main.c revision a18c715e63505850edd2b69ded5373d6d464cd80
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <linux/slab.h> 46#include <asm/unaligned.h> 47 48#include "b43.h" 49#include "main.h" 50#include "debugfs.h" 51#include "phy_common.h" 52#include "phy_g.h" 53#include "phy_n.h" 54#include "dma.h" 55#include "pio.h" 56#include "sysfs.h" 57#include "xmit.h" 58#include "lo.h" 59#include "pcmcia.h" 60#include "sdio.h" 61#include <linux/mmc/sdio_func.h> 62 63MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 64MODULE_AUTHOR("Martin Langer"); 65MODULE_AUTHOR("Stefano Brivio"); 66MODULE_AUTHOR("Michael Buesch"); 67MODULE_AUTHOR("Gábor Stefanik"); 68MODULE_LICENSE("GPL"); 69 70MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 71MODULE_FIRMWARE("b43/ucode11.fw"); 72MODULE_FIRMWARE("b43/ucode13.fw"); 73MODULE_FIRMWARE("b43/ucode14.fw"); 74MODULE_FIRMWARE("b43/ucode15.fw"); 75MODULE_FIRMWARE("b43/ucode16_mimo.fw"); 76MODULE_FIRMWARE("b43/ucode5.fw"); 77MODULE_FIRMWARE("b43/ucode9.fw"); 78 79static int modparam_bad_frames_preempt; 80module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 81MODULE_PARM_DESC(bad_frames_preempt, 82 "enable(1) / disable(0) Bad Frames Preemption"); 83 84static char modparam_fwpostfix[16]; 85module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 86MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 87 88static int modparam_hwpctl; 89module_param_named(hwpctl, modparam_hwpctl, int, 0444); 90MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 91 92static int modparam_nohwcrypt; 93module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 94MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 95 96static int modparam_hwtkip; 97module_param_named(hwtkip, modparam_hwtkip, int, 0444); 98MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 99 100static int modparam_qos = 1; 101module_param_named(qos, modparam_qos, int, 0444); 102MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 103 104static int modparam_btcoex = 1; 105module_param_named(btcoex, modparam_btcoex, int, 0444); 106MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 107 108int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 109module_param_named(verbose, b43_modparam_verbose, int, 0644); 110MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 111 112static int b43_modparam_pio = B43_PIO_DEFAULT; 113module_param_named(pio, b43_modparam_pio, int, 0644); 114MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO"); 115 116static const struct ssb_device_id b43_ssb_tbl[] = { 117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12), 124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 126 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 127 SSB_DEVTABLE_END 128}; 129 130MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 131 132/* Channel and ratetables are shared for all devices. 133 * They can't be const, because ieee80211 puts some precalculated 134 * data in there. This data is the same for all devices, so we don't 135 * get concurrency issues */ 136#define RATETAB_ENT(_rateid, _flags) \ 137 { \ 138 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 139 .hw_value = (_rateid), \ 140 .flags = (_flags), \ 141 } 142 143/* 144 * NOTE: When changing this, sync with xmit.c's 145 * b43_plcp_get_bitrate_idx_* functions! 146 */ 147static struct ieee80211_rate __b43_ratetable[] = { 148 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 149 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 150 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 151 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 152 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 153 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 154 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 155 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 156 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 157 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 158 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 159 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 160}; 161 162#define b43_a_ratetable (__b43_ratetable + 4) 163#define b43_a_ratetable_size 8 164#define b43_b_ratetable (__b43_ratetable + 0) 165#define b43_b_ratetable_size 4 166#define b43_g_ratetable (__b43_ratetable + 0) 167#define b43_g_ratetable_size 12 168 169#define CHAN4G(_channel, _freq, _flags) { \ 170 .band = IEEE80211_BAND_2GHZ, \ 171 .center_freq = (_freq), \ 172 .hw_value = (_channel), \ 173 .flags = (_flags), \ 174 .max_antenna_gain = 0, \ 175 .max_power = 30, \ 176} 177static struct ieee80211_channel b43_2ghz_chantable[] = { 178 CHAN4G(1, 2412, 0), 179 CHAN4G(2, 2417, 0), 180 CHAN4G(3, 2422, 0), 181 CHAN4G(4, 2427, 0), 182 CHAN4G(5, 2432, 0), 183 CHAN4G(6, 2437, 0), 184 CHAN4G(7, 2442, 0), 185 CHAN4G(8, 2447, 0), 186 CHAN4G(9, 2452, 0), 187 CHAN4G(10, 2457, 0), 188 CHAN4G(11, 2462, 0), 189 CHAN4G(12, 2467, 0), 190 CHAN4G(13, 2472, 0), 191 CHAN4G(14, 2484, 0), 192}; 193#undef CHAN4G 194 195#define CHAN5G(_channel, _flags) { \ 196 .band = IEEE80211_BAND_5GHZ, \ 197 .center_freq = 5000 + (5 * (_channel)), \ 198 .hw_value = (_channel), \ 199 .flags = (_flags), \ 200 .max_antenna_gain = 0, \ 201 .max_power = 30, \ 202} 203static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 204 CHAN5G(32, 0), CHAN5G(34, 0), 205 CHAN5G(36, 0), CHAN5G(38, 0), 206 CHAN5G(40, 0), CHAN5G(42, 0), 207 CHAN5G(44, 0), CHAN5G(46, 0), 208 CHAN5G(48, 0), CHAN5G(50, 0), 209 CHAN5G(52, 0), CHAN5G(54, 0), 210 CHAN5G(56, 0), CHAN5G(58, 0), 211 CHAN5G(60, 0), CHAN5G(62, 0), 212 CHAN5G(64, 0), CHAN5G(66, 0), 213 CHAN5G(68, 0), CHAN5G(70, 0), 214 CHAN5G(72, 0), CHAN5G(74, 0), 215 CHAN5G(76, 0), CHAN5G(78, 0), 216 CHAN5G(80, 0), CHAN5G(82, 0), 217 CHAN5G(84, 0), CHAN5G(86, 0), 218 CHAN5G(88, 0), CHAN5G(90, 0), 219 CHAN5G(92, 0), CHAN5G(94, 0), 220 CHAN5G(96, 0), CHAN5G(98, 0), 221 CHAN5G(100, 0), CHAN5G(102, 0), 222 CHAN5G(104, 0), CHAN5G(106, 0), 223 CHAN5G(108, 0), CHAN5G(110, 0), 224 CHAN5G(112, 0), CHAN5G(114, 0), 225 CHAN5G(116, 0), CHAN5G(118, 0), 226 CHAN5G(120, 0), CHAN5G(122, 0), 227 CHAN5G(124, 0), CHAN5G(126, 0), 228 CHAN5G(128, 0), CHAN5G(130, 0), 229 CHAN5G(132, 0), CHAN5G(134, 0), 230 CHAN5G(136, 0), CHAN5G(138, 0), 231 CHAN5G(140, 0), CHAN5G(142, 0), 232 CHAN5G(144, 0), CHAN5G(145, 0), 233 CHAN5G(146, 0), CHAN5G(147, 0), 234 CHAN5G(148, 0), CHAN5G(149, 0), 235 CHAN5G(150, 0), CHAN5G(151, 0), 236 CHAN5G(152, 0), CHAN5G(153, 0), 237 CHAN5G(154, 0), CHAN5G(155, 0), 238 CHAN5G(156, 0), CHAN5G(157, 0), 239 CHAN5G(158, 0), CHAN5G(159, 0), 240 CHAN5G(160, 0), CHAN5G(161, 0), 241 CHAN5G(162, 0), CHAN5G(163, 0), 242 CHAN5G(164, 0), CHAN5G(165, 0), 243 CHAN5G(166, 0), CHAN5G(168, 0), 244 CHAN5G(170, 0), CHAN5G(172, 0), 245 CHAN5G(174, 0), CHAN5G(176, 0), 246 CHAN5G(178, 0), CHAN5G(180, 0), 247 CHAN5G(182, 0), CHAN5G(184, 0), 248 CHAN5G(186, 0), CHAN5G(188, 0), 249 CHAN5G(190, 0), CHAN5G(192, 0), 250 CHAN5G(194, 0), CHAN5G(196, 0), 251 CHAN5G(198, 0), CHAN5G(200, 0), 252 CHAN5G(202, 0), CHAN5G(204, 0), 253 CHAN5G(206, 0), CHAN5G(208, 0), 254 CHAN5G(210, 0), CHAN5G(212, 0), 255 CHAN5G(214, 0), CHAN5G(216, 0), 256 CHAN5G(218, 0), CHAN5G(220, 0), 257 CHAN5G(222, 0), CHAN5G(224, 0), 258 CHAN5G(226, 0), CHAN5G(228, 0), 259}; 260 261static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 262 CHAN5G(34, 0), CHAN5G(36, 0), 263 CHAN5G(38, 0), CHAN5G(40, 0), 264 CHAN5G(42, 0), CHAN5G(44, 0), 265 CHAN5G(46, 0), CHAN5G(48, 0), 266 CHAN5G(52, 0), CHAN5G(56, 0), 267 CHAN5G(60, 0), CHAN5G(64, 0), 268 CHAN5G(100, 0), CHAN5G(104, 0), 269 CHAN5G(108, 0), CHAN5G(112, 0), 270 CHAN5G(116, 0), CHAN5G(120, 0), 271 CHAN5G(124, 0), CHAN5G(128, 0), 272 CHAN5G(132, 0), CHAN5G(136, 0), 273 CHAN5G(140, 0), CHAN5G(149, 0), 274 CHAN5G(153, 0), CHAN5G(157, 0), 275 CHAN5G(161, 0), CHAN5G(165, 0), 276 CHAN5G(184, 0), CHAN5G(188, 0), 277 CHAN5G(192, 0), CHAN5G(196, 0), 278 CHAN5G(200, 0), CHAN5G(204, 0), 279 CHAN5G(208, 0), CHAN5G(212, 0), 280 CHAN5G(216, 0), 281}; 282#undef CHAN5G 283 284static struct ieee80211_supported_band b43_band_5GHz_nphy = { 285 .band = IEEE80211_BAND_5GHZ, 286 .channels = b43_5ghz_nphy_chantable, 287 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 288 .bitrates = b43_a_ratetable, 289 .n_bitrates = b43_a_ratetable_size, 290}; 291 292static struct ieee80211_supported_band b43_band_5GHz_aphy = { 293 .band = IEEE80211_BAND_5GHZ, 294 .channels = b43_5ghz_aphy_chantable, 295 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 296 .bitrates = b43_a_ratetable, 297 .n_bitrates = b43_a_ratetable_size, 298}; 299 300static struct ieee80211_supported_band b43_band_2GHz = { 301 .band = IEEE80211_BAND_2GHZ, 302 .channels = b43_2ghz_chantable, 303 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 304 .bitrates = b43_g_ratetable, 305 .n_bitrates = b43_g_ratetable_size, 306}; 307 308static void b43_wireless_core_exit(struct b43_wldev *dev); 309static int b43_wireless_core_init(struct b43_wldev *dev); 310static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 311static int b43_wireless_core_start(struct b43_wldev *dev); 312 313static int b43_ratelimit(struct b43_wl *wl) 314{ 315 if (!wl || !wl->current_dev) 316 return 1; 317 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 318 return 1; 319 /* We are up and running. 320 * Ratelimit the messages to avoid DoS over the net. */ 321 return net_ratelimit(); 322} 323 324void b43info(struct b43_wl *wl, const char *fmt, ...) 325{ 326 struct va_format vaf; 327 va_list args; 328 329 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 330 return; 331 if (!b43_ratelimit(wl)) 332 return; 333 334 va_start(args, fmt); 335 336 vaf.fmt = fmt; 337 vaf.va = &args; 338 339 printk(KERN_INFO "b43-%s: %pV", 340 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 341 342 va_end(args); 343} 344 345void b43err(struct b43_wl *wl, const char *fmt, ...) 346{ 347 struct va_format vaf; 348 va_list args; 349 350 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 351 return; 352 if (!b43_ratelimit(wl)) 353 return; 354 355 va_start(args, fmt); 356 357 vaf.fmt = fmt; 358 vaf.va = &args; 359 360 printk(KERN_ERR "b43-%s ERROR: %pV", 361 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 362 363 va_end(args); 364} 365 366void b43warn(struct b43_wl *wl, const char *fmt, ...) 367{ 368 struct va_format vaf; 369 va_list args; 370 371 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 372 return; 373 if (!b43_ratelimit(wl)) 374 return; 375 376 va_start(args, fmt); 377 378 vaf.fmt = fmt; 379 vaf.va = &args; 380 381 printk(KERN_WARNING "b43-%s warning: %pV", 382 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 383 384 va_end(args); 385} 386 387void b43dbg(struct b43_wl *wl, const char *fmt, ...) 388{ 389 struct va_format vaf; 390 va_list args; 391 392 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 393 return; 394 395 va_start(args, fmt); 396 397 vaf.fmt = fmt; 398 vaf.va = &args; 399 400 printk(KERN_DEBUG "b43-%s debug: %pV", 401 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 402 403 va_end(args); 404} 405 406static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 407{ 408 u32 macctl; 409 410 B43_WARN_ON(offset % 4 != 0); 411 412 macctl = b43_read32(dev, B43_MMIO_MACCTL); 413 if (macctl & B43_MACCTL_BE) 414 val = swab32(val); 415 416 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 417 mmiowb(); 418 b43_write32(dev, B43_MMIO_RAM_DATA, val); 419} 420 421static inline void b43_shm_control_word(struct b43_wldev *dev, 422 u16 routing, u16 offset) 423{ 424 u32 control; 425 426 /* "offset" is the WORD offset. */ 427 control = routing; 428 control <<= 16; 429 control |= offset; 430 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 431} 432 433u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 434{ 435 u32 ret; 436 437 if (routing == B43_SHM_SHARED) { 438 B43_WARN_ON(offset & 0x0001); 439 if (offset & 0x0003) { 440 /* Unaligned access */ 441 b43_shm_control_word(dev, routing, offset >> 2); 442 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 443 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 444 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 445 446 goto out; 447 } 448 offset >>= 2; 449 } 450 b43_shm_control_word(dev, routing, offset); 451 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 452out: 453 return ret; 454} 455 456u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 457{ 458 u16 ret; 459 460 if (routing == B43_SHM_SHARED) { 461 B43_WARN_ON(offset & 0x0001); 462 if (offset & 0x0003) { 463 /* Unaligned access */ 464 b43_shm_control_word(dev, routing, offset >> 2); 465 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 466 467 goto out; 468 } 469 offset >>= 2; 470 } 471 b43_shm_control_word(dev, routing, offset); 472 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 473out: 474 return ret; 475} 476 477void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 478{ 479 if (routing == B43_SHM_SHARED) { 480 B43_WARN_ON(offset & 0x0001); 481 if (offset & 0x0003) { 482 /* Unaligned access */ 483 b43_shm_control_word(dev, routing, offset >> 2); 484 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 485 value & 0xFFFF); 486 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 487 b43_write16(dev, B43_MMIO_SHM_DATA, 488 (value >> 16) & 0xFFFF); 489 return; 490 } 491 offset >>= 2; 492 } 493 b43_shm_control_word(dev, routing, offset); 494 b43_write32(dev, B43_MMIO_SHM_DATA, value); 495} 496 497void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 498{ 499 if (routing == B43_SHM_SHARED) { 500 B43_WARN_ON(offset & 0x0001); 501 if (offset & 0x0003) { 502 /* Unaligned access */ 503 b43_shm_control_word(dev, routing, offset >> 2); 504 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 505 return; 506 } 507 offset >>= 2; 508 } 509 b43_shm_control_word(dev, routing, offset); 510 b43_write16(dev, B43_MMIO_SHM_DATA, value); 511} 512 513/* Read HostFlags */ 514u64 b43_hf_read(struct b43_wldev *dev) 515{ 516 u64 ret; 517 518 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 519 ret <<= 16; 520 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 521 ret <<= 16; 522 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 523 524 return ret; 525} 526 527/* Write HostFlags */ 528void b43_hf_write(struct b43_wldev *dev, u64 value) 529{ 530 u16 lo, mi, hi; 531 532 lo = (value & 0x00000000FFFFULL); 533 mi = (value & 0x0000FFFF0000ULL) >> 16; 534 hi = (value & 0xFFFF00000000ULL) >> 32; 535 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 536 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 537 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 538} 539 540/* Read the firmware capabilities bitmask (Opensource firmware only) */ 541static u16 b43_fwcapa_read(struct b43_wldev *dev) 542{ 543 B43_WARN_ON(!dev->fw.opensource); 544 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 545} 546 547void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 548{ 549 u32 low, high; 550 551 B43_WARN_ON(dev->dev->core_rev < 3); 552 553 /* The hardware guarantees us an atomic read, if we 554 * read the low register first. */ 555 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 556 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 557 558 *tsf = high; 559 *tsf <<= 32; 560 *tsf |= low; 561} 562 563static void b43_time_lock(struct b43_wldev *dev) 564{ 565 u32 macctl; 566 567 macctl = b43_read32(dev, B43_MMIO_MACCTL); 568 macctl |= B43_MACCTL_TBTTHOLD; 569 b43_write32(dev, B43_MMIO_MACCTL, macctl); 570 /* Commit the write */ 571 b43_read32(dev, B43_MMIO_MACCTL); 572} 573 574static void b43_time_unlock(struct b43_wldev *dev) 575{ 576 u32 macctl; 577 578 macctl = b43_read32(dev, B43_MMIO_MACCTL); 579 macctl &= ~B43_MACCTL_TBTTHOLD; 580 b43_write32(dev, B43_MMIO_MACCTL, macctl); 581 /* Commit the write */ 582 b43_read32(dev, B43_MMIO_MACCTL); 583} 584 585static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 586{ 587 u32 low, high; 588 589 B43_WARN_ON(dev->dev->core_rev < 3); 590 591 low = tsf; 592 high = (tsf >> 32); 593 /* The hardware guarantees us an atomic write, if we 594 * write the low register first. */ 595 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 596 mmiowb(); 597 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 598 mmiowb(); 599} 600 601void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 602{ 603 b43_time_lock(dev); 604 b43_tsf_write_locked(dev, tsf); 605 b43_time_unlock(dev); 606} 607 608static 609void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 610{ 611 static const u8 zero_addr[ETH_ALEN] = { 0 }; 612 u16 data; 613 614 if (!mac) 615 mac = zero_addr; 616 617 offset |= 0x0020; 618 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 619 620 data = mac[0]; 621 data |= mac[1] << 8; 622 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 623 data = mac[2]; 624 data |= mac[3] << 8; 625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 626 data = mac[4]; 627 data |= mac[5] << 8; 628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 629} 630 631static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 632{ 633 const u8 *mac; 634 const u8 *bssid; 635 u8 mac_bssid[ETH_ALEN * 2]; 636 int i; 637 u32 tmp; 638 639 bssid = dev->wl->bssid; 640 mac = dev->wl->mac_addr; 641 642 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 643 644 memcpy(mac_bssid, mac, ETH_ALEN); 645 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 646 647 /* Write our MAC address and BSSID to template ram */ 648 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 649 tmp = (u32) (mac_bssid[i + 0]); 650 tmp |= (u32) (mac_bssid[i + 1]) << 8; 651 tmp |= (u32) (mac_bssid[i + 2]) << 16; 652 tmp |= (u32) (mac_bssid[i + 3]) << 24; 653 b43_ram_write(dev, 0x20 + i, tmp); 654 } 655} 656 657static void b43_upload_card_macaddress(struct b43_wldev *dev) 658{ 659 b43_write_mac_bssid_templates(dev); 660 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 661} 662 663static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 664{ 665 /* slot_time is in usec. */ 666 /* This test used to exit for all but a G PHY. */ 667 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ) 668 return; 669 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time); 670 /* Shared memory location 0x0010 is the slot time and should be 671 * set to slot_time; however, this register is initially 0 and changing 672 * the value adversely affects the transmit rate for BCM4311 673 * devices. Until this behavior is unterstood, delete this step 674 * 675 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 676 */ 677} 678 679static void b43_short_slot_timing_enable(struct b43_wldev *dev) 680{ 681 b43_set_slot_time(dev, 9); 682} 683 684static void b43_short_slot_timing_disable(struct b43_wldev *dev) 685{ 686 b43_set_slot_time(dev, 20); 687} 688 689/* DummyTransmission function, as documented on 690 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 691 */ 692void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 693{ 694 struct b43_phy *phy = &dev->phy; 695 unsigned int i, max_loop; 696 u16 value; 697 u32 buffer[5] = { 698 0x00000000, 699 0x00D40000, 700 0x00000000, 701 0x01000000, 702 0x00000000, 703 }; 704 705 if (ofdm) { 706 max_loop = 0x1E; 707 buffer[0] = 0x000201CC; 708 } else { 709 max_loop = 0xFA; 710 buffer[0] = 0x000B846E; 711 } 712 713 for (i = 0; i < 5; i++) 714 b43_ram_write(dev, i * 4, buffer[i]); 715 716 b43_write16(dev, 0x0568, 0x0000); 717 if (dev->dev->core_rev < 11) 718 b43_write16(dev, 0x07C0, 0x0000); 719 else 720 b43_write16(dev, 0x07C0, 0x0100); 721 value = (ofdm ? 