main.c revision 566bfe5a8bcde13188a356f77666f8115813cf31
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 Some parts of the code in this file are derived from the ipw2200 12 driver Copyright(c) 2003 - 2004 Intel Corporation. 13 14 This program is free software; you can redistribute it and/or modify 15 it under the terms of the GNU General Public License as published by 16 the Free Software Foundation; either version 2 of the License, or 17 (at your option) any later version. 18 19 This program is distributed in the hope that it will be useful, 20 but WITHOUT ANY WARRANTY; without even the implied warranty of 21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 GNU General Public License for more details. 23 24 You should have received a copy of the GNU General Public License 25 along with this program; see the file COPYING. If not, write to 26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 27 Boston, MA 02110-1301, USA. 28 29*/ 30 31#include <linux/delay.h> 32#include <linux/init.h> 33#include <linux/moduleparam.h> 34#include <linux/if_arp.h> 35#include <linux/etherdevice.h> 36#include <linux/version.h> 37#include <linux/firmware.h> 38#include <linux/wireless.h> 39#include <linux/workqueue.h> 40#include <linux/skbuff.h> 41#include <linux/io.h> 42#include <linux/dma-mapping.h> 43#include <asm/unaligned.h> 44 45#include "b43.h" 46#include "main.h" 47#include "debugfs.h" 48#include "phy.h" 49#include "nphy.h" 50#include "dma.h" 51#include "pio.h" 52#include "sysfs.h" 53#include "xmit.h" 54#include "lo.h" 55#include "pcmcia.h" 56 57MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 58MODULE_AUTHOR("Martin Langer"); 59MODULE_AUTHOR("Stefano Brivio"); 60MODULE_AUTHOR("Michael Buesch"); 61MODULE_LICENSE("GPL"); 62 63MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 64 65 66static int modparam_bad_frames_preempt; 67module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 68MODULE_PARM_DESC(bad_frames_preempt, 69 "enable(1) / disable(0) Bad Frames Preemption"); 70 71static char modparam_fwpostfix[16]; 72module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 73MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 74 75static int modparam_hwpctl; 76module_param_named(hwpctl, modparam_hwpctl, int, 0444); 77MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 78 79static int modparam_nohwcrypt; 80module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 81MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 82 83int b43_modparam_qos = 1; 84module_param_named(qos, b43_modparam_qos, int, 0444); 85MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 86 87static int modparam_btcoex = 1; 88module_param_named(btcoex, modparam_btcoex, int, 0444); 89MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistance (default on)"); 90 91 92static const struct ssb_device_id b43_ssb_tbl[] = { 93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 96 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 97 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 98 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 99 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 100 SSB_DEVTABLE_END 101}; 102 103MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 104 105/* Channel and ratetables are shared for all devices. 106 * They can't be const, because ieee80211 puts some precalculated 107 * data in there. This data is the same for all devices, so we don't 108 * get concurrency issues */ 109#define RATETAB_ENT(_rateid, _flags) \ 110 { \ 111 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 112 .hw_value = (_rateid), \ 113 .flags = (_flags), \ 114 } 115 116/* 117 * NOTE: When changing this, sync with xmit.c's 118 * b43_plcp_get_bitrate_idx_* functions! 119 */ 120static struct ieee80211_rate __b43_ratetable[] = { 121 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 122 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 123 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 124 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 125 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 126 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 127 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 128 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 129 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 130 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 131 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 132 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 133}; 134 135#define b43_a_ratetable (__b43_ratetable + 4) 136#define b43_a_ratetable_size 8 137#define b43_b_ratetable (__b43_ratetable + 0) 138#define b43_b_ratetable_size 4 139#define b43_g_ratetable (__b43_ratetable + 0) 140#define b43_g_ratetable_size 12 141 142#define CHAN4G(_channel, _freq, _flags) { \ 143 .band = IEEE80211_BAND_2GHZ, \ 144 .center_freq = (_freq), \ 145 .hw_value = (_channel), \ 146 .flags = (_flags), \ 147 .max_antenna_gain = 0, \ 148 .max_power = 30, \ 149} 150static struct ieee80211_channel b43_2ghz_chantable[] = { 151 CHAN4G(1, 2412, 0), 152 CHAN4G(2, 2417, 0), 153 CHAN4G(3, 2422, 0), 154 CHAN4G(4, 2427, 0), 155 CHAN4G(5, 2432, 0), 156 CHAN4G(6, 2437, 0), 157 CHAN4G(7, 2442, 0), 158 CHAN4G(8, 2447, 0), 159 CHAN4G(9, 2452, 0), 160 CHAN4G(10, 2457, 0), 161 CHAN4G(11, 2462, 0), 162 CHAN4G(12, 2467, 0), 163 CHAN4G(13, 2472, 0), 164 CHAN4G(14, 2484, 0), 165}; 166#undef CHAN4G 167 168#define CHAN5G(_channel, _flags) { \ 169 .band = IEEE80211_BAND_5GHZ, \ 170 .center_freq = 5000 + (5 * (_channel)), \ 171 .hw_value = (_channel), \ 172 .flags = (_flags), \ 173 .max_antenna_gain = 0, \ 174 .max_power = 30, \ 175} 176static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 177 CHAN5G(32, 0), CHAN5G(34, 0), 178 CHAN5G(36, 0), CHAN5G(38, 0), 179 CHAN5G(40, 0), CHAN5G(42, 0), 180 CHAN5G(44, 0), CHAN5G(46, 0), 181 CHAN5G(48, 0), CHAN5G(50, 0), 182 CHAN5G(52, 0), CHAN5G(54, 0), 183 CHAN5G(56, 0), CHAN5G(58, 0), 184 CHAN5G(60, 0), CHAN5G(62, 0), 185 CHAN5G(64, 0), CHAN5G(66, 0), 186 CHAN5G(68, 0), CHAN5G(70, 0), 187 CHAN5G(72, 0), CHAN5G(74, 0), 188 CHAN5G(76, 0), CHAN5G(78, 0), 189 CHAN5G(80, 0), CHAN5G(82, 0), 190 CHAN5G(84, 0), CHAN5G(86, 0), 191 CHAN5G(88, 0), CHAN5G(90, 0), 192 CHAN5G(92, 0), CHAN5G(94, 0), 193 CHAN5G(96, 0), CHAN5G(98, 0), 194 CHAN5G(100, 0), CHAN5G(102, 0), 195 CHAN5G(104, 0), CHAN5G(106, 0), 196 CHAN5G(108, 0), CHAN5G(110, 0), 197 CHAN5G(112, 0), CHAN5G(114, 0), 198 CHAN5G(116, 0), CHAN5G(118, 0), 199 CHAN5G(120, 0), CHAN5G(122, 0), 200 CHAN5G(124, 0), CHAN5G(126, 0), 201 CHAN5G(128, 0), CHAN5G(130, 0), 202 CHAN5G(132, 0), CHAN5G(134, 0), 203 CHAN5G(136, 0), CHAN5G(138, 0), 204 CHAN5G(140, 0), CHAN5G(142, 0), 205 CHAN5G(144, 0), CHAN5G(145, 0), 206 CHAN5G(146, 0), CHAN5G(147, 0), 207 CHAN5G(148, 0), CHAN5G(149, 0), 208 CHAN5G(150, 0), CHAN5G(151, 0), 209 CHAN5G(152, 0), CHAN5G(153, 0), 210 CHAN5G(154, 0), CHAN5G(155, 0), 211 CHAN5G(156, 0), CHAN5G(157, 0), 212 CHAN5G(158, 0), CHAN5G(159, 0), 213 CHAN5G(160, 0), CHAN5G(161, 0), 214 CHAN5G(162, 0), CHAN5G(163, 0), 215 CHAN5G(164, 0), CHAN5G(165, 0), 216 CHAN5G(166, 0), CHAN5G(168, 0), 217 CHAN5G(170, 0), CHAN5G(172, 0), 218 CHAN5G(174, 0), CHAN5G(176, 0), 219 CHAN5G(178, 0), CHAN5G(180, 0), 220 CHAN5G(182, 0), CHAN5G(184, 0), 221 CHAN5G(186, 0), CHAN5G(188, 0), 222 CHAN5G(190, 0), CHAN5G(192, 0), 223 CHAN5G(194, 0), CHAN5G(196, 0), 224 CHAN5G(198, 0), CHAN5G(200, 0), 225 CHAN5G(202, 0), CHAN5G(204, 0), 226 CHAN5G(206, 0), CHAN5G(208, 0), 227 CHAN5G(210, 0), CHAN5G(212, 0), 228 CHAN5G(214, 0), CHAN5G(216, 0), 229 CHAN5G(218, 0), CHAN5G(220, 0), 230 CHAN5G(222, 0), CHAN5G(224, 0), 231 CHAN5G(226, 0), CHAN5G(228, 0), 232}; 233 234static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 235 CHAN5G(34, 0), CHAN5G(36, 0), 236 CHAN5G(38, 0), CHAN5G(40, 0), 237 CHAN5G(42, 0), CHAN5G(44, 0), 238 CHAN5G(46, 0), CHAN5G(48, 0), 239 CHAN5G(52, 0), CHAN5G(56, 0), 240 CHAN5G(60, 0), CHAN5G(64, 0), 241 CHAN5G(100, 0), CHAN5G(104, 0), 242 CHAN5G(108, 0), CHAN5G(112, 0), 243 CHAN5G(116, 0), CHAN5G(120, 0), 244 CHAN5G(124, 0), CHAN5G(128, 0), 245 CHAN5G(132, 0), CHAN5G(136, 0), 246 CHAN5G(140, 0), CHAN5G(149, 0), 247 CHAN5G(153, 0), CHAN5G(157, 0), 248 CHAN5G(161, 0), CHAN5G(165, 0), 249 CHAN5G(184, 0), CHAN5G(188, 0), 250 CHAN5G(192, 0), CHAN5G(196, 0), 251 CHAN5G(200, 0), CHAN5G(204, 0), 252 CHAN5G(208, 0), CHAN5G(212, 0), 253 CHAN5G(216, 0), 254}; 255#undef CHAN5G 256 257static struct ieee80211_supported_band b43_band_5GHz_nphy = { 258 .band = IEEE80211_BAND_5GHZ, 259 .channels = b43_5ghz_nphy_chantable, 260 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 261 .bitrates = b43_a_ratetable, 262 .n_bitrates = b43_a_ratetable_size, 263}; 264 265static struct ieee80211_supported_band b43_band_5GHz_aphy = { 266 .band = IEEE80211_BAND_5GHZ, 267 .channels = b43_5ghz_aphy_chantable, 268 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 269 .bitrates = b43_a_ratetable, 270 .n_bitrates = b43_a_ratetable_size, 271}; 272 273static struct ieee80211_supported_band b43_band_2GHz = { 274 .band = IEEE80211_BAND_2GHZ, 275 .channels = b43_2ghz_chantable, 276 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 277 .bitrates = b43_g_ratetable, 278 .n_bitrates = b43_g_ratetable_size, 279}; 280 281static void b43_wireless_core_exit(struct b43_wldev *dev); 282static int b43_wireless_core_init(struct b43_wldev *dev); 283static void b43_wireless_core_stop(struct b43_wldev *dev); 284static int b43_wireless_core_start(struct b43_wldev *dev); 285 286static int b43_ratelimit(struct b43_wl *wl) 287{ 288 if (!wl || !wl->current_dev) 289 return 1; 290 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 291 return 1; 292 /* We are up and running. 293 * Ratelimit the messages to avoid DoS over the net. */ 294 return net_ratelimit(); 295} 296 297void b43info(struct b43_wl *wl, const char *fmt, ...) 298{ 299 va_list args; 300 301 if (!b43_ratelimit(wl)) 302 return; 303 va_start(args, fmt); 304 printk(KERN_INFO "b43-%s: ", 305 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 306 vprintk(fmt, args); 307 va_end(args); 308} 309 310void b43err(struct b43_wl *wl, const char *fmt, ...) 311{ 312 va_list args; 313 314 if (!b43_ratelimit(wl)) 315 return; 316 va_start(args, fmt); 317 printk(KERN_ERR "b43-%s ERROR: ", 318 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 319 vprintk(fmt, args); 320 va_end(args); 321} 322 323void b43warn(struct b43_wl *wl, const char *fmt, ...) 324{ 325 va_list args; 326 327 if (!b43_ratelimit(wl)) 328 return; 329 va_start(args, fmt); 330 printk(KERN_WARNING "b43-%s warning: ", 331 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 332 vprintk(fmt, args); 333 va_end(args); 334} 335 336#if B43_DEBUG 337void b43dbg(struct b43_wl *wl, const char *fmt, ...) 338{ 339 va_list args; 340 341 va_start(args, fmt); 342 printk(KERN_DEBUG "b43-%s debug: ", 343 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 344 vprintk(fmt, args); 345 va_end(args); 346} 347#endif /* DEBUG */ 348 349static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 350{ 351 u32 macctl; 352 353 B43_WARN_ON(offset % 4 != 0); 354 355 macctl = b43_read32(dev, B43_MMIO_MACCTL); 356 if (macctl & B43_MACCTL_BE) 357 val = swab32(val); 358 359 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 360 mmiowb(); 361 b43_write32(dev, B43_MMIO_RAM_DATA, val); 362} 363 364static inline void b43_shm_control_word(struct b43_wldev *dev, 365 u16 routing, u16 offset) 366{ 367 u32 control; 368 369 /* "offset" is the WORD offset. */ 370 control = routing; 371 control <<= 16; 372 control |= offset; 373 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 374} 375 376u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 377{ 378 struct b43_wl *wl = dev->wl; 379 unsigned long flags; 380 u32 ret; 381 382 spin_lock_irqsave(&wl->shm_lock, flags); 383 if (routing == B43_SHM_SHARED) { 384 B43_WARN_ON(offset & 0x0001); 385 if (offset & 0x0003) { 386 /* Unaligned access */ 387 b43_shm_control_word(dev, routing, offset >> 2); 388 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 389 ret <<= 16; 390 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 391 ret |= b43_read16(dev, B43_MMIO_SHM_DATA); 392 393 goto out; 394 } 395 offset >>= 2; 396 } 397 b43_shm_control_word(dev, routing, offset); 398 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 399out: 400 spin_unlock_irqrestore(&wl->shm_lock, flags); 401 402 return ret; 403} 404 405u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset) 406{ 407 struct b43_wl *wl = dev->wl; 408 unsigned long flags; 409 u16 ret; 410 411 spin_lock_irqsave(&wl->shm_lock, flags); 412 if (routing == B43_SHM_SHARED) { 413 B43_WARN_ON(offset & 0x0001); 414 if (offset & 0x0003) { 415 /* Unaligned access */ 416 b43_shm_control_word(dev, routing, offset >> 2); 417 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 418 419 goto out; 420 } 421 offset >>= 2; 422 } 423 b43_shm_control_word(dev, routing, offset); 424 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 425out: 426 spin_unlock_irqrestore(&wl->shm_lock, flags); 427 428 return ret; 429} 430 431void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 432{ 433 struct b43_wl *wl = dev->wl; 434 unsigned long flags; 435 436 spin_lock_irqsave(&wl->shm_lock, flags); 437 if (routing == B43_SHM_SHARED) { 438 B43_WARN_ON(offset & 0x0001); 439 if (offset & 0x0003) { 440 /* Unaligned access */ 441 b43_shm_control_word(dev, routing, offset >> 2); 442 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 443 (value >> 16) & 0xffff); 444 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 445 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff); 446 goto out; 447 } 448 offset >>= 2; 449 } 450 b43_shm_control_word(dev, routing, offset); 451 b43_write32(dev, B43_MMIO_SHM_DATA, value); 452out: 453 spin_unlock_irqrestore(&wl->shm_lock, flags); 454} 455 456void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 457{ 458 struct b43_wl *wl = dev->wl; 459 unsigned long flags; 460 461 spin_lock_irqsave(&wl->shm_lock, flags); 462 if (routing == B43_SHM_SHARED) { 463 B43_WARN_ON(offset & 0x0001); 464 if (offset & 0x0003) { 465 /* Unaligned access */ 466 b43_shm_control_word(dev, routing, offset >> 2); 467 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 468 goto out; 469 } 470 offset >>= 2; 471 } 472 b43_shm_control_word(dev, routing, offset); 473 b43_write16(dev, B43_MMIO_SHM_DATA, value); 474out: 475 spin_unlock_irqrestore(&wl->shm_lock, flags); 476} 477 478/* Read HostFlags */ 479u64 b43_hf_read(struct b43_wldev * dev) 480{ 481 u64 ret; 482 483 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 484 ret <<= 16; 485 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 486 ret <<= 16; 487 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 488 489 return ret; 490} 491 492/* Write HostFlags */ 493void b43_hf_write(struct b43_wldev *dev, u64 value) 494{ 495 u16 lo, mi, hi; 496 497 lo = (value & 0x00000000FFFFULL); 498 mi = (value & 0x0000FFFF0000ULL) >> 16; 499 hi = (value & 0xFFFF00000000ULL) >> 32; 500 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 501 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 502 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 503} 504 505void b43_tsf_read(struct b43_wldev *dev, u64 * tsf) 506{ 507 /* We need to be careful. As we read the TSF from multiple 508 * registers, we should take care of register overflows. 509 * In theory, the whole tsf read process should be atomic. 510 * We try to be atomic here, by restaring the read process, 511 * if any of the high registers changed (overflew). 512 */ 513 if (dev->dev->id.revision >= 3) { 514 u32 low, high, high2; 515 516 do { 517 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 518 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 519 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 520 } while (unlikely(high != high2)); 521 522 *tsf = high; 523 *tsf <<= 32; 524 *tsf |= low; 525 } else { 526 u64 tmp; 527 u16 v0, v1, v2, v3; 528 u16 test1, test2, test3; 529 530 do { 531 v3 = b43_read16(dev, B43_MMIO_TSF_3); 532 v2 = b43_read16(dev, B43_MMIO_TSF_2); 533 v1 = b43_read16(dev, B43_MMIO_TSF_1); 534 v0 = b43_read16(dev, B43_MMIO_TSF_0); 535 536 test3 = b43_read16(dev, B43_MMIO_TSF_3); 537 test2 = b43_read16(dev, B43_MMIO_TSF_2); 538 test1 = b43_read16(dev, B43_MMIO_TSF_1); 539 } while (v3 != test3 || v2 != test2 || v1 != test1); 540 541 *tsf = v3; 542 *tsf <<= 48; 543 tmp = v2; 544 tmp <<= 32; 545 *tsf |= tmp; 546 tmp = v1; 547 tmp <<= 16; 548 *tsf |= tmp; 549 *tsf |= v0; 550 } 551} 552 553static void b43_time_lock(struct b43_wldev *dev) 554{ 555 u32 macctl; 556 557 macctl = b43_read32(dev, B43_MMIO_MACCTL); 558 macctl |= B43_MACCTL_TBTTHOLD; 559 b43_write32(dev, B43_MMIO_MACCTL, macctl); 560 /* Commit the write */ 561 b43_read32(dev, B43_MMIO_MACCTL); 562} 563 564static void b43_time_unlock(struct b43_wldev *dev) 565{ 566 u32 macctl; 567 568 macctl = b43_read32(dev, B43_MMIO_MACCTL); 569 macctl &= ~B43_MACCTL_TBTTHOLD; 570 b43_write32(dev, B43_MMIO_MACCTL, macctl); 571 /* Commit the write */ 572 b43_read32(dev, B43_MMIO_MACCTL); 573} 574 575static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 576{ 577 /* Be careful with the in-progress timer. 