main.c revision 97359d1235eaf634fe706c9faa6e40181cc95fb8
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <linux/slab.h> 46#include <asm/unaligned.h> 47 48#include "b43.h" 49#include "main.h" 50#include "debugfs.h" 51#include "phy_common.h" 52#include "phy_g.h" 53#include "phy_n.h" 54#include "dma.h" 55#include "pio.h" 56#include "sysfs.h" 57#include "xmit.h" 58#include "lo.h" 59#include "pcmcia.h" 60#include "sdio.h" 61#include <linux/mmc/sdio_func.h> 62 63MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 64MODULE_AUTHOR("Martin Langer"); 65MODULE_AUTHOR("Stefano Brivio"); 66MODULE_AUTHOR("Michael Buesch"); 67MODULE_AUTHOR("Gábor Stefanik"); 68MODULE_LICENSE("GPL"); 69 70MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 71MODULE_FIRMWARE("b43/ucode11.fw"); 72MODULE_FIRMWARE("b43/ucode13.fw"); 73MODULE_FIRMWARE("b43/ucode14.fw"); 74MODULE_FIRMWARE("b43/ucode15.fw"); 75MODULE_FIRMWARE("b43/ucode5.fw"); 76MODULE_FIRMWARE("b43/ucode9.fw"); 77 78static int modparam_bad_frames_preempt; 79module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 80MODULE_PARM_DESC(bad_frames_preempt, 81 "enable(1) / disable(0) Bad Frames Preemption"); 82 83static char modparam_fwpostfix[16]; 84module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 85MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 86 87static int modparam_hwpctl; 88module_param_named(hwpctl, modparam_hwpctl, int, 0444); 89MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 90 91static int modparam_nohwcrypt; 92module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 93MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 94 95static int modparam_hwtkip; 96module_param_named(hwtkip, modparam_hwtkip, int, 0444); 97MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 98 99static int modparam_qos = 1; 100module_param_named(qos, modparam_qos, int, 0444); 101MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 102 103static int modparam_btcoex = 1; 104module_param_named(btcoex, modparam_btcoex, int, 0444); 105MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 106 107int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 108module_param_named(verbose, b43_modparam_verbose, int, 0644); 109MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 110 111static int b43_modparam_pio = B43_PIO_DEFAULT; 112module_param_named(pio, b43_modparam_pio, int, 0644); 113MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO"); 114 115static const struct ssb_device_id b43_ssb_tbl[] = { 116 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12), 123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 126 SSB_DEVTABLE_END 127}; 128 129MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 130 131/* Channel and ratetables are shared for all devices. 132 * They can't be const, because ieee80211 puts some precalculated 133 * data in there. This data is the same for all devices, so we don't 134 * get concurrency issues */ 135#define RATETAB_ENT(_rateid, _flags) \ 136 { \ 137 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 138 .hw_value = (_rateid), \ 139 .flags = (_flags), \ 140 } 141 142/* 143 * NOTE: When changing this, sync with xmit.c's 144 * b43_plcp_get_bitrate_idx_* functions! 145 */ 146static struct ieee80211_rate __b43_ratetable[] = { 147 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 148 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 149 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 150 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 151 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 152 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 153 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 154 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 155 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 156 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 157 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 158 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 159}; 160 161#define b43_a_ratetable (__b43_ratetable + 4) 162#define b43_a_ratetable_size 8 163#define b43_b_ratetable (__b43_ratetable + 0) 164#define b43_b_ratetable_size 4 165#define b43_g_ratetable (__b43_ratetable + 0) 166#define b43_g_ratetable_size 12 167 168#define CHAN4G(_channel, _freq, _flags) { \ 169 .band = IEEE80211_BAND_2GHZ, \ 170 .center_freq = (_freq), \ 171 .hw_value = (_channel), \ 172 .flags = (_flags), \ 173 .max_antenna_gain = 0, \ 174 .max_power = 30, \ 175} 176static struct ieee80211_channel b43_2ghz_chantable[] = { 177 CHAN4G(1, 2412, 0), 178 CHAN4G(2, 2417, 0), 179 CHAN4G(3, 2422, 0), 180 CHAN4G(4, 2427, 0), 181 CHAN4G(5, 2432, 0), 182 CHAN4G(6, 2437, 0), 183 CHAN4G(7, 2442, 0), 184 CHAN4G(8, 2447, 0), 185 CHAN4G(9, 2452, 0), 186 CHAN4G(10, 2457, 0), 187 CHAN4G(11, 2462, 0), 188 CHAN4G(12, 2467, 0), 189 CHAN4G(13, 2472, 0), 190 CHAN4G(14, 2484, 0), 191}; 192#undef CHAN4G 193 194#define CHAN5G(_channel, _flags) { \ 195 .band = IEEE80211_BAND_5GHZ, \ 196 .center_freq = 5000 + (5 * (_channel)), \ 197 .hw_value = (_channel), \ 198 .flags = (_flags), \ 199 .max_antenna_gain = 0, \ 200 .max_power = 30, \ 201} 202static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 203 CHAN5G(32, 0), CHAN5G(34, 0), 204 CHAN5G(36, 0), CHAN5G(38, 0), 205 CHAN5G(40, 0), CHAN5G(42, 0), 206 CHAN5G(44, 0), CHAN5G(46, 0), 207 CHAN5G(48, 0), CHAN5G(50, 0), 208 CHAN5G(52, 0), CHAN5G(54, 0), 209 CHAN5G(56, 0), CHAN5G(58, 0), 210 CHAN5G(60, 0), CHAN5G(62, 0), 211 CHAN5G(64, 0), CHAN5G(66, 0), 212 CHAN5G(68, 0), CHAN5G(70, 0), 213 CHAN5G(72, 0), CHAN5G(74, 0), 214 CHAN5G(76, 0), CHAN5G(78, 0), 215 CHAN5G(80, 0), CHAN5G(82, 0), 216 CHAN5G(84, 0), CHAN5G(86, 0), 217 CHAN5G(88, 0), CHAN5G(90, 0), 218 CHAN5G(92, 0), CHAN5G(94, 0), 219 CHAN5G(96, 0), CHAN5G(98, 0), 220 CHAN5G(100, 0), CHAN5G(102, 0), 221 CHAN5G(104, 0), CHAN5G(106, 0), 222 CHAN5G(108, 0), CHAN5G(110, 0), 223 CHAN5G(112, 0), CHAN5G(114, 0), 224 CHAN5G(116, 0), CHAN5G(118, 0), 225 CHAN5G(120, 0), CHAN5G(122, 0), 226 CHAN5G(124, 0), CHAN5G(126, 0), 227 CHAN5G(128, 0), CHAN5G(130, 0), 228 CHAN5G(132, 0), CHAN5G(134, 0), 229 CHAN5G(136, 0), CHAN5G(138, 0), 230 CHAN5G(140, 0), CHAN5G(142, 0), 231 CHAN5G(144, 0), CHAN5G(145, 0), 232 CHAN5G(146, 0), CHAN5G(147, 0), 233 CHAN5G(148, 0), CHAN5G(149, 0), 234 CHAN5G(150, 0), CHAN5G(151, 0), 235 CHAN5G(152, 0), CHAN5G(153, 0), 236 CHAN5G(154, 0), CHAN5G(155, 0), 237 CHAN5G(156, 0), CHAN5G(157, 0), 238 CHAN5G(158, 0), CHAN5G(159, 0), 239 CHAN5G(160, 0), CHAN5G(161, 0), 240 CHAN5G(162, 0), CHAN5G(163, 0), 241 CHAN5G(164, 0), CHAN5G(165, 0), 242 CHAN5G(166, 0), CHAN5G(168, 0), 243 CHAN5G(170, 0), CHAN5G(172, 0), 244 CHAN5G(174, 0), CHAN5G(176, 0), 245 CHAN5G(178, 0), CHAN5G(180, 0), 246 CHAN5G(182, 0), CHAN5G(184, 0), 247 CHAN5G(186, 0), CHAN5G(188, 0), 248 CHAN5G(190, 0), CHAN5G(192, 0), 249 CHAN5G(194, 0), CHAN5G(196, 0), 250 CHAN5G(198, 0), CHAN5G(200, 0), 251 CHAN5G(202, 0), CHAN5G(204, 0), 252 CHAN5G(206, 0), CHAN5G(208, 0), 253 CHAN5G(210, 0), CHAN5G(212, 0), 254 CHAN5G(214, 0), CHAN5G(216, 0), 255 CHAN5G(218, 0), CHAN5G(220, 0), 256 CHAN5G(222, 0), CHAN5G(224, 0), 257 CHAN5G(226, 0), CHAN5G(228, 0), 258}; 259 260static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 261 CHAN5G(34, 0), CHAN5G(36, 0), 262 CHAN5G(38, 0), CHAN5G(40, 0), 263 CHAN5G(42, 0), CHAN5G(44, 0), 264 CHAN5G(46, 0), CHAN5G(48, 0), 265 CHAN5G(52, 0), CHAN5G(56, 0), 266 CHAN5G(60, 0), CHAN5G(64, 0), 267 CHAN5G(100, 0), CHAN5G(104, 0), 268 CHAN5G(108, 0), CHAN5G(112, 0), 269 CHAN5G(116, 0), CHAN5G(120, 0), 270 CHAN5G(124, 0), CHAN5G(128, 0), 271 CHAN5G(132, 0), CHAN5G(136, 0), 272 CHAN5G(140, 0), CHAN5G(149, 0), 273 CHAN5G(153, 0), CHAN5G(157, 0), 274 CHAN5G(161, 0), CHAN5G(165, 0), 275 CHAN5G(184, 0), CHAN5G(188, 0), 276 CHAN5G(192, 0), CHAN5G(196, 0), 277 CHAN5G(200, 0), CHAN5G(204, 0), 278 CHAN5G(208, 0), CHAN5G(212, 0), 279 CHAN5G(216, 0), 280}; 281#undef CHAN5G 282 283static struct ieee80211_supported_band b43_band_5GHz_nphy = { 284 .band = IEEE80211_BAND_5GHZ, 285 .channels = b43_5ghz_nphy_chantable, 286 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 287 .bitrates = b43_a_ratetable, 288 .n_bitrates = b43_a_ratetable_size, 289}; 290 291static struct ieee80211_supported_band b43_band_5GHz_aphy = { 292 .band = IEEE80211_BAND_5GHZ, 293 .channels = b43_5ghz_aphy_chantable, 294 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 295 .bitrates = b43_a_ratetable, 296 .n_bitrates = b43_a_ratetable_size, 297}; 298 299static struct ieee80211_supported_band b43_band_2GHz = { 300 .band = IEEE80211_BAND_2GHZ, 301 .channels = b43_2ghz_chantable, 302 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 303 .bitrates = b43_g_ratetable, 304 .n_bitrates = b43_g_ratetable_size, 305}; 306 307static void b43_wireless_core_exit(struct b43_wldev *dev); 308static int b43_wireless_core_init(struct b43_wldev *dev); 309static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 310static int b43_wireless_core_start(struct b43_wldev *dev); 311 312static int b43_ratelimit(struct b43_wl *wl) 313{ 314 if (!wl || !wl->current_dev) 315 return 1; 316 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 317 return 1; 318 /* We are up and running. 319 * Ratelimit the messages to avoid DoS over the net. */ 320 return net_ratelimit(); 321} 322 323void b43info(struct b43_wl *wl, const char *fmt, ...) 324{ 325 va_list args; 326 327 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 328 return; 329 if (!b43_ratelimit(wl)) 330 return; 331 va_start(args, fmt); 332 printk(KERN_INFO "b43-%s: ", 333 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 334 vprintk(fmt, args); 335 va_end(args); 336} 337 338void b43err(struct b43_wl *wl, const char *fmt, ...) 339{ 340 va_list args; 341 342 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 343 return; 344 if (!b43_ratelimit(wl)) 345 return; 346 va_start(args, fmt); 347 printk(KERN_ERR "b43-%s ERROR: ", 348 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 349 vprintk(fmt, args); 350 va_end(args); 351} 352 353void b43warn(struct b43_wl *wl, const char *fmt, ...) 354{ 355 va_list args; 356 357 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 358 return; 359 if (!b43_ratelimit(wl)) 360 return; 361 va_start(args, fmt); 362 printk(KERN_WARNING "b43-%s warning: ", 363 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 364 vprintk(fmt, args); 365 va_end(args); 366} 367 368void b43dbg(struct b43_wl *wl, const char *fmt, ...) 369{ 370 va_list args; 371 372 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 373 return; 374 va_start(args, fmt); 375 printk(KERN_DEBUG "b43-%s debug: ", 376 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 377 vprintk(fmt, args); 378 va_end(args); 379} 380 381static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 382{ 383 u32 macctl; 384 385 B43_WARN_ON(offset % 4 != 0); 386 387 macctl = b43_read32(dev, B43_MMIO_MACCTL); 388 if (macctl & B43_MACCTL_BE) 389 val = swab32(val); 390 391 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 392 mmiowb(); 393 b43_write32(dev, B43_MMIO_RAM_DATA, val); 394} 395 396static inline void b43_shm_control_word(struct b43_wldev *dev, 397 u16 routing, u16 offset) 398{ 399 u32 control; 400 401 /* "offset" is the WORD offset. */ 402 control = routing; 403 control <<= 16; 404 control |= offset; 405 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 406} 407 408u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 409{ 410 u32 ret; 411 412 if (routing == B43_SHM_SHARED) { 413 B43_WARN_ON(offset & 0x0001); 414 if (offset & 0x0003) { 415 /* Unaligned access */ 416 b43_shm_control_word(dev, routing, offset >> 2); 417 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 418 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 419 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 420 421 goto out; 422 } 423 offset >>= 2; 424 } 425 b43_shm_control_word(dev, routing, offset); 426 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 427out: 428 return ret; 429} 430 431u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 432{ 433 u16 ret; 434 435 if (routing == B43_SHM_SHARED) { 436 B43_WARN_ON(offset & 0x0001); 437 if (offset & 0x0003) { 438 /* Unaligned access */ 439 b43_shm_control_word(dev, routing, offset >> 2); 440 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 441 442 goto out; 443 } 444 offset >>= 2; 445 } 446 b43_shm_control_word(dev, routing, offset); 447 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 448out: 449 return ret; 450} 451 452void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 453{ 454 if (routing == B43_SHM_SHARED) { 455 B43_WARN_ON(offset & 0x0001); 456 if (offset & 0x0003) { 457 /* Unaligned access */ 458 b43_shm_control_word(dev, routing, offset >> 2); 459 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 460 value & 0xFFFF); 461 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 462 b43_write16(dev, B43_MMIO_SHM_DATA, 463 (value >> 16) & 0xFFFF); 464 return; 465 } 466 offset >>= 2; 467 } 468 b43_shm_control_word(dev, routing, offset); 469 b43_write32(dev, B43_MMIO_SHM_DATA, value); 470} 471 472void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 473{ 474 if (routing == B43_SHM_SHARED) { 475 B43_WARN_ON(offset & 0x0001); 476 if (offset & 0x0003) { 477 /* Unaligned access */ 478 b43_shm_control_word(dev, routing, offset >> 2); 479 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 480 return; 481 } 482 offset >>= 2; 483 } 484 b43_shm_control_word(dev, routing, offset); 485 b43_write16(dev, B43_MMIO_SHM_DATA, value); 486} 487 488/* Read HostFlags */ 489u64 b43_hf_read(struct b43_wldev *dev) 490{ 491 u64 ret; 492 493 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 494 ret <<= 16; 495 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 496 ret <<= 16; 497 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 498 499 return ret; 500} 501 502/* Write HostFlags */ 503void b43_hf_write(struct b43_wldev *dev, u64 value) 504{ 505 u16 lo, mi, hi; 506 507 lo = (value & 0x00000000FFFFULL); 508 mi = (value & 0x0000FFFF0000ULL) >> 16; 509 hi = (value & 0xFFFF00000000ULL) >> 32; 510 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 511 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 512 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 513} 514 515/* Read the firmware capabilities bitmask (Opensource firmware only) */ 516static u16 b43_fwcapa_read(struct b43_wldev *dev) 517{ 518 B43_WARN_ON(!dev->fw.opensource); 519 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 520} 521 522void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 523{ 524 u32 low, high; 525 526 B43_WARN_ON(dev->dev->id.revision < 3); 527 528 /* The hardware guarantees us an atomic read, if we 529 * read the low register first. */ 530 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 531 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 532 533 *tsf = high; 534 *tsf <<= 32; 535 *tsf |= low; 536} 537 538static void b43_time_lock(struct b43_wldev *dev) 539{ 540 u32 macctl; 541 542 macctl = b43_read32(dev, B43_MMIO_MACCTL); 543 macctl |= B43_MACCTL_TBTTHOLD; 544 b43_write32(dev, B43_MMIO_MACCTL, macctl); 545 /* Commit the write */ 546 b43_read32(dev, B43_MMIO_MACCTL); 547} 548 549static void b43_time_unlock(struct b43_wldev *dev) 550{ 551 u32 macctl; 552 553 macctl = b43_read32(dev, B43_MMIO_MACCTL); 554 macctl &= ~B43_MACCTL_TBTTHOLD; 555 b43_write32(dev, B43_MMIO_MACCTL, macctl); 556 /* Commit the write */ 557 b43_read32(dev, B43_MMIO_MACCTL); 558} 559 560static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 561{ 562 u32 low, high; 563 564 B43_WARN_ON(dev->dev->id.revision < 3); 565 566 low = tsf; 567 high = (tsf >> 32); 568 /* The hardware guarantees us an atomic write, if we 569 * write the low register first. */ 570 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 571 mmiowb(); 572 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 573 mmiowb(); 574} 575 576void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 577{ 578 b43_time_lock(dev); 579 b43_tsf_write_locked(dev, tsf); 580 b43_time_unlock(dev); 581} 582 583static 584void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 585{ 586 static const u8 zero_addr[ETH_ALEN] = { 0 }; 587 u16 data; 588 589 if (!mac) 590 mac = zero_addr; 591 592 offset |= 0x0020; 593 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 594 595 data = mac[0]; 596 data |= mac[1] << 8; 597 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 598 data = mac[2]; 599 data |= mac[3] << 8; 600 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 601 data = mac[4]; 602 data |= mac[5] << 8; 603 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 604} 605 606static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 607{ 608 const u8 *mac; 609 const u8 *bssid; 610 u8 mac_bssid[ETH_ALEN * 2]; 611 int i; 612 u32 tmp; 613 614 bssid = dev->wl->bssid; 615 mac = dev->wl->mac_addr; 616 617 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 618 619 memcpy(mac_bssid, mac, ETH_ALEN); 620 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 621 622 /* Write our MAC address and BSSID to template ram */ 623 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 624 tmp = (u32) (mac_bssid[i + 0]); 625 tmp |= (u32) (mac_bssid[i + 1]) << 8; 626 tmp |= (u32) (mac_bssid[i + 2]) << 16; 627 tmp |= (u32) (mac_bssid[i + 3]) << 24; 628 b43_ram_write(dev, 0x20 + i, tmp); 629 } 630} 631 632static void b43_upload_card_macaddress(struct b43_wldev *dev) 633{ 634 b43_write_mac_bssid_templates(dev); 635 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 636} 637 638static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 639{ 640 /* slot_time is in usec. */ 641 /* This test used to exit for all but a G PHY. */ 642 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ) 643 return; 644 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time); 645 /* Shared memory location 0x0010 is the slot time and should be 646 * set to slot_time; however, this register is initially 0 and changing 647 * the value adversely affects the transmit rate for BCM4311 648 * devices. Until this behavior is unterstood, delete this step 649 * 650 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 651 */ 652} 653 654static void b43_short_slot_timing_enable(struct b43_wldev *dev) 655{ 656 b43_set_slot_time(dev, 9); 657} 658 659static void b43_short_slot_timing_disable(struct b43_wldev *dev) 660{ 661 b43_set_slot_time(dev, 20); 662} 663 664/* DummyTransmission function, as documented on 665 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 666 */ 667void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 668{ 669 struct b43_phy *phy = &dev->phy; 670 unsigned int i, max_loop; 671 u16 value; 672 u32 buffer[5] = { 673 0x00000000, 674 0x00D40000, 675 0x00000000, 676 0x01000000, 677 0x00000000, 678 }; 679 680 if (ofdm) { 681 max_loop = 0x1E; 682 buffer[0] = 0x000201CC; 683 } else { 684 max_loop = 0xFA; 685 buffer[0] = 0x000B846E; 686 } 687 688 for (i = 0; i < 5; i++) 689 b43_ram_write(dev, i * 4, buffer[i]); 690 691 b43_write16(dev, 0x0568, 0x0000); 692 if (dev->dev->id.revision < 11) 693 b43_write16(dev, 0x07C0, 0x0000); 694 else 695 b43_write16(dev, 0x07C0, 0x0100); 696 value = (ofdm ? 