0x41 : 0x40); 722 b43_write16(dev, 0x050C, value); 723 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 724 b43_write16(dev, 0x0514, 0x1A02); 725 b43_write16(dev, 0x0508, 0x0000); 726 b43_write16(dev, 0x050A, 0x0000); 727 b43_write16(dev, 0x054C, 0x0000); 728 b43_write16(dev, 0x056A, 0x0014); 729 b43_write16(dev, 0x0568, 0x0826); 730 b43_write16(dev, 0x0500, 0x0000); 731 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 732 //SPEC TODO 733 } 734 735 switch (phy->type) { 736 case B43_PHYTYPE_N: 737 b43_write16(dev, 0x0502, 0x00D0); 738 break; 739 case B43_PHYTYPE_LP: 740 b43_write16(dev, 0x0502, 0x0050); 741 break; 742 default: 743 b43_write16(dev, 0x0502, 0x0030); 744 } 745 746 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 747 b43_radio_write16(dev, 0x0051, 0x0017); 748 for (i = 0x00; i < max_loop; i++) { 749 value = b43_read16(dev, 0x050E); 750 if (value & 0x0080) 751 break; 752 udelay(10); 753 } 754 for (i = 0x00; i < 0x0A; i++) { 755 value = b43_read16(dev, 0x050E); 756 if (value & 0x0400) 757 break; 758 udelay(10); 759 } 760 for (i = 0x00; i < 0x19; i++) { 761 value = b43_read16(dev, 0x0690); 762 if (!(value & 0x0100)) 763 break; 764 udelay(10); 765 } 766 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 767 b43_radio_write16(dev, 0x0051, 0x0037); 768} 769 770static void key_write(struct b43_wldev *dev, 771 u8 index, u8 algorithm, const u8 *key) 772{ 773 unsigned int i; 774 u32 offset; 775 u16 value; 776 u16 kidx; 777 778 /* Key index/algo block */ 779 kidx = b43_kidx_to_fw(dev, index); 780 value = ((kidx << 4) | algorithm); 781 b43_shm_write16(dev, B43_SHM_SHARED, 782 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 783 784 /* Write the key to the Key Table Pointer offset */ 785 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 786 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 787 value = key[i]; 788 value |= (u16) (key[i + 1]) << 8; 789 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 790 } 791} 792 793static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 794{ 795 u32 addrtmp[2] = { 0, 0, }; 796 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 797 798 if (b43_new_kidx_api(dev)) 799 pairwise_keys_start = B43_NR_GROUP_KEYS; 800 801 B43_WARN_ON(index < pairwise_keys_start); 802 /* We have four default TX keys and possibly four default RX keys. 803 * Physical mac 0 is mapped to physical key 4 or 8, depending 804 * on the firmware version. 805 * So we must adjust the index here. 806 */ 807 index -= pairwise_keys_start; 808 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 809 810 if (addr) { 811 addrtmp[0] = addr[0]; 812 addrtmp[0] |= ((u32) (addr[1]) << 8); 813 addrtmp[0] |= ((u32) (addr[2]) << 16); 814 addrtmp[0] |= ((u32) (addr[3]) << 24); 815 addrtmp[1] = addr[4]; 816 addrtmp[1] |= ((u32) (addr[5]) << 8); 817 } 818 819 /* Receive match transmitter address (RCMTA) mechanism */ 820 b43_shm_write32(dev, B43_SHM_RCMTA, 821 (index * 2) + 0, addrtmp[0]); 822 b43_shm_write16(dev, B43_SHM_RCMTA, 823 (index * 2) + 1, addrtmp[1]); 824} 825 826/* The ucode will use phase1 key with TEK key to decrypt rx packets. 827 * When a packet is received, the iv32 is checked. 828 * - if it doesn't the packet is returned without modification (and software 829 * decryption can be done). That's what happen when iv16 wrap. 830 * - if it does, the rc4 key is computed, and decryption is tried. 831 * Either it will success and B43_RX_MAC_DEC is returned, 832 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 833 * and the packet is not usable (it got modified by the ucode). 834 * So in order to never have B43_RX_MAC_DECERR, we should provide 835 * a iv32 and phase1key that match. Because we drop packets in case of 836 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 837 * packets will be lost without higher layer knowing (ie no resync possible 838 * until next wrap). 839 * 840 * NOTE : this should support 50 key like RCMTA because 841 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 842 */ 843static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 844 u16 *phase1key) 845{ 846 unsigned int i; 847 u32 offset; 848 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 849 850 if (!modparam_hwtkip) 851 return; 852 853 if (b43_new_kidx_api(dev)) 854 pairwise_keys_start = B43_NR_GROUP_KEYS; 855 856 B43_WARN_ON(index < pairwise_keys_start); 857 /* We have four default TX keys and possibly four default RX keys. 858 * Physical mac 0 is mapped to physical key 4 or 8, depending 859 * on the firmware version. 860 * So we must adjust the index here. 861 */ 862 index -= pairwise_keys_start; 863 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 864 865 if (b43_debug(dev, B43_DBG_KEYS)) { 866 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 867 index, iv32); 868 } 869 /* Write the key to the RX tkip shared mem */ 870 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 871 for (i = 0; i < 10; i += 2) { 872 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 873 phase1key ? phase1key[i / 2] : 0); 874 } 875 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 876 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 877} 878 879static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 880 struct ieee80211_vif *vif, 881 struct ieee80211_key_conf *keyconf, 882 struct ieee80211_sta *sta, 883 u32 iv32, u16 *phase1key) 884{ 885 struct b43_wl *wl = hw_to_b43_wl(hw); 886 struct b43_wldev *dev; 887 int index = keyconf->hw_key_idx; 888 889 if (B43_WARN_ON(!modparam_hwtkip)) 890 return; 891 892 /* This is only called from the RX path through mac80211, where 893 * our mutex is already locked. */ 894 B43_WARN_ON(!mutex_is_locked(&wl->mutex)); 895 dev = wl->current_dev; 896 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED); 897 898 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 899 900 rx_tkip_phase1_write(dev, index, iv32, phase1key); 901 /* only pairwise TKIP keys are supported right now */ 902 if (WARN_ON(!sta)) 903 return; 904 keymac_write(dev, index, sta->addr); 905} 906 907static void do_key_write(struct b43_wldev *dev, 908 u8 index, u8 algorithm, 909 const u8 *key, size_t key_len, const u8 *mac_addr) 910{ 911 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 912 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 913 914 if (b43_new_kidx_api(dev)) 915 pairwise_keys_start = B43_NR_GROUP_KEYS; 916 917 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 918 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 919 920 if (index >= pairwise_keys_start) 921 keymac_write(dev, index, NULL); /* First zero out mac. */ 922 if (algorithm == B43_SEC_ALGO_TKIP) { 923 /* 924 * We should provide an initial iv32, phase1key pair. 925 * We could start with iv32=0 and compute the corresponding 926 * phase1key, but this means calling ieee80211_get_tkip_key 927 * with a fake skb (or export other tkip function). 928 * Because we are lazy we hope iv32 won't start with 929 * 0xffffffff and let's b43_op_update_tkip_key provide a 930 * correct pair. 931 */ 932 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 933 } else if (index >= pairwise_keys_start) /* clear it */ 934 rx_tkip_phase1_write(dev, index, 0, NULL); 935 if (key) 936 memcpy(buf, key, key_len); 937 key_write(dev, index, algorithm, buf); 938 if (index >= pairwise_keys_start) 939 keymac_write(dev, index, mac_addr); 940 941 dev->key[index].algorithm = algorithm; 942} 943 944static int b43_key_write(struct b43_wldev *dev, 945 int index, u8 algorithm, 946 const u8 *key, size_t key_len, 947 const u8 *mac_addr, 948 struct ieee80211_key_conf *keyconf) 949{ 950 int i; 951 int pairwise_keys_start; 952 953 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 954 * - Temporal Encryption Key (128 bits) 955 * - Temporal Authenticator Tx MIC Key (64 bits) 956 * - Temporal Authenticator Rx MIC Key (64 bits) 957 * 958 * Hardware only store TEK 959 */ 960 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 961 key_len = 16; 962 if (key_len > B43_SEC_KEYSIZE) 963 return -EINVAL; 964 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 965 /* Check that we don't already have this key. */ 966 B43_WARN_ON(dev->key[i].keyconf == keyconf); 967 } 968 if (index < 0) { 969 /* Pairwise key. Get an empty slot for the key. */ 970 if (b43_new_kidx_api(dev)) 971 pairwise_keys_start = B43_NR_GROUP_KEYS; 972 else 973 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 974 for (i = pairwise_keys_start; 975 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 976 i++) { 977 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 978 if (!dev->key[i].keyconf) { 979 /* found empty */ 980 index = i; 981 break; 982 } 983 } 984 if (index < 0) { 985 b43warn(dev->wl, "Out of hardware key memory\n"); 986 return -ENOSPC; 987 } 988 } else 989 B43_WARN_ON(index > 3); 990 991 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 992 if ((index <= 3) && !b43_new_kidx_api(dev)) { 993 /* Default RX key */ 994 B43_WARN_ON(mac_addr); 995 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 996 } 997 keyconf->hw_key_idx = index; 998 dev->key[index].keyconf = keyconf; 999 1000 return 0; 1001} 1002 1003static int b43_key_clear(struct b43_wldev *dev, int index) 1004{ 1005 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 1006 return -EINVAL; 1007 do_key_write(dev, index, B43_SEC_ALGO_NONE, 1008 NULL, B43_SEC_KEYSIZE, NULL); 1009 if ((index <= 3) && !b43_new_kidx_api(dev)) { 1010 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 1011 NULL, B43_SEC_KEYSIZE, NULL); 1012 } 1013 dev->key[index].keyconf = NULL; 1014 1015 return 0; 1016} 1017 1018static void b43_clear_keys(struct b43_wldev *dev) 1019{ 1020 int i, count; 1021 1022 if (b43_new_kidx_api(dev)) 1023 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1024 else 1025 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1026 for (i = 0; i < count; i++) 1027 b43_key_clear(dev, i); 1028} 1029 1030static void b43_dump_keymemory(struct b43_wldev *dev) 1031{ 1032 unsigned int i, index, count, offset, pairwise_keys_start; 1033 u8 mac[ETH_ALEN]; 1034 u16 algo; 1035 u32 rcmta0; 1036 u16 rcmta1; 1037 u64 hf; 1038 struct b43_key *key; 1039 1040 if (!b43_debug(dev, B43_DBG_KEYS)) 1041 return; 1042 1043 hf = b43_hf_read(dev); 1044 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1045 !!(hf & B43_HF_USEDEFKEYS)); 1046 if (b43_new_kidx_api(dev)) { 1047 pairwise_keys_start = B43_NR_GROUP_KEYS; 1048 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1049 } else { 1050 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1051 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1052 } 1053 for (index = 0; index < count; index++) { 1054 key = &(dev->key[index]); 1055 printk(KERN_DEBUG "Key slot %02u: %s", 1056 index, (key->keyconf == NULL) ? " " : "*"); 1057 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1058 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1059 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1060 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1061 } 1062 1063 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1064 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1065 printk(" Algo: %04X/%02X", algo, key->algorithm); 1066 1067 if (index >= pairwise_keys_start) { 1068 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1069 printk(" TKIP: "); 1070 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1071 for (i = 0; i < 14; i += 2) { 1072 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1073 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1074 } 1075 } 1076 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1077 ((index - pairwise_keys_start) * 2) + 0); 1078 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1079 ((index - pairwise_keys_start) * 2) + 1); 1080 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1081 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1082 printk(" MAC: %pM", mac); 1083 } else 1084 printk(" DEFAULT KEY"); 1085 printk("\n"); 1086 } 1087} 1088 1089void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1090{ 1091 u32 macctl; 1092 u16 ucstat; 1093 bool hwps; 1094 bool awake; 1095 int i; 1096 1097 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1098 (ps_flags & B43_PS_DISABLED)); 1099 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1100 1101 if (ps_flags & B43_PS_ENABLED) { 1102 hwps = 1; 1103 } else if (ps_flags & B43_PS_DISABLED) { 1104 hwps = 0; 1105 } else { 1106 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1107 // and thus is not an AP and we are associated, set bit 25 1108 } 1109 if (ps_flags & B43_PS_AWAKE) { 1110 awake = 1; 1111 } else if (ps_flags & B43_PS_ASLEEP) { 1112 awake = 0; 1113 } else { 1114 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1115 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1116 // successful, set bit26 1117 } 1118 1119/* FIXME: For now we force awake-on and hwps-off */ 1120 hwps = 0; 1121 awake = 1; 1122 1123 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1124 if (hwps) 1125 macctl |= B43_MACCTL_HWPS; 1126 else 1127 macctl &= ~B43_MACCTL_HWPS; 1128 if (awake) 1129 macctl |= B43_MACCTL_AWAKE; 1130 else 1131 macctl &= ~B43_MACCTL_AWAKE; 1132 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1133 /* Commit write */ 1134 b43_read32(dev, B43_MMIO_MACCTL); 1135 if (awake && dev->dev->core_rev >= 5) { 1136 /* Wait for the microcode to wake up. */ 1137 for (i = 0; i < 100; i++) { 1138 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1139 B43_SHM_SH_UCODESTAT); 1140 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1141 break; 1142 udelay(10); 1143 } 1144 } 1145} 1146 1147static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1148{ 1149 u32 tmslow; 1150 1151 flags |= B43_TMSLOW_PHYCLKEN; 1152 flags |= B43_TMSLOW_PHYRESET; 1153 if (dev->phy.type == B43_PHYTYPE_N) 1154 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */ 1155 ssb_device_enable(dev->sdev, flags); 1156 msleep(2); /* Wait for the PLL to turn on. */ 1157 1158 /* Now take the PHY out of Reset again */ 1159 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW); 1160 tmslow |= SSB_TMSLOW_FGC; 1161 tmslow &= ~B43_TMSLOW_PHYRESET; 1162 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow); 1163 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */ 1164 msleep(1); 1165 tmslow &= ~SSB_TMSLOW_FGC; 1166 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow); 1167 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */ 1168 msleep(1); 1169} 1170 1171void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1172{ 1173 u32 macctl; 1174 1175 b43_ssb_wireless_core_reset(dev, flags); 1176 1177 /* Turn Analog ON, but only if we already know the PHY-type. 1178 * This protects against very early setup where we don't know the 1179 * PHY-type, yet. wireless_core_reset will be called once again later, 1180 * when we know the PHY-type. */ 1181 if (dev->phy.ops) 1182 dev->phy.ops->switch_analog(dev, 1); 1183 1184 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1185 macctl &= ~B43_MACCTL_GMODE; 1186 if (flags & B43_TMSLOW_GMODE) 1187 macctl |= B43_MACCTL_GMODE; 1188 macctl |= B43_MACCTL_IHR_ENABLED; 1189 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1190} 1191 1192static void handle_irq_transmit_status(struct b43_wldev *dev) 1193{ 1194 u32 v0, v1; 1195 u16 tmp; 1196 struct b43_txstatus stat; 1197 1198 while (1) { 1199 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1200 if (!(v0 & 0x00000001)) 1201 break; 1202 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1203 1204 stat.cookie = (v0 >> 16); 1205 stat.seq = (v1 & 0x0000FFFF); 1206 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1207 tmp = (v0 & 0x0000FFFF); 1208 stat.frame_count = ((tmp & 0xF000) >> 12); 1209 stat.rts_count = ((tmp & 0x0F00) >> 8); 1210 stat.supp_reason = ((tmp & 0x001C) >> 2); 1211 stat.pm_indicated = !!(tmp & 0x0080); 1212 stat.intermediate = !!(tmp & 0x0040); 1213 stat.for_ampdu = !!(tmp & 0x0020); 1214 stat.acked = !!(tmp & 0x0002); 1215 1216 b43_handle_txstatus(dev, &stat); 1217 } 1218} 1219 1220static void drain_txstatus_queue(struct b43_wldev *dev) 1221{ 1222 u32 dummy; 1223 1224 if (dev->dev->core_rev < 5) 1225 return; 1226 /* Read all entries from the microcode TXstatus FIFO 1227 * and throw them away. 1228 */ 1229 while (1) { 1230 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1231 if (!