main.c revision c9e8eae0935f03e2d03a7ad7af80d8fc6c53e68c
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 Some parts of the code in this file are derived from the ipw2200 12 driver Copyright(c) 2003 - 2004 Intel Corporation. 13 14 This program is free software; you can redistribute it and/or modify 15 it under the terms of the GNU General Public License as published by 16 the Free Software Foundation; either version 2 of the License, or 17 (at your option) any later version. 18 19 This program is distributed in the hope that it will be useful, 20 but WITHOUT ANY WARRANTY; without even the implied warranty of 21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 GNU General Public License for more details. 23 24 You should have received a copy of the GNU General Public License 25 along with this program; see the file COPYING. If not, write to 26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 27 Boston, MA 02110-1301, USA. 28 29*/ 30 31#include <linux/delay.h> 32#include <linux/init.h> 33#include <linux/moduleparam.h> 34#include <linux/if_arp.h> 35#include <linux/etherdevice.h> 36#include <linux/version.h> 37#include <linux/firmware.h> 38#include <linux/wireless.h> 39#include <linux/workqueue.h> 40#include <linux/skbuff.h> 41#include <linux/io.h> 42#include <linux/dma-mapping.h> 43#include <asm/unaligned.h> 44 45#include "b43.h" 46#include "main.h" 47#include "debugfs.h" 48#include "phy.h" 49#include "nphy.h" 50#include "dma.h" 51#include "pio.h" 52#include "sysfs.h" 53#include "xmit.h" 54#include "lo.h" 55#include "pcmcia.h" 56 57MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 58MODULE_AUTHOR("Martin Langer"); 59MODULE_AUTHOR("Stefano Brivio"); 60MODULE_AUTHOR("Michael Buesch"); 61MODULE_LICENSE("GPL"); 62 63MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 64 65 66static int modparam_bad_frames_preempt; 67module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 68MODULE_PARM_DESC(bad_frames_preempt, 69 "enable(1) / disable(0) Bad Frames Preemption"); 70 71static char modparam_fwpostfix[16]; 72module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 73MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 74 75static int modparam_hwpctl; 76module_param_named(hwpctl, modparam_hwpctl, int, 0444); 77MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 78 79static int modparam_nohwcrypt; 80module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 81MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 82 83int b43_modparam_qos = 1; 84module_param_named(qos, b43_modparam_qos, int, 0444); 85MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 86 87static int modparam_btcoex = 1; 88module_param_named(btcoex, modparam_btcoex, int, 0444); 89MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistance (default on)"); 90 91 92static const struct ssb_device_id b43_ssb_tbl[] = { 93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 96 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 97 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 98 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 99 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 100 SSB_DEVTABLE_END 101}; 102 103MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 104 105/* Channel and ratetables are shared for all devices. 106 * They can't be const, because ieee80211 puts some precalculated 107 * data in there. This data is the same for all devices, so we don't 108 * get concurrency issues */ 109#define RATETAB_ENT(_rateid, _flags) \ 110 { \ 111 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 112 .hw_value = (_rateid), \ 113 .flags = (_flags), \ 114 } 115 116/* 117 * NOTE: When changing this, sync with xmit.c's 118 * b43_plcp_get_bitrate_idx_* functions! 119 */ 120static struct ieee80211_rate __b43_ratetable[] = { 121 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 122 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 123 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 124 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 125 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 126 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 127 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 128 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 129 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 130 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 131 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 132 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 133}; 134 135#define b43_a_ratetable (__b43_ratetable + 4) 136#define b43_a_ratetable_size 8 137#define b43_b_ratetable (__b43_ratetable + 0) 138#define b43_b_ratetable_size 4 139#define b43_g_ratetable (__b43_ratetable + 0) 140#define b43_g_ratetable_size 12 141 142#define CHAN4G(_channel, _freq, _flags) { \ 143 .band = IEEE80211_BAND_2GHZ, \ 144 .center_freq = (_freq), \ 145 .hw_value = (_channel), \ 146 .flags = (_flags), \ 147 .max_antenna_gain = 0, \ 148 .max_power = 30, \ 149} 150static struct ieee80211_channel b43_2ghz_chantable[] = { 151 CHAN4G(1, 2412, 0), 152 CHAN4G(2, 2417, 0), 153 CHAN4G(3, 2422, 0), 154 CHAN4G(4, 2427, 0), 155 CHAN4G(5, 2432, 0), 156 CHAN4G(6, 2437, 0), 157 CHAN4G(7, 2442, 0), 158 CHAN4G(8, 2447, 0), 159 CHAN4G(9, 2452, 0), 160 CHAN4G(10, 2457, 0), 161 CHAN4G(11, 2462, 0), 162 CHAN4G(12, 2467, 0), 163 CHAN4G(13, 2472, 0), 164 CHAN4G(14, 2484, 0), 165}; 166#undef CHAN4G 167 168#define CHAN5G(_channel, _flags) { \ 169 .band = IEEE80211_BAND_5GHZ, \ 170 .center_freq = 5000 + (5 * (_channel)), \ 171 .hw_value = (_channel), \ 172 .flags = (_flags), \ 173 .max_antenna_gain = 0, \ 174 .max_power = 30, \ 175} 176static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 177 CHAN5G(32, 0), CHAN5G(34, 0), 178 CHAN5G(36, 0), CHAN5G(38, 0), 179 CHAN5G(40, 0), CHAN5G(42, 0), 180 CHAN5G(44, 0), CHAN5G(46, 0), 181 CHAN5G(48, 0), CHAN5G(50, 0), 182 CHAN5G(52, 0), CHAN5G(54, 0), 183 CHAN5G(56, 0), CHAN5G(58, 0), 184 CHAN5G(60, 0), CHAN5G(62, 0), 185 CHAN5G(64, 0), CHAN5G(66, 0), 186 CHAN5G(68, 0), CHAN5G(70, 0), 187 CHAN5G(72, 0), CHAN5G(74, 0), 188 CHAN5G(76, 0), CHAN5G(78, 0), 189 CHAN5G(80, 0), CHAN5G(82, 0), 190 CHAN5G(84, 0), CHAN5G(86, 0), 191 CHAN5G(88, 0), CHAN5G(90, 0), 192 CHAN5G(92, 0), CHAN5G(94, 0), 193 CHAN5G(96, 0), CHAN5G(98, 0), 194 CHAN5G(100, 0), CHAN5G(102, 0), 195 CHAN5G(104, 0), CHAN5G(106, 0), 196 CHAN5G(108, 0), CHAN5G(110, 0), 197 CHAN5G(112, 0), CHAN5G(114, 0), 198 CHAN5G(116, 0), CHAN5G(118, 0), 199 CHAN5G(120, 0), CHAN5G(122, 0), 200 CHAN5G(124, 0), CHAN5G(126, 0), 201 CHAN5G(128, 0), CHAN5G(130, 0), 202 CHAN5G(132, 0), CHAN5G(134, 0), 203 CHAN5G(136, 0), CHAN5G(138, 0), 204 CHAN5G(140, 0), CHAN5G(142, 0), 205 CHAN5G(144, 0), CHAN5G(145, 0), 206 CHAN5G(146, 0), CHAN5G(147, 0), 207 CHAN5G(148, 0), CHAN5G(149, 0), 208 CHAN5G(150, 0), CHAN5G(151, 0), 209 CHAN5G(152, 0), CHAN5G(153, 0), 210 CHAN5G(154, 0), CHAN5G(155, 0), 211 CHAN5G(156, 0), CHAN5G(157, 0), 212 CHAN5G(158, 0), CHAN5G(159, 0), 213 CHAN5G(160, 0), CHAN5G(161, 0), 214 CHAN5G(162, 0), CHAN5G(163, 0), 215 CHAN5G(164, 0), CHAN5G(165, 0), 216 CHAN5G(166, 0), CHAN5G(168, 0), 217 CHAN5G(170, 0), CHAN5G(172, 0), 218 CHAN5G(174, 0), CHAN5G(176, 0), 219 CHAN5G(178, 0), CHAN5G(180, 0), 220 CHAN5G(182, 0), CHAN5G(184, 0), 221 CHAN5G(186, 0), CHAN5G(188, 0), 222 CHAN5G(190, 0), CHAN5G(192, 0), 223 CHAN5G(194, 0), CHAN5G(196, 0), 224 CHAN5G(198, 0), CHAN5G(200, 0), 225 CHAN5G(202, 0), CHAN5G(204, 0), 226 CHAN5G(206, 0), CHAN5G(208, 0), 227 CHAN5G(210, 0), CHAN5G(212, 0), 228 CHAN5G(214, 0), CHAN5G(216, 0), 229 CHAN5G(218, 0), CHAN5G(220, 0), 230 CHAN5G(222, 0), CHAN5G(224, 0), 231 CHAN5G(226, 0), CHAN5G(228, 0), 232}; 233 234static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 235 CHAN5G(34, 0), CHAN5G(36, 0), 236 CHAN5G(38, 0), CHAN5G(40, 0), 237 CHAN5G(42, 0), CHAN5G(44, 0), 238 CHAN5G(46, 0), CHAN5G(48, 0), 239 CHAN5G(52, 0), CHAN5G(56, 0), 240 CHAN5G(60, 0), CHAN5G(64, 0), 241 CHAN5G(100, 0), CHAN5G(104, 0), 242 CHAN5G(108, 0), CHAN5G(112, 0), 243 CHAN5G(116, 0), CHAN5G(120, 0), 244 CHAN5G(124, 0), CHAN5G(128, 0), 245 CHAN5G(132, 0), CHAN5G(136, 0), 246 CHAN5G(140, 0), CHAN5G(149, 0), 247 CHAN5G(153, 0), CHAN5G(157, 0), 248 CHAN5G(161, 0), CHAN5G(165, 0), 249 CHAN5G(184, 0), CHAN5G(188, 0), 250 CHAN5G(192, 0), CHAN5G(196, 0), 251 CHAN5G(200, 0), CHAN5G(204, 0), 252 CHAN5G(208, 0), CHAN5G(212, 0), 253 CHAN5G(216, 0), 254}; 255#undef CHAN5G 256 257static struct ieee80211_supported_band b43_band_5GHz_nphy = { 258 .band = IEEE80211_BAND_5GHZ, 259 .channels = b43_5ghz_nphy_chantable, 260 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 261 .bitrates = b43_a_ratetable, 262 .n_bitrates = b43_a_ratetable_size, 263}; 264 265static struct ieee80211_supported_band b43_band_5GHz_aphy = { 266 .band = IEEE80211_BAND_5GHZ, 267 .channels = b43_5ghz_aphy_chantable, 268 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 269 .bitrates = b43_a_ratetable, 270 .n_bitrates = b43_a_ratetable_size, 271}; 272 273static struct ieee80211_supported_band b43_band_2GHz = { 274 .band = IEEE80211_BAND_2GHZ, 275 .channels = b43_2ghz_chantable, 276 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 277 .bitrates = b43_g_ratetable, 278 .n_bitrates = b43_g_ratetable_size, 279}; 280 281static void b43_wireless_core_exit(struct b43_wldev *dev); 282static int b43_wireless_core_init(struct b43_wldev *dev); 283static void b43_wireless_core_stop(struct b43_wldev *dev); 284static int b43_wireless_core_start(struct b43_wldev *dev); 285 286static int b43_ratelimit(struct b43_wl *wl) 287{ 288 if (!wl || !wl->current_dev) 289 return 1; 290 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 291 return 1; 292 /* We are up and running. 