578 * First zero out the low register, so we have a full 579 * register-overflow duration to complete the operation. 580 */ 581 if (dev->dev->id.revision >= 3) { 582 u32 lo = (tsf & 0x00000000FFFFFFFFULL); 583 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32; 584 585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0); 586 mmiowb(); 587 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi); 588 mmiowb(); 589 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo); 590 } else { 591 u16 v0 = (tsf & 0x000000000000FFFFULL); 592 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16; 593 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32; 594 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48; 595 596 b43_write16(dev, B43_MMIO_TSF_0, 0); 597 mmiowb(); 598 b43_write16(dev, B43_MMIO_TSF_3, v3); 599 mmiowb(); 600 b43_write16(dev, B43_MMIO_TSF_2, v2); 601 mmiowb(); 602 b43_write16(dev, B43_MMIO_TSF_1, v1); 603 mmiowb(); 604 b43_write16(dev, B43_MMIO_TSF_0, v0); 605 } 606} 607 608void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 609{ 610 b43_time_lock(dev); 611 b43_tsf_write_locked(dev, tsf); 612 b43_time_unlock(dev); 613} 614 615static 616void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac) 617{ 618 static const u8 zero_addr[ETH_ALEN] = { 0 }; 619 u16 data; 620 621 if (!mac) 622 mac = zero_addr; 623 624 offset |= 0x0020; 625 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 626 627 data = mac[0]; 628 data |= mac[1] << 8; 629 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 630 data = mac[2]; 631 data |= mac[3] << 8; 632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 633 data = mac[4]; 634 data |= mac[5] << 8; 635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 636} 637 638static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 639{ 640 const u8 *mac; 641 const u8 *bssid; 642 u8 mac_bssid[ETH_ALEN * 2]; 643 int i; 644 u32 tmp; 645 646 bssid = dev->wl->bssid; 647 mac = dev->wl->mac_addr; 648 649 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 650 651 memcpy(mac_bssid, mac, ETH_ALEN); 652 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 653 654 /* Write our MAC address and BSSID to template ram */ 655 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 656 tmp = (u32) (mac_bssid[i + 0]); 657 tmp |= (u32) (mac_bssid[i + 1]) << 8; 658 tmp |= (u32) (mac_bssid[i + 2]) << 16; 659 tmp |= (u32) (mac_bssid[i + 3]) << 24; 660 b43_ram_write(dev, 0x20 + i, tmp); 661 } 662} 663 664static void b43_upload_card_macaddress(struct b43_wldev *dev) 665{ 666 b43_write_mac_bssid_templates(dev); 667 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 668} 669 670static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 671{ 672 /* slot_time is in usec. */ 673 if (dev->phy.type != B43_PHYTYPE_G) 674 return; 675 b43_write16(dev, 0x684, 510 + slot_time); 676 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 677} 678 679static void b43_short_slot_timing_enable(struct b43_wldev *dev) 680{ 681 b43_set_slot_time(dev, 9); 682 dev->short_slot = 1; 683} 684 685static void b43_short_slot_timing_disable(struct b43_wldev *dev) 686{ 687 b43_set_slot_time(dev, 20); 688 dev->short_slot = 0; 689} 690 691/* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable. 692 * Returns the _previously_ enabled IRQ mask. 693 */ 694static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask) 695{ 696 u32 old_mask; 697 698 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 699 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask); 700 701 return old_mask; 702} 703 704/* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable. 705 * Returns the _previously_ enabled IRQ mask. 706 */ 707static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask) 708{ 709 u32 old_mask; 710 711 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 712 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask); 713 714 return old_mask; 715} 716 717/* Synchronize IRQ top- and bottom-half. 718 * IRQs must be masked before calling this. 719 * This must not be called with the irq_lock held. 720 */ 721static void b43_synchronize_irq(struct b43_wldev *dev) 722{ 723 synchronize_irq(dev->dev->irq); 724 tasklet_kill(&dev->isr_tasklet); 725} 726 727/* DummyTransmission function, as documented on 728 * http://bcm-specs.sipsolutions.net/DummyTransmission 729 */ 730void b43_dummy_transmission(struct b43_wldev *dev) 731{ 732 struct b43_wl *wl = dev->wl; 733 struct b43_phy *phy = &dev->phy; 734 unsigned int i, max_loop; 735 u16 value; 736 u32 buffer[5] = { 737 0x00000000, 738 0x00D40000, 739 0x00000000, 740 0x01000000, 741 0x00000000, 742 }; 743 744 switch (phy->type) { 745 case B43_PHYTYPE_A: 746 max_loop = 0x1E; 747 buffer[0] = 0x000201CC; 748 break; 749 case B43_PHYTYPE_B: 750 case B43_PHYTYPE_G: 751 max_loop = 0xFA; 752 buffer[0] = 0x000B846E; 753 break; 754 default: 755 B43_WARN_ON(1); 756 return; 757 } 758 759 spin_lock_irq(&wl->irq_lock); 760 write_lock(&wl->tx_lock); 761 762 for (i = 0; i < 5; i++) 763 b43_ram_write(dev, i * 4, buffer[i]); 764 765 /* Commit writes */ 766 b43_read32(dev, B43_MMIO_MACCTL); 767 768 b43_write16(dev, 0x0568, 0x0000); 769 b43_write16(dev, 0x07C0, 0x0000); 770 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0); 771 b43_write16(dev, 0x050C, value); 772 b43_write16(dev, 0x0508, 0x0000); 773 b43_write16(dev, 0x050A, 0x0000); 774 b43_write16(dev, 0x054C, 0x0000); 775 b43_write16(dev, 0x056A, 0x0014); 776 b43_write16(dev, 0x0568, 0x0826); 777 b43_write16(dev, 0x0500, 0x0000); 778 b43_write16(dev, 0x0502, 0x0030); 779 780 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 781 b43_radio_write16(dev, 0x0051, 0x0017); 782 for (i = 0x00; i < max_loop; i++) { 783 value = b43_read16(dev, 0x050E); 784 if (value & 0x0080) 785 break; 786 udelay(10); 787 } 788 for (i = 0x00; i < 0x0A; i++) { 789 value = b43_read16(dev, 0x050E); 790 if (value & 0x0400) 791 break; 792 udelay(10); 793 } 794 for (i = 0x00; i < 0x0A; i++) { 795 value = b43_read16(dev, 0x0690); 796 if (!(value & 0x0100)) 797 break; 798 udelay(10); 799 } 800 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 801 b43_radio_write16(dev, 0x0051, 0x0037); 802 803 write_unlock(&wl->tx_lock); 804 spin_unlock_irq(&wl->irq_lock); 805} 806 807static void key_write(struct b43_wldev *dev, 808 u8 index, u8 algorithm, const u8 * key) 809{ 810 unsigned int i; 811 u32 offset; 812 u16 value; 813 u16 kidx; 814 815 /* Key index/algo block */ 816 kidx = b43_kidx_to_fw(dev, index); 817 value = ((kidx << 4) | algorithm); 818 b43_shm_write16(dev, B43_SHM_SHARED, 819 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 820 821 /* Write the key to the Key Table Pointer offset */ 822 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 823 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 824 value = key[i]; 825 value |= (u16) (key[i + 1]) << 8; 826 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 827 } 828} 829 830static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr) 831{ 832 u32 addrtmp[2] = { 0, 0, }; 833 u8 per_sta_keys_start = 8; 834 835 if (b43_new_kidx_api(dev)) 836 per_sta_keys_start = 4; 837 838 B43_WARN_ON(index < per_sta_keys_start); 839 /* We have two default TX keys and possibly two default RX keys. 840 * Physical mac 0 is mapped to physical key 4 or 8, depending 841 * on the firmware version. 842 * So we must adjust the index here. 843 */ 844 index -= per_sta_keys_start; 845 846 if (addr) { 847 addrtmp[0] = addr[0]; 848 addrtmp[0] |= ((u32) (addr[1]) << 8); 849 addrtmp[0] |= ((u32) (addr[2]) << 16); 850 addrtmp[0] |= ((u32) (addr[3]) << 24); 851 addrtmp[1] = addr[4]; 852 addrtmp[1] |= ((u32) (addr[5]) << 8); 853 } 854 855 if (dev->dev->id.revision >= 5) { 856 /* Receive match transmitter address mechanism */ 857 b43_shm_write32(dev, B43_SHM_RCMTA, 858 (index * 2) + 0, addrtmp[0]); 859 b43_shm_write16(dev, B43_SHM_RCMTA, 860 (index * 2) + 1, addrtmp[1]); 861 } else { 862 /* RXE (Receive Engine) and 863 * PSM (Programmable State Machine) mechanism 864 */ 865 if (index < 8) { 866 /* TODO write to RCM 16, 19, 22 and 25 */ 867 } else { 868 b43_shm_write32(dev, B43_SHM_SHARED, 869 B43_SHM_SH_PSM + (index * 6) + 0, 870 addrtmp[0]); 871 b43_shm_write16(dev, B43_SHM_SHARED, 872 B43_SHM_SH_PSM + (index * 6) + 4, 873 addrtmp[1]); 874 } 875 } 876} 877 878static void do_key_write(struct b43_wldev *dev, 879 u8 index, u8 algorithm, 880 const u8 * key, size_t key_len, const u8 * mac_addr) 881{ 882 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 883 u8 per_sta_keys_start = 8; 884 885 if (b43_new_kidx_api(dev)) 886 per_sta_keys_start = 4; 887 888 B43_WARN_ON(index >= dev->max_nr_keys); 889 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 890 891 if (index >= per_sta_keys_start) 892 keymac_write(dev, index, NULL); /* First zero out mac. */ 893 if (key) 894 memcpy(buf, key, key_len); 895 key_write(dev, index, algorithm, buf); 896 if (index >= per_sta_keys_start) 897 keymac_write(dev, index, mac_addr); 898 899 dev->key[index].algorithm = algorithm; 900} 901 902static int b43_key_write(struct b43_wldev *dev, 903 int index, u8 algorithm, 904 const u8 * key, size_t key_len, 905 const u8 * mac_addr, 906 struct ieee80211_key_conf *keyconf) 907{ 908 int i; 909 int sta_keys_start; 910 911 if (key_len > B43_SEC_KEYSIZE) 912 return -EINVAL; 913 for (i = 0; i < dev->max_nr_keys; i++) { 914 /* Check that we don't already have this key. */ 915 B43_WARN_ON(dev->key[i].keyconf == keyconf); 916 } 917 if (index < 0) { 918 /* Either pairwise key or address is 00:00:00:00:00:00 919 * for transmit-only keys. Search the index. */ 920 if (b43_new_kidx_api(dev)) 921 sta_keys_start = 4; 922 else 923 sta_keys_start = 8; 924 for (i = sta_keys_start; i < dev->max_nr_keys; i++) { 925 if (!dev->key[i].keyconf) { 926 /* found empty */ 927 index = i; 928 break; 929 } 930 } 931 if (index < 0) { 932 b43err(dev->wl, "Out of hardware key memory\n"); 933 return -ENOSPC; 934 } 935 } else 936 B43_WARN_ON(index > 3); 937 938 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 939 if ((index <= 3) && !b43_new_kidx_api(dev)) { 940 /* Default RX key */ 941 B43_WARN_ON(mac_addr); 942 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 943 } 944 keyconf->hw_key_idx = index; 945 dev->key[index].keyconf = keyconf; 946 947 return 0; 948} 949 950static int b43_key_clear(struct b43_wldev *dev, int index) 951{ 952 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys))) 953 return -EINVAL; 954 do_key_write(dev, index, B43_SEC_ALGO_NONE, 955 NULL, B43_SEC_KEYSIZE, NULL); 956 if ((index <= 3) && !b43_new_kidx_api(dev)) { 957 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 958 NULL, B43_SEC_KEYSIZE, NULL); 959 } 960 dev->key[index].keyconf = NULL; 961 962 return 0; 963} 964 965static void b43_clear_keys(struct b43_wldev *dev) 966{ 967 int i; 968 969 for (i = 0; i < dev->max_nr_keys; i++) 970 b43_key_clear(dev, i); 971} 972 973void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 974{ 975 u32 macctl; 976 u16 ucstat; 977 bool hwps; 978 bool awake; 979 int i; 980 981 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 982 (ps_flags & B43_PS_DISABLED)); 983 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 984 985 if (ps_flags & B43_PS_ENABLED) { 986 hwps = 1; 987 } else if (ps_flags & B43_PS_DISABLED) { 988 hwps = 0; 989 } else { 990 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 991 // and thus is not an AP and we are associated, set bit 25 992 } 993 if (ps_flags & B43_PS_AWAKE) { 994 awake = 1; 995 } else if (ps_flags & B43_PS_ASLEEP) { 996 awake = 0; 997 } else { 998 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 999 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1000 // successful, set bit26 1001 } 1002 1003/* FIXME: For now we force awake-on and hwps-off */ 1004 hwps = 0; 1005 awake = 1; 1006 1007 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1008 if (hwps) 1009 macctl |= B43_MACCTL_HWPS; 1010 else 1011 macctl &= ~B43_MACCTL_HWPS; 1012 if (awake) 1013 macctl |= B43_MACCTL_AWAKE; 1014 else 1015 macctl &= ~B43_MACCTL_AWAKE; 1016 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1017 /* Commit write */ 1018 b43_read32(dev, B43_MMIO_MACCTL); 1019 if (awake && dev->dev->id.revision >= 5) { 1020 /* Wait for the microcode to wake up. */ 1021 for (i = 0; i < 100; i++) { 1022 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1023 B43_SHM_SH_UCODESTAT); 1024 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1025 break; 1026 udelay(10); 1027 } 1028 } 1029} 1030 1031/* Turn the Analog ON/OFF */ 1032static void b43_switch_analog(struct b43_wldev *dev, int on) 1033{ 1034 switch (dev->phy.type) { 1035 case B43_PHYTYPE_A: 1036 case B43_PHYTYPE_G: 1037 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4); 1038 break; 1039 case B43_PHYTYPE_N: 1040 b43_phy_write(dev, B43_NPHY_AFECTL_OVER, 1041 on ? 0 : 0x7FFF); 1042 break; 1043 default: 1044 B43_WARN_ON(1); 1045 } 1046} 1047 1048void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1049{ 1050 u32 tmslow; 1051 u32 macctl; 1052 1053 flags |= B43_TMSLOW_PHYCLKEN; 1054 flags |= B43_TMSLOW_PHYRESET; 1055 ssb_device_enable(dev->dev, flags); 1056 msleep(2); /* Wait for the PLL to turn on. */ 1057 1058 /* Now take the PHY out of Reset again */ 1059 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1060 tmslow |= SSB_TMSLOW_FGC; 1061 tmslow &= ~B43_TMSLOW_PHYRESET; 1062 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1063 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1064 msleep(1); 1065 tmslow &= ~SSB_TMSLOW_FGC; 1066 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1067 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1068 msleep(1); 1069 1070 /* Turn Analog ON */ 1071 b43_switch_analog(dev, 1); 1072 1073 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1074 macctl &= ~B43_MACCTL_GMODE; 1075 if (flags & B43_TMSLOW_GMODE) 1076 macctl |= B43_MACCTL_GMODE; 1077 macctl |= B43_MACCTL_IHR_ENABLED; 1078 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1079} 1080 1081static void handle_irq_transmit_status(struct b43_wldev *dev) 1082{ 1083 u32 v0, v1; 1084 u16 tmp; 1085 struct b43_txstatus stat; 1086 1087 while (1) { 1088 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1089 if (!(v0 & 0x00000001)) 1090 break; 1091 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1092 1093 stat.cookie = (v0 >> 16); 1094 stat.seq = (v1 & 0x0000FFFF); 1095 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1096 tmp = (v0 & 0x0000FFFF); 1097 stat.frame_count = ((tmp & 0xF000) >> 12); 1098 stat.rts_count = ((tmp & 0x0F00) >> 8); 1099 stat.supp_reason = ((tmp & 0x001C) >> 2); 1100 stat.pm_indicated = !!(tmp & 0x0080); 1101 stat.intermediate = !!(tmp & 0x0040); 1102 stat.for_ampdu = !!(tmp & 0x0020); 1103 stat.acked = !!(tmp & 0x0002); 1104 1105 b43_handle_txstatus(dev, &stat); 1106 } 1107} 1108 1109static void drain_txstatus_queue(struct b43_wldev *dev) 1110{ 1111 u32 dummy; 1112 1113 if (dev->dev->id.revision < 5) 1114 return; 1115 /* Read all entries from the microcode TXstatus FIFO 1116 * and throw them away. 1117 */ 1118 while (1) { 1119 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1120 if (!