(dummy & 0x00000001)) 1232 break; 1233 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1234 } 1235} 1236 1237static u32 b43_jssi_read(struct b43_wldev *dev) 1238{ 1239 u32 val = 0; 1240 1241 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1242 val <<= 16; 1243 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1244 1245 return val; 1246} 1247 1248static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1249{ 1250 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1251 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1252} 1253 1254static void b43_generate_noise_sample(struct b43_wldev *dev) 1255{ 1256 b43_jssi_write(dev, 0x7F7F7F7F); 1257 b43_write32(dev, B43_MMIO_MACCMD, 1258 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1259} 1260 1261static void b43_calculate_link_quality(struct b43_wldev *dev) 1262{ 1263 /* Top half of Link Quality calculation. */ 1264 1265 if (dev->phy.type != B43_PHYTYPE_G) 1266 return; 1267 if (dev->noisecalc.calculation_running) 1268 return; 1269 dev->noisecalc.calculation_running = 1; 1270 dev->noisecalc.nr_samples = 0; 1271 1272 b43_generate_noise_sample(dev); 1273} 1274 1275static void handle_irq_noise(struct b43_wldev *dev) 1276{ 1277 struct b43_phy_g *phy = dev->phy.g; 1278 u16 tmp; 1279 u8 noise[4]; 1280 u8 i, j; 1281 s32 average; 1282 1283 /* Bottom half of Link Quality calculation. */ 1284 1285 if (dev->phy.type != B43_PHYTYPE_G) 1286 return; 1287 1288 /* Possible race condition: It might be possible that the user 1289 * changed to a different channel in the meantime since we 1290 * started the calculation. We ignore that fact, since it's 1291 * not really that much of a problem. The background noise is 1292 * an estimation only anyway. Slightly wrong results will get damped 1293 * by the averaging of the 8 sample rounds. Additionally the 1294 * value is shortlived. So it will be replaced by the next noise 1295 * calculation round soon. */ 1296 1297 B43_WARN_ON(!dev->noisecalc.calculation_running); 1298 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1299 if (noise[0] == 0x7F || noise[1] == 0x7F || 1300 noise[2] == 0x7F || noise[3] == 0x7F) 1301 goto generate_new; 1302 1303 /* Get the noise samples. */ 1304 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1305 i = dev->noisecalc.nr_samples; 1306 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1307 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1308 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1309 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1310 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1311 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1312 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1313 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1314 dev->noisecalc.nr_samples++; 1315 if (dev->noisecalc.nr_samples == 8) { 1316 /* Calculate the Link Quality by the noise samples. */ 1317 average = 0; 1318 for (i = 0; i < 8; i++) { 1319 for (j = 0; j < 4; j++) 1320 average += dev->noisecalc.samples[i][j]; 1321 } 1322 average /= (8 * 4); 1323 average *= 125; 1324 average += 64; 1325 average /= 128; 1326 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1327 tmp = (tmp / 128) & 0x1F; 1328 if (tmp >= 8) 1329 average += 2; 1330 else 1331 average -= 25; 1332 if (tmp == 8) 1333 average -= 72; 1334 else 1335 average -= 48; 1336 1337 dev->stats.link_noise = average; 1338 dev->noisecalc.calculation_running = 0; 1339 return; 1340 } 1341generate_new: 1342 b43_generate_noise_sample(dev); 1343} 1344 1345static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1346{ 1347 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1348 ///TODO: PS TBTT 1349 } else { 1350 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1351 b43_power_saving_ctl_bits(dev, 0); 1352 } 1353 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1354 dev->dfq_valid = 1; 1355} 1356 1357static void handle_irq_atim_end(struct b43_wldev *dev) 1358{ 1359 if (dev->dfq_valid) { 1360 b43_write32(dev, B43_MMIO_MACCMD, 1361 b43_read32(dev, B43_MMIO_MACCMD) 1362 | B43_MACCMD_DFQ_VALID); 1363 dev->dfq_valid = 0; 1364 } 1365} 1366 1367static void handle_irq_pmq(struct b43_wldev *dev) 1368{ 1369 u32 tmp; 1370 1371 //TODO: AP mode. 1372 1373 while (1) { 1374 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1375 if (!(tmp & 0x00000008)) 1376 break; 1377 } 1378 /* 16bit write is odd, but correct. */ 1379 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1380} 1381 1382static void b43_write_template_common(struct b43_wldev *dev, 1383 const u8 *data, u16 size, 1384 u16 ram_offset, 1385 u16 shm_size_offset, u8 rate) 1386{ 1387 u32 i, tmp; 1388 struct b43_plcp_hdr4 plcp; 1389 1390 plcp.data = 0; 1391 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1392 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1393 ram_offset += sizeof(u32); 1394 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1395 * So leave the first two bytes of the next write blank. 1396 */ 1397 tmp = (u32) (data[0]) << 16; 1398 tmp |= (u32) (data[1]) << 24; 1399 b43_ram_write(dev, ram_offset, tmp); 1400 ram_offset += sizeof(u32); 1401 for (i = 2; i < size; i += sizeof(u32)) { 1402 tmp = (u32) (data[i + 0]); 1403 if (i + 1 < size) 1404 tmp |= (u32) (data[i + 1]) << 8; 1405 if (i + 2 < size) 1406 tmp |= (u32) (data[i + 2]) << 16; 1407 if (i + 3 < size) 1408 tmp |= (u32) (data[i + 3]) << 24; 1409 b43_ram_write(dev, ram_offset + i - 2, tmp); 1410 } 1411 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1412 size + sizeof(struct b43_plcp_hdr6)); 1413} 1414 1415/* Check if the use of the antenna that ieee80211 told us to 1416 * use is possible. This will fall back to DEFAULT. 1417 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1418u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1419 u8 antenna_nr) 1420{ 1421 u8 antenna_mask; 1422 1423 if (antenna_nr == 0) { 1424 /* Zero means "use default antenna". That's always OK. */ 1425 return 0; 1426 } 1427 1428 /* Get the mask of available antennas. */ 1429 if (dev->phy.gmode) 1430 antenna_mask = dev->dev->bus_sprom->ant_available_bg; 1431 else 1432 antenna_mask = dev->dev->bus_sprom->ant_available_a; 1433 1434 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1435 /* This antenna is not available. Fall back to default. */ 1436 return 0; 1437 } 1438 1439 return antenna_nr; 1440} 1441 1442/* Convert a b43 antenna number value to the PHY TX control value. */ 1443static u16 b43_antenna_to_phyctl(int antenna) 1444{ 1445 switch (antenna) { 1446 case B43_ANTENNA0: 1447 return B43_TXH_PHY_ANT0; 1448 case B43_ANTENNA1: 1449 return B43_TXH_PHY_ANT1; 1450 case B43_ANTENNA2: 1451 return B43_TXH_PHY_ANT2; 1452 case B43_ANTENNA3: 1453 return B43_TXH_PHY_ANT3; 1454 case B43_ANTENNA_AUTO0: 1455 case B43_ANTENNA_AUTO1: 1456 return B43_TXH_PHY_ANT01AUTO; 1457 } 1458 B43_WARN_ON(1); 1459 return 0; 1460} 1461 1462static void b43_write_beacon_template(struct b43_wldev *dev, 1463 u16 ram_offset, 1464 u16 shm_size_offset) 1465{ 1466 unsigned int i, len, variable_len; 1467 const struct ieee80211_mgmt *bcn; 1468 const u8 *ie; 1469 bool tim_found = 0; 1470 unsigned int rate; 1471 u16 ctl; 1472 int antenna; 1473 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1474 1475 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1476 len = min((size_t) dev->wl->current_beacon->len, 1477 0x200 - sizeof(struct b43_plcp_hdr6)); 1478 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1479 1480 b43_write_template_common(dev, (const u8 *)bcn, 1481 len, ram_offset, shm_size_offset, rate); 1482 1483 /* Write the PHY TX control parameters. */ 1484 antenna = B43_ANTENNA_DEFAULT; 1485 antenna = b43_antenna_to_phyctl(antenna); 1486 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1487 /* We can't send beacons with short preamble. Would get PHY errors. */ 1488 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1489 ctl &= ~B43_TXH_PHY_ANT; 1490 ctl &= ~B43_TXH_PHY_ENC; 1491 ctl |= antenna; 1492 if (b43_is_cck_rate(rate)) 1493 ctl |= B43_TXH_PHY_ENC_CCK; 1494 else 1495 ctl |= B43_TXH_PHY_ENC_OFDM; 1496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1497 1498 /* Find the position of the TIM and the DTIM_period value 1499 * and write them to SHM. */ 1500 ie = bcn->u.beacon.variable; 1501 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1502 for (i = 0; i < variable_len - 2; ) { 1503 uint8_t ie_id, ie_len; 1504 1505 ie_id = ie[i]; 1506 ie_len = ie[i + 1]; 1507 if (ie_id == 5) { 1508 u16 tim_position; 1509 u16 dtim_period; 1510 /* This is the TIM Information Element */ 1511 1512 /* Check whether the ie_len is in the beacon data range. */ 1513 if (variable_len < ie_len + 2 + i) 1514 break; 1515 /* A valid TIM is at least 4 bytes long. */ 1516 if (ie_len < 4) 1517 break; 1518 tim_found = 1; 1519 1520 tim_position = sizeof(struct b43_plcp_hdr6); 1521 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1522 tim_position += i; 1523 1524 dtim_period = ie[i + 3]; 1525 1526 b43_shm_write16(dev, B43_SHM_SHARED, 1527 B43_SHM_SH_TIMBPOS, tim_position); 1528 b43_shm_write16(dev, B43_SHM_SHARED, 1529 B43_SHM_SH_DTIMPER, dtim_period); 1530 break; 1531 } 1532 i += ie_len + 2; 1533 } 1534 if (!tim_found) { 1535 /* 1536 * If ucode wants to modify TIM do it behind the beacon, this 1537 * will happen, for example, when doing mesh networking. 1538 */ 1539 b43_shm_write16(dev, B43_SHM_SHARED, 1540 B43_SHM_SH_TIMBPOS, 1541 len + sizeof(struct b43_plcp_hdr6)); 1542 b43_shm_write16(dev, B43_SHM_SHARED, 1543 B43_SHM_SH_DTIMPER, 0); 1544 } 1545 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1546} 1547 1548static void b43_upload_beacon0(struct b43_wldev *dev) 1549{ 1550 struct b43_wl *wl = dev->wl; 1551 1552 if (wl->beacon0_uploaded) 1553 return; 1554 b43_write_beacon_template(dev, 0x68, 0x18); 1555 wl->beacon0_uploaded = 1; 1556} 1557 1558static void b43_upload_beacon1(struct b43_wldev *dev) 1559{ 1560 struct b43_wl *wl = dev->wl; 1561 1562 if (wl->beacon1_uploaded) 1563 return; 1564 b43_write_beacon_template(dev, 0x468, 0x1A); 1565 wl->beacon1_uploaded = 1; 1566} 1567 1568static void handle_irq_beacon(struct b43_wldev *dev) 1569{ 1570 struct b43_wl *wl = dev->wl; 1571 u32 cmd, beacon0_valid, beacon1_valid; 1572 1573 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1574 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1575 return; 1576 1577 /* This is the bottom half of the asynchronous beacon update. */ 1578 1579 /* Ignore interrupt in the future. */ 1580 dev->irq_mask &= ~B43_IRQ_BEACON; 1581 1582 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1583 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1584 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1585 1586 /* Schedule interrupt manually, if busy. */ 1587 if (beacon0_valid && beacon1_valid) { 1588 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1589 dev->irq_mask |= B43_IRQ_BEACON; 1590 return; 1591 } 1592 1593 if (unlikely(wl->beacon_templates_virgin)) { 1594 /* We never uploaded a beacon before. 1595 * Upload both templates now, but only mark one valid. */ 1596 wl->beacon_templates_virgin = 0; 1597 b43_upload_beacon0(dev); 1598 b43_upload_beacon1(dev); 1599 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1600 cmd |= B43_MACCMD_BEACON0_VALID; 1601 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1602 } else { 1603 if (!beacon0_valid) { 1604 b43_upload_beacon0(dev); 1605 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1606 cmd |= B43_MACCMD_BEACON0_VALID; 1607 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1608 } else if (!beacon1_valid) { 1609 b43_upload_beacon1(dev); 1610 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1611 cmd |= B43_MACCMD_BEACON1_VALID; 1612 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1613 } 1614 } 1615} 1616 1617static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1618{ 1619 u32 old_irq_mask = dev->irq_mask; 1620 1621 /* update beacon right away or defer to irq */ 1622 handle_irq_beacon(dev); 1623 if (old_irq_mask != dev->irq_mask) { 1624 /* The handler updated the IRQ mask. */ 1625 B43_WARN_ON(!dev->irq_mask); 1626 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1627 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1628 } else { 1629 /* Device interrupts are currently disabled. That means 1630 * we just ran the hardirq handler and scheduled the 1631 * IRQ thread. The thread will write the IRQ mask when 1632 * it finished, so there's nothing to do here. Writing 1633 * the mask _here_ would incorrectly re-enable IRQs. */ 1634 } 1635 } 1636} 1637 1638static void b43_beacon_update_trigger_work(struct work_struct *work) 1639{ 1640 struct b43_wl *wl = container_of(work, struct b43_wl, 1641 beacon_update_trigger); 1642 struct b43_wldev *dev; 1643 1644 mutex_lock(&wl->mutex); 1645 dev = wl->current_dev; 1646 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1647 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) { 1648 /* wl->mutex is enough. */ 1649 b43_do_beacon_update_trigger_work(dev); 1650 mmiowb(); 1651 } else { 1652 spin_lock_irq(&wl->hardirq_lock); 1653 b43_do_beacon_update_trigger_work(dev); 1654 mmiowb(); 1655 spin_unlock_irq(&wl->hardirq_lock); 1656 } 1657 } 1658 mutex_unlock(&wl->mutex); 1659} 1660 1661/* Asynchronously update the packet templates in template RAM. 1662 * Locking: Requires wl->mutex to be locked. */ 1663static void b43_update_templates(struct b43_wl *wl) 1664{ 1665 struct sk_buff *beacon; 1666 1667 /* This is the top half of the ansynchronous beacon update. 1668 * The bottom half is the beacon IRQ. 1669 * Beacon update must be asynchronous to avoid sending an 1670 * invalid beacon. This can happen for example, if the firmware 1671 * transmits a beacon while we are updating it. */ 1672 1673 /* We could modify the existing beacon and set the aid bit in 1674 * the TIM field, but that would probably require resizing and 1675 * moving of data within the beacon template. 1676 * Simply request a new beacon and let mac80211 do the hard work. */ 1677 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1678 if (unlikely(!beacon)) 1679 return; 1680 1681 if (wl->current_beacon) 1682 dev_kfree_skb_any(wl->current_beacon); 1683 wl->current_beacon = beacon; 1684 wl->beacon0_uploaded = 0; 1685 wl->beacon1_uploaded = 0; 1686 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1687} 1688 1689static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1690{ 1691 b43_time_lock(dev); 1692 if (dev->dev->core_rev >= 3) { 1693 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1694 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1695 } else { 1696 b43_write16(dev, 0x606, (beacon_int >> 6)); 1697 b43_write16(dev, 0x610, beacon_int); 1698 } 1699 b43_time_unlock(dev); 1700 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1701} 1702 1703static void b43_handle_firmware_panic(struct b43_wldev *dev) 1704{ 1705 u16 reason; 1706 1707 /* Read the register that contains the reason code for the panic. */ 1708 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1709 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1710 1711 switch (reason) { 1712 default: 1713 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1714 /* fallthrough */ 1715 case B43_FWPANIC_DIE: 1716 /* Do not restart the controller or firmware. 1717 * The device is nonfunctional from now on. 1718 * Restarting would result in this panic to trigger again, 1719 * so we avoid that recursion. */ 1720 break; 1721 case B43_FWPANIC_RESTART: 1722 b43_controller_restart(dev, "Microcode panic"); 1723 break; 1724 } 1725} 1726 1727static void handle_irq_ucode_debug(struct b43_wldev *dev) 1728{ 1729 unsigned int i, cnt; 1730 u16 reason, marker_id, marker_line; 1731 __le16 *buf; 1732 1733 /* The proprietary firmware doesn't have this IRQ. */ 1734 if (!dev->fw.opensource) 1735 return; 1736 1737 /* Read the register that contains the reason code for this IRQ. */ 1738 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1739 1740 switch (reason) { 1741 case B43_DEBUGIRQ_PANIC: 1742 b43_handle_firmware_panic(dev); 1743 break; 1744 case B43_DEBUGIRQ_DUMP_SHM: 1745 if (!B43_DEBUG) 1746 break; /* Only with driver debugging enabled. */ 1747 buf = kmalloc(4096, GFP_ATOMIC); 1748 if (!buf) { 1749 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1750 goto out; 1751 } 1752 for (i = 0; i < 4096; i += 2) { 1753 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1754 buf[i / 2] = cpu_to_le16(tmp); 1755 } 1756 b43info(dev->wl, "Shared memory dump:\n"); 1757 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1758 16, 2, buf, 4096, 1); 1759 kfree(buf); 1760 break; 1761 case B43_DEBUGIRQ_DUMP_REGS: 1762 if (!B43_DEBUG) 1763 break; /* Only with driver debugging enabled. */ 1764 b43info(dev->wl, "Microcode register dump:\n"); 1765 for (i = 0, cnt = 0; i < 64; i++) { 1766 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1767 if (cnt == 0) 1768 printk(KERN_INFO); 1769 printk("r%02u: 0x%04X ", i, tmp); 1770 cnt++; 1771 if (cnt == 6) { 1772 printk("\n"); 1773 cnt = 0; 1774 } 1775 } 1776 printk("\n"); 1777 break; 1778 case B43_DEBUGIRQ_MARKER: 1779 if (!B43_DEBUG) 1780 break; /* Only with driver debugging enabled. */ 1781 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1782 B43_MARKER_ID_REG); 1783 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1784 B43_MARKER_LINE_REG); 1785 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1786 "at line number %u\n", 1787 marker_id, marker_line); 1788 break; 1789 default: 1790 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1791 reason); 1792 } 1793out: 1794 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1795 b43_shm_write16(dev, B43_SHM_SCRATCH, 1796 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1797} 1798 1799static void b43_do_interrupt_thread(struct b43_wldev *dev) 1800{ 1801 u32 reason; 1802 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1803 u32 merged_dma_reason = 0; 1804 int i; 1805 1806 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1807 return; 1808 1809 reason = dev->irq_reason; 1810 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1811 dma_reason[i] = dev->dma_reason[i]; 1812 merged_dma_reason |= dma_reason[i]; 1813 } 1814 1815 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1816 b43err(dev->wl, "MAC transmission error\n"); 1817 1818 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1819 b43err(dev->wl, "PHY transmission error\n"); 1820 rmb(); 1821 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1822 atomic_set(&dev->phy.txerr_cnt, 1823 B43_PHY_TX_BADNESS_LIMIT); 1824 b43err(dev->wl, "Too many PHY TX errors, " 1825 "restarting the controller\n"); 1826 b43_controller_restart(dev, "PHY TX errors"); 1827 } 1828 } 1829 1830 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1831 B43_DMAIRQ_NONFATALMASK))) { 1832 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1833 b43err(dev->wl, "Fatal DMA error: " 1834 "0x%08X, 0x%08X, 0x%08X, " 1835 "0x%08X, 0x%08X, 0x%08X\n", 1836 dma_reason[0], dma_reason[1], 1837 dma_reason[2], dma_reason[3], 1838 dma_reason[4], dma_reason[5]); 1839 b43err(dev->wl, "This device does not support DMA " 1840 "on your system. It will now be switched to PIO.