293 * Ratelimit the messages to avoid DoS over the net. */ 294 return net_ratelimit(); 295} 296 297void b43info(struct b43_wl *wl, const char *fmt, ...) 298{ 299 va_list args; 300 301 if (!b43_ratelimit(wl)) 302 return; 303 va_start(args, fmt); 304 printk(KERN_INFO "b43-%s: ", 305 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 306 vprintk(fmt, args); 307 va_end(args); 308} 309 310void b43err(struct b43_wl *wl, const char *fmt, ...) 311{ 312 va_list args; 313 314 if (!b43_ratelimit(wl)) 315 return; 316 va_start(args, fmt); 317 printk(KERN_ERR "b43-%s ERROR: ", 318 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 319 vprintk(fmt, args); 320 va_end(args); 321} 322 323void b43warn(struct b43_wl *wl, const char *fmt, ...) 324{ 325 va_list args; 326 327 if (!b43_ratelimit(wl)) 328 return; 329 va_start(args, fmt); 330 printk(KERN_WARNING "b43-%s warning: ", 331 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 332 vprintk(fmt, args); 333 va_end(args); 334} 335 336#if B43_DEBUG 337void b43dbg(struct b43_wl *wl, const char *fmt, ...) 338{ 339 va_list args; 340 341 va_start(args, fmt); 342 printk(KERN_DEBUG "b43-%s debug: ", 343 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 344 vprintk(fmt, args); 345 va_end(args); 346} 347#endif /* DEBUG */ 348 349static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 350{ 351 u32 macctl; 352 353 B43_WARN_ON(offset % 4 != 0); 354 355 macctl = b43_read32(dev, B43_MMIO_MACCTL); 356 if (macctl & B43_MACCTL_BE) 357 val = swab32(val); 358 359 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 360 mmiowb(); 361 b43_write32(dev, B43_MMIO_RAM_DATA, val); 362} 363 364static inline void b43_shm_control_word(struct b43_wldev *dev, 365 u16 routing, u16 offset) 366{ 367 u32 control; 368 369 /* "offset" is the WORD offset. */ 370 control = routing; 371 control <<= 16; 372 control |= offset; 373 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 374} 375 376u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 377{ 378 struct b43_wl *wl = dev->wl; 379 unsigned long flags; 380 u32 ret; 381 382 spin_lock_irqsave(&wl->shm_lock, flags); 383 if (routing == B43_SHM_SHARED) { 384 B43_WARN_ON(offset & 0x0001); 385 if (offset & 0x0003) { 386 /* Unaligned access */ 387 b43_shm_control_word(dev, routing, offset >> 2); 388 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 389 ret <<= 16; 390 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 391 ret |= b43_read16(dev, B43_MMIO_SHM_DATA); 392 393 goto out; 394 } 395 offset >>= 2; 396 } 397 b43_shm_control_word(dev, routing, offset); 398 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 399out: 400 spin_unlock_irqrestore(&wl->shm_lock, flags); 401 402 return ret; 403} 404 405u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset) 406{ 407 struct b43_wl *wl = dev->wl; 408 unsigned long flags; 409 u16 ret; 410 411 spin_lock_irqsave(&wl->shm_lock, flags); 412 if (routing == B43_SHM_SHARED) { 413 B43_WARN_ON(offset & 0x0001); 414 if (offset & 0x0003) { 415 /* Unaligned access */ 416 b43_shm_control_word(dev, routing, offset >> 2); 417 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 418 419 goto out; 420 } 421 offset >>= 2; 422 } 423 b43_shm_control_word(dev, routing, offset); 424 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 425out: 426 spin_unlock_irqrestore(&wl->shm_lock, flags); 427 428 return ret; 429} 430 431void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 432{ 433 struct b43_wl *wl = dev->wl; 434 unsigned long flags; 435 436 spin_lock_irqsave(&wl->shm_lock, flags); 437 if (routing == B43_SHM_SHARED) { 438 B43_WARN_ON(offset & 0x0001); 439 if (offset & 0x0003) { 440 /* Unaligned access */ 441 b43_shm_control_word(dev, routing, offset >> 2); 442 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 443 (value >> 16) & 0xffff); 444 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 445 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff); 446 goto out; 447 } 448 offset >>= 2; 449 } 450 b43_shm_control_word(dev, routing, offset); 451 b43_write32(dev, B43_MMIO_SHM_DATA, value); 452out: 453 spin_unlock_irqrestore(&wl->shm_lock, flags); 454} 455 456void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 457{ 458 struct b43_wl *wl = dev->wl; 459 unsigned long flags; 460 461 spin_lock_irqsave(&wl->shm_lock, flags); 462 if (routing == B43_SHM_SHARED) { 463 B43_WARN_ON(offset & 0x0001); 464 if (offset & 0x0003) { 465 /* Unaligned access */ 466 b43_shm_control_word(dev, routing, offset >> 2); 467 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 468 goto out; 469 } 470 offset >>= 2; 471 } 472 b43_shm_control_word(dev, routing, offset); 473 b43_write16(dev, B43_MMIO_SHM_DATA, value); 474out: 475 spin_unlock_irqrestore(&wl->shm_lock, flags); 476} 477 478/* Read HostFlags */ 479u64 b43_hf_read(struct b43_wldev * dev) 480{ 481 u64 ret; 482 483 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 484 ret <<= 16; 485 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 486 ret <<= 16; 487 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 488 489 return ret; 490} 491 492/* Write HostFlags */ 493void b43_hf_write(struct b43_wldev *dev, u64 value) 494{ 495 u16 lo, mi, hi; 496 497 lo = (value & 0x00000000FFFFULL); 498 mi = (value & 0x0000FFFF0000ULL) >> 16; 499 hi = (value & 0xFFFF00000000ULL) >> 32; 500 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 501 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 502 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 503} 504 505void b43_tsf_read(struct b43_wldev *dev, u64 * tsf) 506{ 507 /* We need to be careful. As we read the TSF from multiple 508 * registers, we should take care of register overflows. 509 * In theory, the whole tsf read process should be atomic. 510 * We try to be atomic here, by restaring the read process, 511 * if any of the high registers changed (overflew). 512 */ 513 if (dev->dev->id.revision >= 3) { 514 u32 low, high, high2; 515 516 do { 517 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 518 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 519 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 520 } while (unlikely(high != high2)); 521 522 *tsf = high; 523 *tsf <<= 32; 524 *tsf |= low; 525 } else { 526 u64 tmp; 527 u16 v0, v1, v2, v3; 528 u16 test1, test2, test3; 529 530 do { 531 v3 = b43_read16(dev, B43_MMIO_TSF_3); 532 v2 = b43_read16(dev, B43_MMIO_TSF_2); 533 v1 = b43_read16(dev, B43_MMIO_TSF_1); 534 v0 = b43_read16(dev, B43_MMIO_TSF_0); 535 536 test3 = b43_read16(dev, B43_MMIO_TSF_3); 537 test2 = b43_read16(dev, B43_MMIO_TSF_2); 538 test1 = b43_read16(dev, B43_MMIO_TSF_1); 539 } while (v3 != test3 || v2 != test2 || v1 != test1); 540 541 *tsf = v3; 542 *tsf <<= 48; 543 tmp = v2; 544 tmp <<= 32; 545 *tsf |= tmp; 546 tmp = v1; 547 tmp <<= 16; 548 *tsf |= tmp; 549 *tsf |= v0; 550 } 551} 552 553static void b43_time_lock(struct b43_wldev *dev) 554{ 555 u32 macctl; 556 557 macctl = b43_read32(dev, B43_MMIO_MACCTL); 558 macctl |= B43_MACCTL_TBTTHOLD; 559 b43_write32(dev, B43_MMIO_MACCTL, macctl); 560 /* Commit the write */ 561 b43_read32(dev, B43_MMIO_MACCTL); 562} 563 564static void b43_time_unlock(struct b43_wldev *dev) 565{ 566 u32 macctl; 567 568 macctl = b43_read32(dev, B43_MMIO_MACCTL); 569 macctl &= ~B43_MACCTL_TBTTHOLD; 570 b43_write32(dev, B43_MMIO_MACCTL, macctl); 571 /* Commit the write */ 572 b43_read32(dev, B43_MMIO_MACCTL); 573} 574 575static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 576{ 577 /* Be careful with the in-progress timer. 