0x41 : 0x40); 697 b43_write16(dev, 0x050C, value); 698 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 699 b43_write16(dev, 0x0514, 0x1A02); 700 b43_write16(dev, 0x0508, 0x0000); 701 b43_write16(dev, 0x050A, 0x0000); 702 b43_write16(dev, 0x054C, 0x0000); 703 b43_write16(dev, 0x056A, 0x0014); 704 b43_write16(dev, 0x0568, 0x0826); 705 b43_write16(dev, 0x0500, 0x0000); 706 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 707 //SPEC TODO 708 } 709 710 switch (phy->type) { 711 case B43_PHYTYPE_N: 712 b43_write16(dev, 0x0502, 0x00D0); 713 break; 714 case B43_PHYTYPE_LP: 715 b43_write16(dev, 0x0502, 0x0050); 716 break; 717 default: 718 b43_write16(dev, 0x0502, 0x0030); 719 } 720 721 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 722 b43_radio_write16(dev, 0x0051, 0x0017); 723 for (i = 0x00; i < max_loop; i++) { 724 value = b43_read16(dev, 0x050E); 725 if (value & 0x0080) 726 break; 727 udelay(10); 728 } 729 for (i = 0x00; i < 0x0A; i++) { 730 value = b43_read16(dev, 0x050E); 731 if (value & 0x0400) 732 break; 733 udelay(10); 734 } 735 for (i = 0x00; i < 0x19; i++) { 736 value = b43_read16(dev, 0x0690); 737 if (!(value & 0x0100)) 738 break; 739 udelay(10); 740 } 741 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 742 b43_radio_write16(dev, 0x0051, 0x0037); 743} 744 745static void key_write(struct b43_wldev *dev, 746 u8 index, u8 algorithm, const u8 *key) 747{ 748 unsigned int i; 749 u32 offset; 750 u16 value; 751 u16 kidx; 752 753 /* Key index/algo block */ 754 kidx = b43_kidx_to_fw(dev, index); 755 value = ((kidx << 4) | algorithm); 756 b43_shm_write16(dev, B43_SHM_SHARED, 757 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 758 759 /* Write the key to the Key Table Pointer offset */ 760 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 761 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 762 value = key[i]; 763 value |= (u16) (key[i + 1]) << 8; 764 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 765 } 766} 767 768static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 769{ 770 u32 addrtmp[2] = { 0, 0, }; 771 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 772 773 if (b43_new_kidx_api(dev)) 774 pairwise_keys_start = B43_NR_GROUP_KEYS; 775 776 B43_WARN_ON(index < pairwise_keys_start); 777 /* We have four default TX keys and possibly four default RX keys. 778 * Physical mac 0 is mapped to physical key 4 or 8, depending 779 * on the firmware version. 780 * So we must adjust the index here. 781 */ 782 index -= pairwise_keys_start; 783 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 784 785 if (addr) { 786 addrtmp[0] = addr[0]; 787 addrtmp[0] |= ((u32) (addr[1]) << 8); 788 addrtmp[0] |= ((u32) (addr[2]) << 16); 789 addrtmp[0] |= ((u32) (addr[3]) << 24); 790 addrtmp[1] = addr[4]; 791 addrtmp[1] |= ((u32) (addr[5]) << 8); 792 } 793 794 /* Receive match transmitter address (RCMTA) mechanism */ 795 b43_shm_write32(dev, B43_SHM_RCMTA, 796 (index * 2) + 0, addrtmp[0]); 797 b43_shm_write16(dev, B43_SHM_RCMTA, 798 (index * 2) + 1, addrtmp[1]); 799} 800 801/* The ucode will use phase1 key with TEK key to decrypt rx packets. 802 * When a packet is received, the iv32 is checked. 803 * - if it doesn't the packet is returned without modification (and software 804 * decryption can be done). That's what happen when iv16 wrap. 805 * - if it does, the rc4 key is computed, and decryption is tried. 806 * Either it will success and B43_RX_MAC_DEC is returned, 807 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 808 * and the packet is not usable (it got modified by the ucode). 809 * So in order to never have B43_RX_MAC_DECERR, we should provide 810 * a iv32 and phase1key that match. Because we drop packets in case of 811 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 812 * packets will be lost without higher layer knowing (ie no resync possible 813 * until next wrap). 814 * 815 * NOTE : this should support 50 key like RCMTA because 816 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 817 */ 818static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 819 u16 *phase1key) 820{ 821 unsigned int i; 822 u32 offset; 823 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 824 825 if (!modparam_hwtkip) 826 return; 827 828 if (b43_new_kidx_api(dev)) 829 pairwise_keys_start = B43_NR_GROUP_KEYS; 830 831 B43_WARN_ON(index < pairwise_keys_start); 832 /* We have four default TX keys and possibly four default RX keys. 833 * Physical mac 0 is mapped to physical key 4 or 8, depending 834 * on the firmware version. 835 * So we must adjust the index here. 836 */ 837 index -= pairwise_keys_start; 838 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 839 840 if (b43_debug(dev, B43_DBG_KEYS)) { 841 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 842 index, iv32); 843 } 844 /* Write the key to the RX tkip shared mem */ 845 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 846 for (i = 0; i < 10; i += 2) { 847 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 848 phase1key ? phase1key[i / 2] : 0); 849 } 850 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 851 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 852} 853 854static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 855 struct ieee80211_vif *vif, 856 struct ieee80211_key_conf *keyconf, 857 struct ieee80211_sta *sta, 858 u32 iv32, u16 *phase1key) 859{ 860 struct b43_wl *wl = hw_to_b43_wl(hw); 861 struct b43_wldev *dev; 862 int index = keyconf->hw_key_idx; 863 864 if (B43_WARN_ON(!modparam_hwtkip)) 865 return; 866 867 /* This is only called from the RX path through mac80211, where 868 * our mutex is already locked. */ 869 B43_WARN_ON(!mutex_is_locked(&wl->mutex)); 870 dev = wl->current_dev; 871 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED); 872 873 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 874 875 rx_tkip_phase1_write(dev, index, iv32, phase1key); 876 /* only pairwise TKIP keys are supported right now */ 877 if (WARN_ON(!sta)) 878 return; 879 keymac_write(dev, index, sta->addr); 880} 881 882static void do_key_write(struct b43_wldev *dev, 883 u8 index, u8 algorithm, 884 const u8 *key, size_t key_len, const u8 *mac_addr) 885{ 886 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 887 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 888 889 if (b43_new_kidx_api(dev)) 890 pairwise_keys_start = B43_NR_GROUP_KEYS; 891 892 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 893 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 894 895 if (index >= pairwise_keys_start) 896 keymac_write(dev, index, NULL); /* First zero out mac. */ 897 if (algorithm == B43_SEC_ALGO_TKIP) { 898 /* 899 * We should provide an initial iv32, phase1key pair. 900 * We could start with iv32=0 and compute the corresponding 901 * phase1key, but this means calling ieee80211_get_tkip_key 902 * with a fake skb (or export other tkip function). 903 * Because we are lazy we hope iv32 won't start with 904 * 0xffffffff and let's b43_op_update_tkip_key provide a 905 * correct pair. 906 */ 907 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 908 } else if (index >= pairwise_keys_start) /* clear it */ 909 rx_tkip_phase1_write(dev, index, 0, NULL); 910 if (key) 911 memcpy(buf, key, key_len); 912 key_write(dev, index, algorithm, buf); 913 if (index >= pairwise_keys_start) 914 keymac_write(dev, index, mac_addr); 915 916 dev->key[index].algorithm = algorithm; 917} 918 919static int b43_key_write(struct b43_wldev *dev, 920 int index, u8 algorithm, 921 const u8 *key, size_t key_len, 922 const u8 *mac_addr, 923 struct ieee80211_key_conf *keyconf) 924{ 925 int i; 926 int pairwise_keys_start; 927 928 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 929 * - Temporal Encryption Key (128 bits) 930 * - Temporal Authenticator Tx MIC Key (64 bits) 931 * - Temporal Authenticator Rx MIC Key (64 bits) 932 * 933 * Hardware only store TEK 934 */ 935 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 936 key_len = 16; 937 if (key_len > B43_SEC_KEYSIZE) 938 return -EINVAL; 939 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 940 /* Check that we don't already have this key. */ 941 B43_WARN_ON(dev->key[i].keyconf == keyconf); 942 } 943 if (index < 0) { 944 /* Pairwise key. Get an empty slot for the key. */ 945 if (b43_new_kidx_api(dev)) 946 pairwise_keys_start = B43_NR_GROUP_KEYS; 947 else 948 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 949 for (i = pairwise_keys_start; 950 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 951 i++) { 952 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 953 if (!dev->key[i].keyconf) { 954 /* found empty */ 955 index = i; 956 break; 957 } 958 } 959 if (index < 0) { 960 b43warn(dev->wl, "Out of hardware key memory\n"); 961 return -ENOSPC; 962 } 963 } else 964 B43_WARN_ON(index > 3); 965 966 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 967 if ((index <= 3) && !b43_new_kidx_api(dev)) { 968 /* Default RX key */ 969 B43_WARN_ON(mac_addr); 970 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 971 } 972 keyconf->hw_key_idx = index; 973 dev->key[index].keyconf = keyconf; 974 975 return 0; 976} 977 978static int b43_key_clear(struct b43_wldev *dev, int index) 979{ 980 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 981 return -EINVAL; 982 do_key_write(dev, index, B43_SEC_ALGO_NONE, 983 NULL, B43_SEC_KEYSIZE, NULL); 984 if ((index <= 3) && !b43_new_kidx_api(dev)) { 985 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 986 NULL, B43_SEC_KEYSIZE, NULL); 987 } 988 dev->key[index].keyconf = NULL; 989 990 return 0; 991} 992 993static void b43_clear_keys(struct b43_wldev *dev) 994{ 995 int i, count; 996 997 if (b43_new_kidx_api(dev)) 998 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 999 else 1000 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1001 for (i = 0; i < count; i++) 1002 b43_key_clear(dev, i); 1003} 1004 1005static void b43_dump_keymemory(struct b43_wldev *dev) 1006{ 1007 unsigned int i, index, count, offset, pairwise_keys_start; 1008 u8 mac[ETH_ALEN]; 1009 u16 algo; 1010 u32 rcmta0; 1011 u16 rcmta1; 1012 u64 hf; 1013 struct b43_key *key; 1014 1015 if (!b43_debug(dev, B43_DBG_KEYS)) 1016 return; 1017 1018 hf = b43_hf_read(dev); 1019 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1020 !!(hf & B43_HF_USEDEFKEYS)); 1021 if (b43_new_kidx_api(dev)) { 1022 pairwise_keys_start = B43_NR_GROUP_KEYS; 1023 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1024 } else { 1025 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1026 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1027 } 1028 for (index = 0; index < count; index++) { 1029 key = &(dev->key[index]); 1030 printk(KERN_DEBUG "Key slot %02u: %s", 1031 index, (key->keyconf == NULL) ? " " : "*"); 1032 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1033 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1034 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1035 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1036 } 1037 1038 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1039 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1040 printk(" Algo: %04X/%02X", algo, key->algorithm); 1041 1042 if (index >= pairwise_keys_start) { 1043 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1044 printk(" TKIP: "); 1045 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1046 for (i = 0; i < 14; i += 2) { 1047 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1048 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1049 } 1050 } 1051 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1052 ((index - pairwise_keys_start) * 2) + 0); 1053 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1054 ((index - pairwise_keys_start) * 2) + 1); 1055 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1056 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1057 printk(" MAC: %pM", mac); 1058 } else 1059 printk(" DEFAULT KEY"); 1060 printk("\n"); 1061 } 1062} 1063 1064void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1065{ 1066 u32 macctl; 1067 u16 ucstat; 1068 bool hwps; 1069 bool awake; 1070 int i; 1071 1072 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1073 (ps_flags & B43_PS_DISABLED)); 1074 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1075 1076 if (ps_flags & B43_PS_ENABLED) { 1077 hwps = 1; 1078 } else if (ps_flags & B43_PS_DISABLED) { 1079 hwps = 0; 1080 } else { 1081 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1082 // and thus is not an AP and we are associated, set bit 25 1083 } 1084 if (ps_flags & B43_PS_AWAKE) { 1085 awake = 1; 1086 } else if (ps_flags & B43_PS_ASLEEP) { 1087 awake = 0; 1088 } else { 1089 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1090 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1091 // successful, set bit26 1092 } 1093 1094/* FIXME: For now we force awake-on and hwps-off */ 1095 hwps = 0; 1096 awake = 1; 1097 1098 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1099 if (hwps) 1100 macctl |= B43_MACCTL_HWPS; 1101 else 1102 macctl &= ~B43_MACCTL_HWPS; 1103 if (awake) 1104 macctl |= B43_MACCTL_AWAKE; 1105 else 1106 macctl &= ~B43_MACCTL_AWAKE; 1107 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1108 /* Commit write */ 1109 b43_read32(dev, B43_MMIO_MACCTL); 1110 if (awake && dev->dev->id.revision >= 5) { 1111 /* Wait for the microcode to wake up. */ 1112 for (i = 0; i < 100; i++) { 1113 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1114 B43_SHM_SH_UCODESTAT); 1115 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1116 break; 1117 udelay(10); 1118 } 1119 } 1120} 1121 1122void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1123{ 1124 u32 tmslow; 1125 u32 macctl; 1126 1127 flags |= B43_TMSLOW_PHYCLKEN; 1128 flags |= B43_TMSLOW_PHYRESET; 1129 ssb_device_enable(dev->dev, flags); 1130 msleep(2); /* Wait for the PLL to turn on. */ 1131 1132 /* Now take the PHY out of Reset again */ 1133 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1134 tmslow |= SSB_TMSLOW_FGC; 1135 tmslow &= ~B43_TMSLOW_PHYRESET; 1136 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1137 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1138 msleep(1); 1139 tmslow &= ~SSB_TMSLOW_FGC; 1140 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1141 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1142 msleep(1); 1143 1144 /* Turn Analog ON, but only if we already know the PHY-type. 1145 * This protects against very early setup where we don't know the 1146 * PHY-type, yet. wireless_core_reset will be called once again later, 1147 * when we know the PHY-type. */ 1148 if (dev->phy.ops) 1149 dev->phy.ops->switch_analog(dev, 1); 1150 1151 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1152 macctl &= ~B43_MACCTL_GMODE; 1153 if (flags & B43_TMSLOW_GMODE) 1154 macctl |= B43_MACCTL_GMODE; 1155 macctl |= B43_MACCTL_IHR_ENABLED; 1156 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1157} 1158 1159static void handle_irq_transmit_status(struct b43_wldev *dev) 1160{ 1161 u32 v0, v1; 1162 u16 tmp; 1163 struct b43_txstatus stat; 1164 1165 while (1) { 1166 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1167 if (!(v0 & 0x00000001)) 1168 break; 1169 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1170 1171 stat.cookie = (v0 >> 16); 1172 stat.seq = (v1 & 0x0000FFFF); 1173 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1174 tmp = (v0 & 0x0000FFFF); 1175 stat.frame_count = ((tmp & 0xF000) >> 12); 1176 stat.rts_count = ((tmp & 0x0F00) >> 8); 1177 stat.supp_reason = ((tmp & 0x001C) >> 2); 1178 stat.pm_indicated = !!(tmp & 0x0080); 1179 stat.intermediate = !!(tmp & 0x0040); 1180 stat.for_ampdu = !!(tmp & 0x0020); 1181 stat.acked = !!(tmp & 0x0002); 1182 1183 b43_handle_txstatus(dev, &stat); 1184 } 1185} 1186 1187static void drain_txstatus_queue(struct b43_wldev *dev) 1188{ 1189 u32 dummy; 1190 1191 if (dev->dev->id.revision < 5) 1192 return; 1193 /* Read all entries from the microcode TXstatus FIFO 1194 * and throw them away. 1195 */ 1196 while (1) { 1197 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1198 if (!(dummy & 0x00000001)) 1199 break; 1200 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1201 } 1202} 1203 1204static u32 b43_jssi_read(struct b43_wldev *dev) 1205{ 1206 u32 val = 0; 1207 1208 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1209 val <<= 16; 1210 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1211 1212 return val; 1213} 1214 1215static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1216{ 1217 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1218 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1219} 1220 1221static void b43_generate_noise_sample(struct b43_wldev *dev) 1222{ 1223 b43_jssi_write(dev, 0x7F7F7F7F); 1224 b43_write32(dev, B43_MMIO_MACCMD, 1225 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1226} 1227 1228static void b43_calculate_link_quality(struct b43_wldev *dev) 1229{ 1230 /* Top half of Link Quality calculation. */ 1231 1232 if (dev->phy.type != B43_PHYTYPE_G) 1233 return; 1234 if (dev->noisecalc.calculation_running) 1235 return; 1236 dev->noisecalc.calculation_running = 1; 1237 dev->noisecalc.nr_samples = 0; 1238 1239 b43_generate_noise_sample(dev); 1240} 1241 1242static void handle_irq_noise(struct b43_wldev *dev) 1243{ 1244 struct b43_phy_g *phy = dev->phy.g; 1245 u16 tmp; 1246 u8 noise[4]; 1247 u8 i, j; 1248 s32 average; 1249 1250 /* Bottom half of Link Quality calculation. */ 1251 1252 if (dev->phy.type != B43_PHYTYPE_G) 1253 return; 1254 1255 /* Possible race condition: It might be possible that the user 1256 * changed to a different channel in the meantime since we 1257 * started the calculation. We ignore that fact, since it's 1258 * not really that much of a problem. The background noise is 1259 * an estimation only anyway. Slightly wrong results will get damped 1260 * by the averaging of the 8 sample rounds. Additionally the 1261 * value is shortlived. So it will be replaced by the next noise 1262 * calculation round soon. */ 1263 1264 B43_WARN_ON(!dev->noisecalc.calculation_running); 1265 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1266 if (noise[0] == 0x7F || noise[1] == 0x7F || 1267 noise[2] == 0x7F || noise[3] == 0x7F) 1268 goto generate_new; 1269 1270 /* Get the noise samples. */ 1271 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1272 i = dev->noisecalc.nr_samples; 1273 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1274 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1275 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1276 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1277 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1278 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1279 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1280 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1281 dev->noisecalc.nr_samples++; 1282 if (dev->noisecalc.nr_samples == 8) { 1283 /* Calculate the Link Quality by the noise samples. */ 1284 average = 0; 1285 for (i = 0; i < 8; i++) { 1286 for (j = 0; j < 4; j++) 1287 average += dev->noisecalc.samples[i][j]; 1288 } 1289 average /= (8 * 4); 1290 average *= 125; 1291 average += 64; 1292 average /= 128; 1293 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1294 tmp = (tmp / 128) & 0x1F; 1295 if (tmp >= 8) 1296 average += 2; 1297 else 1298 average -= 25; 1299 if (tmp == 8) 1300 average -= 72; 1301 else 1302 average -= 48; 1303 1304 dev->stats.link_noise = average; 1305 dev->noisecalc.calculation_running = 0; 1306 return; 1307 } 1308generate_new: 1309 b43_generate_noise_sample(dev); 1310} 1311 1312static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1313{ 1314 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1315 ///TODO: PS TBTT 1316 } else { 1317 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1318 b43_power_saving_ctl_bits(dev, 0); 1319 } 1320 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1321 dev->dfq_valid = 1; 1322} 1323 1324static void handle_irq_atim_end(struct b43_wldev *dev) 1325{ 1326 if (dev->dfq_valid) { 1327 b43_write32(dev, B43_MMIO_MACCMD, 1328 b43_read32(dev, B43_MMIO_MACCMD) 1329 | B43_MACCMD_DFQ_VALID); 1330 dev->dfq_valid = 0; 1331 } 1332} 1333 1334static void handle_irq_pmq(struct b43_wldev *dev) 1335{ 1336 u32 tmp; 1337 1338 //TODO: AP mode. 1339 1340 while (1) { 1341 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1342 if (!