main.c revision c97a4ccc1fad35d3d183900af29c171b6d56b7f9
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 Some parts of the code in this file are derived from the ipw2200 12 driver Copyright(c) 2003 - 2004 Intel Corporation. 13 14 This program is free software; you can redistribute it and/or modify 15 it under the terms of the GNU General Public License as published by 16 the Free Software Foundation; either version 2 of the License, or 17 (at your option) any later version. 18 19 This program is distributed in the hope that it will be useful, 20 but WITHOUT ANY WARRANTY; without even the implied warranty of 21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 GNU General Public License for more details. 23 24 You should have received a copy of the GNU General Public License 25 along with this program; see the file COPYING. If not, write to 26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 27 Boston, MA 02110-1301, USA. 28 29*/ 30 31#include <linux/delay.h> 32#include <linux/init.h> 33#include <linux/moduleparam.h> 34#include <linux/if_arp.h> 35#include <linux/etherdevice.h> 36#include <linux/version.h> 37#include <linux/firmware.h> 38#include <linux/wireless.h> 39#include <linux/workqueue.h> 40#include <linux/skbuff.h> 41#include <linux/io.h> 42#include <linux/dma-mapping.h> 43#include <asm/unaligned.h> 44 45#include "b43.h" 46#include "main.h" 47#include "debugfs.h" 48#include "phy.h" 49#include "nphy.h" 50#include "dma.h" 51#include "pio.h" 52#include "sysfs.h" 53#include "xmit.h" 54#include "lo.h" 55#include "pcmcia.h" 56 57MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 58MODULE_AUTHOR("Martin Langer"); 59MODULE_AUTHOR("Stefano Brivio"); 60MODULE_AUTHOR("Michael Buesch"); 61MODULE_LICENSE("GPL"); 62 63MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 64 65 66static int modparam_bad_frames_preempt; 67module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 68MODULE_PARM_DESC(bad_frames_preempt, 69 "enable(1) / disable(0) Bad Frames Preemption"); 70 71static char modparam_fwpostfix[16]; 72module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 73MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 74 75static int modparam_hwpctl; 76module_param_named(hwpctl, modparam_hwpctl, int, 0444); 77MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 78 79static int modparam_nohwcrypt; 80module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 81MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 82 83int b43_modparam_qos = 1; 84module_param_named(qos, b43_modparam_qos, int, 0444); 85MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 86 87 88static const struct ssb_device_id b43_ssb_tbl[] = { 89 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 90 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 91 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 92 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 96 SSB_DEVTABLE_END 97}; 98 99MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 100 101/* Channel and ratetables are shared for all devices. 102 * They can't be const, because ieee80211 puts some precalculated 103 * data in there. This data is the same for all devices, so we don't 104 * get concurrency issues */ 105#define RATETAB_ENT(_rateid, _flags) \ 106 { \ 107 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 108 .hw_value = (_rateid), \ 109 .flags = (_flags), \ 110 } 111 112/* 113 * NOTE: When changing this, sync with xmit.c's 114 * b43_plcp_get_bitrate_idx_* functions! 115 */ 116static struct ieee80211_rate __b43_ratetable[] = { 117 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 118 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 119 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 120 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 121 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 122 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 123 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 124 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 125 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 126 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 127 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 128 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 129}; 130 131#define b43_a_ratetable (__b43_ratetable + 4) 132#define b43_a_ratetable_size 8 133#define b43_b_ratetable (__b43_ratetable + 0) 134#define b43_b_ratetable_size 4 135#define b43_g_ratetable (__b43_ratetable + 0) 136#define b43_g_ratetable_size 12 137 138#define CHAN4G(_channel, _freq, _flags) { \ 139 .band = IEEE80211_BAND_2GHZ, \ 140 .center_freq = (_freq), \ 141 .hw_value = (_channel), \ 142 .flags = (_flags), \ 143 .max_antenna_gain = 0, \ 144 .max_power = 30, \ 145} 146static struct ieee80211_channel b43_2ghz_chantable[] = { 147 CHAN4G(1, 2412, 0), 148 CHAN4G(2, 2417, 0), 149 CHAN4G(3, 2422, 0), 150 CHAN4G(4, 2427, 0), 151 CHAN4G(5, 2432, 0), 152 CHAN4G(6, 2437, 0), 153 CHAN4G(7, 2442, 0), 154 CHAN4G(8, 2447, 0), 155 CHAN4G(9, 2452, 0), 156 CHAN4G(10, 2457, 0), 157 CHAN4G(11, 2462, 0), 158 CHAN4G(12, 2467, 0), 159 CHAN4G(13, 2472, 0), 160 CHAN4G(14, 2484, 0), 161}; 162#undef CHAN4G 163 164#define CHAN5G(_channel, _flags) { \ 165 .band = IEEE80211_BAND_5GHZ, \ 166 .center_freq = 5000 + (5 * (_channel)), \ 167 .hw_value = (_channel), \ 168 .flags = (_flags), \ 169 .max_antenna_gain = 0, \ 170 .max_power = 30, \ 171} 172static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 173 CHAN5G(32, 0), CHAN5G(34, 0), 174 CHAN5G(36, 0), CHAN5G(38, 0), 175 CHAN5G(40, 0), CHAN5G(42, 0), 176 CHAN5G(44, 0), CHAN5G(46, 0), 177 CHAN5G(48, 0), CHAN5G(50, 0), 178 CHAN5G(52, 0), CHAN5G(54, 0), 179 CHAN5G(56, 0), CHAN5G(58, 0), 180 CHAN5G(60, 0), CHAN5G(62, 0), 181 CHAN5G(64, 0), CHAN5G(66, 0), 182 CHAN5G(68, 0), CHAN5G(70, 0), 183 CHAN5G(72, 0), CHAN5G(74, 0), 184 CHAN5G(76, 0), CHAN5G(78, 0), 185 CHAN5G(80, 0), CHAN5G(82, 0), 186 CHAN5G(84, 0), CHAN5G(86, 0), 187 CHAN5G(88, 0), CHAN5G(90, 0), 188 CHAN5G(92, 0), CHAN5G(94, 0), 189 CHAN5G(96, 0), CHAN5G(98, 0), 190 CHAN5G(100, 0), CHAN5G(102, 0), 191 CHAN5G(104, 0), CHAN5G(106, 0), 192 CHAN5G(108, 0), CHAN5G(110, 0), 193 CHAN5G(112, 0), CHAN5G(114, 0), 194 CHAN5G(116, 0), CHAN5G(118, 0), 195 CHAN5G(120, 0), CHAN5G(122, 0), 196 CHAN5G(124, 0), CHAN5G(126, 0), 197 CHAN5G(128, 0), CHAN5G(130, 0), 198 CHAN5G(132, 0), CHAN5G(134, 0), 199 CHAN5G(136, 0), CHAN5G(138, 0), 200 CHAN5G(140, 0), CHAN5G(142, 0), 201 CHAN5G(144, 0), CHAN5G(145, 0), 202 CHAN5G(146, 0), CHAN5G(147, 0), 203 CHAN5G(148, 0), CHAN5G(149, 0), 204 CHAN5G(150, 0), CHAN5G(151, 0), 205 CHAN5G(152, 0), CHAN5G(153, 0), 206 CHAN5G(154, 0), CHAN5G(155, 0), 207 CHAN5G(156, 0), CHAN5G(157, 0), 208 CHAN5G(158, 0), CHAN5G(159, 0), 209 CHAN5G(160, 0), CHAN5G(161, 0), 210 CHAN5G(162, 0), CHAN5G(163, 0), 211 CHAN5G(164, 0), CHAN5G(165, 0), 212 CHAN5G(166, 0), CHAN5G(168, 0), 213 CHAN5G(170, 0), CHAN5G(172, 0), 214 CHAN5G(174, 0), CHAN5G(176, 0), 215 CHAN5G(178, 0), CHAN5G(180, 0), 216 CHAN5G(182, 0), CHAN5G(184, 0), 217 CHAN5G(186, 0), CHAN5G(188, 0), 218 CHAN5G(190, 0), CHAN5G(192, 0), 219 CHAN5G(194, 0), CHAN5G(196, 0), 220 CHAN5G(198, 0), CHAN5G(200, 0), 221 CHAN5G(202, 0), CHAN5G(204, 0), 222 CHAN5G(206, 0), CHAN5G(208, 0), 223 CHAN5G(210, 0), CHAN5G(212, 0), 224 CHAN5G(214, 0), CHAN5G(216, 0), 225 CHAN5G(218, 0), CHAN5G(220, 0), 226 CHAN5G(222, 0), CHAN5G(224, 0), 227 CHAN5G(226, 0), CHAN5G(228, 0), 228}; 229 230static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 231 CHAN5G(34, 0), CHAN5G(36, 0), 232 CHAN5G(38, 0), CHAN5G(40, 0), 233 CHAN5G(42, 0), CHAN5G(44, 0), 234 CHAN5G(46, 0), CHAN5G(48, 0), 235 CHAN5G(52, 0), CHAN5G(56, 0), 236 CHAN5G(60, 0), CHAN5G(64, 0), 237 CHAN5G(100, 0), CHAN5G(104, 0), 238 CHAN5G(108, 0), CHAN5G(112, 0), 239 CHAN5G(116, 0), CHAN5G(120, 0), 240 CHAN5G(124, 0), CHAN5G(128, 0), 241 CHAN5G(132, 0), CHAN5G(136, 0), 242 CHAN5G(140, 0), CHAN5G(149, 0), 243 CHAN5G(153, 0), CHAN5G(157, 0), 244 CHAN5G(161, 0), CHAN5G(165, 0), 245 CHAN5G(184, 0), CHAN5G(188, 0), 246 CHAN5G(192, 0), CHAN5G(196, 0), 247 CHAN5G(200, 0), CHAN5G(204, 0), 248 CHAN5G(208, 0), CHAN5G(212, 0), 249 CHAN5G(216, 0), 250}; 251#undef CHAN5G 252 253static struct ieee80211_supported_band b43_band_5GHz_nphy = { 254 .band = IEEE80211_BAND_5GHZ, 255 .channels = b43_5ghz_nphy_chantable, 256 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 257 .bitrates = b43_a_ratetable, 258 .n_bitrates = b43_a_ratetable_size, 259}; 260 261static struct ieee80211_supported_band b43_band_5GHz_aphy = { 262 .band = IEEE80211_BAND_5GHZ, 263 .channels = b43_5ghz_aphy_chantable, 264 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 265 .bitrates = b43_a_ratetable, 266 .n_bitrates = b43_a_ratetable_size, 267}; 268 269static struct ieee80211_supported_band b43_band_2GHz = { 270 .band = IEEE80211_BAND_2GHZ, 271 .channels = b43_2ghz_chantable, 272 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 273 .bitrates = b43_g_ratetable, 274 .n_bitrates = b43_g_ratetable_size, 275}; 276 277static void b43_wireless_core_exit(struct b43_wldev *dev); 278static int b43_wireless_core_init(struct b43_wldev *dev); 279static void b43_wireless_core_stop(struct b43_wldev *dev); 280static int b43_wireless_core_start(struct b43_wldev *dev); 281 282static int b43_ratelimit(struct b43_wl *wl) 283{ 284 if (!wl || !wl->current_dev) 285 return 1; 286 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 287 return 1; 288 /* We are up and running. 289 * Ratelimit the messages to avoid DoS over the net. */ 290 return net_ratelimit(); 291} 292 293void b43info(struct b43_wl *wl, const char *fmt, ...) 294{ 295 va_list args; 296 297 if (!b43_ratelimit(wl)) 298 return; 299 va_start(args, fmt); 300 printk(KERN_INFO "b43-%s: ", 301 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 302 vprintk(fmt, args); 303 va_end(args); 304} 305 306void b43err(struct b43_wl *wl, const char *fmt, ...) 307{ 308 va_list args; 309 310 if (!b43_ratelimit(wl)) 311 return; 312 va_start(args, fmt); 313 printk(KERN_ERR "b43-%s ERROR: ", 314 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 315 vprintk(fmt, args); 316 va_end(args); 317} 318 319void b43warn(struct b43_wl *wl, const char *fmt, ...) 320{ 321 va_list args; 322 323 if (!b43_ratelimit(wl)) 324 return; 325 va_start(args, fmt); 326 printk(KERN_WARNING "b43-%s warning: ", 327 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 328 vprintk(fmt, args); 329 va_end(args); 330} 331 332#if B43_DEBUG 333void b43dbg(struct b43_wl *wl, const char *fmt, ...) 334{ 335 va_list args; 336 337 va_start(args, fmt); 338 printk(KERN_DEBUG "b43-%s debug: ", 339 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 340 vprintk(fmt, args); 341 va_end(args); 342} 343#endif /* DEBUG */ 344 345static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 346{ 347 u32 macctl; 348 349 B43_WARN_ON(offset % 4 != 0); 350 351 macctl = b43_read32(dev, B43_MMIO_MACCTL); 352 if (macctl & B43_MACCTL_BE) 353 val = swab32(val); 354 355 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 356 mmiowb(); 357 b43_write32(dev, B43_MMIO_RAM_DATA, val); 358} 359 360static inline void b43_shm_control_word(struct b43_wldev *dev, 361 u16 routing, u16 offset) 362{ 363 u32 control; 364 365 /* "offset" is the WORD offset. */ 366 control = routing; 367 control <<= 16; 368 control |= offset; 369 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 370} 371 372u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 373{ 374 struct b43_wl *wl = dev->wl; 375 unsigned long flags; 376 u32 ret; 377 378 spin_lock_irqsave(&wl->shm_lock, flags); 379 if (routing == B43_SHM_SHARED) { 380 B43_WARN_ON(offset & 0x0001); 381 if (offset & 0x0003) { 382 /* Unaligned access */ 383 b43_shm_control_word(dev, routing, offset >> 2); 384 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 385 ret <<= 16; 386 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 387 ret |= b43_read16(dev, B43_MMIO_SHM_DATA); 388 389 goto out; 390 } 391 offset >>= 2; 392 } 393 b43_shm_control_word(dev, routing, offset); 394 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 395out: 396 spin_unlock_irqrestore(&wl->shm_lock, flags); 397 398 return ret; 399} 400 401u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset) 402{ 403 struct b43_wl *wl = dev->wl; 404 unsigned long flags; 405 u16 ret; 406 407 spin_lock_irqsave(&wl->shm_lock, flags); 408 if (routing == B43_SHM_SHARED) { 409 B43_WARN_ON(offset & 0x0001); 410 if (offset & 0x0003) { 411 /* Unaligned access */ 412 b43_shm_control_word(dev, routing, offset >> 2); 413 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 414 415 goto out; 416 } 417 offset >>= 2; 418 } 419 b43_shm_control_word(dev, routing, offset); 420 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 421out: 422 spin_unlock_irqrestore(&wl->shm_lock, flags); 423 424 return ret; 425} 426 427void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 428{ 429 struct b43_wl *wl = dev->wl; 430 unsigned long flags; 431 432 spin_lock_irqsave(&wl->shm_lock, flags); 433 if (routing == B43_SHM_SHARED) { 434 B43_WARN_ON(offset & 0x0001); 435 if (offset & 0x0003) { 436 /* Unaligned access */ 437 b43_shm_control_word(dev, routing, offset >> 2); 438 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 439 (value >> 16) & 0xffff); 440 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 441 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff); 442 goto out; 443 } 444 offset >>= 2; 445 } 446 b43_shm_control_word(dev, routing, offset); 447 b43_write32(dev, B43_MMIO_SHM_DATA, value); 448out: 449 spin_unlock_irqrestore(&wl->shm_lock, flags); 450} 451 452void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 453{ 454 struct b43_wl *wl = dev->wl; 455 unsigned long flags; 456 457 spin_lock_irqsave(&wl->shm_lock, flags); 458 if (routing == B43_SHM_SHARED) { 459 B43_WARN_ON(offset & 0x0001); 460 if (offset & 0x0003) { 461 /* Unaligned access */ 462 b43_shm_control_word(dev, routing, offset >> 2); 463 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 464 goto out; 465 } 466 offset >>= 2; 467 } 468 b43_shm_control_word(dev, routing, offset); 469 b43_write16(dev, B43_MMIO_SHM_DATA, value); 470out: 471 spin_unlock_irqrestore(&wl->shm_lock, flags); 472} 473 474/* Read HostFlags */ 475u64 b43_hf_read(struct b43_wldev * dev) 476{ 477 u64 ret; 478 479 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 480 ret <<= 16; 481 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 482 ret <<= 16; 483 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 484 485 return ret; 486} 487 488/* Write HostFlags */ 489void b43_hf_write(struct b43_wldev *dev, u64 value) 490{ 491 u16 lo, mi, hi; 492 493 lo = (value & 0x00000000FFFFULL); 494 mi = (value & 0x0000FFFF0000ULL) >> 16; 495 hi = (value & 0xFFFF00000000ULL) >> 32; 496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 497 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 498 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 499} 500 501void b43_tsf_read(struct b43_wldev *dev, u64 * tsf) 502{ 503 /* We need to be careful. As we read the TSF from multiple 504 * registers, we should take care of register overflows. 505 * In theory, the whole tsf read process should be atomic. 506 * We try to be atomic here, by restaring the read process, 507 * if any of the high registers changed (overflew). 508 */ 509 if (dev->dev->id.revision >= 3) { 510 u32 low, high, high2; 511 512 do { 513 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 514 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 515 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 516 } while (unlikely(high != high2)); 517 518 *tsf = high; 519 *tsf <<= 32; 520 *tsf |= low; 521 } else { 522 u64 tmp; 523 u16 v0, v1, v2, v3; 524 u16 test1, test2, test3; 525 526 do { 527 v3 = b43_read16(dev, B43_MMIO_TSF_3); 528 v2 = b43_read16(dev, B43_MMIO_TSF_2); 529 v1 = b43_read16(dev, B43_MMIO_TSF_1); 530 v0 = b43_read16(dev, B43_MMIO_TSF_0); 531 532 test3 = b43_read16(dev, B43_MMIO_TSF_3); 533 test2 = b43_read16(dev, B43_MMIO_TSF_2); 534 test1 = b43_read16(dev, B43_MMIO_TSF_1); 535 } while (v3 != test3 || v2 != test2 || v1 != test1); 536 537 *tsf = v3; 538 *tsf <<= 48; 539 tmp = v2; 540 tmp <<= 32; 541 *tsf |= tmp; 542 tmp = v1; 543 tmp <<= 16; 544 *tsf |= tmp; 545 *tsf |= v0; 546 } 547} 548 549static void b43_time_lock(struct b43_wldev *dev) 550{ 551 u32 macctl; 552 553 macctl = b43_read32(dev, B43_MMIO_MACCTL); 554 macctl |= B43_MACCTL_TBTTHOLD; 555 b43_write32(dev, B43_MMIO_MACCTL, macctl); 556 /* Commit the write */ 557 b43_read32(dev, B43_MMIO_MACCTL); 558} 559 560static void b43_time_unlock(struct b43_wldev *dev) 561{ 562 u32 macctl; 563 564 macctl = b43_read32(dev, B43_MMIO_MACCTL); 565 macctl &= ~B43_MACCTL_TBTTHOLD; 566 b43_write32(dev, B43_MMIO_MACCTL, macctl); 567 /* Commit the write */ 568 b43_read32(dev, B43_MMIO_MACCTL); 569} 570 571static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 572{ 573 /* Be careful with the in-progress timer. 