */ 3008 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3009 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3010 goto error; 3011 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3012 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3013 goto error; 3014 3015 /* Check if unaligned 32bit SHM_SHARED access works properly. 3016 * However, don't bail out on failure, because it's noncritical. */ 3017 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3018 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3019 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3020 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3021 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3022 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3023 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3024 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3025 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3026 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3027 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3028 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3029 3030 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3031 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3032 3033 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 3034 /* The 32bit register shadows the two 16bit registers 3035 * with update sideeffects. Validate this. */ 3036 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3037 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3038 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3039 goto error; 3040 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3041 goto error; 3042 } 3043 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3044 3045 v = b43_read32(dev, B43_MMIO_MACCTL); 3046 v |= B43_MACCTL_GMODE; 3047 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3048 goto error; 3049 3050 return 0; 3051error: 3052 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3053 return -ENODEV; 3054} 3055 3056static void b43_security_init(struct b43_wldev *dev) 3057{ 3058 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3059 /* KTP is a word address, but we address SHM bytewise. 3060 * So multiply by two. 3061 */ 3062 dev->ktp *= 2; 3063 /* Number of RCMTA address slots */ 3064 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3065 /* Clear the key memory. */ 3066 b43_clear_keys(dev); 3067} 3068 3069#ifdef CONFIG_B43_HWRNG 3070static int b43_rng_read(struct hwrng *rng, u32 *data) 3071{ 3072 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3073 struct b43_wldev *dev; 3074 int count = -ENODEV; 3075 3076 mutex_lock(&wl->mutex); 3077 dev = wl->current_dev; 3078 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3079 *data = b43_read16(dev, B43_MMIO_RNG); 3080 count = sizeof(u16); 3081 } 3082 mutex_unlock(&wl->mutex); 3083 3084 return count; 3085} 3086#endif /* CONFIG_B43_HWRNG */ 3087 3088static void b43_rng_exit(struct b43_wl *wl) 3089{ 3090#ifdef CONFIG_B43_HWRNG 3091 if (wl->rng_initialized) 3092 hwrng_unregister(&wl->rng); 3093#endif /* CONFIG_B43_HWRNG */ 3094} 3095 3096static int b43_rng_init(struct b43_wl *wl) 3097{ 3098 int err = 0; 3099 3100#ifdef CONFIG_B43_HWRNG 3101 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3102 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3103 wl->rng.name = wl->rng_name; 3104 wl->rng.data_read = b43_rng_read; 3105 wl->rng.priv = (unsigned long)wl; 3106 wl->rng_initialized = 1; 3107 err = hwrng_register(&wl->rng); 3108 if (err) { 3109 wl->rng_initialized = 0; 3110 b43err(wl, "Failed to register the random " 3111 "number generator (%d)\n", err); 3112 } 3113#endif /* CONFIG_B43_HWRNG */ 3114 3115 return err; 3116} 3117 3118static void b43_tx_work(struct work_struct *work) 3119{ 3120 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3121 struct b43_wldev *dev; 3122 struct sk_buff *skb; 3123 int err = 0; 3124 3125 mutex_lock(&wl->mutex); 3126 dev = wl->current_dev; 3127 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3128 mutex_unlock(&wl->mutex); 3129 return; 3130 } 3131 3132 while (skb_queue_len(&wl->tx_queue)) { 3133 skb = skb_dequeue(&wl->tx_queue); 3134 3135 if (b43_using_pio_transfers(dev)) 3136 err = b43_pio_tx(dev, skb); 3137 else 3138 err = b43_dma_tx(dev, skb); 3139 if (unlikely(err)) 3140 dev_kfree_skb(skb); /* Drop it */ 3141 } 3142 3143#if B43_DEBUG 3144 dev->tx_count++; 3145#endif 3146 mutex_unlock(&wl->mutex); 3147} 3148 3149static int b43_op_tx(struct ieee80211_hw *hw, 3150 struct sk_buff *skb) 3151{ 3152 struct b43_wl *wl = hw_to_b43_wl(hw); 3153 3154 if (unlikely(skb->len < 2 + 2 + 6)) { 3155 /* Too short, this can't be a valid frame. */ 3156 dev_kfree_skb_any(skb); 3157 return NETDEV_TX_OK; 3158 } 3159 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3160 3161 skb_queue_tail(&wl->tx_queue, skb); 3162 ieee80211_queue_work(wl->hw, &wl->tx_work); 3163 3164 return NETDEV_TX_OK; 3165} 3166 3167static void b43_qos_params_upload(struct b43_wldev *dev, 3168 const struct ieee80211_tx_queue_params *p, 3169 u16 shm_offset) 3170{ 3171 u16 params[B43_NR_QOSPARAMS]; 3172 int bslots, tmp; 3173 unsigned int i; 3174 3175 if (!dev->qos_enabled) 3176 return; 3177 3178 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3179 3180 memset(¶ms, 0, sizeof(params)); 3181 3182 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3183 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3184 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3185 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3186 params[B43_QOSPARAM_AIFS] = p->aifs; 3187 params[B43_QOSPARAM_BSLOTS] = bslots; 3188 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3189 3190 for (i = 0; i < ARRAY_SIZE(params); i++) { 3191 if (i == B43_QOSPARAM_STATUS) { 3192 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3193 shm_offset + (i * 2)); 3194 /* Mark the parameters as updated. */ 3195 tmp |= 0x100; 3196 b43_shm_write16(dev, B43_SHM_SHARED, 3197 shm_offset + (i * 2), 3198 tmp); 3199 } else { 3200 b43_shm_write16(dev, B43_SHM_SHARED, 3201 shm_offset + (i * 2), 3202 params[i]); 3203 } 3204 } 3205} 3206 3207/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3208static const u16 b43_qos_shm_offsets[] = { 3209 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3210 [0] = B43_QOS_VOICE, 3211 [1] = B43_QOS_VIDEO, 3212 [2] = B43_QOS_BESTEFFORT, 3213 [3] = B43_QOS_BACKGROUND, 3214}; 3215 3216/* Update all QOS parameters in hardware. */ 3217static void b43_qos_upload_all(struct b43_wldev *dev) 3218{ 3219 struct b43_wl *wl = dev->wl; 3220 struct b43_qos_params *params; 3221 unsigned int i; 3222 3223 if (!dev->qos_enabled) 3224 return; 3225 3226 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3227 ARRAY_SIZE(wl->qos_params)); 3228 3229 b43_mac_suspend(dev); 3230 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3231 params = &(wl->qos_params[i]); 3232 b43_qos_params_upload(dev, &(params->p), 3233 b43_qos_shm_offsets[i]); 3234 } 3235 b43_mac_enable(dev); 3236} 3237 3238static void b43_qos_clear(struct b43_wl *wl) 3239{ 3240 struct b43_qos_params *params; 3241 unsigned int i; 3242 3243 /* Initialize QoS parameters to sane defaults. */ 3244 3245 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3246 ARRAY_SIZE(wl->qos_params)); 3247 3248 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3249 params = &(wl->qos_params[i]); 3250 3251 switch (b43_qos_shm_offsets[i]) { 3252 case B43_QOS_VOICE: 3253 params->p.txop = 0; 3254 params->p.aifs = 2; 3255 params->p.cw_min = 0x0001; 3256 params->p.cw_max = 0x0001; 3257 break; 3258 case B43_QOS_VIDEO: 3259 params->p.txop = 0; 3260 params->p.aifs = 2; 3261 params->p.cw_min = 0x0001; 3262 params->p.cw_max = 0x0001; 3263 break; 3264 case B43_QOS_BESTEFFORT: 3265 params->p.txop = 0; 3266 params->p.aifs = 3; 3267 params->p.cw_min = 0x0001; 3268 params->p.cw_max = 0x03FF; 3269 break; 3270 case B43_QOS_BACKGROUND: 3271 params->p.txop = 0; 3272 params->p.aifs = 7; 3273 params->p.cw_min = 0x0001; 3274 params->p.cw_max = 0x03FF; 3275 break; 3276 default: 3277 B43_WARN_ON(1); 3278 } 3279 } 3280} 3281 3282/* Initialize the core's QOS capabilities */ 3283static void b43_qos_init(struct b43_wldev *dev) 3284{ 3285 if (!dev->qos_enabled) { 3286 /* Disable QOS support. */ 3287 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3288 b43_write16(dev, B43_MMIO_IFSCTL, 3289 b43_read16(dev, B43_MMIO_IFSCTL) 3290 & ~B43_MMIO_IFSCTL_USE_EDCF); 3291 b43dbg(dev->wl, "QoS disabled\n"); 3292 return; 3293 } 3294 3295 /* Upload the current QOS parameters. */ 3296 b43_qos_upload_all(dev); 3297 3298 /* Enable QOS support. */ 3299 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3300 b43_write16(dev, B43_MMIO_IFSCTL, 3301 b43_read16(dev, B43_MMIO_IFSCTL) 3302 | B43_MMIO_IFSCTL_USE_EDCF); 3303 b43dbg(dev->wl, "QoS enabled\n"); 3304} 3305 3306static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3307 const struct ieee80211_tx_queue_params *params) 3308{ 3309 struct b43_wl *wl = hw_to_b43_wl(hw); 3310 struct b43_wldev *dev; 3311 unsigned int queue = (unsigned int)_queue; 3312 int err = -ENODEV; 3313 3314 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3315 /* Queue not available or don't support setting 3316 * params on this queue. Return success to not 3317 * confuse mac80211. */ 3318 return 0; 3319 } 3320 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3321 ARRAY_SIZE(wl->qos_params)); 3322 3323 mutex_lock(&wl->mutex); 3324 dev = wl->current_dev; 3325 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3326 goto out_unlock; 3327 3328 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3329 b43_mac_suspend(dev); 3330 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3331 b43_qos_shm_offsets[queue]); 3332 b43_mac_enable(dev); 3333 err = 0; 3334 3335out_unlock: 3336 mutex_unlock(&wl->mutex); 3337 3338 return err; 3339} 3340 3341static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3342 struct ieee80211_tx_queue_stats *stats) 3343{ 3344 struct b43_wl *wl = hw_to_b43_wl(hw); 3345 struct b43_wldev *dev; 3346 int err = -ENODEV; 3347 3348 mutex_lock(&wl->mutex); 3349 dev = wl->current_dev; 3350 if (dev && b43_status(dev) >= B43_STAT_STARTED) { 3351 if (b43_using_pio_transfers(dev)) 3352 b43_pio_get_tx_stats(dev, stats); 3353 else 3354 b43_dma_get_tx_stats(dev, stats); 3355 err = 0; 3356 } 3357 mutex_unlock(&wl->mutex); 3358 3359 return err; 3360} 3361 3362static int b43_op_get_stats(struct ieee80211_hw *hw, 3363 struct ieee80211_low_level_stats *stats) 3364{ 3365 struct b43_wl *wl = hw_to_b43_wl(hw); 3366 3367 mutex_lock(&wl->mutex); 3368 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3369 mutex_unlock(&wl->mutex); 3370 3371 return 0; 3372} 3373 3374static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3375{ 3376 struct b43_wl *wl = hw_to_b43_wl(hw); 3377 struct b43_wldev *dev; 3378 u64 tsf; 3379 3380 mutex_lock(&wl->mutex); 3381 dev = wl->current_dev; 3382 3383 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3384 b43_tsf_read(dev, &tsf); 3385 else 3386 tsf = 0; 3387 3388 mutex_unlock(&wl->mutex); 3389 3390 return tsf; 3391} 3392 3393static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3394{ 3395 struct b43_wl *wl = hw_to_b43_wl(hw); 3396 struct b43_wldev *dev; 3397 3398 mutex_lock(&wl->mutex); 3399 dev = wl->current_dev; 3400 3401 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3402 b43_tsf_write(dev, tsf); 3403 3404 mutex_unlock(&wl->mutex); 3405} 3406 3407static void b43_put_phy_into_reset(struct b43_wldev *dev) 3408{ 3409 struct ssb_device *sdev = dev->dev; 3410 u32 tmslow; 3411 3412 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3413 tmslow &= ~B43_TMSLOW_GMODE; 3414 tmslow |= B43_TMSLOW_PHYRESET; 3415 tmslow |= SSB_TMSLOW_FGC; 3416 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3417 msleep(1); 3418 3419 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3420 tmslow &= ~SSB_TMSLOW_FGC; 3421 tmslow |= B43_TMSLOW_PHYRESET; 3422 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3423 msleep(1); 3424} 3425 3426static const char *band_to_string(enum ieee80211_band band) 3427{ 3428 switch (band) { 3429 case IEEE80211_BAND_5GHZ: 3430 return "5"; 3431 case IEEE80211_BAND_2GHZ: 3432 return "2.4"; 3433 default: 3434 break; 3435 } 3436 B43_WARN_ON(1); 3437 return ""; 3438} 3439 3440/* Expects wl->mutex locked */ 3441static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3442{ 3443 struct b43_wldev *up_dev = NULL; 3444 struct b43_wldev *down_dev; 3445 struct b43_wldev *d; 3446 int err; 3447 bool uninitialized_var(gmode); 3448 int prev_status; 3449 3450 /* Find a device and PHY which supports the band. */ 3451 list_for_each_entry(d, &wl->devlist, list) { 3452 switch (chan->band) { 3453 case IEEE80211_BAND_5GHZ: 3454 if (d->phy.supports_5ghz) { 3455 up_dev = d; 3456 gmode = 0; 3457 } 3458 break; 3459 case IEEE80211_BAND_2GHZ: 3460 if (d->phy.supports_2ghz) { 3461 up_dev = d; 3462 gmode = 1; 3463 } 3464 break; 3465 default: 3466 B43_WARN_ON(1); 3467 return -EINVAL; 3468 } 3469 if (up_dev) 3470 break; 3471 } 3472 if (!up_dev) { 3473 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3474 band_to_string(chan->band)); 3475 return -ENODEV; 3476 } 3477 if ((up_dev == wl->current_dev) && 3478 (!!wl->current_dev->phy.gmode == !!gmode)) { 3479 /* This device is already running. */ 3480 return 0; 3481 } 3482 b43dbg(wl, "Switching to %s-GHz band\n", 3483 band_to_string(chan->band)); 3484 down_dev = wl->current_dev; 3485 3486 prev_status = b43_status(down_dev); 3487 /* Shutdown the currently running core. */ 3488 if (prev_status >= B43_STAT_STARTED) 3489 down_dev = b43_wireless_core_stop(down_dev); 3490 if (prev_status >= B43_STAT_INITIALIZED) 3491 b43_wireless_core_exit(down_dev); 3492 3493 if (down_dev != up_dev) { 3494 /* We switch to a different core, so we put PHY into 3495 * RESET on the old core. */ 3496 b43_put_phy_into_reset(down_dev); 3497 } 3498 3499 /* Now start the new core. */ 3500 up_dev->phy.gmode = gmode; 3501 if (prev_status >= B43_STAT_INITIALIZED) { 3502 err = b43_wireless_core_init(up_dev); 3503 if (err) { 3504 b43err(wl, "Fatal: Could not initialize device for " 3505 "selected %s-GHz band\n", 3506 band_to_string(chan->band)); 3507 goto init_failure; 3508 } 3509 } 3510 if (prev_status >= B43_STAT_STARTED) { 3511 err = b43_wireless_core_start(up_dev); 3512 if (err) { 3513 b43err(wl, "Fatal: Coult not start device for " 3514 "selected %s-GHz band\n", 3515 band_to_string(chan->band)); 3516 b43_wireless_core_exit(up_dev); 3517 goto init_failure; 3518 } 3519 } 3520 B43_WARN_ON(b43_status(up_dev) != prev_status); 3521 3522 wl->current_dev = up_dev; 3523 3524 return 0; 3525init_failure: 3526 /* Whoops, failed to init the new core. No core is operating now. */ 3527 wl->current_dev = NULL; 3528 return err; 3529} 3530 3531/* Write the