578 * First zero out the low register, so we have a full 579 * register-overflow duration to complete the operation. 580 */ 581 if (dev->dev->id.revision >= 3) { 582 u32 lo = (tsf & 0x00000000FFFFFFFFULL); 583 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32; 584 585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0); 586 mmiowb(); 587 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi); 588 mmiowb(); 589 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo); 590 } else { 591 u16 v0 = (tsf & 0x000000000000FFFFULL); 592 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16; 593 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32; 594 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48; 595 596 b43_write16(dev, B43_MMIO_TSF_0, 0); 597 mmiowb(); 598 b43_write16(dev, B43_MMIO_TSF_3, v3); 599 mmiowb(); 600 b43_write16(dev, B43_MMIO_TSF_2, v2); 601 mmiowb(); 602 b43_write16(dev, B43_MMIO_TSF_1, v1); 603 mmiowb(); 604 b43_write16(dev, B43_MMIO_TSF_0, v0); 605 } 606} 607 608void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 609{ 610 b43_time_lock(dev); 611 b43_tsf_write_locked(dev, tsf); 612 b43_time_unlock(dev); 613} 614 615static 616void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac) 617{ 618 static const u8 zero_addr[ETH_ALEN] = { 0 }; 619 u16 data; 620 621 if (!mac) 622 mac = zero_addr; 623 624 offset |= 0x0020; 625 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 626 627 data = mac[0]; 628 data |= mac[1] << 8; 629 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 630 data = mac[2]; 631 data |= mac[3] << 8; 632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 633 data = mac[4]; 634 data |= mac[5] << 8; 635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 636} 637 638static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 639{ 640 const u8 *mac; 641 const u8 *bssid; 642 u8 mac_bssid[ETH_ALEN * 2]; 643 int i; 644 u32 tmp; 645 646 bssid = dev->wl->bssid; 647 mac = dev->wl->mac_addr; 648 649 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 650 651 memcpy(mac_bssid, mac, ETH_ALEN); 652 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 653 654 /* Write our MAC address and BSSID to template ram */ 655 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 656 tmp = (u32) (mac_bssid[i + 0]); 657 tmp |= (u32) (mac_bssid[i + 1]) << 8; 658 tmp |= (u32) (mac_bssid[i + 2]) << 16; 659 tmp |= (u32) (mac_bssid[i + 3]) << 24; 660 b43_ram_write(dev, 0x20 + i, tmp); 661 } 662} 663 664static void b43_upload_card_macaddress(struct b43_wldev *dev) 665{ 666 b43_write_mac_bssid_templates(dev); 667 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 668} 669 670static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 671{ 672 /* slot_time is in usec. */ 673 if (dev->phy.type != B43_PHYTYPE_G) 674 return; 675 b43_write16(dev, 0x684, 510 + slot_time); 676 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 677} 678 679static void b43_short_slot_timing_enable(struct b43_wldev *dev) 680{ 681 b43_set_slot_time(dev, 9); 682 dev->short_slot = 1; 683} 684 685static void b43_short_slot_timing_disable(struct b43_wldev *dev) 686{ 687 b43_set_slot_time(dev, 20); 688 dev->short_slot = 0; 689} 690 691/* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable. 692 * Returns the _previously_ enabled IRQ mask. 693 */ 694static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask) 695{ 696 u32 old_mask; 697 698 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 699 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask); 700 701 return old_mask; 702} 703 704/* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable. 705 * Returns the _previously_ enabled IRQ mask. 706 */ 707static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask) 708{ 709 u32 old_mask; 710 711 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 712 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask); 713 714 return old_mask; 715} 716 717/* Synchronize IRQ top- and bottom-half. 718 * IRQs must be masked before calling this. 719 * This must not be called with the irq_lock held. 720 */ 721static void b43_synchronize_irq(struct b43_wldev *dev) 722{ 723 synchronize_irq(dev->dev->irq); 724 tasklet_kill(&dev->isr_tasklet); 725} 726 727/* DummyTransmission function, as documented on 728 * http://bcm-specs.sipsolutions.net/DummyTransmission 729 */ 730void b43_dummy_transmission(struct b43_wldev *dev) 731{ 732 struct b43_wl *wl = dev->wl; 733 struct b43_phy *phy = &dev->phy; 734 unsigned int i, max_loop; 735 u16 value; 736 u32 buffer[5] = { 737 0x00000000, 738 0x00D40000, 739 0x00000000, 740 0x01000000, 741 0x00000000, 742 }; 743 744 switch (phy->type) { 745 case B43_PHYTYPE_A: 746 max_loop = 0x1E; 747 buffer[0] = 0x000201CC; 748 break; 749 case B43_PHYTYPE_B: 750 case B43_PHYTYPE_G: 751 max_loop = 0xFA; 752 buffer[0] = 0x000B846E; 753 break; 754 default: 755 B43_WARN_ON(1); 756 return; 757 } 758 759 spin_lock_irq(&wl->irq_lock); 760 write_lock(&wl->tx_lock); 761 762 for (i = 0; i < 5; i++) 763 b43_ram_write(dev, i * 4, buffer[i]); 764 765 /* Commit writes */ 766 b43_read32(dev, B43_MMIO_MACCTL); 767 768 b43_write16(dev, 0x0568, 0x0000); 769 b43_write16(dev, 0x07C0, 0x0000); 770 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0); 771 b43_write16(dev, 0x050C, value); 772 b43_write16(dev, 0x0508, 0x0000); 773 b43_write16(dev, 0x050A, 0x0000); 774 b43_write16(dev, 0x054C, 0x0000); 775 b43_write16(dev, 0x056A, 0x0014); 776 b43_write16(dev, 0x0568, 0x0826); 777 b43_write16(dev, 0x0500, 0x0000); 778 b43_write16(dev, 0x0502, 0x0030); 779 780 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 781 b43_radio_write16(dev, 0x0051, 0x0017); 782 for (i = 0x00; i < max_loop; i++) { 783 value = b43_read16(dev, 0x050E); 784 if (value & 0x0080) 785 break; 786 udelay(10); 787 } 788 for (i = 0x00; i < 0x0A; i++) { 789 value = b43_read16(dev, 0x050E); 790 if (value & 0x0400) 791 break; 792 udelay(10); 793 } 794 for (i = 0x00; i < 0x0A; i++) { 795 value = b43_read16(dev, 0x0690); 796 if (!(value & 0x0100)) 797 break; 798 udelay(10); 799 } 800 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 801 b43_radio_write16(dev, 0x0051, 0x0037); 802 803 write_unlock(&wl->tx_lock); 804 spin_unlock_irq(&wl->irq_lock); 805} 806 807static void key_write(struct b43_wldev *dev, 808 u8 index, u8 algorithm, const u8 * key) 809{ 810 unsigned int i; 811 u32 offset; 812 u16 value; 813 u16 kidx; 814 815 /* Key index/algo block */ 816 kidx = b43_kidx_to_fw(dev, index); 817 value = ((kidx << 4) | algorithm); 818 b43_shm_write16(dev, B43_SHM_SHARED, 819 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 820 821 /* Write the key to the Key Table Pointer offset */ 822 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 823 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 824 value = key[i]; 825 value |= (u16) (key[i + 1]) << 8; 826 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 827 } 828} 829 830static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr) 831{ 832 u32 addrtmp[2] = { 0, 0, }; 833 u8 per_sta_keys_start = 8; 834 835 if (b43_new_kidx_api(dev)) 836 per_sta_keys_start = 4; 837 838 B43_WARN_ON(index < per_sta_keys_start); 839 /* We have two default TX keys and possibly two default RX keys. 840 * Physical mac 0 is mapped to physical key 4 or 8, depending 841 * on the firmware version. 