574 * First zero out the low register, so we have a full 575 * register-overflow duration to complete the operation. 576 */ 577 if (dev->dev->id.revision >= 3) { 578 u32 lo = (tsf & 0x00000000FFFFFFFFULL); 579 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32; 580 581 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0); 582 mmiowb(); 583 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi); 584 mmiowb(); 585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo); 586 } else { 587 u16 v0 = (tsf & 0x000000000000FFFFULL); 588 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16; 589 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32; 590 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48; 591 592 b43_write16(dev, B43_MMIO_TSF_0, 0); 593 mmiowb(); 594 b43_write16(dev, B43_MMIO_TSF_3, v3); 595 mmiowb(); 596 b43_write16(dev, B43_MMIO_TSF_2, v2); 597 mmiowb(); 598 b43_write16(dev, B43_MMIO_TSF_1, v1); 599 mmiowb(); 600 b43_write16(dev, B43_MMIO_TSF_0, v0); 601 } 602} 603 604void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 605{ 606 b43_time_lock(dev); 607 b43_tsf_write_locked(dev, tsf); 608 b43_time_unlock(dev); 609} 610 611static 612void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac) 613{ 614 static const u8 zero_addr[ETH_ALEN] = { 0 }; 615 u16 data; 616 617 if (!mac) 618 mac = zero_addr; 619 620 offset |= 0x0020; 621 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 622 623 data = mac[0]; 624 data |= mac[1] << 8; 625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 626 data = mac[2]; 627 data |= mac[3] << 8; 628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 629 data = mac[4]; 630 data |= mac[5] << 8; 631 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 632} 633 634static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 635{ 636 const u8 *mac; 637 const u8 *bssid; 638 u8 mac_bssid[ETH_ALEN * 2]; 639 int i; 640 u32 tmp; 641 642 bssid = dev->wl->bssid; 643 mac = dev->wl->mac_addr; 644 645 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 646 647 memcpy(mac_bssid, mac, ETH_ALEN); 648 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 649 650 /* Write our MAC address and BSSID to template ram */ 651 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 652 tmp = (u32) (mac_bssid[i + 0]); 653 tmp |= (u32) (mac_bssid[i + 1]) << 8; 654 tmp |= (u32) (mac_bssid[i + 2]) << 16; 655 tmp |= (u32) (mac_bssid[i + 3]) << 24; 656 b43_ram_write(dev, 0x20 + i, tmp); 657 } 658} 659 660static void b43_upload_card_macaddress(struct b43_wldev *dev) 661{ 662 b43_write_mac_bssid_templates(dev); 663 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 664} 665 666static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 667{ 668 /* slot_time is in usec. */ 669 if (dev->phy.type != B43_PHYTYPE_G) 670 return; 671 b43_write16(dev, 0x684, 510 + slot_time); 672 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 673} 674 675static void b43_short_slot_timing_enable(struct b43_wldev *dev) 676{ 677 b43_set_slot_time(dev, 9); 678 dev->short_slot = 1; 679} 680 681static void b43_short_slot_timing_disable(struct b43_wldev *dev) 682{ 683 b43_set_slot_time(dev, 20); 684 dev->short_slot = 0; 685} 686 687/* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable. 688 * Returns the _previously_ enabled IRQ mask. 689 */ 690static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask) 691{ 692 u32 old_mask; 693 694 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 695 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask); 696 697 return old_mask; 698} 699 700/* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable. 701 * Returns the _previously_ enabled IRQ mask. 702 */ 703static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask) 704{ 705 u32 old_mask; 706 707 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 708 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask); 709 710 return old_mask; 711} 712 713/* Synchronize IRQ top- and bottom-half. 714 * IRQs must be masked before calling this. 715 * This must not be called with the irq_lock held. 716 */ 717static void b43_synchronize_irq(struct b43_wldev *dev) 718{ 719 synchronize_irq(dev->dev->irq); 720 tasklet_kill(&dev->isr_tasklet); 721} 722 723/* DummyTransmission function, as documented on 724 * http://bcm-specs.sipsolutions.net/DummyTransmission 725 */ 726void b43_dummy_transmission(struct b43_wldev *dev) 727{ 728 struct b43_phy *phy = &dev->phy; 729 unsigned int i, max_loop; 730 u16 value; 731 u32 buffer[5] = { 732 0x00000000, 733 0x00D40000, 734 0x00000000, 735 0x01000000, 736 0x00000000, 737 }; 738 739 switch (phy->type) { 740 case B43_PHYTYPE_A: 741 max_loop = 0x1E; 742 buffer[0] = 0x000201CC; 743 break; 744 case B43_PHYTYPE_B: 745 case B43_PHYTYPE_G: 746 max_loop = 0xFA; 747 buffer[0] = 0x000B846E; 748 break; 749 default: 750 B43_WARN_ON(1); 751 return; 752 } 753 754 for (i = 0; i < 5; i++) 755 b43_ram_write(dev, i * 4, buffer[i]); 756 757 /* Commit writes */ 758 b43_read32(dev, B43_MMIO_MACCTL); 759 760 b43_write16(dev, 0x0568, 0x0000); 761 b43_write16(dev, 0x07C0, 0x0000); 762 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0); 763 b43_write16(dev, 0x050C, value); 764 b43_write16(dev, 0x0508, 0x0000); 765 b43_write16(dev, 0x050A, 0x0000); 766 b43_write16(dev, 0x054C, 0x0000); 767 b43_write16(dev, 0x056A, 0x0014); 768 b43_write16(dev, 0x0568, 0x0826); 769 b43_write16(dev, 0x0500, 0x0000); 770 b43_write16(dev, 0x0502, 0x0030); 771 772 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 773 b43_radio_write16(dev, 0x0051, 0x0017); 774 for (i = 0x00; i < max_loop; i++) { 775 value = b43_read16(dev, 0x050E); 776 if (value & 0x0080) 777 break; 778 udelay(10); 779 } 780 for (i = 0x00; i < 0x0A; i++) { 781 value = b43_read16(dev, 0x050E); 782 if (value & 0x0400) 783 break; 784 udelay(10); 785 } 786 for (i = 0x00; i < 0x0A; i++) { 787 value = b43_read16(dev, 0x0690); 788 if (!(value & 0x0100)) 789 break; 790 udelay(10); 791 } 792 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 793 b43_radio_write16(dev, 0x0051, 0x0037); 794} 795 796static void key_write(struct b43_wldev *dev, 797 u8 index, u8 algorithm, const u8 * key) 798{ 799 unsigned int i; 800 u32 offset; 801 u16 value; 802 u16 kidx; 803 804 /* Key index/algo block */ 805 kidx = b43_kidx_to_fw(dev, index); 806 value = ((kidx << 4) | algorithm); 807 b43_shm_write16(dev, B43_SHM_SHARED, 808 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 809 810 /* Write the key to the Key Table Pointer offset */ 811 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 812 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 813 value = key[i]; 814 value |= (u16) (key[i + 1]) << 8; 815 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 816 } 817} 818 819static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr) 820{ 821 u32 addrtmp[2] = { 0, 0, }; 822 u8 per_sta_keys_start = 8; 823 824 if (b43_new_kidx_api(dev)) 825 per_sta_keys_start = 4; 826 827 B43_WARN_ON(index < per_sta_keys_start); 828 /* We have two default TX keys and possibly two default RX keys. 829 * Physical mac 0 is mapped to physical key 4 or 8, depending 830 * on the firmware version. 831 * So we must adjust the index here. 832 */ 833 index -= per_sta_keys_start; 834 835 if (addr) { 836 addrtmp[0] = addr[0]; 837 addrtmp[0] |= ((u32) (addr[1]) << 8); 838 addrtmp[0] |= ((u32) (addr[2]) << 16); 839 addrtmp[0] |= ((u32) (addr[3]) << 24); 840 addrtmp[1] = addr[4]; 841 addrtmp[1] |= ((u32) (addr[5]) << 8); 842 } 843 844 if (dev->dev->id.revision >= 5) { 845 /* Receive match transmitter address mechanism */ 846 b43_shm_write32(dev, B43_SHM_RCMTA, 847 (index * 2) + 0, addrtmp[0]); 848 b43_shm_write16(dev, B43_SHM_RCMTA, 849 (index * 2) + 1, addrtmp[1]); 850 } else { 851 /* RXE (Receive Engine) and 852 * PSM (Programmable State Machine) mechanism 853 */ 854 if (index < 8) { 855 /* TODO write to RCM 16, 19, 22 and 25 */ 856 } else { 857 b43_shm_write32(dev, B43_SHM_SHARED, 858 B43_SHM_SH_PSM + (index * 6) + 0, 859 addrtmp[0]); 860 b43_shm_write16(dev, B43_SHM_SHARED, 861 B43_SHM_SH_PSM + (index * 6) + 4, 862 addrtmp[1]); 863 } 864 } 865} 866 867static void do_key_write(struct b43_wldev *dev, 868 u8 index, u8 algorithm, 869 const u8 * key, size_t key_len, const u8 * mac_addr) 870{ 871 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 872 u8 per_sta_keys_start = 8; 873 874 if (b43_new_kidx_api(dev)) 875 per_sta_keys_start = 4; 876 877 B43_WARN_ON(index >= dev->max_nr_keys); 878 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 879 880 if (index >= per_sta_keys_start) 881 keymac_write(dev, index, NULL); /* First zero out mac. */ 882 if (key) 883 memcpy(buf, key, key_len); 884 key_write(dev, index, algorithm, buf); 885 if (index >= per_sta_keys_start) 886 keymac_write(dev, index, mac_addr); 887 888 dev->key[index].algorithm = algorithm; 889} 890 891static int b43_key_write(struct b43_wldev *dev, 892 int index, u8 algorithm, 893 const u8 * key, size_t key_len, 894 const u8 * mac_addr, 895 struct ieee80211_key_conf *keyconf) 896{ 897 int i; 898 int sta_keys_start; 899 900 if (key_len > B43_SEC_KEYSIZE) 901 return -EINVAL; 902 for (i = 0; i < dev->max_nr_keys; i++) { 903 /* Check that we don't already have this key. */ 904 B43_WARN_ON(dev->key[i].keyconf == keyconf); 905 } 906 if (index < 0) { 907 /* Either pairwise key or address is 00:00:00:00:00:00 908 * for transmit-only keys. Search the index. */ 909 if (b43_new_kidx_api(dev)) 910 sta_keys_start = 4; 911 else 912 sta_keys_start = 8; 913 for (i = sta_keys_start; i < dev->max_nr_keys; i++) { 914 if (!dev->key[i].keyconf) { 915 /* found empty */ 916 index = i; 917 break; 918 } 919 } 920 if (index < 0) { 921 b43err(dev->wl, "Out of hardware key memory\n"); 922 return -ENOSPC; 923 } 924 } else 925 B43_WARN_ON(index > 3); 926 927 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 928 if ((index <= 3) && !b43_new_kidx_api(dev)) { 929 /* Default RX key */ 930 B43_WARN_ON(mac_addr); 931 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 932 } 933 keyconf->hw_key_idx = index; 934 dev->key[index].keyconf = keyconf; 935 936 return 0; 937} 938 939static int b43_key_clear(struct b43_wldev *dev, int index) 940{ 941 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys))) 942 return -EINVAL; 943 do_key_write(dev, index, B43_SEC_ALGO_NONE, 944 NULL, B43_SEC_KEYSIZE, NULL); 945 if ((index <= 3) && !b43_new_kidx_api(dev)) { 946 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 947 NULL, B43_SEC_KEYSIZE, NULL); 948 } 949 dev->key[index].keyconf = NULL; 950 951 return 0; 952} 953 954static void b43_clear_keys(struct b43_wldev *dev) 955{ 956 int i; 957 958 for (i = 0; i < dev->max_nr_keys; i++) 959 b43_key_clear(dev, i); 960} 961 962void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 963{ 964 u32 macctl; 965 u16 ucstat; 966 bool hwps; 967 bool awake; 968 int i; 969 970 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 971 (ps_flags & B43_PS_DISABLED)); 972 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 973 974 if (ps_flags & B43_PS_ENABLED) { 975 hwps = 1; 976 } else if (ps_flags & B43_PS_DISABLED) { 977 hwps = 0; 978 } else { 979 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 980 // and thus is not an AP and we are associated, set bit 25 981 } 982 if (ps_flags & B43_PS_AWAKE) { 983 awake = 1; 984 } else if (ps_flags & B43_PS_ASLEEP) { 985 awake = 0; 986 } else { 987 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 988 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 989 // successful, set bit26 990 } 991 992/* FIXME: For now we force awake-on and hwps-off */ 993 hwps = 0; 994 awake = 1; 995 996 macctl = b43_read32(dev, B43_MMIO_MACCTL); 997 if (hwps) 998 macctl |= B43_MACCTL_HWPS; 999 else 1000 macctl &= ~B43_MACCTL_HWPS; 1001 if (awake) 1002 macctl |= B43_MACCTL_AWAKE; 1003 else 1004 macctl &= ~B43_MACCTL_AWAKE; 1005 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1006 /* Commit write */ 1007 b43_read32(dev, B43_MMIO_MACCTL); 1008 if (awake && dev->dev->id.revision >= 5) { 1009 /* Wait for the microcode to wake up. */ 1010 for (i = 0; i < 100; i++) { 1011 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1012 B43_SHM_SH_UCODESTAT); 1013 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1014 break; 1015 udelay(10); 1016 } 1017 } 1018} 1019 1020/* Turn the Analog ON/OFF */ 1021static void b43_switch_analog(struct b43_wldev *dev, int on) 1022{ 1023 switch (dev->phy.type) { 1024 case B43_PHYTYPE_A: 1025 case B43_PHYTYPE_G: 1026 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4); 1027 break; 1028 case B43_PHYTYPE_N: 1029 b43_phy_write(dev, B43_NPHY_AFECTL_OVER, 1030 on ? 0 : 0x7FFF); 1031 break; 1032 default: 1033 B43_WARN_ON(1); 1034 } 1035} 1036 1037void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1038{ 1039 u32 tmslow; 1040 u32 macctl; 1041 1042 flags |= B43_TMSLOW_PHYCLKEN; 1043 flags |= B43_TMSLOW_PHYRESET; 1044 ssb_device_enable(dev->dev, flags); 1045 msleep(2); /* Wait for the PLL to turn on. */ 1046 1047 /* Now take the PHY out of Reset again */ 1048 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1049 tmslow |= SSB_TMSLOW_FGC; 1050 tmslow &= ~B43_TMSLOW_PHYRESET; 1051 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1052 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1053 msleep(1); 1054 tmslow &= ~SSB_TMSLOW_FGC; 1055 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1056 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1057 msleep(1); 1058 1059 /* Turn Analog ON */ 1060 b43_switch_analog(dev, 1); 1061 1062 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1063 macctl &= ~B43_MACCTL_GMODE; 1064 if (flags & B43_TMSLOW_GMODE) 1065 macctl |= B43_MACCTL_GMODE; 1066 macctl |= B43_MACCTL_IHR_ENABLED; 1067 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1068} 1069 1070static void handle_irq_transmit_status(struct b43_wldev *dev) 1071{ 1072 u32 v0, v1; 1073 u16 tmp; 1074 struct b43_txstatus stat; 1075 1076 while (1) { 1077 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1078 if (!(v0 & 0x00000001)) 1079 break; 1080 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1081 1082 stat.cookie = (v0 >> 16); 1083 stat.seq = (v1 & 0x0000FFFF); 1084 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1085 tmp = (v0 & 0x0000FFFF); 1086 stat.frame_count = ((tmp & 0xF000) >> 12); 1087 stat.rts_count = ((tmp & 0x0F00) >> 8); 1088 stat.supp_reason = ((tmp & 0x001C) >> 2); 1089 stat.pm_indicated = !!(tmp & 0x0080); 1090 stat.intermediate = !!(tmp & 0x0040); 1091 stat.for_ampdu = !!(tmp & 0x0020); 1092 stat.acked = !!(tmp & 0x0002); 1093 1094 b43_handle_txstatus(dev, &stat); 1095 } 1096} 1097 1098static void drain_txstatus_queue(struct b43_wldev *dev) 1099{ 1100 u32 dummy; 1101 1102 if (dev->dev->id.revision < 5) 1103 return; 1104 /* Read all entries from the microcode TXstatus FIFO 1105 * and throw them away. 1106 */ 1107 while (1) { 1108 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1109 if (!