\n"); 1841 /* Fall back to PIO transfers if we get fatal DMA errors! */ 1842 dev->use_pio = 1; 1843 b43_controller_restart(dev, "DMA error"); 1844 return; 1845 } 1846 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1847 b43err(dev->wl, "DMA error: " 1848 "0x%08X, 0x%08X, 0x%08X, " 1849 "0x%08X, 0x%08X, 0x%08X\n", 1850 dma_reason[0], dma_reason[1], 1851 dma_reason[2], dma_reason[3], 1852 dma_reason[4], dma_reason[5]); 1853 } 1854 } 1855 1856 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1857 handle_irq_ucode_debug(dev); 1858 if (reason & B43_IRQ_TBTT_INDI) 1859 handle_irq_tbtt_indication(dev); 1860 if (reason & B43_IRQ_ATIM_END) 1861 handle_irq_atim_end(dev); 1862 if (reason & B43_IRQ_BEACON) 1863 handle_irq_beacon(dev); 1864 if (reason & B43_IRQ_PMQ) 1865 handle_irq_pmq(dev); 1866 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1867 ;/* TODO */ 1868 if (reason & B43_IRQ_NOISESAMPLE_OK) 1869 handle_irq_noise(dev); 1870 1871 /* Check the DMA reason registers for received data. */ 1872 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1873 if (b43_using_pio_transfers(dev)) 1874 b43_pio_rx(dev->pio.rx_queue); 1875 else 1876 b43_dma_rx(dev->dma.rx_ring); 1877 } 1878 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1879 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1880 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1881 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1882 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1883 1884 if (reason & B43_IRQ_TX_OK) 1885 handle_irq_transmit_status(dev); 1886 1887 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1888 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1889 1890#if B43_DEBUG 1891 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1892 dev->irq_count++; 1893 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1894 if (reason & (1 << i)) 1895 dev->irq_bit_count[i]++; 1896 } 1897 } 1898#endif 1899} 1900 1901/* Interrupt thread handler. Handles device interrupts in thread context. */ 1902static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1903{ 1904 struct b43_wldev *dev = dev_id; 1905 1906 mutex_lock(&dev->wl->mutex); 1907 b43_do_interrupt_thread(dev); 1908 mmiowb(); 1909 mutex_unlock(&dev->wl->mutex); 1910 1911 return IRQ_HANDLED; 1912} 1913 1914static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1915{ 1916 u32 reason; 1917 1918 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1919 * On SDIO, this runs under wl->mutex. */ 1920 1921 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1922 if (reason == 0xffffffff) /* shared IRQ */ 1923 return IRQ_NONE; 1924 reason &= dev->irq_mask; 1925 if (!reason) 1926 return IRQ_HANDLED; 1927 1928 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1929 & 0x0001DC00; 1930 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1931 & 0x0000DC00; 1932 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1933 & 0x0000DC00; 1934 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1935 & 0x0001DC00; 1936 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1937 & 0x0000DC00; 1938/* Unused ring 1939 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1940 & 0x0000DC00; 1941*/ 1942 1943 /* ACK the interrupt. */ 1944 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1945 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1946 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1947 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1948 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1949 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1950/* Unused ring 1951 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1952*/ 1953 1954 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1955 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1956 /* Save the reason bitmasks for the IRQ thread handler. */ 1957 dev->irq_reason = reason; 1958 1959 return IRQ_WAKE_THREAD; 1960} 1961 1962/* Interrupt handler top-half. This runs with interrupts disabled. */ 1963static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1964{ 1965 struct b43_wldev *dev = dev_id; 1966 irqreturn_t ret; 1967 1968 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1969 return IRQ_NONE; 1970 1971 spin_lock(&dev->wl->hardirq_lock); 1972 ret = b43_do_interrupt(dev); 1973 mmiowb(); 1974 spin_unlock(&dev->wl->hardirq_lock); 1975 1976 return ret; 1977} 1978 1979/* SDIO interrupt handler. This runs in process context. */ 1980static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1981{ 1982 struct b43_wl *wl = dev->wl; 1983 irqreturn_t ret; 1984 1985 mutex_lock(&wl->mutex); 1986 1987 ret = b43_do_interrupt(dev); 1988 if (ret == IRQ_WAKE_THREAD) 1989 b43_do_interrupt_thread(dev); 1990 1991 mutex_unlock(&wl->mutex); 1992} 1993 1994void b43_do_release_fw(struct b43_firmware_file *fw) 1995{ 1996 release_firmware(fw->data); 1997 fw->data = NULL; 1998 fw->filename = NULL; 1999} 2000 2001static void b43_release_firmware(struct b43_wldev *dev) 2002{ 2003 b43_do_release_fw(&dev->fw.ucode); 2004 b43_do_release_fw(&dev->fw.pcm); 2005 b43_do_release_fw(&dev->fw.initvals); 2006 b43_do_release_fw(&dev->fw.initvals_band); 2007} 2008 2009static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 2010{ 2011 const char text[] = 2012 "You must go to " \ 2013 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 2014 "and download the correct firmware for this driver version. " \ 2015 "Please carefully read all instructions on this website.\n"; 2016 2017 if (error) 2018 b43err(wl, text); 2019 else 2020 b43warn(wl, text); 2021} 2022 2023int b43_do_request_fw(struct b43_request_fw_context *ctx, 2024 const char *name, 2025 struct b43_firmware_file *fw) 2026{ 2027 const struct firmware *blob; 2028 struct b43_fw_header *hdr; 2029 u32 size; 2030 int err; 2031 2032 if (!name) { 2033 /* Don't fetch anything. Free possibly cached firmware. */ 2034 /* FIXME: We should probably keep it anyway, to save some headache 2035 * on suspend/resume with multiband devices. */ 2036 b43_do_release_fw(fw); 2037 return 0; 2038 } 2039 if (fw->filename) { 2040 if ((fw->type == ctx->req_type) && 2041 (strcmp(fw->filename, name) == 0)) 2042 return 0; /* Already have this fw. */ 2043 /* Free the cached firmware first. */ 2044 /* FIXME: We should probably do this later after we successfully 2045 * got the new fw. This could reduce headache with multiband devices. 2046 * We could also redesign this to cache the firmware for all possible 2047 * bands all the time. */ 2048 b43_do_release_fw(fw); 2049 } 2050 2051 switch (ctx->req_type) { 2052 case B43_FWTYPE_PROPRIETARY: 2053 snprintf(ctx->fwname, sizeof(ctx->fwname), 2054 "b43%s/%s.fw", 2055 modparam_fwpostfix, name); 2056 break; 2057 case B43_FWTYPE_OPENSOURCE: 2058 snprintf(ctx->fwname, sizeof(ctx->fwname), 2059 "b43-open%s/%s.fw", 2060 modparam_fwpostfix, name); 2061 break; 2062 default: 2063 B43_WARN_ON(1); 2064 return -ENOSYS; 2065 } 2066 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2067 if (err == -ENOENT) { 2068 snprintf(ctx->errors[ctx->req_type], 2069 sizeof(ctx->errors[ctx->req_type]), 2070 "Firmware file \"%s\" not found\n", ctx->fwname); 2071 return err; 2072 } else if (err) { 2073 snprintf(ctx->errors[ctx->req_type], 2074 sizeof(ctx->errors[ctx->req_type]), 2075 "Firmware file \"%s\" request failed (err=%d)\n", 2076 ctx->fwname, err); 2077 return err; 2078 } 2079 if (blob->size < sizeof(struct b43_fw_header)) 2080 goto err_format; 2081 hdr = (struct b43_fw_header *)(blob->data); 2082 switch (hdr->type) { 2083 case B43_FW_TYPE_UCODE: 2084 case B43_FW_TYPE_PCM: 2085 size = be32_to_cpu(hdr->size); 2086 if (size != blob->size - sizeof(struct b43_fw_header)) 2087 goto err_format; 2088 /* fallthrough */ 2089 case B43_FW_TYPE_IV: 2090 if (hdr->ver != 1) 2091 goto err_format; 2092 break; 2093 default: 2094 goto err_format; 2095 } 2096 2097 fw->data = blob; 2098 fw->filename = name; 2099 fw->type = ctx->req_type; 2100 2101 return 0; 2102 2103err_format: 2104 snprintf(ctx->errors[ctx->req_type], 2105 sizeof(ctx->errors[ctx->req_type]), 2106 "Firmware file \"%s\" format error.\n", ctx->fwname); 2107 release_firmware(blob); 2108 2109 return -EPROTO; 2110} 2111 2112static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2113{ 2114 struct b43_wldev *dev = ctx->dev; 2115 struct b43_firmware *fw = &ctx->dev->fw; 2116 const u8 rev = ctx->dev->dev->core_rev; 2117 const char *filename; 2118 u32 tmshigh; 2119 int err; 2120 2121 /* Get microcode */ 2122 if ((rev >= 5) && (rev <= 10)) 2123 filename = "ucode5"; 2124 else if ((rev >= 11) && (rev <= 12)) 2125 filename = "ucode11"; 2126 else if (rev == 13) 2127 filename = "ucode13"; 2128 else if (rev == 14) 2129 filename = "ucode14"; 2130 else if (rev == 15) 2131 filename = "ucode15"; 2132 else if ((rev >= 16) && (rev <= 20)) 2133 filename = "ucode16_mimo"; 2134 else 2135 goto err_no_ucode; 2136 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2137 if (err) 2138 goto err_load; 2139 2140 /* Get PCM code */ 2141 if ((rev >= 5) && (rev <= 10)) 2142 filename = "pcm5"; 2143 else if (rev >= 11) 2144 filename = NULL; 2145 else 2146 goto err_no_pcm; 2147 fw->pcm_request_failed = 0; 2148 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2149 if (err == -ENOENT) { 2150 /* We did not find a PCM file? Not fatal, but 2151 * core rev <= 10 must do without hwcrypto then. */ 2152 fw->pcm_request_failed = 1; 2153 } else if (err) 2154 goto err_load; 2155 2156 /* Get initvals */ 2157 switch (dev->phy.type) { 2158 case B43_PHYTYPE_A: 2159 if ((rev >= 5) && (rev <= 10)) { 2160 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH); 2161 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2162 filename = "a0g1initvals5"; 2163 else 2164 filename = "a0g0initvals5"; 2165 } else 2166 goto err_no_initvals; 2167 break; 2168 case B43_PHYTYPE_G: 2169 if ((rev >= 5) && (rev <= 10)) 2170 filename = "b0g0initvals5"; 2171 else if (rev >= 13) 2172 filename = "b0g0initvals13"; 2173 else 2174 goto err_no_initvals; 2175 break; 2176 case B43_PHYTYPE_N: 2177 if (rev >= 16) 2178 filename = "n0initvals16"; 2179 else if ((rev >= 11) && (rev <= 12)) 2180 filename = "n0initvals11"; 2181 else 2182 goto err_no_initvals; 2183 break; 2184 case B43_PHYTYPE_LP: 2185 if (rev == 13) 2186 filename = "lp0initvals13"; 2187 else if (rev == 14) 2188 filename = "lp0initvals14"; 2189 else if (rev >= 15) 2190 filename = "lp0initvals15"; 2191 else 2192 goto err_no_initvals; 2193 break; 2194 default: 2195 goto err_no_initvals; 2196 } 2197 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2198 if (err) 2199 goto err_load; 2200 2201 /* Get bandswitch initvals */ 2202 switch (dev->phy.type) { 2203 case B43_PHYTYPE_A: 2204 if ((rev >= 5) && (rev <= 10)) { 2205 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH); 2206 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2207 filename = "a0g1bsinitvals5"; 2208 else 2209 filename = "a0g0bsinitvals5"; 2210 } else if (rev >= 11) 2211 filename = NULL; 2212 else 2213 goto err_no_initvals; 2214 break; 2215 case B43_PHYTYPE_G: 2216 if ((rev >= 5) && (rev <= 10)) 2217 filename = "b0g0bsinitvals5"; 2218 else if (rev >= 11) 2219 filename = NULL; 2220 else 2221 goto err_no_initvals; 2222 break; 2223 case B43_PHYTYPE_N: 2224 if (rev >= 16) 2225 filename = "n0bsinitvals16"; 2226 else if ((rev >= 11) && (rev <= 12)) 2227 filename = "n0bsinitvals11"; 2228 else 2229 goto err_no_initvals; 2230 break; 2231 case B43_PHYTYPE_LP: 2232 if (rev == 13) 2233 filename = "lp0bsinitvals13"; 2234 else if (rev == 14) 2235 filename = "lp0bsinitvals14"; 2236 else if (rev >= 15) 2237 filename = "lp0bsinitvals15"; 2238 else 2239 goto err_no_initvals; 2240 break; 2241 default: 2242 goto err_no_initvals; 2243 } 2244 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2245 if (err) 2246 goto err_load; 2247 2248 return 0; 2249 2250err_no_ucode: 2251 err = ctx->fatal_failure = -EOPNOTSUPP; 2252 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2253 "is required for your device (wl-core rev %u)\n", rev); 2254 goto error; 2255 2256err_no_pcm: 2257 err = ctx->fatal_failure = -EOPNOTSUPP; 2258 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2259 "is required for your device (wl-core rev %u)\n", rev); 2260 goto error; 2261 2262err_no_initvals: 2263 err = ctx->fatal_failure = -EOPNOTSUPP; 2264 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2265 "is required for your device (wl-core rev %u)\n", rev); 2266 goto error; 2267 2268err_load: 2269 /* We failed to load this firmware image. The error message 2270 * already is in ctx->errors. Return and let our caller decide 2271 * what to do. */ 2272 goto error; 2273 2274error: 2275 b43_release_firmware(dev); 2276 return err; 2277} 2278 2279static int b43_request_firmware(struct b43_wldev *dev) 2280{ 2281 struct b43_request_fw_context *ctx; 2282 unsigned int i; 2283 int err; 2284 const char *errmsg; 2285 2286 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2287 if (!ctx) 2288 return -ENOMEM; 2289 ctx->dev = dev; 2290 2291 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2292 err = b43_try_request_fw(ctx); 2293 if (!err) 2294 goto out; /* Successfully loaded it. */ 2295 err = ctx->fatal_failure; 2296 if (err) 2297 goto out; 2298 2299 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2300 err = b43_try_request_fw(ctx); 2301 if (!err) 2302 goto out; /* Successfully loaded it. */ 2303 err = ctx->fatal_failure; 2304 if (err) 2305 goto out; 2306 2307 /* Could not find a usable firmware. Print the errors. */ 2308 for (i = 0; i < B43_NR_FWTYPES; i++) { 2309 errmsg = ctx->errors[i]; 2310 if (strlen(errmsg)) 2311 b43err(dev->wl, errmsg); 2312 } 2313 b43_print_fw_helptext(dev->wl, 1); 2314 err = -ENOENT; 2315 2316out: 2317 kfree(ctx); 2318 return err; 2319} 2320 2321static int b43_upload_microcode(struct b43_wldev *dev) 2322{ 2323 struct wiphy *wiphy = dev->wl->hw->wiphy; 2324 const size_t hdr_len = sizeof(struct b43_fw_header); 2325 const __be32 *data; 2326 unsigned int i, len; 2327 u16 fwrev, fwpatch, fwdate, fwtime; 2328 u32 tmp, macctl; 2329 int err = 0; 2330 2331 /* Jump the microcode PSM to offset 0 */ 2332 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2333 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2334 macctl |= B43_MACCTL_PSM_JMP0; 2335 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2336 /* Zero out all microcode PSM registers and shared memory. */ 2337 for (i = 0; i < 64; i++) 2338 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2339 for (i = 0; i < 4096; i += 2) 2340 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2341 2342 /* Upload Microcode. */ 2343 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2344 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2345 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2346 for (i = 0; i < len; i++) { 2347 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2348 udelay(10); 2349 } 2350 2351 if (dev->fw.pcm.data) { 2352 /* Upload PCM data. */ 2353 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2354 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2355 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2356 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2357 /* No need for autoinc bit in SHM_HW */ 2358 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2359 for (i = 0; i < len; i++) { 2360 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2361 udelay(10); 2362 } 2363 } 2364 2365 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2366 2367 /* Start the microcode PSM */ 2368 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2369 macctl &= ~B43_MACCTL_PSM_JMP0; 2370 macctl |= B43_MACCTL_PSM_RUN; 2371 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2372 2373 /* Wait for the microcode to load and respond */ 2374 i = 0; 2375 while (1) { 2376 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2377 if (tmp == B43_IRQ_MAC_SUSPENDED) 2378 break; 2379 i++; 2380 if (i >= 20) { 2381 b43err(dev->wl, "Microcode not responding\n"); 2382 b43_print_fw_helptext(dev->wl, 1); 2383 err = -ENODEV; 2384 goto error; 2385 } 2386 msleep(50); 2387 } 2388 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2389 2390 /* Get and check the revisions. */ 2391 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2392 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2393 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2394 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2395 2396 if (fwrev <= 0x128) { 2397 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2398 "binary drivers older than version 4.x is unsupported. " 2399 "You must upgrade your firmware files.\n"); 2400 b43_print_fw_helptext(dev->wl, 1); 2401 err = -EOPNOTSUPP; 2402 goto error; 2403 } 2404 dev->fw.rev = fwrev; 2405 dev->fw.patch = fwpatch; 2406 dev->fw.opensource = (fwdate == 0xFFFF); 2407 2408 /* Default to use-all-queues. */ 2409 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2410 dev->qos_enabled = !!modparam_qos; 2411 /* Default to firmware/hardware crypto acceleration. */ 2412 dev->hwcrypto_enabled = 1; 2413 2414 if (dev->fw.opensource) { 2415 u16 fwcapa; 2416 2417 /* Patchlevel info is encoded in the "time" field. */ 2418 dev->fw.patch = fwtime; 2419 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2420 dev->fw.rev, dev->fw.patch); 2421 2422 fwcapa = b43_fwcapa_read(dev); 2423 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2424 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2425 /* Disable hardware crypto and fall back to software crypto. */ 2426 dev->hwcrypto_enabled = 0; 2427 } 2428 if (!(fwcapa & B43_FWCAPA_QOS)) { 2429 b43info(dev->wl, "QoS not supported by firmware\n"); 2430 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2431 * ieee80211_unregister to make sure the networking core can 2432 * properly free possible resources. */ 2433 dev->wl->hw->queues = 1; 2434 dev->qos_enabled = 0; 2435 } 2436 } else { 2437 b43info(dev->wl, "Loading firmware version %u.%u " 2438 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2439 fwrev, fwpatch, 2440 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2441 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2442 if (dev->fw.pcm_request_failed) { 2443 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2444 "Hardware accelerated cryptography is disabled.\n"); 2445 b43_print_fw_helptext(dev->wl, 0); 2446 } 2447 } 2448 2449 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u", 2450 dev->fw.rev, dev->fw.patch); 2451 wiphy->hw_version = dev->dev->core_id; 2452 2453 if (b43_is_old_txhdr_format(dev)) { 2454 /* We're over the deadline, but we keep support for old fw 2455 * until it turns out to be in major conflict with something new. */ 2456 b43warn(dev->wl, "You are using an old firmware image. " 2457 "Support for old firmware will be removed soon " 2458 "(official deadline was July 2008).\n"); 2459 b43_print_fw_helptext(dev->wl, 0); 2460 } 2461 2462 return 0; 2463 2464error: 2465 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2466 macctl &= ~B43_MACCTL_PSM_RUN; 2467 macctl |= B43_MACCTL_PSM_JMP0; 2468 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2469 2470 return err; 2471} 2472 2473static int b43_write_initvals(struct b43_wldev *dev, 2474 const struct b43_iv *ivals, 2475 size_t count, 2476 size_t array_size) 2477{ 2478 const struct b43_iv *iv; 2479 u16 offset; 2480 size_t i; 2481 bool bit32; 2482 2483 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2484 iv = ivals; 2485 for (i = 0; i < count; i++) { 2486 if (array_size < sizeof(iv->offset_size)) 2487 goto err_format; 2488 array_size -= sizeof(iv->offset_size); 2489 offset = be16_to_cpu(iv->offset_size); 2490 bit32 = !!