842 * So we must adjust the index here. 843 */ 844 index -= per_sta_keys_start; 845 846 if (addr) { 847 addrtmp[0] = addr[0]; 848 addrtmp[0] |= ((u32) (addr[1]) << 8); 849 addrtmp[0] |= ((u32) (addr[2]) << 16); 850 addrtmp[0] |= ((u32) (addr[3]) << 24); 851 addrtmp[1] = addr[4]; 852 addrtmp[1] |= ((u32) (addr[5]) << 8); 853 } 854 855 if (dev->dev->id.revision >= 5) { 856 /* Receive match transmitter address mechanism */ 857 b43_shm_write32(dev, B43_SHM_RCMTA, 858 (index * 2) + 0, addrtmp[0]); 859 b43_shm_write16(dev, B43_SHM_RCMTA, 860 (index * 2) + 1, addrtmp[1]); 861 } else { 862 /* RXE (Receive Engine) and 863 * PSM (Programmable State Machine) mechanism 864 */ 865 if (index < 8) { 866 /* TODO write to RCM 16, 19, 22 and 25 */ 867 } else { 868 b43_shm_write32(dev, B43_SHM_SHARED, 869 B43_SHM_SH_PSM + (index * 6) + 0, 870 addrtmp[0]); 871 b43_shm_write16(dev, B43_SHM_SHARED, 872 B43_SHM_SH_PSM + (index * 6) + 4, 873 addrtmp[1]); 874 } 875 } 876} 877 878static void do_key_write(struct b43_wldev *dev, 879 u8 index, u8 algorithm, 880 const u8 * key, size_t key_len, const u8 * mac_addr) 881{ 882 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 883 u8 per_sta_keys_start = 8; 884 885 if (b43_new_kidx_api(dev)) 886 per_sta_keys_start = 4; 887 888 B43_WARN_ON(index >= dev->max_nr_keys); 889 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 890 891 if (index >= per_sta_keys_start) 892 keymac_write(dev, index, NULL); /* First zero out mac. */ 893 if (key) 894 memcpy(buf, key, key_len); 895 key_write(dev, index, algorithm, buf); 896 if (index >= per_sta_keys_start) 897 keymac_write(dev, index, mac_addr); 898 899 dev->key[index].algorithm = algorithm; 900} 901 902static int b43_key_write(struct b43_wldev *dev, 903 int index, u8 algorithm, 904 const u8 * key, size_t key_len, 905 const u8 * mac_addr, 906 struct ieee80211_key_conf *keyconf) 907{ 908 int i; 909 int sta_keys_start; 910 911 if (key_len > B43_SEC_KEYSIZE) 912 return -EINVAL; 913 for (i = 0; i < dev->max_nr_keys; i++) { 914 /* Check that we don't already have this key. */ 915 B43_WARN_ON(dev->key[i].keyconf == keyconf); 916 } 917 if (index < 0) { 918 /* Either pairwise key or address is 00:00:00:00:00:00 919 * for transmit-only keys. Search the index. */ 920 if (b43_new_kidx_api(dev)) 921 sta_keys_start = 4; 922 else 923 sta_keys_start = 8; 924 for (i = sta_keys_start; i < dev->max_nr_keys; i++) { 925 if (!dev->key[i].keyconf) { 926 /* found empty */ 927 index = i; 928 break; 929 } 930 } 931 if (index < 0) { 932 b43err(dev->wl, "Out of hardware key memory\n"); 933 return -ENOSPC; 934 } 935 } else 936 B43_WARN_ON(index > 3); 937 938 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 939 if ((index <= 3) && !b43_new_kidx_api(dev)) { 940 /* Default RX key */ 941 B43_WARN_ON(mac_addr); 942 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 943 } 944 keyconf->hw_key_idx = index; 945 dev->key[index].keyconf = keyconf; 946 947 return 0; 948} 949 950static int b43_key_clear(struct b43_wldev *dev, int index) 951{ 952 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys))) 953 return -EINVAL; 954 do_key_write(dev, index, B43_SEC_ALGO_NONE, 955 NULL, B43_SEC_KEYSIZE, NULL); 956 if ((index <= 3) && !b43_new_kidx_api(dev)) { 957 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 958 NULL, B43_SEC_KEYSIZE, NULL); 959 } 960 dev->key[index].keyconf = NULL; 961 962 return 0; 963} 964 965static void b43_clear_keys(struct b43_wldev *dev) 966{ 967 int i; 968 969 for (i = 0; i < dev->max_nr_keys; i++) 970 b43_key_clear(dev, i); 971} 972 973void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 974{ 975 u32 macctl; 976 u16 ucstat; 977 bool hwps; 978 bool awake; 979 int i; 980 981 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 982 (ps_flags & B43_PS_DISABLED)); 983 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 984 985 if (ps_flags & B43_PS_ENABLED) { 986 hwps = 1; 987 } else if (ps_flags & B43_PS_DISABLED) { 988 hwps = 0; 989 } else { 990 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 991 // and thus is not an AP and we are associated, set bit 25 992 } 993 if (ps_flags & B43_PS_AWAKE) { 994 awake = 1; 995 } else if (ps_flags & B43_PS_ASLEEP) { 996 awake = 0; 997 } else { 998 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 999 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1000 // successful, set bit26 1001 } 1002 1003/* FIXME: For now we force awake-on and hwps-off */ 1004 hwps = 0; 1005 awake = 1; 1006 1007 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1008 if (hwps) 1009 macctl |= B43_MACCTL_HWPS; 1010 else 1011 macctl &= ~B43_MACCTL_HWPS; 1012 if (awake) 1013 macctl |= B43_MACCTL_AWAKE; 1014 else 1015 macctl &= ~B43_MACCTL_AWAKE; 1016 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1017 /* Commit write */ 1018 b43_read32(dev, B43_MMIO_MACCTL); 1019 if (awake && dev->dev->id.revision >= 5) { 1020 /* Wait for the microcode to wake up. */ 1021 for (i = 0; i < 100; i++) { 1022 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1023 B43_SHM_SH_UCODESTAT); 1024 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1025 break; 1026 udelay(10); 1027 } 1028 } 1029} 1030 1031/* Turn the Analog ON/OFF */ 1032static void b43_switch_analog(struct b43_wldev *dev, int on) 1033{ 1034 switch (dev->phy.type) { 1035 case B43_PHYTYPE_A: 1036 case B43_PHYTYPE_G: 1037 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4); 1038 break; 1039 case B43_PHYTYPE_N: 1040 b43_phy_write(dev, B43_NPHY_AFECTL_OVER, 1041 on ? 0 : 0x7FFF); 1042 break; 1043 default: 1044 B43_WARN_ON(1); 1045 } 1046} 1047 1048void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1049{ 1050 u32 tmslow; 1051 u32 macctl; 1052 1053 flags |= B43_TMSLOW_PHYCLKEN; 1054 flags |= B43_TMSLOW_PHYRESET; 1055 ssb_device_enable(dev->dev, flags); 1056 msleep(2); /* Wait for the PLL to turn on. */ 1057 1058 /* Now take the PHY out of Reset again */ 1059 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1060 tmslow |= SSB_TMSLOW_FGC; 1061 tmslow &= ~B43_TMSLOW_PHYRESET; 1062 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1063 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1064 msleep(1); 1065 tmslow &= ~SSB_TMSLOW_FGC; 1066 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1067 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1068 msleep(1); 1069 1070 /* Turn Analog ON */ 1071 b43_switch_analog(dev, 1); 1072 1073 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1074 macctl &= ~B43_MACCTL_GMODE; 1075 if (flags & B43_TMSLOW_GMODE) 1076 macctl |= B43_MACCTL_GMODE; 1077 macctl |= B43_MACCTL_IHR_ENABLED; 1078 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1079} 1080 1081static void handle_irq_transmit_status(struct b43_wldev *dev) 1082{ 1083 u32 v0, v1; 1084 u16 tmp; 1085 struct b43_txstatus stat; 1086 1087 while (1) { 1088 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1089 if (!(v0 & 0x00000001)) 1090 break; 1091 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1092 1093 stat.cookie = (v0 >> 16); 1094 stat.seq = (v1 & 0x0000FFFF); 1095 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1096 tmp = (v0 & 0x0000FFFF); 1097 stat.frame_count = ((tmp & 0xF000) >> 12); 1098 stat.rts_count = ((tmp & 0x0F00) >> 8); 1099 stat.supp_reason = ((tmp & 0x001C) >> 2); 1100 stat.pm_indicated = !!(tmp & 0x0080); 1101 stat.intermediate = !!(tmp & 0x0040); 1102 stat.for_ampdu = !!(tmp & 0x0020); 1103 stat.acked = !!(tmp & 0x0002); 1104 1105 b43_handle_txstatus(dev, &stat); 1106 } 1107} 1108 1109static void drain_txstatus_queue(struct b43_wldev *dev) 1110{ 1111 u32 dummy; 1112 1113 if (dev->dev->id.revision < 5) 1114 return; 1115 /* Read all entries from the microcode TXstatus FIFO 1116 * and throw them away. 1117 */ 1118 while (1) { 1119 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1120 if (!(dummy & 0x00000001)) 1121 break; 1122 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1123 } 1124} 1125 1126static u32 b43_jssi_read(struct b43_wldev *dev) 1127{ 1128 u32 val = 0; 1129 1130 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1131 val <<= 16; 1132 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1133 1134 return val; 1135} 1136 1137static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1138{ 1139 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1140 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1141} 1142 1143static void b43_generate_noise_sample(struct b43_wldev *dev) 1144{ 1145 b43_jssi_write(dev, 0x7F7F7F7F); 1146 b43_write32(dev, B43_MMIO_MACCMD, 1147 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1148} 1149 1150static void b43_calculate_link_quality(struct b43_wldev *dev) 1151{ 1152 /* Top half of Link Quality calculation. */ 1153 1154 if (dev->noisecalc.calculation_running) 1155 return; 1156 dev->noisecalc.calculation_running = 1; 1157 dev->noisecalc.nr_samples = 0; 1158 1159 b43_generate_noise_sample(dev); 1160} 1161 1162static void handle_irq_noise(struct b43_wldev *dev) 1163{ 1164 struct b43_phy *phy = &dev->phy; 1165 u16 tmp; 1166 u8 noise[4]; 1167 u8 i, j; 1168 s32 average; 1169 1170 /* Bottom half of Link Quality calculation. */ 1171 1172 /* Possible race condition: It might be possible that the user 1173 * changed to a different channel in the meantime since we 1174 * started the calculation. We ignore that fact, since it's 1175 * not really that much of a problem. The background noise is 1176 * an estimation only anyway. Slightly wrong results will get damped 1177 * by the averaging of the 8 sample rounds. Additionally the 1178 * value is shortlived. So it will be replaced by the next noise 1179 * calculation round