(dummy & 0x00000001)) 1121 break; 1122 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1123 } 1124} 1125 1126static u32 b43_jssi_read(struct b43_wldev *dev) 1127{ 1128 u32 val = 0; 1129 1130 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1131 val <<= 16; 1132 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1133 1134 return val; 1135} 1136 1137static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1138{ 1139 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1140 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1141} 1142 1143static void b43_generate_noise_sample(struct b43_wldev *dev) 1144{ 1145 b43_jssi_write(dev, 0x7F7F7F7F); 1146 b43_write32(dev, B43_MMIO_MACCMD, 1147 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1148 B43_WARN_ON(dev->noisecalc.channel_at_start != dev->phy.channel); 1149} 1150 1151static void b43_calculate_link_quality(struct b43_wldev *dev) 1152{ 1153 /* Top half of Link Quality calculation. */ 1154 1155 if (dev->noisecalc.calculation_running) 1156 return; 1157 dev->noisecalc.channel_at_start = dev->phy.channel; 1158 dev->noisecalc.calculation_running = 1; 1159 dev->noisecalc.nr_samples = 0; 1160 1161 b43_generate_noise_sample(dev); 1162} 1163 1164static void handle_irq_noise(struct b43_wldev *dev) 1165{ 1166 struct b43_phy *phy = &dev->phy; 1167 u16 tmp; 1168 u8 noise[4]; 1169 u8 i, j; 1170 s32 average; 1171 1172 /* Bottom half of Link Quality calculation. */ 1173 1174 B43_WARN_ON(!dev->noisecalc.calculation_running); 1175 if (dev->noisecalc.channel_at_start != phy->channel) 1176 goto drop_calculation; 1177 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1178 if (noise[0] == 0x7F || noise[1] == 0x7F || 1179 noise[2] == 0x7F || noise[3] == 0x7F) 1180 goto generate_new; 1181 1182 /* Get the noise samples. */ 1183 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1184 i = dev->noisecalc.nr_samples; 1185 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1186 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1187 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1188 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1189 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1190 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1191 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1192 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1193 dev->noisecalc.nr_samples++; 1194 if (dev->noisecalc.nr_samples == 8) { 1195 /* Calculate the Link Quality by the noise samples. */ 1196 average = 0; 1197 for (i = 0; i < 8; i++) { 1198 for (j = 0; j < 4; j++) 1199 average += dev->noisecalc.samples[i][j]; 1200 } 1201 average /= (8 * 4); 1202 average *= 125; 1203 average += 64; 1204 average /= 128; 1205 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1206 tmp = (tmp / 128) & 0x1F; 1207 if (tmp >= 8) 1208 average += 2; 1209 else 1210 average -= 25; 1211 if (tmp == 8) 1212 average -= 72; 1213 else 1214 average -= 48; 1215 1216 dev->stats.link_noise = average; 1217 drop_calculation: 1218 dev->noisecalc.calculation_running = 0; 1219 return; 1220 } 1221 generate_new: 1222 b43_generate_noise_sample(dev); 1223} 1224 1225static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1226{ 1227 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) { 1228 ///TODO: PS TBTT 1229 } else { 1230 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1231 b43_power_saving_ctl_bits(dev, 0); 1232 } 1233 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) 1234 dev->dfq_valid = 1; 1235} 1236 1237static void handle_irq_atim_end(struct b43_wldev *dev) 1238{ 1239 if (dev->dfq_valid) { 1240 b43_write32(dev, B43_MMIO_MACCMD, 1241 b43_read32(dev, B43_MMIO_MACCMD) 1242 | B43_MACCMD_DFQ_VALID); 1243 dev->dfq_valid = 0; 1244 } 1245} 1246 1247static void handle_irq_pmq(struct b43_wldev *dev) 1248{ 1249 u32 tmp; 1250 1251 //TODO: AP mode. 1252 1253 while (1) { 1254 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1255 if (!(tmp & 0x00000008)) 1256 break; 1257 } 1258 /* 16bit write is odd, but correct. */ 1259 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1260} 1261 1262static void b43_write_template_common(struct b43_wldev *dev, 1263 const u8 * data, u16 size, 1264 u16 ram_offset, 1265 u16 shm_size_offset, u8 rate) 1266{ 1267 u32 i, tmp; 1268 struct b43_plcp_hdr4 plcp; 1269 1270 plcp.data = 0; 1271 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1272 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1273 ram_offset += sizeof(u32); 1274 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1275 * So leave the first two bytes of the next write blank. 1276 */ 1277 tmp = (u32) (data[0]) << 16; 1278 tmp |= (u32) (data[1]) << 24; 1279 b43_ram_write(dev, ram_offset, tmp); 1280 ram_offset += sizeof(u32); 1281 for (i = 2; i < size; i += sizeof(u32)) { 1282 tmp = (u32) (data[i + 0]); 1283 if (i + 1 < size) 1284 tmp |= (u32) (data[i + 1]) << 8; 1285 if (i + 2 < size) 1286 tmp |= (u32) (data[i + 2]) << 16; 1287 if (i + 3 < size) 1288 tmp |= (u32) (data[i + 3]) << 24; 1289 b43_ram_write(dev, ram_offset + i - 2, tmp); 1290 } 1291 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1292 size + sizeof(struct b43_plcp_hdr6)); 1293} 1294 1295/* Check if the use of the antenna that ieee80211 told us to 1296 * use is possible. This will fall back to DEFAULT. 1297 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1298u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1299 u8 antenna_nr) 1300{ 1301 u8 antenna_mask; 1302 1303 if (antenna_nr == 0) { 1304 /* Zero means "use default antenna". That's always OK. */ 1305 return 0; 1306 } 1307 1308 /* Get the mask of available antennas. */ 1309 if (dev->phy.gmode) 1310 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1311 else 1312 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1313 1314 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1315 /* This antenna is not available. Fall back to default. */ 1316 return 0; 1317 } 1318 1319 return antenna_nr; 1320} 1321 1322static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna) 1323{ 1324 antenna = b43_ieee80211_antenna_sanitize(dev, antenna); 1325 switch (antenna) { 1326 case 0: /* default/diversity */ 1327 return B43_ANTENNA_DEFAULT; 1328 case 1: /* Antenna 0 */ 1329 return B43_ANTENNA0; 1330 case 2: /* Antenna 1 */ 1331 return B43_ANTENNA1; 1332 case 3: /* Antenna 2 */ 1333 return B43_ANTENNA2; 1334 case 4: /* Antenna 3 */ 1335 return B43_ANTENNA3; 1336 default: 1337 return B43_ANTENNA_DEFAULT; 1338 } 1339} 1340 1341/* Convert a b43 antenna number value to the PHY TX control value. */ 1342static u16 b43_antenna_to_phyctl(int antenna) 1343{ 1344 switch (antenna) { 1345 case B43_ANTENNA0: 1346 return B43_TXH_PHY_ANT0; 1347 case B43_ANTENNA1: 1348 return B43_TXH_PHY_ANT1; 1349 case B43_ANTENNA2: 1350 return B43_TXH_PHY_ANT2; 1351 case B43_ANTENNA3: 1352 return B43_TXH_PHY_ANT3; 1353 case B43_ANTENNA_AUTO: 1354 return B43_TXH_PHY_ANT01AUTO; 1355 } 1356 B43_WARN_ON(1); 1357 return 0; 1358} 1359 1360static void b43_write_beacon_template(struct b43_wldev *dev, 1361 u16 ram_offset, 1362 u16 shm_size_offset) 1363{ 1364 unsigned int i, len, variable_len; 1365 const struct ieee80211_mgmt *bcn; 1366 const u8 *ie; 1367 bool tim_found = 0; 1368 unsigned int rate; 1369 u16 ctl; 1370 int antenna; 1371 1372 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1373 len = min((size_t) dev->wl->current_beacon->len, 1374 0x200 - sizeof(struct b43_plcp_hdr6)); 1375 rate = dev->wl->beacon_txctl.tx_rate->hw_value; 1376 1377 b43_write_template_common(dev, (const u8 *)bcn, 1378 len, ram_offset, shm_size_offset, rate); 1379 1380 /* Write the PHY TX control parameters. */ 1381 antenna = b43_antenna_from_ieee80211(dev, 1382 dev->wl->beacon_txctl.antenna_sel_tx); 1383 antenna = b43_antenna_to_phyctl(antenna); 1384 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1385 /* We can't send beacons with short preamble. Would get PHY errors. */ 1386 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1387 ctl &= ~B43_TXH_PHY_ANT; 1388 ctl &= ~B43_TXH_PHY_ENC; 1389 ctl |= antenna; 1390 if (b43_is_cck_rate(rate)) 1391 ctl |= B43_TXH_PHY_ENC_CCK; 1392 else 1393 ctl |= B43_TXH_PHY_ENC_OFDM; 1394 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1395 1396 /* Find the position of the TIM and the DTIM_period value 1397 * and write them to SHM. */ 1398 ie = bcn->u.beacon.variable; 1399 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1400 for (i = 0; i < variable_len - 2; ) { 1401 uint8_t ie_id, ie_len; 1402 1403 ie_id = ie[i]; 1404 ie_len = ie[i + 1]; 1405 if (ie_id == 5) { 1406 u16 tim_position; 1407 u16 dtim_period; 1408 /* This is the TIM Information Element */ 1409 1410 /* Check whether the ie_len is in the beacon data range. */ 1411 if (variable_len < ie_len + 2 + i) 1412 break; 1413 /* A valid TIM is at least 4 bytes long. */ 1414 if (ie_len < 4) 1415 break; 1416 tim_found = 1; 1417 1418 tim_position = sizeof(struct b43_plcp_hdr6); 1419 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1420 tim_position += i; 1421 1422 dtim_period = ie[i + 3]; 1423 1424 b43_shm_write16(dev, B43_SHM_SHARED, 1425 B43_SHM_SH_TIMBPOS, tim_position); 1426 b43_shm_write16(dev, B43_SHM_SHARED, 1427 B43_SHM_SH_DTIMPER, dtim_period); 1428 break; 1429 } 1430 i += ie_len + 2; 1431 } 1432 if (!tim_found) { 1433 b43warn(dev->wl, "Did not find a valid TIM IE in " 1434 "the beacon template packet. AP or IBSS operation " 1435 "may be broken.\n"); 1436 } else 1437 b43dbg(dev->wl, "Updated beacon template\n"); 1438} 1439 1440static void b43_write_probe_resp_plcp(struct b43_wldev *dev, 1441 u16 shm_offset, u16 size, 1442 struct ieee80211_rate *rate) 1443{ 1444 struct b43_plcp_hdr4 plcp; 1445 u32 tmp; 1446 __le16 dur; 1447 1448 plcp.data = 0; 1449 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value); 1450 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1451 dev->wl->vif, size, 1452 rate); 1453 /* Write PLCP in two parts and timing for packet transfer */ 1454 tmp = le32_to_cpu(plcp.data); 1455 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF); 1456 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16); 1457 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur)); 1458} 1459 1460/* Instead of using custom probe response template, this function 1461 * just patches custom beacon template by: 1462 * 1) Changing packet type 1463 * 2) Patching duration field 1464 * 3) Stripping TIM 1465 */ 1466static const u8 * b43_generate_probe_resp(struct b43_wldev *dev, 1467 u16 *dest_size, 1468 struct ieee80211_rate *rate) 1469{ 1470 const u8 *src_data; 1471 u8 *dest_data; 1472 u16 src_size, elem_size, src_pos, dest_pos; 1473 __le16 dur; 1474 struct ieee80211_hdr *hdr; 1475 size_t ie_start; 1476 1477 src_size = dev->wl->current_beacon->len; 1478 src_data = (const u8 *)dev->wl->current_beacon->data; 1479 1480 /* Get the start offset of the variable IEs in the packet. */ 1481 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable); 1482 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable)); 1483 1484 if (B43_WARN_ON(src_size < ie_start)) 1485 return NULL; 1486 1487 dest_data = kmalloc(src_size, GFP_ATOMIC); 1488 if (unlikely(!dest_data)) 1489 return NULL; 1490 1491 /* Copy the static data and all Information Elements, except the TIM. */ 1492 memcpy(dest_data, src_data, ie_start); 1493 src_pos = ie_start; 1494 dest_pos = ie_start; 1495 for ( ; src_pos < src_size - 2; src_pos += elem_size) { 1496 elem_size = src_data[src_pos + 1] + 2; 1497 if (src_data[src_pos] == 5) { 1498 /* This is the TIM. */ 1499 continue; 1500 } 1501 memcpy(dest_data + dest_pos, src_data + src_pos, 1502 elem_size); 1503 dest_pos += elem_size; 1504 } 1505 *dest_size = dest_pos; 1506 hdr = (struct ieee80211_hdr *)dest_data; 1507 1508 /* Set the frame control. */ 1509 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 1510 IEEE80211_STYPE_PROBE_RESP); 1511 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1512 dev->wl->vif, *dest_size, 1513 rate); 1514 hdr->duration_id = dur; 1515 1516 return dest_data; 1517} 1518 1519static void b43_write_probe_resp_template(struct b43_wldev *dev, 1520 u16 ram_offset, 1521 u16 shm_size_offset, 1522 struct ieee80211_rate *rate) 1523{ 1524 const u8 *probe_resp_data; 1525 u16 size; 1526 1527 size = dev->wl->current_beacon->len; 1528 probe_resp_data = b43_generate_probe_resp(dev, &size, rate); 1529 if (unlikely(!probe_resp_data)) 1530 return; 1531 1532 /* Looks like PLCP headers plus packet timings are stored for 1533 * all possible basic rates 1534 */ 1535 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]); 1536 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]); 1537 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]); 1538 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]); 1539 1540 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6)); 1541 b43_write_template_common(dev, probe_resp_data, 1542 size, ram_offset, shm_size_offset, 1543 rate->hw_value); 1544 kfree(probe_resp_data); 1545} 1546 1547static void handle_irq_beacon(struct b43_wldev *dev) 1548{ 1549 struct b43_wl *wl = dev->wl; 1550 u32 cmd, beacon0_valid, beacon1_valid; 1551 1552 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 1553 return; 1554 1555 /* This is the bottom half of the asynchronous beacon update. */ 1556 1557 /* Ignore interrupt in the future. */ 1558 dev->irq_savedstate &= ~B43_IRQ_BEACON; 1559 1560 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1561 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1562 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1563 1564 /* Schedule interrupt manually, if busy. */ 1565 if (beacon0_valid && beacon1_valid) { 1566 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1567 dev->irq_savedstate |= B43_IRQ_BEACON; 1568 return; 1569 } 1570 1571 if (!beacon0_valid) { 1572 if (!wl->beacon0_uploaded) { 1573 b43_write_beacon_template(dev, 0x68, 0x18); 1574 b43_write_probe_resp_template(dev, 0x268, 0x4A, 1575 &__b43_ratetable[3]); 1576 wl->beacon0_uploaded = 1; 1577 } 1578 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1579 cmd |= B43_MACCMD_BEACON0_VALID; 1580 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1581 } else if (!beacon1_valid) { 1582 if (!wl->beacon1_uploaded) { 1583 b43_write_beacon_template(dev, 0x468, 0x1A); 1584 wl->beacon1_uploaded = 1; 1585 } 1586 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1587 cmd |= B43_MACCMD_BEACON1_VALID; 1588 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1589 } 1590} 1591 1592static void b43_beacon_update_trigger_work(struct work_struct *work) 1593{ 1594 struct b43_wl *wl = container_of(work, struct b43_wl, 1595 beacon_update_trigger); 1596 struct b43_wldev *dev; 1597 1598 mutex_lock(&wl->mutex); 1599 dev = wl->current_dev; 1600 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1601 spin_lock_irq(&wl->irq_lock); 1602 /* update beacon right away or defer to irq */ 1603 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1604 handle_irq_beacon(dev); 1605 /* The handler might have updated the IRQ mask. */ 1606 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 1607 dev->irq_savedstate); 1608 mmiowb(); 1609 spin_unlock_irq(&wl->irq_lock); 1610 } 1611 mutex_unlock(&wl->mutex); 1612} 1613 1614/* Asynchronously update the packet templates in template RAM. 1615 * Locking: Requires wl->irq_lock to be locked. */ 1616static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon, 1617 const struct ieee80211_tx_control *txctl) 1618{ 1619 /* This is the top half of the ansynchronous beacon update. 1620 * The bottom half is the beacon IRQ. 1621 * Beacon update must be asynchronous to avoid sending an 1622 * invalid beacon. This can happen for example, if the firmware 1623 * transmits a beacon while we are updating it. */ 1624 1625 if (wl->current_beacon) 1626 dev_kfree_skb_any(wl->current_beacon); 1627 wl->current_beacon = beacon; 1628 memcpy(&wl->beacon_txctl, txctl, sizeof(wl->beacon_txctl)); 1629 wl->beacon0_uploaded = 0; 1630 wl->beacon1_uploaded = 0; 1631 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger); 1632} 1633 1634static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len) 1635{ 1636 u32 tmp; 1637 u16 i, len; 1638 1639 len = min((u16) ssid_len, (u16) 0x100); 1640 for (i = 0; i < len; i += sizeof(u32)) { 1641 tmp = (u32) (ssid[i + 0]); 1642 if (i + 1 < len) 1643 tmp |= (u32) (ssid[i + 1]) << 8; 1644 if (i + 2 < len) 1645 tmp |= (u32) (ssid[i + 2]) << 16; 1646 if (i + 3 < len) 1647 tmp |= (u32) (ssid[i + 3]) << 24; 1648 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp); 1649 } 1650 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len); 1651} 1652 1653static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1654{ 1655 b43_time_lock(dev); 1656 if (dev->dev->id.revision >= 3) { 1657 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1658 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1659 } else { 1660 b43_write16(dev, 0x606, (beacon_int >> 6)); 1661 b43_write16(dev, 0x610, beacon_int); 1662 } 1663 b43_time_unlock(dev); 1664 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1665} 1666 1667static void handle_irq_ucode_debug(struct b43_wldev *dev) 1668{ 1669 //TODO 1670} 1671 1672/* Interrupt handler bottom-half */ 1673static void b43_interrupt_tasklet(struct b43_wldev *dev) 1674{ 1675 u32 reason; 1676 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1677 u32 merged_dma_reason = 0; 1678 int i; 1679 unsigned long flags; 1680 1681 spin_lock_irqsave(&dev->wl->irq_lock, flags); 1682 1683 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED); 1684 1685 reason = dev->irq_reason; 1686 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1687 dma_reason[i] = dev->dma_reason[i]; 1688 merged_dma_reason |= dma_reason[i]; 1689 } 1690 1691 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1692 b43err(dev->wl, "MAC transmission error\n"); 1693 1694 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1695 b43err(dev->wl, "PHY transmission error\n"); 1696 rmb(); 1697 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1698 atomic_set(&dev->phy.txerr_cnt, 1699 B43_PHY_TX_BADNESS_LIMIT); 1700 b43err(dev->wl, "Too many PHY TX errors, " 1701 "restarting the controller\n"); 1702 b43_controller_restart(dev, "PHY TX errors"); 1703 } 1704 } 1705 1706 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1707 B43_DMAIRQ_NONFATALMASK))) { 1708 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1709 b43err(dev->wl, "Fatal DMA error: " 1710 "0x%08X, 0x%08X, 0x%08X, " 1711 "0x%08X, 0x%08X, 0x%08X\n", 1712 dma_reason[0], dma_reason[1], 1713 dma_reason[2], dma_reason[3], 1714 dma_reason[4], dma_reason[5]); 1715 b43_controller_restart(dev, "DMA error"); 1716 mmiowb(); 1717 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1718 return; 1719 } 1720 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1721 b43err(dev->wl, "DMA error: " 1722 "0x%08X, 0x%08X, 0x%08X, " 1723 "0x%08X, 0x%08X, 0x%08X\n", 1724 dma_reason[0], dma_reason[1], 1725 dma_reason[2], dma_reason[3], 1726 dma_reason[4], dma_reason[5]); 1727 } 1728 } 1729 1730 