(tmp & 0x00000008)) 1343 break; 1344 } 1345 /* 16bit write is odd, but correct. */ 1346 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1347} 1348 1349static void b43_write_template_common(struct b43_wldev *dev, 1350 const u8 *data, u16 size, 1351 u16 ram_offset, 1352 u16 shm_size_offset, u8 rate) 1353{ 1354 u32 i, tmp; 1355 struct b43_plcp_hdr4 plcp; 1356 1357 plcp.data = 0; 1358 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1359 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1360 ram_offset += sizeof(u32); 1361 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1362 * So leave the first two bytes of the next write blank. 1363 */ 1364 tmp = (u32) (data[0]) << 16; 1365 tmp |= (u32) (data[1]) << 24; 1366 b43_ram_write(dev, ram_offset, tmp); 1367 ram_offset += sizeof(u32); 1368 for (i = 2; i < size; i += sizeof(u32)) { 1369 tmp = (u32) (data[i + 0]); 1370 if (i + 1 < size) 1371 tmp |= (u32) (data[i + 1]) << 8; 1372 if (i + 2 < size) 1373 tmp |= (u32) (data[i + 2]) << 16; 1374 if (i + 3 < size) 1375 tmp |= (u32) (data[i + 3]) << 24; 1376 b43_ram_write(dev, ram_offset + i - 2, tmp); 1377 } 1378 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1379 size + sizeof(struct b43_plcp_hdr6)); 1380} 1381 1382/* Check if the use of the antenna that ieee80211 told us to 1383 * use is possible. This will fall back to DEFAULT. 1384 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1385u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1386 u8 antenna_nr) 1387{ 1388 u8 antenna_mask; 1389 1390 if (antenna_nr == 0) { 1391 /* Zero means "use default antenna". That's always OK. */ 1392 return 0; 1393 } 1394 1395 /* Get the mask of available antennas. */ 1396 if (dev->phy.gmode) 1397 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1398 else 1399 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1400 1401 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1402 /* This antenna is not available. Fall back to default. */ 1403 return 0; 1404 } 1405 1406 return antenna_nr; 1407} 1408 1409/* Convert a b43 antenna number value to the PHY TX control value. */ 1410static u16 b43_antenna_to_phyctl(int antenna) 1411{ 1412 switch (antenna) { 1413 case B43_ANTENNA0: 1414 return B43_TXH_PHY_ANT0; 1415 case B43_ANTENNA1: 1416 return B43_TXH_PHY_ANT1; 1417 case B43_ANTENNA2: 1418 return B43_TXH_PHY_ANT2; 1419 case B43_ANTENNA3: 1420 return B43_TXH_PHY_ANT3; 1421 case B43_ANTENNA_AUTO0: 1422 case B43_ANTENNA_AUTO1: 1423 return B43_TXH_PHY_ANT01AUTO; 1424 } 1425 B43_WARN_ON(1); 1426 return 0; 1427} 1428 1429static void b43_write_beacon_template(struct b43_wldev *dev, 1430 u16 ram_offset, 1431 u16 shm_size_offset) 1432{ 1433 unsigned int i, len, variable_len; 1434 const struct ieee80211_mgmt *bcn; 1435 const u8 *ie; 1436 bool tim_found = 0; 1437 unsigned int rate; 1438 u16 ctl; 1439 int antenna; 1440 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1441 1442 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1443 len = min((size_t) dev->wl->current_beacon->len, 1444 0x200 - sizeof(struct b43_plcp_hdr6)); 1445 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1446 1447 b43_write_template_common(dev, (const u8 *)bcn, 1448 len, ram_offset, shm_size_offset, rate); 1449 1450 /* Write the PHY TX control parameters. */ 1451 antenna = B43_ANTENNA_DEFAULT; 1452 antenna = b43_antenna_to_phyctl(antenna); 1453 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1454 /* We can't send beacons with short preamble. Would get PHY errors. */ 1455 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1456 ctl &= ~B43_TXH_PHY_ANT; 1457 ctl &= ~B43_TXH_PHY_ENC; 1458 ctl |= antenna; 1459 if (b43_is_cck_rate(rate)) 1460 ctl |= B43_TXH_PHY_ENC_CCK; 1461 else 1462 ctl |= B43_TXH_PHY_ENC_OFDM; 1463 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1464 1465 /* Find the position of the TIM and the DTIM_period value 1466 * and write them to SHM. */ 1467 ie = bcn->u.beacon.variable; 1468 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1469 for (i = 0; i < variable_len - 2; ) { 1470 uint8_t ie_id, ie_len; 1471 1472 ie_id = ie[i]; 1473 ie_len = ie[i + 1]; 1474 if (ie_id == 5) { 1475 u16 tim_position; 1476 u16 dtim_period; 1477 /* This is the TIM Information Element */ 1478 1479 /* Check whether the ie_len is in the beacon data range. */ 1480 if (variable_len < ie_len + 2 + i) 1481 break; 1482 /* A valid TIM is at least 4 bytes long. */ 1483 if (ie_len < 4) 1484 break; 1485 tim_found = 1; 1486 1487 tim_position = sizeof(struct b43_plcp_hdr6); 1488 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1489 tim_position += i; 1490 1491 dtim_period = ie[i + 3]; 1492 1493 b43_shm_write16(dev, B43_SHM_SHARED, 1494 B43_SHM_SH_TIMBPOS, tim_position); 1495 b43_shm_write16(dev, B43_SHM_SHARED, 1496 B43_SHM_SH_DTIMPER, dtim_period); 1497 break; 1498 } 1499 i += ie_len + 2; 1500 } 1501 if (!tim_found) { 1502 /* 1503 * If ucode wants to modify TIM do it behind the beacon, this 1504 * will happen, for example, when doing mesh networking. 1505 */ 1506 b43_shm_write16(dev, B43_SHM_SHARED, 1507 B43_SHM_SH_TIMBPOS, 1508 len + sizeof(struct b43_plcp_hdr6)); 1509 b43_shm_write16(dev, B43_SHM_SHARED, 1510 B43_SHM_SH_DTIMPER, 0); 1511 } 1512 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1513} 1514 1515static void b43_upload_beacon0(struct b43_wldev *dev) 1516{ 1517 struct b43_wl *wl = dev->wl; 1518 1519 if (wl->beacon0_uploaded) 1520 return; 1521 b43_write_beacon_template(dev, 0x68, 0x18); 1522 wl->beacon0_uploaded = 1; 1523} 1524 1525static void b43_upload_beacon1(struct b43_wldev *dev) 1526{ 1527 struct b43_wl *wl = dev->wl; 1528 1529 if (wl->beacon1_uploaded) 1530 return; 1531 b43_write_beacon_template(dev, 0x468, 0x1A); 1532 wl->beacon1_uploaded = 1; 1533} 1534 1535static void handle_irq_beacon(struct b43_wldev *dev) 1536{ 1537 struct b43_wl *wl = dev->wl; 1538 u32 cmd, beacon0_valid, beacon1_valid; 1539 1540 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1541 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1542 return; 1543 1544 /* This is the bottom half of the asynchronous beacon update. */ 1545 1546 /* Ignore interrupt in the future. */ 1547 dev->irq_mask &= ~B43_IRQ_BEACON; 1548 1549 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1550 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1551 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1552 1553 /* Schedule interrupt manually, if busy. */ 1554 if (beacon0_valid && beacon1_valid) { 1555 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1556 dev->irq_mask |= B43_IRQ_BEACON; 1557 return; 1558 } 1559 1560 if (unlikely(wl->beacon_templates_virgin)) { 1561 /* We never uploaded a beacon before. 1562 * Upload both templates now, but only mark one valid. */ 1563 wl->beacon_templates_virgin = 0; 1564 b43_upload_beacon0(dev); 1565 b43_upload_beacon1(dev); 1566 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1567 cmd |= B43_MACCMD_BEACON0_VALID; 1568 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1569 } else { 1570 if (!beacon0_valid) { 1571 b43_upload_beacon0(dev); 1572 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1573 cmd |= B43_MACCMD_BEACON0_VALID; 1574 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1575 } else if (!beacon1_valid) { 1576 b43_upload_beacon1(dev); 1577 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1578 cmd |= B43_MACCMD_BEACON1_VALID; 1579 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1580 } 1581 } 1582} 1583 1584static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1585{ 1586 u32 old_irq_mask = dev->irq_mask; 1587 1588 /* update beacon right away or defer to irq */ 1589 handle_irq_beacon(dev); 1590 if (old_irq_mask != dev->irq_mask) { 1591 /* The handler updated the IRQ mask. */ 1592 B43_WARN_ON(!dev->irq_mask); 1593 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1594 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1595 } else { 1596 /* Device interrupts are currently disabled. That means 1597 * we just ran the hardirq handler and scheduled the 1598 * IRQ thread. The thread will write the IRQ mask when 1599 * it finished, so there's nothing to do here. Writing 1600 * the mask _here_ would incorrectly re-enable IRQs. */ 1601 } 1602 } 1603} 1604 1605static void b43_beacon_update_trigger_work(struct work_struct *work) 1606{ 1607 struct b43_wl *wl = container_of(work, struct b43_wl, 1608 beacon_update_trigger); 1609 struct b43_wldev *dev; 1610 1611 mutex_lock(&wl->mutex); 1612 dev = wl->current_dev; 1613 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1614 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 1615 /* wl->mutex is enough. */ 1616 b43_do_beacon_update_trigger_work(dev); 1617 mmiowb(); 1618 } else { 1619 spin_lock_irq(&wl->hardirq_lock); 1620 b43_do_beacon_update_trigger_work(dev); 1621 mmiowb(); 1622 spin_unlock_irq(&wl->hardirq_lock); 1623 } 1624 } 1625 mutex_unlock(&wl->mutex); 1626} 1627 1628/* Asynchronously update the packet templates in template RAM. 1629 * Locking: Requires wl->mutex to be locked. */ 1630static void b43_update_templates(struct b43_wl *wl) 1631{ 1632 struct sk_buff *beacon; 1633 1634 /* This is the top half of the ansynchronous beacon update. 1635 * The bottom half is the beacon IRQ. 1636 * Beacon update must be asynchronous to avoid sending an 1637 * invalid beacon. This can happen for example, if the firmware 1638 * transmits a beacon while we are updating it. */ 1639 1640 /* We could modify the existing beacon and set the aid bit in 1641 * the TIM field, but that would probably require resizing and 1642 * moving of data within the beacon template. 1643 * Simply request a new beacon and let mac80211 do the hard work. */ 1644 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1645 if (unlikely(!beacon)) 1646 return; 1647 1648 if (wl->current_beacon) 1649 dev_kfree_skb_any(wl->current_beacon); 1650 wl->current_beacon = beacon; 1651 wl->beacon0_uploaded = 0; 1652 wl->beacon1_uploaded = 0; 1653 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1654} 1655 1656static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1657{ 1658 b43_time_lock(dev); 1659 if (dev->dev->id.revision >= 3) { 1660 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1661 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1662 } else { 1663 b43_write16(dev, 0x606, (beacon_int >> 6)); 1664 b43_write16(dev, 0x610, beacon_int); 1665 } 1666 b43_time_unlock(dev); 1667 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1668} 1669 1670static void b43_handle_firmware_panic(struct b43_wldev *dev) 1671{ 1672 u16 reason; 1673 1674 /* Read the register that contains the reason code for the panic. */ 1675 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1676 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1677 1678 switch (reason) { 1679 default: 1680 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1681 /* fallthrough */ 1682 case B43_FWPANIC_DIE: 1683 /* Do not restart the controller or firmware. 1684 * The device is nonfunctional from now on. 1685 * Restarting would result in this panic to trigger again, 1686 * so we avoid that recursion. */ 1687 break; 1688 case B43_FWPANIC_RESTART: 1689 b43_controller_restart(dev, "Microcode panic"); 1690 break; 1691 } 1692} 1693 1694static void handle_irq_ucode_debug(struct b43_wldev *dev) 1695{ 1696 unsigned int i, cnt; 1697 u16 reason, marker_id, marker_line; 1698 __le16 *buf; 1699 1700 /* The proprietary firmware doesn't have this IRQ. */ 1701 if (!dev->fw.opensource) 1702 return; 1703 1704 /* Read the register that contains the reason code for this IRQ. */ 1705 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1706 1707 switch (reason) { 1708 case B43_DEBUGIRQ_PANIC: 1709 b43_handle_firmware_panic(dev); 1710 break; 1711 case B43_DEBUGIRQ_DUMP_SHM: 1712 if (!B43_DEBUG) 1713 break; /* Only with driver debugging enabled. */ 1714 buf = kmalloc(4096, GFP_ATOMIC); 1715 if (!buf) { 1716 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1717 goto out; 1718 } 1719 for (i = 0; i < 4096; i += 2) { 1720 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1721 buf[i / 2] = cpu_to_le16(tmp); 1722 } 1723 b43info(dev->wl, "Shared memory dump:\n"); 1724 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1725 16, 2, buf, 4096, 1); 1726 kfree(buf); 1727 break; 1728 case B43_DEBUGIRQ_DUMP_REGS: 1729 if (!B43_DEBUG) 1730 break; /* Only with driver debugging enabled. */ 1731 b43info(dev->wl, "Microcode register dump:\n"); 1732 for (i = 0, cnt = 0; i < 64; i++) { 1733 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1734 if (cnt == 0) 1735 printk(KERN_INFO); 1736 printk("r%02u: 0x%04X ", i, tmp); 1737 cnt++; 1738 if (cnt == 6) { 1739 printk("\n"); 1740 cnt = 0; 1741 } 1742 } 1743 printk("\n"); 1744 break; 1745 case B43_DEBUGIRQ_MARKER: 1746 if (!B43_DEBUG) 1747 break; /* Only with driver debugging enabled. */ 1748 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1749 B43_MARKER_ID_REG); 1750 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1751 B43_MARKER_LINE_REG); 1752 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1753 "at line number %u\n", 1754 marker_id, marker_line); 1755 break; 1756 default: 1757 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1758 reason); 1759 } 1760out: 1761 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1762 b43_shm_write16(dev, B43_SHM_SCRATCH, 1763 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1764} 1765 1766static void b43_do_interrupt_thread(struct b43_wldev *dev) 1767{ 1768 u32 reason; 1769 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1770 u32 merged_dma_reason = 0; 1771 int i; 1772 1773 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1774 return; 1775 1776 reason = dev->irq_reason; 1777 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1778 dma_reason[i] = dev->dma_reason[i]; 1779 merged_dma_reason |= dma_reason[i]; 1780 } 1781 1782 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1783 b43err(dev->wl, "MAC transmission error\n"); 1784 1785 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1786 b43err(dev->wl, "PHY transmission error\n"); 1787 rmb(); 1788 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1789 atomic_set(&dev->phy.txerr_cnt, 1790 B43_PHY_TX_BADNESS_LIMIT); 1791 b43err(dev->wl, "Too many PHY TX errors, " 1792 "restarting the controller\n"); 1793 b43_controller_restart(dev, "PHY TX errors"); 1794 } 1795 } 1796 1797 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1798 B43_DMAIRQ_NONFATALMASK))) { 1799 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1800 b43err(dev->wl, "Fatal DMA error: " 1801 "0x%08X, 0x%08X, 0x%08X, " 1802 "0x%08X, 0x%08X, 0x%08X\n", 1803 dma_reason[0], dma_reason[1], 1804 dma_reason[2], dma_reason[3], 1805 dma_reason[4], dma_reason[5]); 1806 b43err(dev->wl, "This device does not support DMA " 1807 "on your system. It will now be switched to PIO.