soon. */ 1180 1181 B43_WARN_ON(!dev->noisecalc.calculation_running); 1182 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1183 if (noise[0] == 0x7F || noise[1] == 0x7F || 1184 noise[2] == 0x7F || noise[3] == 0x7F) 1185 goto generate_new; 1186 1187 /* Get the noise samples. */ 1188 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1189 i = dev->noisecalc.nr_samples; 1190 noise[0] = limit_value(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1191 noise[1] = limit_value(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1192 noise[2] = limit_value(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1193 noise[3] = limit_value(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1194 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1195 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1196 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1197 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1198 dev->noisecalc.nr_samples++; 1199 if (dev->noisecalc.nr_samples == 8) { 1200 /* Calculate the Link Quality by the noise samples. */ 1201 average = 0; 1202 for (i = 0; i < 8; i++) { 1203 for (j = 0; j < 4; j++) 1204 average += dev->noisecalc.samples[i][j]; 1205 } 1206 average /= (8 * 4); 1207 average *= 125; 1208 average += 64; 1209 average /= 128; 1210 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1211 tmp = (tmp / 128) & 0x1F; 1212 if (tmp >= 8) 1213 average += 2; 1214 else 1215 average -= 25; 1216 if (tmp == 8) 1217 average -= 72; 1218 else 1219 average -= 48; 1220 1221 dev->stats.link_noise = average; 1222 dev->noisecalc.calculation_running = 0; 1223 return; 1224 } 1225generate_new: 1226 b43_generate_noise_sample(dev); 1227} 1228 1229static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1230{ 1231 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) { 1232 ///TODO: PS TBTT 1233 } else { 1234 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1235 b43_power_saving_ctl_bits(dev, 0); 1236 } 1237 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) 1238 dev->dfq_valid = 1; 1239} 1240 1241static void handle_irq_atim_end(struct b43_wldev *dev) 1242{ 1243 if (dev->dfq_valid) { 1244 b43_write32(dev, B43_MMIO_MACCMD, 1245 b43_read32(dev, B43_MMIO_MACCMD) 1246 | B43_MACCMD_DFQ_VALID); 1247 dev->dfq_valid = 0; 1248 } 1249} 1250 1251static void handle_irq_pmq(struct b43_wldev *dev) 1252{ 1253 u32 tmp; 1254 1255 //TODO: AP mode. 1256 1257 while (1) { 1258 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1259 if (!(tmp & 0x00000008)) 1260 break; 1261 } 1262 /* 16bit write is odd, but correct. */ 1263 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1264} 1265 1266static void b43_write_template_common(struct b43_wldev *dev, 1267 const u8 * data, u16 size, 1268 u16 ram_offset, 1269 u16 shm_size_offset, u8 rate) 1270{ 1271 u32 i, tmp; 1272 struct b43_plcp_hdr4 plcp; 1273 1274 plcp.data = 0; 1275 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1276 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1277 ram_offset += sizeof(u32); 1278 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1279 * So leave the first two bytes of the next write blank. 1280 */ 1281 tmp = (u32) (data[0]) << 16; 1282 tmp |= (u32) (data[1]) << 24; 1283 b43_ram_write(dev, ram_offset, tmp); 1284 ram_offset += sizeof(u32); 1285 for (i = 2; i < size; i += sizeof(u32)) { 1286 tmp = (u32) (data[i + 0]); 1287 if (i + 1 < size) 1288 tmp |= (u32) (data[i + 1]) << 8; 1289 if (i + 2 < size) 1290 tmp |= (u32) (data[i + 2]) << 16; 1291 if (i + 3 < size) 1292 tmp |= (u32) (data[i + 3]) << 24; 1293 b43_ram_write(dev, ram_offset + i - 2, tmp); 1294 } 1295 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1296 size + sizeof(struct b43_plcp_hdr6)); 1297} 1298 1299/* Check if the use of the antenna that ieee80211 told us to 1300 * use is possible. This will fall back to DEFAULT. 1301 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1302u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1303 u8 antenna_nr) 1304{ 1305 u8 antenna_mask; 1306 1307 if (antenna_nr == 0) { 1308 /* Zero means "use default antenna". That's always OK. */ 1309 return 0; 1310 } 1311 1312 /* Get the mask of available antennas. */ 1313 if (dev->phy.gmode) 1314 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1315 else 1316 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1317 1318 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1319 /* This antenna is not available. Fall back to default. */ 1320 return 0; 1321 } 1322 1323 return antenna_nr; 1324} 1325 1326static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna) 1327{ 1328 antenna = b43_ieee80211_antenna_sanitize(dev, antenna); 1329 switch (antenna) { 1330 case 0: /* default/diversity */ 1331 return B43_ANTENNA_DEFAULT; 1332 case 1: /* Antenna 0 */ 1333 return B43_ANTENNA0; 1334 case 2: /* Antenna 1 */ 1335 return B43_ANTENNA1; 1336 case 3: /* Antenna 2 */ 1337 return B43_ANTENNA2; 1338 case 4: /* Antenna 3 */ 1339 return B43_ANTENNA3; 1340 default: 1341 return B43_ANTENNA_DEFAULT; 1342 } 1343} 1344 1345/* Convert a b43 antenna number value to the PHY TX control value. */ 1346static u16 b43_antenna_to_phyctl(int antenna) 1347{ 1348 switch (antenna) { 1349 case B43_ANTENNA0: 1350 return B43_TXH_PHY_ANT0; 1351 case B43_ANTENNA1: 1352 return B43_TXH_PHY_ANT1; 1353 case B43_ANTENNA2: 1354 return B43_TXH_PHY_ANT2; 1355 case B43_ANTENNA3: 1356 return B43_TXH_PHY_ANT3; 1357 case B43_ANTENNA_AUTO: 1358 return B43_TXH_PHY_ANT01AUTO; 1359 } 1360 B43_WARN_ON(1); 1361 return 0; 1362} 1363 1364static void b43_write_beacon_template(struct b43_wldev *dev, 1365 u16 ram_offset, 1366 u16 shm_size_offset) 1367{ 1368 unsigned int i, len, variable_len; 1369 const struct ieee80211_mgmt *bcn; 1370 const u8 *ie; 1371 bool tim_found = 0; 1372 unsigned int rate; 1373 u16 ctl; 1374 int antenna; 1375 1376 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1377 len = min((size_t) dev->wl->current_beacon->len, 1378 0x200 - sizeof(struct b43_plcp_hdr6)); 1379 rate = dev->wl->beacon_txctl.tx_rate->hw_value; 1380 1381 b43_write_template_common(dev, (const u8 *)bcn, 1382 len, ram_offset, shm_size_offset, rate); 1383 1384 /* Write the PHY TX control parameters. */ 1385 antenna = b43_antenna_from_ieee80211(dev, 1386 dev->wl->beacon_txctl.antenna_sel_tx); 1387 antenna = b43_antenna_to_phyctl(antenna); 1388 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1389 /* We can't send beacons with short preamble. Would get PHY errors. */ 1390 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1391 ctl &= ~B43_TXH_PHY_ANT; 1392 ctl &= ~B43_TXH_PHY_ENC; 1393 ctl |= antenna; 1394 if (b43_is_cck_rate(rate)) 1395 ctl |= B43_TXH_PHY_ENC_CCK; 1396 else 1397 ctl |= B43_TXH_PHY_ENC_OFDM; 1398 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1399 1400 /* Find the position of the TIM and the DTIM_period value 1401 * and write them to SHM. */ 1402 ie = bcn->u.beacon.variable; 1403 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1404 for (i = 0; i < variable_len - 2; ) { 1405 uint8_t ie_id, ie_len; 1406 1407 ie_id = ie[i]; 1408 ie_len = ie[i + 1]; 1409 if (ie_id == 5) { 1410 u16 tim_position; 1411 u16 dtim_period; 1412 /* This is the TIM Information Element */ 1413 1414 /* Check whether the ie_len is in the beacon data range. */ 1415 if (variable_len < ie_len + 2 + i) 1416 break; 1417 /* A valid TIM is at least 4 bytes long. */ 1418 if (ie_len < 4) 1419 break; 1420 tim_found = 1; 1421 1422 tim_position = sizeof(struct b43_plcp_hdr6); 1423 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1424 tim_position += i; 1425 1426 dtim_period = ie[i + 3]; 1427 1428 b43_shm_write16(dev, B43_SHM_SHARED, 1429 B43_SHM_SH_TIMBPOS, tim_position); 1430 b43_shm_write16(dev, B43_SHM_SHARED, 1431 B43_SHM_SH_DTIMPER, dtim_period); 1432 break; 1433 } 1434 i += ie_len + 2; 1435 } 1436 if (!tim_found) { 1437 b43warn(dev->wl, "Did not find a valid TIM IE in " 1438 "the beacon template packet. AP or IBSS operation " 1439 "may be broken.