short and long frame retry limit values. */ 3532static void b43_set_retry_limits(struct b43_wldev *dev, 3533 unsigned int short_retry, 3534 unsigned int long_retry) 3535{ 3536 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3537 * the chip-internal counter. */ 3538 short_retry = min(short_retry, (unsigned int)0xF); 3539 long_retry = min(long_retry, (unsigned int)0xF); 3540 3541 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3542 short_retry); 3543 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3544 long_retry); 3545} 3546 3547static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3548{ 3549 struct b43_wl *wl = hw_to_b43_wl(hw); 3550 struct b43_wldev *dev; 3551 struct b43_phy *phy; 3552 struct ieee80211_conf *conf = &hw->conf; 3553 int antenna; 3554 int err = 0; 3555 3556 mutex_lock(&wl->mutex); 3557 3558 /* Switch the band (if necessary). This might change the active core. */ 3559 err = b43_switch_band(wl, conf->channel); 3560 if (err) 3561 goto out_unlock_mutex; 3562 dev = wl->current_dev; 3563 phy = &dev->phy; 3564 3565 b43_mac_suspend(dev); 3566 3567 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3568 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3569 conf->long_frame_max_tx_count); 3570 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3571 if (!changed) 3572 goto out_mac_enable; 3573 3574 /* Switch to the requested channel. 3575 * The firmware takes care of races with the TX handler. */ 3576 if (conf->channel->hw_value != phy->channel) 3577 b43_switch_channel(dev, conf->channel->hw_value); 3578 3579 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3580 3581 /* Adjust the desired TX power level. */ 3582 if (conf->power_level != 0) { 3583 if (conf->power_level != phy->desired_txpower) { 3584 phy->desired_txpower = conf->power_level; 3585 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3586 B43_TXPWR_IGNORE_TSSI); 3587 } 3588 } 3589 3590 /* Antennas for RX and management frame TX. */ 3591 antenna = B43_ANTENNA_DEFAULT; 3592 b43_mgmtframe_txantenna(dev, antenna); 3593 antenna = B43_ANTENNA_DEFAULT; 3594 if (phy->ops->set_rx_antenna) 3595 phy->ops->set_rx_antenna(dev, antenna); 3596 3597 if (wl->radio_enabled != phy->radio_on) { 3598 if (wl->radio_enabled) { 3599 b43_software_rfkill(dev, false); 3600 b43info(dev->wl, "Radio turned on by software\n"); 3601 if (!dev->radio_hw_enable) { 3602 b43info(dev->wl, "The hardware RF-kill button " 3603 "still turns the radio physically off. " 3604 "Press the button to turn it on.\n"); 3605 } 3606 } else { 3607 b43_software_rfkill(dev, true); 3608 b43info(dev->wl, "Radio turned off by software\n"); 3609 } 3610 } 3611 3612out_mac_enable: 3613 b43_mac_enable(dev); 3614out_unlock_mutex: 3615 mutex_unlock(&wl->mutex); 3616 3617 return err; 3618} 3619 3620static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3621{ 3622 struct ieee80211_supported_band *sband = 3623 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3624 struct ieee80211_rate *rate; 3625 int i; 3626 u16 basic, direct, offset, basic_offset, rateptr; 3627 3628 for (i = 0; i < sband->n_bitrates; i++) { 3629 rate = &sband->bitrates[i]; 3630 3631 if (b43_is_cck_rate(rate->hw_value)) { 3632 direct = B43_SHM_SH_CCKDIRECT; 3633 basic = B43_SHM_SH_CCKBASIC; 3634 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3635 offset &= 0xF; 3636 } else { 3637 direct = B43_SHM_SH_OFDMDIRECT; 3638 basic = B43_SHM_SH_OFDMBASIC; 3639 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3640 offset &= 0xF; 3641 } 3642 3643 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3644 3645 if (b43_is_cck_rate(rate->hw_value)) { 3646 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3647 basic_offset &= 0xF; 3648 } else { 3649 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3650 basic_offset &= 0xF; 3651 } 3652 3653 /* 3654 * Get the pointer that we need to point to 3655 * from the direct map 3656 */ 3657 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3658 direct + 2 * basic_offset); 3659 /* and write it to the basic map */ 3660 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3661 rateptr); 3662 } 3663} 3664 3665static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3666 struct ieee80211_vif *vif, 3667 struct ieee80211_bss_conf *conf, 3668 u32 changed) 3669{ 3670 struct b43_wl *wl = hw_to_b43_wl(hw); 3671 struct b43_wldev *dev; 3672 3673 mutex_lock(&wl->mutex); 3674 3675 dev = wl->current_dev; 3676 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3677 goto out_unlock_mutex; 3678 3679 B43_WARN_ON(wl->vif != vif); 3680 3681 if (changed & BSS_CHANGED_BSSID) { 3682 if (conf->bssid) 3683 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3684 else 3685 memset(wl->bssid, 0, ETH_ALEN); 3686 } 3687 3688 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3689 if (changed & BSS_CHANGED_BEACON && 3690 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3691 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3692 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3693 b43_update_templates(wl); 3694 3695 if (changed & BSS_CHANGED_BSSID) 3696 b43_write_mac_bssid_templates(dev); 3697 } 3698 3699 b43_mac_suspend(dev); 3700 3701 /* Update templates for AP/mesh mode. */ 3702 if (changed & BSS_CHANGED_BEACON_INT && 3703 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3704 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3705 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3706 b43_set_beacon_int(dev, conf->beacon_int); 3707 3708 if (changed & BSS_CHANGED_BASIC_RATES) 3709 b43_update_basic_rates(dev, conf->basic_rates); 3710 3711 if (changed & BSS_CHANGED_ERP_SLOT) { 3712 if (conf->use_short_slot) 3713 b43_short_slot_timing_enable(dev); 3714 else 3715 b43_short_slot_timing_disable(dev); 3716 } 3717 3718 b43_mac_enable(dev); 3719out_unlock_mutex: 3720 mutex_unlock(&wl->mutex); 3721} 3722 3723static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3724 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3725 struct ieee80211_key_conf *key) 3726{ 3727 struct b43_wl *wl = hw_to_b43_wl(hw); 3728 struct b43_wldev *dev; 3729 u8 algorithm; 3730 u8 index; 3731 int err; 3732 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3733 3734 if (modparam_nohwcrypt) 3735 return -ENOSPC; /* User disabled HW-crypto */ 3736 3737 mutex_lock(&wl->mutex); 3738 3739 dev = wl->current_dev; 3740 err = -ENODEV; 3741 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3742 goto out_unlock; 3743 3744 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3745 /* We don't have firmware for the crypto engine. 