(dummy & 0x00000001)) 1110 break; 1111 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1112 } 1113} 1114 1115static u32 b43_jssi_read(struct b43_wldev *dev) 1116{ 1117 u32 val = 0; 1118 1119 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1120 val <<= 16; 1121 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1122 1123 return val; 1124} 1125 1126static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1127{ 1128 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1129 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1130} 1131 1132static void b43_generate_noise_sample(struct b43_wldev *dev) 1133{ 1134 b43_jssi_write(dev, 0x7F7F7F7F); 1135 b43_write32(dev, B43_MMIO_MACCMD, 1136 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1137 B43_WARN_ON(dev->noisecalc.channel_at_start != dev->phy.channel); 1138} 1139 1140static void b43_calculate_link_quality(struct b43_wldev *dev) 1141{ 1142 /* Top half of Link Quality calculation. */ 1143 1144 if (dev->noisecalc.calculation_running) 1145 return; 1146 dev->noisecalc.channel_at_start = dev->phy.channel; 1147 dev->noisecalc.calculation_running = 1; 1148 dev->noisecalc.nr_samples = 0; 1149 1150 b43_generate_noise_sample(dev); 1151} 1152 1153static void handle_irq_noise(struct b43_wldev *dev) 1154{ 1155 struct b43_phy *phy = &dev->phy; 1156 u16 tmp; 1157 u8 noise[4]; 1158 u8 i, j; 1159 s32 average; 1160 1161 /* Bottom half of Link Quality calculation. */ 1162 1163 B43_WARN_ON(!dev->noisecalc.calculation_running); 1164 if (dev->noisecalc.channel_at_start != phy->channel) 1165 goto drop_calculation; 1166 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1167 if (noise[0] == 0x7F || noise[1] == 0x7F || 1168 noise[2] == 0x7F || noise[3] == 0x7F) 1169 goto generate_new; 1170 1171 /* Get the noise samples. */ 1172 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1173 i = dev->noisecalc.nr_samples; 1174 noise[0] = limit_value(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1175 noise[1] = limit_value(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1176 noise[2] = limit_value(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1177 noise[3] = limit_value(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1178 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1179 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1180 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1181 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1182 dev->noisecalc.nr_samples++; 1183 if (dev->noisecalc.nr_samples == 8) { 1184 /* Calculate the Link Quality by the noise samples. */ 1185 average = 0; 1186 for (i = 0; i < 8; i++) { 1187 for (j = 0; j < 4; j++) 1188 average += dev->noisecalc.samples[i][j]; 1189 } 1190 average /= (8 * 4); 1191 average *= 125; 1192 average += 64; 1193 average /= 128; 1194 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1195 tmp = (tmp / 128) & 0x1F; 1196 if (tmp >= 8) 1197 average += 2; 1198 else 1199 average -= 25; 1200 if (tmp == 8) 1201 average -= 72; 1202 else 1203 average -= 48; 1204 1205 dev->stats.link_noise = average; 1206 drop_calculation: 1207 dev->noisecalc.calculation_running = 0; 1208 return; 1209 } 1210 generate_new: 1211 b43_generate_noise_sample(dev); 1212} 1213 1214static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1215{ 1216 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) { 1217 ///TODO: PS TBTT 1218 } else { 1219 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1220 b43_power_saving_ctl_bits(dev, 0); 1221 } 1222 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) 1223 dev->dfq_valid = 1; 1224} 1225 1226static void handle_irq_atim_end(struct b43_wldev *dev) 1227{ 1228 if (dev->dfq_valid) { 1229 b43_write32(dev, B43_MMIO_MACCMD, 1230 b43_read32(dev, B43_MMIO_MACCMD) 1231 | B43_MACCMD_DFQ_VALID); 1232 dev->dfq_valid = 0; 1233 } 1234} 1235 1236static void handle_irq_pmq(struct b43_wldev *dev) 1237{ 1238 u32 tmp; 1239 1240 //TODO: AP mode. 1241 1242 while (1) { 1243 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1244 if (!(tmp & 0x00000008)) 1245 break; 1246 } 1247 /* 16bit write is odd, but correct. */ 1248 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1249} 1250 1251static void b43_write_template_common(struct b43_wldev *dev, 1252 const u8 * data, u16 size, 1253 u16 ram_offset, 1254 u16 shm_size_offset, u8 rate) 1255{ 1256 u32 i, tmp; 1257 struct b43_plcp_hdr4 plcp; 1258 1259 plcp.data = 0; 1260 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1261 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1262 ram_offset += sizeof(u32); 1263 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1264 * So leave the first two bytes of the next write blank. 1265 */ 1266 tmp = (u32) (data[0]) << 16; 1267 tmp |= (u32) (data[1]) << 24; 1268 b43_ram_write(dev, ram_offset, tmp); 1269 ram_offset += sizeof(u32); 1270 for (i = 2; i < size; i += sizeof(u32)) { 1271 tmp = (u32) (data[i + 0]); 1272 if (i + 1 < size) 1273 tmp |= (u32) (data[i + 1]) << 8; 1274 if (i + 2 < size) 1275 tmp |= (u32) (data[i + 2]) << 16; 1276 if (i + 3 < size) 1277 tmp |= (u32) (data[i + 3]) << 24; 1278 b43_ram_write(dev, ram_offset + i - 2, tmp); 1279 } 1280 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1281 size + sizeof(struct b43_plcp_hdr6)); 1282} 1283 1284static void b43_write_beacon_template(struct b43_wldev *dev, 1285 u16 ram_offset, 1286 u16 shm_size_offset, u8 rate) 1287{ 1288 unsigned int i, len, variable_len; 1289 const struct ieee80211_mgmt *bcn; 1290 const u8 *ie; 1291 bool tim_found = 0; 1292 1293 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1294 len = min((size_t) dev->wl->current_beacon->len, 1295 0x200 - sizeof(struct b43_plcp_hdr6)); 1296 1297 b43_write_template_common(dev, (const u8 *)bcn, 1298 len, ram_offset, shm_size_offset, rate); 1299 1300 /* Find the position of the TIM and the DTIM_period value 1301 * and write them to SHM. */ 1302 ie = bcn->u.beacon.variable; 1303 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1304 for (i = 0; i < variable_len - 2; ) { 1305 uint8_t ie_id, ie_len; 1306 1307 ie_id = ie[i]; 1308 ie_len = ie[i + 1]; 1309 if (ie_id == 5) { 1310 u16 tim_position; 1311 u16 dtim_period; 1312 /* This is the TIM Information Element */ 1313 1314 /* Check whether the ie_len is in the beacon data range. */ 1315 if (variable_len < ie_len + 2 + i) 1316 break; 1317 /* A valid TIM is at least 4 bytes long. */ 1318 if (ie_len < 4) 1319 break; 1320 tim_found = 1; 1321 1322 tim_position = sizeof(struct b43_plcp_hdr6); 1323 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1324 tim_position += i; 1325 1326 dtim_period = ie[i + 3]; 1327 1328 b43_shm_write16(dev, B43_SHM_SHARED, 1329 B43_SHM_SH_TIMBPOS, tim_position); 1330 b43_shm_write16(dev, B43_SHM_SHARED, 1331 B43_SHM_SH_DTIMPER, dtim_period); 1332 break; 1333 } 1334 i += ie_len + 2; 1335 } 1336 if (!tim_found) { 1337 b43warn(dev->wl, "Did not find a valid TIM IE in " 1338 "the beacon template packet. AP or IBSS operation " 1339 "may be broken.\n"); 1340 } else 1341 b43dbg(dev->wl, "Updated beacon template\n"); 1342} 1343 1344static void b43_write_probe_resp_plcp(struct b43_wldev *dev, 1345 u16 shm_offset, u16 size, 1346 struct ieee80211_rate *rate) 1347{ 1348 struct b43_plcp_hdr4 plcp; 1349 u32 tmp; 1350 __le16 dur; 1351 1352 plcp.data = 0; 1353 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value); 1354 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1355 dev->wl->vif, size, 1356 rate); 1357 /* Write PLCP in two parts and timing for packet transfer */ 1358 tmp = le32_to_cpu(plcp.data); 1359 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF); 1360 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16); 1361 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur)); 1362} 1363 1364/* Instead of using custom probe response template, this function 1365 * just patches custom beacon template by: 1366 * 1) Changing packet type 1367 * 2) Patching duration field 1368 * 3) Stripping TIM 1369 */ 1370static const u8 * b43_generate_probe_resp(struct b43_wldev *dev, 1371 u16 *dest_size, 1372 struct ieee80211_rate *rate) 1373{ 1374 const u8 *src_data; 1375 u8 *dest_data; 1376 u16 src_size, elem_size, src_pos, dest_pos; 1377 __le16 dur; 1378 struct ieee80211_hdr *hdr; 1379 size_t ie_start; 1380 1381 src_size = dev->wl->current_beacon->len; 1382 src_data = (const u8 *)dev->wl->current_beacon->data; 1383 1384 /* Get the start offset of the variable IEs in the packet. */ 1385 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable); 1386 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable)); 1387 1388 if (B43_WARN_ON(src_size < ie_start)) 1389 return NULL; 1390 1391 dest_data = kmalloc(src_size, GFP_ATOMIC); 1392 if (unlikely(!dest_data)) 1393 return NULL; 1394 1395 /* Copy the static data and all Information Elements, except the TIM. */ 1396 memcpy(dest_data, src_data, ie_start); 1397 src_pos = ie_start; 1398 dest_pos = ie_start; 1399 for ( ; src_pos < src_size - 2; src_pos += elem_size) { 1400 elem_size = src_data[src_pos + 1] + 2; 1401 if (src_data[src_pos] == 5) { 1402 /* This is the TIM. */ 1403 continue; 1404 } 1405 memcpy(dest_data + dest_pos, src_data + src_pos, 1406 elem_size); 1407 dest_pos += elem_size; 1408 } 1409 *dest_size = dest_pos; 1410 hdr = (struct ieee80211_hdr *)dest_data; 1411 1412 /* Set the frame control. */ 1413 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 1414 IEEE80211_STYPE_PROBE_RESP); 1415 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1416 dev->wl->vif, *dest_size, 1417 rate); 1418 hdr->duration_id = dur; 1419 1420 return dest_data; 1421} 1422 1423static void b43_write_probe_resp_template(struct b43_wldev *dev, 1424 u16 ram_offset, 1425 u16 shm_size_offset, 1426 struct ieee80211_rate *rate) 1427{ 1428 const u8 *probe_resp_data; 1429 u16 size; 1430 1431 size = dev->wl->current_beacon->len; 1432 probe_resp_data = b43_generate_probe_resp(dev, &size, rate); 1433 if (unlikely(!probe_resp_data)) 1434 return; 1435 1436 /* Looks like PLCP headers plus packet timings are stored for 1437 * all possible basic rates 1438 */ 1439 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]); 1440 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]); 1441 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]); 1442 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]); 1443 1444 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6)); 1445 b43_write_template_common(dev, probe_resp_data, 1446 size, ram_offset, shm_size_offset, 1447 rate->hw_value); 1448 kfree(probe_resp_data); 1449} 1450 1451static void handle_irq_beacon(struct b43_wldev *dev) 1452{ 1453 struct b43_wl *wl = dev->wl; 1454 u32 cmd, beacon0_valid, beacon1_valid; 1455 1456 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 1457 return; 1458 1459 /* This is the bottom half of the asynchronous beacon update. */ 1460 1461 /* Ignore interrupt in the future. */ 1462 dev->irq_savedstate &= ~B43_IRQ_BEACON; 1463 1464 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1465 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1466 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1467 1468 /* Schedule interrupt manually, if busy. */ 1469 if (beacon0_valid && beacon1_valid) { 1470 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1471 dev->irq_savedstate |= B43_IRQ_BEACON; 1472 return; 1473 } 1474 1475 if (!beacon0_valid) { 1476 if (!wl->beacon0_uploaded) { 1477 b43_write_beacon_template(dev, 0x68, 0x18, 1478 B43_CCK_RATE_1MB); 1479 b43_write_probe_resp_template(dev, 0x268, 0x4A, 1480 &__b43_ratetable[3]); 1481 wl->beacon0_uploaded = 1; 1482 } 1483 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1484 cmd |= B43_MACCMD_BEACON0_VALID; 1485 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1486 } else if (!beacon1_valid) { 1487 if (!wl->beacon1_uploaded) { 1488 b43_write_beacon_template(dev, 0x468, 0x1A, 1489 B43_CCK_RATE_1MB); 1490 wl->beacon1_uploaded = 1; 1491 } 1492 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1493 cmd |= B43_MACCMD_BEACON1_VALID; 1494 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1495 } 1496} 1497 1498static void b43_beacon_update_trigger_work(struct work_struct *work) 1499{ 1500 struct b43_wl *wl = container_of(work, struct b43_wl, 1501 beacon_update_trigger); 1502 struct b43_wldev *dev; 1503 1504 mutex_lock(&wl->mutex); 1505 dev = wl->current_dev; 1506 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1507 spin_lock_irq(&wl->irq_lock); 1508 /* update beacon right away or defer to irq */ 1509 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1510 handle_irq_beacon(dev); 1511 /* The handler might have updated the IRQ mask. */ 1512 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 1513 dev->irq_savedstate); 1514 mmiowb(); 1515 spin_unlock_irq(&wl->irq_lock); 1516 } 1517 mutex_unlock(&wl->mutex); 1518} 1519 1520/* Asynchronously update the packet templates in template RAM. 1521 * Locking: Requires wl->irq_lock to be locked. */ 1522static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon) 1523{ 1524 /* This is the top half of the ansynchronous beacon update. 1525 * The bottom half is the beacon IRQ. 1526 * Beacon update must be asynchronous to avoid sending an 1527 * invalid beacon. This can happen for example, if the firmware 1528 * transmits a beacon while we are updating it. */ 1529 1530 if (wl->current_beacon) 1531 dev_kfree_skb_any(wl->current_beacon); 1532 wl->current_beacon = beacon; 1533 wl->beacon0_uploaded = 0; 1534 wl->beacon1_uploaded = 0; 1535 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger); 1536} 1537 1538static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len) 1539{ 1540 u32 tmp; 1541 u16 i, len; 1542 1543 len = min((u16) ssid_len, (u16) 0x100); 1544 for (i = 0; i < len; i += sizeof(u32)) { 1545 tmp = (u32) (ssid[i + 0]); 1546 if (i + 1 < len) 1547 tmp |= (u32) (ssid[i + 1]) << 8; 1548 if (i + 2 < len) 1549 tmp |= (u32) (ssid[i + 2]) << 16; 1550 if (i + 3 < len) 1551 tmp |= (u32) (ssid[i + 3]) << 24; 1552 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp); 1553 } 1554 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len); 1555} 1556 1557static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1558{ 1559 b43_time_lock(dev); 1560 if (dev->dev->id.revision >= 3) { 1561 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1562 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1563 } else { 1564 b43_write16(dev, 0x606, (beacon_int >> 6)); 1565 b43_write16(dev, 0x610, beacon_int); 1566 } 1567 b43_time_unlock(dev); 1568 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1569} 1570 1571static void handle_irq_ucode_debug(struct b43_wldev *dev) 1572{ 1573 //TODO 1574} 1575 1576/* Interrupt handler bottom-half */ 1577static void b43_interrupt_tasklet(struct b43_wldev *dev) 1578{ 1579 u32 reason; 1580 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1581 u32 merged_dma_reason = 0; 1582 int i; 1583 unsigned long flags; 1584 1585 spin_lock_irqsave(&dev->wl->irq_lock, flags); 1586 1587 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED); 1588 1589 reason = dev->irq_reason; 1590 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1591 dma_reason[i] = dev->dma_reason[i]; 1592 merged_dma_reason |= dma_reason[i]; 1593 } 1594 1595 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1596 b43err(dev->wl, "MAC transmission error\n"); 1597 1598 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1599 b43err(dev->wl, "PHY transmission error\n"); 1600 rmb(); 1601 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1602 atomic_set(&dev->phy.txerr_cnt, 1603 B43_PHY_TX_BADNESS_LIMIT); 1604 b43err(dev->wl, "Too many PHY TX errors, " 1605 "restarting the controller\n"); 1606 b43_controller_restart(dev, "PHY TX errors"); 1607 } 1608 } 1609 1610 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1611 B43_DMAIRQ_NONFATALMASK))) { 1612 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1613 b43err(dev->wl, "Fatal DMA error: " 1614 "0x%08X, 0x%08X, 0x%08X, " 1615 "0x%08X, 0x%08X, 0x%08X\n", 1616 dma_reason[0], dma_reason[1], 1617 dma_reason[2], dma_reason[3], 1618 dma_reason[4], dma_reason[5]); 1619 b43_controller_restart(dev, "DMA error"); 1620 mmiowb(); 1621 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1622 return; 1623 } 1624 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1625 b43err(dev->wl, "DMA error: " 1626 "0x%08X, 0x%08X, 0x%08X, " 1627 "0x%08X, 0x%08X, 0x%08X\n", 1628 dma_reason[0], dma_reason[1], 1629 dma_reason[2], dma_reason[3], 1630 dma_reason[4], dma_reason[5]); 1631 } 1632 } 1633 1634 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1635 handle_irq_ucode_debug(dev); 1636 if (reason & B43_IRQ_TBTT_INDI) 1637 handle_irq_tbtt_indication(dev); 1638 if (reason & B43_IRQ_ATIM_END) 1639 handle_irq_atim_end(dev); 1640 if (reason & B43_IRQ_BEACON) 1641 handle_irq_beacon(dev); 1642 if (reason & B43_IRQ_PMQ) 1643 handle_irq_pmq(dev); 1644 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1645 ;/* TODO */ 1646 if (reason & B43_IRQ_NOISESAMPLE_OK) 1647 handle_irq_noise(dev); 1648 1649 /* Check the DMA reason registers for received data. */ 1650 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1651 if (b43_using_pio_transfers(dev)) 1652 b43_pio_rx(dev->pio.rx_queue); 1653 else 1654 b43_dma_rx(dev->dma.rx_ring); 1655 } 1656 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1657 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1658 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1659 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1660 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1661 1662 if (reason & B43_IRQ_TX_OK) 1663 handle_irq_transmit_status(dev); 1664 1665 b43_interrupt_enable(dev, dev->irq_savedstate); 1666 mmiowb(); 1667 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1668} 1669 1670static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason) 1671{ 1672 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1673 1674 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1675 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1676 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1677 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1678 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1679 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1680} 1681 1682/* Interrupt handler top-half */ 1683static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1684{ 1685 irqreturn_t ret = IRQ_NONE; 1686 struct b43_wldev *dev = dev_id; 1687 u32 reason; 1688 1689 if (!dev) 1690 return IRQ_NONE; 1691 1692 spin_lock(&dev->wl->irq_lock); 1693 1694 if (b43_status(dev) < B43_STAT_STARTED) 1695 goto out; 1696 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1697 if (reason == 0xffffffff) /* shared IRQ */ 1698 goto out; 1699 ret = IRQ_HANDLED; 1700 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1701 if (!reason) 1702 goto out; 1703 1704 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1705 & 0x0001DC00; 1706 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1707 & 0x0000DC00; 1708 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1709 & 0x0000DC00; 1710 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1711 & 0x0001DC00; 1712 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1713 & 0x0000DC00; 1714 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1715 & 0x0000DC00; 1716 1717 b43_interrupt_ack(dev, reason); 1718 /* disable all IRQs. They are enabled again in the bottom half. */ 1719 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 1720 /* save the reason code and call our bottom half. */ 1721 dev->irq_reason = reason; 1722 tasklet_schedule(&dev->isr_tasklet); 1723 out: 1724 mmiowb(); 1725 spin_unlock(&dev->wl->irq_lock); 1726 1727 return ret; 1728} 1729 1730static void do_release_fw(struct b43_firmware_file *fw) 1731{ 1732 release_firmware(fw->data); 1733 fw->data = NULL; 1734 fw->filename = NULL; 1735} 1736 1737static void b43_release_firmware(struct b43_wldev *dev) 1738{ 1739 do_release_fw(&dev->fw.ucode); 1740 do_release_fw(&dev->fw.pcm); 1741 do_release_fw(&dev->fw.initvals); 1742 do_release_fw(&dev->fw.initvals_band); 1743} 1744 1745static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1746{ 1747 const char *text; 1748 1749 text = "You must go to " 1750 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware " 1751 "and download the latest firmware (version 4).