\n"); 1808 /* Fall back to PIO transfers if we get fatal DMA errors! */ 1809 dev->use_pio = 1; 1810 b43_controller_restart(dev, "DMA error"); 1811 return; 1812 } 1813 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1814 b43err(dev->wl, "DMA error: " 1815 "0x%08X, 0x%08X, 0x%08X, " 1816 "0x%08X, 0x%08X, 0x%08X\n", 1817 dma_reason[0], dma_reason[1], 1818 dma_reason[2], dma_reason[3], 1819 dma_reason[4], dma_reason[5]); 1820 } 1821 } 1822 1823 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1824 handle_irq_ucode_debug(dev); 1825 if (reason & B43_IRQ_TBTT_INDI) 1826 handle_irq_tbtt_indication(dev); 1827 if (reason & B43_IRQ_ATIM_END) 1828 handle_irq_atim_end(dev); 1829 if (reason & B43_IRQ_BEACON) 1830 handle_irq_beacon(dev); 1831 if (reason & B43_IRQ_PMQ) 1832 handle_irq_pmq(dev); 1833 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1834 ;/* TODO */ 1835 if (reason & B43_IRQ_NOISESAMPLE_OK) 1836 handle_irq_noise(dev); 1837 1838 /* Check the DMA reason registers for received data. */ 1839 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1840 if (b43_using_pio_transfers(dev)) 1841 b43_pio_rx(dev->pio.rx_queue); 1842 else 1843 b43_dma_rx(dev->dma.rx_ring); 1844 } 1845 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1846 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1847 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1848 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1849 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1850 1851 if (reason & B43_IRQ_TX_OK) 1852 handle_irq_transmit_status(dev); 1853 1854 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1855 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1856 1857#if B43_DEBUG 1858 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1859 dev->irq_count++; 1860 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1861 if (reason & (1 << i)) 1862 dev->irq_bit_count[i]++; 1863 } 1864 } 1865#endif 1866} 1867 1868/* Interrupt thread handler. Handles device interrupts in thread context. */ 1869static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1870{ 1871 struct b43_wldev *dev = dev_id; 1872 1873 mutex_lock(&dev->wl->mutex); 1874 b43_do_interrupt_thread(dev); 1875 mmiowb(); 1876 mutex_unlock(&dev->wl->mutex); 1877 1878 return IRQ_HANDLED; 1879} 1880 1881static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1882{ 1883 u32 reason; 1884 1885 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1886 * On SDIO, this runs under wl->mutex. */ 1887 1888 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1889 if (reason == 0xffffffff) /* shared IRQ */ 1890 return IRQ_NONE; 1891 reason &= dev->irq_mask; 1892 if (!reason) 1893 return IRQ_HANDLED; 1894 1895 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1896 & 0x0001DC00; 1897 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1898 & 0x0000DC00; 1899 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1900 & 0x0000DC00; 1901 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1902 & 0x0001DC00; 1903 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1904 & 0x0000DC00; 1905/* Unused ring 1906 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1907 & 0x0000DC00; 1908*/ 1909 1910 /* ACK the interrupt. */ 1911 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1912 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1913 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1914 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1915 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1916 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1917/* Unused ring 1918 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1919*/ 1920 1921 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1922 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1923 /* Save the reason bitmasks for the IRQ thread handler. */ 1924 dev->irq_reason = reason; 1925 1926 return IRQ_WAKE_THREAD; 1927} 1928 1929/* Interrupt handler top-half. This runs with interrupts disabled. */ 1930static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1931{ 1932 struct b43_wldev *dev = dev_id; 1933 irqreturn_t ret; 1934 1935 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1936 return IRQ_NONE; 1937 1938 spin_lock(&dev->wl->hardirq_lock); 1939 ret = b43_do_interrupt(dev); 1940 mmiowb(); 1941 spin_unlock(&dev->wl->hardirq_lock); 1942 1943 return ret; 1944} 1945 1946/* SDIO interrupt handler. This runs in process context. */ 1947static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1948{ 1949 struct b43_wl *wl = dev->wl; 1950 irqreturn_t ret; 1951 1952 mutex_lock(&wl->mutex); 1953 1954 ret = b43_do_interrupt(dev); 1955 if (ret == IRQ_WAKE_THREAD) 1956 b43_do_interrupt_thread(dev); 1957 1958 mutex_unlock(&wl->mutex); 1959} 1960 1961void b43_do_release_fw(struct b43_firmware_file *fw) 1962{ 1963 release_firmware(fw->data); 1964 fw->data = NULL; 1965 fw->filename = NULL; 1966} 1967 1968static void b43_release_firmware(struct b43_wldev *dev) 1969{ 1970 b43_do_release_fw(&dev->fw.ucode); 1971 b43_do_release_fw(&dev->fw.pcm); 1972 b43_do_release_fw(&dev->fw.initvals); 1973 b43_do_release_fw(&dev->fw.initvals_band); 1974} 1975 1976static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1977{ 1978 const char text[] = 1979 "You must go to " \ 1980 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 1981 "and download the correct firmware for this driver version. " \ 1982 "Please carefully read all instructions on this website.\n"; 1983 1984 if (error) 1985 b43err(wl, text); 1986 else 1987 b43warn(wl, text); 1988} 1989 1990int b43_do_request_fw(struct b43_request_fw_context *ctx, 1991 const char *name, 1992 struct b43_firmware_file *fw) 1993{ 1994 const struct firmware *blob; 1995 struct b43_fw_header *hdr; 1996 u32 size; 1997 int err; 1998 1999 if (!name) { 2000 /* Don't fetch anything. Free possibly cached firmware. */ 2001 /* FIXME: We should probably keep it anyway, to save some headache 2002 * on suspend/resume with multiband devices. */ 2003 b43_do_release_fw(fw); 2004 return 0; 2005 } 2006 if (fw->filename) { 2007 if ((fw->type == ctx->req_type) && 2008 (strcmp(fw->filename, name) == 0)) 2009 return 0; /* Already have this fw. */ 2010 /* Free the cached firmware first. */ 2011 /* FIXME: We should probably do this later after we successfully 2012 * got the new fw. This could reduce headache with multiband devices. 2013 * We could also redesign this to cache the firmware for all possible 2014 * bands all the time. */ 2015 b43_do_release_fw(fw); 2016 } 2017 2018 switch (ctx->req_type) { 2019 case B43_FWTYPE_PROPRIETARY: 2020 snprintf(ctx->fwname, sizeof(ctx->fwname), 2021 "b43%s/%s.fw", 2022 modparam_fwpostfix, name); 2023 break; 2024 case B43_FWTYPE_OPENSOURCE: 2025 snprintf(ctx->fwname, sizeof(ctx->fwname), 2026 "b43-open%s/%s.fw", 2027 modparam_fwpostfix, name); 2028 break; 2029 default: 2030 B43_WARN_ON(1); 2031 return -ENOSYS; 2032 } 2033 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2034 if (err == -ENOENT) { 2035 snprintf(ctx->errors[ctx->req_type], 2036 sizeof(ctx->errors[ctx->req_type]), 2037 "Firmware file \"%s\" not found\n", ctx->fwname); 2038 return err; 2039 } else if (err) { 2040 snprintf(ctx->errors[ctx->req_type], 2041 sizeof(ctx->errors[ctx->req_type]), 2042 "Firmware file \"%s\" request failed (err=%d)\n", 2043 ctx->fwname, err); 2044 return err; 2045 } 2046 if (blob->size < sizeof(struct b43_fw_header)) 2047 goto err_format; 2048 hdr = (struct b43_fw_header *)(blob->data); 2049 switch (hdr->type) { 2050 case B43_FW_TYPE_UCODE: 2051 case B43_FW_TYPE_PCM: 2052 size = be32_to_cpu(hdr->size); 2053 if (size != blob->size - sizeof(struct b43_fw_header)) 2054 goto err_format; 2055 /* fallthrough */ 2056 case B43_FW_TYPE_IV: 2057 if (hdr->ver != 1) 2058 goto err_format; 2059 break; 2060 default: 2061 goto err_format; 2062 } 2063 2064 fw->data = blob; 2065 fw->filename = name; 2066 fw->type = ctx->req_type; 2067 2068 return 0; 2069 2070err_format: 2071 snprintf(ctx->errors[ctx->req_type], 2072 sizeof(ctx->errors[ctx->req_type]), 2073 "Firmware file \"%s\" format error.\n", ctx->fwname); 2074 release_firmware(blob); 2075 2076 return -EPROTO; 2077} 2078 2079static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2080{ 2081 struct b43_wldev *dev = ctx->dev; 2082 struct b43_firmware *fw = &ctx->dev->fw; 2083 const u8 rev = ctx->dev->dev->id.revision; 2084 const char *filename; 2085 u32 tmshigh; 2086 int err; 2087 2088 /* Get microcode */ 2089 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 2090 if ((rev >= 5) && (rev <= 10)) 2091 filename = "ucode5"; 2092 else if ((rev >= 11) && (rev <= 12)) 2093 filename = "ucode11"; 2094 else if (rev == 13) 2095 filename = "ucode13"; 2096 else if (rev == 14) 2097 filename = "ucode14"; 2098 else if (rev >= 15) 2099 filename = "ucode15"; 2100 else 2101 goto err_no_ucode; 2102 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2103 if (err) 2104 goto err_load; 2105 2106 /* Get PCM code */ 2107 if ((rev >= 5) && (rev <= 10)) 2108 filename = "pcm5"; 2109 else if (rev >= 11) 2110 filename = NULL; 2111 else 2112 goto err_no_pcm; 2113 fw->pcm_request_failed = 0; 2114 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2115 if (err == -ENOENT) { 2116 /* We did not find a PCM file? Not fatal, but 2117 * core rev <= 10 must do without hwcrypto then. */ 2118 fw->pcm_request_failed = 1; 2119 } else if (err) 2120 goto err_load; 2121 2122 /* Get initvals */ 2123 switch (dev->phy.type) { 2124 case B43_PHYTYPE_A: 2125 if ((rev >= 5) && (rev <= 10)) { 2126 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2127 filename = "a0g1initvals5"; 2128 else 2129 filename = "a0g0initvals5"; 2130 } else 2131 goto err_no_initvals; 2132 break; 2133 case B43_PHYTYPE_G: 2134 if ((rev >= 5) && (rev <= 10)) 2135 filename = "b0g0initvals5"; 2136 else if (rev >= 13) 2137 filename = "b0g0initvals13"; 2138 else 2139 goto err_no_initvals; 2140 break; 2141 case B43_PHYTYPE_N: 2142 if ((rev >= 11) && (rev <= 12)) 2143 filename = "n0initvals11"; 2144 else 2145 goto err_no_initvals; 2146 break; 2147 case B43_PHYTYPE_LP: 2148 if (rev == 13) 2149 filename = "lp0initvals13"; 2150 else if (rev == 14) 2151 filename = "lp0initvals14"; 2152 else if (rev >= 15) 2153 filename = "lp0initvals15"; 2154 else 2155 goto err_no_initvals; 2156 break; 2157 default: 2158 goto err_no_initvals; 2159 } 2160 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2161 if (err) 2162 goto err_load; 2163 2164 /* Get bandswitch initvals */ 2165 switch (dev->phy.type) { 2166 case B43_PHYTYPE_A: 2167 if ((rev >= 5) && (rev <= 10)) { 2168 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2169 filename = "a0g1bsinitvals5"; 2170 else 2171 filename = "a0g0bsinitvals5"; 2172 } else if (rev >= 11) 2173 filename = NULL; 2174 else 2175 goto err_no_initvals; 2176 break; 2177 case B43_PHYTYPE_G: 2178 if ((rev >= 5) && (rev <= 10)) 2179 filename = "b0g0bsinitvals5"; 2180 else if (rev >= 11) 2181 filename = NULL; 2182 else 2183 goto err_no_initvals; 2184 break; 2185 case B43_PHYTYPE_N: 2186 if ((rev >= 11) && (rev <= 12)) 2187 filename = "n0bsinitvals11"; 2188 else 2189 goto err_no_initvals; 2190 break; 2191 case B43_PHYTYPE_LP: 2192 if (rev == 13) 2193 filename = "lp0bsinitvals13"; 2194 else if (rev == 14) 2195 filename = "lp0bsinitvals14"; 2196 else if (rev >= 15) 2197 filename = "lp0bsinitvals15"; 2198 else 2199 goto err_no_initvals; 2200 break; 2201 default: 2202 goto err_no_initvals; 2203 } 2204 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2205 if (err) 2206 goto err_load; 2207 2208 return 0; 2209 2210err_no_ucode: 2211 err = ctx->fatal_failure = -EOPNOTSUPP; 2212 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2213 "is required for your device (wl-core rev %u)\n", rev); 2214 goto error; 2215 2216err_no_pcm: 2217 err = ctx->fatal_failure = -EOPNOTSUPP; 2218 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2219 "is required for your device (wl-core rev %u)\n", rev); 2220 goto error; 2221 2222err_no_initvals: 2223 err = ctx->fatal_failure = -EOPNOTSUPP; 2224 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2225 "is required for your device (wl-core rev %u)\n", rev); 2226 goto error; 2227 2228err_load: 2229 /* We failed to load this firmware image. The error message 2230 * already is in ctx->errors. Return and let our caller decide 2231 * what to do. */ 2232 goto error; 2233 2234error: 2235 b43_release_firmware(dev); 2236 return err; 2237} 2238 2239static int b43_request_firmware(struct b43_wldev *dev) 2240{ 2241 struct b43_request_fw_context *ctx; 2242 unsigned int i; 2243 int err; 2244 const char *errmsg; 2245 2246 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2247 if (!ctx) 2248 return -ENOMEM; 2249 ctx->dev = dev; 2250 2251 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2252 err = b43_try_request_fw(ctx); 2253 if (!err) 2254 goto out; /* Successfully loaded it. */ 2255 err = ctx->fatal_failure; 2256 if (err) 2257 goto out; 2258 2259 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2260 err = b43_try_request_fw(ctx); 2261 if (!err) 2262 goto out; /* Successfully loaded it. */ 2263 err = ctx->fatal_failure; 2264 if (err) 2265 goto out; 2266 2267 /* Could not find a usable firmware. Print the errors. */ 2268 for (i = 0; i < B43_NR_FWTYPES; i++) { 2269 errmsg = ctx->errors[i]; 2270 if (strlen(errmsg)) 2271 b43err(dev->wl, errmsg); 2272 } 2273 b43_print_fw_helptext(dev->wl, 1); 2274 err = -ENOENT; 2275 2276out: 2277 kfree(ctx); 2278 return err; 2279} 2280 2281static int b43_upload_microcode(struct b43_wldev *dev) 2282{ 2283 struct wiphy *wiphy = dev->wl->hw->wiphy; 2284 const size_t hdr_len = sizeof(struct b43_fw_header); 2285 const __be32 *data; 2286 unsigned int i, len; 2287 u16 fwrev, fwpatch, fwdate, fwtime; 2288 u32 tmp, macctl; 2289 int err = 0; 2290 2291 /* Jump the microcode PSM to offset 0 */ 2292 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2293 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2294 macctl |= B43_MACCTL_PSM_JMP0; 2295 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2296 /* Zero out all microcode PSM registers and shared memory. */ 2297 for (i = 0; i < 64; i++) 2298 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2299 for (i = 0; i < 4096; i += 2) 2300 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2301 2302 /* Upload Microcode. */ 2303 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2304 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2305 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2306 for (i = 0; i < len; i++) { 2307 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2308 udelay(10); 2309 } 2310 2311 if (dev->fw.pcm.data) { 2312 /* Upload PCM data. */ 2313 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2314 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2315 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2316 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2317 /* No need for autoinc bit in SHM_HW */ 2318 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2319 for (i = 0; i < len; i++) { 2320 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2321 udelay(10); 2322 } 2323 } 2324 2325 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2326 2327 /* Start the microcode PSM */ 2328 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2329 macctl &= ~B43_MACCTL_PSM_JMP0; 2330 macctl |= B43_MACCTL_PSM_RUN; 2331 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2332 2333 /* Wait for the microcode to load and respond */ 2334 i = 0; 2335 while (1) { 2336 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2337 if (tmp == B43_IRQ_MAC_SUSPENDED) 2338 break; 2339 i++; 2340 if (i >= 20) { 2341 b43err(dev->wl, "Microcode not responding\n"); 2342 b43_print_fw_helptext(dev->wl, 1); 2343 err = -ENODEV; 2344 goto error; 2345 } 2346 msleep(50); 2347 } 2348 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2349 2350 /* Get and check the revisions. */ 2351 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2352 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2353 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2354 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2355 2356 if (fwrev <= 0x128) { 2357 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2358 "binary drivers older than version 4.x is unsupported. " 2359 "You must upgrade your firmware files.\n"); 2360 b43_print_fw_helptext(dev->wl, 1); 2361 err = -EOPNOTSUPP; 2362 goto error; 2363 } 2364 dev->fw.rev = fwrev; 2365 dev->fw.patch = fwpatch; 2366 dev->fw.opensource = (fwdate == 0xFFFF); 2367 2368 /* Default to use-all-queues. */ 2369 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2370 dev->qos_enabled = !!modparam_qos; 2371 /* Default to firmware/hardware crypto acceleration. */ 2372 dev->hwcrypto_enabled = 1; 2373 2374 if (dev->fw.opensource) { 2375 u16 fwcapa; 2376 2377 /* Patchlevel info is encoded in the "time" field. */ 2378 dev->fw.patch = fwtime; 2379 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2380 dev->fw.rev, dev->fw.patch); 2381 2382 fwcapa = b43_fwcapa_read(dev); 2383 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2384 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2385 /* Disable hardware crypto and fall back to software crypto. */ 2386 dev->hwcrypto_enabled = 0; 2387 } 2388 if (!(fwcapa & B43_FWCAPA_QOS)) { 2389 b43info(dev->wl, "QoS not supported by firmware\n"); 2390 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2391 * ieee80211_unregister to make sure the networking core can 2392 * properly free possible resources. */ 2393 dev->wl->hw->queues = 1; 2394 dev->qos_enabled = 0; 2395 } 2396 } else { 2397 b43info(dev->wl, "Loading firmware version %u.%u " 2398 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2399 fwrev, fwpatch, 2400 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2401 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2402 if (dev->fw.pcm_request_failed) { 2403 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2404 "Hardware accelerated cryptography is disabled.\n"); 2405 b43_print_fw_helptext(dev->wl, 0); 2406 } 2407 } 2408 2409 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u", 2410 dev->fw.rev, dev->fw.patch); 2411 wiphy->hw_version = dev->dev->id.coreid; 2412 2413 if (b43_is_old_txhdr_format(dev)) { 2414 /* We're over the deadline, but we keep support for old fw 2415 * until it turns out to be in major conflict with something new. */ 2416 b43warn(dev->wl, "You are using an old firmware image. " 2417 "Support for old firmware will be removed soon " 2418 "(official deadline was July 2008).\n"); 2419 b43_print_fw_helptext(dev->wl, 0); 2420 } 2421 2422 return 0; 2423 2424error: 2425 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2426 macctl &= ~B43_MACCTL_PSM_RUN; 2427 macctl |= B43_MACCTL_PSM_JMP0; 2428 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2429 2430 return err; 2431} 2432 2433static int b43_write_initvals(struct b43_wldev *dev, 2434 const struct b43_iv *ivals, 2435 size_t count, 2436 size_t array_size) 2437{ 2438 const struct b43_iv *iv; 2439 u16 offset; 2440 size_t i; 2441 bool bit32; 2442 2443 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2444 iv = ivals; 2445 for (i = 0; i < count; i++) { 2446 if (array_size < sizeof(iv->offset_size)) 2447 goto err_format; 2448 array_size -= sizeof(iv->offset_size); 2449 offset = be16_to_cpu(iv->offset_size); 2450 bit32 = !!