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1731 handle_irq_ucode_debug(dev); 1732 if (reason & B43_IRQ_TBTT_INDI) 1733 handle_irq_tbtt_indication(dev); 1734 if (reason & B43_IRQ_ATIM_END) 1735 handle_irq_atim_end(dev); 1736 if (reason & B43_IRQ_BEACON) 1737 handle_irq_beacon(dev); 1738 if (reason & B43_IRQ_PMQ) 1739 handle_irq_pmq(dev); 1740 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1741 ;/* TODO */ 1742 if (reason & B43_IRQ_NOISESAMPLE_OK) 1743 handle_irq_noise(dev); 1744 1745 /* Check the DMA reason registers for received data. */ 1746 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1747 if (b43_using_pio_transfers(dev)) 1748 b43_pio_rx(dev->pio.rx_queue); 1749 else 1750 b43_dma_rx(dev->dma.rx_ring); 1751 } 1752 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1753 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1754 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1755 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1756 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1757 1758 if (reason & B43_IRQ_TX_OK) 1759 handle_irq_transmit_status(dev); 1760 1761 b43_interrupt_enable(dev, dev->irq_savedstate); 1762 mmiowb(); 1763 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1764} 1765 1766static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason) 1767{ 1768 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1769 1770 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1771 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1772 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1773 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1774 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1775 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1776} 1777 1778/* Interrupt handler top-half */ 1779static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1780{ 1781 irqreturn_t ret = IRQ_NONE; 1782 struct b43_wldev *dev = dev_id; 1783 u32 reason; 1784 1785 if (!dev) 1786 return IRQ_NONE; 1787 1788 spin_lock(&dev->wl->irq_lock); 1789 1790 if (b43_status(dev) < B43_STAT_STARTED) 1791 goto out; 1792 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1793 if (reason == 0xffffffff) /* shared IRQ */ 1794 goto out; 1795 ret = IRQ_HANDLED; 1796 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1797 if (!reason) 1798 goto out; 1799 1800 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1801 & 0x0001DC00; 1802 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1803 & 0x0000DC00; 1804 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1805 & 0x0000DC00; 1806 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1807 & 0x0001DC00; 1808 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1809 & 0x0000DC00; 1810 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1811 & 0x0000DC00; 1812 1813 b43_interrupt_ack(dev, reason); 1814 /* disable all IRQs. They are enabled again in the bottom half. */ 1815 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 1816 /* save the reason code and call our bottom half. */ 1817 dev->irq_reason = reason; 1818 tasklet_schedule(&dev->isr_tasklet); 1819 out: 1820 mmiowb(); 1821 spin_unlock(&dev->wl->irq_lock); 1822 1823 return ret; 1824} 1825 1826static void do_release_fw(struct b43_firmware_file *fw) 1827{ 1828 release_firmware(fw->data); 1829 fw->data = NULL; 1830 fw->filename = NULL; 1831} 1832 1833static void b43_release_firmware(struct b43_wldev *dev) 1834{ 1835 do_release_fw(&dev->fw.ucode); 1836 do_release_fw(&dev->fw.pcm); 1837 do_release_fw(&dev->fw.initvals); 1838 do_release_fw(&dev->fw.initvals_band); 1839} 1840 1841static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1842{ 1843 const char *text; 1844 1845 text = "You must go to " 1846 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware " 1847 "and download the latest firmware (version 4).\n"; 1848 if (error) 1849 b43err(wl, text); 1850 else 1851 b43warn(wl, text); 1852} 1853 1854static int do_request_fw(struct b43_wldev *dev, 1855 const char *name, 1856 struct b43_firmware_file *fw) 1857{ 1858 char path[sizeof(modparam_fwpostfix) + 32]; 1859 const struct firmware *blob; 1860 struct b43_fw_header *hdr; 1861 u32 size; 1862 int err; 1863 1864 if (!name) { 1865 /* Don't fetch anything. Free possibly cached firmware. */ 1866 do_release_fw(fw); 1867 return 0; 1868 } 1869 if (fw->filename) { 1870 if (strcmp(fw->filename, name) == 0) 1871 return 0; /* Already have this fw. */ 1872 /* Free the cached firmware first. */ 1873 do_release_fw(fw); 1874 } 1875 1876 snprintf(path, ARRAY_SIZE(path), 1877 "b43%s/%s.fw", 1878 modparam_fwpostfix, name); 1879 err = request_firmware(&blob, path, dev->dev->dev); 1880 if (err) { 1881 b43err(dev->wl, "Firmware file \"%s\" not found " 1882 "or load failed.\n", path); 1883 return err; 1884 } 1885 if (blob->size < sizeof(struct b43_fw_header)) 1886 goto err_format; 1887 hdr = (struct b43_fw_header *)(blob->data); 1888 switch (hdr->type) { 1889 case B43_FW_TYPE_UCODE: 1890 case B43_FW_TYPE_PCM: 1891 size = be32_to_cpu(hdr->size); 1892 if (size != blob->size - sizeof(struct b43_fw_header)) 1893 goto err_format; 1894 /* fallthrough */ 1895 case B43_FW_TYPE_IV: 1896 if (hdr->ver != 1) 1897 goto err_format; 1898 break; 1899 default: 1900 goto err_format; 1901 } 1902 1903 fw->data = blob; 1904 fw->filename = name; 1905 1906 return 0; 1907 1908err_format: 1909 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path); 1910 release_firmware(blob); 1911 1912 return -EPROTO; 1913} 1914 1915static int b43_request_firmware(struct b43_wldev *dev) 1916{ 1917 struct b43_firmware *fw = &dev->fw; 1918 const u8 rev = dev->dev->id.revision; 1919 const char *filename; 1920 u32 tmshigh; 1921 int err; 1922 1923 /* Get microcode */ 1924 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 1925 if ((rev >= 5) && (rev <= 10)) 1926 filename = "ucode5"; 1927 else if ((rev >= 11) && (rev <= 12)) 1928 filename = "ucode11"; 1929 else if (rev >= 13) 1930 filename = "ucode13"; 1931 else 1932 goto err_no_ucode; 1933 err = do_request_fw(dev, filename, &fw->ucode); 1934 if (err) 1935 goto err_load; 1936 1937 /* Get PCM code */ 1938 if ((rev >= 5) && (rev <= 10)) 1939 filename = "pcm5"; 1940 else if (rev >= 11) 1941 filename = NULL; 1942 else 1943 goto err_no_pcm; 1944 err = do_request_fw(dev, filename, &fw->pcm); 1945 if (err) 1946 goto err_load; 1947 1948 /* Get initvals */ 1949 switch (dev->phy.type) { 1950 case B43_PHYTYPE_A: 1951 if ((rev >= 5) && (rev <= 10)) { 1952 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1953 filename = "a0g1initvals5"; 1954 else 1955 filename = "a0g0initvals5"; 1956 } else 1957 goto err_no_initvals; 1958 break; 1959 case B43_PHYTYPE_G: 1960 if ((rev >= 5) && (rev <= 10)) 1961 filename = "b0g0initvals5"; 1962 else if (rev >= 13) 1963 filename = "lp0initvals13"; 1964 else 1965 goto err_no_initvals; 1966 break; 1967 case B43_PHYTYPE_N: 1968 if ((rev >= 11) && (rev <= 12)) 1969 filename = "n0initvals11"; 1970 else 1971 goto err_no_initvals; 1972 break; 1973 default: 1974 goto err_no_initvals; 1975 } 1976 err = do_request_fw(dev, filename, &fw->initvals); 1977 if (err) 1978 goto err_load; 1979 1980 /* Get bandswitch initvals */ 1981 switch (dev->phy.type) { 1982 case B43_PHYTYPE_A: 1983 if ((rev >= 5) && (rev <= 10)) { 1984 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1985 filename = "a0g1bsinitvals5"; 1986 else 1987 filename = "a0g0bsinitvals5"; 1988 } else if (rev >= 11) 1989 filename = NULL; 1990 else 1991 goto err_no_initvals; 1992 break; 1993 case B43_PHYTYPE_G: 1994 if ((rev >= 5) && (rev <= 10)) 1995 filename = "b0g0bsinitvals5"; 1996 else if (rev >= 11) 1997 filename = NULL; 1998 else 1999 goto err_no_initvals; 2000 break; 2001 case B43_PHYTYPE_N: 2002 if ((rev >= 11) && (rev <= 12)) 2003 filename = "n0bsinitvals11"; 2004 else 2005 goto err_no_initvals; 2006 break; 2007 default: 2008 goto err_no_initvals; 2009 } 2010 err = do_request_fw(dev, filename, &fw->initvals_band); 2011 if (err) 2012 goto err_load; 2013 2014 return 0; 2015 2016err_load: 2017 b43_print_fw_helptext(dev->wl, 1); 2018 goto error; 2019 2020err_no_ucode: 2021 err = -ENODEV; 2022 b43err(dev->wl, "No microcode available for core rev %u\n", rev); 2023 goto error; 2024 2025err_no_pcm: 2026 err = -ENODEV; 2027 b43err(dev->wl, "No PCM available for core rev %u\n", rev); 2028 goto error; 2029 2030err_no_initvals: 2031 err = -ENODEV; 2032 b43err(dev->wl, "No Initial Values firmware file for PHY %u, " 2033 "core rev %u\n", dev->phy.type, rev); 2034 goto error; 2035 2036error: 2037 b43_release_firmware(dev); 2038 return err; 2039} 2040 2041static int b43_upload_microcode(struct b43_wldev *dev) 2042{ 2043 const size_t hdr_len = sizeof(struct b43_fw_header); 2044 const __be32 *data; 2045 unsigned int i, len; 2046 u16 fwrev, fwpatch, fwdate, fwtime; 2047 u32 tmp, macctl; 2048 int err = 0; 2049 2050 /* Jump the microcode PSM to offset 0 */ 2051 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2052 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2053 macctl |= B43_MACCTL_PSM_JMP0; 2054 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2055 /* Zero out all microcode PSM registers and shared memory. */ 2056 for (i = 0; i < 64; i++) 2057 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2058 for (i = 0; i < 4096; i += 2) 2059 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2060 2061 /* Upload Microcode. */ 2062 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2063 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2064 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2065 for (i = 0; i < len; i++) { 2066 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2067 udelay(10); 2068 } 2069 2070 if (dev->fw.pcm.data) { 2071 /* Upload PCM data. */ 2072 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2073 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2074 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2075 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2076 /* No need for autoinc bit in SHM_HW */ 2077 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2078 for (i = 0; i < len; i++) { 2079 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2080 udelay(10); 2081 } 2082 } 2083 2084 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2085 2086 /* Start the microcode PSM */ 2087 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2088 macctl &= ~B43_MACCTL_PSM_JMP0; 2089 macctl |= B43_MACCTL_PSM_RUN; 2090 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2091 2092 /* Wait for the microcode to load and respond */ 2093 i = 0; 2094 while (1) { 2095 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2096 if (tmp == B43_IRQ_MAC_SUSPENDED) 2097 break; 2098 i++; 2099 if (i >= 20) { 2100 b43err(dev->wl, "Microcode not responding\n"); 2101 b43_print_fw_helptext(dev->wl, 1); 2102 err = -ENODEV; 2103 goto error; 2104 } 2105 msleep_interruptible(50); 2106 if (signal_pending(current)) { 2107 err = -EINTR; 2108 goto error; 2109 } 2110 } 2111 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2112 2113 /* Get and check the revisions. */ 2114 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2115 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2116 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2117 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2118 2119 if (fwrev <= 0x128) { 2120 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2121 "binary drivers older than version 4.x is unsupported. " 2122 "You must upgrade your firmware files.\n"); 2123 b43_print_fw_helptext(dev->wl, 1); 2124 err = -EOPNOTSUPP; 2125 goto error; 2126 } 2127 b43info(dev->wl, "Loading firmware version %u.%u " 2128 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2129 fwrev, fwpatch, 2130 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2131 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2132 2133 dev->fw.rev = fwrev; 2134 dev->fw.patch = fwpatch; 2135 2136 if (b43_is_old_txhdr_format(dev)) { 2137 b43warn(dev->wl, "You are using an old firmware image. " 2138 "Support for old firmware will be removed in July 2008.\n"); 2139 b43_print_fw_helptext(dev->wl, 0); 2140 } 2141 2142 return 0; 2143 2144error: 2145 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2146 macctl &= ~B43_MACCTL_PSM_RUN; 2147 macctl |= B43_MACCTL_PSM_JMP0; 2148 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2149 2150 return err; 2151} 2152 2153static int b43_write_initvals(struct b43_wldev *dev, 2154 const struct b43_iv *ivals, 2155 size_t count, 2156 size_t array_size) 2157{ 2158 const struct b43_iv *iv; 2159 u16 offset; 2160 size_t i; 2161 bool bit32; 2162 2163 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2164 iv = ivals; 2165 for (i = 0; i < count; i++) { 2166 if (array_size < sizeof(iv->offset_size)) 2167 goto err_format; 2168 array_size -= sizeof(iv->offset_size); 2169 offset = be16_to_cpu(iv->offset_size); 2170 bit32 = !!(offset & B43_IV_32BIT); 2171 offset &= B43_IV_OFFSET_MASK; 2172 if (offset >= 0x1000) 2173 goto err_format; 2174 if (bit32) { 2175 u32 value; 2176 2177 if (array_size < sizeof(iv->data.d32)) 2178 goto err_format; 2179 array_size -= sizeof(iv->data.d32); 2180 2181 value = get_unaligned_be32(&iv->data.d32); 2182 b43_write32(dev, offset, value); 2183 2184 iv = (const struct b43_iv *)((const uint8_t *)iv + 2185 sizeof(__be16) + 2186 sizeof(__be32)); 2187 } else { 2188 u16 value; 2189 2190 if (array_size < sizeof(iv->data.d16)) 2191 goto err_format; 2192 array_size -= sizeof(iv->data.d16); 2193 2194 value = be16_to_cpu(iv->data.d16); 2195 b43_write16(dev, offset, value); 2196 2197 iv = (const struct b43_iv *)((const uint8_t *)iv + 2198 sizeof(__be16) + 2199 sizeof(__be16)); 2200 } 2201 } 2202 if (array_size) 2203 goto err_format; 2204 2205 return 0; 2206 2207err_format: 2208 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2209 b43_print_fw_helptext(dev->wl, 1); 2210 2211 return -EPROTO; 2212} 2213 2214static int b43_upload_initvals(struct b43_wldev *dev) 2215{ 2216 const size_t hdr_len = sizeof(struct b43_fw_header); 2217 const struct b43_fw_header *hdr; 2218 struct b43_firmware *fw = &dev->fw; 2219 const struct b43_iv *ivals; 2220 size_t count; 2221 int err; 2222 2223 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2224 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2225 count = be32_to_cpu(hdr->size); 2226 err = b43_write_initvals(dev, ivals, count, 2227 fw->initvals.data->size - hdr_len); 2228 if (err) 2229 goto out; 2230 if (fw->initvals_band.data) { 2231 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2232 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2233 count = be32_to_cpu(hdr->size); 2234 err = b43_write_initvals(dev, ivals, count, 2235 fw->initvals_band.data->size - hdr_len); 2236 if (err) 2237 goto out; 2238 } 2239out: 2240 2241 return err; 2242} 2243 2244/* Initialize the GPIOs 2245 * http://bcm-specs.sipsolutions.net/GPIO 2246 */ 2247static int b43_gpio_init(struct b43_wldev *dev) 2248{ 2249 struct ssb_bus *bus = dev->dev->bus; 2250 struct ssb_device *gpiodev, *pcidev = NULL; 2251 u32 mask, set; 2252 2253 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2254 & ~B43_MACCTL_GPOUTSMSK); 2255 2256 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2257 | 0x000F); 2258 2259 mask = 0x0000001F; 2260 set = 0x0000000F; 2261 if (dev->dev->bus->chip_id == 0x4301) { 2262 mask |= 0x0060; 2263 set |= 0x0060; 2264 } 2265 if (0 /* FIXME: conditional unknown */ ) { 2266 b43_write16(dev, B43_MMIO_GPIO_MASK, 2267 b43_read16(dev, B43_MMIO_GPIO_MASK) 2268 | 0x0100); 2269 mask |= 0x0180; 2270 set |= 0x0180; 2271 } 2272 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2273 b43_write16(dev, B43_MMIO_GPIO_MASK, 2274 b43_read16(dev, B43_MMIO_GPIO_MASK) 2275 | 0x0200); 2276 mask |= 0x0200; 2277 set |= 0x0200; 2278 } 2279 if (dev->dev->id.revision >= 2) 2280 mask |= 0x0010; /* FIXME: This is redundant. */ 2281 2282#ifdef CONFIG_SSB_DRIVER_PCICORE 2283 pcidev = bus->pcicore.dev; 2284#endif 2285 gpiodev = bus->chipco.dev ? : pcidev; 2286 if (!gpiodev) 2287 return 0; 2288 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2289 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2290 & mask) | set); 2291 2292 return 0; 2293} 2294 2295/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2296static void b43_gpio_cleanup(struct b43_wldev *dev) 2297{ 2298 struct ssb_bus *bus = dev->dev->bus; 2299 struct ssb_device *gpiodev, *pcidev = NULL; 2300 2301#ifdef CONFIG_SSB_DRIVER_PCICORE 2302 pcidev = bus->pcicore.dev; 2303#endif 2304 gpiodev = bus->chipco.dev ? : pcidev; 2305 if (!gpiodev) 2306 return; 2307 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2308} 2309 2310/* http://bcm-specs.sipsolutions.net/EnableMac */ 2311void b43_mac_enable(struct b43_wldev *dev) 2312{ 2313 dev->mac_suspended--; 2314 B43_WARN_ON(dev->mac_suspended < 0); 2315 if (dev->mac_suspended == 0) { 2316 b43_write32(dev, B43_MMIO_MACCTL, 2317 b43_read32(dev, B43_MMIO_MACCTL) 2318 | B43_MACCTL_ENABLED); 2319 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2320 B43_IRQ_MAC_SUSPENDED); 2321 /* Commit writes */ 2322 b43_read32(dev, B43_MMIO_MACCTL); 2323 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2324 