\n"; 1752 if (error) 1753 b43err(wl, text); 1754 else 1755 b43warn(wl, text); 1756} 1757 1758static int do_request_fw(struct b43_wldev *dev, 1759 const char *name, 1760 struct b43_firmware_file *fw) 1761{ 1762 char path[sizeof(modparam_fwpostfix) + 32]; 1763 const struct firmware *blob; 1764 struct b43_fw_header *hdr; 1765 u32 size; 1766 int err; 1767 1768 if (!name) { 1769 /* Don't fetch anything. Free possibly cached firmware. */ 1770 do_release_fw(fw); 1771 return 0; 1772 } 1773 if (fw->filename) { 1774 if (strcmp(fw->filename, name) == 0) 1775 return 0; /* Already have this fw. */ 1776 /* Free the cached firmware first. */ 1777 do_release_fw(fw); 1778 } 1779 1780 snprintf(path, ARRAY_SIZE(path), 1781 "b43%s/%s.fw", 1782 modparam_fwpostfix, name); 1783 err = request_firmware(&blob, path, dev->dev->dev); 1784 if (err) { 1785 b43err(dev->wl, "Firmware file \"%s\" not found " 1786 "or load failed.\n", path); 1787 return err; 1788 } 1789 if (blob->size < sizeof(struct b43_fw_header)) 1790 goto err_format; 1791 hdr = (struct b43_fw_header *)(blob->data); 1792 switch (hdr->type) { 1793 case B43_FW_TYPE_UCODE: 1794 case B43_FW_TYPE_PCM: 1795 size = be32_to_cpu(hdr->size); 1796 if (size != blob->size - sizeof(struct b43_fw_header)) 1797 goto err_format; 1798 /* fallthrough */ 1799 case B43_FW_TYPE_IV: 1800 if (hdr->ver != 1) 1801 goto err_format; 1802 break; 1803 default: 1804 goto err_format; 1805 } 1806 1807 fw->data = blob; 1808 fw->filename = name; 1809 1810 return 0; 1811 1812err_format: 1813 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path); 1814 release_firmware(blob); 1815 1816 return -EPROTO; 1817} 1818 1819static int b43_request_firmware(struct b43_wldev *dev) 1820{ 1821 struct b43_firmware *fw = &dev->fw; 1822 const u8 rev = dev->dev->id.revision; 1823 const char *filename; 1824 u32 tmshigh; 1825 int err; 1826 1827 /* Get microcode */ 1828 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 1829 if ((rev >= 5) && (rev <= 10)) 1830 filename = "ucode5"; 1831 else if ((rev >= 11) && (rev <= 12)) 1832 filename = "ucode11"; 1833 else if (rev >= 13) 1834 filename = "ucode13"; 1835 else 1836 goto err_no_ucode; 1837 err = do_request_fw(dev, filename, &fw->ucode); 1838 if (err) 1839 goto err_load; 1840 1841 /* Get PCM code */ 1842 if ((rev >= 5) && (rev <= 10)) 1843 filename = "pcm5"; 1844 else if (rev >= 11) 1845 filename = NULL; 1846 else 1847 goto err_no_pcm; 1848 err = do_request_fw(dev, filename, &fw->pcm); 1849 if (err) 1850 goto err_load; 1851 1852 /* Get initvals */ 1853 switch (dev->phy.type) { 1854 case B43_PHYTYPE_A: 1855 if ((rev >= 5) && (rev <= 10)) { 1856 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1857 filename = "a0g1initvals5"; 1858 else 1859 filename = "a0g0initvals5"; 1860 } else 1861 goto err_no_initvals; 1862 break; 1863 case B43_PHYTYPE_G: 1864 if ((rev >= 5) && (rev <= 10)) 1865 filename = "b0g0initvals5"; 1866 else if (rev >= 13) 1867 filename = "lp0initvals13"; 1868 else 1869 goto err_no_initvals; 1870 break; 1871 case B43_PHYTYPE_N: 1872 if ((rev >= 11) && (rev <= 12)) 1873 filename = "n0initvals11"; 1874 else 1875 goto err_no_initvals; 1876 break; 1877 default: 1878 goto err_no_initvals; 1879 } 1880 err = do_request_fw(dev, filename, &fw->initvals); 1881 if (err) 1882 goto err_load; 1883 1884 /* Get bandswitch initvals */ 1885 switch (dev->phy.type) { 1886 case B43_PHYTYPE_A: 1887 if ((rev >= 5) && (rev <= 10)) { 1888 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1889 filename = "a0g1bsinitvals5"; 1890 else 1891 filename = "a0g0bsinitvals5"; 1892 } else if (rev >= 11) 1893 filename = NULL; 1894 else 1895 goto err_no_initvals; 1896 break; 1897 case B43_PHYTYPE_G: 1898 if ((rev >= 5) && (rev <= 10)) 1899 filename = "b0g0bsinitvals5"; 1900 else if (rev >= 11) 1901 filename = NULL; 1902 else 1903 goto err_no_initvals; 1904 break; 1905 case B43_PHYTYPE_N: 1906 if ((rev >= 11) && (rev <= 12)) 1907 filename = "n0bsinitvals11"; 1908 else 1909 goto err_no_initvals; 1910 break; 1911 default: 1912 goto err_no_initvals; 1913 } 1914 err = do_request_fw(dev, filename, &fw->initvals_band); 1915 if (err) 1916 goto err_load; 1917 1918 return 0; 1919 1920err_load: 1921 b43_print_fw_helptext(dev->wl, 1); 1922 goto error; 1923 1924err_no_ucode: 1925 err = -ENODEV; 1926 b43err(dev->wl, "No microcode available for core rev %u\n", rev); 1927 goto error; 1928 1929err_no_pcm: 1930 err = -ENODEV; 1931 b43err(dev->wl, "No PCM available for core rev %u\n", rev); 1932 goto error; 1933 1934err_no_initvals: 1935 err = -ENODEV; 1936 b43err(dev->wl, "No Initial Values firmware file for PHY %u, " 1937 "core rev %u\n", dev->phy.type, rev); 1938 goto error; 1939 1940error: 1941 b43_release_firmware(dev); 1942 return err; 1943} 1944 1945static int b43_upload_microcode(struct b43_wldev *dev) 1946{ 1947 const size_t hdr_len = sizeof(struct b43_fw_header); 1948 const __be32 *data; 1949 unsigned int i, len; 1950 u16 fwrev, fwpatch, fwdate, fwtime; 1951 u32 tmp, macctl; 1952 int err = 0; 1953 1954 /* Jump the microcode PSM to offset 0 */ 1955 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1956 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 1957 macctl |= B43_MACCTL_PSM_JMP0; 1958 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1959 /* Zero out all microcode PSM registers and shared memory. */ 1960 for (i = 0; i < 64; i++) 1961 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 1962 for (i = 0; i < 4096; i += 2) 1963 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 1964 1965 /* Upload Microcode. */ 1966 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 1967 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 1968 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 1969 for (i = 0; i < len; i++) { 1970 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 1971 udelay(10); 1972 } 1973 1974 if (dev->fw.pcm.data) { 1975 /* Upload PCM data. */ 1976 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 1977 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 1978 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 1979 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 1980 /* No need for autoinc bit in SHM_HW */ 1981 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 1982 for (i = 0; i < len; i++) { 1983 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 1984 udelay(10); 1985 } 1986 } 1987 1988 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 1989 1990 /* Start the microcode PSM */ 1991 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1992 macctl &= ~B43_MACCTL_PSM_JMP0; 1993 macctl |= B43_MACCTL_PSM_RUN; 1994 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1995 1996 /* Wait for the microcode to load and respond */ 1997 i = 0; 1998 while (1) { 1999 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2000 if (tmp == B43_IRQ_MAC_SUSPENDED) 2001 break; 2002 i++; 2003 if (i >= 20) { 2004 b43err(dev->wl, "Microcode not responding\n"); 2005 b43_print_fw_helptext(dev->wl, 1); 2006 err = -ENODEV; 2007 goto error; 2008 } 2009 msleep_interruptible(50); 2010 if (signal_pending(current)) { 2011 err = -EINTR; 2012 goto error; 2013 } 2014 } 2015 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2016 2017 /* Get and check the revisions. */ 2018 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2019 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2020 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2021 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2022 2023 if (fwrev <= 0x128) { 2024 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2025 "binary drivers older than version 4.x is unsupported. " 2026 "You must upgrade your firmware files.\n"); 2027 b43_print_fw_helptext(dev->wl, 1); 2028 err = -EOPNOTSUPP; 2029 goto error; 2030 } 2031 b43info(dev->wl, "Loading firmware version %u.%u " 2032 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2033 fwrev, fwpatch, 2034 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2035 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2036 2037 dev->fw.rev = fwrev; 2038 dev->fw.patch = fwpatch; 2039 2040 if (b43_is_old_txhdr_format(dev)) { 2041 b43warn(dev->wl, "You are using an old firmware image. " 2042 "Support for old firmware will be removed in July 2008.\n"); 2043 b43_print_fw_helptext(dev->wl, 0); 2044 } 2045 2046 return 0; 2047 2048error: 2049 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2050 macctl &= ~B43_MACCTL_PSM_RUN; 2051 macctl |= B43_MACCTL_PSM_JMP0; 2052 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2053 2054 return err; 2055} 2056 2057static int b43_write_initvals(struct b43_wldev *dev, 2058 const struct b43_iv *ivals, 2059 size_t count, 2060 size_t array_size) 2061{ 2062 const struct b43_iv *iv; 2063 u16 offset; 2064 size_t i; 2065 bool bit32; 2066 2067 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2068 iv = ivals; 2069 for (i = 0; i < count; i++) { 2070 if (array_size < sizeof(iv->offset_size)) 2071 goto err_format; 2072 array_size -= sizeof(iv->offset_size); 2073 offset = be16_to_cpu(iv->offset_size); 2074 bit32 = !!(offset & B43_IV_32BIT); 2075 offset &= B43_IV_OFFSET_MASK; 2076 if (offset >= 0x1000) 2077 goto err_format; 2078 if (bit32) { 2079 u32 value; 2080 2081 if (array_size < sizeof(iv->data.d32)) 2082 goto err_format; 2083 array_size -= sizeof(iv->data.d32); 2084 2085 value = be32_to_cpu(get_unaligned(&iv->data.d32)); 2086 b43_write32(dev, offset, value); 2087 2088 iv = (const struct b43_iv *)((const uint8_t *)iv + 2089 sizeof(__be16) + 2090 sizeof(__be32)); 2091 } else { 2092 u16 value; 2093 2094 if (array_size < sizeof(iv->data.d16)) 2095 goto err_format; 2096 array_size -= sizeof(iv->data.d16); 2097 2098 value = be16_to_cpu(iv->data.d16); 2099 b43_write16(dev, offset, value); 2100 2101 iv = (const struct b43_iv *)((const uint8_t *)iv + 2102 sizeof(__be16) + 2103 sizeof(__be16)); 2104 } 2105 } 2106 if (array_size) 2107 goto err_format; 2108 2109 return 0; 2110 2111err_format: 2112 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2113 b43_print_fw_helptext(dev->wl, 1); 2114 2115 return -EPROTO; 2116} 2117 2118static int b43_upload_initvals(struct b43_wldev *dev) 2119{ 2120 const size_t hdr_len = sizeof(struct b43_fw_header); 2121 const struct b43_fw_header *hdr; 2122 struct b43_firmware *fw = &dev->fw; 2123 const struct b43_iv *ivals; 2124 size_t count; 2125 int err; 2126 2127 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2128 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2129 count = be32_to_cpu(hdr->size); 2130 err = b43_write_initvals(dev, ivals, count, 2131 fw->initvals.data->size - hdr_len); 2132 if (err) 2133 goto out; 2134 if (fw->initvals_band.data) { 2135 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2136 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2137 count = be32_to_cpu(hdr->size); 2138 err = b43_write_initvals(dev, ivals, count, 2139 fw->initvals_band.data->size - hdr_len); 2140 if (err) 2141 goto out; 2142 } 2143out: 2144 2145 return err; 2146} 2147 2148/* Initialize the GPIOs 2149 * http://bcm-specs.sipsolutions.net/GPIO 2150 */ 2151static int b43_gpio_init(struct b43_wldev *dev) 2152{ 2153 struct ssb_bus *bus = dev->dev->bus; 2154 struct ssb_device *gpiodev, *pcidev = NULL; 2155 u32 mask, set; 2156 2157 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2158 & ~B43_MACCTL_GPOUTSMSK); 2159 2160 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2161 | 0x000F); 2162 2163 mask = 0x0000001F; 2164 set = 0x0000000F; 2165 if (dev->dev->bus->chip_id == 0x4301) { 2166 mask |= 0x0060; 2167 set |= 0x0060; 2168 } 2169 if (0 /* FIXME: conditional unknown */ ) { 2170 b43_write16(dev, B43_MMIO_GPIO_MASK, 2171 b43_read16(dev, B43_MMIO_GPIO_MASK) 2172 | 0x0100); 2173 mask |= 0x0180; 2174 set |= 0x0180; 2175 } 2176 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2177 b43_write16(dev, B43_MMIO_GPIO_MASK, 2178 b43_read16(dev, B43_MMIO_GPIO_MASK) 2179 | 0x0200); 2180 mask |= 0x0200; 2181 set |= 0x0200; 2182 } 2183 if (dev->dev->id.revision >= 2) 2184 mask |= 0x0010; /* FIXME: This is redundant. */ 2185 2186#ifdef CONFIG_SSB_DRIVER_PCICORE 2187 pcidev = bus->pcicore.dev; 2188#endif 2189 gpiodev = bus->chipco.dev ? : pcidev; 2190 if (!gpiodev) 2191 return 0; 2192 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2193 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2194 & mask) | set); 2195 2196 return 0; 2197} 2198 2199/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2200static void b43_gpio_cleanup(struct b43_wldev *dev) 2201{ 2202 struct ssb_bus *bus = dev->dev->bus; 2203 struct ssb_device *gpiodev, *pcidev = NULL; 2204 2205#ifdef CONFIG_SSB_DRIVER_PCICORE 2206 pcidev = bus->pcicore.dev; 2207#endif 2208 gpiodev = bus->chipco.dev ? : pcidev; 2209 if (!gpiodev) 2210 return; 2211 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2212} 2213 2214/* http://bcm-specs.sipsolutions.net/EnableMac */ 2215static void b43_mac_enable(struct b43_wldev *dev) 2216{ 2217 dev->mac_suspended--; 2218 B43_WARN_ON(dev->mac_suspended < 0); 2219 if (dev->mac_suspended == 0) { 2220 b43_write32(dev, B43_MMIO_MACCTL, 2221 b43_read32(dev, B43_MMIO_MACCTL) 2222 | B43_MACCTL_ENABLED); 2223 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2224 B43_IRQ_MAC_SUSPENDED); 2225 /* Commit writes */ 2226 b43_read32(dev, B43_MMIO_MACCTL); 2227 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2228 b43_power_saving_ctl_bits(dev, 0); 2229 2230 /* Re-enable IRQs. */ 2231 spin_lock_irq(&dev->wl->irq_lock); 2232 b43_interrupt_enable(dev, dev->irq_savedstate); 2233 spin_unlock_irq(&dev->wl->irq_lock); 2234 } 2235} 2236 2237/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2238static void b43_mac_suspend(struct b43_wldev *dev) 2239{ 2240 int i; 2241 u32 tmp; 2242 2243 might_sleep(); 2244 B43_WARN_ON(dev->mac_suspended < 0); 2245 2246 if (dev->mac_suspended == 0) { 2247 /* Mask IRQs before suspending MAC. Otherwise 2248 * the MAC stays busy and won't suspend. */ 2249 spin_lock_irq(&dev->wl->irq_lock); 2250 tmp = b43_interrupt_disable(dev, B43_IRQ_ALL); 2251 spin_unlock_irq(&dev->wl->irq_lock); 2252 b43_synchronize_irq(dev); 2253 dev->irq_savedstate = tmp; 2254 2255 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2256 b43_write32(dev, B43_MMIO_MACCTL, 2257 b43_read32(dev, B43_MMIO_MACCTL) 2258 & ~B43_MACCTL_ENABLED); 2259 /* force pci to flush the write */ 2260 b43_read32(dev, B43_MMIO_MACCTL); 2261 for (i = 40; i; i--) { 2262 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2263 if (tmp & B43_IRQ_MAC_SUSPENDED) 2264 goto out; 2265 msleep(1); 2266 } 2267 b43err(dev->wl, "MAC suspend failed\n"); 2268 } 2269out: 2270 dev->mac_suspended++; 2271} 2272 2273static void b43_adjust_opmode(struct b43_wldev *dev) 2274{ 2275 struct b43_wl *wl = dev->wl; 2276 u32 ctl; 2277 u16 cfp_pretbtt; 2278 2279 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2280 /* Reset status to STA infrastructure mode. */ 2281 ctl &= ~B43_MACCTL_AP; 2282 ctl &= ~B43_MACCTL_KEEP_CTL; 2283 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2284 ctl &= ~B43_MACCTL_KEEP_BAD; 2285 ctl &= ~B43_MACCTL_PROMISC; 2286 ctl &= ~B43_MACCTL_BEACPROMISC; 2287 ctl |= B43_MACCTL_INFRA; 2288 2289 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 2290 ctl |= B43_MACCTL_AP; 2291 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS)) 