(offset & B43_IV_32BIT); 2491 offset &= B43_IV_OFFSET_MASK; 2492 if (offset >= 0x1000) 2493 goto err_format; 2494 if (bit32) { 2495 u32 value; 2496 2497 if (array_size < sizeof(iv->data.d32)) 2498 goto err_format; 2499 array_size -= sizeof(iv->data.d32); 2500 2501 value = get_unaligned_be32(&iv->data.d32); 2502 b43_write32(dev, offset, value); 2503 2504 iv = (const struct b43_iv *)((const uint8_t *)iv + 2505 sizeof(__be16) + 2506 sizeof(__be32)); 2507 } else { 2508 u16 value; 2509 2510 if (array_size < sizeof(iv->data.d16)) 2511 goto err_format; 2512 array_size -= sizeof(iv->data.d16); 2513 2514 value = be16_to_cpu(iv->data.d16); 2515 b43_write16(dev, offset, value); 2516 2517 iv = (const struct b43_iv *)((const uint8_t *)iv + 2518 sizeof(__be16) + 2519 sizeof(__be16)); 2520 } 2521 } 2522 if (array_size) 2523 goto err_format; 2524 2525 return 0; 2526 2527err_format: 2528 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2529 b43_print_fw_helptext(dev->wl, 1); 2530 2531 return -EPROTO; 2532} 2533 2534static int b43_upload_initvals(struct b43_wldev *dev) 2535{ 2536 const size_t hdr_len = sizeof(struct b43_fw_header); 2537 const struct b43_fw_header *hdr; 2538 struct b43_firmware *fw = &dev->fw; 2539 const struct b43_iv *ivals; 2540 size_t count; 2541 int err; 2542 2543 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2544 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2545 count = be32_to_cpu(hdr->size); 2546 err = b43_write_initvals(dev, ivals, count, 2547 fw->initvals.data->size - hdr_len); 2548 if (err) 2549 goto out; 2550 if (fw->initvals_band.data) { 2551 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2552 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2553 count = be32_to_cpu(hdr->size); 2554 err = b43_write_initvals(dev, ivals, count, 2555 fw->initvals_band.data->size - hdr_len); 2556 if (err) 2557 goto out; 2558 } 2559out: 2560 2561 return err; 2562} 2563 2564/* Initialize the GPIOs 2565 * http://bcm-specs.sipsolutions.net/GPIO 2566 */ 2567static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev) 2568{ 2569 struct ssb_bus *bus = dev->sdev->bus; 2570 2571#ifdef CONFIG_SSB_DRIVER_PCICORE 2572 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev); 2573#else 2574 return bus->chipco.dev; 2575#endif 2576} 2577 2578static int b43_gpio_init(struct b43_wldev *dev) 2579{ 2580 struct ssb_device *gpiodev; 2581 u32 mask, set; 2582 2583 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2584 & ~B43_MACCTL_GPOUTSMSK); 2585 2586 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2587 | 0x000F); 2588 2589 mask = 0x0000001F; 2590 set = 0x0000000F; 2591 if (dev->sdev->bus->chip_id == 0x4301) { 2592 mask |= 0x0060; 2593 set |= 0x0060; 2594 } 2595 if (0 /* FIXME: conditional unknown */ ) { 2596 b43_write16(dev, B43_MMIO_GPIO_MASK, 2597 b43_read16(dev, B43_MMIO_GPIO_MASK) 2598 | 0x0100); 2599 mask |= 0x0180; 2600 set |= 0x0180; 2601 } 2602 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) { 2603 b43_write16(dev, B43_MMIO_GPIO_MASK, 2604 b43_read16(dev, B43_MMIO_GPIO_MASK) 2605 | 0x0200); 2606 mask |= 0x0200; 2607 set |= 0x0200; 2608 } 2609 if (dev->dev->core_rev >= 2) 2610 mask |= 0x0010; /* FIXME: This is redundant. */ 2611 2612 gpiodev = b43_ssb_gpio_dev(dev); 2613 if (gpiodev) 2614 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2615 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2616 & mask) | set); 2617 2618 return 0; 2619} 2620 2621/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2622static void b43_gpio_cleanup(struct b43_wldev *dev) 2623{ 2624 struct ssb_device *gpiodev; 2625 2626 gpiodev = b43_ssb_gpio_dev(dev); 2627 if (gpiodev) 2628 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2629} 2630 2631/* http://bcm-specs.sipsolutions.net/EnableMac */ 2632void b43_mac_enable(struct b43_wldev *dev) 2633{ 2634 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2635 u16 fwstate; 2636 2637 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2638 B43_SHM_SH_UCODESTAT); 2639 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2640 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2641 b43err(dev->wl, "b43_mac_enable(): The firmware " 2642 "should be suspended, but current state is %u\n", 2643 fwstate); 2644 } 2645 } 2646 2647 dev->mac_suspended--; 2648 B43_WARN_ON(dev->mac_suspended < 0); 2649 if (dev->mac_suspended == 0) { 2650 b43_write32(dev, B43_MMIO_MACCTL, 2651 b43_read32(dev, B43_MMIO_MACCTL) 2652 | B43_MACCTL_ENABLED); 2653 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2654 B43_IRQ_MAC_SUSPENDED); 2655 /* Commit writes */ 2656 b43_read32(dev, B43_MMIO_MACCTL); 2657 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2658 b43_power_saving_ctl_bits(dev, 0); 2659 } 2660} 2661 2662/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2663void b43_mac_suspend(struct b43_wldev *dev) 2664{ 2665 int i; 2666 u32 tmp; 2667 2668 might_sleep(); 2669 B43_WARN_ON(dev->mac_suspended < 0); 2670 2671 if (dev->mac_suspended == 0) { 2672 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2673 b43_write32(dev, B43_MMIO_MACCTL, 2674 b43_read32(dev, B43_MMIO_MACCTL) 2675 & ~B43_MACCTL_ENABLED); 2676 /* force pci to flush the write */ 2677 b43_read32(dev, B43_MMIO_MACCTL); 2678 for (i = 35; i; i--) { 2679 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2680 if (tmp & B43_IRQ_MAC_SUSPENDED) 2681 goto out; 2682 udelay(10); 2683 } 2684 /* Hm, it seems this will take some time. Use msleep(). */ 2685 for (i = 40; i; i--) { 2686 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2687 if (tmp & B43_IRQ_MAC_SUSPENDED) 2688 goto out; 2689 msleep(1); 2690 } 2691 b43err(dev->wl, "MAC suspend failed\n"); 2692 } 2693out: 2694 dev->mac_suspended++; 2695} 2696 2697/* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */ 2698void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on) 2699{ 2700 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW); 2701 if (on) 2702 tmslow |= B43_TMSLOW_MACPHYCLKEN; 2703 else 2704 tmslow &= ~B43_TMSLOW_MACPHYCLKEN; 2705 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow); 2706} 2707 2708static void b43_adjust_opmode(struct b43_wldev *dev) 2709{ 2710 struct b43_wl *wl = dev->wl; 2711 u32 ctl; 2712 u16 cfp_pretbtt; 2713 2714 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2715 /* Reset status to STA infrastructure mode. */ 2716 ctl &= ~B43_MACCTL_AP; 2717 ctl &= ~B43_MACCTL_KEEP_CTL; 2718 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2719 ctl &= ~B43_MACCTL_KEEP_BAD; 2720 ctl &= ~B43_MACCTL_PROMISC; 2721 ctl &= ~B43_MACCTL_BEACPROMISC; 2722 ctl |= B43_MACCTL_INFRA; 2723 2724 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2725 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2726 ctl |= B43_MACCTL_AP; 2727 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2728 ctl &= ~B43_MACCTL_INFRA; 2729 2730 if (wl->filter_flags & FIF_CONTROL) 2731 ctl |= B43_MACCTL_KEEP_CTL; 2732 if (wl->filter_flags & FIF_FCSFAIL) 2733 ctl |= B43_MACCTL_KEEP_BAD; 2734 if (wl->filter_flags & FIF_PLCPFAIL) 2735 ctl |= B43_MACCTL_KEEP_BADPLCP; 2736 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2737 ctl |= B43_MACCTL_PROMISC; 2738 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2739 ctl |= B43_MACCTL_BEACPROMISC; 2740 2741 /* Workaround: On old hardware the HW-MAC-address-filter 2742 * doesn't work properly, so always run promisc in filter 2743 * it in software. */ 2744 if (dev->dev->core_rev <= 4) 2745 ctl |= B43_MACCTL_PROMISC; 2746 2747 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2748 2749 cfp_pretbtt = 2; 2750 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2751 if (dev->sdev->bus->chip_id == 0x4306 && 2752 dev->sdev->bus->chip_rev == 3) 2753 cfp_pretbtt = 100; 2754 else 2755 cfp_pretbtt = 50; 2756 } 2757 b43_write16(dev, 0x612, cfp_pretbtt); 2758 2759 /* FIXME: We don't currently implement the PMQ mechanism, 2760 * so always disable it. If we want to implement PMQ, 2761 * we need to enable it here (clear DISCPMQ) in AP mode. 2762 */ 2763 if (0 /* ctl & B43_MACCTL_AP */) { 2764 b43_write32(dev, B43_MMIO_MACCTL, 2765 b43_read32(dev, B43_MMIO_MACCTL) 2766 & ~B43_MACCTL_DISCPMQ); 2767 } else { 2768 b43_write32(dev, B43_MMIO_MACCTL, 2769 b43_read32(dev, B43_MMIO_MACCTL) 2770 | B43_MACCTL_DISCPMQ); 2771 } 2772} 2773 2774static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2775{ 2776 u16 offset; 2777 2778 if (is_ofdm) { 2779 offset = 0x480; 2780 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2781 } else { 2782 offset = 0x4C0; 2783 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2784 } 2785 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2786 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2787} 2788 2789static void b43_rate_memory_init(struct b43_wldev *dev) 2790{ 2791 switch (dev->phy.type) { 2792 case B43_PHYTYPE_A: 2793 case B43_PHYTYPE_G: 2794 case B43_PHYTYPE_N: 2795 case B43_PHYTYPE_LP: 2796 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2797 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2798 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2799 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2800 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2801 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2802 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2803 if (dev->phy.type == B43_PHYTYPE_A) 2804 break; 2805 /* fallthrough */ 2806 case B43_PHYTYPE_B: 2807 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2808 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2809 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2810 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2811 break; 2812 default: 2813 B43_WARN_ON(1); 2814 } 2815} 2816 2817/* Set the default values for the PHY TX Control Words. */ 2818static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2819{ 2820 u16 ctl = 0; 2821 2822 ctl |= B43_TXH_PHY_ENC_CCK; 2823 ctl |= B43_TXH_PHY_ANT01AUTO; 2824 ctl |= B43_TXH_PHY_TXPWR; 2825 2826 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2827 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2828 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2829} 2830 2831/* Set the TX-Antenna for management frames sent by firmware. */ 2832static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2833{ 2834 u16 ant; 2835 u16 tmp; 2836 2837 ant = b43_antenna_to_phyctl(antenna); 2838 2839 /* For ACK/CTS */ 2840 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2841 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2842 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2843 /* For Probe Resposes */ 2844 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2845 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2846 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2847} 2848 2849/* This is the opposite of b43_chip_init() */ 2850static void b43_chip_exit(struct b43_wldev *dev) 2851{ 2852 b43_phy_exit(dev); 2853 b43_gpio_cleanup(dev); 2854 /* firmware is released later */ 2855} 2856 2857/* Initialize the chip 2858 * http://bcm-specs.sipsolutions.net/ChipInit 2859 */ 2860static int b43_chip_init(struct b43_wldev *dev) 2861{ 2862 struct b43_phy *phy = &dev->phy; 2863 int err; 2864 u32 macctl; 2865 u16 value16; 2866 2867 /* Initialize the MAC control */ 2868 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2869 if (dev->phy.gmode) 2870 macctl |= B43_MACCTL_GMODE; 2871 macctl |= B43_MACCTL_INFRA; 2872 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2873 2874 err = b43_request_firmware(dev); 2875 if (err) 2876 goto out; 2877 err = b43_upload_microcode(dev); 2878 if (err) 2879 goto out; /* firmware is released later */ 2880 2881 err = b43_gpio_init(dev); 2882 if (err) 2883 goto out; /* firmware is released later */ 2884 2885 err = b43_upload_initvals(dev); 2886 if (err) 2887 goto err_gpio_clean; 2888 2889 /* Turn the Analog on and initialize the PHY. */ 2890 phy->ops->switch_analog(dev, 1); 2891 err = b43_phy_init(dev); 2892 if (err) 2893 goto err_gpio_clean; 2894 2895 /* Disable Interference Mitigation. */ 2896 if (phy->ops->interf_mitigation) 2897 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2898 2899 /* Select the antennae */ 2900 if (phy->ops->set_rx_antenna) 2901 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2902 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2903 2904 if (phy->type == B43_PHYTYPE_B) { 2905 value16 = b43_read16(dev, 0x005E); 2906 value16 |= 0x0004; 2907 b43_write16(dev, 0x005E, value16); 2908 } 2909 b43_write32(dev, 0x0100, 0x01000000); 2910 if (dev->dev->core_rev < 5) 2911 b43_write32(dev, 0x010C, 0x01000000); 2912 2913 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2914 & ~B43_MACCTL_INFRA); 2915 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2916 | B43_MACCTL_INFRA); 2917 2918 /* Probe Response Timeout value */ 2919 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2920 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2921 2922 /* Initially set the wireless operation mode. */ 2923 b43_adjust_opmode(dev); 2924 2925 if (dev->dev->core_rev < 3) { 2926 b43_write16(dev, 0x060E, 0x0000); 2927 b43_write16(dev, 0x0610, 0x8000); 2928 b43_write16(dev, 0x0604, 0x0000); 2929 b43_write16(dev, 0x0606, 0x0200); 2930 } else { 2931 b43_write32(dev, 0x0188, 0x80000000); 2932 b43_write32(dev, 0x018C, 0x02000000); 2933 } 2934 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2935 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2936 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2937 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2938 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2939 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2940 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2941 2942 b43_mac_phy_clock_set(dev, true); 2943 2944 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2945 dev->sdev->bus->chipco.fast_pwrup_delay); 2946 2947 err = 0; 2948 b43dbg(dev->wl, "Chip initialized\n"); 2949out: 2950 return err; 2951 2952err_gpio_clean: 2953 b43_gpio_cleanup(dev); 2954 return err; 2955} 2956 2957static void b43_periodic_every60sec(struct b43_wldev *dev) 2958{ 2959 const struct b43_phy_operations *ops = dev->phy.ops; 2960 2961 if (ops->pwork_60sec) 2962 ops->pwork_60sec(dev); 2963 2964 /* Force check the TX power emission now. */ 2965 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2966} 2967 2968static void b43_periodic_every30sec(struct b43_wldev *dev) 2969{ 2970 /* Update device statistics. */ 2971 b43_calculate_link_quality(dev); 2972} 2973 2974static void b43_periodic_every15sec(struct b43_wldev *dev) 2975{ 2976 struct b43_phy *phy = &dev->phy; 2977 u16 wdr; 2978 2979 if (dev->fw.opensource) { 2980 /* Check if the firmware is still alive. 2981 * It will reset the watchdog counter to 0 in its idle loop. */ 2982 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2983 if (unlikely(wdr)) { 2984 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2985 b43_controller_restart(dev, "Firmware watchdog"); 2986 return; 2987 } else { 2988 b43_shm_write16(dev, B43_SHM_SCRATCH, 2989 B43_WATCHDOG_REG, 1); 2990 } 2991 } 2992 2993 if (phy->ops->pwork_15sec) 2994 phy->ops->pwork_15sec(dev); 2995 2996 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2997 wmb(); 2998 2999#if B43_DEBUG 3000 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 3001 unsigned int i; 3002 3003 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 3004 dev->irq_count / 15, 3005 dev->tx_count / 15, 3006 dev->rx_count / 15); 3007 dev->irq_count = 0; 3008 dev->tx_count = 0; 3009 dev->rx_count = 0; 3010 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 3011 if (dev->irq_bit_count[i]) { 3012 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 3013 dev->irq_bit_count[i] / 15, i, (1 << i)); 3014 dev->irq_bit_count[i] = 0; 3015 } 3016 } 3017 } 3018#endif 3019} 3020 3021static void do_periodic_work(struct b43_wldev *dev) 3022{ 3023 unsigned int state; 3024 3025 state = dev->periodic_state; 3026 if (state % 4 == 0) 3027 b43_periodic_every60sec(dev); 3028 if (state % 2 == 0) 3029 b43_periodic_every30sec(dev); 3030 b43_periodic_every15sec(dev); 3031} 3032 3033/* Periodic work locking policy: 3034 * The whole periodic work handler is protected by 3035 * wl->mutex. If another lock is needed somewhere in the 3036 * pwork callchain, it's acquired in-place, where it's needed. 3037 */ 3038static void b43_periodic_work_handler(struct work_struct *work) 3039{ 3040 struct b43_wldev *dev = container_of(work, struct b43_wldev, 3041 periodic_work.work); 3042 struct b43_wl *wl = dev->wl; 3043 unsigned long delay; 3044 3045 mutex_lock(&wl->mutex); 3046 3047 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 3048 goto out; 3049 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 3050 goto out_requeue; 3051 3052 do_periodic_work(dev); 3053 3054 dev->periodic_state++; 3055out_requeue: 3056 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 3057 delay = msecs_to_jiffies(50); 3058 else 3059 delay = round_jiffies_relative(HZ * 15); 3060 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 3061out: 3062 mutex_unlock(&wl->mutex); 3063} 3064 3065static void b43_periodic_tasks_setup(struct b43_wldev *dev) 3066{ 3067 struct delayed_work *work = &dev->periodic_work; 3068 3069 dev->periodic_state = 0; 3070 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 3071 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 3072} 3073 3074/* Check if communication with the device works correctly. */ 3075static int b43_validate_chipaccess(struct b43_wldev *dev) 3076{ 3077 u32 v, backup0, backup4; 3078 3079 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3080 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3081 3082 /* Check for read/write and endianness problems. */ 3083 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3084 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3085 goto error; 3086 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3087 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3088 goto error; 3089 3090 /* Check if unaligned 32bit SHM_SHARED access works properly. 3091 * However, don't bail out on failure, because it's noncritical. */ 3092 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3093 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3094 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3095 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3096 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3097 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3098 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3099 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3100 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3101 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3102 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3103 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3104 3105 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3106 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3107 3108 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) { 3109 /* The 32bit register shadows the two 16bit registers 3110 * with update sideeffects. Validate this. */ 3111 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3112 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3113 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3114 goto error; 3115 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3116 goto error; 3117 } 3118 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3119 3120 v = b43_read32(dev, B43_MMIO_MACCTL); 3121 v |= B43_MACCTL_GMODE; 3122 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3123 goto error; 3124 3125 return 0; 3126error: 3127 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3128 return -ENODEV; 3129} 3130 3131static void b43_security_init(struct b43_wldev *dev) 3132{ 3133 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3134 /* KTP is a word address, but we address SHM bytewise. 