3746 * Must use software-crypto. */ 3747 err = -EOPNOTSUPP; 3748 goto out_unlock; 3749 } 3750 3751 err = -EINVAL; 3752 switch (key->alg) { 3753 case ALG_WEP: 3754 if (key->keylen == WLAN_KEY_LEN_WEP40) 3755 algorithm = B43_SEC_ALGO_WEP40; 3756 else 3757 algorithm = B43_SEC_ALGO_WEP104; 3758 break; 3759 case ALG_TKIP: 3760 algorithm = B43_SEC_ALGO_TKIP; 3761 break; 3762 case ALG_CCMP: 3763 algorithm = B43_SEC_ALGO_AES; 3764 break; 3765 default: 3766 B43_WARN_ON(1); 3767 goto out_unlock; 3768 } 3769 index = (u8) (key->keyidx); 3770 if (index > 3) 3771 goto out_unlock; 3772 3773 switch (cmd) { 3774 case SET_KEY: 3775 if (algorithm == B43_SEC_ALGO_TKIP && 3776 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3777 !modparam_hwtkip)) { 3778 /* We support only pairwise key */ 3779 err = -EOPNOTSUPP; 3780 goto out_unlock; 3781 } 3782 3783 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3784 if (WARN_ON(!sta)) { 3785 err = -EOPNOTSUPP; 3786 goto out_unlock; 3787 } 3788 /* Pairwise key with an assigned MAC address. */ 3789 err = b43_key_write(dev, -1, algorithm, 3790 key->key, key->keylen, 3791 sta->addr, key); 3792 } else { 3793 /* Group key */ 3794 err = b43_key_write(dev, index, algorithm, 3795 key->key, key->keylen, NULL, key); 3796 } 3797 if (err) 3798 goto out_unlock; 3799 3800 if (algorithm == B43_SEC_ALGO_WEP40 || 3801 algorithm == B43_SEC_ALGO_WEP104) { 3802 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3803 } else { 3804 b43_hf_write(dev, 3805 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3806 } 3807 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3808 if (algorithm == B43_SEC_ALGO_TKIP) 3809 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3810 break; 3811 case DISABLE_KEY: { 3812 err = b43_key_clear(dev, key->hw_key_idx); 3813 if (err) 3814 goto out_unlock; 3815 break; 3816 } 3817 default: 3818 B43_WARN_ON(1); 3819 } 3820 3821out_unlock: 3822 if (!err) { 3823 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3824 "mac: %pM\n", 3825 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3826 sta ? sta->addr : bcast_addr); 3827 b43_dump_keymemory(dev); 3828 } 3829 mutex_unlock(&wl->mutex); 3830 3831 return err; 3832} 3833 3834static void b43_op_configure_filter(struct ieee80211_hw *hw, 3835 unsigned int changed, unsigned int *fflags, 3836 u64 multicast) 3837{ 3838 struct b43_wl *wl = hw_to_b43_wl(hw); 3839 struct b43_wldev *dev; 3840 3841 mutex_lock(&wl->mutex); 3842 dev = wl->current_dev; 3843 if (!dev) { 3844 *fflags = 0; 3845 goto out_unlock; 3846 } 3847 3848 *fflags &= FIF_PROMISC_IN_BSS | 3849 FIF_ALLMULTI | 3850 FIF_FCSFAIL | 3851 FIF_PLCPFAIL | 3852 FIF_CONTROL | 3853 FIF_OTHER_BSS | 3854 FIF_BCN_PRBRESP_PROMISC; 3855 3856 changed &= FIF_PROMISC_IN_BSS | 3857 FIF_ALLMULTI | 3858 FIF_FCSFAIL | 3859 FIF_PLCPFAIL | 3860 FIF_CONTROL | 3861 FIF_OTHER_BSS | 3862 FIF_BCN_PRBRESP_PROMISC; 3863 3864 wl->filter_flags = *fflags; 3865 3866 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3867 b43_adjust_opmode(dev); 3868 3869out_unlock: 3870 mutex_unlock(&wl->mutex); 3871} 3872 3873/* Locking: wl->mutex 3874 * Returns the current dev. This might be different from the passed in dev, 3875 * because the core might be gone away while we unlocked the mutex. */ 3876static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3877{ 3878 struct b43_wl *wl = dev->wl; 3879 struct b43_wldev *orig_dev; 3880 u32 mask; 3881 3882redo: 3883 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3884 return dev; 3885 3886 /* Cancel work. Unlock to avoid deadlocks. */ 3887 mutex_unlock(&wl->mutex); 3888 cancel_delayed_work_sync(&dev->periodic_work); 3889 cancel_work_sync(&wl->tx_work); 3890 mutex_lock(&wl->mutex); 3891 dev = wl->current_dev; 3892 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3893 /* Whoops, aliens ate up the device while we were unlocked. */ 3894 return dev; 3895 } 3896 3897 /* Disable interrupts on the device. */ 3898 b43_set_status(dev, B43_STAT_INITIALIZED); 3899 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3900 /* wl->mutex is locked. That is enough. */ 3901 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3902 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3903 } else { 3904 spin_lock_irq(&wl->hardirq_lock); 3905 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3906 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3907 spin_unlock_irq(&wl->hardirq_lock); 3908 } 3909 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3910 orig_dev = dev; 3911 mutex_unlock(&wl->mutex); 3912 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3913 b43_sdio_free_irq(dev); 3914 } else { 3915 synchronize_irq(dev->dev->irq); 3916 free_irq(dev->dev->irq, dev); 3917 } 3918 mutex_lock(&wl->mutex); 3919 dev = wl->current_dev; 3920 if (!dev) 3921 return dev; 3922 if (dev != orig_dev) { 3923 if (b43_status(dev) >= B43_STAT_STARTED) 3924 goto redo; 3925 return dev; 3926 } 3927 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 3928 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 3929 3930 /* Drain the TX queue */ 3931 while (skb_queue_len(&wl->tx_queue)) 3932 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 3933 3934 b43_mac_suspend(dev); 3935 b43_leds_exit(dev); 3936 b43dbg(wl, "Wireless interface stopped\n"); 3937 3938 return dev; 3939} 3940 3941/* Locking: wl->mutex */ 3942static int b43_wireless_core_start(struct b43_wldev *dev) 3943{ 3944 int err; 3945 3946 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3947 3948 drain_txstatus_queue(dev); 3949 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3950 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 3951 if (err) { 3952 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 3953 goto out; 3954 } 3955 } else { 3956 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 3957 b43_interrupt_thread_handler, 3958 IRQF_SHARED, KBUILD_MODNAME, dev); 3959 if (err) { 3960 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3961 goto out; 3962 } 3963 } 3964 3965 /* We are ready to run. */ 3966 b43_set_status(dev, B43_STAT_STARTED); 3967 3968 /* Start data flow (TX/RX). */ 3969 b43_mac_enable(dev); 3970 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 3971 3972 /* Start maintainance work */ 3973 b43_periodic_tasks_setup(dev); 3974 3975 b43_leds_init(dev); 3976 3977 b43dbg(dev->wl, "Wireless interface started\n"); 3978out: 3979 return err; 3980} 3981 3982/* Get PHY and RADIO versioning numbers */ 3983static int b43_phy_versioning(struct b43_wldev *dev) 3984{ 3985 struct b43_phy *phy = &dev->phy; 3986 u32 tmp; 3987 u8 analog_type; 3988 u8 phy_type; 3989 u8 phy_rev; 3990 u16 radio_manuf; 3991 u16 radio_ver; 3992 u16 radio_rev; 3993 int unsupported = 0; 3994 3995 /* Get PHY versioning */ 3996 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3997 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3998 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3999 phy_rev = (tmp & B43_PHYVER_VERSION); 4000 switch (phy_type) { 4001 case B43_PHYTYPE_A: 4002 if (phy_rev >= 4) 4003 unsupported = 1; 4004 break; 4005 case B43_PHYTYPE_B: 4006 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4007 && phy_rev != 7) 4008 unsupported = 1; 4009 break; 4010 case B43_PHYTYPE_G: 4011 if (phy_rev > 9) 4012 unsupported = 1; 4013 break; 4014#ifdef CONFIG_B43_NPHY 4015 case B43_PHYTYPE_N: 4016 if (phy_rev > 4) 4017 unsupported = 1; 4018 break; 4019#endif 4020#ifdef CONFIG_B43_PHY_LP 4021 case B43_PHYTYPE_LP: 4022 if (phy_rev > 2) 4023 unsupported = 1; 4024 break; 4025#endif 4026 default: 4027 unsupported = 1; 4028 }; 4029 if (unsupported) { 4030 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4031 "(Analog %u, Type %u, Revision %u)\n", 4032 analog_type, phy_type, phy_rev); 4033 return -EOPNOTSUPP; 4034 } 4035 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4036 analog_type, phy_type, phy_rev); 4037 4038 /* Get RADIO versioning */ 4039 if (dev->dev->bus->chip_id == 0x4317) { 4040 if (dev->dev->bus->chip_rev == 0) 4041 tmp = 0x3205017F; 4042 else if (dev->dev->bus->chip_rev == 1) 4043 tmp = 0x4205017F; 4044 else 4045 tmp = 0x5205017F; 4046 } else { 4047 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4048 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4049 