2292 ctl &= ~B43_MACCTL_INFRA; 2293 2294 if (wl->filter_flags & FIF_CONTROL) 2295 ctl |= B43_MACCTL_KEEP_CTL; 2296 if (wl->filter_flags & FIF_FCSFAIL) 2297 ctl |= B43_MACCTL_KEEP_BAD; 2298 if (wl->filter_flags & FIF_PLCPFAIL) 2299 ctl |= B43_MACCTL_KEEP_BADPLCP; 2300 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2301 ctl |= B43_MACCTL_PROMISC; 2302 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2303 ctl |= B43_MACCTL_BEACPROMISC; 2304 2305 /* Workaround: On old hardware the HW-MAC-address-filter 2306 * doesn't work properly, so always run promisc in filter 2307 * it in software. */ 2308 if (dev->dev->id.revision <= 4) 2309 ctl |= B43_MACCTL_PROMISC; 2310 2311 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2312 2313 cfp_pretbtt = 2; 2314 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2315 if (dev->dev->bus->chip_id == 0x4306 && 2316 dev->dev->bus->chip_rev == 3) 2317 cfp_pretbtt = 100; 2318 else 2319 cfp_pretbtt = 50; 2320 } 2321 b43_write16(dev, 0x612, cfp_pretbtt); 2322} 2323 2324static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2325{ 2326 u16 offset; 2327 2328 if (is_ofdm) { 2329 offset = 0x480; 2330 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2331 } else { 2332 offset = 0x4C0; 2333 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2334 } 2335 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2336 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2337} 2338 2339static void b43_rate_memory_init(struct b43_wldev *dev) 2340{ 2341 switch (dev->phy.type) { 2342 case B43_PHYTYPE_A: 2343 case B43_PHYTYPE_G: 2344 case B43_PHYTYPE_N: 2345 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2346 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2347 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2348 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2349 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2350 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2351 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2352 if (dev->phy.type == B43_PHYTYPE_A) 2353 break; 2354 /* fallthrough */ 2355 case B43_PHYTYPE_B: 2356 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2357 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2358 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2359 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2360 break; 2361 default: 2362 B43_WARN_ON(1); 2363 } 2364} 2365 2366/* Set the TX-Antenna for management frames sent by firmware. */ 2367static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2368{ 2369 u16 ant = 0; 2370 u16 tmp; 2371 2372 switch (antenna) { 2373 case B43_ANTENNA0: 2374 ant |= B43_TXH_PHY_ANT0; 2375 break; 2376 case B43_ANTENNA1: 2377 ant |= B43_TXH_PHY_ANT1; 2378 break; 2379 case B43_ANTENNA2: 2380 ant |= B43_TXH_PHY_ANT2; 2381 break; 2382 case B43_ANTENNA3: 2383 ant |= B43_TXH_PHY_ANT3; 2384 break; 2385 case B43_ANTENNA_AUTO: 2386 ant |= B43_TXH_PHY_ANT01AUTO; 2387 break; 2388 default: 2389 B43_WARN_ON(1); 2390 } 2391 2392 /* FIXME We also need to set the other flags of the PHY control field somewhere. */ 2393 2394 /* For Beacons */ 2395 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 2396 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2397 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, tmp); 2398 /* For ACK/CTS */ 2399 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2400 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2401 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2402 /* For Probe Resposes */ 2403 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2404 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2405 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2406} 2407 2408/* This is the opposite of b43_chip_init() */ 2409static void b43_chip_exit(struct b43_wldev *dev) 2410{ 2411 b43_radio_turn_off(dev, 1); 2412 b43_gpio_cleanup(dev); 2413 /* firmware is released later */ 2414} 2415 2416/* Initialize the chip 2417 * http://bcm-specs.sipsolutions.net/ChipInit 2418 */ 2419static int b43_chip_init(struct b43_wldev *dev) 2420{ 2421 struct b43_phy *phy = &dev->phy; 2422 int err, tmp; 2423 u32 value32, macctl; 2424 u16 value16; 2425 2426 /* Initialize the MAC control */ 2427 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2428 if (dev->phy.gmode) 2429 macctl |= B43_MACCTL_GMODE; 2430 macctl |= B43_MACCTL_INFRA; 2431 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2432 2433 err = b43_request_firmware(dev); 2434 if (err) 2435 goto out; 2436 err = b43_upload_microcode(dev); 2437 if (err) 2438 goto out; /* firmware is released later */ 2439 2440 err = b43_gpio_init(dev); 2441 if (err) 2442 goto out; /* firmware is released later */ 2443 2444 err = b43_upload_initvals(dev); 2445 if (err) 2446 goto err_gpio_clean; 2447 b43_radio_turn_on(dev); 2448 2449 b43_write16(dev, 0x03E6, 0x0000); 2450 err = b43_phy_init(dev); 2451 if (err) 2452 goto err_radio_off; 2453 2454 /* Select initial Interference Mitigation. */ 2455 tmp = phy->interfmode; 2456 phy->interfmode = B43_INTERFMODE_NONE; 2457 b43_radio_set_interference_mitigation(dev, tmp); 2458 2459 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2460 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2461 2462 if (phy->type == B43_PHYTYPE_B) { 2463 value16 = b43_read16(dev, 0x005E); 2464 value16 |= 0x0004; 2465 b43_write16(dev, 0x005E, value16); 2466 } 2467 b43_write32(dev, 0x0100, 0x01000000); 2468 if (dev->dev->id.revision < 5) 2469 b43_write32(dev, 0x010C, 0x01000000); 2470 2471 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2472 & ~B43_MACCTL_INFRA); 2473 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2474 | B43_MACCTL_INFRA); 2475 2476 /* Probe Response Timeout value */ 2477 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2478 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2479 2480 /* Initially set the wireless operation mode. */ 2481 b43_adjust_opmode(dev); 2482 2483 if (dev->dev->id.revision < 3) { 2484 b43_write16(dev, 0x060E, 0x0000); 2485 b43_write16(dev, 0x0610, 0x8000); 2486 b43_write16(dev, 0x0604, 0x0000); 2487 b43_write16(dev, 0x0606, 0x0200); 2488 } else { 2489 b43_write32(dev, 0x0188, 0x80000000); 2490 b43_write32(dev, 0x018C, 0x02000000); 2491 } 2492 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2493 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2494 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2495 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2496 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2497 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2498 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2499 2500 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2501 value32 |= 0x00100000; 2502 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2503 2504 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2505 dev->dev->bus->chipco.fast_pwrup_delay); 2506 2507 err = 0; 2508 b43dbg(dev->wl, "Chip initialized\n"); 2509out: 2510 return err; 2511 2512err_radio_off: 2513 b43_radio_turn_off(dev, 1); 2514err_gpio_clean: 2515 b43_gpio_cleanup(dev); 2516 return err; 2517} 2518 2519static void b43_periodic_every120sec(struct b43_wldev *dev) 2520{ 2521 struct b43_phy *phy = &dev->phy; 2522 2523 if (phy->type != B43_PHYTYPE_G || phy->rev < 2) 2524 return; 2525 2526 b43_mac_suspend(dev); 2527 b43_lo_g_measure(dev); 2528 b43_mac_enable(dev); 2529 if (b43_has_hardware_pctl(phy)) 2530 b43_lo_g_ctl_mark_all_unused(dev); 2531} 2532 2533static void b43_periodic_every60sec(struct b43_wldev *dev) 2534{ 2535 struct b43_phy *phy = &dev->phy; 2536 2537 if (phy->type != B43_PHYTYPE_G) 2538 return; 2539 if (!b43_has_hardware_pctl(phy)) 2540 b43_lo_g_ctl_mark_all_unused(dev); 2541 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) { 2542 b43_mac_suspend(dev); 2543 b43_calc_nrssi_slope(dev); 2544 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) { 2545 u8 old_chan = phy->channel; 2546 2547 /* VCO Calibration */ 2548 if (old_chan >= 8) 2549 b43_radio_selectchannel(dev, 1, 0); 2550 else 2551 b43_radio_selectchannel(dev, 13, 0); 2552 b43_radio_selectchannel(dev, old_chan, 0); 2553 } 2554 b43_mac_enable(dev); 2555 } 2556} 2557 2558static void b43_periodic_every30sec(struct b43_wldev *dev) 2559{ 2560 /* Update device statistics. */ 2561 b43_calculate_link_quality(dev); 2562} 2563 2564static void b43_periodic_every15sec(struct b43_wldev *dev) 2565{ 2566 struct b43_phy *phy = &dev->phy; 2567 2568 if (phy->type == B43_PHYTYPE_G) { 2569 //TODO: update_aci_moving_average 2570 if (phy->aci_enable && phy->aci_wlan_automatic) { 2571 b43_mac_suspend(dev); 2572 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) { 2573 if (0 /*TODO: bunch of conditions */ ) { 2574 b43_radio_set_interference_mitigation 2575 (dev, B43_INTERFMODE_MANUALWLAN); 2576 } 2577 } else if (1 /*TODO*/) { 2578 /* 2579 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) { 2580 b43_radio_set_interference_mitigation(dev, 2581 B43_INTERFMODE_NONE); 2582 } 2583 */ 2584 } 2585 b43_mac_enable(dev); 2586 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN && 2587 phy->rev == 1) { 2588 //TODO: implement rev1 workaround 2589 } 2590 } 2591 b43_phy_xmitpower(dev); //FIXME: unless scanning? 2592 //TODO for APHY (temperature?) 2593 2594 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2595 wmb(); 2596} 2597 2598static void do_periodic_work(struct b43_wldev *dev) 2599{ 2600 unsigned int state; 2601 2602 state = dev->periodic_state; 2603 if (state % 8 == 0) 2604 b43_periodic_every120sec(dev); 2605 if (state % 4 == 0) 2606 b43_periodic_every60sec(dev); 2607 if (state % 2 == 0) 2608 b43_periodic_every30sec(dev); 2609 b43_periodic_every15sec(dev); 2610} 2611 2612/* Periodic work locking policy: 2613 * The whole periodic work handler is protected by 2614 * wl->mutex. If another lock is needed somewhere in the 2615 * pwork callchain, it's aquired in-place, where it's needed. 2616 */ 2617static void b43_periodic_work_handler(struct work_struct *work) 2618{ 2619 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2620 periodic_work.work); 2621 struct b43_wl *wl = dev->wl; 2622 unsigned long delay; 2623 2624 mutex_lock(&wl->mutex); 2625 2626 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2627 goto out; 2628 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2629 goto out_requeue; 2630 2631 do_periodic_work(dev); 2632 2633 dev->periodic_state++; 2634out_requeue: 2635 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2636 delay = msecs_to_jiffies(50); 2637 else 2638 delay = round_jiffies_relative(HZ * 15); 2639 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay); 2640out: 2641 mutex_unlock(&wl->mutex); 2642} 2643 2644static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2645{ 2646 struct delayed_work *work = &dev->periodic_work; 2647 2648 dev->periodic_state = 0; 2649 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2650 queue_delayed_work(dev->wl->hw->workqueue, work, 0); 2651} 2652 2653/* Check if communication with the device works correctly. */ 2654static int b43_validate_chipaccess(struct b43_wldev *dev) 2655{ 2656 u32 v, backup; 2657 2658 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0); 2659 2660 /* Check for read/write and endianness problems. */ 2661 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 2662 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 2663 goto error; 2664 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 2665 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 2666 goto error; 2667 2668 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup); 2669 2670 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 2671 /* The 32bit register shadows the two 16bit registers 2672 * with update sideeffects. Validate this. */ 2673 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 2674 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 2675 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 2676 goto error; 2677 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 2678 goto error; 2679 } 2680 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 2681 2682 v = b43_read32(dev, B43_MMIO_MACCTL); 2683 v |= B43_MACCTL_GMODE; 2684 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 2685 goto error; 2686 2687 return 0; 2688error: 2689 b43err(dev->wl, "Failed to validate the chipaccess\n"); 2690 return -ENODEV; 2691} 2692 2693static void b43_security_init(struct b43_wldev *dev) 2694{ 2695 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20; 2696 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key)); 2697 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 2698 /* KTP is a word address, but we address SHM bytewise. 2699 * So multiply by two. 2700 */ 2701 dev->ktp *= 2; 2702 if (dev->dev->id.revision >= 5) { 2703 /* Number of RCMTA address slots */ 2704 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8); 2705 } 2706 b43_clear_keys(dev); 2707} 2708 2709static int b43_rng_read(struct hwrng *rng, u32 * data) 2710{ 2711 struct b43_wl *wl = (struct b43_wl *)rng->priv; 2712 unsigned long flags; 2713 2714 /* Don't take wl->mutex here, as it could deadlock with 2715 * hwrng internal locking. It's not needed to take 2716 * wl->mutex here, anyway. */ 2717 2718 spin_lock_irqsave(&wl->irq_lock, flags); 2719 *data = b43_read16(wl->current_dev, B43_MMIO_RNG); 2720 spin_unlock_irqrestore(&wl->irq_lock, flags); 2721 2722 return (sizeof(u16)); 2723} 2724 2725static void b43_rng_exit(struct b43_wl *wl, bool suspended) 2726{ 2727 if (wl->rng_initialized) 2728 __hwrng_unregister(&wl->rng, suspended); 2729} 2730 2731static int b43_rng_init(struct b43_wl *wl) 2732{ 2733 int err; 2734 2735 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 2736 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 2737 wl->rng.name = wl->rng_name; 2738 wl->rng.data_read = b43_rng_read; 2739 wl->rng.priv = (unsigned long)wl; 2740 wl->rng_initialized = 1; 2741 err = hwrng_register(&wl->rng); 2742 if (err) { 2743 wl->rng_initialized = 0; 2744 b43err(wl, "Failed to register the random " 2745 "number generator (%d)\n", err); 2746 } 2747 2748 return err; 2749} 2750 2751static int b43_op_tx(struct ieee80211_hw *hw, 2752 struct sk_buff *skb, 2753 struct ieee80211_tx_control *ctl) 2754{ 2755 struct b43_wl *wl = hw_to_b43_wl(hw); 2756 struct b43_wldev *dev = wl->current_dev; 2757 int err = -ENODEV; 2758 2759 if (unlikely(skb->len < 2 + 2 + 6)) { 2760 /* Too short, this can't be a valid frame. */ 2761 return -EINVAL; 2762 } 2763 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 2764 2765 if (unlikely(!dev)) 2766 goto out; 2767 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 2768 goto out; 2769 /* TX is done without a global lock. */ 2770 if (b43_using_pio_transfers(dev)) 2771 err = b43_pio_tx(dev, skb, ctl); 2772 else 2773 err = b43_dma_tx(dev, skb, ctl); 2774out: 2775 if (unlikely(err)) 2776 return NETDEV_TX_BUSY; 2777 return NETDEV_TX_OK; 2778} 2779 2780/* Locking: wl->irq_lock */ 2781static void b43_qos_params_upload(struct b43_wldev *dev, 2782 const struct ieee80211_tx_queue_params *p, 2783 u16 shm_offset) 2784{ 2785 u16 params[B43_NR_QOSPARAMS]; 2786 int cw_min, cw_max, aifs, bslots, tmp; 2787 unsigned int i; 2788 2789 const u16 aCWmin = 0x0001; 2790 const u16 aCWmax = 0x03FF; 2791 2792 /* Calculate the default values for the parameters, if needed. */ 2793 switch (shm_offset) { 2794 case B43_QOS_VOICE: 2795 aifs = (p->aifs == -1) ? 2 : p->aifs; 2796 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min; 2797 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max; 2798 break; 2799 case B43_QOS_VIDEO: 2800 aifs = (p->aifs == -1) ? 2 : p->aifs; 2801 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min; 2802 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max; 2803 break; 2804 case B43_QOS_BESTEFFORT: 2805 aifs = (p->aifs == -1) ? 3 : p->aifs; 2806 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2807 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2808 break; 2809 case B43_QOS_BACKGROUND: 2810 aifs = (p->aifs == -1) ? 