\n"); 1440 } else 1441 b43dbg(dev->wl, "Updated beacon template\n"); 1442} 1443 1444static void b43_write_probe_resp_plcp(struct b43_wldev *dev, 1445 u16 shm_offset, u16 size, 1446 struct ieee80211_rate *rate) 1447{ 1448 struct b43_plcp_hdr4 plcp; 1449 u32 tmp; 1450 __le16 dur; 1451 1452 plcp.data = 0; 1453 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value); 1454 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1455 dev->wl->vif, size, 1456 rate); 1457 /* Write PLCP in two parts and timing for packet transfer */ 1458 tmp = le32_to_cpu(plcp.data); 1459 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF); 1460 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16); 1461 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur)); 1462} 1463 1464/* Instead of using custom probe response template, this function 1465 * just patches custom beacon template by: 1466 * 1) Changing packet type 1467 * 2) Patching duration field 1468 * 3) Stripping TIM 1469 */ 1470static const u8 * b43_generate_probe_resp(struct b43_wldev *dev, 1471 u16 *dest_size, 1472 struct ieee80211_rate *rate) 1473{ 1474 const u8 *src_data; 1475 u8 *dest_data; 1476 u16 src_size, elem_size, src_pos, dest_pos; 1477 __le16 dur; 1478 struct ieee80211_hdr *hdr; 1479 size_t ie_start; 1480 1481 src_size = dev->wl->current_beacon->len; 1482 src_data = (const u8 *)dev->wl->current_beacon->data; 1483 1484 /* Get the start offset of the variable IEs in the packet. */ 1485 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable); 1486 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable)); 1487 1488 if (B43_WARN_ON(src_size < ie_start)) 1489 return NULL; 1490 1491 dest_data = kmalloc(src_size, GFP_ATOMIC); 1492 if (unlikely(!dest_data)) 1493 return NULL; 1494 1495 /* Copy the static data and all Information Elements, except the TIM. */ 1496 memcpy(dest_data, src_data, ie_start); 1497 src_pos = ie_start; 1498 dest_pos = ie_start; 1499 for ( ; src_pos < src_size - 2; src_pos += elem_size) { 1500 elem_size = src_data[src_pos + 1] + 2; 1501 if (src_data[src_pos] == 5) { 1502 /* This is the TIM. */ 1503 continue; 1504 } 1505 memcpy(dest_data + dest_pos, src_data + src_pos, 1506 elem_size); 1507 dest_pos += elem_size; 1508 } 1509 *dest_size = dest_pos; 1510 hdr = (struct ieee80211_hdr *)dest_data; 1511 1512 /* Set the frame control. */ 1513 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT | 1514 IEEE80211_STYPE_PROBE_RESP); 1515 dur = ieee80211_generic_frame_duration(dev->wl->hw, 1516 dev->wl->vif, *dest_size, 1517 rate); 1518 hdr->duration_id = dur; 1519 1520 return dest_data; 1521} 1522 1523static void b43_write_probe_resp_template(struct b43_wldev *dev, 1524 u16 ram_offset, 1525 u16 shm_size_offset, 1526 struct ieee80211_rate *rate) 1527{ 1528 const u8 *probe_resp_data; 1529 u16 size; 1530 1531 size = dev->wl->current_beacon->len; 1532 probe_resp_data = b43_generate_probe_resp(dev, &size, rate); 1533 if (unlikely(!probe_resp_data)) 1534 return; 1535 1536 /* Looks like PLCP headers plus packet timings are stored for 1537 * all possible basic rates 1538 */ 1539 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]); 1540 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]); 1541 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]); 1542 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]); 1543 1544 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6)); 1545 b43_write_template_common(dev, probe_resp_data, 1546 size, ram_offset, shm_size_offset, 1547 rate->hw_value); 1548 kfree(probe_resp_data); 1549} 1550 1551static void b43_upload_beacon0(struct b43_wldev *dev) 1552{ 1553 struct b43_wl *wl = dev->wl; 1554 1555 if (wl->beacon0_uploaded) 1556 return; 1557 b43_write_beacon_template(dev, 0x68, 0x18); 1558 /* FIXME: Probe resp upload doesn't really belong here, 1559 * but we don't use that feature anyway. */ 1560 b43_write_probe_resp_template(dev, 0x268, 0x4A, 1561 &__b43_ratetable[3]); 1562 wl->beacon0_uploaded = 1; 1563} 1564 1565static void b43_upload_beacon1(struct b43_wldev *dev) 1566{ 1567 struct b43_wl *wl = dev->wl; 1568 1569 if (wl->beacon1_uploaded) 1570 return; 1571 b43_write_beacon_template(dev, 0x468, 0x1A); 1572 wl->beacon1_uploaded = 1; 1573} 1574 1575static void handle_irq_beacon(struct b43_wldev *dev) 1576{ 1577 struct b43_wl *wl = dev->wl; 1578 u32 cmd, beacon0_valid, beacon1_valid; 1579 1580 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 1581 return; 1582 1583 /* This is the bottom half of the asynchronous beacon update. */ 1584 1585 /* Ignore interrupt in the future. */ 1586 dev->irq_savedstate &= ~B43_IRQ_BEACON; 1587 1588 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1589 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1590 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1591 1592 /* Schedule interrupt manually, if busy. */ 1593 if (beacon0_valid && beacon1_valid) { 1594 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1595 dev->irq_savedstate |= B43_IRQ_BEACON; 1596 return; 1597 } 1598 1599 if (unlikely(wl->beacon_templates_virgin)) { 1600 /* We never uploaded a beacon before. 1601 * Upload both templates now, but only mark one valid. */ 1602 wl->beacon_templates_virgin = 0; 1603 b43_upload_beacon0(dev); 1604 b43_upload_beacon1(dev); 1605 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1606 cmd |= B43_MACCMD_BEACON0_VALID; 1607 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1608 } else { 1609 if (!beacon0_valid) { 1610 b43_upload_beacon0(dev); 1611 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1612 cmd |= B43_MACCMD_BEACON0_VALID; 1613 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1614 } else if (!beacon1_valid) { 1615 b43_upload_beacon1(dev); 1616 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1617 cmd |= B43_MACCMD_BEACON1_VALID; 1618 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1619 } 1620 } 1621} 1622 1623static void b43_beacon_update_trigger_work(struct work_struct *work) 1624{ 1625 struct b43_wl *wl = container_of(work, struct b43_wl, 1626 beacon_update_trigger); 1627 struct b43_wldev *dev; 1628 1629 mutex_lock(&wl->mutex); 1630 dev = wl->current_dev; 1631 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1632 spin_lock_irq(&wl->irq_lock); 1633 /* update beacon right away or defer to irq */ 1634 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1635 handle_irq_beacon(dev); 1636 /* The handler might have updated the IRQ mask. */ 1637 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 1638 dev->irq_savedstate); 1639 mmiowb(); 1640 spin_unlock_irq(&wl->irq_lock); 1641 } 1642 mutex_unlock(&wl->mutex); 1643} 1644 1645/* Asynchronously update the packet templates in template RAM. 1646 * Locking: Requires wl->irq_lock to be locked. */ 1647static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon, 1648 const struct ieee80211_tx_control *txctl) 1649{ 1650 /* This is the top half of the ansynchronous beacon update. 1651 * The bottom half is the beacon IRQ. 1652 * Beacon update must be asynchronous to avoid sending an 1653 * invalid beacon. This can happen for example, if the firmware 1654 * transmits a beacon while we are updating it. */ 1655 1656 if (wl->current_beacon) 1657 dev_kfree_skb_any(wl->current_beacon); 1658 wl->current_beacon = beacon; 1659 memcpy(&wl->beacon_txctl, txctl, sizeof(wl->beacon_txctl)); 1660 wl->beacon0_uploaded = 0; 1661 wl->beacon1_uploaded = 0; 1662 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger); 1663} 1664 1665static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len) 1666{ 1667 u32 tmp; 1668 u16 i, len; 1669 1670 len = min((u16) ssid_len, (u16) 0x100); 1671 for (i = 0; i < len; i += sizeof(u32)) { 1672 tmp = (u32) (ssid[i + 0]); 1673 if (i + 1 < len) 1674 tmp |= (u32) (ssid[i + 1]) << 8; 1675 if (i + 2 < len) 1676 tmp |= (u32) (ssid[i + 2]) << 16; 1677 if (i + 3 < len) 1678 tmp |= (u32) (ssid[i + 3]) << 24; 1679 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp); 1680 } 1681 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len); 1682} 1683 1684static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1685{ 1686 b43_time_lock(dev); 1687 if (dev->dev->id.revision >= 3) { 1688 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1689 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1690 } else { 1691 b43_write16(dev, 0x606, (beacon_int >> 6)); 1692 b43_write16(dev, 0x610, beacon_int); 1693 } 1694 b43_time_unlock(dev); 1695 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1696} 1697 1698static void handle_irq_ucode_debug(struct b43_wldev *dev) 1699{ 1700 //TODO 1701} 1702 1703/* Interrupt handler bottom-half */ 1704static void b43_interrupt_tasklet(struct b43_wldev *dev) 1705{ 1706 u32 reason; 1707 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1708 u32 merged_dma_reason = 0; 1709 int i; 1710 unsigned long flags; 1711 1712 spin_lock_irqsave(&dev->wl->irq_lock, flags); 1713 1714 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED); 1715 1716 reason = dev->irq_reason; 1717 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1718 dma_reason[i] = dev->dma_reason[i]; 1719 merged_dma_reason |= dma_reason[i]; 1720 } 1721 1722 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1723 b43err(dev->wl, "MAC transmission error\n"); 1724 1725 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1726 b43err(dev->wl, "PHY transmission error\n"); 1727 rmb(); 1728 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1729 atomic_set(&dev->phy.txerr_cnt, 1730 B43_PHY_TX_BADNESS_LIMIT); 1731 b43err(dev->wl, "Too many PHY TX errors, " 1732 "restarting the controller\n"); 1733 b43_controller_restart(dev, "PHY TX errors"); 1734 } 1735 } 1736 1737 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1738 B43_DMAIRQ_NONFATALMASK))) { 1739 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1740 b43err(dev->wl, "Fatal DMA error: " 1741 "0x%08X, 0x%08X, 0x%08X, " 1742 "0x%08X, 0x%08X, 0x%08X\n", 1743 dma_reason[0], dma_reason[1], 1744 dma_reason[2], dma_reason[3], 1745 dma_reason[4], dma_reason[5]); 1746 b43_controller_restart(dev, "DMA error"); 1747 mmiowb(); 1748 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1749 return; 1750 } 1751 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1752 b43err(dev->wl, "DMA error: " 1753 "0x%08X, 0x%08X, 0x%08X, " 1754 "0x%08X, 0x%08X, 0x%08X\n", 1755 dma_reason[0], dma_reason[1], 1756 dma_reason[2], dma_reason[3], 1757 dma_reason[4], dma_reason[5]); 1758 } 1759 } 1760 1761 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1762 handle_irq_ucode_debug(dev); 1763 if (reason & B43_IRQ_TBTT_INDI) 1764 handle_irq_tbtt_indication(dev); 1765 if (reason & B43_IRQ_ATIM_END) 1766 handle_irq_atim_end(dev); 1767 if (reason & B43_IRQ_BEACON) 1768 handle_irq_beacon(dev); 1769 if (reason & B43_IRQ_PMQ) 1770 handle_irq_pmq(dev); 1771 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1772 ;/* TODO */ 1773 if (reason & B43_IRQ_NOISESAMPLE_OK) 1774 handle_irq_noise(dev); 1775 1776 /* Check the DMA reason registers for received data. */ 1777 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1778 if (b43_using_pio_transfers(dev)) 1779 b43_pio_rx(dev->pio.rx_queue); 1780 else 1781 b43_dma_rx(dev->dma.rx_ring); 1782 } 1783 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1784 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1785 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1786 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1787 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1788 1789 if (reason & B43_IRQ_TX_OK) 1790 handle_irq_transmit_status(dev); 1791 1792 b43_interrupt_enable(dev, dev->irq_savedstate); 1793 mmiowb(); 1794 spin_unlock_irqrestore(&dev->wl->irq_lock, flags); 1795} 1796 1797static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason) 1798{ 1799 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1800 1801 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1802 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1803 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1804 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1805 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1806 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1807} 1808 1809/* Interrupt handler top-half */ 1810static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1811{ 1812 irqreturn_t ret = IRQ_NONE; 1813 struct b43_wldev *dev = dev_id; 1814 u32 reason; 1815 1816 if (!dev) 1817 return IRQ_NONE; 1818 1819 spin_lock(&dev->wl->irq_lock); 1820 1821 if (b43_status(dev) < B43_STAT_STARTED) 1822 goto out; 1823 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1824 if (reason == 0xffffffff) /* shared IRQ */ 1825 goto out; 1826 ret = IRQ_HANDLED; 1827 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 1828 if (!reason) 1829 goto out; 1830 1831 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1832 & 0x0001DC00; 1833 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1834 & 0x0000DC00; 1835 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1836 & 0x0000DC00; 1837 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1838 & 0x0001DC00; 1839 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1840 & 0x0000DC00; 1841 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1842 & 0x0000DC00; 1843 1844 b43_interrupt_ack(dev, reason); 1845 /* disable all IRQs. They are enabled again in the bottom half. */ 1846 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 1847 /* save the reason code and call our bottom half. */ 1848 dev->irq_reason = reason; 1849 tasklet_schedule(&dev->isr_tasklet); 1850 out: 1851 mmiowb(); 1852 spin_unlock(&dev->wl->irq_lock); 1853 1854 return ret; 1855} 1856 1857static void do_release_fw(struct b43_firmware_file *fw) 1858{ 1859 release_firmware(fw->data); 1860 fw->data = NULL; 1861 fw->filename = NULL; 1862} 1863 1864static void b43_release_firmware(struct b43_wldev *dev) 1865{ 1866 do_release_fw(&dev->fw.ucode); 1867 do_release_fw(&dev->fw.pcm); 1868 do_release_fw(&dev->fw.initvals); 1869 do_release_fw(&dev->fw.initvals_band); 1870} 1871 1872static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1873{ 1874 const char *text; 1875 1876 text = "You must go to " 1877 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware " 1878 "and download the latest firmware (version 4).\n"; 1879 if (error) 1880 b43err(wl, text); 1881 else 1882 b43warn(wl, text); 1883} 1884 1885static int do_request_fw(struct b43_wldev *dev, 1886 const char *name, 1887 struct b43_firmware_file *fw) 1888{ 1889 char path[sizeof(modparam_fwpostfix) + 32]; 1890 const struct firmware *blob; 1891 struct b43_fw_header *hdr; 1892 u32 size; 1893 int err; 1894 1895 if (!name) { 1896 /* Don't fetch anything. Free possibly cached firmware. */ 1897 do_release_fw(fw); 1898 return 0; 1899 } 1900 if (fw->filename) { 1901 if (strcmp(fw->filename, name) == 0) 1902 return 0; /* Already have this fw. */ 1903 /* Free the cached firmware first. */ 1904 do_release_fw(fw); 1905 } 1906 1907 snprintf(path, ARRAY_SIZE(path), 1908 "b43%s/%s.fw", 1909 modparam_fwpostfix, name); 1910 err = request_firmware(&blob, path, dev->dev->dev); 1911 if (err) { 1912 b43err(dev->wl, "Firmware file \"%s\" not found " 1913 "or load failed.\n", path); 1914 return err; 1915 } 1916 if (blob->size < sizeof(struct b43_fw_header)) 1917 goto err_format; 1918 hdr = (struct b43_fw_header *)(blob->data); 1919 switch (hdr->type) { 1920 case B43_FW_TYPE_UCODE: 1921 case B43_FW_TYPE_PCM: 1922 size = be32_to_cpu(hdr->size); 1923 if (size != blob->size - sizeof(struct b43_fw_header)) 1924 goto err_format; 1925 /* fallthrough */ 1926 case B43_FW_TYPE_IV: 1927 if (hdr->ver != 1) 1928 goto err_format; 1929 break; 1930 default: 1931 goto err_format; 1932 } 1933 1934 fw->data = blob; 1935 fw->filename = name; 1936 1937 return 0; 1938 1939err_format: 1940 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path); 1941 release_firmware(blob); 1942 1943 return -EPROTO; 1944} 1945 1946static int b43_request_firmware(struct b43_wldev *dev) 1947{ 1948 struct b43_firmware *fw = &dev->fw; 1949 const u8 rev = dev->dev->id.revision; 1950 const char *filename; 1951 u32 tmshigh; 1952 int err; 1953 1954 /* Get microcode */ 1955 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 1956 if ((rev >= 5) && (rev <= 10)) 1957 filename = "ucode5"; 1958 else if ((rev >= 11) && (rev <= 12)) 1959 filename = "ucode11"; 1960 else if (rev >= 13) 1961 filename = "ucode13"; 1962 else 1963 goto err_no_ucode; 1964 err = do_request_fw(dev, filename, &fw->ucode); 1965 if (err) 1966 goto err_load; 1967 1968 /* Get PCM code */ 1969 if ((rev >= 5) && (rev <= 10)) 1970 filename = "pcm5"; 1971 else if (rev >= 11) 1972 filename = NULL; 1973 else 1974 goto err_no_pcm; 1975 err = do_request_fw(dev, filename, &fw->pcm); 1976 if (err) 1977 goto err_load; 1978 1979 /* Get initvals */ 1980 switch (dev->phy.type) { 1981 case B43_PHYTYPE_A: 1982 if ((rev >= 5) && (rev <= 10)) { 1983 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 1984 filename = "a0g1initvals5"; 1985 else 1986 filename = "a0g0initvals5"; 1987 } else 1988 goto err_no_initvals; 1989 break; 1990 case B43_PHYTYPE_G: 1991 if ((rev >= 5) && (rev <= 10)) 1992 filename = "b0g0initvals5"; 1993 else if (rev >= 13) 1994 filename = "lp0initvals13"; 1995 else 1996 goto err_no_initvals; 1997 break; 1998 case B43_PHYTYPE_N: 1999 if ((rev >= 11) && (rev <= 12)) 2000 filename = "n0initvals11"; 2001 else 2002 goto err_no_initvals; 2003 break; 2004 default: 2005 goto err_no_initvals; 2006 } 2007 err = do_request_fw(dev, filename, &fw->initvals); 2008 if (err) 2009 goto err_load; 2010 2011 /* Get bandswitch initvals */ 2012 switch (dev->phy.type) { 2013 case