3135 * So multiply by two. 3136 */ 3137 dev->ktp *= 2; 3138 /* Number of RCMTA address slots */ 3139 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3140 /* Clear the key memory. */ 3141 b43_clear_keys(dev); 3142} 3143 3144#ifdef CONFIG_B43_HWRNG 3145static int b43_rng_read(struct hwrng *rng, u32 *data) 3146{ 3147 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3148 struct b43_wldev *dev; 3149 int count = -ENODEV; 3150 3151 mutex_lock(&wl->mutex); 3152 dev = wl->current_dev; 3153 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3154 *data = b43_read16(dev, B43_MMIO_RNG); 3155 count = sizeof(u16); 3156 } 3157 mutex_unlock(&wl->mutex); 3158 3159 return count; 3160} 3161#endif /* CONFIG_B43_HWRNG */ 3162 3163static void b43_rng_exit(struct b43_wl *wl) 3164{ 3165#ifdef CONFIG_B43_HWRNG 3166 if (wl->rng_initialized) 3167 hwrng_unregister(&wl->rng); 3168#endif /* CONFIG_B43_HWRNG */ 3169} 3170 3171static int b43_rng_init(struct b43_wl *wl) 3172{ 3173 int err = 0; 3174 3175#ifdef CONFIG_B43_HWRNG 3176 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3177 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3178 wl->rng.name = wl->rng_name; 3179 wl->rng.data_read = b43_rng_read; 3180 wl->rng.priv = (unsigned long)wl; 3181 wl->rng_initialized = 1; 3182 err = hwrng_register(&wl->rng); 3183 if (err) { 3184 wl->rng_initialized = 0; 3185 b43err(wl, "Failed to register the random " 3186 "number generator (%d)\n", err); 3187 } 3188#endif /* CONFIG_B43_HWRNG */ 3189 3190 return err; 3191} 3192 3193static void b43_tx_work(struct work_struct *work) 3194{ 3195 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3196 struct b43_wldev *dev; 3197 struct sk_buff *skb; 3198 int err = 0; 3199 3200 mutex_lock(&wl->mutex); 3201 dev = wl->current_dev; 3202 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3203 mutex_unlock(&wl->mutex); 3204 return; 3205 } 3206 3207 while (skb_queue_len(&wl->tx_queue)) { 3208 skb = skb_dequeue(&wl->tx_queue); 3209 3210 if (b43_using_pio_transfers(dev)) 3211 err = b43_pio_tx(dev, skb); 3212 else 3213 err = b43_dma_tx(dev, skb); 3214 if (unlikely(err)) 3215 dev_kfree_skb(skb); /* Drop it */ 3216 } 3217 3218#if B43_DEBUG 3219 dev->tx_count++; 3220#endif 3221 mutex_unlock(&wl->mutex); 3222} 3223 3224static void b43_op_tx(struct ieee80211_hw *hw, 3225 struct sk_buff *skb) 3226{ 3227 struct b43_wl *wl = hw_to_b43_wl(hw); 3228 3229 if (unlikely(skb->len < 2 + 2 + 6)) { 3230 /* Too short, this can't be a valid frame. */ 3231 dev_kfree_skb_any(skb); 3232 return; 3233 } 3234 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3235 3236 skb_queue_tail(&wl->tx_queue, skb); 3237 ieee80211_queue_work(wl->hw, &wl->tx_work); 3238} 3239 3240static void b43_qos_params_upload(struct b43_wldev *dev, 3241 const struct ieee80211_tx_queue_params *p, 3242 u16 shm_offset) 3243{ 3244 u16 params[B43_NR_QOSPARAMS]; 3245 int bslots, tmp; 3246 unsigned int i; 3247 3248 if (!dev->qos_enabled) 3249 return; 3250 3251 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3252 3253 memset(¶ms, 0, sizeof(params)); 3254 3255 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3256 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3257 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3258 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3259 params[B43_QOSPARAM_AIFS] = p->aifs; 3260 params[B43_QOSPARAM_BSLOTS] = bslots; 3261 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3262 3263 for (i = 0; i < ARRAY_SIZE(params); i++) { 3264 if (i == B43_QOSPARAM_STATUS) { 3265 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3266 shm_offset + (i * 2)); 3267 /* Mark the parameters as updated. */ 3268 tmp |= 0x100; 3269 b43_shm_write16(dev, B43_SHM_SHARED, 3270 shm_offset + (i * 2), 3271 tmp); 3272 } else { 3273 b43_shm_write16(dev, B43_SHM_SHARED, 3274 shm_offset + (i * 2), 3275 params[i]); 3276 } 3277 } 3278} 3279 3280/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3281static const u16 b43_qos_shm_offsets[] = { 3282 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3283 [0] = B43_QOS_VOICE, 3284 [1] = B43_QOS_VIDEO, 3285 [2] = B43_QOS_BESTEFFORT, 3286 [3] = B43_QOS_BACKGROUND, 3287}; 3288 3289/* Update all QOS parameters in hardware. */ 3290static void b43_qos_upload_all(struct b43_wldev *dev) 3291{ 3292 struct b43_wl *wl = dev->wl; 3293 struct b43_qos_params *params; 3294 unsigned int i; 3295 3296 if (!dev->qos_enabled) 3297 return; 3298 3299 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3300 ARRAY_SIZE(wl->qos_params)); 3301 3302 b43_mac_suspend(dev); 3303 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3304 params = &(wl->qos_params[i]); 3305 b43_qos_params_upload(dev, &(params->p), 3306 b43_qos_shm_offsets[i]); 3307 } 3308 b43_mac_enable(dev); 3309} 3310 3311static void b43_qos_clear(struct b43_wl *wl) 3312{ 3313 struct b43_qos_params *params; 3314 unsigned int i; 3315 3316 /* Initialize QoS parameters to sane defaults. */ 3317 3318 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3319 ARRAY_SIZE(wl->qos_params)); 3320 3321 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3322 params = &(wl->qos_params[i]); 3323 3324 switch (b43_qos_shm_offsets[i]) { 3325 case B43_QOS_VOICE: 3326 params->p.txop = 0; 3327 params->p.aifs = 2; 3328 params->p.cw_min = 0x0001; 3329 params->p.cw_max = 0x0001; 3330 break; 3331 case B43_QOS_VIDEO: 3332 params->p.txop = 0; 3333 params->p.aifs = 2; 3334 params->p.cw_min = 0x0001; 3335 params->p.cw_max = 0x0001; 3336 break; 3337 case B43_QOS_BESTEFFORT: 3338 params->p.txop = 0; 3339 params->p.aifs = 3; 3340 params->p.cw_min = 0x0001; 3341 params->p.cw_max = 0x03FF; 3342 break; 3343 case B43_QOS_BACKGROUND: 3344 params->p.txop = 0; 3345 params->p.aifs = 7; 3346 params->p.cw_min = 0x0001; 3347 params->p.cw_max = 0x03FF; 3348 break; 3349 default: 3350 B43_WARN_ON(1); 3351 } 3352 } 3353} 3354 3355/* Initialize the core's QOS capabilities */ 3356static void b43_qos_init(struct b43_wldev *dev) 3357{ 3358 if (!dev->qos_enabled) { 3359 /* Disable QOS support. */ 3360 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3361 b43_write16(dev, B43_MMIO_IFSCTL, 3362 b43_read16(dev, B43_MMIO_IFSCTL) 3363 & ~B43_MMIO_IFSCTL_USE_EDCF); 3364 b43dbg(dev->wl, "QoS disabled\n"); 3365 return; 3366 } 3367 3368 /* Upload the current QOS parameters. */ 3369 b43_qos_upload_all(dev); 3370 3371 /* Enable QOS support. */ 3372 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3373 b43_write16(dev, B43_MMIO_IFSCTL, 3374 b43_read16(dev, B43_MMIO_IFSCTL) 3375 | B43_MMIO_IFSCTL_USE_EDCF); 3376 b43dbg(dev->wl, "QoS enabled\n"); 3377} 3378 3379static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3380 const struct ieee80211_tx_queue_params *params) 3381{ 3382 struct b43_wl *wl = hw_to_b43_wl(hw); 3383 struct b43_wldev *dev; 3384 unsigned int queue = (unsigned int)_queue; 3385 int err = -ENODEV; 3386 3387 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3388 /* Queue not available or don't support setting 3389 * params on this queue. Return success to not 3390 * confuse mac80211. */ 3391 return 0; 3392 } 3393 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3394 ARRAY_SIZE(wl->qos_params)); 3395 3396 mutex_lock(&wl->mutex); 3397 dev = wl->current_dev; 3398 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3399 goto out_unlock; 3400 3401 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3402 b43_mac_suspend(dev); 3403 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3404 b43_qos_shm_offsets[queue]); 3405 b43_mac_enable(dev); 3406 err = 0; 3407 3408out_unlock: 3409 mutex_unlock(&wl->mutex); 3410 3411 return err; 3412} 3413 3414static int b43_op_get_stats(struct ieee80211_hw *hw, 3415 struct ieee80211_low_level_stats *stats) 3416{ 3417 struct b43_wl *wl = hw_to_b43_wl(hw); 3418 3419 mutex_lock(&wl->mutex); 3420 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3421 mutex_unlock(&wl->mutex); 3422 3423 return 0; 3424} 3425 3426static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3427{ 3428 struct b43_wl *wl = hw_to_b43_wl(hw); 3429 struct b43_wldev *dev; 3430 u64 tsf; 3431 3432 mutex_lock(&wl->mutex); 3433 dev = wl->current_dev; 3434 3435 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3436 b43_tsf_read(dev, &tsf); 3437 else 3438 tsf = 0; 3439 3440 mutex_unlock(&wl->mutex); 3441 3442 return tsf; 3443} 3444 3445static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3446{ 3447 struct b43_wl *wl = hw_to_b43_wl(hw); 3448 struct b43_wldev *dev; 3449 3450 mutex_lock(&wl->mutex); 3451 dev = wl->current_dev; 3452 3453 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3454 b43_tsf_write(dev, tsf); 3455 3456 mutex_unlock(&wl->mutex); 3457} 3458 3459static void b43_put_phy_into_reset(struct b43_wldev *dev) 3460{ 3461 struct ssb_device *sdev = dev->sdev; 3462 u32 tmslow; 3463 3464 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3465 tmslow &= ~B43_TMSLOW_GMODE; 3466 tmslow |= B43_TMSLOW_PHYRESET; 3467 tmslow |= SSB_TMSLOW_FGC; 3468 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3469 msleep(1); 3470 3471 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3472 tmslow &= ~SSB_TMSLOW_FGC; 3473 tmslow |= B43_TMSLOW_PHYRESET; 3474 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3475 msleep(1); 3476} 3477 3478static const char *band_to_string(enum ieee80211_band band) 3479{ 3480 switch (band) { 3481 case IEEE80211_BAND_5GHZ: 3482 return "5"; 3483 case IEEE80211_BAND_2GHZ: 3484 return "2.4"; 3485 default: 3486 break; 3487 } 3488 B43_WARN_ON(1); 3489 return ""; 3490} 3491 3492/* Expects wl->mutex locked */ 3493static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3494{ 3495 struct b43_wldev *up_dev = NULL; 3496 struct b43_wldev *down_dev; 3497 struct b43_wldev *d; 3498 int err; 3499 bool uninitialized_var(gmode); 3500 int prev_status; 3501 3502 /* Find a device and PHY which supports the band. */ 3503 list_for_each_entry(d, &wl->devlist, list) { 3504 switch (chan->band) { 3505 case IEEE80211_BAND_5GHZ: 3506 if (d->phy.supports_5ghz) { 3507 up_dev = d; 3508 gmode = 0; 3509 } 3510 break; 3511 case IEEE80211_BAND_2GHZ: 3512 if (d->phy.supports_2ghz) { 3513 up_dev = d; 3514 gmode = 1; 3515 } 3516 break; 3517 default: 3518 B43_WARN_ON(1); 3519 return -EINVAL; 3520 } 3521 if (up_dev) 3522 break; 3523 } 3524 if (!up_dev) { 3525 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3526 band_to_string(chan->band)); 3527 return -ENODEV; 3528 } 3529 if ((up_dev == wl->current_dev) && 3530 (!!wl->current_dev->phy.gmode == !!gmode)) { 3531 /* This device is already running. */ 3532 return 0; 3533 } 3534 b43dbg(wl, "Switching to %s-GHz band\n", 3535 band_to_string(chan->band)); 3536 down_dev = wl->current_dev; 3537 3538 prev_status = b43_status(down_dev); 3539 /* Shutdown the currently running core. */ 3540 if (prev_status >= B43_STAT_STARTED) 3541 down_dev = b43_wireless_core_stop(down_dev); 3542 if (prev_status >= B43_STAT_INITIALIZED) 3543 b43_wireless_core_exit(down_dev); 3544 3545 if (down_dev != up_dev) { 3546 /* We switch to a different core, so we put PHY into 3547 * RESET on the old core. */ 3548 b43_put_phy_into_reset(down_dev); 3549 } 3550 3551 /* Now start the new core. */ 3552 up_dev->phy.gmode = gmode; 3553 if (prev_status >= B43_STAT_INITIALIZED) { 3554 err = b43_wireless_core_init(up_dev); 3555 if (err) { 3556 b43err(wl, "Fatal: Could not initialize device for " 3557 "selected %s-GHz band\n", 3558 band_to_string(chan->band)); 3559 goto init_failure; 3560 } 3561 } 3562 if (prev_status >= B43_STAT_STARTED) { 3563 err = b43_wireless_core_start(up_dev); 3564 if (err) { 3565 b43err(wl, "Fatal: Coult not start device for " 3566 "selected %s-GHz band\n", 3567 band_to_string(chan->band)); 3568 b43_wireless_core_exit(up_dev); 3569 goto init_failure; 3570 } 3571 } 3572 B43_WARN_ON(b43_status(up_dev) != prev_status); 3573 3574 wl->current_dev = up_dev; 3575 3576 return 0; 3577init_failure: 3578 /* Whoops, failed to init the new core. No core is operating now. */ 3579 wl->current_dev = NULL; 3580 return err; 3581} 3582 3583/* Write the short and long frame retry limit values. */ 3584static void b43_set_retry_limits(struct b43_wldev *dev, 3585 unsigned int short_retry, 3586 unsigned int long_retry) 3587{ 3588 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3589 * the chip-internal counter. */ 3590 short_retry = min(short_retry, (unsigned int)0xF); 3591 long_retry = min(long_retry, (unsigned int)0xF); 3592 3593 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3594 short_retry); 3595 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3596 long_retry); 3597} 3598 3599static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3600{ 3601 struct b43_wl *wl = hw_to_b43_wl(hw); 3602 struct b43_wldev *dev; 3603 struct b43_phy *phy; 3604 struct ieee80211_conf *conf = &hw->conf; 3605 int antenna; 3606 int err = 0; 3607 3608 mutex_lock(&wl->mutex); 3609 3610 /* Switch the band (if necessary). This might change the active core. */ 3611 err = b43_switch_band(wl, conf->channel); 3612 if (err) 3613 goto out_unlock_mutex; 3614 dev = wl->current_dev; 3615 phy = &dev->phy; 3616 3617 if (conf_is_ht(conf)) 3618 phy->is_40mhz = 3619 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf)); 3620 else 3621 phy->is_40mhz = false; 3622 3623 b43_mac_suspend(dev); 3624 3625 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3626 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3627 conf->long_frame_max_tx_count); 3628 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3629 if (!changed) 3630 goto out_mac_enable; 3631 3632 /* Switch to the requested channel. 3633 * The firmware takes care of races with the TX handler. */ 3634 if (conf->channel->hw_value != phy->channel) 3635 b43_switch_channel(dev, conf->channel->hw_value); 3636 3637 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3638 3639 /* Adjust the desired TX power level. */ 3640 if (conf->power_level != 0) { 3641 if (conf->power_level != phy->desired_txpower) { 3642 phy->desired_txpower = conf->power_level; 3643 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3644 B43_TXPWR_IGNORE_TSSI); 3645 } 3646 } 3647 3648 /* Antennas for RX and management frame TX. */ 3649 antenna = B43_ANTENNA_DEFAULT; 3650 b43_mgmtframe_txantenna(dev, antenna); 3651 antenna = B43_ANTENNA_DEFAULT; 3652 if (phy->ops->set_rx_antenna) 3653 phy->ops->set_rx_antenna(dev, antenna); 3654 3655 if (wl->radio_enabled != phy->radio_on) { 3656 if (wl->radio_enabled) { 3657 b43_software_rfkill(dev, false); 3658 b43info(dev->wl, "Radio turned on by software\n"); 3659 if (!dev->radio_hw_enable) { 3660 b43info(dev->wl, "The hardware RF-kill button " 3661 "still turns the radio physically off. " 3662 "Press the button to turn it on.\n"); 3663 } 3664 } else { 3665 b43_software_rfkill(dev, true); 3666 b43info(dev->wl, "Radio turned off by software\n"); 3667 } 3668 } 3669 3670out_mac_enable: 3671 b43_mac_enable(dev); 3672out_unlock_mutex: 3673 mutex_unlock(&wl->mutex); 3674 3675 return err; 3676} 3677 3678static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3679{ 3680 struct ieee80211_supported_band *sband = 3681 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3682 struct ieee80211_rate *rate; 3683 int i; 3684 u16 basic, direct, offset, basic_offset, rateptr; 3685 3686 for (i = 0; i < sband->n_bitrates; i++) { 3687 rate = &sband->bitrates[i]; 3688 3689 if (b43_is_cck_rate(rate->hw_value)) { 3690 direct = B43_SHM_SH_CCKDIRECT; 3691 basic = B43_SHM_SH_CCKBASIC; 3692 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3693 offset &= 0xF; 3694 } else { 3695 direct = B43_SHM_SH_OFDMDIRECT; 3696 basic = B43_SHM_SH_OFDMBASIC; 3697 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3698 offset &= 0xF; 3699 } 3700 3701 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3702 3703 if (b43_is_cck_rate(rate->hw_value)) { 3704 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3705 basic_offset &= 0xF; 3706 } else { 3707 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3708 basic_offset &= 0xF; 3709 } 3710 3711 /* 3712 * Get the pointer that we need to point to 3713 * from the direct map 3714 */ 3715 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3716 direct + 2 * basic_offset); 3717 /* and write it to the basic map */ 3718 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3719 rateptr); 3720 } 3721} 3722 3723static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3724 struct ieee80211_vif *vif, 3725 struct ieee80211_bss_conf *conf, 3726 u32 changed) 3727{ 3728 struct b43_wl *wl = hw_to_b43_wl(hw); 3729 struct b43_wldev *dev; 3730 3731 mutex_lock(&wl->mutex); 3732 3733 dev = wl->current_dev; 3734 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3735 goto out_unlock_mutex; 3736 3737 B43_WARN_ON(wl->vif != vif); 3738 3739 if (changed & BSS_CHANGED_BSSID) { 3740 if (conf->bssid) 3741 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3742 else 3743 memset(wl->bssid, 0, ETH_ALEN); 3744 } 3745 3746 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3747 if (changed & BSS_CHANGED_BEACON && 3748 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3749 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3750 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3751 b43_update_templates(wl); 3752 3753 if (changed & BSS_CHANGED_BSSID) 3754 b43_write_mac_bssid_templates(dev); 3755 } 3756 3757 b43_mac_suspend(dev); 3758 3759 /* Update templates for AP/mesh mode. */ 3760 if (changed & BSS_CHANGED_BEACON_INT && 3761 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3762 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3763 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3764 b43_set_beacon_int(dev, conf->beacon_int); 3765 3766 if (changed & BSS_CHANGED_BASIC_RATES) 3767 b43_update_basic_rates(dev, conf->basic_rates); 3768 3769 if (changed & BSS_CHANGED_ERP_SLOT) { 3770 if (conf->use_short_slot) 3771 b43_short_slot_timing_enable(dev); 3772 else 3773 b43_short_slot_timing_disable(dev); 3774 } 3775 3776 b43_mac_enable(dev); 3777out_unlock_mutex: 3778 mutex_unlock(&wl->mutex); 3779} 3780 3781static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3782 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3783 struct ieee80211_key_conf *key) 3784{ 3785 struct b43_wl *wl = hw_to_b43_wl(hw); 3786 struct b43_wldev *dev; 3787 u8 algorithm; 3788 u8 index; 3789 int err; 3790 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3791 3792 if (modparam_nohwcrypt) 3793 return -ENOSPC; /* User disabled HW-crypto */ 3794 3795 mutex_lock(&wl->mutex); 3796 3797 dev = wl->current_dev; 3798 err = -ENODEV; 3799 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3800 goto out_unlock; 3801 3802 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3803 /* We don't have firmware for the crypto engine. 