(offset & B43_IV_32BIT); 2451 offset &= B43_IV_OFFSET_MASK; 2452 if (offset >= 0x1000) 2453 goto err_format; 2454 if (bit32) { 2455 u32 value; 2456 2457 if (array_size < sizeof(iv->data.d32)) 2458 goto err_format; 2459 array_size -= sizeof(iv->data.d32); 2460 2461 value = get_unaligned_be32(&iv->data.d32); 2462 b43_write32(dev, offset, value); 2463 2464 iv = (const struct b43_iv *)((const uint8_t *)iv + 2465 sizeof(__be16) + 2466 sizeof(__be32)); 2467 } else { 2468 u16 value; 2469 2470 if (array_size < sizeof(iv->data.d16)) 2471 goto err_format; 2472 array_size -= sizeof(iv->data.d16); 2473 2474 value = be16_to_cpu(iv->data.d16); 2475 b43_write16(dev, offset, value); 2476 2477 iv = (const struct b43_iv *)((const uint8_t *)iv + 2478 sizeof(__be16) + 2479 sizeof(__be16)); 2480 } 2481 } 2482 if (array_size) 2483 goto err_format; 2484 2485 return 0; 2486 2487err_format: 2488 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2489 b43_print_fw_helptext(dev->wl, 1); 2490 2491 return -EPROTO; 2492} 2493 2494static int b43_upload_initvals(struct b43_wldev *dev) 2495{ 2496 const size_t hdr_len = sizeof(struct b43_fw_header); 2497 const struct b43_fw_header *hdr; 2498 struct b43_firmware *fw = &dev->fw; 2499 const struct b43_iv *ivals; 2500 size_t count; 2501 int err; 2502 2503 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2504 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2505 count = be32_to_cpu(hdr->size); 2506 err = b43_write_initvals(dev, ivals, count, 2507 fw->initvals.data->size - hdr_len); 2508 if (err) 2509 goto out; 2510 if (fw->initvals_band.data) { 2511 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2512 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2513 count = be32_to_cpu(hdr->size); 2514 err = b43_write_initvals(dev, ivals, count, 2515 fw->initvals_band.data->size - hdr_len); 2516 if (err) 2517 goto out; 2518 } 2519out: 2520 2521 return err; 2522} 2523 2524/* Initialize the GPIOs 2525 * http://bcm-specs.sipsolutions.net/GPIO 2526 */ 2527static int b43_gpio_init(struct b43_wldev *dev) 2528{ 2529 struct ssb_bus *bus = dev->dev->bus; 2530 struct ssb_device *gpiodev, *pcidev = NULL; 2531 u32 mask, set; 2532 2533 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2534 & ~B43_MACCTL_GPOUTSMSK); 2535 2536 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2537 | 0x000F); 2538 2539 mask = 0x0000001F; 2540 set = 0x0000000F; 2541 if (dev->dev->bus->chip_id == 0x4301) { 2542 mask |= 0x0060; 2543 set |= 0x0060; 2544 } 2545 if (0 /* FIXME: conditional unknown */ ) { 2546 b43_write16(dev, B43_MMIO_GPIO_MASK, 2547 b43_read16(dev, B43_MMIO_GPIO_MASK) 2548 | 0x0100); 2549 mask |= 0x0180; 2550 set |= 0x0180; 2551 } 2552 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2553 b43_write16(dev, B43_MMIO_GPIO_MASK, 2554 b43_read16(dev, B43_MMIO_GPIO_MASK) 2555 | 0x0200); 2556 mask |= 0x0200; 2557 set |= 0x0200; 2558 } 2559 if (dev->dev->id.revision >= 2) 2560 mask |= 0x0010; /* FIXME: This is redundant. */ 2561 2562#ifdef CONFIG_SSB_DRIVER_PCICORE 2563 pcidev = bus->pcicore.dev; 2564#endif 2565 gpiodev = bus->chipco.dev ? : pcidev; 2566 if (!gpiodev) 2567 return 0; 2568 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2569 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2570 & mask) | set); 2571 2572 return 0; 2573} 2574 2575/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2576static void b43_gpio_cleanup(struct b43_wldev *dev) 2577{ 2578 struct ssb_bus *bus = dev->dev->bus; 2579 struct ssb_device *gpiodev, *pcidev = NULL; 2580 2581#ifdef CONFIG_SSB_DRIVER_PCICORE 2582 pcidev = bus->pcicore.dev; 2583#endif 2584 gpiodev = bus->chipco.dev ? : pcidev; 2585 if (!gpiodev) 2586 return; 2587 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2588} 2589 2590/* http://bcm-specs.sipsolutions.net/EnableMac */ 2591void b43_mac_enable(struct b43_wldev *dev) 2592{ 2593 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2594 u16 fwstate; 2595 2596 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2597 B43_SHM_SH_UCODESTAT); 2598 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2599 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2600 b43err(dev->wl, "b43_mac_enable(): The firmware " 2601 "should be suspended, but current state is %u\n", 2602 fwstate); 2603 } 2604 } 2605 2606 dev->mac_suspended--; 2607 B43_WARN_ON(dev->mac_suspended < 0); 2608 if (dev->mac_suspended == 0) { 2609 b43_write32(dev, B43_MMIO_MACCTL, 2610 b43_read32(dev, B43_MMIO_MACCTL) 2611 | B43_MACCTL_ENABLED); 2612 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2613 B43_IRQ_MAC_SUSPENDED); 2614 /* Commit writes */ 2615 b43_read32(dev, B43_MMIO_MACCTL); 2616 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2617 b43_power_saving_ctl_bits(dev, 0); 2618 } 2619} 2620 2621/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2622void b43_mac_suspend(struct b43_wldev *dev) 2623{ 2624 int i; 2625 u32 tmp; 2626 2627 might_sleep(); 2628 B43_WARN_ON(dev->mac_suspended < 0); 2629 2630 if (dev->mac_suspended == 0) { 2631 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2632 b43_write32(dev, B43_MMIO_MACCTL, 2633 b43_read32(dev, B43_MMIO_MACCTL) 2634 & ~B43_MACCTL_ENABLED); 2635 /* force pci to flush the write */ 2636 b43_read32(dev, B43_MMIO_MACCTL); 2637 for (i = 35; i; i--) { 2638 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2639 if (tmp & B43_IRQ_MAC_SUSPENDED) 2640 goto out; 2641 udelay(10); 2642 } 2643 /* Hm, it seems this will take some time. Use msleep(). */ 2644 for (i = 40; i; i--) { 2645 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2646 if (tmp & B43_IRQ_MAC_SUSPENDED) 2647 goto out; 2648 msleep(1); 2649 } 2650 b43err(dev->wl, "MAC suspend failed\n"); 2651 } 2652out: 2653 dev->mac_suspended++; 2654} 2655 2656static void b43_adjust_opmode(struct b43_wldev *dev) 2657{ 2658 struct b43_wl *wl = dev->wl; 2659 u32 ctl; 2660 u16 cfp_pretbtt; 2661 2662 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2663 /* Reset status to STA infrastructure mode. */ 2664 ctl &= ~B43_MACCTL_AP; 2665 ctl &= ~B43_MACCTL_KEEP_CTL; 2666 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2667 ctl &= ~B43_MACCTL_KEEP_BAD; 2668 ctl &= ~B43_MACCTL_PROMISC; 2669 ctl &= ~B43_MACCTL_BEACPROMISC; 2670 ctl |= B43_MACCTL_INFRA; 2671 2672 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2673 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2674 ctl |= B43_MACCTL_AP; 2675 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2676 ctl &= ~B43_MACCTL_INFRA; 2677 2678 if (wl->filter_flags & FIF_CONTROL) 2679 ctl |= B43_MACCTL_KEEP_CTL; 2680 if (wl->filter_flags & FIF_FCSFAIL) 2681 ctl |= B43_MACCTL_KEEP_BAD; 2682 if (wl->filter_flags & FIF_PLCPFAIL) 2683 ctl |= B43_MACCTL_KEEP_BADPLCP; 2684 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2685 ctl |= B43_MACCTL_PROMISC; 2686 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2687 ctl |= B43_MACCTL_BEACPROMISC; 2688 2689 /* Workaround: On old hardware the HW-MAC-address-filter 2690 * doesn't work properly, so always run promisc in filter 2691 * it in software. */ 2692 if (dev->dev->id.revision <= 4) 2693 ctl |= B43_MACCTL_PROMISC; 2694 2695 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2696 2697 cfp_pretbtt = 2; 2698 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2699 if (dev->dev->bus->chip_id == 0x4306 && 2700 dev->dev->bus->chip_rev == 3) 2701 cfp_pretbtt = 100; 2702 else 2703 cfp_pretbtt = 50; 2704 } 2705 b43_write16(dev, 0x612, cfp_pretbtt); 2706 2707 /* FIXME: We don't currently implement the PMQ mechanism, 2708 * so always disable it. If we want to implement PMQ, 2709 * we need to enable it here (clear DISCPMQ) in AP mode. 2710 */ 2711 if (0 /* ctl & B43_MACCTL_AP */) { 2712 b43_write32(dev, B43_MMIO_MACCTL, 2713 b43_read32(dev, B43_MMIO_MACCTL) 2714 & ~B43_MACCTL_DISCPMQ); 2715 } else { 2716 b43_write32(dev, B43_MMIO_MACCTL, 2717 b43_read32(dev, B43_MMIO_MACCTL) 2718 | B43_MACCTL_DISCPMQ); 2719 } 2720} 2721 2722static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2723{ 2724 u16 offset; 2725 2726 if (is_ofdm) { 2727 offset = 0x480; 2728 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2729 } else { 2730 offset = 0x4C0; 2731 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2732 } 2733 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2734 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2735} 2736 2737static void b43_rate_memory_init(struct b43_wldev *dev) 2738{ 2739 switch (dev->phy.type) { 2740 case B43_PHYTYPE_A: 2741 case B43_PHYTYPE_G: 2742 case B43_PHYTYPE_N: 2743 case B43_PHYTYPE_LP: 2744 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2745 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2746 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2747 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2748 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2749 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2750 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2751 if (dev->phy.type == B43_PHYTYPE_A) 2752 break; 2753 /* fallthrough */ 2754 case B43_PHYTYPE_B: 2755 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2756 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2757 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2758 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2759 break; 2760 default: 2761 B43_WARN_ON(1); 2762 } 2763} 2764 2765/* Set the default values for the PHY TX Control Words. */ 2766static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2767{ 2768 u16 ctl = 0; 2769 2770 ctl |= B43_TXH_PHY_ENC_CCK; 2771 ctl |= B43_TXH_PHY_ANT01AUTO; 2772 ctl |= B43_TXH_PHY_TXPWR; 2773 2774 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2775 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2776 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2777} 2778 2779/* Set the TX-Antenna for management frames sent by firmware. */ 2780static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2781{ 2782 u16 ant; 2783 u16 tmp; 2784 2785 ant = b43_antenna_to_phyctl(antenna); 2786 2787 /* For ACK/CTS */ 2788 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2789 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2790 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2791 /* For Probe Resposes */ 2792 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2793 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2794 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2795} 2796 2797/* This is the opposite of b43_chip_init() */ 2798static void b43_chip_exit(struct b43_wldev *dev) 2799{ 2800 b43_phy_exit(dev); 2801 b43_gpio_cleanup(dev); 2802 /* firmware is released later */ 2803} 2804 2805/* Initialize the chip 2806 * http://bcm-specs.sipsolutions.net/ChipInit 2807 */ 2808static int b43_chip_init(struct b43_wldev *dev) 2809{ 2810 struct b43_phy *phy = &dev->phy; 2811 int err; 2812 u32 value32, macctl; 2813 u16 value16; 2814 2815 /* Initialize the MAC control */ 2816 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2817 if (dev->phy.gmode) 2818 macctl |= B43_MACCTL_GMODE; 2819 macctl |= B43_MACCTL_INFRA; 2820 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2821 2822 err = b43_request_firmware(dev); 2823 if (err) 2824 goto out; 2825 err = b43_upload_microcode(dev); 2826 if (err) 2827 goto out; /* firmware is released later */ 2828 2829 err = b43_gpio_init(dev); 2830 if (err) 2831 goto out; /* firmware is released later */ 2832 2833 err = b43_upload_initvals(dev); 2834 if (err) 2835 goto err_gpio_clean; 2836 2837 /* Turn the Analog on and initialize the PHY. */ 2838 phy->ops->switch_analog(dev, 1); 2839 err = b43_phy_init(dev); 2840 if (err) 2841 goto err_gpio_clean; 2842 2843 /* Disable Interference Mitigation. */ 2844 if (phy->ops->interf_mitigation) 2845 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2846 2847 /* Select the antennae */ 2848 if (phy->ops->set_rx_antenna) 2849 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2850 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2851 2852 if (phy->type == B43_PHYTYPE_B) { 2853 value16 = b43_read16(dev, 0x005E); 2854 value16 |= 0x0004; 2855 b43_write16(dev, 0x005E, value16); 2856 } 2857 b43_write32(dev, 0x0100, 0x01000000); 2858 if (dev->dev->id.revision < 5) 2859 b43_write32(dev, 0x010C, 0x01000000); 2860 2861 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2862 & ~B43_MACCTL_INFRA); 2863 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2864 | B43_MACCTL_INFRA); 2865 2866 /* Probe Response Timeout value */ 2867 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2868 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2869 2870 /* Initially set the wireless operation mode. */ 2871 b43_adjust_opmode(dev); 2872 2873 if (dev->dev->id.revision < 3) { 2874 b43_write16(dev, 0x060E, 0x0000); 2875 b43_write16(dev, 0x0610, 0x8000); 2876 b43_write16(dev, 0x0604, 0x0000); 2877 b43_write16(dev, 0x0606, 0x0200); 2878 } else { 2879 b43_write32(dev, 0x0188, 0x80000000); 2880 b43_write32(dev, 0x018C, 0x02000000); 2881 } 2882 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2883 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2884 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2885 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2886 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2887 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2888 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2889 2890 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2891 value32 |= 0x00100000; 2892 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2893 2894 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2895 dev->dev->bus->chipco.fast_pwrup_delay); 2896 2897 err = 0; 2898 b43dbg(dev->wl, "Chip initialized\n"); 2899out: 2900 return err; 2901 2902err_gpio_clean: 2903 b43_gpio_cleanup(dev); 2904 return err; 2905} 2906 2907static void b43_periodic_every60sec(struct b43_wldev *dev) 2908{ 2909 const struct b43_phy_operations *ops = dev->phy.ops; 2910 2911 if (ops->pwork_60sec) 2912 ops->pwork_60sec(dev); 2913 2914 /* Force check the TX power emission now. */ 2915 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2916} 2917 2918static void b43_periodic_every30sec(struct b43_wldev *dev) 2919{ 2920 /* Update device statistics. */ 2921 b43_calculate_link_quality(dev); 2922} 2923 2924static void b43_periodic_every15sec(struct b43_wldev *dev) 2925{ 2926 struct b43_phy *phy = &dev->phy; 2927 u16 wdr; 2928 2929 if (dev->fw.opensource) { 2930 /* Check if the firmware is still alive. 2931 * It will reset the watchdog counter to 0 in its idle loop. */ 2932 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2933 if (unlikely(wdr)) { 2934 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2935 b43_controller_restart(dev, "Firmware watchdog"); 2936 return; 2937 } else { 2938 b43_shm_write16(dev, B43_SHM_SCRATCH, 2939 B43_WATCHDOG_REG, 1); 2940 } 2941 } 2942 2943 if (phy->ops->pwork_15sec) 2944 phy->ops->pwork_15sec(dev); 2945 2946 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2947 wmb(); 2948 2949#if B43_DEBUG 2950 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 2951 unsigned int i; 2952 2953 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 2954 dev->irq_count / 15, 2955 dev->tx_count / 15, 2956 dev->rx_count / 15); 2957 dev->irq_count = 0; 2958 dev->tx_count = 0; 2959 dev->rx_count = 0; 2960 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 2961 if (dev->irq_bit_count[i]) { 2962 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 2963 dev->irq_bit_count[i] / 15, i, (1 << i)); 2964 dev->irq_bit_count[i] = 0; 2965 } 2966 } 2967 } 2968#endif 2969} 2970 2971static void do_periodic_work(struct b43_wldev *dev) 2972{ 2973 unsigned int state; 2974 2975 state = dev->periodic_state; 2976 if (state % 4 == 0) 2977 b43_periodic_every60sec(dev); 2978 if (state % 2 == 0) 2979 b43_periodic_every30sec(dev); 2980 b43_periodic_every15sec(dev); 2981} 2982 2983/* Periodic work locking policy: 2984 * The whole periodic work handler is protected by 2985 * wl->mutex. If another lock is needed somewhere in the 2986 * pwork callchain, it's acquired in-place, where it's needed. 2987 */ 2988static void b43_periodic_work_handler(struct work_struct *work) 2989{ 2990 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2991 periodic_work.work); 2992 struct b43_wl *wl = dev->wl; 2993 unsigned long delay; 2994 2995 mutex_lock(&wl->mutex); 2996 2997 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2998 goto out; 2999 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 3000 goto out_requeue; 3001 3002 do_periodic_work(dev); 3003 3004 dev->periodic_state++; 3005out_requeue: 3006 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 3007 delay = msecs_to_jiffies(50); 3008 else 3009 delay = round_jiffies_relative(HZ * 15); 3010 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 3011out: 3012 mutex_unlock(&wl->mutex); 3013} 3014 3015static void b43_periodic_tasks_setup(struct b43_wldev *dev) 3016{ 3017 struct delayed_work *work = &dev->periodic_work; 3018 3019 dev->periodic_state = 0; 3020 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 3021 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 3022} 3023 3024/* Check if communication with the device works correctly. */ 3025static int b43_validate_chipaccess(struct b43_wldev *dev) 3026{ 3027 u32 v, backup0, backup4; 3028 3029 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3030 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3031 3032 /* Check for read/write and endianness problems. */ 3033 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3034 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3035 goto error; 3036 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3037 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3038 goto error; 3039 3040 /* Check if unaligned 32bit SHM_SHARED access works properly. 3041 * However, don't bail out on failure, because it's noncritical. */ 3042 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3043 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3044 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3045 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3046 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3047 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3048 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3049 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3050 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3051 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3052 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3053 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3054 3055 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3056 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3057 3058 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 3059 /* The 32bit register shadows the two 16bit registers 3060 * with update sideeffects. Validate this. */ 3061 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3062 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3063 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3064 goto error; 3065 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3066 goto error; 3067 } 3068 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3069 3070 v = b43_read32(dev, B43_MMIO_MACCTL); 3071 v |= B43_MACCTL_GMODE; 3072 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3073 goto error; 3074 3075 return 0; 3076error: 3077 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3078 return -ENODEV; 3079} 3080 3081static void b43_security_init(struct b43_wldev *dev) 3082{ 3083 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3084 /* KTP is a word address, but we address SHM bytewise. 