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4050 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4051 } 4052 radio_manuf = (tmp & 0x00000FFF); 4053 radio_ver = (tmp & 0x0FFFF000) >> 12; 4054 radio_rev = (tmp & 0xF0000000) >> 28; 4055 if (radio_manuf != 0x17F /* Broadcom */) 4056 unsupported = 1; 4057 switch (phy_type) { 4058 case B43_PHYTYPE_A: 4059 if (radio_ver != 0x2060) 4060 unsupported = 1; 4061 if (radio_rev != 1) 4062 unsupported = 1; 4063 if (radio_manuf != 0x17F) 4064 unsupported = 1; 4065 break; 4066 case B43_PHYTYPE_B: 4067 if ((radio_ver & 0xFFF0) != 0x2050) 4068 unsupported = 1; 4069 break; 4070 case B43_PHYTYPE_G: 4071 if (radio_ver != 0x2050) 4072 unsupported = 1; 4073 break; 4074 case B43_PHYTYPE_N: 4075 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4076 unsupported = 1; 4077 break; 4078 case B43_PHYTYPE_LP: 4079 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4080 unsupported = 1; 4081 break; 4082 default: 4083 B43_WARN_ON(1); 4084 } 4085 if (unsupported) { 4086 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4087 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4088 radio_manuf, radio_ver, radio_rev); 4089 return -EOPNOTSUPP; 4090 } 4091 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4092 radio_manuf, radio_ver, radio_rev); 4093 4094 phy->radio_manuf = radio_manuf; 4095 phy->radio_ver = radio_ver; 4096 phy->radio_rev = radio_rev; 4097 4098 phy->analog = analog_type; 4099 phy->type = phy_type; 4100 phy->rev = phy_rev; 4101 4102 return 0; 4103} 4104 4105static void setup_struct_phy_for_init(struct b43_wldev *dev, 4106 struct b43_phy *phy) 4107{ 4108 phy->hardware_power_control = !!modparam_hwpctl; 4109 phy->next_txpwr_check_time = jiffies; 4110 /* PHY TX errors counter. */ 4111 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4112 4113#if B43_DEBUG 4114 phy->phy_locked = 0; 4115 phy->radio_locked = 0; 4116#endif 4117} 4118 4119static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4120{ 4121 dev->dfq_valid = 0; 4122 4123 /* Assume the radio is enabled. If it's not enabled, the state will 4124 * immediately get fixed on the first periodic work run. */ 4125 dev->radio_hw_enable = 1; 4126 4127 /* Stats */ 4128 memset(&dev->stats, 0, sizeof(dev->stats)); 4129 4130 setup_struct_phy_for_init(dev, &dev->phy); 4131 4132 /* IRQ related flags */ 4133 dev->irq_reason = 0; 4134 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4135 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4136 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4137 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4138 4139 dev->mac_suspended = 1; 4140 4141 /* Noise calculation context */ 4142 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4143} 4144 4145static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4146{ 4147 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 4148 u64 hf; 4149 4150 if (!modparam_btcoex) 4151 return; 4152 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4153 return; 4154 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4155 return; 4156 4157 hf = b43_hf_read(dev); 4158 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4159 hf |= B43_HF_BTCOEXALT; 4160 else 4161 hf |= B43_HF_BTCOEX; 4162 b43_hf_write(dev, hf); 4163} 4164 4165static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4166{ 4167 if (!modparam_btcoex) 4168 return; 4169 //TODO 4170} 4171 4172static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4173{ 4174#ifdef CONFIG_SSB_DRIVER_PCICORE 4175 struct ssb_bus *bus = dev->dev->bus; 4176 u32 tmp; 4177 4178 if (bus->pcicore.dev && 4179 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 4180 bus->pcicore.dev->id.revision <= 5) { 4181 /* IMCFGLO timeouts workaround. */ 4182 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 4183 switch (bus->bustype) { 4184 case SSB_BUSTYPE_PCI: 4185 case SSB_BUSTYPE_PCMCIA: 4186 tmp &= ~SSB_IMCFGLO_REQTO; 4187 tmp &= ~SSB_IMCFGLO_SERTO; 4188 tmp |= 0x32; 4189 break; 4190 case SSB_BUSTYPE_SSB: 4191 tmp &= ~SSB_IMCFGLO_REQTO; 4192 tmp &= ~SSB_IMCFGLO_SERTO; 4193 tmp |= 0x53; 4194 break; 4195 default: 4196 break; 4197 } 4198 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 4199 } 4200#endif /* CONFIG_SSB_DRIVER_PCICORE */ 4201} 4202 4203static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4204{ 4205 u16 pu_delay; 4206 4207 /* The time value is in microseconds. */ 4208 if (dev->phy.type == B43_PHYTYPE_A) 4209 pu_delay = 3700; 4210 else 4211 pu_delay = 1050; 4212 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4213 pu_delay = 500; 4214 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4215 pu_delay = max(pu_delay, (u16)2400); 4216 4217 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4218} 4219 4220/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4221static void b43_set_pretbtt(struct b43_wldev *dev) 4222{ 4223 u16 pretbtt; 4224 4225 /* The time value is in microseconds. */ 4226 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4227 pretbtt = 2; 4228 } else { 4229 if (dev->phy.type == B43_PHYTYPE_A) 4230 pretbtt = 120; 4231 else 4232 pretbtt = 250; 4233 } 4234 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4235 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4236} 4237 4238/* Shutdown a wireless core */ 4239/* Locking: wl->mutex */ 4240static void b43_wireless_core_exit(struct b43_wldev *dev) 4241{ 4242 u32 macctl; 4243 4244 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4245 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4246 return; 4247 b43_set_status(dev, B43_STAT_UNINIT); 4248 4249 /* Stop the microcode PSM. */ 4250 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4251 macctl &= ~B43_MACCTL_PSM_RUN; 4252 macctl |= B43_MACCTL_PSM_JMP0; 4253 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4254 4255 b43_dma_free(dev); 4256 b43_pio_free(dev); 4257 b43_chip_exit(dev); 4258 dev->phy.ops->switch_analog(dev, 0); 4259 if (dev->wl->current_beacon) { 4260 dev_kfree_skb_any(dev->wl->current_beacon); 4261 dev->wl->current_beacon = NULL; 4262 } 4263 4264 ssb_device_disable(dev->dev, 0); 4265 ssb_bus_may_powerdown(dev->dev->bus); 4266} 4267 4268/* Initialize a wireless core */ 4269static int b43_wireless_core_init(struct b43_wldev *dev) 4270{ 4271 struct ssb_bus *bus = dev->dev->bus; 4272 struct ssb_sprom *sprom = &bus->sprom; 4273 struct b43_phy *phy = &dev->phy; 4274 int err; 4275 u64 hf; 4276 u32 tmp; 4277 4278 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4279 4280 err = ssb_bus_powerup(bus, 0); 4281 if (err) 4282 goto out; 4283 if (!ssb_device_is_enabled(dev->dev)) { 4284 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 4285 b43_wireless_core_reset(dev, tmp); 4286 } 4287 4288 /* Reset all data structures. */ 4289 setup_struct_wldev_for_init(dev); 4290 phy->ops->prepare_structs(dev); 4291 4292 /* Enable IRQ routing to this device. */ 4293 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 4294 4295 b43_imcfglo_timeouts_workaround(dev); 4296 b43_bluetooth_coext_disable(dev); 4297 if (phy->ops->prepare_hardware) { 4298 err = phy->ops->prepare_hardware(dev); 4299 if (err) 4300 goto err_busdown; 4301 } 4302 err = b43_chip_init(dev); 4303 if (err) 4304 goto err_busdown; 4305 b43_shm_write16(dev, B43_SHM_SHARED, 4306 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 4307 hf = b43_hf_read(dev); 4308 if (phy->type == B43_PHYTYPE_G) { 4309 hf |= B43_HF_SYMW; 4310 if (phy->rev == 1) 4311 hf |= B43_HF_GDCW; 4312 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4313 hf |= B43_HF_OFDMPABOOST; 4314 } 4315 if (phy->radio_ver == 0x2050) { 4316 if (phy->radio_rev == 6) 4317 hf |= B43_HF_4318TSSI; 4318 if (phy->radio_rev < 6) 4319 hf |= B43_HF_VCORECALC; 4320 } 4321 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4322 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4323#ifdef CONFIG_SSB_DRIVER_PCICORE 4324 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4325 (bus->pcicore.dev->id.revision <= 10)) 4326 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4327#endif 4328 hf &= ~B43_HF_SKCFPUP; 4329 b43_hf_write(dev, hf); 4330 4331 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4332 B43_DEFAULT_LONG_RETRY_LIMIT); 4333 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4334 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4335 4336 /* Disable sending probe responses from firmware. 