7 : p->aifs; 2811 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2812 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2813 break; 2814 default: 2815 B43_WARN_ON(1); 2816 return; 2817 } 2818 if (cw_min <= 0) 2819 cw_min = aCWmin; 2820 if (cw_max <= 0) 2821 cw_max = aCWmin; 2822 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min; 2823 2824 memset(¶ms, 0, sizeof(params)); 2825 2826 params[B43_QOSPARAM_TXOP] = p->txop * 32; 2827 params[B43_QOSPARAM_CWMIN] = cw_min; 2828 params[B43_QOSPARAM_CWMAX] = cw_max; 2829 params[B43_QOSPARAM_CWCUR] = cw_min; 2830 params[B43_QOSPARAM_AIFS] = aifs; 2831 params[B43_QOSPARAM_BSLOTS] = bslots; 2832 params[B43_QOSPARAM_REGGAP] = bslots + aifs; 2833 2834 for (i = 0; i < ARRAY_SIZE(params); i++) { 2835 if (i == B43_QOSPARAM_STATUS) { 2836 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 2837 shm_offset + (i * 2)); 2838 /* Mark the parameters as updated. */ 2839 tmp |= 0x100; 2840 b43_shm_write16(dev, B43_SHM_SHARED, 2841 shm_offset + (i * 2), 2842 tmp); 2843 } else { 2844 b43_shm_write16(dev, B43_SHM_SHARED, 2845 shm_offset + (i * 2), 2846 params[i]); 2847 } 2848 } 2849} 2850 2851/* Update the QOS parameters in hardware. */ 2852static void b43_qos_update(struct b43_wldev *dev) 2853{ 2854 struct b43_wl *wl = dev->wl; 2855 struct b43_qos_params *params; 2856 unsigned long flags; 2857 unsigned int i; 2858 2859 /* Mapping of mac80211 queues to b43 SHM offsets. */ 2860 static const u16 qos_shm_offsets[] = { 2861 [0] = B43_QOS_VOICE, 2862 [1] = B43_QOS_VIDEO, 2863 [2] = B43_QOS_BESTEFFORT, 2864 [3] = B43_QOS_BACKGROUND, 2865 }; 2866 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params)); 2867 2868 b43_mac_suspend(dev); 2869 spin_lock_irqsave(&wl->irq_lock, flags); 2870 2871 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2872 params = &(wl->qos_params[i]); 2873 if (params->need_hw_update) { 2874 b43_qos_params_upload(dev, &(params->p), 2875 qos_shm_offsets[i]); 2876 params->need_hw_update = 0; 2877 } 2878 } 2879 2880 spin_unlock_irqrestore(&wl->irq_lock, flags); 2881 b43_mac_enable(dev); 2882} 2883 2884static void b43_qos_clear(struct b43_wl *wl) 2885{ 2886 struct b43_qos_params *params; 2887 unsigned int i; 2888 2889 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 2890 params = &(wl->qos_params[i]); 2891 2892 memset(&(params->p), 0, sizeof(params->p)); 2893 params->p.aifs = -1; 2894 params->need_hw_update = 1; 2895 } 2896} 2897 2898/* Initialize the core's QOS capabilities */ 2899static void b43_qos_init(struct b43_wldev *dev) 2900{ 2901 struct b43_wl *wl = dev->wl; 2902 unsigned int i; 2903 2904 /* Upload the current QOS parameters. */ 2905 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) 2906 wl->qos_params[i].need_hw_update = 1; 2907 b43_qos_update(dev); 2908 2909 /* Enable QOS support. */ 2910 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 2911 b43_write16(dev, B43_MMIO_IFSCTL, 2912 b43_read16(dev, B43_MMIO_IFSCTL) 2913 | B43_MMIO_IFSCTL_USE_EDCF); 2914} 2915 2916static void b43_qos_update_work(struct work_struct *work) 2917{ 2918 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work); 2919 struct b43_wldev *dev; 2920 2921 mutex_lock(&wl->mutex); 2922 dev = wl->current_dev; 2923 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) 2924 b43_qos_update(dev); 2925 mutex_unlock(&wl->mutex); 2926} 2927 2928static int b43_op_conf_tx(struct ieee80211_hw *hw, 2929 int _queue, 2930 const struct ieee80211_tx_queue_params *params) 2931{ 2932 struct b43_wl *wl = hw_to_b43_wl(hw); 2933 unsigned long flags; 2934 unsigned int queue = (unsigned int)_queue; 2935 struct b43_qos_params *p; 2936 2937 if (queue >= ARRAY_SIZE(wl->qos_params)) { 2938 /* Queue not available or don't support setting 2939 * params on this queue. Return success to not 2940 * confuse mac80211. */ 2941 return 0; 2942 } 2943 2944 spin_lock_irqsave(&wl->irq_lock, flags); 2945 p = &(wl->qos_params[queue]); 2946 memcpy(&(p->p), params, sizeof(p->p)); 2947 p->need_hw_update = 1; 2948 spin_unlock_irqrestore(&wl->irq_lock, flags); 2949 2950 queue_work(hw->workqueue, &wl->qos_update_work); 2951 2952 return 0; 2953} 2954 2955static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 2956 struct ieee80211_tx_queue_stats *stats) 2957{ 2958 struct b43_wl *wl = hw_to_b43_wl(hw); 2959 struct b43_wldev *dev = wl->current_dev; 2960 unsigned long flags; 2961 int err = -ENODEV; 2962 2963 if (!dev) 2964 goto out; 2965 spin_lock_irqsave(&wl->irq_lock, flags); 2966 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 2967 if (b43_using_pio_transfers(dev)) 2968 b43_pio_get_tx_stats(dev, stats); 2969 else 2970 b43_dma_get_tx_stats(dev, stats); 2971 err = 0; 2972 } 2973 spin_unlock_irqrestore(&wl->irq_lock, flags); 2974out: 2975 return err; 2976} 2977 2978static int b43_op_get_stats(struct ieee80211_hw *hw, 2979 struct ieee80211_low_level_stats *stats) 2980{ 2981 struct b43_wl *wl = hw_to_b43_wl(hw); 2982 unsigned long flags; 2983 2984 spin_lock_irqsave(&wl->irq_lock, flags); 2985 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 2986 spin_unlock_irqrestore(&wl->irq_lock, flags); 2987 2988 return 0; 2989} 2990 2991static void b43_put_phy_into_reset(struct b43_wldev *dev) 2992{ 2993 struct ssb_device *sdev = dev->dev; 2994 u32 tmslow; 2995 2996 tmslow = ssb_read32(sdev, SSB_TMSLOW); 2997 tmslow &= ~B43_TMSLOW_GMODE; 2998 tmslow |= B43_TMSLOW_PHYRESET; 2999 tmslow |= SSB_TMSLOW_FGC; 3000 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3001 msleep(1); 3002 3003 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3004 tmslow &= ~SSB_TMSLOW_FGC; 3005 tmslow |= B43_TMSLOW_PHYRESET; 3006 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3007 msleep(1); 3008} 3009 3010static const char * band_to_string(enum ieee80211_band band) 3011{ 3012 switch (band) { 3013 case IEEE80211_BAND_5GHZ: 3014 return "5"; 3015 case IEEE80211_BAND_2GHZ: 3016 return "2.4"; 3017 default: 3018 break; 3019 } 3020 B43_WARN_ON(1); 3021 return ""; 3022} 3023 3024/* Expects wl->mutex locked */ 3025static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3026{ 3027 struct b43_wldev *up_dev = NULL; 3028 struct b43_wldev *down_dev; 3029 struct b43_wldev *d; 3030 int err; 3031 bool gmode; 3032 int prev_status; 3033 3034 /* Find a device and PHY which supports the band. */ 3035 list_for_each_entry(d, &wl->devlist, list) { 3036 switch (chan->band) { 3037 case IEEE80211_BAND_5GHZ: 3038 if (d->phy.supports_5ghz) { 3039 up_dev = d; 3040 gmode = 0; 3041 } 3042 break; 3043 case IEEE80211_BAND_2GHZ: 3044 if (d->phy.supports_2ghz) { 3045 up_dev = d; 3046 gmode = 1; 3047 } 3048 break; 3049 default: 3050 B43_WARN_ON(1); 3051 return -EINVAL; 3052 } 3053 if (up_dev) 3054 break; 3055 } 3056 if (!up_dev) { 3057 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3058 band_to_string(chan->band)); 3059 return -ENODEV; 3060 } 3061 if ((up_dev == wl->current_dev) && 3062 (!!wl->current_dev->phy.gmode == !!gmode)) { 3063 /* This device is already running. */ 3064 return 0; 3065 } 3066 b43dbg(wl, "Switching to %s-GHz band\n", 3067 band_to_string(chan->band)); 3068 down_dev = wl->current_dev; 3069 3070 prev_status = b43_status(down_dev); 3071 /* Shutdown the currently running core. */ 3072 if (prev_status >= B43_STAT_STARTED) 3073 b43_wireless_core_stop(down_dev); 3074 if (prev_status >= B43_STAT_INITIALIZED) 3075 b43_wireless_core_exit(down_dev); 3076 3077 if (down_dev != up_dev) { 3078 /* We switch to a different core, so we put PHY into 3079 * RESET on the old core. */ 3080 b43_put_phy_into_reset(down_dev); 3081 } 3082 3083 /* Now start the new core. */ 3084 up_dev->phy.gmode = gmode; 3085 if (prev_status >= B43_STAT_INITIALIZED) { 3086 err = b43_wireless_core_init(up_dev); 3087 if (err) { 3088 b43err(wl, "Fatal: Could not initialize device for " 3089 "selected %s-GHz band\n", 3090 band_to_string(chan->band)); 3091 goto init_failure; 3092 } 3093 } 3094 if (prev_status >= B43_STAT_STARTED) { 3095 err = b43_wireless_core_start(up_dev); 3096 if (err) { 3097 b43err(wl, "Fatal: Coult not start device for " 3098 "selected %s-GHz band\n", 3099 band_to_string(chan->band)); 3100 b43_wireless_core_exit(up_dev); 3101 goto init_failure; 3102 } 3103 } 3104 B43_WARN_ON(b43_status(up_dev) != prev_status); 3105 3106 wl->current_dev = up_dev; 3107 3108 return 0; 3109init_failure: 3110 /* Whoops, failed to init the new core. No core is operating now. */ 3111 wl->current_dev = NULL; 3112 return err; 3113} 3114 3115/* Check if the use of the antenna that ieee80211 told us to 3116 * use is possible. This will fall back to DEFAULT. 3117 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 3118u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 3119 u8 antenna_nr) 3120{ 3121 u8 antenna_mask; 3122 3123 if (antenna_nr == 0) { 3124 /* Zero means "use default antenna". That's always OK. */ 3125 return 0; 3126 } 3127 3128 /* Get the mask of available antennas. */ 3129 if (dev->phy.gmode) 3130 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 3131 else 3132 antenna_mask = dev->dev->bus->sprom.ant_available_a; 3133 3134 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 3135 /* This antenna is not available. Fall back to default. */ 3136 return 0; 3137 } 3138 3139 return antenna_nr; 3140} 3141 3142static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna) 3143{ 3144 antenna = b43_ieee80211_antenna_sanitize(dev, antenna); 3145 switch (antenna) { 3146 case 0: /* default/diversity */ 3147 return B43_ANTENNA_DEFAULT; 3148 case 1: /* Antenna 0 */ 3149 return B43_ANTENNA0; 3150 case 2: /* Antenna 1 */ 3151 return B43_ANTENNA1; 3152 case 3: /* Antenna 2 */ 3153 return B43_ANTENNA2; 3154 case 4: /* Antenna 3 */ 3155 return B43_ANTENNA3; 3156 default: 3157 return B43_ANTENNA_DEFAULT; 3158 } 3159} 3160 3161static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf) 3162{ 3163 struct b43_wl *wl = hw_to_b43_wl(hw); 3164 struct b43_wldev *dev; 3165 struct b43_phy *phy; 3166 unsigned long flags; 3167 int antenna; 3168 int err = 0; 3169 u32 savedirqs; 3170 3171 mutex_lock(&wl->mutex); 3172 3173 /* Switch the band (if necessary). This might change the active core. */ 3174 err = b43_switch_band(wl, conf->channel); 3175 if (err) 3176 goto out_unlock_mutex; 3177 dev = wl->current_dev; 3178 phy = &dev->phy; 3179 3180 /* Disable IRQs while reconfiguring the device. 3181 * This makes it possible to drop the spinlock throughout 3182 * the reconfiguration process. */ 3183 spin_lock_irqsave(&wl->irq_lock, flags); 3184 if (b43_status(dev) < B43_STAT_STARTED) { 3185 spin_unlock_irqrestore(&wl->irq_lock, flags); 3186 goto out_unlock_mutex; 3187 } 3188 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL); 3189 spin_unlock_irqrestore(&wl->irq_lock, flags); 3190 b43_synchronize_irq(dev); 3191 3192 /* Switch to the requested channel. 3193 * The firmware takes care of races with the TX handler. */ 3194 if (conf->channel->hw_value != phy->channel) 3195 b43_radio_selectchannel(dev, conf->channel->hw_value, 0); 3196 3197 /* Enable/Disable ShortSlot timing. */ 3198 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) != 3199 dev->short_slot) { 3200 B43_WARN_ON(phy->type != B43_PHYTYPE_G); 3201 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME) 3202 b43_short_slot_timing_enable(dev); 3203 else 3204 b43_short_slot_timing_disable(dev); 3205 } 3206 3207 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP); 3208 3209 /* Adjust the desired TX power level. */ 3210 if (conf->power_level != 0) { 3211 if (conf->power_level != phy->power_level) { 3212 phy->power_level = conf->power_level; 3213 b43_phy_xmitpower(dev); 3214 } 3215 } 3216 3217 /* Antennas for RX and management frame TX. */ 3218 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx); 3219 b43_mgmtframe_txantenna(dev, antenna); 3220 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx); 3221 b43_set_rx_antenna(dev, antenna); 3222 3223 /* Update templates for AP mode. */ 3224 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 3225 b43_set_beacon_int(dev, conf->beacon_int); 3226 3227 if (!!conf->radio_enabled != phy->radio_on) { 3228 if (conf->radio_enabled) { 3229 b43_radio_turn_on(dev); 3230 b43info(dev->wl, "Radio turned on by software\n"); 3231 if (!dev->radio_hw_enable) { 3232 b43info(dev->wl, "The hardware RF-kill button " 3233 "still turns the radio physically off. " 3234 "Press the button to turn it on.\n"); 3235 } 3236 } else { 3237 b43_radio_turn_off(dev, 0); 3238 b43info(dev->wl, "Radio turned off by software\n"); 3239 } 3240 } 3241 3242 spin_lock_irqsave(&wl->irq_lock, flags); 3243 b43_interrupt_enable(dev, savedirqs); 3244 mmiowb(); 3245 spin_unlock_irqrestore(&wl->irq_lock, flags); 3246 out_unlock_mutex: 3247 mutex_unlock(&wl->mutex); 3248 3249 return err; 3250} 3251 3252static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3253 const u8 *local_addr, const u8 *addr, 3254 struct ieee80211_key_conf *key) 3255{ 3256 struct b43_wl *wl = hw_to_b43_wl(hw); 3257 struct b43_wldev *dev; 3258 unsigned long flags; 3259 u8 algorithm; 3260 u8 index; 3261 int err; 3262 DECLARE_MAC_BUF(mac); 3263 3264 if (modparam_nohwcrypt) 3265 return -ENOSPC; /* User disabled HW-crypto */ 3266 3267 mutex_lock(&wl->mutex); 3268 spin_lock_irqsave(&wl->irq_lock, flags); 3269 3270 dev = wl->current_dev; 3271 err = -ENODEV; 3272 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3273 goto out_unlock; 3274 3275 err = -EINVAL; 3276 switch (key->alg) { 3277 case ALG_WEP: 3278 if (key->keylen == 5) 3279 algorithm = B43_SEC_ALGO_WEP40; 3280 else 3281 algorithm = B43_SEC_ALGO_WEP104; 3282 break; 3283 case ALG_TKIP: 3284 algorithm = B43_SEC_ALGO_TKIP; 3285 break; 3286 case ALG_CCMP: 3287 algorithm = B43_SEC_ALGO_AES; 3288 break; 3289 default: 3290 B43_WARN_ON(1); 3291 goto out_unlock; 3292 } 3293 index = (u8) (key->keyidx); 3294 if (index > 3) 3295 goto out_unlock; 3296 3297 switch (cmd) { 3298 case SET_KEY: 3299 if (algorithm == B43_SEC_ALGO_TKIP) { 3300 /* FIXME: No TKIP hardware encryption for now. */ 3301 err = -EOPNOTSUPP; 3302 goto out_unlock; 3303 } 3304 3305 if (is_broadcast_ether_addr(addr)) { 3306 /* addr is FF:FF:FF:FF:FF:FF for default keys */ 3307 err = b43_key_write(dev, index, algorithm, 3308 key->key, key->keylen, NULL, key); 3309 } else { 3310 /* 3311 * either pairwise key or address is 00:00:00:00:00:00 3312 * for transmit-only keys 3313 */ 3314 err = b43_key_write(dev, -1, algorithm, 3315 key->key, key->keylen, addr, key); 3316 } 3317 if (err) 3318 goto out_unlock; 3319 3320 if (algorithm == B43_SEC_ALGO_WEP40 || 3321 algorithm == B43_SEC_ALGO_WEP104) { 3322 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3323 } else { 3324 b43_hf_write(dev, 3325 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3326 } 3327 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3328 break; 3329 case DISABLE_KEY: { 3330 err = b43_key_clear(dev, key->hw_key_idx); 3331 if (err) 3332 goto out_unlock; 3333 break; 3334 } 3335 default: 3336 B43_WARN_ON(1); 3337 } 3338out_unlock: 3339 spin_unlock_irqrestore(&wl->irq_lock, flags); 3340 mutex_unlock(&wl->mutex); 3341 if (!err) { 3342 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3343 "mac: %s\n", 3344 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3345 print_mac(mac, addr)); 3346 } 3347 return err; 3348} 3349 3350static void b43_op_configure_filter(struct ieee80211_hw *hw, 3351 unsigned int changed, unsigned int *fflags, 3352 int mc_count, struct dev_addr_list *mc_list) 3353{ 3354 struct b43_wl *wl = hw_to_b43_wl(hw); 3355 struct b43_wldev *dev = wl->current_dev; 3356 unsigned long flags; 3357 3358 if (!dev) { 3359 *fflags = 0; 3360 return; 3361 } 3362 3363 spin_lock_irqsave(&wl->irq_lock, flags); 3364 *fflags &= FIF_PROMISC_IN_BSS | 3365 FIF_ALLMULTI | 3366 FIF_FCSFAIL | 3367 FIF_PLCPFAIL | 3368 FIF_CONTROL | 3369 FIF_OTHER_BSS | 3370 FIF_BCN_PRBRESP_PROMISC; 3371 3372 changed &= FIF_PROMISC_IN_BSS | 3373 FIF_ALLMULTI | 3374 FIF_FCSFAIL | 3375 FIF_PLCPFAIL | 3376 FIF_CONTROL | 3377 FIF_OTHER_BSS | 3378 FIF_BCN_PRBRESP_PROMISC; 3379 3380 wl->filter_flags = *fflags; 3381 3382 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3383 b43_adjust_opmode(dev); 3384 spin_unlock_irqrestore(&wl->irq_lock, flags); 3385} 3386 3387static int b43_op_config_interface(struct ieee80211_hw *hw, 3388 struct ieee80211_vif *vif, 3389 struct ieee80211_if_conf *conf) 3390{ 3391 struct b43_wl *wl = hw_to_b43_wl(hw); 3392 struct b43_wldev *dev = wl->current_dev; 3393 unsigned long flags; 3394 3395 if (!dev) 3396 return -ENODEV; 3397 mutex_lock(&wl->mutex); 3398 spin_lock_irqsave(&wl->irq_lock, flags); 3399 B43_WARN_ON(wl->vif != vif); 3400 if (conf->bssid) 3401 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3402 else 3403 memset(wl->bssid, 0, ETH_ALEN); 3404 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3405 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) { 3406 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP); 3407 b43_set_ssid(dev, conf->ssid, conf->ssid_len); 3408 if (conf->beacon) 3409 b43_update_templates(wl, conf->beacon); 3410 } 3411 b43_write_mac_bssid_templates(dev); 3412 } 3413 spin_unlock_irqrestore(&wl->irq_lock, flags); 3414 mutex_unlock(&wl->mutex); 3415 3416 return 0; 3417} 3418 3419/* Locking: wl->mutex */ 3420static void b43_wireless_core_stop(struct b43_wldev *dev) 3421{ 3422 struct b43_wl *wl = dev->wl; 3423 unsigned long flags; 3424 3425 if (b43_status(dev) < B43_STAT_STARTED) 3426 return; 3427 3428 /* Disable and sync interrupts. We must do this before than 3429 * setting the status to INITIALIZED, as the interrupt handler 3430 * won't care about IRQs then. */ 3431 spin_lock_irqsave(&wl->irq_lock, flags); 3432 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 3433 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */ 3434 spin_unlock_irqrestore(&wl->irq_lock, flags); 3435 b43_synchronize_irq(dev); 3436 3437 b43_set_status(dev, B43_STAT_INITIALIZED); 3438 3439 b43_pio_stop(dev); 3440 mutex_unlock(&wl->mutex); 3441 /* Must unlock as it would otherwise deadlock. No races here. 3442 * Cancel the possibly running self-rearming periodic work. */ 3443 cancel_delayed_work_sync(&dev->periodic_work); 3444 mutex_lock(&wl->mutex); 3445 3446 ieee80211_stop_queues(wl->hw); //FIXME this could cause a deadlock, as mac80211 seems buggy. 