3085 * So multiply by two. 3086 */ 3087 dev->ktp *= 2; 3088 /* Number of RCMTA address slots */ 3089 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3090 /* Clear the key memory. */ 3091 b43_clear_keys(dev); 3092} 3093 3094#ifdef CONFIG_B43_HWRNG 3095static int b43_rng_read(struct hwrng *rng, u32 *data) 3096{ 3097 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3098 struct b43_wldev *dev; 3099 int count = -ENODEV; 3100 3101 mutex_lock(&wl->mutex); 3102 dev = wl->current_dev; 3103 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3104 *data = b43_read16(dev, B43_MMIO_RNG); 3105 count = sizeof(u16); 3106 } 3107 mutex_unlock(&wl->mutex); 3108 3109 return count; 3110} 3111#endif /* CONFIG_B43_HWRNG */ 3112 3113static void b43_rng_exit(struct b43_wl *wl) 3114{ 3115#ifdef CONFIG_B43_HWRNG 3116 if (wl->rng_initialized) 3117 hwrng_unregister(&wl->rng); 3118#endif /* CONFIG_B43_HWRNG */ 3119} 3120 3121static int b43_rng_init(struct b43_wl *wl) 3122{ 3123 int err = 0; 3124 3125#ifdef CONFIG_B43_HWRNG 3126 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3127 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3128 wl->rng.name = wl->rng_name; 3129 wl->rng.data_read = b43_rng_read; 3130 wl->rng.priv = (unsigned long)wl; 3131 wl->rng_initialized = 1; 3132 err = hwrng_register(&wl->rng); 3133 if (err) { 3134 wl->rng_initialized = 0; 3135 b43err(wl, "Failed to register the random " 3136 "number generator (%d)\n", err); 3137 } 3138#endif /* CONFIG_B43_HWRNG */ 3139 3140 return err; 3141} 3142 3143static void b43_tx_work(struct work_struct *work) 3144{ 3145 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3146 struct b43_wldev *dev; 3147 struct sk_buff *skb; 3148 int err = 0; 3149 3150 mutex_lock(&wl->mutex); 3151 dev = wl->current_dev; 3152 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3153 mutex_unlock(&wl->mutex); 3154 return; 3155 } 3156 3157 while (skb_queue_len(&wl->tx_queue)) { 3158 skb = skb_dequeue(&wl->tx_queue); 3159 3160 if (b43_using_pio_transfers(dev)) 3161 err = b43_pio_tx(dev, skb); 3162 else 3163 err = b43_dma_tx(dev, skb); 3164 if (unlikely(err)) 3165 dev_kfree_skb(skb); /* Drop it */ 3166 } 3167 3168#if B43_DEBUG 3169 dev->tx_count++; 3170#endif 3171 mutex_unlock(&wl->mutex); 3172} 3173 3174static int b43_op_tx(struct ieee80211_hw *hw, 3175 struct sk_buff *skb) 3176{ 3177 struct b43_wl *wl = hw_to_b43_wl(hw); 3178 3179 if (unlikely(skb->len < 2 + 2 + 6)) { 3180 /* Too short, this can't be a valid frame. */ 3181 dev_kfree_skb_any(skb); 3182 return NETDEV_TX_OK; 3183 } 3184 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3185 3186 skb_queue_tail(&wl->tx_queue, skb); 3187 ieee80211_queue_work(wl->hw, &wl->tx_work); 3188 3189 return NETDEV_TX_OK; 3190} 3191 3192static void b43_qos_params_upload(struct b43_wldev *dev, 3193 const struct ieee80211_tx_queue_params *p, 3194 u16 shm_offset) 3195{ 3196 u16 params[B43_NR_QOSPARAMS]; 3197 int bslots, tmp; 3198 unsigned int i; 3199 3200 if (!dev->qos_enabled) 3201 return; 3202 3203 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3204 3205 memset(¶ms, 0, sizeof(params)); 3206 3207 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3208 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3209 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3210 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3211 params[B43_QOSPARAM_AIFS] = p->aifs; 3212 params[B43_QOSPARAM_BSLOTS] = bslots; 3213 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3214 3215 for (i = 0; i < ARRAY_SIZE(params); i++) { 3216 if (i == B43_QOSPARAM_STATUS) { 3217 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3218 shm_offset + (i * 2)); 3219 /* Mark the parameters as updated. */ 3220 tmp |= 0x100; 3221 b43_shm_write16(dev, B43_SHM_SHARED, 3222 shm_offset + (i * 2), 3223 tmp); 3224 } else { 3225 b43_shm_write16(dev, B43_SHM_SHARED, 3226 shm_offset + (i * 2), 3227 params[i]); 3228 } 3229 } 3230} 3231 3232/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3233static const u16 b43_qos_shm_offsets[] = { 3234 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3235 [0] = B43_QOS_VOICE, 3236 [1] = B43_QOS_VIDEO, 3237 [2] = B43_QOS_BESTEFFORT, 3238 [3] = B43_QOS_BACKGROUND, 3239}; 3240 3241/* Update all QOS parameters in hardware. */ 3242static void b43_qos_upload_all(struct b43_wldev *dev) 3243{ 3244 struct b43_wl *wl = dev->wl; 3245 struct b43_qos_params *params; 3246 unsigned int i; 3247 3248 if (!dev->qos_enabled) 3249 return; 3250 3251 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3252 ARRAY_SIZE(wl->qos_params)); 3253 3254 b43_mac_suspend(dev); 3255 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3256 params = &(wl->qos_params[i]); 3257 b43_qos_params_upload(dev, &(params->p), 3258 b43_qos_shm_offsets[i]); 3259 } 3260 b43_mac_enable(dev); 3261} 3262 3263static void b43_qos_clear(struct b43_wl *wl) 3264{ 3265 struct b43_qos_params *params; 3266 unsigned int i; 3267 3268 /* Initialize QoS parameters to sane defaults. */ 3269 3270 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3271 ARRAY_SIZE(wl->qos_params)); 3272 3273 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3274 params = &(wl->qos_params[i]); 3275 3276 switch (b43_qos_shm_offsets[i]) { 3277 case B43_QOS_VOICE: 3278 params->p.txop = 0; 3279 params->p.aifs = 2; 3280 params->p.cw_min = 0x0001; 3281 params->p.cw_max = 0x0001; 3282 break; 3283 case B43_QOS_VIDEO: 3284 params->p.txop = 0; 3285 params->p.aifs = 2; 3286 params->p.cw_min = 0x0001; 3287 params->p.cw_max = 0x0001; 3288 break; 3289 case B43_QOS_BESTEFFORT: 3290 params->p.txop = 0; 3291 params->p.aifs = 3; 3292 params->p.cw_min = 0x0001; 3293 params->p.cw_max = 0x03FF; 3294 break; 3295 case B43_QOS_BACKGROUND: 3296 params->p.txop = 0; 3297 params->p.aifs = 7; 3298 params->p.cw_min = 0x0001; 3299 params->p.cw_max = 0x03FF; 3300 break; 3301 default: 3302 B43_WARN_ON(1); 3303 } 3304 } 3305} 3306 3307/* Initialize the core's QOS capabilities */ 3308static void b43_qos_init(struct b43_wldev *dev) 3309{ 3310 if (!dev->qos_enabled) { 3311 /* Disable QOS support. */ 3312 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3313 b43_write16(dev, B43_MMIO_IFSCTL, 3314 b43_read16(dev, B43_MMIO_IFSCTL) 3315 & ~B43_MMIO_IFSCTL_USE_EDCF); 3316 b43dbg(dev->wl, "QoS disabled\n"); 3317 return; 3318 } 3319 3320 /* Upload the current QOS parameters. */ 3321 b43_qos_upload_all(dev); 3322 3323 /* Enable QOS support. */ 3324 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3325 b43_write16(dev, B43_MMIO_IFSCTL, 3326 b43_read16(dev, B43_MMIO_IFSCTL) 3327 | B43_MMIO_IFSCTL_USE_EDCF); 3328 b43dbg(dev->wl, "QoS enabled\n"); 3329} 3330 3331static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3332 const struct ieee80211_tx_queue_params *params) 3333{ 3334 struct b43_wl *wl = hw_to_b43_wl(hw); 3335 struct b43_wldev *dev; 3336 unsigned int queue = (unsigned int)_queue; 3337 int err = -ENODEV; 3338 3339 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3340 /* Queue not available or don't support setting 3341 * params on this queue. Return success to not 3342 * confuse mac80211. */ 3343 return 0; 3344 } 3345 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3346 ARRAY_SIZE(wl->qos_params)); 3347 3348 mutex_lock(&wl->mutex); 3349 dev = wl->current_dev; 3350 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3351 goto out_unlock; 3352 3353 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3354 b43_mac_suspend(dev); 3355 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3356 b43_qos_shm_offsets[queue]); 3357 b43_mac_enable(dev); 3358 err = 0; 3359 3360out_unlock: 3361 mutex_unlock(&wl->mutex); 3362 3363 return err; 3364} 3365 3366static int b43_op_get_stats(struct ieee80211_hw *hw, 3367 struct ieee80211_low_level_stats *stats) 3368{ 3369 struct b43_wl *wl = hw_to_b43_wl(hw); 3370 3371 mutex_lock(&wl->mutex); 3372 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3373 mutex_unlock(&wl->mutex); 3374 3375 return 0; 3376} 3377 3378static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3379{ 3380 struct b43_wl *wl = hw_to_b43_wl(hw); 3381 struct b43_wldev *dev; 3382 u64 tsf; 3383 3384 mutex_lock(&wl->mutex); 3385 dev = wl->current_dev; 3386 3387 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3388 b43_tsf_read(dev, &tsf); 3389 else 3390 tsf = 0; 3391 3392 mutex_unlock(&wl->mutex); 3393 3394 return tsf; 3395} 3396 3397static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3398{ 3399 struct b43_wl *wl = hw_to_b43_wl(hw); 3400 struct b43_wldev *dev; 3401 3402 mutex_lock(&wl->mutex); 3403 dev = wl->current_dev; 3404 3405 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3406 b43_tsf_write(dev, tsf); 3407 3408 mutex_unlock(&wl->mutex); 3409} 3410 3411static void b43_put_phy_into_reset(struct b43_wldev *dev) 3412{ 3413 struct ssb_device *sdev = dev->dev; 3414 u32 tmslow; 3415 3416 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3417 tmslow &= ~B43_TMSLOW_GMODE; 3418 tmslow |= B43_TMSLOW_PHYRESET; 3419 tmslow |= SSB_TMSLOW_FGC; 3420 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3421 msleep(1); 3422 3423 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3424 tmslow &= ~SSB_TMSLOW_FGC; 3425 tmslow |= B43_TMSLOW_PHYRESET; 3426 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3427 msleep(1); 3428} 3429 3430static const char *band_to_string(enum ieee80211_band band) 3431{ 3432 switch (band) { 3433 case IEEE80211_BAND_5GHZ: 3434 return "5"; 3435 case IEEE80211_BAND_2GHZ: 3436 return "2.4"; 3437 default: 3438 break; 3439 } 3440 B43_WARN_ON(1); 3441 return ""; 3442} 3443 3444/* Expects wl->mutex locked */ 3445static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3446{ 3447 struct b43_wldev *up_dev = NULL; 3448 struct b43_wldev *down_dev; 3449 struct b43_wldev *d; 3450 int err; 3451 bool uninitialized_var(gmode); 3452 int prev_status; 3453 3454 /* Find a device and PHY which supports the band. */ 3455 list_for_each_entry(d, &wl->devlist, list) { 3456 switch (chan->band) { 3457 case IEEE80211_BAND_5GHZ: 3458 if (d->phy.supports_5ghz) { 3459 up_dev = d; 3460 gmode = 0; 3461 } 3462 break; 3463 case IEEE80211_BAND_2GHZ: 3464 if (d->phy.supports_2ghz) { 3465 up_dev = d; 3466 gmode = 1; 3467 } 3468 break; 3469 default: 3470 B43_WARN_ON(1); 3471 return -EINVAL; 3472 } 3473 if (up_dev) 3474 break; 3475 } 3476 if (!up_dev) { 3477 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3478 band_to_string(chan->band)); 3479 return -ENODEV; 3480 } 3481 if ((up_dev == wl->current_dev) && 3482 (!!wl->current_dev->phy.gmode == !!gmode)) { 3483 /* This device is already running. */ 3484 return 0; 3485 } 3486 b43dbg(wl, "Switching to %s-GHz band\n", 3487 band_to_string(chan->band)); 3488 down_dev = wl->current_dev; 3489 3490 prev_status = b43_status(down_dev); 3491 /* Shutdown the currently running core. */ 3492 if (prev_status >= B43_STAT_STARTED) 3493 down_dev = b43_wireless_core_stop(down_dev); 3494 if (prev_status >= B43_STAT_INITIALIZED) 3495 b43_wireless_core_exit(down_dev); 3496 3497 if (down_dev != up_dev) { 3498 /* We switch to a different core, so we put PHY into 3499 * RESET on the old core. */ 3500 b43_put_phy_into_reset(down_dev); 3501 } 3502 3503 /* Now start the new core. */ 3504 up_dev->phy.gmode = gmode; 3505 if (prev_status >= B43_STAT_INITIALIZED) { 3506 err = b43_wireless_core_init(up_dev); 3507 if (err) { 3508 b43err(wl, "Fatal: Could not initialize device for " 3509 "selected %s-GHz band\n", 3510 band_to_string(chan->band)); 3511 goto init_failure; 3512 } 3513 } 3514 if (prev_status >= B43_STAT_STARTED) { 3515 err = b43_wireless_core_start(up_dev); 3516 if (err) { 3517 b43err(wl, "Fatal: Coult not start device for " 3518 "selected %s-GHz band\n", 3519 band_to_string(chan->band)); 3520 b43_wireless_core_exit(up_dev); 3521 goto init_failure; 3522 } 3523 } 3524 B43_WARN_ON(b43_status(up_dev) != prev_status); 3525 3526 wl->current_dev = up_dev; 3527 3528 return 0; 3529init_failure: 3530 /* Whoops, failed to init the new core. No core is operating now. */ 3531 wl->current_dev = NULL; 3532 return err; 3533} 3534 3535/* Write the short and long frame retry limit values. */ 3536static void b43_set_retry_limits(struct b43_wldev *dev, 3537 unsigned int short_retry, 3538 unsigned int long_retry) 3539{ 3540 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3541 * the chip-internal counter. */ 3542 short_retry = min(short_retry, (unsigned int)0xF); 3543 long_retry = min(long_retry, (unsigned int)0xF); 3544 3545 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3546 short_retry); 3547 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3548 long_retry); 3549} 3550 3551static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3552{ 3553 struct b43_wl *wl = hw_to_b43_wl(hw); 3554 struct b43_wldev *dev; 3555 struct b43_phy *phy; 3556 struct ieee80211_conf *conf = &hw->conf; 3557 int antenna; 3558 int err = 0; 3559 3560 mutex_lock(&wl->mutex); 3561 3562 /* Switch the band (if necessary). This might change the active core. */ 3563 err = b43_switch_band(wl, conf->channel); 3564 if (err) 3565 goto out_unlock_mutex; 3566 dev = wl->current_dev; 3567 phy = &dev->phy; 3568 3569 if (conf_is_ht(conf)) 3570 phy->is_40mhz = 3571 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf)); 3572 else 3573 phy->is_40mhz = false; 3574 3575 b43_mac_suspend(dev); 3576 3577 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3578 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3579 conf->long_frame_max_tx_count); 3580 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3581 if (!changed) 3582 goto out_mac_enable; 3583 3584 /* Switch to the requested channel. 3585 * The firmware takes care of races with the TX handler. */ 3586 if (conf->channel->hw_value != phy->channel) 3587 b43_switch_channel(dev, conf->channel->hw_value); 3588 3589 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3590 3591 /* Adjust the desired TX power level. */ 3592 if (conf->power_level != 0) { 3593 if (conf->power_level != phy->desired_txpower) { 3594 phy->desired_txpower = conf->power_level; 3595 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3596 B43_TXPWR_IGNORE_TSSI); 3597 } 3598 } 3599 3600 /* Antennas for RX and management frame TX. */ 3601 antenna = B43_ANTENNA_DEFAULT; 3602 b43_mgmtframe_txantenna(dev, antenna); 3603 antenna = B43_ANTENNA_DEFAULT; 3604 if (phy->ops->set_rx_antenna) 3605 phy->ops->set_rx_antenna(dev, antenna); 3606 3607 if (wl->radio_enabled != phy->radio_on) { 3608 if (wl->radio_enabled) { 3609 b43_software_rfkill(dev, false); 3610 b43info(dev->wl, "Radio turned on by software\n"); 3611 if (!dev->radio_hw_enable) { 3612 b43info(dev->wl, "The hardware RF-kill button " 3613 "still turns the radio physically off. " 3614 "Press the button to turn it on.\n"); 3615 } 3616 } else { 3617 b43_software_rfkill(dev, true); 3618 b43info(dev->wl, "Radio turned off by software\n"); 3619 } 3620 } 3621 3622out_mac_enable: 3623 b43_mac_enable(dev); 3624out_unlock_mutex: 3625 mutex_unlock(&wl->mutex); 3626 3627 return err; 3628} 3629 3630static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3631{ 3632 struct ieee80211_supported_band *sband = 3633 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3634 struct ieee80211_rate *rate; 3635 int i; 3636 u16 basic, direct, offset, basic_offset, rateptr; 3637 3638 for (i = 0; i < sband->n_bitrates; i++) { 3639 rate = &sband->bitrates[i]; 3640 3641 if (b43_is_cck_rate(rate->hw_value)) { 3642 direct = B43_SHM_SH_CCKDIRECT; 3643 basic = B43_SHM_SH_CCKBASIC; 3644 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3645 offset &= 0xF; 3646 } else { 3647 direct = B43_SHM_SH_OFDMDIRECT; 3648 basic = B43_SHM_SH_OFDMBASIC; 3649 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3650 offset &= 0xF; 3651 } 3652 3653 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3654 3655 if (b43_is_cck_rate(rate->hw_value)) { 3656 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3657 basic_offset &= 0xF; 3658 } else { 3659 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3660 basic_offset &= 0xF; 3661 } 3662 3663 /* 3664 * Get the pointer that we need to point to 3665 * from the direct map 3666 */ 3667 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3668 direct + 2 * basic_offset); 3669 /* and write it to the basic map */ 3670 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3671 rateptr); 3672 } 3673} 3674 3675static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3676 struct ieee80211_vif *vif, 3677 struct ieee80211_bss_conf *conf, 3678 u32 changed) 3679{ 3680 struct b43_wl *wl = hw_to_b43_wl(hw); 3681 struct b43_wldev *dev; 3682 3683 mutex_lock(&wl->mutex); 3684 3685 dev = wl->current_dev; 3686 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3687 goto out_unlock_mutex; 3688 3689 B43_WARN_ON(wl->vif != vif); 3690 3691 if (changed & BSS_CHANGED_BSSID) { 3692 if (conf->bssid) 3693 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3694 else 3695 memset(wl->bssid, 0, ETH_ALEN); 3696 } 3697 3698 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3699 if (changed & BSS_CHANGED_BEACON && 3700 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3701 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3702 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3703 b43_update_templates(wl); 3704 3705 if (changed & BSS_CHANGED_BSSID) 3706 b43_write_mac_bssid_templates(dev); 3707 } 3708 3709 b43_mac_suspend(dev); 3710 3711 /* Update templates for AP/mesh mode. */ 3712 if (changed & BSS_CHANGED_BEACON_INT && 3713 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3714 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3715 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3716 b43_set_beacon_int(dev, conf->beacon_int); 3717 3718 if (changed & BSS_CHANGED_BASIC_RATES) 3719 b43_update_basic_rates(dev, conf->basic_rates); 3720 3721 if (changed & BSS_CHANGED_ERP_SLOT) { 3722 if (conf->use_short_slot) 3723 b43_short_slot_timing_enable(dev); 3724 else 3725 b43_short_slot_timing_disable(dev); 3726 } 3727 3728 b43_mac_enable(dev); 3729out_unlock_mutex: 3730 mutex_unlock(&wl->mutex); 3731} 3732 3733static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3734 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3735 struct ieee80211_key_conf *key) 3736{ 3737 struct b43_wl *wl = hw_to_b43_wl(hw); 3738 struct b43_wldev *dev; 3739 u8 algorithm; 3740 u8 index; 3741 int err; 3742 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3743 3744 if (modparam_nohwcrypt) 3745 return -ENOSPC; /* User disabled HW-crypto */ 3746 3747 mutex_lock(&wl->mutex); 3748 3749 dev = wl->current_dev; 3750 err = -ENODEV; 3751 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3752 goto out_unlock; 3753 3754 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3755 /* We don't have firmware for the crypto engine. 