4337 * Setting the MaxTime to one usec will always trigger 4338 * a timeout, so we never send any probe resp. 4339 * A timeout of zero is infinite. */ 4340 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4341 4342 b43_rate_memory_init(dev); 4343 b43_set_phytxctl_defaults(dev); 4344 4345 /* Minimum Contention Window */ 4346 if (phy->type == B43_PHYTYPE_B) { 4347 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4348 } else { 4349 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4350 } 4351 /* Maximum Contention Window */ 4352 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4353 4354 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || 4355 (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) || 4356 B43_FORCE_PIO) { 4357 dev->__using_pio_transfers = 1; 4358 err = b43_pio_init(dev); 4359 } else { 4360 dev->__using_pio_transfers = 0; 4361 err = b43_dma_init(dev); 4362 } 4363 if (err) 4364 goto err_chip_exit; 4365 b43_qos_init(dev); 4366 b43_set_synth_pu_delay(dev, 1); 4367 b43_bluetooth_coext_enable(dev); 4368 4369 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4370 b43_upload_card_macaddress(dev); 4371 b43_security_init(dev); 4372 4373 ieee80211_wake_queues(dev->wl->hw); 4374 4375 ieee80211_wake_queues(dev->wl->hw); 4376 4377 b43_set_status(dev, B43_STAT_INITIALIZED); 4378 4379out: 4380 return err; 4381 4382err_chip_exit: 4383 b43_chip_exit(dev); 4384err_busdown: 4385 ssb_bus_may_powerdown(bus); 4386 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4387 return err; 4388} 4389 4390static int b43_op_add_interface(struct ieee80211_hw *hw, 4391 struct ieee80211_if_init_conf *conf) 4392{ 4393 struct b43_wl *wl = hw_to_b43_wl(hw); 4394 struct b43_wldev *dev; 4395 int err = -EOPNOTSUPP; 4396 4397 /* TODO: allow WDS/AP devices to coexist */ 4398 4399 if (conf->type != NL80211_IFTYPE_AP && 4400 conf->type != NL80211_IFTYPE_MESH_POINT && 4401 conf->type != NL80211_IFTYPE_STATION && 4402 conf->type != NL80211_IFTYPE_WDS && 4403 conf->type != NL80211_IFTYPE_ADHOC) 4404 return -EOPNOTSUPP; 4405 4406 mutex_lock(&wl->mutex); 4407 if (wl->operating) 4408 goto out_mutex_unlock; 4409 4410 b43dbg(wl, "Adding Interface type %d\n", conf->type); 4411 4412 dev = wl->current_dev; 4413 wl->operating = 1; 4414 wl->vif = conf->vif; 4415 wl->if_type = conf->type; 4416 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 4417 4418 b43_adjust_opmode(dev); 4419 b43_set_pretbtt(dev); 4420 b43_set_synth_pu_delay(dev, 0); 4421 b43_upload_card_macaddress(dev); 4422 4423 err = 0; 4424 out_mutex_unlock: 4425 mutex_unlock(&wl->mutex); 4426 4427 return err; 4428} 4429 4430static void b43_op_remove_interface(struct ieee80211_hw *hw, 4431 struct ieee80211_if_init_conf *conf) 4432{ 4433 struct b43_wl *wl = hw_to_b43_wl(hw); 4434 struct b43_wldev *dev = wl->current_dev; 4435 4436 b43dbg(wl, "Removing Interface type %d\n", conf->type); 4437 4438 mutex_lock(&wl->mutex); 4439 4440 B43_WARN_ON(!wl->operating); 4441 B43_WARN_ON(wl->vif != conf->vif); 4442 wl->vif = NULL; 4443 4444 wl->operating = 0; 4445 4446 b43_adjust_opmode(dev); 4447 memset(wl->mac_addr, 0, ETH_ALEN); 4448 b43_upload_card_macaddress(dev); 4449 4450 mutex_unlock(&wl->mutex); 4451} 4452 4453static int b43_op_start(struct ieee80211_hw *hw) 4454{ 4455 struct b43_wl *wl = hw_to_b43_wl(hw); 4456 struct b43_wldev *dev = wl->current_dev; 4457 int did_init = 0; 4458 int err = 0; 4459 4460 /* Kill all old instance specific information to make sure 4461 * the card won't use it in the short timeframe between start 4462 * and mac80211 reconfiguring it. */ 4463 memset(wl->bssid, 0, ETH_ALEN); 4464 memset(wl->mac_addr, 0, ETH_ALEN); 4465 wl->filter_flags = 0; 4466 wl->radiotap_enabled = 0; 4467 b43_qos_clear(wl); 4468 wl->beacon0_uploaded = 0; 4469 wl->beacon1_uploaded = 0; 4470 wl->beacon_templates_virgin = 1; 4471 wl->radio_enabled = 1; 4472 4473 mutex_lock(&wl->mutex); 4474 4475 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4476 err = b43_wireless_core_init(dev); 4477 if (err) 4478 goto out_mutex_unlock; 4479 did_init = 1; 4480 } 4481 4482 if (b43_status(dev) < B43_STAT_STARTED) { 4483 err = b43_wireless_core_start(dev); 4484 if (err) { 4485 if (did_init) 4486 b43_wireless_core_exit(dev); 4487 goto out_mutex_unlock; 4488 } 4489 } 4490 4491 /* XXX: only do if device doesn't support rfkill irq */ 4492 wiphy_rfkill_start_polling(hw->wiphy); 4493 4494 out_mutex_unlock: 4495 mutex_unlock(&wl->mutex); 4496 4497 return err; 4498} 4499 4500static void b43_op_stop(struct ieee80211_hw *hw) 4501{ 4502 struct b43_wl *wl = hw_to_b43_wl(hw); 4503 struct b43_wldev *dev = wl->current_dev; 4504 4505 cancel_work_sync(&(wl->beacon_update_trigger)); 4506 4507 mutex_lock(&wl->mutex); 4508 if (b43_status(dev) >= B43_STAT_STARTED) { 4509 dev = b43_wireless_core_stop(dev); 4510 if (!dev) 4511 goto out_unlock; 4512 } 4513 b43_wireless_core_exit(dev); 4514 wl->radio_enabled = 0; 4515 4516out_unlock: 4517 mutex_unlock(&wl->mutex); 4518 4519 cancel_work_sync(&(wl->txpower_adjust_work)); 4520} 4521 4522static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4523 struct ieee80211_sta *sta, bool set) 4524{ 4525 struct b43_wl *wl = hw_to_b43_wl(hw); 4526 4527 /* FIXME: add locking */ 4528 b43_update_templates(wl); 4529 4530 return 0; 4531} 4532 4533static void b43_op_sta_notify(struct ieee80211_hw *hw, 4534 struct ieee80211_vif *vif, 4535 enum sta_notify_cmd notify_cmd, 4536 struct ieee80211_sta *sta) 4537{ 4538 struct b43_wl *wl = hw_to_b43_wl(hw); 4539 4540 B43_WARN_ON(!vif || wl->vif != vif); 4541} 4542 4543static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4544{ 4545 struct b43_wl *wl = hw_to_b43_wl(hw); 4546 struct b43_wldev *dev; 4547 4548 mutex_lock(&wl->mutex); 4549 dev = wl->current_dev; 4550 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4551 /* Disable CFP update during scan on other channels. */ 4552 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4553 } 4554 mutex_unlock(&wl->mutex); 4555} 4556 4557static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4558{ 4559 struct b43_wl *wl = hw_to_b43_wl(hw); 4560 struct b43_wldev *dev; 4561 4562 mutex_lock(&wl->mutex); 4563 dev = wl->current_dev; 4564 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4565 /* Re-enable CFP update. */ 4566 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4567 } 4568 mutex_unlock(&wl->mutex); 4569} 4570 4571static const struct ieee80211_ops b43_hw_ops = { 4572 .tx = b43_op_tx, 4573 .conf_tx = b43_op_conf_tx, 4574 .add_interface = b43_op_add_interface, 4575 .remove_interface = b43_op_remove_interface, 4576 .config = b43_op_config, 4577 .bss_info_changed = b43_op_bss_info_changed, 4578 .configure_filter = b43_op_configure_filter, 4579 .set_key = b43_op_set_key, 4580 .update_tkip_key = b43_op_update_tkip_key, 4581 .get_stats = b43_op_get_stats, 4582 .get_tx_stats = b43_op_get_tx_stats, 4583 .get_tsf = b43_op_get_tsf, 4584 .set_tsf = b43_op_set_tsf, 4585 .start = b43_op_start, 4586 .stop = b43_op_stop, 4587 .set_tim = b43_op_beacon_set_tim, 4588 .sta_notify = b43_op_sta_notify, 4589 .sw_scan_start = b43_op_sw_scan_start_notifier, 4590 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4591 .rfkill_poll = b43_rfkill_poll, 4592}; 4593 4594/* Hard-reset the chip. Do not call this directly. 