b43_power_saving_ctl_bits(dev, 0); 2325 } 2326} 2327 2328/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2329void b43_mac_suspend(struct b43_wldev *dev) 2330{ 2331 int i; 2332 u32 tmp; 2333 2334 might_sleep(); 2335 B43_WARN_ON(dev->mac_suspended < 0); 2336 2337 if (dev->mac_suspended == 0) { 2338 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2339 b43_write32(dev, B43_MMIO_MACCTL, 2340 b43_read32(dev, B43_MMIO_MACCTL) 2341 & ~B43_MACCTL_ENABLED); 2342 /* force pci to flush the write */ 2343 b43_read32(dev, B43_MMIO_MACCTL); 2344 for (i = 35; i; i--) { 2345 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2346 if (tmp & B43_IRQ_MAC_SUSPENDED) 2347 goto out; 2348 udelay(10); 2349 } 2350 /* Hm, it seems this will take some time. Use msleep(). */ 2351 for (i = 40; i; i--) { 2352 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2353 if (tmp & B43_IRQ_MAC_SUSPENDED) 2354 goto out; 2355 msleep(1); 2356 } 2357 b43err(dev->wl, "MAC suspend failed\n"); 2358 } 2359out: 2360 dev->mac_suspended++; 2361} 2362 2363static void b43_adjust_opmode(struct b43_wldev *dev) 2364{ 2365 struct b43_wl *wl = dev->wl; 2366 u32 ctl; 2367 u16 cfp_pretbtt; 2368 2369 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2370 /* Reset status to STA infrastructure mode. */ 2371 ctl &= ~B43_MACCTL_AP; 2372 ctl &= ~B43_MACCTL_KEEP_CTL; 2373 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2374 ctl &= ~B43_MACCTL_KEEP_BAD; 2375 ctl &= ~B43_MACCTL_PROMISC; 2376 ctl &= ~B43_MACCTL_BEACPROMISC; 2377 ctl |= B43_MACCTL_INFRA; 2378 2379 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 2380 ctl |= B43_MACCTL_AP; 2381 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS)) 2382 ctl &= ~B43_MACCTL_INFRA; 2383 2384 if (wl->filter_flags & FIF_CONTROL) 2385 ctl |= B43_MACCTL_KEEP_CTL; 2386 if (wl->filter_flags & FIF_FCSFAIL) 2387 ctl |= B43_MACCTL_KEEP_BAD; 2388 if (wl->filter_flags & FIF_PLCPFAIL) 2389 ctl |= B43_MACCTL_KEEP_BADPLCP; 2390 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2391 ctl |= B43_MACCTL_PROMISC; 2392 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2393 ctl |= B43_MACCTL_BEACPROMISC; 2394 2395 /* Workaround: On old hardware the HW-MAC-address-filter 2396 * doesn't work properly, so always run promisc in filter 2397 * it in software. */ 2398 if (dev->dev->id.revision <= 4) 2399 ctl |= B43_MACCTL_PROMISC; 2400 2401 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2402 2403 cfp_pretbtt = 2; 2404 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2405 if (dev->dev->bus->chip_id == 0x4306 && 2406 dev->dev->bus->chip_rev == 3) 2407 cfp_pretbtt = 100; 2408 else 2409 cfp_pretbtt = 50; 2410 } 2411 b43_write16(dev, 0x612, cfp_pretbtt); 2412} 2413 2414static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2415{ 2416 u16 offset; 2417 2418 if (is_ofdm) { 2419 offset = 0x480; 2420 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2421 } else { 2422 offset = 0x4C0; 2423 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2424 } 2425 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2426 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2427} 2428 2429static void b43_rate_memory_init(struct b43_wldev *dev) 2430{ 2431 switch (dev->phy.type) { 2432 case B43_PHYTYPE_A: 2433 case B43_PHYTYPE_G: 2434 case B43_PHYTYPE_N: 2435 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2436 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2437 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2438 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2439 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2440 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2441 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2442 if (dev->phy.type == B43_PHYTYPE_A) 2443 break; 2444 /* fallthrough */ 2445 case B43_PHYTYPE_B: 2446 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2447 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2448 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2449 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2450 break; 2451 default: 2452 B43_WARN_ON(1); 2453 } 2454} 2455 2456/* Set the default values for the PHY TX Control Words. */ 2457static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2458{ 2459 u16 ctl = 0; 2460 2461 ctl |= B43_TXH_PHY_ENC_CCK; 2462 ctl |= B43_TXH_PHY_ANT01AUTO; 2463 ctl |= B43_TXH_PHY_TXPWR; 2464 2465 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2466 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2467 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2468} 2469 2470/* Set the TX-Antenna for management frames sent by firmware. */ 2471static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2472{ 2473 u16 ant; 2474 u16 tmp; 2475 2476 ant = b43_antenna_to_phyctl(antenna); 2477 2478 /* For ACK/CTS */ 2479 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2480 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2481 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2482 /* For Probe Resposes */ 2483 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2484 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2485 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2486} 2487 2488/* This is the opposite of b43_chip_init() */ 2489static void b43_chip_exit(struct b43_wldev *dev) 2490{ 2491 b43_radio_turn_off(dev, 1); 2492 b43_gpio_cleanup(dev); 2493 b43_lo_g_cleanup(dev); 2494 /* firmware is released later */ 2495} 2496 2497/* Initialize the chip 2498 * http://bcm-specs.sipsolutions.net/ChipInit 2499 */ 2500static int b43_chip_init(struct b43_wldev *dev) 2501{ 2502 struct b43_phy *phy = &dev->phy; 2503 int err, tmp; 2504 u32 value32, macctl; 2505 u16 value16; 2506 2507 /* Initialize the MAC control */ 2508 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2509 if (dev->phy.gmode) 2510 macctl |= B43_MACCTL_GMODE; 2511 macctl |= B43_MACCTL_INFRA; 2512 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2513 2514 err = b43_request_firmware(dev); 2515 if (err) 2516 goto out; 2517 err = b43_upload_microcode(dev); 2518 if (err) 2519 goto out; /* firmware is released later */ 2520 2521 err = b43_gpio_init(dev); 2522 if (err) 2523 goto out; /* firmware is released later */ 2524 2525 err = b43_upload_initvals(dev); 2526 if (err) 2527 goto err_gpio_clean; 2528 b43_radio_turn_on(dev); 2529 2530 b43_write16(dev, 0x03E6, 0x0000); 2531 err = b43_phy_init(dev); 2532 if (err) 2533 goto err_radio_off; 2534 2535 /* Select initial Interference Mitigation. */ 2536 tmp = phy->interfmode; 2537 phy->interfmode = B43_INTERFMODE_NONE; 2538 b43_radio_set_interference_mitigation(dev, tmp); 2539 2540 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2541 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2542 2543 if (phy->type == B43_PHYTYPE_B) { 2544 value16 = b43_read16(dev, 0x005E); 2545 value16 |= 0x0004; 2546 b43_write16(dev, 0x005E, value16); 2547 } 2548 b43_write32(dev, 0x0100, 0x01000000); 2549 if (dev->dev->id.revision < 5) 2550 b43_write32(dev, 0x010C, 0x01000000); 2551 2552 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2553 & ~B43_MACCTL_INFRA); 2554 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2555 | B43_MACCTL_INFRA); 2556 2557 /* Probe Response Timeout value */ 2558 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2559 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2560 2561 /* Initially set the wireless operation mode. */ 2562 b43_adjust_opmode(dev); 2563 2564 if (dev->dev->id.revision < 3) { 2565 b43_write16(dev, 0x060E, 0x0000); 2566 b43_write16(dev, 0x0610, 0x8000); 2567 b43_write16(dev, 0x0604, 0x0000); 2568 b43_write16(dev, 0x0606, 0x0200); 2569 } else { 2570 b43_write32(dev, 0x0188, 0x80000000); 2571 b43_write32(dev, 0x018C, 0x02000000); 2572 } 2573 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2574 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2575 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2576 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2577 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2578 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2579 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2580 2581 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2582 value32 |= 0x00100000; 2583 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2584 2585 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2586 dev->dev->bus->chipco.fast_pwrup_delay); 2587 2588 err = 0; 2589 b43dbg(dev->wl, "Chip initialized\n"); 2590out: 2591 return err; 2592 2593err_radio_off: 2594 b43_radio_turn_off(dev, 1); 2595err_gpio_clean: 2596 b43_gpio_cleanup(dev); 2597 return err; 2598} 2599 2600static void b43_periodic_every60sec(struct b43_wldev *dev) 2601{ 2602 struct b43_phy *phy = &dev->phy; 2603 2604 if (phy->type != B43_PHYTYPE_G) 2605 return; 2606 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) { 2607 b43_mac_suspend(dev); 2608 b43_calc_nrssi_slope(dev); 2609 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) { 2610 u8 old_chan = phy->channel; 2611 2612 /* VCO Calibration */ 2613 if (old_chan >= 8) 2614 b43_radio_selectchannel(dev, 1, 0); 2615 else 2616 b43_radio_selectchannel(dev, 13, 0); 2617 b43_radio_selectchannel(dev, old_chan, 0); 2618 } 2619 b43_mac_enable(dev); 2620 } 2621} 2622 2623static void b43_periodic_every30sec(struct b43_wldev *dev) 2624{ 2625 /* Update device statistics. */ 2626 b43_calculate_link_quality(dev); 2627} 2628 2629static void b43_periodic_every15sec(struct b43_wldev *dev) 2630{ 2631 struct b43_phy *phy = &dev->phy; 2632 2633 if (phy->type == B43_PHYTYPE_G) { 2634 //TODO: update_aci_moving_average 2635 if (phy->aci_enable && phy->aci_wlan_automatic) { 2636 b43_mac_suspend(dev); 2637 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) { 2638 if (0 /*TODO: bunch of conditions */ ) { 2639 b43_radio_set_interference_mitigation 2640 (dev, B43_INTERFMODE_MANUALWLAN); 2641 } 2642 } else if (1 /*TODO*/) { 2643 /* 2644 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) { 2645 b43_radio_set_interference_mitigation(dev, 2646 B43_INTERFMODE_NONE); 2647 } 2648 */ 2649 } 2650 b43_mac_enable(dev); 2651 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN && 2652 phy->rev == 1) { 2653 //TODO: implement rev1 workaround 2654 } 2655 } 2656 b43_phy_xmitpower(dev); //FIXME: unless scanning? 2657 b43_lo_g_maintanance_work(dev); 2658 //TODO for APHY (temperature?) 2659 2660 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2661 wmb(); 2662} 2663 2664static void do_periodic_work(struct b43_wldev *dev) 2665{ 2666 unsigned int state; 2667 2668 state = dev->periodic_state; 2669 if (state % 4 == 0) 2670 b43_periodic_every60sec(dev); 2671 if (state % 2 == 0) 2672 b43_periodic_every30sec(dev); 2673 b43_periodic_every15sec(dev); 2674} 2675 2676/* Periodic work locking policy: 2677 * The whole periodic work handler is protected by 2678 * wl->mutex. If another lock is needed somewhere in the 2679 * pwork callchain, it's aquired in-place, where it's needed. 2680 */ 2681static void b43_periodic_work_handler(struct work_struct *work) 2682{ 2683 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2684 periodic_work.work); 2685 struct b43_wl *wl = dev->wl; 2686 unsigned long delay; 2687 2688 mutex_lock(&wl->mutex); 2689 2690 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2691 goto out; 2692 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2693 goto out_requeue; 2694 2695 do_periodic_work(dev); 2696 2697 dev->periodic_state++; 2698out_requeue: 2699 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2700 delay = msecs_to_jiffies(50); 2701 else 2702 delay = round_jiffies_relative(HZ * 15); 2703 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay); 2704out: 2705 mutex_unlock(&wl->mutex); 2706} 2707 2708static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2709{ 2710 struct delayed_work *work = &dev->periodic_work; 2711 2712 dev->periodic_state = 0; 2713 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2714 queue_delayed_work(dev->wl->hw->workqueue, work, 0); 2715} 2716 2717/* Check if communication with the device works correctly. */ 2718static int b43_validate_chipaccess(struct b43_wldev *dev) 2719{ 2720 u32 v, backup; 2721 2722 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0); 2723 2724 /* Check for read/write and endianness problems. */ 2725 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 2726 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 2727 goto error; 2728 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 2729 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 2730 goto error; 2731 2732 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup); 2733 2734 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 2735 /* The 32bit register shadows the two 16bit registers 2736 * with update sideeffects. Validate this. */ 2737 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 2738 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 2739 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 2740 goto error; 2741 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 2742 goto error; 2743 } 2744 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 2745 2746 v = b43_read32(dev, B43_MMIO_MACCTL); 2747 v |= B43_MACCTL_GMODE; 2748 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 2749 goto error; 2750 2751 return 0; 2752error: 2753 b43err(dev->wl, "Failed to validate the chipaccess\n"); 2754 return -ENODEV; 2755} 2756 2757static void b43_security_init(struct b43_wldev *dev) 2758{ 2759 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20; 2760 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key)); 2761 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 2762 /* KTP is a word address, but we address SHM bytewise. 2763 * So multiply by two. 2764 */ 2765 dev->ktp *= 2; 2766 if (dev->dev->id.revision >= 5) { 2767 /* Number of RCMTA address slots */ 2768 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8); 2769 } 2770 b43_clear_keys(dev); 2771} 2772 2773static int b43_rng_read(struct hwrng *rng, u32 * data) 2774{ 2775 struct b43_wl *wl = (struct b43_wl *)rng->priv; 2776 unsigned long flags; 2777 2778 /* Don't take wl->mutex here, as it could deadlock with 2779 * hwrng internal locking. It's not needed to take 2780 * wl->mutex here, anyway. */ 2781 2782 spin_lock_irqsave(&wl->irq_lock, flags); 2783 *data = b43_read16(wl->current_dev, B43_MMIO_RNG); 2784 spin_unlock_irqrestore(&wl->irq_lock, flags); 2785 2786 return (sizeof(u16)); 2787} 2788 2789static void b43_rng_exit(struct b43_wl *wl) 2790{ 2791 if (wl->rng_initialized) 2792 hwrng_unregister(&wl->rng); 2793} 2794 2795static int b43_rng_init(struct b43_wl *wl) 2796{ 2797 int err; 2798 2799 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 2800 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 2801 wl->rng.name = wl->rng_name; 2802 wl->rng.data_read = b43_rng_read; 2803 wl->rng.priv = (unsigned long)wl; 2804 wl->rng_initialized = 1; 2805 err = hwrng_register(&wl->rng); 2806 if (err) { 2807 wl->rng_initialized = 0; 2808 b43err(wl, "Failed to register the random " 2809 "number generator (%d)\n", err); 2810 } 2811 2812 return err; 2813} 2814 2815static int b43_op_tx(struct ieee80211_hw *hw, 2816 struct sk_buff *skb, 2817 struct ieee80211_tx_control *ctl) 2818{ 2819 struct b43_wl *wl = hw_to_b43_wl(hw); 2820 struct b43_wldev *dev = wl->current_dev; 2821 unsigned long flags; 2822 int err; 2823 2824 if (unlikely(skb->len < 2 + 2 + 6)) { 2825 /* Too short, this can't be a valid frame. */ 2826 dev_kfree_skb_any(skb); 2827 return NETDEV_TX_OK; 2828 } 2829 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 2830 if (unlikely(!dev)) 2831 return NETDEV_TX_BUSY; 2832 2833 /* Transmissions on seperate queues can run concurrently. */ 2834 read_lock_irqsave(&wl->tx_lock, flags); 2835 2836 err = -ENODEV; 2837 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 2838 if (b43_using_pio_transfers(dev)) 2839 err = b43_pio_tx(dev, skb, ctl); 2840 else 2841 err = b43_dma_tx(dev, skb, ctl); 2842 } 2843 2844 read_unlock_irqrestore(&wl->tx_lock, flags); 2845 2846 if (unlikely(err)) 2847 return NETDEV_TX_BUSY; 2848 return NETDEV_TX_OK; 2849} 2850 2851/* Locking: wl->irq_lock */ 2852static void b43_qos_params_upload(struct b43_wldev *dev, 2853 const struct ieee80211_tx_queue_params *p, 2854 u16 shm_offset) 2855{ 2856 u16 params[B43_NR_QOSPARAMS]; 2857 int cw_min, cw_max, aifs, bslots, tmp; 2858 unsigned int i; 2859 2860 const u16 aCWmin = 0x0001; 2861 const u16 aCWmax = 0x03FF; 2862 2863 /* Calculate the default values for the parameters, if needed. */ 2864 switch (shm_offset) { 2865 case B43_QOS_VOICE: 2866 aifs = (p->aifs == -1) ? 2 : p->aifs; 2867 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min; 2868 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max; 2869 break; 2870 case B43_QOS_VIDEO: 2871 aifs = (p->aifs == -1) ? 2 : p->aifs; 2872 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min; 2873 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max; 2874 break; 2875 case B43_QOS_BESTEFFORT: 2876 aifs = (p->aifs == -1) ? 