3756 * Must use software-crypto. */ 3757 err = -EOPNOTSUPP; 3758 goto out_unlock; 3759 } 3760 3761 err = -EINVAL; 3762 switch (key->cipher) { 3763 case WLAN_CIPHER_SUITE_WEP40: 3764 algorithm = B43_SEC_ALGO_WEP40; 3765 break; 3766 case WLAN_CIPHER_SUITE_WEP104: 3767 algorithm = B43_SEC_ALGO_WEP104; 3768 break; 3769 case WLAN_CIPHER_SUITE_TKIP: 3770 algorithm = B43_SEC_ALGO_TKIP; 3771 break; 3772 case WLAN_CIPHER_SUITE_CCMP: 3773 algorithm = B43_SEC_ALGO_AES; 3774 break; 3775 default: 3776 B43_WARN_ON(1); 3777 goto out_unlock; 3778 } 3779 index = (u8) (key->keyidx); 3780 if (index > 3) 3781 goto out_unlock; 3782 3783 switch (cmd) { 3784 case SET_KEY: 3785 if (algorithm == B43_SEC_ALGO_TKIP && 3786 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3787 !modparam_hwtkip)) { 3788 /* We support only pairwise key */ 3789 err = -EOPNOTSUPP; 3790 goto out_unlock; 3791 } 3792 3793 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3794 if (WARN_ON(!sta)) { 3795 err = -EOPNOTSUPP; 3796 goto out_unlock; 3797 } 3798 /* Pairwise key with an assigned MAC address. */ 3799 err = b43_key_write(dev, -1, algorithm, 3800 key->key, key->keylen, 3801 sta->addr, key); 3802 } else { 3803 /* Group key */ 3804 err = b43_key_write(dev, index, algorithm, 3805 key->key, key->keylen, NULL, key); 3806 } 3807 if (err) 3808 goto out_unlock; 3809 3810 if (algorithm == B43_SEC_ALGO_WEP40 || 3811 algorithm == B43_SEC_ALGO_WEP104) { 3812 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3813 } else { 3814 b43_hf_write(dev, 3815 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3816 } 3817 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3818 if (algorithm == B43_SEC_ALGO_TKIP) 3819 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3820 break; 3821 case DISABLE_KEY: { 3822 err = b43_key_clear(dev, key->hw_key_idx); 3823 if (err) 3824 goto out_unlock; 3825 break; 3826 } 3827 default: 3828 B43_WARN_ON(1); 3829 } 3830 3831out_unlock: 3832 if (!err) { 3833 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3834 "mac: %pM\n", 3835 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3836 sta ? sta->addr : bcast_addr); 3837 b43_dump_keymemory(dev); 3838 } 3839 mutex_unlock(&wl->mutex); 3840 3841 return err; 3842} 3843 3844static void b43_op_configure_filter(struct ieee80211_hw *hw, 3845 unsigned int changed, unsigned int *fflags, 3846 u64 multicast) 3847{ 3848 struct b43_wl *wl = hw_to_b43_wl(hw); 3849 struct b43_wldev *dev; 3850 3851 mutex_lock(&wl->mutex); 3852 dev = wl->current_dev; 3853 if (!dev) { 3854 *fflags = 0; 3855 goto out_unlock; 3856 } 3857 3858 *fflags &= FIF_PROMISC_IN_BSS | 3859 FIF_ALLMULTI | 3860 FIF_FCSFAIL | 3861 FIF_PLCPFAIL | 3862 FIF_CONTROL | 3863 FIF_OTHER_BSS | 3864 FIF_BCN_PRBRESP_PROMISC; 3865 3866 changed &= FIF_PROMISC_IN_BSS | 3867 FIF_ALLMULTI | 3868 FIF_FCSFAIL | 3869 FIF_PLCPFAIL | 3870 FIF_CONTROL | 3871 FIF_OTHER_BSS | 3872 FIF_BCN_PRBRESP_PROMISC; 3873 3874 wl->filter_flags = *fflags; 3875 3876 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3877 b43_adjust_opmode(dev); 3878 3879out_unlock: 3880 mutex_unlock(&wl->mutex); 3881} 3882 3883/* Locking: wl->mutex 3884 * Returns the current dev. This might be different from the passed in dev, 3885 * because the core might be gone away while we unlocked the mutex. */ 3886static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3887{ 3888 struct b43_wl *wl = dev->wl; 3889 struct b43_wldev *orig_dev; 3890 u32 mask; 3891 3892redo: 3893 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3894 return dev; 3895 3896 /* Cancel work. Unlock to avoid deadlocks. */ 3897 mutex_unlock(&wl->mutex); 3898 cancel_delayed_work_sync(&dev->periodic_work); 3899 cancel_work_sync(&wl->tx_work); 3900 mutex_lock(&wl->mutex); 3901 dev = wl->current_dev; 3902 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3903 /* Whoops, aliens ate up the device while we were unlocked. */ 3904 return dev; 3905 } 3906 3907 /* Disable interrupts on the device. */ 3908 b43_set_status(dev, B43_STAT_INITIALIZED); 3909 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3910 /* wl->mutex is locked. That is enough. */ 3911 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3912 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3913 } else { 3914 spin_lock_irq(&wl->hardirq_lock); 3915 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3916 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3917 spin_unlock_irq(&wl->hardirq_lock); 3918 } 3919 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3920 orig_dev = dev; 3921 mutex_unlock(&wl->mutex); 3922 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3923 b43_sdio_free_irq(dev); 3924 } else { 3925 synchronize_irq(dev->dev->irq); 3926 free_irq(dev->dev->irq, dev); 3927 } 3928 mutex_lock(&wl->mutex); 3929 dev = wl->current_dev; 3930 if (!dev) 3931 return dev; 3932 if (dev != orig_dev) { 3933 if (b43_status(dev) >= B43_STAT_STARTED) 3934 goto redo; 3935 return dev; 3936 } 3937 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 3938 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 3939 3940 /* Drain the TX queue */ 3941 while (skb_queue_len(&wl->tx_queue)) 3942 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 3943 3944 b43_mac_suspend(dev); 3945 b43_leds_exit(dev); 3946 b43dbg(wl, "Wireless interface stopped\n"); 3947 3948 return dev; 3949} 3950 3951/* Locking: wl->mutex */ 3952static int b43_wireless_core_start(struct b43_wldev *dev) 3953{ 3954 int err; 3955 3956 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3957 3958 drain_txstatus_queue(dev); 3959 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3960 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 3961 if (err) { 3962 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 3963 goto out; 3964 } 3965 } else { 3966 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 3967 b43_interrupt_thread_handler, 3968 IRQF_SHARED, KBUILD_MODNAME, dev); 3969 if (err) { 3970 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3971 goto out; 3972 } 3973 } 3974 3975 /* We are ready to run. */ 3976 ieee80211_wake_queues(dev->wl->hw); 3977 b43_set_status(dev, B43_STAT_STARTED); 3978 3979 /* Start data flow (TX/RX). */ 3980 b43_mac_enable(dev); 3981 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 3982 3983 /* Start maintainance work */ 3984 b43_periodic_tasks_setup(dev); 3985 3986 b43_leds_init(dev); 3987 3988 b43dbg(dev->wl, "Wireless interface started\n"); 3989out: 3990 return err; 3991} 3992 3993/* Get PHY and RADIO versioning numbers */ 3994static int b43_phy_versioning(struct b43_wldev *dev) 3995{ 3996 struct b43_phy *phy = &dev->phy; 3997 u32 tmp; 3998 u8 analog_type; 3999 u8 phy_type; 4000 u8 phy_rev; 4001 u16 radio_manuf; 4002 u16 radio_ver; 4003 u16 radio_rev; 4004 int unsupported = 0; 4005 4006 /* Get PHY versioning */ 4007 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 4008 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 4009 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 4010 phy_rev = (tmp & B43_PHYVER_VERSION); 4011 switch (phy_type) { 4012 case B43_PHYTYPE_A: 4013 if (phy_rev >= 4) 4014 unsupported = 1; 4015 break; 4016 case B43_PHYTYPE_B: 4017 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4018 && phy_rev != 7) 4019 unsupported = 1; 4020 break; 4021 case B43_PHYTYPE_G: 4022 if (phy_rev > 9) 4023 unsupported = 1; 4024 break; 4025#ifdef CONFIG_B43_NPHY 4026 case B43_PHYTYPE_N: 4027 if (phy_rev > 4) 4028 unsupported = 1; 4029 break; 4030#endif 4031#ifdef CONFIG_B43_PHY_LP 4032 case B43_PHYTYPE_LP: 4033 if (phy_rev > 2) 4034 unsupported = 1; 4035 break; 4036#endif 4037 default: 4038 unsupported = 1; 4039 }; 4040 if (unsupported) { 4041 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4042 "(Analog %u, Type %u, Revision %u)\n", 4043 analog_type, phy_type, phy_rev); 4044 return -EOPNOTSUPP; 4045 } 4046 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4047 analog_type, phy_type, phy_rev); 4048 4049 /* Get RADIO versioning */ 4050 if (dev->dev->bus->chip_id == 0x4317) { 4051 if (dev->dev->bus->chip_rev == 0) 4052 tmp = 0x3205017F; 4053 else if (dev->dev->bus->chip_rev == 1) 4054 tmp = 0x4205017F; 4055 else 4056 tmp = 0x5205017F; 4057 } else { 4058 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4059 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4060 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4061 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4062 } 4063 radio_manuf = (tmp & 0x00000FFF); 4064 radio_ver = (tmp & 0x0FFFF000) >> 12; 4065 radio_rev = (tmp & 0xF0000000) >> 28; 4066 if (radio_manuf != 0x17F /* Broadcom */) 4067 unsupported = 1; 4068 switch (phy_type) { 4069 case B43_PHYTYPE_A: 4070 if (radio_ver != 0x2060) 4071 unsupported = 1; 4072 if (radio_rev != 1) 4073 unsupported = 1; 4074 if (radio_manuf != 0x17F) 4075 unsupported = 1; 4076 break; 4077 case B43_PHYTYPE_B: 4078 if ((radio_ver & 0xFFF0) != 0x2050) 4079 unsupported = 1; 4080 break; 4081 case B43_PHYTYPE_G: 4082 if (radio_ver != 0x2050) 4083 unsupported = 1; 4084 break; 4085 case B43_PHYTYPE_N: 4086 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4087 unsupported = 1; 4088 break; 4089 case B43_PHYTYPE_LP: 4090 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4091 unsupported = 1; 4092 break; 4093 default: 4094 B43_WARN_ON(1); 4095 } 4096 if (unsupported) { 4097 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4098 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4099 radio_manuf, radio_ver, radio_rev); 4100 return -EOPNOTSUPP; 4101 } 4102 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4103 radio_manuf, radio_ver, radio_rev); 4104 4105 phy->radio_manuf = radio_manuf; 4106 phy->radio_ver = radio_ver; 4107 phy->radio_rev = radio_rev; 4108 4109 phy->analog = analog_type; 4110 phy->type = phy_type; 4111 phy->rev = phy_rev; 4112 4113 return 0; 4114} 4115 4116static void setup_struct_phy_for_init(struct b43_wldev *dev, 4117 struct b43_phy *phy) 4118{ 4119 phy->hardware_power_control = !!modparam_hwpctl; 4120 phy->next_txpwr_check_time = jiffies; 4121 /* PHY TX errors counter. */ 4122 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4123 4124#if B43_DEBUG 4125 phy->phy_locked = 0; 4126 phy->radio_locked = 0; 4127#endif 4128} 4129 4130static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4131{ 4132 dev->dfq_valid = 0; 4133 4134 /* Assume the radio is enabled. If it's not enabled, the state will 4135 * immediately get fixed on the first periodic work run. */ 4136 dev->radio_hw_enable = 1; 4137 4138 /* Stats */ 4139 memset(&dev->stats, 0, sizeof(dev->stats)); 4140 4141 setup_struct_phy_for_init(dev, &dev->phy); 4142 4143 /* IRQ related flags */ 4144 dev->irq_reason = 0; 4145 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4146 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4147 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4148 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4149 4150 dev->mac_suspended = 1; 4151 4152 /* Noise calculation context */ 4153 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4154} 4155 4156static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4157{ 4158 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 4159 u64 hf; 4160 4161 if (!modparam_btcoex) 4162 return; 4163 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4164 return; 4165 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4166 return; 4167 4168 hf = b43_hf_read(dev); 4169 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4170 hf |= B43_HF_BTCOEXALT; 4171 else 4172 hf |= B43_HF_BTCOEX; 4173 b43_hf_write(dev, hf); 4174} 4175 4176static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4177{ 4178 if (!modparam_btcoex) 4179 return; 4180 //TODO 4181} 4182 4183static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4184{ 4185#ifdef CONFIG_SSB_DRIVER_PCICORE 4186 struct ssb_bus *bus = dev->dev->bus; 4187 u32 tmp; 4188 4189 if (bus->pcicore.dev && 4190 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 4191 bus->pcicore.dev->id.revision <= 5) { 4192 /* IMCFGLO timeouts workaround. */ 4193 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 4194 switch (bus->bustype) { 4195 case SSB_BUSTYPE_PCI: 4196 case SSB_BUSTYPE_PCMCIA: 4197 tmp &= ~SSB_IMCFGLO_REQTO; 4198 tmp &= ~SSB_IMCFGLO_SERTO; 4199 tmp |= 0x32; 4200 break; 4201 case SSB_BUSTYPE_SSB: 4202 tmp &= ~SSB_IMCFGLO_REQTO; 4203 tmp &= ~SSB_IMCFGLO_SERTO; 4204 tmp |= 0x53; 4205 break; 4206 default: 4207 break; 4208 } 4209 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 4210 } 4211#endif /* CONFIG_SSB_DRIVER_PCICORE */ 4212} 4213 4214static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4215{ 4216 u16 pu_delay; 4217 4218 /* The time value is in microseconds. */ 4219 if (dev->phy.type == B43_PHYTYPE_A) 4220 pu_delay = 3700; 4221 else 4222 pu_delay = 1050; 4223 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4224 pu_delay = 500; 4225 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4226 pu_delay = max(pu_delay, (u16)2400); 4227 4228 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4229} 4230 4231/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4232static void b43_set_pretbtt(struct b43_wldev *dev) 4233{ 4234 u16 pretbtt; 4235 4236 /* The time value is in microseconds. */ 4237 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4238 pretbtt = 2; 4239 } else { 4240 if (dev->phy.type == B43_PHYTYPE_A) 4241 pretbtt = 120; 4242 else 4243 pretbtt = 250; 4244 } 4245 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4246 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4247} 4248 4249/* Shutdown a wireless core */ 4250/* Locking: wl->mutex */ 4251static void b43_wireless_core_exit(struct b43_wldev *dev) 4252{ 4253 u32 macctl; 4254 4255 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4256 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4257 return; 4258 4259 /* Unregister HW RNG driver */ 4260 b43_rng_exit(dev->wl); 4261 4262 b43_set_status(dev, B43_STAT_UNINIT); 4263 4264 /* Stop the microcode PSM. */ 4265 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4266 macctl &= ~B43_MACCTL_PSM_RUN; 4267 macctl |= B43_MACCTL_PSM_JMP0; 4268 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4269 4270 b43_dma_free(dev); 4271 b43_pio_free(dev); 4272 b43_chip_exit(dev); 4273 dev->phy.ops->switch_analog(dev, 0); 4274 if (dev->wl->current_beacon) { 4275 dev_kfree_skb_any(dev->wl->current_beacon); 4276 dev->wl->current_beacon = NULL; 4277 } 4278 4279 ssb_device_disable(dev->dev, 0); 4280 ssb_bus_may_powerdown(dev->dev->bus); 4281} 4282 4283/* Initialize a wireless core */ 4284static int b43_wireless_core_init(struct b43_wldev *dev) 4285{ 4286 struct ssb_bus *bus = dev->dev->bus; 4287 struct ssb_sprom *sprom = &bus->sprom; 4288 struct b43_phy *phy = &dev->phy; 4289 int err; 4290 u64 hf; 4291 u32 tmp; 4292 4293 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4294 4295 err = ssb_bus_powerup(bus, 0); 4296 if (err) 4297 goto out; 4298 if (!ssb_device_is_enabled(dev->dev)) { 4299 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 4300 b43_wireless_core_reset(dev, tmp); 4301 } 4302 4303 /* Reset all data structures. */ 4304 setup_struct_wldev_for_init(dev); 4305 phy->ops->prepare_structs(dev); 4306 4307 /* Enable IRQ routing to this device. */ 4308 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 4309 4310 b43_imcfglo_timeouts_workaround(dev); 4311 b43_bluetooth_coext_disable(dev); 4312 if (phy->ops->prepare_hardware) { 4313 err = phy->ops->prepare_hardware(dev); 4314 if (err) 4315 goto err_busdown; 4316 } 4317 err = b43_chip_init(dev); 4318 if (err) 4319 goto err_busdown; 4320 b43_shm_write16(dev, B43_SHM_SHARED, 4321 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 4322 hf = b43_hf_read(dev); 4323 if (phy->type == B43_PHYTYPE_G) { 4324 hf |= B43_HF_SYMW; 4325 if (phy->rev == 1) 4326 hf |= B43_HF_GDCW; 4327 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4328 hf |= B43_HF_OFDMPABOOST; 4329 } 4330 if (phy->radio_ver == 0x2050) { 4331 if (phy->radio_rev == 6) 4332 hf |= B43_HF_4318TSSI; 4333 if (phy->radio_rev < 6) 4334 hf |= B43_HF_VCORECALC; 4335 } 4336 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4337 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4338#ifdef CONFIG_SSB_DRIVER_PCICORE 4339 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4340 (bus->pcicore.dev->id.revision <= 10)) 4341 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4342#endif 4343 hf &= ~B43_HF_SKCFPUP; 4344 b43_hf_write(dev, hf); 4345 4346 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4347 B43_DEFAULT_LONG_RETRY_LIMIT); 4348 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4349 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4350 4351 /* Disable sending probe responses from firmware. 