3447 3448 b43_mac_suspend(dev); 3449 free_irq(dev->dev->irq, dev); 3450 b43dbg(wl, "Wireless interface stopped\n"); 3451} 3452 3453/* Locking: wl->mutex */ 3454static int b43_wireless_core_start(struct b43_wldev *dev) 3455{ 3456 int err; 3457 3458 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3459 3460 drain_txstatus_queue(dev); 3461 err = request_irq(dev->dev->irq, b43_interrupt_handler, 3462 IRQF_SHARED, KBUILD_MODNAME, dev); 3463 if (err) { 3464 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3465 goto out; 3466 } 3467 3468 /* We are ready to run. */ 3469 b43_set_status(dev, B43_STAT_STARTED); 3470 3471 /* Start data flow (TX/RX). */ 3472 b43_mac_enable(dev); 3473 b43_interrupt_enable(dev, dev->irq_savedstate); 3474 ieee80211_start_queues(dev->wl->hw); 3475 3476 /* Start maintainance work */ 3477 b43_periodic_tasks_setup(dev); 3478 3479 b43dbg(dev->wl, "Wireless interface started\n"); 3480 out: 3481 return err; 3482} 3483 3484/* Get PHY and RADIO versioning numbers */ 3485static int b43_phy_versioning(struct b43_wldev *dev) 3486{ 3487 struct b43_phy *phy = &dev->phy; 3488 u32 tmp; 3489 u8 analog_type; 3490 u8 phy_type; 3491 u8 phy_rev; 3492 u16 radio_manuf; 3493 u16 radio_ver; 3494 u16 radio_rev; 3495 int unsupported = 0; 3496 3497 /* Get PHY versioning */ 3498 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3499 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3500 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3501 phy_rev = (tmp & B43_PHYVER_VERSION); 3502 switch (phy_type) { 3503 case B43_PHYTYPE_A: 3504 if (phy_rev >= 4) 3505 unsupported = 1; 3506 break; 3507 case B43_PHYTYPE_B: 3508 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 3509 && phy_rev != 7) 3510 unsupported = 1; 3511 break; 3512 case B43_PHYTYPE_G: 3513 if (phy_rev > 9) 3514 unsupported = 1; 3515 break; 3516#ifdef CONFIG_B43_NPHY 3517 case B43_PHYTYPE_N: 3518 if (phy_rev > 1) 3519 unsupported = 1; 3520 break; 3521#endif 3522 default: 3523 unsupported = 1; 3524 }; 3525 if (unsupported) { 3526 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 3527 "(Analog %u, Type %u, Revision %u)\n", 3528 analog_type, phy_type, phy_rev); 3529 return -EOPNOTSUPP; 3530 } 3531 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 3532 analog_type, phy_type, phy_rev); 3533 3534 /* Get RADIO versioning */ 3535 if (dev->dev->bus->chip_id == 0x4317) { 3536 if (dev->dev->bus->chip_rev == 0) 3537 tmp = 0x3205017F; 3538 else if (dev->dev->bus->chip_rev == 1) 3539 tmp = 0x4205017F; 3540 else 3541 tmp = 0x5205017F; 3542 } else { 3543 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3544 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 3545 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3546 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 3547 } 3548 radio_manuf = (tmp & 0x00000FFF); 3549 radio_ver = (tmp & 0x0FFFF000) >> 12; 3550 radio_rev = (tmp & 0xF0000000) >> 28; 3551 if (radio_manuf != 0x17F /* Broadcom */) 3552 unsupported = 1; 3553 switch (phy_type) { 3554 case B43_PHYTYPE_A: 3555 if (radio_ver != 0x2060) 3556 unsupported = 1; 3557 if (radio_rev != 1) 3558 unsupported = 1; 3559 if (radio_manuf != 0x17F) 3560 unsupported = 1; 3561 break; 3562 case B43_PHYTYPE_B: 3563 if ((radio_ver & 0xFFF0) != 0x2050) 3564 unsupported = 1; 3565 break; 3566 case B43_PHYTYPE_G: 3567 if (radio_ver != 0x2050) 3568 unsupported = 1; 3569 break; 3570 case B43_PHYTYPE_N: 3571 if (radio_ver != 0x2055) 3572 unsupported = 1; 3573 break; 3574 default: 3575 B43_WARN_ON(1); 3576 } 3577 if (unsupported) { 3578 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 3579 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 3580 radio_manuf, radio_ver, radio_rev); 3581 return -EOPNOTSUPP; 3582 } 3583 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 3584 radio_manuf, radio_ver, radio_rev); 3585 3586 phy->radio_manuf = radio_manuf; 3587 phy->radio_ver = radio_ver; 3588 phy->radio_rev = radio_rev; 3589 3590 phy->analog = analog_type; 3591 phy->type = phy_type; 3592 phy->rev = phy_rev; 3593 3594 return 0; 3595} 3596 3597static void setup_struct_phy_for_init(struct b43_wldev *dev, 3598 struct b43_phy *phy) 3599{ 3600 struct b43_txpower_lo_control *lo; 3601 int i; 3602 3603 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig)); 3604 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos)); 3605 3606 phy->aci_enable = 0; 3607 phy->aci_wlan_automatic = 0; 3608 phy->aci_hw_rssi = 0; 3609 3610 phy->radio_off_context.valid = 0; 3611 3612 lo = phy->lo_control; 3613 if (lo) { 3614 memset(lo, 0, sizeof(*(phy->lo_control))); 3615 lo->rebuild = 1; 3616 lo->tx_bias = 0xFF; 3617 } 3618 phy->max_lb_gain = 0; 3619 phy->trsw_rx_gain = 0; 3620 phy->txpwr_offset = 0; 3621 3622 /* NRSSI */ 3623 phy->nrssislope = 0; 3624 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++) 3625 phy->nrssi[i] = -1000; 3626 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++) 3627 phy->nrssi_lt[i] = i; 3628 3629 phy->lofcal = 0xFFFF; 3630 phy->initval = 0xFFFF; 3631 3632 phy->interfmode = B43_INTERFMODE_NONE; 3633 phy->channel = 0xFF; 3634 3635 phy->hardware_power_control = !!modparam_hwpctl; 3636 3637 /* PHY TX errors counter. */ 3638 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3639 3640 /* OFDM-table address caching. */ 3641 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN; 3642} 3643 3644static void setup_struct_wldev_for_init(struct b43_wldev *dev) 3645{ 3646 dev->dfq_valid = 0; 3647 3648 /* Assume the radio is enabled. If it's not enabled, the state will 3649 * immediately get fixed on the first periodic work run. */ 3650 dev->radio_hw_enable = 1; 3651 3652 /* Stats */ 3653 memset(&dev->stats, 0, sizeof(dev->stats)); 3654 3655 setup_struct_phy_for_init(dev, &dev->phy); 3656 3657 /* IRQ related flags */ 3658 dev->irq_reason = 0; 3659 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 3660 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE; 3661 3662 dev->mac_suspended = 1; 3663 3664 /* Noise calculation context */ 3665 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 3666} 3667 3668static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 3669{ 3670 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 3671 u32 hf; 3672 3673 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 3674 return; 3675 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 3676 return; 3677 3678 hf = b43_hf_read(dev); 3679 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 3680 hf |= B43_HF_BTCOEXALT; 3681 else 3682 hf |= B43_HF_BTCOEX; 3683 b43_hf_write(dev, hf); 3684 //TODO 3685} 3686 3687static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 3688{ //TODO 3689} 3690 3691static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 3692{ 3693#ifdef CONFIG_SSB_DRIVER_PCICORE 3694 struct ssb_bus *bus = dev->dev->bus; 3695 u32 tmp; 3696 3697 if (bus->pcicore.dev && 3698 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 3699 bus->pcicore.dev->id.revision <= 5) { 3700 /* IMCFGLO timeouts workaround. */ 3701 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 3702 tmp &= ~SSB_IMCFGLO_REQTO; 3703 tmp &= ~SSB_IMCFGLO_SERTO; 3704 switch (bus->bustype) { 3705 case SSB_BUSTYPE_PCI: 3706 case SSB_BUSTYPE_PCMCIA: 3707 tmp |= 0x32; 3708 break; 3709 case SSB_BUSTYPE_SSB: 3710 tmp |= 0x53; 3711 break; 3712 } 3713 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 3714 } 3715#endif /* CONFIG_SSB_DRIVER_PCICORE */ 3716} 3717 3718/* Write the short and long frame retry limit values. */ 3719static void b43_set_retry_limits(struct b43_wldev *dev, 3720 unsigned int short_retry, 3721 unsigned int long_retry) 3722{ 3723 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3724 * the chip-internal counter. */ 3725 short_retry = min(short_retry, (unsigned int)0xF); 3726 long_retry = min(long_retry, (unsigned int)0xF); 3727 3728 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3729 short_retry); 3730 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3731 long_retry); 3732} 3733 3734static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 3735{ 3736 u16 pu_delay; 3737 3738 /* The time value is in microseconds. */ 3739 if (dev->phy.type == B43_PHYTYPE_A) 3740 pu_delay = 3700; 3741 else 3742 pu_delay = 1050; 3743 if ((dev->wl->if_type == IEEE80211_IF_TYPE_IBSS) || idle) 3744 pu_delay = 500; 3745 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 3746 pu_delay = max(pu_delay, (u16)2400); 3747 3748 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 3749} 3750 3751/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 3752static void b43_set_pretbtt(struct b43_wldev *dev) 3753{ 3754 u16 pretbtt; 3755 3756 /* The time value is in microseconds. */ 3757 if (dev->wl->if_type == IEEE80211_IF_TYPE_IBSS) { 3758 pretbtt = 2; 3759 } else { 3760 if (dev->phy.type == B43_PHYTYPE_A) 3761 pretbtt = 120; 3762 else 3763 pretbtt = 250; 3764 } 3765 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 3766 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 3767} 3768 3769/* Shutdown a wireless core */ 3770/* Locking: wl->mutex */ 3771static void b43_wireless_core_exit(struct b43_wldev *dev) 3772{ 3773 struct b43_phy *phy = &dev->phy; 3774 u32 macctl; 3775 3776 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED); 3777 if (b43_status(dev) != B43_STAT_INITIALIZED) 3778 return; 3779 b43_set_status(dev, B43_STAT_UNINIT); 3780 3781 /* Stop the microcode PSM. */ 3782 macctl = b43_read32(dev, B43_MMIO_MACCTL); 3783 macctl &= ~B43_MACCTL_PSM_RUN; 3784 macctl |= B43_MACCTL_PSM_JMP0; 3785 b43_write32(dev, B43_MMIO_MACCTL, macctl); 3786 3787 if (!dev->suspend_in_progress) { 3788 b43_leds_exit(dev); 3789 b43_rng_exit(dev->wl, false); 3790 } 3791 b43_dma_free(dev); 3792 b43_pio_free(dev); 3793 b43_chip_exit(dev); 3794 b43_radio_turn_off(dev, 1); 3795 b43_switch_analog(dev, 0); 3796 if (phy->dyn_tssi_tbl) 3797 kfree(phy->tssi2dbm); 3798 kfree(phy->lo_control); 3799 phy->lo_control = NULL; 3800 if (dev->wl->current_beacon) { 3801 dev_kfree_skb_any(dev->wl->current_beacon); 3802 dev->wl->current_beacon = NULL; 3803 } 3804 3805 ssb_device_disable(dev->dev, 0); 3806 ssb_bus_may_powerdown(dev->dev->bus); 3807} 3808 3809/* Initialize a wireless core */ 3810static int b43_wireless_core_init(struct b43_wldev *dev) 3811{ 3812 struct b43_wl *wl = dev->wl; 3813 struct ssb_bus *bus = dev->dev->bus; 3814 struct ssb_sprom *sprom = &bus->sprom; 3815 struct b43_phy *phy = &dev->phy; 3816 int err; 3817 u32 hf, tmp; 3818 3819 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3820 3821 err = ssb_bus_powerup(bus, 0); 3822 if (err) 3823 goto out; 3824 if (!ssb_device_is_enabled(dev->dev)) { 3825 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 3826 b43_wireless_core_reset(dev, tmp); 3827 } 3828 3829 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) { 3830 phy->lo_control = 3831 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL); 3832 if (!phy->lo_control) { 3833 err = -ENOMEM; 3834 goto err_busdown; 3835 } 3836 } 3837 setup_struct_wldev_for_init(dev); 3838 3839 err = b43_phy_init_tssi2dbm_table(dev); 3840 if (err) 3841 goto err_kfree_lo_control; 3842 3843 /* Enable IRQ routing to this device. */ 3844 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 3845 3846 b43_imcfglo_timeouts_workaround(dev); 3847 b43_bluetooth_coext_disable(dev); 3848 b43_phy_early_init(dev); 3849 err = b43_chip_init(dev); 3850 if (err) 3851 goto err_kfree_tssitbl; 3852 b43_shm_write16(dev, B43_SHM_SHARED, 3853 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 3854 hf = b43_hf_read(dev); 3855 if (phy->type == B43_PHYTYPE_G) { 3856 hf |= B43_HF_SYMW; 3857 if (phy->rev == 1) 3858 hf |= B43_HF_GDCW; 3859 if (sprom->boardflags_lo & B43_BFL_PACTRL) 3860 hf |= B43_HF_OFDMPABOOST; 3861 } else if (phy->type == B43_PHYTYPE_B) { 3862 hf |= B43_HF_SYMW; 3863 if (phy->rev >= 2 && phy->radio_ver == 0x2050) 3864 hf &= ~B43_HF_GDCW; 3865 } 3866 b43_hf_write(dev, hf); 3867 3868 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 3869 B43_DEFAULT_LONG_RETRY_LIMIT); 3870 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 3871 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 3872 3873 /* Disable sending probe responses from firmware. 3874 * Setting the MaxTime to one usec will always trigger 3875 * a timeout, so we never send any probe resp. 3876 * A timeout of zero is infinite. */ 3877 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 3878 3879 b43_rate_memory_init(dev); 3880 3881 /* Minimum Contention Window */ 3882 if (phy->type == B43_PHYTYPE_B) { 3883 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 3884 } else { 3885 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 3886 } 3887 /* Maximum Contention Window */ 3888 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 3889 3890 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) { 3891 dev->__using_pio_transfers = 1; 3892 err = b43_pio_init(dev); 3893 } else { 3894 dev->__using_pio_transfers = 0; 3895 err = b43_dma_init(dev); 3896 } 3897 if (err) 3898 goto err_chip_exit; 3899 b43_qos_init(dev); 3900 b43_set_synth_pu_delay(dev, 1); 3901 b43_bluetooth_coext_enable(dev); 3902 3903 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */ 3904 b43_upload_card_macaddress(dev); 3905 b43_security_init(dev); 3906 if (!dev->suspend_in_progress) 3907 b43_rng_init(wl); 3908 3909 b43_set_status(dev, B43_STAT_INITIALIZED); 3910 3911 if (!dev->suspend_in_progress) 3912 b43_leds_init(dev); 3913out: 3914 return err; 3915 3916 err_chip_exit: 3917 b43_chip_exit(dev); 3918 err_kfree_tssitbl: 3919 if (phy->dyn_tssi_tbl) 3920 kfree(phy->tssi2dbm); 3921 err_kfree_lo_control: 3922 kfree(phy->lo_control); 3923 phy->lo_control = NULL; 3924 err_busdown: 3925 ssb_bus_may_powerdown(bus); 3926 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3927 return err; 3928} 3929 3930static int b43_op_add_interface(struct ieee80211_hw *hw, 3931 struct ieee80211_if_init_conf *conf) 3932{ 3933 struct b43_wl *wl = hw_to_b43_wl(hw); 3934 struct b43_wldev *dev; 3935 unsigned long flags; 3936 int err = -EOPNOTSUPP; 3937 3938 /* TODO: allow WDS/AP devices to coexist */ 3939 3940 if (conf->type != IEEE80211_IF_TYPE_AP && 3941 conf->type != IEEE80211_IF_TYPE_STA && 3942 conf->type != IEEE80211_IF_TYPE_WDS && 3943 conf->type != IEEE80211_IF_TYPE_IBSS) 3944 return -EOPNOTSUPP; 3945 3946 mutex_lock(&wl->mutex); 3947 if (wl->operating) 3948 goto out_mutex_unlock; 3949 3950 b43dbg(wl, "Adding Interface type %d\n", conf->type); 3951 3952 dev = wl->current_dev; 3953 wl->operating = 1; 3954 wl->vif = conf->vif; 3955 wl->if_type = conf->type; 3956 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 3957 3958 spin_lock_irqsave(&wl->irq_lock, flags); 3959 b43_adjust_opmode(dev); 3960 b43_set_pretbtt(dev); 3961 b43_set_synth_pu_delay(dev, 0); 3962 b43_upload_card_macaddress(dev); 3963 spin_unlock_irqrestore(&wl->irq_lock, flags); 3964 3965 err = 0; 3966 out_mutex_unlock: 3967 mutex_unlock(&wl->mutex); 3968 3969 return err; 3970} 3971 3972static void b43_op_remove_interface(struct ieee80211_hw *hw, 3973 struct ieee80211_if_init_conf *conf) 3974{ 3975 struct b43_wl *wl = hw_to_b43_wl(hw); 3976 struct b43_wldev *dev = wl->current_dev; 3977 unsigned long flags; 3978 3979 b43dbg(wl, "Removing Interface type %d\n", conf->type); 3980 3981 mutex_lock(&wl->mutex); 3982 3983 B43_WARN_ON(!wl->operating); 3984 B43_WARN_ON(wl->vif != conf->vif); 3985 wl->vif = NULL; 3986 3987 wl->operating = 0; 3988 3989 spin_lock_irqsave(&wl->irq_lock, flags); 3990 b43_adjust_opmode(dev); 3991 memset(wl->mac_addr, 0, ETH_ALEN); 3992 b43_upload_card_macaddress(dev); 3993 spin_unlock_irqrestore(&wl->irq_lock, flags); 3994 3995 mutex_unlock(&wl->mutex); 3996} 3997 3998static int b43_op_start(struct ieee80211_hw *hw) 3999{ 4000 struct b43_wl *wl = hw_to_b43_wl(hw); 4001 struct b43_wldev *dev = wl->current_dev; 4002 int did_init = 0; 4003 int err = 0; 4004 bool do_rfkill_exit = 0; 4005 4006 /* Kill all old instance specific information to make sure 4007 * the card won't use it in the short timeframe between start 4008 * and mac80211 reconfiguring it. */ 4009 memset(wl->bssid, 0, ETH_ALEN); 4010 memset(wl->mac_addr, 0, ETH_ALEN); 4011 wl->filter_flags = 0; 4012 wl->radiotap_enabled = 0; 4013 b43_qos_clear(wl); 4014 4015 /* First register RFkill. 