4595 * Use b43_controller_restart() 4596 */ 4597static void b43_chip_reset(struct work_struct *work) 4598{ 4599 struct b43_wldev *dev = 4600 container_of(work, struct b43_wldev, restart_work); 4601 struct b43_wl *wl = dev->wl; 4602 int err = 0; 4603 int prev_status; 4604 4605 mutex_lock(&wl->mutex); 4606 4607 prev_status = b43_status(dev); 4608 /* Bring the device down... */ 4609 if (prev_status >= B43_STAT_STARTED) { 4610 dev = b43_wireless_core_stop(dev); 4611 if (!dev) { 4612 err = -ENODEV; 4613 goto out; 4614 } 4615 } 4616 if (prev_status >= B43_STAT_INITIALIZED) 4617 b43_wireless_core_exit(dev); 4618 4619 /* ...and up again. */ 4620 if (prev_status >= B43_STAT_INITIALIZED) { 4621 err = b43_wireless_core_init(dev); 4622 if (err) 4623 goto out; 4624 } 4625 if (prev_status >= B43_STAT_STARTED) { 4626 err = b43_wireless_core_start(dev); 4627 if (err) { 4628 b43_wireless_core_exit(dev); 4629 goto out; 4630 } 4631 } 4632out: 4633 if (err) 4634 wl->current_dev = NULL; /* Failed to init the dev. */ 4635 mutex_unlock(&wl->mutex); 4636 if (err) 4637 b43err(wl, "Controller restart FAILED\n"); 4638 else 4639 b43info(wl, "Controller restarted\n"); 4640} 4641 4642static int b43_setup_bands(struct b43_wldev *dev, 4643 bool have_2ghz_phy, bool have_5ghz_phy) 4644{ 4645 struct ieee80211_hw *hw = dev->wl->hw; 4646 4647 if (have_2ghz_phy) 4648 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4649 if (dev->phy.type == B43_PHYTYPE_N) { 4650 if (have_5ghz_phy) 4651 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4652 } else { 4653 if (have_5ghz_phy) 4654 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4655 } 4656 4657 dev->phy.supports_2ghz = have_2ghz_phy; 4658 dev->phy.supports_5ghz = have_5ghz_phy; 4659 4660 return 0; 4661} 4662 4663static void b43_wireless_core_detach(struct b43_wldev *dev) 4664{ 4665 /* We release firmware that late to not be required to re-request 4666 * is all the time when we reinit the core. */ 4667 b43_release_firmware(dev); 4668 b43_phy_free(dev); 4669} 4670 4671static int b43_wireless_core_attach(struct b43_wldev *dev) 4672{ 4673 struct b43_wl *wl = dev->wl; 4674 struct ssb_bus *bus = dev->dev->bus; 4675 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL; 4676 int err; 4677 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4678 u32 tmp; 4679 4680 /* Do NOT do any device initialization here. 4681 * Do it in wireless_core_init() instead. 4682 * This function is for gathering basic information about the HW, only. 4683 * Also some structs may be set up here. But most likely you want to have 4684 * that in core_init(), too. 4685 */ 4686 4687 err = ssb_bus_powerup(bus, 0); 4688 if (err) { 4689 b43err(wl, "Bus powerup failed\n"); 4690 goto out; 4691 } 4692 /* Get the PHY type. */ 4693 if (dev->dev->id.revision >= 5) { 4694 u32 tmshigh; 4695 4696 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4697 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4698 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4699 } else 4700 B43_WARN_ON(1); 4701 4702 dev->phy.gmode = have_2ghz_phy; 4703 dev->phy.radio_on = 1; 4704 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4705 b43_wireless_core_reset(dev, tmp); 4706 4707 err = b43_phy_versioning(dev); 4708 if (err) 4709 goto err_powerdown; 4710 /* Check if this device supports multiband. */ 4711 if (!pdev || 4712 (pdev->device != 0x4312 && 4713 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4714 /* No multiband support. */ 4715 have_2ghz_phy = 0; 4716 have_5ghz_phy = 0; 4717 switch (dev->phy.type) { 4718 case B43_PHYTYPE_A: 4719 have_5ghz_phy = 1; 4720 break; 4721 case B43_PHYTYPE_LP: //FIXME not always! 4722#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4723 have_5ghz_phy = 1; 4724#endif 4725 case B43_PHYTYPE_G: 4726 case B43_PHYTYPE_N: 4727 have_2ghz_phy = 1; 4728 break; 4729 default: 4730 B43_WARN_ON(1); 4731 } 4732 } 4733 if (dev->phy.type == B43_PHYTYPE_A) { 4734 /* FIXME */ 4735 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4736 err = -EOPNOTSUPP; 4737 goto err_powerdown; 4738 } 4739 if (1 /* disable A-PHY */) { 4740 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4741 if (dev->phy.type != B43_PHYTYPE_N && 4742 dev->phy.type != B43_PHYTYPE_LP) { 4743 have_2ghz_phy = 1; 4744 have_5ghz_phy = 0; 4745 } 4746 } 4747 4748 err = b43_phy_allocate(dev); 4749 if (err) 4750 goto err_powerdown; 4751 4752 dev->phy.gmode = have_2ghz_phy; 4753 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4754 b43_wireless_core_reset(dev, tmp); 4755 4756 err = b43_validate_chipaccess(dev); 4757 if (err) 4758 goto err_phy_free; 4759 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4760 if (err) 4761 goto err_phy_free; 4762 4763 /* Now set some default "current_dev" */ 4764 if (!wl->current_dev) 4765 wl->current_dev = dev; 4766 INIT_WORK(&dev->restart_work, b43_chip_reset); 4767 4768 dev->phy.ops->switch_analog(dev, 0); 4769 ssb_device_disable(dev->dev, 0); 4770 ssb_bus_may_powerdown(bus); 4771 4772out: 4773 return err; 4774 4775err_phy_free: 4776 b43_phy_free(dev); 4777err_powerdown: 4778 ssb_bus_may_powerdown(bus); 4779 return err; 4780} 4781 4782static void b43_one_core_detach(struct ssb_device *dev) 4783{ 4784 struct b43_wldev *wldev; 4785 struct b43_wl *wl; 4786 4787 /* Do not cancel ieee80211-workqueue based work here. 4788 * See comment in b43_remove(). */ 4789 4790 wldev = ssb_get_drvdata(dev); 4791 wl = wldev->wl; 4792 b43_debugfs_remove_device(wldev); 4793 b43_wireless_core_detach(wldev); 4794 list_del(&wldev->list); 4795 wl->nr_devs--; 4796 ssb_set_drvdata(dev, NULL); 4797 kfree(wldev); 4798} 4799 4800static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4801{ 4802 struct b43_wldev *wldev; 4803 struct pci_dev *pdev; 4804 int err = -ENOMEM; 4805 4806 if (!list_empty(&wl->devlist)) { 4807 /* We are not the first core on this chip. */ 4808 pdev = (dev->bus->bustype == SSB_BUSTYPE_PCI) ? dev->bus->host_pci : NULL; 4809 /* Only special chips support more than one wireless 4810 * core, although some of the other chips have more than 4811 * one wireless core as well. Check for this and 4812 * bail out early. 