3804 * Must use software-crypto. */ 3805 err = -EOPNOTSUPP; 3806 goto out_unlock; 3807 } 3808 3809 err = -EINVAL; 3810 switch (key->cipher) { 3811 case WLAN_CIPHER_SUITE_WEP40: 3812 algorithm = B43_SEC_ALGO_WEP40; 3813 break; 3814 case WLAN_CIPHER_SUITE_WEP104: 3815 algorithm = B43_SEC_ALGO_WEP104; 3816 break; 3817 case WLAN_CIPHER_SUITE_TKIP: 3818 algorithm = B43_SEC_ALGO_TKIP; 3819 break; 3820 case WLAN_CIPHER_SUITE_CCMP: 3821 algorithm = B43_SEC_ALGO_AES; 3822 break; 3823 default: 3824 B43_WARN_ON(1); 3825 goto out_unlock; 3826 } 3827 index = (u8) (key->keyidx); 3828 if (index > 3) 3829 goto out_unlock; 3830 3831 switch (cmd) { 3832 case SET_KEY: 3833 if (algorithm == B43_SEC_ALGO_TKIP && 3834 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3835 !modparam_hwtkip)) { 3836 /* We support only pairwise key */ 3837 err = -EOPNOTSUPP; 3838 goto out_unlock; 3839 } 3840 3841 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3842 if (WARN_ON(!sta)) { 3843 err = -EOPNOTSUPP; 3844 goto out_unlock; 3845 } 3846 /* Pairwise key with an assigned MAC address. */ 3847 err = b43_key_write(dev, -1, algorithm, 3848 key->key, key->keylen, 3849 sta->addr, key); 3850 } else { 3851 /* Group key */ 3852 err = b43_key_write(dev, index, algorithm, 3853 key->key, key->keylen, NULL, key); 3854 } 3855 if (err) 3856 goto out_unlock; 3857 3858 if (algorithm == B43_SEC_ALGO_WEP40 || 3859 algorithm == B43_SEC_ALGO_WEP104) { 3860 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3861 } else { 3862 b43_hf_write(dev, 3863 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3864 } 3865 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3866 if (algorithm == B43_SEC_ALGO_TKIP) 3867 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3868 break; 3869 case DISABLE_KEY: { 3870 err = b43_key_clear(dev, key->hw_key_idx); 3871 if (err) 3872 goto out_unlock; 3873 break; 3874 } 3875 default: 3876 B43_WARN_ON(1); 3877 } 3878 3879out_unlock: 3880 if (!err) { 3881 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3882 "mac: %pM\n", 3883 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3884 sta ? sta->addr : bcast_addr); 3885 b43_dump_keymemory(dev); 3886 } 3887 mutex_unlock(&wl->mutex); 3888 3889 return err; 3890} 3891 3892static void b43_op_configure_filter(struct ieee80211_hw *hw, 3893 unsigned int changed, unsigned int *fflags, 3894 u64 multicast) 3895{ 3896 struct b43_wl *wl = hw_to_b43_wl(hw); 3897 struct b43_wldev *dev; 3898 3899 mutex_lock(&wl->mutex); 3900 dev = wl->current_dev; 3901 if (!dev) { 3902 *fflags = 0; 3903 goto out_unlock; 3904 } 3905 3906 *fflags &= FIF_PROMISC_IN_BSS | 3907 FIF_ALLMULTI | 3908 FIF_FCSFAIL | 3909 FIF_PLCPFAIL | 3910 FIF_CONTROL | 3911 FIF_OTHER_BSS | 3912 FIF_BCN_PRBRESP_PROMISC; 3913 3914 changed &= FIF_PROMISC_IN_BSS | 3915 FIF_ALLMULTI | 3916 FIF_FCSFAIL | 3917 FIF_PLCPFAIL | 3918 FIF_CONTROL | 3919 FIF_OTHER_BSS | 3920 FIF_BCN_PRBRESP_PROMISC; 3921 3922 wl->filter_flags = *fflags; 3923 3924 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3925 b43_adjust_opmode(dev); 3926 3927out_unlock: 3928 mutex_unlock(&wl->mutex); 3929} 3930 3931/* Locking: wl->mutex 3932 * Returns the current dev. This might be different from the passed in dev, 3933 * because the core might be gone away while we unlocked the mutex. */ 3934static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3935{ 3936 struct b43_wl *wl = dev->wl; 3937 struct b43_wldev *orig_dev; 3938 u32 mask; 3939 3940redo: 3941 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3942 return dev; 3943 3944 /* Cancel work. Unlock to avoid deadlocks. */ 3945 mutex_unlock(&wl->mutex); 3946 cancel_delayed_work_sync(&dev->periodic_work); 3947 cancel_work_sync(&wl->tx_work); 3948 mutex_lock(&wl->mutex); 3949 dev = wl->current_dev; 3950 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3951 /* Whoops, aliens ate up the device while we were unlocked. */ 3952 return dev; 3953 } 3954 3955 /* Disable interrupts on the device. */ 3956 b43_set_status(dev, B43_STAT_INITIALIZED); 3957 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) { 3958 /* wl->mutex is locked. That is enough. */ 3959 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3960 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3961 } else { 3962 spin_lock_irq(&wl->hardirq_lock); 3963 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3964 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3965 spin_unlock_irq(&wl->hardirq_lock); 3966 } 3967 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3968 orig_dev = dev; 3969 mutex_unlock(&wl->mutex); 3970 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) { 3971 b43_sdio_free_irq(dev); 3972 } else { 3973 synchronize_irq(dev->dev->irq); 3974 free_irq(dev->dev->irq, dev); 3975 } 3976 mutex_lock(&wl->mutex); 3977 dev = wl->current_dev; 3978 if (!dev) 3979 return dev; 3980 if (dev != orig_dev) { 3981 if (b43_status(dev) >= B43_STAT_STARTED) 3982 goto redo; 3983 return dev; 3984 } 3985 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 3986 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 3987 3988 /* Drain the TX queue */ 3989 while (skb_queue_len(&wl->tx_queue)) 3990 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 3991 3992 b43_mac_suspend(dev); 3993 b43_leds_exit(dev); 3994 b43dbg(wl, "Wireless interface stopped\n"); 3995 3996 return dev; 3997} 3998 3999/* Locking: wl->mutex */ 4000static int b43_wireless_core_start(struct b43_wldev *dev) 4001{ 4002 int err; 4003 4004 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 4005 4006 drain_txstatus_queue(dev); 4007 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) { 4008 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 4009 if (err) { 4010 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 4011 goto out; 4012 } 4013 } else { 4014 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 4015 b43_interrupt_thread_handler, 4016 IRQF_SHARED, KBUILD_MODNAME, dev); 4017 if (err) { 4018 b43err(dev->wl, "Cannot request IRQ-%d\n", 4019 dev->dev->irq); 4020 goto out; 4021 } 4022 } 4023 4024 /* We are ready to run. */ 4025 ieee80211_wake_queues(dev->wl->hw); 4026 b43_set_status(dev, B43_STAT_STARTED); 4027 4028 /* Start data flow (TX/RX). */ 4029 b43_mac_enable(dev); 4030 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 4031 4032 /* Start maintenance work */ 4033 b43_periodic_tasks_setup(dev); 4034 4035 b43_leds_init(dev); 4036 4037 b43dbg(dev->wl, "Wireless interface started\n"); 4038out: 4039 return err; 4040} 4041 4042/* Get PHY and RADIO versioning numbers */ 4043static int b43_phy_versioning(struct b43_wldev *dev) 4044{ 4045 struct b43_phy *phy = &dev->phy; 4046 u32 tmp; 4047 u8 analog_type; 4048 u8 phy_type; 4049 u8 phy_rev; 4050 u16 radio_manuf; 4051 u16 radio_ver; 4052 u16 radio_rev; 4053 int unsupported = 0; 4054 4055 /* Get PHY versioning */ 4056 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 4057 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 4058 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 4059 phy_rev = (tmp & B43_PHYVER_VERSION); 4060 switch (phy_type) { 4061 case B43_PHYTYPE_A: 4062 if (phy_rev >= 4) 4063 unsupported = 1; 4064 break; 4065 case B43_PHYTYPE_B: 4066 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4067 && phy_rev != 7) 4068 unsupported = 1; 4069 break; 4070 case B43_PHYTYPE_G: 4071 if (phy_rev > 9) 4072 unsupported = 1; 4073 break; 4074#ifdef CONFIG_B43_PHY_N 4075 case B43_PHYTYPE_N: 4076 if (phy_rev > 9) 4077 unsupported = 1; 4078 break; 4079#endif 4080#ifdef CONFIG_B43_PHY_LP 4081 case B43_PHYTYPE_LP: 4082 if (phy_rev > 2) 4083 unsupported = 1; 4084 break; 4085#endif 4086 default: 4087 unsupported = 1; 4088 }; 4089 if (unsupported) { 4090 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4091 "(Analog %u, Type %u, Revision %u)\n", 4092 analog_type, phy_type, phy_rev); 4093 return -EOPNOTSUPP; 4094 } 4095 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4096 analog_type, phy_type, phy_rev); 4097 4098 /* Get RADIO versioning */ 4099 if (dev->sdev->bus->chip_id == 0x4317) { 4100 if (dev->sdev->bus->chip_rev == 0) 4101 tmp = 0x3205017F; 4102 else if (dev->sdev->bus->chip_rev == 1) 4103 tmp = 0x4205017F; 4104 else 4105 tmp = 0x5205017F; 4106 } else { 4107 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4108 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4109 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4110 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4111 } 4112 radio_manuf = (tmp & 0x00000FFF); 4113 radio_ver = (tmp & 0x0FFFF000) >> 12; 4114 radio_rev = (tmp & 0xF0000000) >> 28; 4115 if (radio_manuf != 0x17F /* Broadcom */) 4116 unsupported = 1; 4117 switch (phy_type) { 4118 case B43_PHYTYPE_A: 4119 if (radio_ver != 0x2060) 4120 unsupported = 1; 4121 if (radio_rev != 1) 4122 unsupported = 1; 4123 if (radio_manuf != 0x17F) 4124 unsupported = 1; 4125 break; 4126 case B43_PHYTYPE_B: 4127 if ((radio_ver & 0xFFF0) != 0x2050) 4128 unsupported = 1; 4129 break; 4130 case B43_PHYTYPE_G: 4131 if (radio_ver != 0x2050) 4132 unsupported = 1; 4133 break; 4134 case B43_PHYTYPE_N: 4135 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4136 unsupported = 1; 4137 break; 4138 case B43_PHYTYPE_LP: 4139 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4140 unsupported = 1; 4141 break; 4142 default: 4143 B43_WARN_ON(1); 4144 } 4145 if (unsupported) { 4146 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4147 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4148 radio_manuf, radio_ver, radio_rev); 4149 return -EOPNOTSUPP; 4150 } 4151 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4152 radio_manuf, radio_ver, radio_rev); 4153 4154 phy->radio_manuf = radio_manuf; 4155 phy->radio_ver = radio_ver; 4156 phy->radio_rev = radio_rev; 4157 4158 phy->analog = analog_type; 4159 phy->type = phy_type; 4160 phy->rev = phy_rev; 4161 4162 return 0; 4163} 4164 4165static void setup_struct_phy_for_init(struct b43_wldev *dev, 4166 struct b43_phy *phy) 4167{ 4168 phy->hardware_power_control = !!modparam_hwpctl; 4169 phy->next_txpwr_check_time = jiffies; 4170 /* PHY TX errors counter. */ 4171 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4172 4173#if B43_DEBUG 4174 phy->phy_locked = 0; 4175 phy->radio_locked = 0; 4176#endif 4177} 4178 4179static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4180{ 4181 dev->dfq_valid = 0; 4182 4183 /* Assume the radio is enabled. If it's not enabled, the state will 4184 * immediately get fixed on the first periodic work run. */ 4185 dev->radio_hw_enable = 1; 4186 4187 /* Stats */ 4188 memset(&dev->stats, 0, sizeof(dev->stats)); 4189 4190 setup_struct_phy_for_init(dev, &dev->phy); 4191 4192 /* IRQ related flags */ 4193 dev->irq_reason = 0; 4194 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4195 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4196 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4197 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4198 4199 dev->mac_suspended = 1; 4200 4201 /* Noise calculation context */ 4202 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4203} 4204 4205static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4206{ 4207 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4208 u64 hf; 4209 4210 if (!modparam_btcoex) 4211 return; 4212 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4213 return; 4214 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4215 return; 4216 4217 hf = b43_hf_read(dev); 4218 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4219 hf |= B43_HF_BTCOEXALT; 4220 else 4221 hf |= B43_HF_BTCOEX; 4222 b43_hf_write(dev, hf); 4223} 4224 4225static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4226{ 4227 if (!modparam_btcoex) 4228 return; 4229 //TODO 4230} 4231 4232static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4233{ 4234 struct ssb_bus *bus = dev->sdev->bus; 4235 u32 tmp; 4236 4237 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) || 4238 (bus->chip_id == 0x4312)) { 4239 tmp = ssb_read32(dev->sdev, SSB_IMCFGLO); 4240 tmp &= ~SSB_IMCFGLO_REQTO; 4241 tmp &= ~SSB_IMCFGLO_SERTO; 4242 tmp |= 0x3; 4243 ssb_write32(dev->sdev, SSB_IMCFGLO, tmp); 4244 ssb_commit_settings(bus); 4245 } 4246} 4247 4248static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4249{ 4250 u16 pu_delay; 4251 4252 /* The time value is in microseconds. */ 4253 if (dev->phy.type == B43_PHYTYPE_A) 4254 pu_delay = 3700; 4255 else 4256 pu_delay = 1050; 4257 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4258 pu_delay = 500; 4259 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4260 pu_delay = max(pu_delay, (u16)2400); 4261 4262 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4263} 4264 4265/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4266static void b43_set_pretbtt(struct b43_wldev *dev) 4267{ 4268 u16 pretbtt; 4269 4270 /* The time value is in microseconds. */ 4271 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4272 pretbtt = 2; 4273 } else { 4274 if (dev->phy.type == B43_PHYTYPE_A) 4275 pretbtt = 120; 4276 else 4277 pretbtt = 250; 4278 } 4279 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4280 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4281} 4282 4283/* Shutdown a wireless core */ 4284/* Locking: wl->mutex */ 4285static void b43_wireless_core_exit(struct b43_wldev *dev) 4286{ 4287 u32 macctl; 4288 4289 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4290 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4291 return; 4292 4293 /* Unregister HW RNG driver */ 4294 b43_rng_exit(dev->wl); 4295 4296 b43_set_status(dev, B43_STAT_UNINIT); 4297 4298 /* Stop the microcode PSM. */ 4299 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4300 macctl &= ~B43_MACCTL_PSM_RUN; 4301 macctl |= B43_MACCTL_PSM_JMP0; 4302 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4303 4304 b43_dma_free(dev); 4305 b43_pio_free(dev); 4306 b43_chip_exit(dev); 4307 dev->phy.ops->switch_analog(dev, 0); 4308 if (dev->wl->current_beacon) { 4309 dev_kfree_skb_any(dev->wl->current_beacon); 4310 dev->wl->current_beacon = NULL; 4311 } 4312 4313 ssb_device_disable(dev->sdev, 0); 4314 ssb_bus_may_powerdown(dev->sdev->bus); 4315} 4316 4317/* Initialize a wireless core */ 4318static int b43_wireless_core_init(struct b43_wldev *dev) 4319{ 4320 struct ssb_bus *bus = dev->sdev->bus; 4321 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4322 struct b43_phy *phy = &dev->phy; 4323 int err; 4324 u64 hf; 4325 u32 tmp; 4326 4327 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4328 4329 err = ssb_bus_powerup(bus, 0); 4330 if (err) 4331 goto out; 4332 if (!ssb_device_is_enabled(dev->sdev)) { 4333 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 4334 b43_wireless_core_reset(dev, tmp); 4335 } 4336 4337 /* Reset all data structures. */ 4338 setup_struct_wldev_for_init(dev); 4339 phy->ops->prepare_structs(dev); 4340 4341 /* Enable IRQ routing to this device. */ 4342 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev); 4343 4344 b43_imcfglo_timeouts_workaround(dev); 4345 b43_bluetooth_coext_disable(dev); 4346 if (phy->ops->prepare_hardware) { 4347 err = phy->ops->prepare_hardware(dev); 4348 if (err) 4349 goto err_busdown; 4350 } 4351 err = b43_chip_init(dev); 4352 if (err) 4353 goto err_busdown; 4354 b43_shm_write16(dev, B43_SHM_SHARED, 4355 B43_SHM_SH_WLCOREREV, dev->dev->core_rev); 4356 hf = b43_hf_read(dev); 4357 if (phy->type == B43_PHYTYPE_G) { 4358 hf |= B43_HF_SYMW; 4359 if (phy->rev == 1) 4360 hf |= B43_HF_GDCW; 4361 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4362 hf |= B43_HF_OFDMPABOOST; 4363 } 4364 if (phy->radio_ver == 0x2050) { 4365 if (phy->radio_rev == 6) 4366 hf |= B43_HF_4318TSSI; 4367 if (phy->radio_rev < 6) 4368 hf |= B43_HF_VCORECALC; 4369 } 4370 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4371 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4372#ifdef CONFIG_SSB_DRIVER_PCICORE 4373 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4374 (bus->pcicore.dev->id.revision <= 10)) 4375 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4376#endif 4377 hf &= ~B43_HF_SKCFPUP; 4378 b43_hf_write(dev, hf); 4379 4380 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4381 B43_DEFAULT_LONG_RETRY_LIMIT); 4382 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4383 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4384 4385 /* Disable sending probe responses from firmware. 