4016 * LEDs that are registered later depend on it. */ 4017 b43_rfkill_init(dev); 4018 4019 mutex_lock(&wl->mutex); 4020 4021 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4022 err = b43_wireless_core_init(dev); 4023 if (err) { 4024 do_rfkill_exit = 1; 4025 goto out_mutex_unlock; 4026 } 4027 did_init = 1; 4028 } 4029 4030 if (b43_status(dev) < B43_STAT_STARTED) { 4031 err = b43_wireless_core_start(dev); 4032 if (err) { 4033 if (did_init) 4034 b43_wireless_core_exit(dev); 4035 do_rfkill_exit = 1; 4036 goto out_mutex_unlock; 4037 } 4038 } 4039 4040 out_mutex_unlock: 4041 mutex_unlock(&wl->mutex); 4042 4043 if (do_rfkill_exit) 4044 b43_rfkill_exit(dev); 4045 4046 return err; 4047} 4048 4049static void b43_op_stop(struct ieee80211_hw *hw) 4050{ 4051 struct b43_wl *wl = hw_to_b43_wl(hw); 4052 struct b43_wldev *dev = wl->current_dev; 4053 4054 b43_rfkill_exit(dev); 4055 cancel_work_sync(&(wl->qos_update_work)); 4056 cancel_work_sync(&(wl->beacon_update_trigger)); 4057 4058 mutex_lock(&wl->mutex); 4059 if (b43_status(dev) >= B43_STAT_STARTED) 4060 b43_wireless_core_stop(dev); 4061 b43_wireless_core_exit(dev); 4062 mutex_unlock(&wl->mutex); 4063} 4064 4065static int b43_op_set_retry_limit(struct ieee80211_hw *hw, 4066 u32 short_retry_limit, u32 long_retry_limit) 4067{ 4068 struct b43_wl *wl = hw_to_b43_wl(hw); 4069 struct b43_wldev *dev; 4070 int err = 0; 4071 4072 mutex_lock(&wl->mutex); 4073 dev = wl->current_dev; 4074 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) { 4075 err = -ENODEV; 4076 goto out_unlock; 4077 } 4078 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit); 4079out_unlock: 4080 mutex_unlock(&wl->mutex); 4081 4082 return err; 4083} 4084 4085static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set) 4086{ 4087 struct b43_wl *wl = hw_to_b43_wl(hw); 4088 struct sk_buff *beacon; 4089 unsigned long flags; 4090 4091 /* We could modify the existing beacon and set the aid bit in 4092 * the TIM field, but that would probably require resizing and 4093 * moving of data within the beacon template. 4094 * Simply request a new beacon and let mac80211 do the hard work. */ 4095 beacon = ieee80211_beacon_get(hw, wl->vif, NULL); 4096 if (unlikely(!beacon)) 4097 return -ENOMEM; 4098 spin_lock_irqsave(&wl->irq_lock, flags); 4099 b43_update_templates(wl, beacon); 4100 spin_unlock_irqrestore(&wl->irq_lock, flags); 4101 4102 return 0; 4103} 4104 4105static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw, 4106 struct sk_buff *beacon, 4107 struct ieee80211_tx_control *ctl) 4108{ 4109 struct b43_wl *wl = hw_to_b43_wl(hw); 4110 unsigned long flags; 4111 4112 spin_lock_irqsave(&wl->irq_lock, flags); 4113 b43_update_templates(wl, beacon); 4114 spin_unlock_irqrestore(&wl->irq_lock, flags); 4115 4116 return 0; 4117} 4118 4119static void b43_op_sta_notify(struct ieee80211_hw *hw, 4120 struct ieee80211_vif *vif, 4121 enum sta_notify_cmd notify_cmd, 4122 const u8 *addr) 4123{ 4124 struct b43_wl *wl = hw_to_b43_wl(hw); 4125 4126 B43_WARN_ON(!vif || wl->vif != vif); 4127} 4128 4129static const struct ieee80211_ops b43_hw_ops = { 4130 .tx = b43_op_tx, 4131 .conf_tx = b43_op_conf_tx, 4132 .add_interface = b43_op_add_interface, 4133 .remove_interface = b43_op_remove_interface, 4134 .config = b43_op_config, 4135 .config_interface = b43_op_config_interface, 4136 .configure_filter = b43_op_configure_filter, 4137 .set_key = b43_op_set_key, 4138 .get_stats = b43_op_get_stats, 4139 .get_tx_stats = b43_op_get_tx_stats, 4140 .start = b43_op_start, 4141 .stop = b43_op_stop, 4142 .set_retry_limit = b43_op_set_retry_limit, 4143 .set_tim = b43_op_beacon_set_tim, 4144 .beacon_update = b43_op_ibss_beacon_update, 4145 .sta_notify = b43_op_sta_notify, 4146}; 4147 4148/* Hard-reset the chip. Do not call this directly. 4149 * Use b43_controller_restart() 4150 */ 4151static void b43_chip_reset(struct work_struct *work) 4152{ 4153 struct b43_wldev *dev = 4154 container_of(work, struct b43_wldev, restart_work); 4155 struct b43_wl *wl = dev->wl; 4156 int err = 0; 4157 int prev_status; 4158 4159 mutex_lock(&wl->mutex); 4160 4161 prev_status = b43_status(dev); 4162 /* Bring the device down... */ 4163 if (prev_status >= B43_STAT_STARTED) 4164 b43_wireless_core_stop(dev); 4165 if (prev_status >= B43_STAT_INITIALIZED) 4166 b43_wireless_core_exit(dev); 4167 4168 /* ...and up again. */ 4169 if (prev_status >= B43_STAT_INITIALIZED) { 4170 err = b43_wireless_core_init(dev); 4171 if (err) 4172 goto out; 4173 } 4174 if (prev_status >= B43_STAT_STARTED) { 4175 err = b43_wireless_core_start(dev); 4176 if (err) { 4177 b43_wireless_core_exit(dev); 4178 goto out; 4179 } 4180 } 4181 out: 4182 mutex_unlock(&wl->mutex); 4183 if (err) 4184 b43err(wl, "Controller restart FAILED\n"); 4185 else 4186 b43info(wl, "Controller restarted\n"); 4187} 4188 4189static int b43_setup_bands(struct b43_wldev *dev, 4190 bool have_2ghz_phy, bool have_5ghz_phy) 4191{ 4192 struct ieee80211_hw *hw = dev->wl->hw; 4193 4194 if (have_2ghz_phy) 4195 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4196 if (dev->phy.type == B43_PHYTYPE_N) { 4197 if (have_5ghz_phy) 4198 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4199 } else { 4200 if (have_5ghz_phy) 4201 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4202 } 4203 4204 dev->phy.supports_2ghz = have_2ghz_phy; 4205 dev->phy.supports_5ghz = have_5ghz_phy; 4206 4207 return 0; 4208} 4209 4210static void b43_wireless_core_detach(struct b43_wldev *dev) 4211{ 4212 /* We release firmware that late to not be required to re-request 4213 * is all the time when we reinit the core. */ 4214 b43_release_firmware(dev); 4215} 4216 4217static int b43_wireless_core_attach(struct b43_wldev *dev) 4218{ 4219 struct b43_wl *wl = dev->wl; 4220 struct ssb_bus *bus = dev->dev->bus; 4221 struct pci_dev *pdev = bus->host_pci; 4222 int err; 4223 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4224 u32 tmp; 4225 4226 /* Do NOT do any device initialization here. 4227 * Do it in wireless_core_init() instead. 4228 * This function is for gathering basic information about the HW, only. 4229 * Also some structs may be set up here. But most likely you want to have 4230 * that in core_init(), too. 4231 */ 4232 4233 err = ssb_bus_powerup(bus, 0); 4234 if (err) { 4235 b43err(wl, "Bus powerup failed\n"); 4236 goto out; 4237 } 4238 /* Get the PHY type. */ 4239 if (dev->dev->id.revision >= 5) { 4240 u32 tmshigh; 4241 4242 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4243 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4244 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4245 } else 4246 B43_WARN_ON(1); 4247 4248 dev->phy.gmode = have_2ghz_phy; 4249 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4250 b43_wireless_core_reset(dev, tmp); 4251 4252 err = b43_phy_versioning(dev); 4253 if (err) 4254 goto err_powerdown; 4255 /* Check if this device supports multiband. */ 4256 if (!pdev || 4257 (pdev->device != 0x4312 && 4258 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4259 /* No multiband support. */ 4260 have_2ghz_phy = 0; 4261 have_5ghz_phy = 0; 4262 switch (dev->phy.type) { 4263 case B43_PHYTYPE_A: 4264 have_5ghz_phy = 1; 4265 break; 4266 case B43_PHYTYPE_G: 4267 case B43_PHYTYPE_N: 4268 have_2ghz_phy = 1; 4269 break; 4270 default: 4271 B43_WARN_ON(1); 4272 } 4273 } 4274 if (dev->phy.type == B43_PHYTYPE_A) { 4275 /* FIXME */ 4276 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4277 err = -EOPNOTSUPP; 4278 goto err_powerdown; 4279 } 4280 dev->phy.gmode = have_2ghz_phy; 4281 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4282 b43_wireless_core_reset(dev, tmp); 4283 4284 err = b43_validate_chipaccess(dev); 4285 if (err) 4286 goto err_powerdown; 4287 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4288 if (err) 4289 goto err_powerdown; 4290 4291 /* Now set some default "current_dev" */ 4292 if (!wl->current_dev) 4293 wl->current_dev = dev; 4294 INIT_WORK(&dev->restart_work, b43_chip_reset); 4295 4296 b43_radio_turn_off(dev, 1); 4297 b43_switch_analog(dev, 0); 4298 ssb_device_disable(dev->dev, 0); 4299 ssb_bus_may_powerdown(bus); 4300 4301out: 4302 return err; 4303 4304err_powerdown: 4305 ssb_bus_may_powerdown(bus); 4306 return err; 4307} 4308 4309static void b43_one_core_detach(struct ssb_device *dev) 4310{ 4311 struct b43_wldev *wldev; 4312 struct b43_wl *wl; 4313 4314 wldev = ssb_get_drvdata(dev); 4315 wl = wldev->wl; 4316 cancel_work_sync(&wldev->restart_work); 4317 b43_debugfs_remove_device(wldev); 4318 b43_wireless_core_detach(wldev); 4319 list_del(&wldev->list); 4320 wl->nr_devs--; 4321 ssb_set_drvdata(dev, NULL); 4322 kfree(wldev); 4323} 4324 4325static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4326{ 4327 struct b43_wldev *wldev; 4328 struct pci_dev *pdev; 4329 int err = -ENOMEM; 4330 4331 if (!list_empty(&wl->devlist)) { 4332 /* We are not the first core on this chip. */ 4333 pdev = dev->bus->host_pci; 4334 /* Only special chips support more than one wireless 4335 * core, although some of the other chips have more than 4336 * one wireless core as well. Check for this and 4337 * bail out early. 4338 */ 4339 if (!pdev || 4340 ((pdev->device != 0x4321) && 4341 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4342 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4343 return -ENODEV; 4344 } 4345 } 4346 4347 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4348 if (!wldev) 4349 goto out; 4350 4351 wldev->dev = dev; 4352 wldev->wl = wl; 4353 b43_set_status(wldev, B43_STAT_UNINIT); 4354 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4355 tasklet_init(&wldev->isr_tasklet, 4356 (void (*)(unsigned long))b43_interrupt_tasklet, 4357 (unsigned long)wldev); 4358 INIT_LIST_HEAD(&wldev->list); 4359 4360 err = b43_wireless_core_attach(wldev); 4361 if (err) 4362 goto err_kfree_wldev; 4363 4364 list_add(&wldev->list, &wl->devlist); 4365 wl->nr_devs++; 4366 ssb_set_drvdata(dev, wldev); 4367 b43_debugfs_add_device(wldev); 4368 4369 out: 4370 return err; 4371 4372 err_kfree_wldev: 4373 kfree(wldev); 4374 return err; 4375} 4376 4377static void b43_sprom_fixup(struct ssb_bus *bus) 4378{ 4379 /* boardflags workarounds */ 4380 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4381 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4382 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4383 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4384 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4385 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4386} 4387 4388static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4389{ 4390 struct ieee80211_hw *hw = wl->hw; 4391 4392 ssb_set_devtypedata(dev, NULL); 4393 ieee80211_free_hw(hw); 4394} 4395 4396static int b43_wireless_init(struct ssb_device *dev) 4397{ 4398 struct ssb_sprom *sprom = &dev->bus->sprom; 4399 struct ieee80211_hw *hw; 4400 struct b43_wl *wl; 4401 int err = -ENOMEM; 4402 4403 b43_sprom_fixup(dev->bus); 4404 4405 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4406 if (!hw) { 4407 b43err(NULL, "Could not allocate ieee80211 device\n"); 4408 goto out; 4409 } 4410 4411 /* fill hw info */ 4412 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE | 4413 IEEE80211_HW_RX_INCLUDES_FCS; 4414 hw->max_signal = 100; 4415 hw->max_rssi = -110; 4416 hw->max_noise = -110; 4417 hw->queues = b43_modparam_qos ? 4 : 1; 4418 SET_IEEE80211_DEV(hw, dev->dev); 4419 if (is_valid_ether_addr(sprom->et1mac)) 4420 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4421 else 4422 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4423 4424 /* Get and initialize struct b43_wl */ 4425 wl = hw_to_b43_wl(hw); 4426 memset(wl, 0, sizeof(*wl)); 4427 wl->hw = hw; 4428 spin_lock_init(&wl->irq_lock); 4429 spin_lock_init(&wl->leds_lock); 4430 spin_lock_init(&wl->shm_lock); 4431 mutex_init(&wl->mutex); 4432 INIT_LIST_HEAD(&wl->devlist); 4433 INIT_WORK(&wl->qos_update_work, b43_qos_update_work); 4434 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4435 4436 ssb_set_devtypedata(dev, wl); 4437 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id); 4438 err = 0; 4439 out: 4440 return err; 4441} 4442 4443static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4444{ 4445 struct b43_wl *wl; 4446 int err; 4447 int first = 0; 4448 4449 wl = ssb_get_devtypedata(dev); 4450 if (!wl) { 4451 /* Probing the first core. Must setup common struct b43_wl */ 4452 first = 1; 4453 err = b43_wireless_init(dev); 4454 if (err) 4455 goto out; 4456 wl = ssb_get_devtypedata(dev); 4457 B43_WARN_ON(!wl); 4458 } 4459 err = b43_one_core_attach(dev, wl); 4460 if (err) 4461 goto err_wireless_exit; 4462 4463 if (first) { 4464 err = ieee80211_register_hw(wl->hw); 4465 if (err) 4466 goto err_one_core_detach; 4467 } 4468 4469 out: 4470 return err; 4471 4472 err_one_core_detach: 4473 b43_one_core_detach(dev); 4474 err_wireless_exit: 4475 if (first) 4476 b43_wireless_exit(dev, wl); 4477 return err; 4478} 4479 4480static void b43_remove(struct ssb_device *dev) 4481{ 4482 struct b43_wl *wl = ssb_get_devtypedata(dev); 4483 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4484 4485 B43_WARN_ON(!wl); 4486 if (wl->current_dev == wldev) 4487 ieee80211_unregister_hw(wl->hw); 4488 4489 b43_one_core_detach(dev); 4490 4491 if (list_empty(&wl->devlist)) { 4492 /* Last core on the chip unregistered. 4493 * We can destroy common struct b43_wl. 4494 */ 4495 b43_wireless_exit(dev, wl); 4496 } 4497} 4498 4499/* Perform a hardware reset. This can be called from any context. */ 4500void b43_controller_restart(struct b43_wldev *dev, const char *reason) 4501{ 4502 /* Must avoid requeueing, if we are in shutdown. */ 4503 if (b43_status(dev) < B43_STAT_INITIALIZED) 4504 return; 4505 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 4506 queue_work(dev->wl->hw->workqueue, &dev->restart_work); 4507} 4508 4509#ifdef CONFIG_PM 4510 4511static int b43_suspend(struct ssb_device *dev, pm_message_t state) 4512{ 4513 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4514 struct b43_wl *wl = wldev->wl; 4515 4516 b43dbg(wl, "Suspending...\n"); 4517 4518 mutex_lock(&wl->mutex); 4519 wldev->suspend_in_progress = true; 4520 wldev->suspend_init_status = b43_status(wldev); 4521 if (wldev->suspend_init_status >= B43_STAT_STARTED) 4522 b43_wireless_core_stop(wldev); 4523 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) 4524 b43_wireless_core_exit(wldev); 4525 mutex_unlock(&wl->mutex); 4526 4527 b43dbg(wl, "Device suspended.\n"); 4528 4529 return 0; 4530} 4531 4532static int b43_resume(struct ssb_device *dev) 4533{ 4534 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4535 struct b43_wl *wl = wldev->wl; 4536 int err = 0; 4537 4538 b43dbg(wl, "Resuming...\n"); 4539 4540 mutex_lock(&wl->mutex); 4541 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) { 4542 err = b43_wireless_core_init(wldev); 4543 if (err) { 4544 b43err(wl, "Resume failed at core init\n"); 4545 goto out; 4546 } 4547 } 4548 if (wldev->suspend_init_status >= B43_STAT_STARTED) { 4549 err = b43_wireless_core_start(wldev); 4550 if (err) { 4551 b43_leds_exit(wldev); 4552 b43_rng_exit(wldev->wl, true); 4553 b43_wireless_core_exit(wldev); 4554 b43err(wl, "Resume failed at core start\n"); 4555 goto out; 4556 } 4557 } 4558 b43dbg(wl, "Device resumed.\n"); 4559 out: 4560 wldev->suspend_in_progress = false; 4561 mutex_unlock(&wl->mutex); 4562 return err; 4563} 4564 4565#else /* CONFIG_PM */ 4566# define b43_suspend NULL 4567# define b43_resume NULL 4568#endif /* CONFIG_PM */ 4569 4570static struct ssb_driver b43_ssb_driver = { 4571 .name = KBUILD_MODNAME, 4572 .id_table = b43_ssb_tbl, 4573 .probe = b43_probe, 4574 .remove = b43_remove, 4575 .suspend = b43_suspend, 4576 .resume = b43_resume, 4577}; 4578 4579static void b43_print_driverinfo(void) 4580{ 4581 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 4582 *feat_leds = "", *feat_rfkill = ""; 4583 4584#ifdef CONFIG_B43_PCI_AUTOSELECT 4585 feat_pci = "P"; 4586#endif 4587#ifdef CONFIG_B43_PCMCIA 4588 feat_pcmcia = "M"; 4589#endif 4590#ifdef CONFIG_B43_NPHY 4591 feat_nphy = "N"; 4592#endif 4593#ifdef CONFIG_B43_LEDS 4594 feat_leds = "L"; 4595#endif 4596#ifdef CONFIG_B43_RFKILL 4597 feat_rfkill = "R"; 4598#endif 4599 printk(KERN_INFO "Broadcom 43xx driver loaded " 4600 "[ Features: %s%s%s%s%s, Firmware-ID: " 4601 B43_SUPPORTED_FIRMWARE_ID " ]\n", 4602 feat_pci, feat_pcmcia, feat_nphy, 4603 feat_leds, feat_rfkill); 4604} 4605 4606static int __init b43_init(void) 4607{ 4608 int err; 4609 4610 b43_debugfs_init(); 4611 err = b43_pcmcia_init(); 4612 if (err) 4613 goto err_dfs_exit; 4614 err = ssb_driver_register(&b43_ssb_driver); 4615 if (err) 4616 goto err_pcmcia_exit; 4617 b43_print_driverinfo(); 4618 4619 return err; 4620 4621err_pcmcia_exit: 4622 b43_pcmcia_exit(); 4623err_dfs_exit: 4624 b43_debugfs_exit(); 4625 return err; 4626} 4627 4628static void __exit b43_exit(void) 4629{ 4630 ssb_driver_unregister(&b43_ssb_driver); 4631 b43_pcmcia_exit(); 4632 b43_debugfs_exit(); 4633} 4634 4635module_init(b43_init) 4636module_exit(b43_exit) 4637