4813 */ 4814 if (!pdev || 4815 ((pdev->device != 0x4321) && 4816 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4817 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4818 return -ENODEV; 4819 } 4820 } 4821 4822 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4823 if (!wldev) 4824 goto out; 4825 4826 wldev->dev = dev; 4827 wldev->wl = wl; 4828 b43_set_status(wldev, B43_STAT_UNINIT); 4829 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4830 INIT_LIST_HEAD(&wldev->list); 4831 4832 err = b43_wireless_core_attach(wldev); 4833 if (err) 4834 goto err_kfree_wldev; 4835 4836 list_add(&wldev->list, &wl->devlist); 4837 wl->nr_devs++; 4838 ssb_set_drvdata(dev, wldev); 4839 b43_debugfs_add_device(wldev); 4840 4841 out: 4842 return err; 4843 4844 err_kfree_wldev: 4845 kfree(wldev); 4846 return err; 4847} 4848 4849#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4850 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4851 (pdev->device == _device) && \ 4852 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4853 (pdev->subsystem_device == _subdevice) ) 4854 4855static void b43_sprom_fixup(struct ssb_bus *bus) 4856{ 4857 struct pci_dev *pdev; 4858 4859 /* boardflags workarounds */ 4860 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4861 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4862 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4863 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4864 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4865 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4866 if (bus->bustype == SSB_BUSTYPE_PCI) { 4867 pdev = bus->host_pci; 4868 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4869 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4870 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4871 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4872 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4873 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4874 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4875 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4876 } 4877} 4878 4879static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4880{ 4881 struct ieee80211_hw *hw = wl->hw; 4882 4883 ssb_set_devtypedata(dev, NULL); 4884 ieee80211_free_hw(hw); 4885} 4886 4887static int b43_wireless_init(struct ssb_device *dev) 4888{ 4889 struct ssb_sprom *sprom = &dev->bus->sprom; 4890 struct ieee80211_hw *hw; 4891 struct b43_wl *wl; 4892 int err = -ENOMEM; 4893 4894 b43_sprom_fixup(dev->bus); 4895 4896 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4897 if (!hw) { 4898 b43err(NULL, "Could not allocate ieee80211 device\n"); 4899 goto out; 4900 } 4901 wl = hw_to_b43_wl(hw); 4902 4903 /* fill hw info */ 4904 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4905 IEEE80211_HW_SIGNAL_DBM | 4906 IEEE80211_HW_NOISE_DBM; 4907 4908 hw->wiphy->interface_modes = 4909 BIT(NL80211_IFTYPE_AP) | 4910 BIT(NL80211_IFTYPE_MESH_POINT) | 4911 BIT(NL80211_IFTYPE_STATION) | 4912 BIT(NL80211_IFTYPE_WDS) | 4913 BIT(NL80211_IFTYPE_ADHOC); 4914 4915 hw->queues = modparam_qos ? 4 : 1; 4916 wl->mac80211_initially_registered_queues = hw->queues; 4917 hw->max_rates = 2; 4918 SET_IEEE80211_DEV(hw, dev->dev); 4919 if (is_valid_ether_addr(sprom->et1mac)) 4920 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4921 else 4922 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4923 4924 /* Initialize struct b43_wl */ 4925 wl->hw = hw; 4926 mutex_init(&wl->mutex); 4927 spin_lock_init(&wl->hardirq_lock); 4928 INIT_LIST_HEAD(&wl->devlist); 4929 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4930 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 4931 INIT_WORK(&wl->tx_work, b43_tx_work); 4932 skb_queue_head_init(&wl->tx_queue); 4933 4934 ssb_set_devtypedata(dev, wl); 4935 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 4936 dev->bus->chip_id, dev->id.revision); 4937 err = 0; 4938out: 4939 return err; 4940} 4941 4942static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4943{ 4944 struct b43_wl *wl; 4945 int err; 4946 int first = 0; 4947 4948 wl = ssb_get_devtypedata(dev); 4949 if (!wl) { 4950 /* Probing the first core. Must setup common struct b43_wl */ 4951 first = 1; 4952 err = b43_wireless_init(dev); 4953 if (err) 4954 goto out; 4955 wl = ssb_get_devtypedata(dev); 4956 B43_WARN_ON(!wl); 4957 } 4958 err = b43_one_core_attach(dev, wl); 4959 if (err) 4960 goto err_wireless_exit; 4961 4962 if (first) { 4963 err = ieee80211_register_hw(wl->hw); 4964 if (err) 4965 goto err_one_core_detach; 4966 b43_leds_register(wl->current_dev); 4967 b43_rng_init(wl); 4968 } 4969 4970 out: 4971 return err; 4972 4973 err_one_core_detach: 4974 b43_one_core_detach(dev); 4975 err_wireless_exit: 4976 if (first) 4977 b43_wireless_exit(dev, wl); 4978 return err; 4979} 4980 4981static void b43_remove(struct ssb_device *dev) 4982{ 4983 struct b43_wl *wl = ssb_get_devtypedata(dev); 4984 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4985 4986 /* We must cancel any work here before unregistering from ieee80211, 4987 * as the ieee80211 unreg will destroy the workqueue. */ 4988 cancel_work_sync(&wldev->restart_work); 4989 4990 B43_WARN_ON(!wl); 4991 if (wl->current_dev == wldev) { 4992 /* Restore the queues count before unregistering, because firmware detect 4993 * might have modified it. Restoring is important, so the networking 4994 * stack can properly free resources. */ 4995 wl->hw->queues = wl->mac80211_initially_registered_queues; 4996 b43_leds_stop(wldev); 4997 ieee80211_unregister_hw(wl->hw); 4998 } 4999 5000 b43_one_core_detach(dev); 5001 5002 if (list_empty(&wl->devlist)) { 5003 b43_rng_exit(wl); 5004 b43_leds_unregister(wl); 5005 /* Last core on the chip unregistered. 5006 * We can destroy common struct b43_wl. 5007 */ 5008 b43_wireless_exit(dev, wl); 5009 } 5010} 5011 5012/* Perform a hardware reset. This can be called from any context. */ 5013void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5014{ 5015 /* Must avoid requeueing, if we are in shutdown. */ 5016 if (b43_status(dev) < B43_STAT_INITIALIZED) 5017 return; 5018 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5019 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5020} 5021 5022static struct ssb_driver b43_ssb_driver = { 5023 .name = KBUILD_MODNAME, 5024 .id_table = b43_ssb_tbl, 5025 .probe = b43_probe, 5026 .remove = b43_remove, 5027}; 5028 5029static void b43_print_driverinfo(void) 5030{ 5031 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5032 *feat_leds = "", *feat_sdio = ""; 5033 5034#ifdef CONFIG_B43_PCI_AUTOSELECT 5035 feat_pci = "P"; 5036#endif 5037#ifdef CONFIG_B43_PCMCIA 5038 feat_pcmcia = "M"; 5039#endif 5040#ifdef CONFIG_B43_NPHY 5041 feat_nphy = "N"; 5042#endif 5043#ifdef CONFIG_B43_LEDS 5044 feat_leds = "L"; 5045#endif 5046#ifdef CONFIG_B43_SDIO 5047 feat_sdio = "S"; 5048#endif 5049 printk(KERN_INFO "Broadcom 43xx driver loaded " 5050 "[ Features: %s%s%s%s%s, Firmware-ID: " 5051 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5052 feat_pci, feat_pcmcia, feat_nphy, 5053 feat_leds, feat_sdio); 5054} 5055 5056static int __init b43_init(void) 5057{ 5058 int err; 5059 5060 b43_debugfs_init(); 5061 err = b43_pcmcia_init(); 5062 if (err) 5063 goto err_dfs_exit; 5064 err = b43_sdio_init(); 5065 if (err) 5066 goto err_pcmcia_exit; 5067 err = ssb_driver_register(&b43_ssb_driver); 5068 if (err) 5069 goto err_sdio_exit; 5070 b43_print_driverinfo(); 5071 5072 return err; 5073 5074err_sdio_exit: 5075 b43_sdio_exit(); 5076err_pcmcia_exit: 5077 b43_pcmcia_exit(); 5078err_dfs_exit: 5079 b43_debugfs_exit(); 5080 return err; 5081} 5082 5083static void __exit b43_exit(void) 5084{ 5085 ssb_driver_unregister(&b43_ssb_driver); 5086 b43_sdio_exit(); 5087 b43_pcmcia_exit(); 5088 b43_debugfs_exit(); 5089} 5090 5091module_init(b43_init) 5092module_exit(b43_exit) 5093