3 : p->aifs; 2877 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2878 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2879 break; 2880 case B43_QOS_BACKGROUND: 2881 aifs = (p->aifs == -1) ? 7 : p->aifs; 2882 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2883 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2884 break; 2885 default: 2886 B43_WARN_ON(1); 2887 return; 2888 } 2889 if (cw_min <= 0) 2890 cw_min = aCWmin; 2891 if (cw_max <= 0) 2892 cw_max = aCWmin; 2893 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min; 2894 2895 memset(¶ms, 0, sizeof(params)); 2896 2897 params[B43_QOSPARAM_TXOP] = p->txop * 32; 2898 params[B43_QOSPARAM_CWMIN] = cw_min; 2899 params[B43_QOSPARAM_CWMAX] = cw_max; 2900 params[B43_QOSPARAM_CWCUR] = cw_min; 2901 params[B43_QOSPARAM_AIFS] = aifs; 2902 params[B43_QOSPARAM_BSLOTS] = bslots; 2903 params[B43_QOSPARAM_REGGAP] = bslots + aifs; 2904 2905 for (i = 0; i < ARRAY_SIZE(params); i++) { 2906 if (i == B43_QOSPARAM_STATUS) { 2907 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 2908 shm_offset + (i * 2)); 2909 /* Mark the parameters as updated. */ 2910 tmp |= 0x100; 2911 b43_shm_write16(dev, B43_SHM_SHARED, 2912 shm_offset + (i * 2), 2913 tmp); 2914 } else { 2915 b43_shm_write16(dev, B43_SHM_SHARED, 2916 shm_offset + (i * 2), 2917 params[i]); 2918 } 2919 } 2920} 2921 2922/* Update the QOS parameters in hardware. */ 2923static void b43_qos_update(struct b43_wldev *dev) 2924{ 2925 struct b43_wl *wl = dev->wl; 2926 struct b43_qos_params *params; 2927 unsigned long flags; 2928 unsigned int i; 2929 2930 /* Mapping of mac80211 queues to b43 SHM offsets. */ 2931 static const u16 qos_shm_offsets[] = { 2932 [0] = B43_QOS_VOICE, 2933 [1] = B43_QOS_VIDEO, 2934 [2] = B43_QOS_BESTEFFORT, 2935 [3] = B43_QOS_BACKGROUND, 2936 }; 2937 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params)); 2938 2939 b43_mac_suspend(dev); 2940 spin_lock_irqsave(&wl->irq_lock, flags); 2941 2942 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2943 params = &(wl->qos_params[i]); 2944 if (params->need_hw_update) { 2945 b43_qos_params_upload(dev, &(params->p), 2946 qos_shm_offsets[i]); 2947 params->need_hw_update = 0; 2948 } 2949 } 2950 2951 spin_unlock_irqrestore(&wl->irq_lock, flags); 2952 b43_mac_enable(dev); 2953} 2954 2955static void b43_qos_clear(struct b43_wl *wl) 2956{ 2957 struct b43_qos_params *params; 2958 unsigned int i; 2959 2960 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2961 params = &(wl->qos_params[i]); 2962 2963 memset(&(params->p), 0, sizeof(params->p)); 2964 params->p.aifs = -1; 2965 params->need_hw_update = 1; 2966 } 2967} 2968 2969/* Initialize the core's QOS capabilities */ 2970static void b43_qos_init(struct b43_wldev *dev) 2971{ 2972 struct b43_wl *wl = dev->wl; 2973 unsigned int i; 2974 2975 /* Upload the current QOS parameters. */ 2976 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) 2977 wl->qos_params[i].need_hw_update = 1; 2978 b43_qos_update(dev); 2979 2980 /* Enable QOS support. */ 2981 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 2982 b43_write16(dev, B43_MMIO_IFSCTL, 2983 b43_read16(dev, B43_MMIO_IFSCTL) 2984 | B43_MMIO_IFSCTL_USE_EDCF); 2985} 2986 2987static void b43_qos_update_work(struct work_struct *work) 2988{ 2989 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work); 2990 struct b43_wldev *dev; 2991 2992 mutex_lock(&wl->mutex); 2993 dev = wl->current_dev; 2994 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) 2995 b43_qos_update(dev); 2996 mutex_unlock(&wl->mutex); 2997} 2998 2999static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3000 const struct ieee80211_tx_queue_params *params) 3001{ 3002 struct b43_wl *wl = hw_to_b43_wl(hw); 3003 unsigned long flags; 3004 unsigned int queue = (unsigned int)_queue; 3005 struct b43_qos_params *p; 3006 3007 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3008 /* Queue not available or don't support setting 3009 * params on this queue. Return success to not 3010 * confuse mac80211. */ 3011 return 0; 3012 } 3013 3014 spin_lock_irqsave(&wl->irq_lock, flags); 3015 p = &(wl->qos_params[queue]); 3016 memcpy(&(p->p), params, sizeof(p->p)); 3017 p->need_hw_update = 1; 3018 spin_unlock_irqrestore(&wl->irq_lock, flags); 3019 3020 queue_work(hw->workqueue, &wl->qos_update_work); 3021 3022 return 0; 3023} 3024 3025static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3026 struct ieee80211_tx_queue_stats *stats) 3027{ 3028 struct b43_wl *wl = hw_to_b43_wl(hw); 3029 struct b43_wldev *dev = wl->current_dev; 3030 unsigned long flags; 3031 int err = -ENODEV; 3032 3033 if (!dev) 3034 goto out; 3035 spin_lock_irqsave(&wl->irq_lock, flags); 3036 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 3037 if (b43_using_pio_transfers(dev)) 3038 b43_pio_get_tx_stats(dev, stats); 3039 else 3040 b43_dma_get_tx_stats(dev, stats); 3041 err = 0; 3042 } 3043 spin_unlock_irqrestore(&wl->irq_lock, flags); 3044out: 3045 return err; 3046} 3047 3048static int b43_op_get_stats(struct ieee80211_hw *hw, 3049 struct ieee80211_low_level_stats *stats) 3050{ 3051 struct b43_wl *wl = hw_to_b43_wl(hw); 3052 unsigned long flags; 3053 3054 spin_lock_irqsave(&wl->irq_lock, flags); 3055 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3056 spin_unlock_irqrestore(&wl->irq_lock, flags); 3057 3058 return 0; 3059} 3060 3061static void b43_put_phy_into_reset(struct b43_wldev *dev) 3062{ 3063 struct ssb_device *sdev = dev->dev; 3064 u32 tmslow; 3065 3066 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3067 tmslow &= ~B43_TMSLOW_GMODE; 3068 tmslow |= B43_TMSLOW_PHYRESET; 3069 tmslow |= SSB_TMSLOW_FGC; 3070 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3071 msleep(1); 3072 3073 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3074 tmslow &= ~SSB_TMSLOW_FGC; 3075 tmslow |= B43_TMSLOW_PHYRESET; 3076 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3077 msleep(1); 3078} 3079 3080static const char * band_to_string(enum ieee80211_band band) 3081{ 3082 switch (band) { 3083 case IEEE80211_BAND_5GHZ: 3084 return "5"; 3085 case IEEE80211_BAND_2GHZ: 3086 return "2.4"; 3087 default: 3088 break; 3089 } 3090 B43_WARN_ON(1); 3091 return ""; 3092} 3093 3094/* Expects wl->mutex locked */ 3095static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3096{ 3097 struct b43_wldev *up_dev = NULL; 3098 struct b43_wldev *down_dev; 3099 struct b43_wldev *d; 3100 int err; 3101 bool gmode; 3102 int prev_status; 3103 3104 /* Find a device and PHY which supports the band. */ 3105 list_for_each_entry(d, &wl->devlist, list) { 3106 switch (chan->band) { 3107 case IEEE80211_BAND_5GHZ: 3108 if (d->phy.supports_5ghz) { 3109 up_dev = d; 3110 gmode = 0; 3111 } 3112 break; 3113 case IEEE80211_BAND_2GHZ: 3114 if (d->phy.supports_2ghz) { 3115 up_dev = d; 3116 gmode = 1; 3117 } 3118 break; 3119 default: 3120 B43_WARN_ON(1); 3121 return -EINVAL; 3122 } 3123 if (up_dev) 3124 break; 3125 } 3126 if (!up_dev) { 3127 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3128 band_to_string(chan->band)); 3129 return -ENODEV; 3130 } 3131 if ((up_dev == wl->current_dev) && 3132 (!!wl->current_dev->phy.gmode == !!gmode)) { 3133 /* This device is already running. */ 3134 return 0; 3135 } 3136 b43dbg(wl, "Switching to %s-GHz band\n", 3137 band_to_string(chan->band)); 3138 down_dev = wl->current_dev; 3139 3140 prev_status = b43_status(down_dev); 3141 /* Shutdown the currently running core. */ 3142 if (prev_status >= B43_STAT_STARTED) 3143 b43_wireless_core_stop(down_dev); 3144 if (prev_status >= B43_STAT_INITIALIZED) 3145 b43_wireless_core_exit(down_dev); 3146 3147 if (down_dev != up_dev) { 3148 /* We switch to a different core, so we put PHY into 3149 * RESET on the old core. */ 3150 b43_put_phy_into_reset(down_dev); 3151 } 3152 3153 /* Now start the new core. */ 3154 up_dev->phy.gmode = gmode; 3155 if (prev_status >= B43_STAT_INITIALIZED) { 3156 err = b43_wireless_core_init(up_dev); 3157 if (err) { 3158 b43err(wl, "Fatal: Could not initialize device for " 3159 "selected %s-GHz band\n", 3160 band_to_string(chan->band)); 3161 goto init_failure; 3162 } 3163 } 3164 if (prev_status >= B43_STAT_STARTED) { 3165 err = b43_wireless_core_start(up_dev); 3166 if (err) { 3167 b43err(wl, "Fatal: Coult not start device for " 3168 "selected %s-GHz band\n", 3169 band_to_string(chan->band)); 3170 b43_wireless_core_exit(up_dev); 3171 goto init_failure; 3172 } 3173 } 3174 B43_WARN_ON(b43_status(up_dev) != prev_status); 3175 3176 wl->current_dev = up_dev; 3177 3178 return 0; 3179init_failure: 3180 /* Whoops, failed to init the new core. No core is operating now. */ 3181 wl->current_dev = NULL; 3182 return err; 3183} 3184 3185static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf) 3186{ 3187 struct b43_wl *wl = hw_to_b43_wl(hw); 3188 struct b43_wldev *dev; 3189 struct b43_phy *phy; 3190 unsigned long flags; 3191 int antenna; 3192 int err = 0; 3193 u32 savedirqs; 3194 3195 mutex_lock(&wl->mutex); 3196 3197 /* Switch the band (if necessary). This might change the active core. */ 3198 err = b43_switch_band(wl, conf->channel); 3199 if (err) 3200 goto out_unlock_mutex; 3201 dev = wl->current_dev; 3202 phy = &dev->phy; 3203 3204 /* Disable IRQs while reconfiguring the device. 3205 * This makes it possible to drop the spinlock throughout 3206 * the reconfiguration process. */ 3207 spin_lock_irqsave(&wl->irq_lock, flags); 3208 if (b43_status(dev) < B43_STAT_STARTED) { 3209 spin_unlock_irqrestore(&wl->irq_lock, flags); 3210 goto out_unlock_mutex; 3211 } 3212 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL); 3213 spin_unlock_irqrestore(&wl->irq_lock, flags); 3214 b43_synchronize_irq(dev); 3215 3216 /* Switch to the requested channel. 3217 * The firmware takes care of races with the TX handler. */ 3218 if (conf->channel->hw_value != phy->channel) 3219 b43_radio_selectchannel(dev, conf->channel->hw_value, 0); 3220 3221 /* Enable/Disable ShortSlot timing. */ 3222 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) != 3223 dev->short_slot) { 3224 B43_WARN_ON(phy->type != B43_PHYTYPE_G); 3225 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME) 3226 b43_short_slot_timing_enable(dev); 3227 else 3228 b43_short_slot_timing_disable(dev); 3229 } 3230 3231 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP); 3232 3233 /* Adjust the desired TX power level. */ 3234 if (conf->power_level != 0) { 3235 if (conf->power_level != phy->power_level) { 3236 phy->power_level = conf->power_level; 3237 b43_phy_xmitpower(dev); 3238 } 3239 } 3240 3241 /* Antennas for RX and management frame TX. */ 3242 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx); 3243 b43_mgmtframe_txantenna(dev, antenna); 3244 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx); 3245 b43_set_rx_antenna(dev, antenna); 3246 3247 /* Update templates for AP mode. */ 3248 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 3249 b43_set_beacon_int(dev, conf->beacon_int); 3250 3251 if (!!conf->radio_enabled != phy->radio_on) { 3252 if (conf->radio_enabled) { 3253 b43_radio_turn_on(dev); 3254 b43info(dev->wl, "Radio turned on by software\n"); 3255 if (!dev->radio_hw_enable) { 3256 b43info(dev->wl, "The hardware RF-kill button " 3257 "still turns the radio physically off. " 3258 "Press the button to turn it on.\n"); 3259 } 3260 } else { 3261 b43_radio_turn_off(dev, 0); 3262 b43info(dev->wl, "Radio turned off by software\n"); 3263 } 3264 } 3265 3266 spin_lock_irqsave(&wl->irq_lock, flags); 3267 b43_interrupt_enable(dev, savedirqs); 3268 mmiowb(); 3269 spin_unlock_irqrestore(&wl->irq_lock, flags); 3270 out_unlock_mutex: 3271 mutex_unlock(&wl->mutex); 3272 3273 return err; 3274} 3275 3276static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3277 const u8 *local_addr, const u8 *addr, 3278 struct ieee80211_key_conf *key) 3279{ 3280 struct b43_wl *wl = hw_to_b43_wl(hw); 3281 struct b43_wldev *dev; 3282 unsigned long flags; 3283 u8 algorithm; 3284 u8 index; 3285 int err; 3286 DECLARE_MAC_BUF(mac); 3287 3288 if (modparam_nohwcrypt) 3289 return -ENOSPC; /* User disabled HW-crypto */ 3290 3291 mutex_lock(&wl->mutex); 3292 spin_lock_irqsave(&wl->irq_lock, flags); 3293 3294 dev = wl->current_dev; 3295 err = -ENODEV; 3296 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3297 goto out_unlock; 3298 3299 err = -EINVAL; 3300 switch (key->alg) { 3301 case ALG_WEP: 3302 if (key->keylen == 5) 3303 algorithm = B43_SEC_ALGO_WEP40; 3304 else 3305 algorithm = B43_SEC_ALGO_WEP104; 3306 break; 3307 case ALG_TKIP: 3308 algorithm = B43_SEC_ALGO_TKIP; 3309 break; 3310 case ALG_CCMP: 3311 algorithm = B43_SEC_ALGO_AES; 3312 break; 3313 default: 3314 B43_WARN_ON(1); 3315 goto out_unlock; 3316 } 3317 index = (u8) (key->keyidx); 3318 if (index > 3) 3319 goto out_unlock; 3320 3321 switch (cmd) { 3322 case SET_KEY: 3323 if (algorithm == B43_SEC_ALGO_TKIP) { 3324 /* FIXME: No TKIP hardware encryption for now. */ 3325 err = -EOPNOTSUPP; 3326 goto out_unlock; 3327 } 3328 3329 if (is_broadcast_ether_addr(addr)) { 3330 /* addr is FF:FF:FF:FF:FF:FF for default keys */ 3331 err = b43_key_write(dev, index, algorithm, 3332 key->key, key->keylen, NULL, key); 3333 } else { 3334 /* 3335 * either pairwise key or address is 00:00:00:00:00:00 3336 * for transmit-only keys 3337 */ 3338 err = b43_key_write(dev, -1, algorithm, 3339 key->key, key->keylen, addr, key); 3340 } 3341 if (err) 3342 goto out_unlock; 3343 3344 if (algorithm == B43_SEC_ALGO_WEP40 || 3345 algorithm == B43_SEC_ALGO_WEP104) { 3346 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3347 } else { 3348 b43_hf_write(dev, 3349 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3350 } 3351 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3352 break; 3353 case DISABLE_KEY: { 3354 err = b43_key_clear(dev, key->hw_key_idx); 3355 if (err) 3356 goto out_unlock; 3357 break; 3358 } 3359 default: 3360 B43_WARN_ON(1); 3361 } 3362out_unlock: 3363 spin_unlock_irqrestore(&wl->irq_lock, flags); 3364 mutex_unlock(&wl->mutex); 3365 if (!err) { 3366 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3367 "mac: %s\n", 3368 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3369 print_mac(mac, addr)); 3370 } 3371 return err; 3372} 3373 3374static void b43_op_configure_filter(struct ieee80211_hw *hw, 3375 unsigned int changed, unsigned int *fflags, 3376 int mc_count, struct dev_addr_list *mc_list) 3377{ 3378 struct b43_wl *wl = hw_to_b43_wl(hw); 3379 struct b43_wldev *dev = wl->current_dev; 3380 unsigned long flags; 3381 3382 if (!dev) { 3383 *fflags = 0; 3384 return; 3385 } 3386 3387 spin_lock_irqsave(&wl->irq_lock, flags); 3388 *fflags &= FIF_PROMISC_IN_BSS | 3389 FIF_ALLMULTI | 3390 FIF_FCSFAIL | 3391 FIF_PLCPFAIL | 3392 FIF_CONTROL | 3393 FIF_OTHER_BSS | 3394 FIF_BCN_PRBRESP_PROMISC; 3395 3396 changed &= FIF_PROMISC_IN_BSS | 3397 FIF_ALLMULTI | 3398 FIF_FCSFAIL | 3399 FIF_PLCPFAIL | 3400 FIF_CONTROL | 3401 FIF_OTHER_BSS | 3402 FIF_BCN_PRBRESP_PROMISC; 3403 3404 wl->filter_flags = *fflags; 3405 3406 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3407 b43_adjust_opmode(dev); 3408 spin_unlock_irqrestore(&wl->irq_lock, flags); 3409} 3410 3411static int b43_op_config_interface(struct ieee80211_hw *hw, 3412 struct ieee80211_vif *vif, 3413 struct ieee80211_if_conf *conf) 3414{ 3415 struct b43_wl *wl = hw_to_b43_wl(hw); 3416 struct b43_wldev *dev = wl->current_dev; 3417 unsigned long flags; 3418 3419 if (!dev) 3420 return -ENODEV; 3421 mutex_lock(&wl->mutex); 3422 spin_lock_irqsave(&wl->irq_lock, flags); 3423 B43_WARN_ON(wl->vif != vif); 3424 if (conf->bssid) 3425 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3426 else 3427 memset(wl->bssid, 0, ETH_ALEN); 3428 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3429 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) { 3430 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP); 3431 b43_set_ssid(dev, conf->ssid, conf->ssid_len); 3432 if (conf->beacon) { 3433 b43_update_templates(wl, conf->beacon, 3434 conf->beacon_control); 3435 } 3436 } 3437 b43_write_mac_bssid_templates(dev); 3438 } 3439 spin_unlock_irqrestore(&wl->irq_lock, flags); 3440 mutex_unlock(&wl->mutex); 3441 3442 return 0; 3443} 3444 3445/* Locking: wl->mutex */ 3446static void b43_wireless_core_stop(struct b43_wldev *dev) 3447{ 3448 struct b43_wl *wl = dev->wl; 3449 unsigned long flags; 3450 3451 if (b43_status(dev) < B43_STAT_STARTED) 3452 return; 3453 3454 /* Disable and sync interrupts. We must do this before than 3455 * setting the status to INITIALIZED, as the interrupt handler 3456 * won't care about IRQs then. */ 3457 spin_lock_irqsave(&wl->irq_lock, flags); 3458 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 3459 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */ 3460 spin_unlock_irqrestore(&wl->irq_lock, flags); 3461 b43_synchronize_irq(dev); 3462 3463 write_lock_irqsave(&wl->tx_lock, flags); 3464 b43_set_status(dev, B43_STAT_INITIALIZED); 3465 write_unlock_irqrestore(&wl->tx_lock, flags); 3466 3467 b43_pio_stop(dev); 3468 mutex_unlock(&wl->mutex); 3469 /* Must unlock as it would otherwise deadlock. No races here. 3470 * Cancel the possibly running self-rearming periodic work. */ 3471 cancel_delayed_work_sync(&dev->periodic_work); 3472 mutex_lock(&wl->mutex); 3473 3474 