4352 * Setting the MaxTime to one usec will always trigger 4353 * a timeout, so we never send any probe resp. 4354 * A timeout of zero is infinite. */ 4355 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4356 4357 b43_rate_memory_init(dev); 4358 b43_set_phytxctl_defaults(dev); 4359 4360 /* Minimum Contention Window */ 4361 if (phy->type == B43_PHYTYPE_B) 4362 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4363 else 4364 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4365 /* Maximum Contention Window */ 4366 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4367 4368 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || 4369 (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) || 4370 dev->use_pio) { 4371 dev->__using_pio_transfers = 1; 4372 err = b43_pio_init(dev); 4373 } else { 4374 dev->__using_pio_transfers = 0; 4375 err = b43_dma_init(dev); 4376 } 4377 if (err) 4378 goto err_chip_exit; 4379 b43_qos_init(dev); 4380 b43_set_synth_pu_delay(dev, 1); 4381 b43_bluetooth_coext_enable(dev); 4382 4383 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4384 b43_upload_card_macaddress(dev); 4385 b43_security_init(dev); 4386 4387 ieee80211_wake_queues(dev->wl->hw); 4388 4389 b43_set_status(dev, B43_STAT_INITIALIZED); 4390 4391 /* Register HW RNG driver */ 4392 b43_rng_init(dev->wl); 4393 4394out: 4395 return err; 4396 4397err_chip_exit: 4398 b43_chip_exit(dev); 4399err_busdown: 4400 ssb_bus_may_powerdown(bus); 4401 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4402 return err; 4403} 4404 4405static int b43_op_add_interface(struct ieee80211_hw *hw, 4406 struct ieee80211_vif *vif) 4407{ 4408 struct b43_wl *wl = hw_to_b43_wl(hw); 4409 struct b43_wldev *dev; 4410 int err = -EOPNOTSUPP; 4411 4412 /* TODO: allow WDS/AP devices to coexist */ 4413 4414 if (vif->type != NL80211_IFTYPE_AP && 4415 vif->type != NL80211_IFTYPE_MESH_POINT && 4416 vif->type != NL80211_IFTYPE_STATION && 4417 vif->type != NL80211_IFTYPE_WDS && 4418 vif->type != NL80211_IFTYPE_ADHOC) 4419 return -EOPNOTSUPP; 4420 4421 mutex_lock(&wl->mutex); 4422 if (wl->operating) 4423 goto out_mutex_unlock; 4424 4425 b43dbg(wl, "Adding Interface type %d\n", vif->type); 4426 4427 dev = wl->current_dev; 4428 wl->operating = 1; 4429 wl->vif = vif; 4430 wl->if_type = vif->type; 4431 memcpy(wl->mac_addr, vif->addr, ETH_ALEN); 4432 4433 b43_adjust_opmode(dev); 4434 b43_set_pretbtt(dev); 4435 b43_set_synth_pu_delay(dev, 0); 4436 b43_upload_card_macaddress(dev); 4437 4438 err = 0; 4439 out_mutex_unlock: 4440 mutex_unlock(&wl->mutex); 4441 4442 return err; 4443} 4444 4445static void b43_op_remove_interface(struct ieee80211_hw *hw, 4446 struct ieee80211_vif *vif) 4447{ 4448 struct b43_wl *wl = hw_to_b43_wl(hw); 4449 struct b43_wldev *dev = wl->current_dev; 4450 4451 b43dbg(wl, "Removing Interface type %d\n", vif->type); 4452 4453 mutex_lock(&wl->mutex); 4454 4455 B43_WARN_ON(!wl->operating); 4456 B43_WARN_ON(wl->vif != vif); 4457 wl->vif = NULL; 4458 4459 wl->operating = 0; 4460 4461 b43_adjust_opmode(dev); 4462 memset(wl->mac_addr, 0, ETH_ALEN); 4463 b43_upload_card_macaddress(dev); 4464 4465 mutex_unlock(&wl->mutex); 4466} 4467 4468static int b43_op_start(struct ieee80211_hw *hw) 4469{ 4470 struct b43_wl *wl = hw_to_b43_wl(hw); 4471 struct b43_wldev *dev = wl->current_dev; 4472 int did_init = 0; 4473 int err = 0; 4474 4475 /* Kill all old instance specific information to make sure 4476 * the card won't use it in the short timeframe between start 4477 * and mac80211 reconfiguring it. */ 4478 memset(wl->bssid, 0, ETH_ALEN); 4479 memset(wl->mac_addr, 0, ETH_ALEN); 4480 wl->filter_flags = 0; 4481 wl->radiotap_enabled = 0; 4482 b43_qos_clear(wl); 4483 wl->beacon0_uploaded = 0; 4484 wl->beacon1_uploaded = 0; 4485 wl->beacon_templates_virgin = 1; 4486 wl->radio_enabled = 1; 4487 4488 mutex_lock(&wl->mutex); 4489 4490 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4491 err = b43_wireless_core_init(dev); 4492 if (err) 4493 goto out_mutex_unlock; 4494 did_init = 1; 4495 } 4496 4497 if (b43_status(dev) < B43_STAT_STARTED) { 4498 err = b43_wireless_core_start(dev); 4499 if (err) { 4500 if (did_init) 4501 b43_wireless_core_exit(dev); 4502 goto out_mutex_unlock; 4503 } 4504 } 4505 4506 /* XXX: only do if device doesn't support rfkill irq */ 4507 wiphy_rfkill_start_polling(hw->wiphy); 4508 4509 out_mutex_unlock: 4510 mutex_unlock(&wl->mutex); 4511 4512 return err; 4513} 4514 4515static void b43_op_stop(struct ieee80211_hw *hw) 4516{ 4517 struct b43_wl *wl = hw_to_b43_wl(hw); 4518 struct b43_wldev *dev = wl->current_dev; 4519 4520 cancel_work_sync(&(wl->beacon_update_trigger)); 4521 4522 mutex_lock(&wl->mutex); 4523 if (b43_status(dev) >= B43_STAT_STARTED) { 4524 dev = b43_wireless_core_stop(dev); 4525 if (!dev) 4526 goto out_unlock; 4527 } 4528 b43_wireless_core_exit(dev); 4529 wl->radio_enabled = 0; 4530 4531out_unlock: 4532 mutex_unlock(&wl->mutex); 4533 4534 cancel_work_sync(&(wl->txpower_adjust_work)); 4535} 4536 4537static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4538 struct ieee80211_sta *sta, bool set) 4539{ 4540 struct b43_wl *wl = hw_to_b43_wl(hw); 4541 4542 /* FIXME: add locking */ 4543 b43_update_templates(wl); 4544 4545 return 0; 4546} 4547 4548static void b43_op_sta_notify(struct ieee80211_hw *hw, 4549 struct ieee80211_vif *vif, 4550 enum sta_notify_cmd notify_cmd, 4551 struct ieee80211_sta *sta) 4552{ 4553 struct b43_wl *wl = hw_to_b43_wl(hw); 4554 4555 B43_WARN_ON(!vif || wl->vif != vif); 4556} 4557 4558static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4559{ 4560 struct b43_wl *wl = hw_to_b43_wl(hw); 4561 struct b43_wldev *dev; 4562 4563 mutex_lock(&wl->mutex); 4564 dev = wl->current_dev; 4565 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4566 /* Disable CFP update during scan on other channels. */ 4567 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4568 } 4569 mutex_unlock(&wl->mutex); 4570} 4571 4572static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4573{ 4574 struct b43_wl *wl = hw_to_b43_wl(hw); 4575 struct b43_wldev *dev; 4576 4577 mutex_lock(&wl->mutex); 4578 dev = wl->current_dev; 4579 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4580 /* Re-enable CFP update. */ 4581 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4582 } 4583 mutex_unlock(&wl->mutex); 4584} 4585 4586static int b43_op_get_survey(struct ieee80211_hw *hw, int idx, 4587 struct survey_info *survey) 4588{ 4589 struct b43_wl *wl = hw_to_b43_wl(hw); 4590 struct b43_wldev *dev = wl->current_dev; 4591 struct ieee80211_conf *conf = &hw->conf; 4592 4593 if (idx != 0) 4594 return -ENOENT; 4595 4596 survey->channel = conf->channel; 4597 survey->filled = SURVEY_INFO_NOISE_DBM; 4598 survey->noise = dev->stats.link_noise; 4599 4600 return 0; 4601} 4602 4603static const struct ieee80211_ops b43_hw_ops = { 4604 .tx = b43_op_tx, 4605 .conf_tx = b43_op_conf_tx, 4606 .add_interface = b43_op_add_interface, 4607 .remove_interface = b43_op_remove_interface, 4608 .config = b43_op_config, 4609 .bss_info_changed = b43_op_bss_info_changed, 4610 .configure_filter = b43_op_configure_filter, 4611 .set_key = b43_op_set_key, 4612 .update_tkip_key = b43_op_update_tkip_key, 4613 .get_stats = b43_op_get_stats, 4614 .get_tsf = b43_op_get_tsf, 4615 .set_tsf = b43_op_set_tsf, 4616 .start = b43_op_start, 4617 .stop = b43_op_stop, 4618 .set_tim = b43_op_beacon_set_tim, 4619 .sta_notify = b43_op_sta_notify, 4620 .sw_scan_start = b43_op_sw_scan_start_notifier, 4621 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4622 .get_survey = b43_op_get_survey, 4623 .rfkill_poll = b43_rfkill_poll, 4624}; 4625 4626/* Hard-reset the chip. Do not call this directly. 4627 * Use b43_controller_restart() 4628 */ 4629static void b43_chip_reset(struct work_struct *work) 4630{ 4631 struct b43_wldev *dev = 4632 container_of(work, struct b43_wldev, restart_work); 4633 struct b43_wl *wl = dev->wl; 4634 int err = 0; 4635 int prev_status; 4636 4637 mutex_lock(&wl->mutex); 4638 4639 prev_status = b43_status(dev); 4640 /* Bring the device down... */ 4641 if (prev_status >= B43_STAT_STARTED) { 4642 dev = b43_wireless_core_stop(dev); 4643 if (!dev) { 4644 err = -ENODEV; 4645 goto out; 4646 } 4647 } 4648 if (prev_status >= B43_STAT_INITIALIZED) 4649 b43_wireless_core_exit(dev); 4650 4651 /* ...and up again. */ 4652 if (prev_status >= B43_STAT_INITIALIZED) { 4653 err = b43_wireless_core_init(dev); 4654 if (err) 4655 goto out; 4656 } 4657 if (prev_status >= B43_STAT_STARTED) { 4658 err = b43_wireless_core_start(dev); 4659 if (err) { 4660 b43_wireless_core_exit(dev); 4661 goto out; 4662 } 4663 } 4664out: 4665 if (err) 4666 wl->current_dev = NULL; /* Failed to init the dev. */ 4667 mutex_unlock(&wl->mutex); 4668 if (err) 4669 b43err(wl, "Controller restart FAILED\n"); 4670 else 4671 b43info(wl, "Controller restarted\n"); 4672} 4673 4674static int b43_setup_bands(struct b43_wldev *dev, 4675 bool have_2ghz_phy, bool have_5ghz_phy) 4676{ 4677 struct ieee80211_hw *hw = dev->wl->hw; 4678 4679 if (have_2ghz_phy) 4680 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4681 if (dev->phy.type == B43_PHYTYPE_N) { 4682 if (have_5ghz_phy) 4683 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4684 } else { 4685 if (have_5ghz_phy) 4686 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4687 } 4688 4689 dev->phy.supports_2ghz = have_2ghz_phy; 4690 dev->phy.supports_5ghz = have_5ghz_phy; 4691 4692 return 0; 4693} 4694 4695static void b43_wireless_core_detach(struct b43_wldev *dev) 4696{ 4697 /* We release firmware that late to not be required to re-request 4698 * is all the time when we reinit the core. */ 4699 b43_release_firmware(dev); 4700 b43_phy_free(dev); 4701} 4702 4703static int b43_wireless_core_attach(struct b43_wldev *dev) 4704{ 4705 struct b43_wl *wl = dev->wl; 4706 struct ssb_bus *bus = dev->dev->bus; 4707 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL; 4708 int err; 4709 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4710 u32 tmp; 4711 4712 /* Do NOT do any device initialization here. 4713 * Do it in wireless_core_init() instead. 4714 * This function is for gathering basic information about the HW, only. 4715 * Also some structs may be set up here. But most likely you want to have 4716 * that in core_init(), too. 4717 */ 4718 4719 err = ssb_bus_powerup(bus, 0); 4720 if (err) { 4721 b43err(wl, "Bus powerup failed\n"); 4722 goto out; 4723 } 4724 /* Get the PHY type. */ 4725 if (dev->dev->id.revision >= 5) { 4726 u32 tmshigh; 4727 4728 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4729 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4730 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4731 } else 4732 B43_WARN_ON(1); 4733 4734 dev->phy.gmode = have_2ghz_phy; 4735 dev->phy.radio_on = 1; 4736 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4737 b43_wireless_core_reset(dev, tmp); 4738 4739 err = b43_phy_versioning(dev); 4740 if (err) 4741 goto err_powerdown; 4742 /* Check if this device supports multiband. */ 4743 if (!pdev || 4744 (pdev->device != 0x4312 && 4745 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4746 /* No multiband support. */ 4747 have_2ghz_phy = 0; 4748 have_5ghz_phy = 0; 4749 switch (dev->phy.type) { 4750 case B43_PHYTYPE_A: 4751 have_5ghz_phy = 1; 4752 break; 4753 case B43_PHYTYPE_LP: //FIXME not always! 4754#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4755 have_5ghz_phy = 1; 4756#endif 4757 case B43_PHYTYPE_G: 4758 case B43_PHYTYPE_N: 4759 have_2ghz_phy = 1; 4760 break; 4761 default: 4762 B43_WARN_ON(1); 4763 } 4764 } 4765 if (dev->phy.type == B43_PHYTYPE_A) { 4766 /* FIXME */ 4767 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4768 err = -EOPNOTSUPP; 4769 goto err_powerdown; 4770 } 4771 if (1 /* disable A-PHY */) { 4772 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4773 if (dev->phy.type != B43_PHYTYPE_N && 4774 dev->phy.type != B43_PHYTYPE_LP) { 4775 have_2ghz_phy = 1; 4776 have_5ghz_phy = 0; 4777 } 4778 } 4779 4780 err = b43_phy_allocate(dev); 4781 if (err) 4782 goto err_powerdown; 4783 4784 dev->phy.gmode = have_2ghz_phy; 4785 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4786 b43_wireless_core_reset(dev, tmp); 4787 4788 err = b43_validate_chipaccess(dev); 4789 if (err) 4790 goto err_phy_free; 4791 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4792 if (err) 4793 goto err_phy_free; 4794 4795 /* Now set some default "current_dev" */ 4796 if (!wl->current_dev) 4797 wl->current_dev = dev; 4798 INIT_WORK(&dev->restart_work, b43_chip_reset); 4799 4800 dev->phy.ops->switch_analog(dev, 0); 4801 ssb_device_disable(dev->dev, 0); 4802 ssb_bus_may_powerdown(bus); 4803 4804out: 4805 return err; 4806 4807err_phy_free: 4808 b43_phy_free(dev); 4809err_powerdown: 4810 ssb_bus_may_powerdown(bus); 4811 return err; 4812} 4813 4814static void b43_one_core_detach(struct ssb_device *dev) 4815{ 4816 struct b43_wldev *wldev; 4817 struct b43_wl *wl; 4818 4819 /* Do not cancel ieee80211-workqueue based work here. 4820 * See comment in b43_remove(). */ 4821 4822 wldev = ssb_get_drvdata(dev); 4823 wl = wldev->wl; 4824 b43_debugfs_remove_device(wldev); 4825 b43_wireless_core_detach(wldev); 4826 list_del(&wldev->list); 4827 wl->nr_devs--; 4828 ssb_set_drvdata(dev, NULL); 4829 kfree(wldev); 4830} 4831 4832static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4833{ 4834 struct b43_wldev *wldev; 4835 struct pci_dev *pdev; 4836 int err = -ENOMEM; 4837 4838 if (!list_empty(&wl->devlist)) { 4839 /* We are not the first core on this chip. */ 4840 pdev = (dev->bus->bustype == SSB_BUSTYPE_PCI) ? dev->bus->host_pci : NULL; 4841 /* Only special chips support more than one wireless 4842 * core, although some of the other chips have more than 4843 * one wireless core as well. Check for this and 4844 * bail out early. 4845 */ 4846 if (!pdev || 4847 ((pdev->device != 0x4321) && 4848 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4849 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4850 return -ENODEV; 4851 } 4852 } 4853 4854 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4855 if (!wldev) 4856 goto out; 4857 4858 wldev->use_pio = b43_modparam_pio; 4859 wldev->dev = dev; 4860 wldev->wl = wl; 4861 b43_set_status(wldev, B43_STAT_UNINIT); 4862 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4863 INIT_LIST_HEAD(&wldev->list); 4864 4865 err = b43_wireless_core_attach(wldev); 4866 if (err) 4867 goto err_kfree_wldev; 4868 4869 list_add(&wldev->list, &wl->devlist); 4870 wl->nr_devs++; 4871 ssb_set_drvdata(dev, wldev); 4872 b43_debugfs_add_device(wldev); 4873 4874 out: 4875 return err; 4876 4877 err_kfree_wldev: 4878 kfree(wldev); 4879 return err; 4880} 4881 4882#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4883 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4884 (pdev->device == _device) && \ 4885 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4886 (pdev->subsystem_device == _subdevice) ) 4887 4888static void b43_sprom_fixup(struct ssb_bus *bus) 4889{ 4890 struct pci_dev *pdev; 4891 4892 /* boardflags workarounds */ 4893 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4894 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4895 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4896 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4897 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4898 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4899 if (bus->bustype == SSB_BUSTYPE_PCI) { 4900 pdev = bus->host_pci; 4901 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4902 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4903 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4904 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4905 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4906 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4907 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4908 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4909 } 4910} 4911 4912static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4913{ 4914 struct ieee80211_hw *hw = wl->hw; 4915 4916 ssb_set_devtypedata(dev, NULL); 4917 ieee80211_free_hw(hw); 4918} 4919 4920static int b43_wireless_init(struct ssb_device *dev) 4921{ 4922 struct ssb_sprom *sprom = &dev->bus->sprom; 4923 struct ieee80211_hw *hw; 4924 struct b43_wl *wl; 4925 int err = -ENOMEM; 4926 4927 b43_sprom_fixup(dev->bus); 4928 4929 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4930 if (!hw) { 4931 b43err(NULL, "Could not allocate ieee80211 device\n"); 4932 goto out; 4933 } 4934 wl = hw_to_b43_wl(hw); 4935 4936 /* fill hw info */ 4937 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4938 IEEE80211_HW_SIGNAL_DBM; 4939 4940 hw->wiphy->interface_modes = 4941 BIT(NL80211_IFTYPE_AP) | 4942 BIT(NL80211_IFTYPE_MESH_POINT) | 4943 BIT(NL80211_IFTYPE_STATION) | 4944 BIT(NL80211_IFTYPE_WDS) | 4945 BIT(NL80211_IFTYPE_ADHOC); 4946 4947 hw->queues = modparam_qos ? 4 : 1; 4948 wl->mac80211_initially_registered_queues = hw->queues; 4949 hw->max_rates = 2; 4950 SET_IEEE80211_DEV(hw, dev->dev); 4951 if (is_valid_ether_addr(sprom->et1mac)) 4952 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4953 else 4954 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4955 4956 /* Initialize struct b43_wl */ 4957 wl->hw = hw; 4958 mutex_init(&wl->mutex); 4959 spin_lock_init(&wl->hardirq_lock); 4960 INIT_LIST_HEAD(&wl->devlist); 4961 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4962 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 4963 INIT_WORK(&wl->tx_work, b43_tx_work); 4964 skb_queue_head_init(&wl->tx_queue); 4965 4966 ssb_set_devtypedata(dev, wl); 4967 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 4968 dev->bus->chip_id, dev->id.revision); 4969 err = 0; 4970out: 4971 return err; 4972} 4973 4974static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4975{ 4976 struct b43_wl *wl; 4977 int err; 4978 int first = 0; 4979 4980 wl = ssb_get_devtypedata(dev); 4981 if (!wl) { 4982 /* Probing the first core. Must setup common struct b43_wl */ 4983 first = 1; 4984 err = b43_wireless_init(dev); 4985 if (err) 4986 goto out; 4987 wl = ssb_get_devtypedata(dev); 4988 B43_WARN_ON(!wl); 4989 } 4990 err = b43_one_core_attach(dev, wl); 4991 if (err) 4992 goto err_wireless_exit; 4993 4994 if (first) { 4995 err = ieee80211_register_hw(wl->hw); 4996 if (err) 4997 goto err_one_core_detach; 4998 b43_leds_register(wl->current_dev); 4999 } 5000 5001 out: 5002 return err; 5003 5004 err_one_core_detach: 5005 b43_one_core_detach(dev); 5006 err_wireless_exit: 5007 if (first) 5008 b43_wireless_exit(dev, wl); 5009 return err; 5010} 5011 5012static void b43_remove(struct ssb_device *dev) 5013{ 5014 struct b43_wl *wl = ssb_get_devtypedata(dev); 5015 struct b43_wldev *wldev = ssb_get_drvdata(dev); 5016 5017 /* We must cancel any work here before unregistering from ieee80211, 5018 * as the ieee80211 unreg will destroy the workqueue. */ 5019 cancel_work_sync(&wldev->restart_work); 5020 5021 B43_WARN_ON(!wl); 5022 if (wl->current_dev == wldev) { 5023 /* Restore the queues count before unregistering, because firmware detect 5024 * might have modified it. Restoring is important, so the networking 5025 * stack can properly free resources. */ 5026 wl->hw->queues = wl->mac80211_initially_registered_queues; 5027 b43_leds_stop(wldev); 5028 ieee80211_unregister_hw(wl->hw); 5029 } 5030 5031 b43_one_core_detach(dev); 5032 5033 if (list_empty(&wl->devlist)) { 5034 b43_leds_unregister(wl); 5035 /* Last core on the chip unregistered. 5036 * We can destroy common struct b43_wl. 5037 */ 5038 b43_wireless_exit(dev, wl); 5039 } 5040} 5041 5042/* Perform a hardware reset. This can be called from any context. */ 5043void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5044{ 5045 /* Must avoid requeueing, if we are in shutdown. */ 5046 if (b43_status(dev) < B43_STAT_INITIALIZED) 5047 return; 5048 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5049 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5050} 5051 5052static struct ssb_driver b43_ssb_driver = { 5053 .name = KBUILD_MODNAME, 5054 .id_table = b43_ssb_tbl, 5055 .probe = b43_probe, 5056 .remove = b43_remove, 5057}; 5058 5059static void b43_print_driverinfo(void) 5060{ 5061 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5062 *feat_leds = "", *feat_sdio = ""; 5063 5064#ifdef CONFIG_B43_PCI_AUTOSELECT 5065 feat_pci = "P"; 5066#endif 5067#ifdef CONFIG_B43_PCMCIA 5068 feat_pcmcia = "M"; 5069#endif 5070#ifdef CONFIG_B43_NPHY 5071 feat_nphy = "N"; 5072#endif 5073#ifdef CONFIG_B43_LEDS 5074 feat_leds = "L"; 5075#endif 5076#ifdef CONFIG_B43_SDIO 5077 feat_sdio = "S"; 5078#endif 5079 printk(KERN_INFO "Broadcom 43xx driver loaded " 5080 "[ Features: %s%s%s%s%s, Firmware-ID: " 5081 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5082 feat_pci, feat_pcmcia, feat_nphy, 5083 feat_leds, feat_sdio); 5084} 5085 5086static int __init b43_init(void) 5087{ 5088 int err; 5089 5090 b43_debugfs_init(); 5091 err = b43_pcmcia_init(); 5092 if (err) 5093 goto err_dfs_exit; 5094 err = b43_sdio_init(); 5095 if (err) 5096 goto err_pcmcia_exit; 5097 err = ssb_driver_register(&b43_ssb_driver); 5098 if (err) 5099 goto err_sdio_exit; 5100 b43_print_driverinfo(); 5101 5102 return err; 5103 5104err_sdio_exit: 5105 b43_sdio_exit(); 5106err_pcmcia_exit: 5107 b43_pcmcia_exit(); 5108err_dfs_exit: 5109 b43_debugfs_exit(); 5110 return err; 5111} 5112 5113static void __exit b43_exit(void) 5114{ 5115 ssb_driver_unregister(&b43_ssb_driver); 5116 b43_sdio_exit(); 5117 b43_pcmcia_exit(); 5118 b43_debugfs_exit(); 5119} 5120 5121module_init(b43_init) 5122module_exit(b43_exit) 5123