4386 * Setting the MaxTime to one usec will always trigger 4387 * a timeout, so we never send any probe resp. 4388 * A timeout of zero is infinite. */ 4389 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4390 4391 b43_rate_memory_init(dev); 4392 b43_set_phytxctl_defaults(dev); 4393 4394 /* Minimum Contention Window */ 4395 if (phy->type == B43_PHYTYPE_B) 4396 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4397 else 4398 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4399 /* Maximum Contention Window */ 4400 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4401 4402 if ((dev->sdev->bus->bustype == SSB_BUSTYPE_PCMCIA) || 4403 (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) || 4404 dev->use_pio) { 4405 dev->__using_pio_transfers = 1; 4406 err = b43_pio_init(dev); 4407 } else { 4408 dev->__using_pio_transfers = 0; 4409 err = b43_dma_init(dev); 4410 } 4411 if (err) 4412 goto err_chip_exit; 4413 b43_qos_init(dev); 4414 b43_set_synth_pu_delay(dev, 1); 4415 b43_bluetooth_coext_enable(dev); 4416 4417 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4418 b43_upload_card_macaddress(dev); 4419 b43_security_init(dev); 4420 4421 ieee80211_wake_queues(dev->wl->hw); 4422 4423 b43_set_status(dev, B43_STAT_INITIALIZED); 4424 4425 /* Register HW RNG driver */ 4426 b43_rng_init(dev->wl); 4427 4428out: 4429 return err; 4430 4431err_chip_exit: 4432 b43_chip_exit(dev); 4433err_busdown: 4434 ssb_bus_may_powerdown(bus); 4435 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4436 return err; 4437} 4438 4439static int b43_op_add_interface(struct ieee80211_hw *hw, 4440 struct ieee80211_vif *vif) 4441{ 4442 struct b43_wl *wl = hw_to_b43_wl(hw); 4443 struct b43_wldev *dev; 4444 int err = -EOPNOTSUPP; 4445 4446 /* TODO: allow WDS/AP devices to coexist */ 4447 4448 if (vif->type != NL80211_IFTYPE_AP && 4449 vif->type != NL80211_IFTYPE_MESH_POINT && 4450 vif->type != NL80211_IFTYPE_STATION && 4451 vif->type != NL80211_IFTYPE_WDS && 4452 vif->type != NL80211_IFTYPE_ADHOC) 4453 return -EOPNOTSUPP; 4454 4455 mutex_lock(&wl->mutex); 4456 if (wl->operating) 4457 goto out_mutex_unlock; 4458 4459 b43dbg(wl, "Adding Interface type %d\n", vif->type); 4460 4461 dev = wl->current_dev; 4462 wl->operating = 1; 4463 wl->vif = vif; 4464 wl->if_type = vif->type; 4465 memcpy(wl->mac_addr, vif->addr, ETH_ALEN); 4466 4467 b43_adjust_opmode(dev); 4468 b43_set_pretbtt(dev); 4469 b43_set_synth_pu_delay(dev, 0); 4470 b43_upload_card_macaddress(dev); 4471 4472 err = 0; 4473 out_mutex_unlock: 4474 mutex_unlock(&wl->mutex); 4475 4476 return err; 4477} 4478 4479static void b43_op_remove_interface(struct ieee80211_hw *hw, 4480 struct ieee80211_vif *vif) 4481{ 4482 struct b43_wl *wl = hw_to_b43_wl(hw); 4483 struct b43_wldev *dev = wl->current_dev; 4484 4485 b43dbg(wl, "Removing Interface type %d\n", vif->type); 4486 4487 mutex_lock(&wl->mutex); 4488 4489 B43_WARN_ON(!wl->operating); 4490 B43_WARN_ON(wl->vif != vif); 4491 wl->vif = NULL; 4492 4493 wl->operating = 0; 4494 4495 b43_adjust_opmode(dev); 4496 memset(wl->mac_addr, 0, ETH_ALEN); 4497 b43_upload_card_macaddress(dev); 4498 4499 mutex_unlock(&wl->mutex); 4500} 4501 4502static int b43_op_start(struct ieee80211_hw *hw) 4503{ 4504 struct b43_wl *wl = hw_to_b43_wl(hw); 4505 struct b43_wldev *dev = wl->current_dev; 4506 int did_init = 0; 4507 int err = 0; 4508 4509 /* Kill all old instance specific information to make sure 4510 * the card won't use it in the short timeframe between start 4511 * and mac80211 reconfiguring it. */ 4512 memset(wl->bssid, 0, ETH_ALEN); 4513 memset(wl->mac_addr, 0, ETH_ALEN); 4514 wl->filter_flags = 0; 4515 wl->radiotap_enabled = 0; 4516 b43_qos_clear(wl); 4517 wl->beacon0_uploaded = 0; 4518 wl->beacon1_uploaded = 0; 4519 wl->beacon_templates_virgin = 1; 4520 wl->radio_enabled = 1; 4521 4522 mutex_lock(&wl->mutex); 4523 4524 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4525 err = b43_wireless_core_init(dev); 4526 if (err) 4527 goto out_mutex_unlock; 4528 did_init = 1; 4529 } 4530 4531 if (b43_status(dev) < B43_STAT_STARTED) { 4532 err = b43_wireless_core_start(dev); 4533 if (err) { 4534 if (did_init) 4535 b43_wireless_core_exit(dev); 4536 goto out_mutex_unlock; 4537 } 4538 } 4539 4540 /* XXX: only do if device doesn't support rfkill irq */ 4541 wiphy_rfkill_start_polling(hw->wiphy); 4542 4543 out_mutex_unlock: 4544 mutex_unlock(&wl->mutex); 4545 4546 return err; 4547} 4548 4549static void b43_op_stop(struct ieee80211_hw *hw) 4550{ 4551 struct b43_wl *wl = hw_to_b43_wl(hw); 4552 struct b43_wldev *dev = wl->current_dev; 4553 4554 cancel_work_sync(&(wl->beacon_update_trigger)); 4555 4556 mutex_lock(&wl->mutex); 4557 if (b43_status(dev) >= B43_STAT_STARTED) { 4558 dev = b43_wireless_core_stop(dev); 4559 if (!dev) 4560 goto out_unlock; 4561 } 4562 b43_wireless_core_exit(dev); 4563 wl->radio_enabled = 0; 4564 4565out_unlock: 4566 mutex_unlock(&wl->mutex); 4567 4568 cancel_work_sync(&(wl->txpower_adjust_work)); 4569} 4570 4571static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4572 struct ieee80211_sta *sta, bool set) 4573{ 4574 struct b43_wl *wl = hw_to_b43_wl(hw); 4575 4576 /* FIXME: add locking */ 4577 b43_update_templates(wl); 4578 4579 return 0; 4580} 4581 4582static void b43_op_sta_notify(struct ieee80211_hw *hw, 4583 struct ieee80211_vif *vif, 4584 enum sta_notify_cmd notify_cmd, 4585 struct ieee80211_sta *sta) 4586{ 4587 struct b43_wl *wl = hw_to_b43_wl(hw); 4588 4589 B43_WARN_ON(!vif || wl->vif != vif); 4590} 4591 4592static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4593{ 4594 struct b43_wl *wl = hw_to_b43_wl(hw); 4595 struct b43_wldev *dev; 4596 4597 mutex_lock(&wl->mutex); 4598 dev = wl->current_dev; 4599 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4600 /* Disable CFP update during scan on other channels. */ 4601 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4602 } 4603 mutex_unlock(&wl->mutex); 4604} 4605 4606static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4607{ 4608 struct b43_wl *wl = hw_to_b43_wl(hw); 4609 struct b43_wldev *dev; 4610 4611 mutex_lock(&wl->mutex); 4612 dev = wl->current_dev; 4613 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4614 /* Re-enable CFP update. */ 4615 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4616 } 4617 mutex_unlock(&wl->mutex); 4618} 4619 4620static int b43_op_get_survey(struct ieee80211_hw *hw, int idx, 4621 struct survey_info *survey) 4622{ 4623 struct b43_wl *wl = hw_to_b43_wl(hw); 4624 struct b43_wldev *dev = wl->current_dev; 4625 struct ieee80211_conf *conf = &hw->conf; 4626 4627 if (idx != 0) 4628 return -ENOENT; 4629 4630 survey->channel = conf->channel; 4631 survey->filled = SURVEY_INFO_NOISE_DBM; 4632 survey->noise = dev->stats.link_noise; 4633 4634 return 0; 4635} 4636 4637static const struct ieee80211_ops b43_hw_ops = { 4638 .tx = b43_op_tx, 4639 .conf_tx = b43_op_conf_tx, 4640 .add_interface = b43_op_add_interface, 4641 .remove_interface = b43_op_remove_interface, 4642 .config = b43_op_config, 4643 .bss_info_changed = b43_op_bss_info_changed, 4644 .configure_filter = b43_op_configure_filter, 4645 .set_key = b43_op_set_key, 4646 .update_tkip_key = b43_op_update_tkip_key, 4647 .get_stats = b43_op_get_stats, 4648 .get_tsf = b43_op_get_tsf, 4649 .set_tsf = b43_op_set_tsf, 4650 .start = b43_op_start, 4651 .stop = b43_op_stop, 4652 .set_tim = b43_op_beacon_set_tim, 4653 .sta_notify = b43_op_sta_notify, 4654 .sw_scan_start = b43_op_sw_scan_start_notifier, 4655 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4656 .get_survey = b43_op_get_survey, 4657 .rfkill_poll = b43_rfkill_poll, 4658}; 4659 4660/* Hard-reset the chip. Do not call this directly. 4661 * Use b43_controller_restart() 4662 */ 4663static void b43_chip_reset(struct work_struct *work) 4664{ 4665 struct b43_wldev *dev = 4666 container_of(work, struct b43_wldev, restart_work); 4667 struct b43_wl *wl = dev->wl; 4668 int err = 0; 4669 int prev_status; 4670 4671 mutex_lock(&wl->mutex); 4672 4673 prev_status = b43_status(dev); 4674 /* Bring the device down... */ 4675 if (prev_status >= B43_STAT_STARTED) { 4676 dev = b43_wireless_core_stop(dev); 4677 if (!dev) { 4678 err = -ENODEV; 4679 goto out; 4680 } 4681 } 4682 if (prev_status >= B43_STAT_INITIALIZED) 4683 b43_wireless_core_exit(dev); 4684 4685 /* ...and up again. */ 4686 if (prev_status >= B43_STAT_INITIALIZED) { 4687 err = b43_wireless_core_init(dev); 4688 if (err) 4689 goto out; 4690 } 4691 if (prev_status >= B43_STAT_STARTED) { 4692 err = b43_wireless_core_start(dev); 4693 if (err) { 4694 b43_wireless_core_exit(dev); 4695 goto out; 4696 } 4697 } 4698out: 4699 if (err) 4700 wl->current_dev = NULL; /* Failed to init the dev. */ 4701 mutex_unlock(&wl->mutex); 4702 if (err) 4703 b43err(wl, "Controller restart FAILED\n"); 4704 else 4705 b43info(wl, "Controller restarted\n"); 4706} 4707 4708static int b43_setup_bands(struct b43_wldev *dev, 4709 bool have_2ghz_phy, bool have_5ghz_phy) 4710{ 4711 struct ieee80211_hw *hw = dev->wl->hw; 4712 4713 if (have_2ghz_phy) 4714 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4715 if (dev->phy.type == B43_PHYTYPE_N) { 4716 if (have_5ghz_phy) 4717 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4718 } else { 4719 if (have_5ghz_phy) 4720 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4721 } 4722 4723 dev->phy.supports_2ghz = have_2ghz_phy; 4724 dev->phy.supports_5ghz = have_5ghz_phy; 4725 4726 return 0; 4727} 4728 4729static void b43_wireless_core_detach(struct b43_wldev *dev) 4730{ 4731 /* We release firmware that late to not be required to re-request 4732 * is all the time when we reinit the core. */ 4733 b43_release_firmware(dev); 4734 b43_phy_free(dev); 4735} 4736 4737static int b43_wireless_core_attach(struct b43_wldev *dev) 4738{ 4739 struct b43_wl *wl = dev->wl; 4740 struct ssb_bus *bus = dev->sdev->bus; 4741 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL; 4742 int err; 4743 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4744 u32 tmp; 4745 4746 /* Do NOT do any device initialization here. 4747 * Do it in wireless_core_init() instead. 4748 * This function is for gathering basic information about the HW, only. 4749 * Also some structs may be set up here. But most likely you want to have 4750 * that in core_init(), too. 4751 */ 4752 4753 err = ssb_bus_powerup(bus, 0); 4754 if (err) { 4755 b43err(wl, "Bus powerup failed\n"); 4756 goto out; 4757 } 4758 /* Get the PHY type. */ 4759 if (dev->dev->core_rev >= 5) { 4760 u32 tmshigh; 4761 4762 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH); 4763 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4764 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4765 } else 4766 B43_WARN_ON(1); 4767 4768 dev->phy.gmode = have_2ghz_phy; 4769 dev->phy.radio_on = 1; 4770 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4771 b43_wireless_core_reset(dev, tmp); 4772 4773 err = b43_phy_versioning(dev); 4774 if (err) 4775 goto err_powerdown; 4776 /* Check if this device supports multiband. */ 4777 if (!pdev || 4778 (pdev->device != 0x4312 && 4779 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4780 /* No multiband support. */ 4781 have_2ghz_phy = 0; 4782 have_5ghz_phy = 0; 4783 switch (dev->phy.type) { 4784 case B43_PHYTYPE_A: 4785 have_5ghz_phy = 1; 4786 break; 4787 case B43_PHYTYPE_LP: //FIXME not always! 4788#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4789 have_5ghz_phy = 1; 4790#endif 4791 case B43_PHYTYPE_G: 4792 case B43_PHYTYPE_N: 4793 have_2ghz_phy = 1; 4794 break; 4795 default: 4796 B43_WARN_ON(1); 4797 } 4798 } 4799 if (dev->phy.type == B43_PHYTYPE_A) { 4800 /* FIXME */ 4801 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4802 err = -EOPNOTSUPP; 4803 goto err_powerdown; 4804 } 4805 if (1 /* disable A-PHY */) { 4806 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4807 if (dev->phy.type != B43_PHYTYPE_N && 4808 dev->phy.type != B43_PHYTYPE_LP) { 4809 have_2ghz_phy = 1; 4810 have_5ghz_phy = 0; 4811 } 4812 } 4813 4814 err = b43_phy_allocate(dev); 4815 if (err) 4816 goto err_powerdown; 4817 4818 dev->phy.gmode = have_2ghz_phy; 4819 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4820 b43_wireless_core_reset(dev, tmp); 4821 4822 err = b43_validate_chipaccess(dev); 4823 if (err) 4824 goto err_phy_free; 4825 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4826 if (err) 4827 goto err_phy_free; 4828 4829 /* Now set some default "current_dev" */ 4830 if (!wl->current_dev) 4831 wl->current_dev = dev; 4832 INIT_WORK(&dev->restart_work, b43_chip_reset); 4833 4834 dev->phy.ops->switch_analog(dev, 0); 4835 ssb_device_disable(dev->sdev, 0); 4836 ssb_bus_may_powerdown(bus); 4837 4838out: 4839 return err; 4840 4841err_phy_free: 4842 b43_phy_free(dev); 4843err_powerdown: 4844 ssb_bus_may_powerdown(bus); 4845 return err; 4846} 4847 4848static void b43_one_core_detach(struct b43_bus_dev *dev) 4849{ 4850 struct b43_wldev *wldev; 4851 struct b43_wl *wl; 4852 4853 /* Do not cancel ieee80211-workqueue based work here. 4854 * See comment in b43_remove(). */ 4855 4856 wldev = ssb_get_drvdata(dev->sdev); 4857 wl = wldev->wl; 4858 b43_debugfs_remove_device(wldev); 4859 b43_wireless_core_detach(wldev); 4860 list_del(&wldev->list); 4861 wl->nr_devs--; 4862 ssb_set_drvdata(dev->sdev, NULL); 4863 kfree(wldev); 4864} 4865 4866static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl) 4867{ 4868 struct b43_wldev *wldev; 4869 int err = -ENOMEM; 4870 4871 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4872 if (!wldev) 4873 goto out; 4874 4875 wldev->use_pio = b43_modparam_pio; 4876 wldev->dev = dev; 4877 wldev->sdev = dev->sdev; /* TODO: Remove when not needed */ 4878 wldev->wl = wl; 4879 b43_set_status(wldev, B43_STAT_UNINIT); 4880 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4881 INIT_LIST_HEAD(&wldev->list); 4882 4883 err = b43_wireless_core_attach(wldev); 4884 if (err) 4885 goto err_kfree_wldev; 4886 4887 list_add(&wldev->list, &wl->devlist); 4888 wl->nr_devs++; 4889 ssb_set_drvdata(dev->sdev, wldev); 4890 b43_debugfs_add_device(wldev); 4891 4892 out: 4893 return err; 4894 4895 err_kfree_wldev: 4896 kfree(wldev); 4897 return err; 4898} 4899 4900#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4901 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4902 (pdev->device == _device) && \ 4903 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4904 (pdev->subsystem_device == _subdevice) ) 4905 4906static void b43_sprom_fixup(struct ssb_bus *bus) 4907{ 4908 struct pci_dev *pdev; 4909 4910 /* boardflags workarounds */ 4911 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4912 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4913 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4914 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4915 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4916 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4917 if (bus->bustype == SSB_BUSTYPE_PCI) { 4918 pdev = bus->host_pci; 4919 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4920 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4921 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4922 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4923 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4924 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4925 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4926 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4927 } 4928} 4929 4930static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl) 4931{ 4932 struct ieee80211_hw *hw = wl->hw; 4933 4934 ssb_set_devtypedata(dev->sdev, NULL); 4935 ieee80211_free_hw(hw); 4936} 4937 4938static struct b43_wl *b43_wireless_init(struct ssb_device *dev) 4939{ 4940 struct ssb_sprom *sprom = &dev->bus->sprom; 4941 struct ieee80211_hw *hw; 4942 struct b43_wl *wl; 4943 4944 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4945 if (!hw) { 4946 b43err(NULL, "Could not allocate ieee80211 device\n"); 4947 return ERR_PTR(-ENOMEM); 4948 } 4949 wl = hw_to_b43_wl(hw); 4950 4951 /* fill hw info */ 4952 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4953 IEEE80211_HW_SIGNAL_DBM; 4954 4955 hw->wiphy->interface_modes = 4956 BIT(NL80211_IFTYPE_AP) | 4957 BIT(NL80211_IFTYPE_MESH_POINT) | 4958 BIT(NL80211_IFTYPE_STATION) | 4959 BIT(NL80211_IFTYPE_WDS) | 4960 BIT(NL80211_IFTYPE_ADHOC); 4961 4962 hw->queues = modparam_qos ? 4 : 1; 4963 wl->mac80211_initially_registered_queues = hw->queues; 4964 hw->max_rates = 2; 4965 SET_IEEE80211_DEV(hw, dev->dev); 4966 if (is_valid_ether_addr(sprom->et1mac)) 4967 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4968 else 4969 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4970 4971 /* Initialize struct b43_wl */ 4972 wl->hw = hw; 4973 mutex_init(&wl->mutex); 4974 spin_lock_init(&wl->hardirq_lock); 4975 INIT_LIST_HEAD(&wl->devlist); 4976 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4977 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 4978 INIT_WORK(&wl->tx_work, b43_tx_work); 4979 skb_queue_head_init(&wl->tx_queue); 4980 4981 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 4982 dev->bus->chip_id, dev->id.revision); 4983 return wl; 4984} 4985 4986static 4987int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id) 4988{ 4989 struct b43_bus_dev *dev; 4990 struct b43_wl *wl; 4991 int err; 4992 int first = 0; 4993 4994 dev = b43_bus_dev_ssb_init(sdev); 4995 4996 wl = ssb_get_devtypedata(sdev); 4997 if (!wl) { 4998 /* Probing the first core. Must setup common struct b43_wl */ 4999 first = 1; 5000 b43_sprom_fixup(sdev->bus); 5001 wl = b43_wireless_init(sdev); 5002 if (IS_ERR(wl)) { 5003 err = PTR_ERR(wl); 5004 goto out; 5005 } 5006 ssb_set_devtypedata(sdev, wl); 5007 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl); 5008 } 5009 err = b43_one_core_attach(dev, wl); 5010 if (err) 5011 goto err_wireless_exit; 5012 5013 if (first) { 5014 err = ieee80211_register_hw(wl->hw); 5015 if (err) 5016 goto err_one_core_detach; 5017 b43_leds_register(wl->current_dev); 5018 } 5019 5020 out: 5021 return err; 5022 5023 err_one_core_detach: 5024 b43_one_core_detach(dev); 5025 err_wireless_exit: 5026 if (first) 5027 b43_wireless_exit(dev, wl); 5028 return err; 5029} 5030 5031static void b43_ssb_remove(struct ssb_device *sdev) 5032{ 5033 struct b43_wl *wl = ssb_get_devtypedata(sdev); 5034 struct b43_wldev *wldev = ssb_get_drvdata(sdev); 5035 5036 /* We must cancel any work here before unregistering from ieee80211, 5037 * as the ieee80211 unreg will destroy the workqueue. */ 5038 cancel_work_sync(&wldev->restart_work); 5039 5040 B43_WARN_ON(!wl); 5041 if (wl->current_dev == wldev) { 5042 /* Restore the queues count before unregistering, because firmware detect 5043 * might have modified it. Restoring is important, so the networking 5044 * stack can properly free resources. */ 5045 wl->hw->queues = wl->mac80211_initially_registered_queues; 5046 b43_leds_stop(wldev); 5047 ieee80211_unregister_hw(wl->hw); 5048 } 5049 5050 b43_one_core_detach(wldev->dev); 5051 5052 if (list_empty(&wl->devlist)) { 5053 b43_leds_unregister(wl); 5054 /* Last core on the chip unregistered. 5055 * We can destroy common struct b43_wl. 5056 */ 5057 b43_wireless_exit(wldev->dev, wl); 5058 } 5059} 5060 5061/* Perform a hardware reset. This can be called from any context. */ 5062void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5063{ 5064 /* Must avoid requeueing, if we are in shutdown. */ 5065 if (b43_status(dev) < B43_STAT_INITIALIZED) 5066 return; 5067 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5068 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5069} 5070 5071static struct ssb_driver b43_ssb_driver = { 5072 .name = KBUILD_MODNAME, 5073 .id_table = b43_ssb_tbl, 5074 .probe = b43_ssb_probe, 5075 .remove = b43_ssb_remove, 5076}; 5077 5078static void b43_print_driverinfo(void) 5079{ 5080 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5081 *feat_leds = "", *feat_sdio = ""; 5082 5083#ifdef CONFIG_B43_PCI_AUTOSELECT 5084 feat_pci = "P"; 5085#endif 5086#ifdef CONFIG_B43_PCMCIA 5087 feat_pcmcia = "M"; 5088#endif 5089#ifdef CONFIG_B43_PHY_N 5090 feat_nphy = "N"; 5091#endif 5092#ifdef CONFIG_B43_LEDS 5093 feat_leds = "L"; 5094#endif 5095#ifdef CONFIG_B43_SDIO 5096 feat_sdio = "S"; 5097#endif 5098 printk(KERN_INFO "Broadcom 43xx driver loaded " 5099 "[ Features: %s%s%s%s%s, Firmware-ID: " 5100 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5101 feat_pci, feat_pcmcia, feat_nphy, 5102 feat_leds, feat_sdio); 5103} 5104 5105static int __init b43_init(void) 5106{ 5107 int err; 5108 5109 b43_debugfs_init(); 5110 err = b43_pcmcia_init(); 5111 if (err) 5112 goto err_dfs_exit; 5113 err = b43_sdio_init(); 5114 if (err) 5115 goto err_pcmcia_exit; 5116 err = ssb_driver_register(&b43_ssb_driver); 5117 if (err) 5118 goto err_sdio_exit; 5119 b43_print_driverinfo(); 5120 5121 return err; 5122 5123err_sdio_exit: 5124 b43_sdio_exit(); 5125err_pcmcia_exit: 5126 b43_pcmcia_exit(); 5127err_dfs_exit: 5128 b43_debugfs_exit(); 5129 return err; 5130} 5131 5132static void __exit b43_exit(void) 5133{ 5134 ssb_driver_unregister(&b43_ssb_driver); 5135 b43_sdio_exit(); 5136 b43_pcmcia_exit(); 5137 b43_debugfs_exit(); 5138} 5139 5140module_init(b43_init) 5141module_exit(b43_exit) 5142