b43_mac_suspend(dev); 3475 free_irq(dev->dev->irq, dev); 3476 b43dbg(wl, "Wireless interface stopped\n"); 3477} 3478 3479/* Locking: wl->mutex */ 3480static int b43_wireless_core_start(struct b43_wldev *dev) 3481{ 3482 int err; 3483 3484 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3485 3486 drain_txstatus_queue(dev); 3487 err = request_irq(dev->dev->irq, b43_interrupt_handler, 3488 IRQF_SHARED, KBUILD_MODNAME, dev); 3489 if (err) { 3490 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3491 goto out; 3492 } 3493 3494 /* We are ready to run. */ 3495 b43_set_status(dev, B43_STAT_STARTED); 3496 3497 /* Start data flow (TX/RX). */ 3498 b43_mac_enable(dev); 3499 b43_interrupt_enable(dev, dev->irq_savedstate); 3500 ieee80211_start_queues(dev->wl->hw); 3501 3502 /* Start maintainance work */ 3503 b43_periodic_tasks_setup(dev); 3504 3505 b43dbg(dev->wl, "Wireless interface started\n"); 3506 out: 3507 return err; 3508} 3509 3510/* Get PHY and RADIO versioning numbers */ 3511static int b43_phy_versioning(struct b43_wldev *dev) 3512{ 3513 struct b43_phy *phy = &dev->phy; 3514 u32 tmp; 3515 u8 analog_type; 3516 u8 phy_type; 3517 u8 phy_rev; 3518 u16 radio_manuf; 3519 u16 radio_ver; 3520 u16 radio_rev; 3521 int unsupported = 0; 3522 3523 /* Get PHY versioning */ 3524 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3525 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3526 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3527 phy_rev = (tmp & B43_PHYVER_VERSION); 3528 switch (phy_type) { 3529 case B43_PHYTYPE_A: 3530 if (phy_rev >= 4) 3531 unsupported = 1; 3532 break; 3533 case B43_PHYTYPE_B: 3534 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 3535 && phy_rev != 7) 3536 unsupported = 1; 3537 break; 3538 case B43_PHYTYPE_G: 3539 if (phy_rev > 9) 3540 unsupported = 1; 3541 break; 3542#ifdef CONFIG_B43_NPHY 3543 case B43_PHYTYPE_N: 3544 if (phy_rev > 1) 3545 unsupported = 1; 3546 break; 3547#endif 3548 default: 3549 unsupported = 1; 3550 }; 3551 if (unsupported) { 3552 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 3553 "(Analog %u, Type %u, Revision %u)\n", 3554 analog_type, phy_type, phy_rev); 3555 return -EOPNOTSUPP; 3556 } 3557 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 3558 analog_type, phy_type, phy_rev); 3559 3560 /* Get RADIO versioning */ 3561 if (dev->dev->bus->chip_id == 0x4317) { 3562 if (dev->dev->bus->chip_rev == 0) 3563 tmp = 0x3205017F; 3564 else if (dev->dev->bus->chip_rev == 1) 3565 tmp = 0x4205017F; 3566 else 3567 tmp = 0x5205017F; 3568 } else { 3569 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3570 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 3571 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3572 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 3573 } 3574 radio_manuf = (tmp & 0x00000FFF); 3575 radio_ver = (tmp & 0x0FFFF000) >> 12; 3576 radio_rev = (tmp & 0xF0000000) >> 28; 3577 if (radio_manuf != 0x17F /* Broadcom */) 3578 unsupported = 1; 3579 switch (phy_type) { 3580 case B43_PHYTYPE_A: 3581 if (radio_ver != 0x2060) 3582 unsupported = 1; 3583 if (radio_rev != 1) 3584 unsupported = 1; 3585 if (radio_manuf != 0x17F) 3586 unsupported = 1; 3587 break; 3588 case B43_PHYTYPE_B: 3589 if ((radio_ver & 0xFFF0) != 0x2050) 3590 unsupported = 1; 3591 break; 3592 case B43_PHYTYPE_G: 3593 if (radio_ver != 0x2050) 3594 unsupported = 1; 3595 break; 3596 case B43_PHYTYPE_N: 3597 if (radio_ver != 0x2055) 3598 unsupported = 1; 3599 break; 3600 default: 3601 B43_WARN_ON(1); 3602 } 3603 if (unsupported) { 3604 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 3605 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 3606 radio_manuf, radio_ver, radio_rev); 3607 return -EOPNOTSUPP; 3608 } 3609 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 3610 radio_manuf, radio_ver, radio_rev); 3611 3612 phy->radio_manuf = radio_manuf; 3613 phy->radio_ver = radio_ver; 3614 phy->radio_rev = radio_rev; 3615 3616 phy->analog = analog_type; 3617 phy->type = phy_type; 3618 phy->rev = phy_rev; 3619 3620 return 0; 3621} 3622 3623static void setup_struct_phy_for_init(struct b43_wldev *dev, 3624 struct b43_phy *phy) 3625{ 3626 struct b43_txpower_lo_control *lo; 3627 int i; 3628 3629 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig)); 3630 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos)); 3631 3632 phy->aci_enable = 0; 3633 phy->aci_wlan_automatic = 0; 3634 phy->aci_hw_rssi = 0; 3635 3636 phy->radio_off_context.valid = 0; 3637 3638 lo = phy->lo_control; 3639 if (lo) { 3640 memset(lo, 0, sizeof(*(phy->lo_control))); 3641 lo->tx_bias = 0xFF; 3642 INIT_LIST_HEAD(&lo->calib_list); 3643 } 3644 phy->max_lb_gain = 0; 3645 phy->trsw_rx_gain = 0; 3646 phy->txpwr_offset = 0; 3647 3648 /* NRSSI */ 3649 phy->nrssislope = 0; 3650 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++) 3651 phy->nrssi[i] = -1000; 3652 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++) 3653 phy->nrssi_lt[i] = i; 3654 3655 phy->lofcal = 0xFFFF; 3656 phy->initval = 0xFFFF; 3657 3658 phy->interfmode = B43_INTERFMODE_NONE; 3659 phy->channel = 0xFF; 3660 3661 phy->hardware_power_control = !!modparam_hwpctl; 3662 3663 /* PHY TX errors counter. */ 3664 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3665 3666 /* OFDM-table address caching. */ 3667 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN; 3668} 3669 3670static void setup_struct_wldev_for_init(struct b43_wldev *dev) 3671{ 3672 dev->dfq_valid = 0; 3673 3674 /* Assume the radio is enabled. If it's not enabled, the state will 3675 * immediately get fixed on the first periodic work run. */ 3676 dev->radio_hw_enable = 1; 3677 3678 /* Stats */ 3679 memset(&dev->stats, 0, sizeof(dev->stats)); 3680 3681 setup_struct_phy_for_init(dev, &dev->phy); 3682 3683 /* IRQ related flags */ 3684 dev->irq_reason = 0; 3685 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 3686 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE; 3687 3688 dev->mac_suspended = 1; 3689 3690 /* Noise calculation context */ 3691 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 3692} 3693 3694static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 3695{ 3696 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 3697 u64 hf; 3698 3699 if (!modparam_btcoex) 3700 return; 3701 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 3702 return; 3703 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 3704 return; 3705 3706 hf = b43_hf_read(dev); 3707 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 3708 hf |= B43_HF_BTCOEXALT; 3709 else 3710 hf |= B43_HF_BTCOEX; 3711 b43_hf_write(dev, hf); 3712} 3713 3714static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 3715{ 3716 if (!modparam_btcoex) 3717 return; 3718 //TODO 3719} 3720 3721static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 3722{ 3723#ifdef CONFIG_SSB_DRIVER_PCICORE 3724 struct ssb_bus *bus = dev->dev->bus; 3725 u32 tmp; 3726 3727 if (bus->pcicore.dev && 3728 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 3729 bus->pcicore.dev->id.revision <= 5) { 3730 /* IMCFGLO timeouts workaround. */ 3731 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 3732 tmp &= ~SSB_IMCFGLO_REQTO; 3733 tmp &= ~SSB_IMCFGLO_SERTO; 3734 switch (bus->bustype) { 3735 case SSB_BUSTYPE_PCI: 3736 case SSB_BUSTYPE_PCMCIA: 3737 tmp |= 0x32; 3738 break; 3739 case SSB_BUSTYPE_SSB: 3740 tmp |= 0x53; 3741 break; 3742 } 3743 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 3744 } 3745#endif /* CONFIG_SSB_DRIVER_PCICORE */ 3746} 3747 3748/* Write the short and long frame retry limit values. */ 3749static void b43_set_retry_limits(struct b43_wldev *dev, 3750 unsigned int short_retry, 3751 unsigned int long_retry) 3752{ 3753 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3754 * the chip-internal counter. */ 3755 short_retry = min(short_retry, (unsigned int)0xF); 3756 long_retry = min(long_retry, (unsigned int)0xF); 3757 3758 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3759 short_retry); 3760 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3761 long_retry); 3762} 3763 3764static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 3765{ 3766 u16 pu_delay; 3767 3768 /* The time value is in microseconds. */ 3769 if (dev->phy.type == B43_PHYTYPE_A) 3770 pu_delay = 3700; 3771 else 3772 pu_delay = 1050; 3773 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS) || idle) 3774 pu_delay = 500; 3775 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 3776 pu_delay = max(pu_delay, (u16)2400); 3777 3778 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 3779} 3780 3781/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 3782static void b43_set_pretbtt(struct b43_wldev *dev) 3783{ 3784 u16 pretbtt; 3785 3786 /* The time value is in microseconds. */ 3787 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) { 3788 pretbtt = 2; 3789 } else { 3790 if (dev->phy.type == B43_PHYTYPE_A) 3791 pretbtt = 120; 3792 else 3793 pretbtt = 250; 3794 } 3795 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 3796 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 3797} 3798 3799/* Shutdown a wireless core */ 3800/* Locking: wl->mutex */ 3801static void b43_wireless_core_exit(struct b43_wldev *dev) 3802{ 3803 struct b43_phy *phy = &dev->phy; 3804 u32 macctl; 3805 3806 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED); 3807 if (b43_status(dev) != B43_STAT_INITIALIZED) 3808 return; 3809 b43_set_status(dev, B43_STAT_UNINIT); 3810 3811 /* Stop the microcode PSM. */ 3812 macctl = b43_read32(dev, B43_MMIO_MACCTL); 3813 macctl &= ~B43_MACCTL_PSM_RUN; 3814 macctl |= B43_MACCTL_PSM_JMP0; 3815 b43_write32(dev, B43_MMIO_MACCTL, macctl); 3816 3817 if (!dev->suspend_in_progress) { 3818 b43_leds_exit(dev); 3819 b43_rng_exit(dev->wl); 3820 } 3821 b43_dma_free(dev); 3822 b43_pio_free(dev); 3823 b43_chip_exit(dev); 3824 b43_radio_turn_off(dev, 1); 3825 b43_switch_analog(dev, 0); 3826 if (phy->dyn_tssi_tbl) 3827 kfree(phy->tssi2dbm); 3828 kfree(phy->lo_control); 3829 phy->lo_control = NULL; 3830 if (dev->wl->current_beacon) { 3831 dev_kfree_skb_any(dev->wl->current_beacon); 3832 dev->wl->current_beacon = NULL; 3833 } 3834 3835 ssb_device_disable(dev->dev, 0); 3836 ssb_bus_may_powerdown(dev->dev->bus); 3837} 3838 3839/* Initialize a wireless core */ 3840static int b43_wireless_core_init(struct b43_wldev *dev) 3841{ 3842 struct b43_wl *wl = dev->wl; 3843 struct ssb_bus *bus = dev->dev->bus; 3844 struct ssb_sprom *sprom = &bus->sprom; 3845 struct b43_phy *phy = &dev->phy; 3846 int err; 3847 u64 hf; 3848 u32 tmp; 3849 3850 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3851 3852 err = ssb_bus_powerup(bus, 0); 3853 if (err) 3854 goto out; 3855 if (!ssb_device_is_enabled(dev->dev)) { 3856 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 3857 b43_wireless_core_reset(dev, tmp); 3858 } 3859 3860 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) { 3861 phy->lo_control = 3862 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL); 3863 if (!phy->lo_control) { 3864 err = -ENOMEM; 3865 goto err_busdown; 3866 } 3867 } 3868 setup_struct_wldev_for_init(dev); 3869 3870 err = b43_phy_init_tssi2dbm_table(dev); 3871 if (err) 3872 goto err_kfree_lo_control; 3873 3874 /* Enable IRQ routing to this device. */ 3875 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 3876 3877 b43_imcfglo_timeouts_workaround(dev); 3878 b43_bluetooth_coext_disable(dev); 3879 b43_phy_early_init(dev); 3880 err = b43_chip_init(dev); 3881 if (err) 3882 goto err_kfree_tssitbl; 3883 b43_shm_write16(dev, B43_SHM_SHARED, 3884 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 3885 hf = b43_hf_read(dev); 3886 if (phy->type == B43_PHYTYPE_G) { 3887 hf |= B43_HF_SYMW; 3888 if (phy->rev == 1) 3889 hf |= B43_HF_GDCW; 3890 if (sprom->boardflags_lo & B43_BFL_PACTRL) 3891 hf |= B43_HF_OFDMPABOOST; 3892 } else if (phy->type == B43_PHYTYPE_B) { 3893 hf |= B43_HF_SYMW; 3894 if (phy->rev >= 2 && phy->radio_ver == 0x2050) 3895 hf &= ~B43_HF_GDCW; 3896 } 3897 b43_hf_write(dev, hf); 3898 3899 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 3900 B43_DEFAULT_LONG_RETRY_LIMIT); 3901 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 3902 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 3903 3904 /* Disable sending probe responses from firmware. 3905 * Setting the MaxTime to one usec will always trigger 3906 * a timeout, so we never send any probe resp. 3907 * A timeout of zero is infinite. */ 3908 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 3909 3910 b43_rate_memory_init(dev); 3911 b43_set_phytxctl_defaults(dev); 3912 3913 /* Minimum Contention Window */ 3914 if (phy->type == B43_PHYTYPE_B) { 3915 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 3916 } else { 3917 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 3918 } 3919 /* Maximum Contention Window */ 3920 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 3921 3922 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) { 3923 dev->__using_pio_transfers = 1; 3924 err = b43_pio_init(dev); 3925 } else { 3926 dev->__using_pio_transfers = 0; 3927 err = b43_dma_init(dev); 3928 } 3929 if (err) 3930 goto err_chip_exit; 3931 b43_qos_init(dev); 3932 b43_set_synth_pu_delay(dev, 1); 3933 b43_bluetooth_coext_enable(dev); 3934 3935 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */ 3936 b43_upload_card_macaddress(dev); 3937 b43_security_init(dev); 3938 if (!dev->suspend_in_progress) 3939 b43_rng_init(wl); 3940 3941 b43_set_status(dev, B43_STAT_INITIALIZED); 3942 3943 if (!dev->suspend_in_progress) 3944 b43_leds_init(dev); 3945out: 3946 return err; 3947 3948 err_chip_exit: 3949 b43_chip_exit(dev); 3950 err_kfree_tssitbl: 3951 if (phy->dyn_tssi_tbl) 3952 kfree(phy->tssi2dbm); 3953 err_kfree_lo_control: 3954 kfree(phy->lo_control); 3955 phy->lo_control = NULL; 3956 err_busdown: 3957 ssb_bus_may_powerdown(bus); 3958 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3959 return err; 3960} 3961 3962static int b43_op_add_interface(struct ieee80211_hw *hw, 3963 struct ieee80211_if_init_conf *conf) 3964{ 3965 struct b43_wl *wl = hw_to_b43_wl(hw); 3966 struct b43_wldev *dev; 3967 unsigned long flags; 3968 int err = -EOPNOTSUPP; 3969 3970 /* TODO: allow WDS/AP devices to coexist */ 3971 3972 if (conf->type != IEEE80211_IF_TYPE_AP && 3973 conf->type != IEEE80211_IF_TYPE_STA && 3974 conf->type != IEEE80211_IF_TYPE_WDS && 3975 conf->type != IEEE80211_IF_TYPE_IBSS) 3976 return -EOPNOTSUPP; 3977 3978 mutex_lock(&wl->mutex); 3979 if (wl->operating) 3980 goto out_mutex_unlock; 3981 3982 b43dbg(wl, "Adding Interface type %d\n", conf->type); 3983 3984 dev = wl->current_dev; 3985 wl->operating = 1; 3986 wl->vif = conf->vif; 3987 wl->if_type = conf->type; 3988 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 3989 3990 spin_lock_irqsave(&wl->irq_lock, flags); 3991 b43_adjust_opmode(dev); 3992 b43_set_pretbtt(dev); 3993 b43_set_synth_pu_delay(dev, 0); 3994 b43_upload_card_macaddress(dev); 3995 spin_unlock_irqrestore(&wl->irq_lock, flags); 3996 3997 err = 0; 3998 out_mutex_unlock: 3999 mutex_unlock(&wl->mutex); 4000 4001 return err; 4002} 4003 4004static void b43_op_remove_interface(struct ieee80211_hw *hw, 4005 struct ieee80211_if_init_conf *conf) 4006{ 4007 struct b43_wl *wl = hw_to_b43_wl(hw); 4008 struct b43_wldev *dev = wl->current_dev; 4009 unsigned long flags; 4010 4011 b43dbg(wl, "Removing Interface type %d\n", conf->type); 4012 4013 mutex_lock(&wl->mutex); 4014 4015 B43_WARN_ON(!wl->operating); 4016 B43_WARN_ON(wl->vif != conf->vif); 4017 wl->vif = NULL; 4018 4019 wl->operating = 0; 4020 4021 spin_lock_irqsave(&wl->irq_lock, flags); 4022 b43_adjust_opmode(dev); 4023 memset(wl->mac_addr, 0, ETH_ALEN); 4024 b43_upload_card_macaddress(dev); 4025 spin_unlock_irqrestore(&wl->irq_lock, flags); 4026 4027 mutex_unlock(&wl->mutex); 4028} 4029 4030static int b43_op_start(struct ieee80211_hw *hw) 4031{ 4032 struct b43_wl *wl = hw_to_b43_wl(hw); 4033 struct b43_wldev *dev = wl->current_dev; 4034 int did_init = 0; 4035 int err = 0; 4036 bool do_rfkill_exit = 0; 4037 4038 /* Kill all old instance specific information to make sure 4039 * the card won't use it in the short timeframe between start 4040 * and mac80211 reconfiguring it. */ 4041 memset(wl->bssid, 0, ETH_ALEN); 4042 memset(wl->mac_addr, 0, ETH_ALEN); 4043 wl->filter_flags = 0; 4044 wl->radiotap_enabled = 0; 4045 b43_qos_clear(wl); 4046 4047 /* First register RFkill. 4048 * LEDs that are registered later depend on it. */ 4049 b43_rfkill_init(dev); 4050 4051 mutex_lock(&wl->mutex); 4052 4053 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4054 err = b43_wireless_core_init(dev); 4055 if (err) { 4056 do_rfkill_exit = 1; 4057 goto out_mutex_unlock; 4058 } 4059 did_init = 1; 4060 } 4061 4062 if (b43_status(dev) < B43_STAT_STARTED) { 4063 err = b43_wireless_core_start(dev); 4064 if (err) { 4065 if (did_init) 4066 b43_wireless_core_exit(dev); 4067 do_rfkill_exit = 1; 4068 goto out_mutex_unlock; 4069 } 4070 } 4071 4072 out_mutex_unlock: 4073 mutex_unlock(&wl->mutex); 4074 4075 if (do_rfkill_exit) 4076 b43_rfkill_exit(dev); 4077 4078 return err; 4079} 4080 4081static void b43_op_stop(struct ieee80211_hw *hw) 4082{ 4083 struct b43_wl *wl = hw_to_b43_wl(hw); 4084 struct b43_wldev *dev = wl->current_dev; 4085 4086 b43_rfkill_exit(dev); 4087 cancel_work_sync(&(wl->qos_update_work)); 4088 cancel_work_sync(&(wl->beacon_update_trigger)); 4089 4090 mutex_lock(&wl->mutex); 4091 if (b43_status(dev) >= B43_STAT_STARTED) 4092 b43_wireless_core_stop(dev); 4093 b43_wireless_core_exit(dev); 4094 mutex_unlock(&wl->mutex); 4095} 4096 4097static int b43_op_set_retry_limit(struct ieee80211_hw *hw, 4098 u32 short_retry_limit, u32 long_retry_limit) 4099{ 4100 struct b43_wl *wl = hw_to_b43_wl(hw); 4101 struct b43_wldev *dev; 4102 int err = 0; 4103 4104 mutex_lock(&wl->mutex); 4105 dev = wl->current_dev; 4106 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) { 4107 err = -ENODEV; 4108 goto out_unlock; 4109 } 4110 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit); 4111out_unlock: 4112 mutex_unlock(&wl->mutex); 4113 4114 return err; 4115} 4116 4117static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set) 4118{ 4119 struct b43_wl *wl = hw_to_b43_wl(hw); 4120 struct sk_buff *beacon; 4121 unsigned long flags; 4122 struct ieee80211_tx_control txctl; 4123 4124 /* We could modify the existing beacon and set the aid bit in 4125 * the TIM field, but that would probably require resizing and 4126 * moving of data within the beacon template. 4127 * Simply request a new beacon and let mac80211 do the hard work. */ 4128 beacon = ieee80211_beacon_get(hw, wl->vif, &txctl); 4129 if (unlikely(!beacon)) 4130 return -ENOMEM; 4131 spin_lock_irqsave(&wl->irq_lock, flags); 4132 b43_update_templates(wl, beacon, &txctl); 4133 spin_unlock_irqrestore(&wl->irq_lock, flags); 4134 4135 return 0; 4136} 4137 4138static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw, 4139 struct sk_buff *beacon, 4140 struct ieee80211_tx_control *ctl) 4141{ 4142 struct b43_wl *wl = hw_to_b43_wl(hw); 4143 unsigned long flags; 4144 4145 spin_lock_irqsave(&wl->irq_lock, flags); 4146 b43_update_templates(wl, beacon, ctl); 4147 spin_unlock_irqrestore(&wl->irq_lock, flags); 4148 4149 return 0; 4150} 4151 4152static void b43_op_sta_notify(struct ieee80211_hw *hw, 4153 struct ieee80211_vif *vif, 4154 enum sta_notify_cmd notify_cmd, 4155 const u8 *addr) 4156{ 4157 struct b43_wl *wl = hw_to_b43_wl(hw); 4158 4159 B43_WARN_ON(!vif || wl->vif != vif); 4160} 4161 4162static const struct ieee80211_ops b43_hw_ops = { 4163 .tx = b43_op_tx, 4164 .conf_tx = b43_op_conf_tx, 4165 .add_interface = b43_op_add_interface, 4166 .remove_interface = b43_op_remove_interface, 4167 .config = b43_op_config, 4168 .config_interface = b43_op_config_interface, 4169 .configure_filter = b43_op_configure_filter, 4170 .set_key = b43_op_set_key, 4171 .get_stats = b43_op_get_stats, 4172 .get_tx_stats = b43_op_get_tx_stats, 4173 .start = b43_op_start, 4174 .stop = b43_op_stop, 4175 .set_retry_limit = b43_op_set_retry_limit, 4176 .set_tim = b43_op_beacon_set_tim, 4177 .beacon_update = b43_op_ibss_beacon_update, 4178 .sta_notify = b43_op_sta_notify, 4179}; 4180 4181/* Hard-reset the chip. Do not call this directly. 4182 * Use b43_controller_restart() 4183 */ 4184static void b43_chip_reset(struct work_struct *work) 4185{ 4186 struct b43_wldev *dev = 4187 container_of(work, struct b43_wldev, restart_work); 4188 struct b43_wl *wl = dev->wl; 4189 int err = 0; 4190 int prev_status; 4191 4192 mutex_lock(&wl->mutex); 4193 4194 prev_status = b43_status(dev); 4195 /* Bring the device down... */ 4196 if (prev_status >= B43_STAT_STARTED) 4197 b43_wireless_core_stop(dev); 4198 if (prev_status >= B43_STAT_INITIALIZED) 4199 b43_wireless_core_exit(dev); 4200 4201 /* ...and up again. */ 4202 if (prev_status >= B43_STAT_INITIALIZED) { 4203 err = b43_wireless_core_init(dev); 4204 if (err) 4205 goto out; 4206 } 4207 if (prev_status >= B43_STAT_STARTED) { 4208 err = b43_wireless_core_start(dev); 4209 if (err) { 4210 b43_wireless_core_exit(dev); 4211 goto out; 4212 } 4213 } 4214 out: 4215 mutex_unlock(&wl->mutex); 4216 if (err) 4217 b43err(wl, "Controller restart FAILED\n"); 4218 else 4219 b43info(wl, "Controller restarted\n"); 4220} 4221 4222static int b43_setup_bands(struct b43_wldev *dev, 4223 bool have_2ghz_phy, bool have_5ghz_phy) 4224{ 4225 struct ieee80211_hw *hw = dev->wl->hw; 4226 4227 if (have_2ghz_phy) 4228 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4229 if (dev->phy.type == B43_PHYTYPE_N) { 4230 if (have_5ghz_phy) 4231 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4232 } else { 4233 if (have_5ghz_phy) 4234 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4235 } 4236 4237 dev->phy.supports_2ghz = have_2ghz_phy; 4238 dev->phy.supports_5ghz = have_5ghz_phy; 4239 4240 return 0; 4241} 4242 4243static void b43_wireless_core_detach(struct b43_wldev *dev) 4244{ 4245 /* We release firmware that late to not be required to re-request 4246 * is all the time when we reinit the core. */ 4247 b43_release_firmware(dev); 4248} 4249 4250static int b43_wireless_core_attach(struct b43_wldev *dev) 4251{ 4252 struct b43_wl *wl = dev->wl; 4253 struct ssb_bus *bus = dev->dev->bus; 4254 struct pci_dev *pdev = bus->host_pci; 4255 int err; 4256 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4257 u32 tmp; 4258 4259 /* Do NOT do any device initialization here. 4260 * Do it in wireless_core_init() instead. 4261 * This function is for gathering basic information about the HW, only. 4262 * Also some structs may be set up here. But most likely you want to have 4263 * that in core_init(), too. 4264 */ 4265 4266 err = ssb_bus_powerup(bus, 0); 4267 if (err) { 4268 b43err(wl, "Bus powerup failed\n"); 4269 goto out; 4270 } 4271 /* Get the PHY type. */ 4272 if (dev->dev->id.revision >= 5) { 4273 u32 tmshigh; 4274 4275 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4276 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4277 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4278 } else 4279 B43_WARN_ON(1); 4280 4281 dev->phy.gmode = have_2ghz_phy; 4282 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4283 b43_wireless_core_reset(dev, tmp); 4284 4285 err = b43_phy_versioning(dev); 4286 if (err) 4287 goto err_powerdown; 4288 /* Check if this device supports multiband. */ 4289 if (!pdev || 4290 (pdev->device != 0x4312 && 4291 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4292 /* No multiband support. */ 4293 have_2ghz_phy = 0; 4294 have_5ghz_phy = 0; 4295 switch (dev->phy.type) { 4296 case B43_PHYTYPE_A: 4297 have_5ghz_phy = 1; 4298 break; 4299 case B43_PHYTYPE_G: 4300 case B43_PHYTYPE_N: 4301 have_2ghz_phy = 1; 4302 break; 4303 default: 4304 B43_WARN_ON(1); 4305 } 4306 } 4307 if (dev->phy.type == B43_PHYTYPE_A) { 4308 /* FIXME */ 4309 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4310 err = -EOPNOTSUPP; 4311 goto err_powerdown; 4312 } 4313 if (1 /* disable A-PHY */) { 4314 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4315 if (dev->phy.type != B43_PHYTYPE_N) { 4316 have_2ghz_phy = 1; 4317 have_5ghz_phy = 0; 4318 } 4319 } 4320 4321 dev->phy.gmode = have_2ghz_phy; 4322 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4323 b43_wireless_core_reset(dev, tmp); 4324 4325 err = b43_validate_chipaccess(dev); 4326 if (err) 4327 goto err_powerdown; 4328 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4329 if (err) 4330 goto err_powerdown; 4331 4332 /* Now set some default "current_dev" */ 4333 if (!wl->current_dev) 4334 wl->current_dev = dev; 4335 INIT_WORK(&dev->restart_work, b43_chip_reset); 4336 4337 b43_radio_turn_off(dev, 1); 4338 b43_switch_analog(dev, 0); 4339 ssb_device_disable(dev->dev, 0); 4340 ssb_bus_may_powerdown(bus); 4341 4342out: 4343 return err; 4344 4345err_powerdown: 4346 ssb_bus_may_powerdown(bus); 4347 return err; 4348} 4349 4350static void b43_one_core_detach(struct ssb_device *dev) 4351{ 4352 struct b43_wldev *wldev; 4353 struct b43_wl *wl; 4354 4355 wldev = ssb_get_drvdata(dev); 4356 wl = wldev->wl; 4357 cancel_work_sync(&wldev->restart_work); 4358 b43_debugfs_remove_device(wldev); 4359 b43_wireless_core_detach(wldev); 4360 list_del(&wldev->list); 4361 wl->nr_devs--; 4362 ssb_set_drvdata(dev, NULL); 4363 kfree(wldev); 4364} 4365 4366static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4367{ 4368 struct b43_wldev *wldev; 4369 struct pci_dev *pdev; 4370 int err = -ENOMEM; 4371 4372 if (!list_empty(&wl->devlist)) { 4373 /* We are not the first core on this chip. */ 4374 pdev = dev->bus->host_pci; 4375 /* Only special chips support more than one wireless 4376 * core, although some of the other chips have more than 4377 * one wireless core as well. Check for this and 4378 * bail out early. 4379 */ 4380 if (!pdev || 4381 ((pdev->device != 0x4321) && 4382 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4383 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4384 return -ENODEV; 4385 } 4386 } 4387 4388 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4389 if (!wldev) 4390 goto out; 4391 4392 wldev->dev = dev; 4393 wldev->wl = wl; 4394 b43_set_status(wldev, B43_STAT_UNINIT); 4395 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4396 tasklet_init(&wldev->isr_tasklet, 4397 (void (*)(unsigned long))b43_interrupt_tasklet, 4398 (unsigned long)wldev); 4399 INIT_LIST_HEAD(&wldev->list); 4400 4401 err = b43_wireless_core_attach(wldev); 4402 if (err) 4403 goto err_kfree_wldev; 4404 4405 list_add(&wldev->list, &wl->devlist); 4406 wl->nr_devs++; 4407 ssb_set_drvdata(dev, wldev); 4408 b43_debugfs_add_device(wldev); 4409 4410 out: 4411 return err; 4412 4413 err_kfree_wldev: 4414 kfree(wldev); 4415 return err; 4416} 4417 4418#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4419 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4420 (pdev->device == _device) && \ 4421 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4422 (pdev->subsystem_device == _subdevice) ) 4423 4424static void b43_sprom_fixup(struct ssb_bus *bus) 4425{ 4426 struct pci_dev *pdev; 4427 4428 /* boardflags workarounds */ 4429 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4430 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4431 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4432 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4433 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4434 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4435 if (bus->bustype == SSB_BUSTYPE_PCI) { 4436 pdev = bus->host_pci; 4437 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4438 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4439 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013)) 4440 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4441 } 4442} 4443 4444static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4445{ 4446 struct ieee80211_hw *hw = wl->hw; 4447 4448 ssb_set_devtypedata(dev, NULL); 4449 ieee80211_free_hw(hw); 4450} 4451 4452static int b43_wireless_init(struct ssb_device *dev) 4453{ 4454 struct ssb_sprom *sprom = &dev->bus->sprom; 4455 struct ieee80211_hw *hw; 4456 struct b43_wl *wl; 4457 int err = -ENOMEM; 4458 4459 b43_sprom_fixup(dev->bus); 4460 4461 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4462 if (!hw) { 4463 b43err(NULL, "Could not allocate ieee80211 device\n"); 4464 goto out; 4465 } 4466 4467 /* fill hw info */ 4468 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE | 4469 IEEE80211_HW_RX_INCLUDES_FCS | 4470 IEEE80211_HW_SIGNAL_DBM | 4471 IEEE80211_HW_NOISE_DBM; 4472 4473 hw->queues = b43_modparam_qos ? 4 : 1; 4474 SET_IEEE80211_DEV(hw, dev->dev); 4475 if (is_valid_ether_addr(sprom->et1mac)) 4476 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4477 else 4478 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4479 4480 /* Get and initialize struct b43_wl */ 4481 wl = hw_to_b43_wl(hw); 4482 memset(wl, 0, sizeof(*wl)); 4483 wl->hw = hw; 4484 spin_lock_init(&wl->irq_lock); 4485 rwlock_init(&wl->tx_lock); 4486 spin_lock_init(&wl->leds_lock); 4487 spin_lock_init(&wl->shm_lock); 4488 mutex_init(&wl->mutex); 4489 INIT_LIST_HEAD(&wl->devlist); 4490 INIT_WORK(&wl->qos_update_work, b43_qos_update_work); 4491 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4492 4493 ssb_set_devtypedata(dev, wl); 4494 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id); 4495 err = 0; 4496 out: 4497 return err; 4498} 4499 4500static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4501{ 4502 struct b43_wl *wl; 4503 int err; 4504 int first = 0; 4505 4506 wl = ssb_get_devtypedata(dev); 4507 if (!wl) { 4508 /* Probing the first core. Must setup common struct b43_wl */ 4509 first = 1; 4510 err = b43_wireless_init(dev); 4511 if (err) 4512 goto out; 4513 wl = ssb_get_devtypedata(dev); 4514 B43_WARN_ON(!wl); 4515 } 4516 err = b43_one_core_attach(dev, wl); 4517 if (err) 4518 goto err_wireless_exit; 4519 4520 if (first) { 4521 err = ieee80211_register_hw(wl->hw); 4522 if (err) 4523 goto err_one_core_detach; 4524 } 4525 4526 out: 4527 return err; 4528 4529 err_one_core_detach: 4530 b43_one_core_detach(dev); 4531 err_wireless_exit: 4532 if (first) 4533 b43_wireless_exit(dev, wl); 4534 return err; 4535} 4536 4537static void b43_remove(struct ssb_device *dev) 4538{ 4539 struct b43_wl *wl = ssb_get_devtypedata(dev); 4540 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4541 4542 B43_WARN_ON(!wl); 4543 if (wl->current_dev == wldev) 4544 ieee80211_unregister_hw(wl->hw); 4545 4546 b43_one_core_detach(dev); 4547 4548 if (list_empty(&wl->devlist)) { 4549 /* Last core on the chip unregistered. 4550 * We can destroy common struct b43_wl. 4551 */ 4552 b43_wireless_exit(dev, wl); 4553 } 4554} 4555 4556/* Perform a hardware reset. This can be called from any context. */ 4557void b43_controller_restart(struct b43_wldev *dev, const char *reason) 4558{ 4559 /* Must avoid requeueing, if we are in shutdown. */ 4560 if (b43_status(dev) < B43_STAT_INITIALIZED) 4561 return; 4562 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 4563 queue_work(dev->wl->hw->workqueue, &dev->restart_work); 4564} 4565 4566#ifdef CONFIG_PM 4567 4568static int b43_suspend(struct ssb_device *dev, pm_message_t state) 4569{ 4570 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4571 struct b43_wl *wl = wldev->wl; 4572 4573 b43dbg(wl, "Suspending...\n"); 4574 4575 mutex_lock(&wl->mutex); 4576 wldev->suspend_in_progress = true; 4577 wldev->suspend_init_status = b43_status(wldev); 4578 if (wldev->suspend_init_status >= B43_STAT_STARTED) 4579 b43_wireless_core_stop(wldev); 4580 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) 4581 b43_wireless_core_exit(wldev); 4582 mutex_unlock(&wl->mutex); 4583 4584 b43dbg(wl, "Device suspended.\n"); 4585 4586 return 0; 4587} 4588 4589static int b43_resume(struct ssb_device *dev) 4590{ 4591 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4592 struct b43_wl *wl = wldev->wl; 4593 int err = 0; 4594 4595 b43dbg(wl, "Resuming...\n"); 4596 4597 mutex_lock(&wl->mutex); 4598 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) { 4599 err = b43_wireless_core_init(wldev); 4600 if (err) { 4601 b43err(wl, "Resume failed at core init\n"); 4602 goto out; 4603 } 4604 } 4605 if (wldev->suspend_init_status >= B43_STAT_STARTED) { 4606 err = b43_wireless_core_start(wldev); 4607 if (err) { 4608 b43_leds_exit(wldev); 4609 b43_rng_exit(wldev->wl); 4610 b43_wireless_core_exit(wldev); 4611 b43err(wl, "Resume failed at core start\n"); 4612 goto out; 4613 } 4614 } 4615 b43dbg(wl, "Device resumed.\n"); 4616 out: 4617 wldev->suspend_in_progress = false; 4618 mutex_unlock(&wl->mutex); 4619 return err; 4620} 4621 4622#else /* CONFIG_PM */ 4623# define b43_suspend NULL 4624# define b43_resume NULL 4625#endif /* CONFIG_PM */ 4626 4627static struct ssb_driver b43_ssb_driver = { 4628 .name = KBUILD_MODNAME, 4629 .id_table = b43_ssb_tbl, 4630 .probe = b43_probe, 4631 .remove = b43_remove, 4632 .suspend = b43_suspend, 4633 .resume = b43_resume, 4634}; 4635 4636static void b43_print_driverinfo(void) 4637{ 4638 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 4639 *feat_leds = "", *feat_rfkill = ""; 4640 4641#ifdef CONFIG_B43_PCI_AUTOSELECT 4642 feat_pci = "P"; 4643#endif 4644#ifdef CONFIG_B43_PCMCIA 4645 feat_pcmcia = "M"; 4646#endif 4647#ifdef CONFIG_B43_NPHY 4648 feat_nphy = "N"; 4649#endif 4650#ifdef CONFIG_B43_LEDS 4651 feat_leds = "L"; 4652#endif 4653#ifdef CONFIG_B43_RFKILL 4654 feat_rfkill = "R"; 4655#endif 4656 printk(KERN_INFO "Broadcom 43xx driver loaded " 4657 "[ Features: %s%s%s%s%s, Firmware-ID: " 4658 B43_SUPPORTED_FIRMWARE_ID " ]\n", 4659 feat_pci, feat_pcmcia, feat_nphy, 4660 feat_leds, feat_rfkill); 4661} 4662 4663static int __init b43_init(void) 4664{ 4665 int err; 4666 4667 b43_debugfs_init(); 4668 err = b43_pcmcia_init(); 4669 if (err) 4670 goto err_dfs_exit; 4671 err = ssb_driver_register(&b43_ssb_driver); 4672 if (err) 4673 goto err_pcmcia_exit; 4674 b43_print_driverinfo(); 4675 4676 return err; 4677 4678err_pcmcia_exit: 4679 b43_pcmcia_exit(); 4680err_dfs_exit: 4681 b43_debugfs_exit(); 4682 return err; 4683} 4684 4685static void __exit b43_exit(void) 4686{ 4687 ssb_driver_unregister(&b43_ssb_driver); 4688 b43_pcmcia_exit(); 4689 b43_debugfs_exit(); 4690} 4691 4692module_init(b43_init) 4693module_exit(b43_exit) 4694