B43_PHYTYPE_A: 2014 if ((rev >= 5) && (rev <= 10)) { 2015 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2016 filename = "a0g1bsinitvals5"; 2017 else 2018 filename = "a0g0bsinitvals5"; 2019 } else if (rev >= 11) 2020 filename = NULL; 2021 else 2022 goto err_no_initvals; 2023 break; 2024 case B43_PHYTYPE_G: 2025 if ((rev >= 5) && (rev <= 10)) 2026 filename = "b0g0bsinitvals5"; 2027 else if (rev >= 11) 2028 filename = NULL; 2029 else 2030 goto err_no_initvals; 2031 break; 2032 case B43_PHYTYPE_N: 2033 if ((rev >= 11) && (rev <= 12)) 2034 filename = "n0bsinitvals11"; 2035 else 2036 goto err_no_initvals; 2037 break; 2038 default: 2039 goto err_no_initvals; 2040 } 2041 err = do_request_fw(dev, filename, &fw->initvals_band); 2042 if (err) 2043 goto err_load; 2044 2045 return 0; 2046 2047err_load: 2048 b43_print_fw_helptext(dev->wl, 1); 2049 goto error; 2050 2051err_no_ucode: 2052 err = -ENODEV; 2053 b43err(dev->wl, "No microcode available for core rev %u\n", rev); 2054 goto error; 2055 2056err_no_pcm: 2057 err = -ENODEV; 2058 b43err(dev->wl, "No PCM available for core rev %u\n", rev); 2059 goto error; 2060 2061err_no_initvals: 2062 err = -ENODEV; 2063 b43err(dev->wl, "No Initial Values firmware file for PHY %u, " 2064 "core rev %u\n", dev->phy.type, rev); 2065 goto error; 2066 2067error: 2068 b43_release_firmware(dev); 2069 return err; 2070} 2071 2072static int b43_upload_microcode(struct b43_wldev *dev) 2073{ 2074 const size_t hdr_len = sizeof(struct b43_fw_header); 2075 const __be32 *data; 2076 unsigned int i, len; 2077 u16 fwrev, fwpatch, fwdate, fwtime; 2078 u32 tmp, macctl; 2079 int err = 0; 2080 2081 /* Jump the microcode PSM to offset 0 */ 2082 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2083 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2084 macctl |= B43_MACCTL_PSM_JMP0; 2085 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2086 /* Zero out all microcode PSM registers and shared memory. */ 2087 for (i = 0; i < 64; i++) 2088 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2089 for (i = 0; i < 4096; i += 2) 2090 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2091 2092 /* Upload Microcode. */ 2093 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2094 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2095 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2096 for (i = 0; i < len; i++) { 2097 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2098 udelay(10); 2099 } 2100 2101 if (dev->fw.pcm.data) { 2102 /* Upload PCM data. */ 2103 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2104 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2105 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2106 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2107 /* No need for autoinc bit in SHM_HW */ 2108 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2109 for (i = 0; i < len; i++) { 2110 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2111 udelay(10); 2112 } 2113 } 2114 2115 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2116 2117 /* Start the microcode PSM */ 2118 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2119 macctl &= ~B43_MACCTL_PSM_JMP0; 2120 macctl |= B43_MACCTL_PSM_RUN; 2121 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2122 2123 /* Wait for the microcode to load and respond */ 2124 i = 0; 2125 while (1) { 2126 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2127 if (tmp == B43_IRQ_MAC_SUSPENDED) 2128 break; 2129 i++; 2130 if (i >= 20) { 2131 b43err(dev->wl, "Microcode not responding\n"); 2132 b43_print_fw_helptext(dev->wl, 1); 2133 err = -ENODEV; 2134 goto error; 2135 } 2136 msleep_interruptible(50); 2137 if (signal_pending(current)) { 2138 err = -EINTR; 2139 goto error; 2140 } 2141 } 2142 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2143 2144 /* Get and check the revisions. */ 2145 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2146 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2147 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2148 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2149 2150 if (fwrev <= 0x128) { 2151 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2152 "binary drivers older than version 4.x is unsupported. " 2153 "You must upgrade your firmware files.\n"); 2154 b43_print_fw_helptext(dev->wl, 1); 2155 err = -EOPNOTSUPP; 2156 goto error; 2157 } 2158 b43info(dev->wl, "Loading firmware version %u.%u " 2159 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2160 fwrev, fwpatch, 2161 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2162 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2163 2164 dev->fw.rev = fwrev; 2165 dev->fw.patch = fwpatch; 2166 2167 if (b43_is_old_txhdr_format(dev)) { 2168 b43warn(dev->wl, "You are using an old firmware image. " 2169 "Support for old firmware will be removed in July 2008.\n"); 2170 b43_print_fw_helptext(dev->wl, 0); 2171 } 2172 2173 return 0; 2174 2175error: 2176 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2177 macctl &= ~B43_MACCTL_PSM_RUN; 2178 macctl |= B43_MACCTL_PSM_JMP0; 2179 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2180 2181 return err; 2182} 2183 2184static int b43_write_initvals(struct b43_wldev *dev, 2185 const struct b43_iv *ivals, 2186 size_t count, 2187 size_t array_size) 2188{ 2189 const struct b43_iv *iv; 2190 u16 offset; 2191 size_t i; 2192 bool bit32; 2193 2194 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2195 iv = ivals; 2196 for (i = 0; i < count; i++) { 2197 if (array_size < sizeof(iv->offset_size)) 2198 goto err_format; 2199 array_size -= sizeof(iv->offset_size); 2200 offset = be16_to_cpu(iv->offset_size); 2201 bit32 = !!(offset & B43_IV_32BIT); 2202 offset &= B43_IV_OFFSET_MASK; 2203 if (offset >= 0x1000) 2204 goto err_format; 2205 if (bit32) { 2206 u32 value; 2207 2208 if (array_size < sizeof(iv->data.d32)) 2209 goto err_format; 2210 array_size -= sizeof(iv->data.d32); 2211 2212 value = get_unaligned_be32(&iv->data.d32); 2213 b43_write32(dev, offset, value); 2214 2215 iv = (const struct b43_iv *)((const uint8_t *)iv + 2216 sizeof(__be16) + 2217 sizeof(__be32)); 2218 } else { 2219 u16 value; 2220 2221 if (array_size < sizeof(iv->data.d16)) 2222 goto err_format; 2223 array_size -= sizeof(iv->data.d16); 2224 2225 value = be16_to_cpu(iv->data.d16); 2226 b43_write16(dev, offset, value); 2227 2228 iv = (const struct b43_iv *)((const uint8_t *)iv + 2229 sizeof(__be16) + 2230 sizeof(__be16)); 2231 } 2232 } 2233 if (array_size) 2234 goto err_format; 2235 2236 return 0; 2237 2238err_format: 2239 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2240 b43_print_fw_helptext(dev->wl, 1); 2241 2242 return -EPROTO; 2243} 2244 2245static int b43_upload_initvals(struct b43_wldev *dev) 2246{ 2247 const size_t hdr_len = sizeof(struct b43_fw_header); 2248 const struct b43_fw_header *hdr; 2249 struct b43_firmware *fw = &dev->fw; 2250 const struct b43_iv *ivals; 2251 size_t count; 2252 int err; 2253 2254 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2255 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2256 count = be32_to_cpu(hdr->size); 2257 err = b43_write_initvals(dev, ivals, count, 2258 fw->initvals.data->size - hdr_len); 2259 if (err) 2260 goto out; 2261 if (fw->initvals_band.data) { 2262 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2263 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2264 count = be32_to_cpu(hdr->size); 2265 err = b43_write_initvals(dev, ivals, count, 2266 fw->initvals_band.data->size - hdr_len); 2267 if (err) 2268 goto out; 2269 } 2270out: 2271 2272 return err; 2273} 2274 2275/* Initialize the GPIOs 2276 * http://bcm-specs.sipsolutions.net/GPIO 2277 */ 2278static int b43_gpio_init(struct b43_wldev *dev) 2279{ 2280 struct ssb_bus *bus = dev->dev->bus; 2281 struct ssb_device *gpiodev, *pcidev = NULL; 2282 u32 mask, set; 2283 2284 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2285 & ~B43_MACCTL_GPOUTSMSK); 2286 2287 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2288 | 0x000F); 2289 2290 mask = 0x0000001F; 2291 set = 0x0000000F; 2292 if (dev->dev->bus->chip_id == 0x4301) { 2293 mask |= 0x0060; 2294 set |= 0x0060; 2295 } 2296 if (0 /* FIXME: conditional unknown */ ) { 2297 b43_write16(dev, B43_MMIO_GPIO_MASK, 2298 b43_read16(dev, B43_MMIO_GPIO_MASK) 2299 | 0x0100); 2300 mask |= 0x0180; 2301 set |= 0x0180; 2302 } 2303 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2304 b43_write16(dev, B43_MMIO_GPIO_MASK, 2305 b43_read16(dev, B43_MMIO_GPIO_MASK) 2306 | 0x0200); 2307 mask |= 0x0200; 2308 set |= 0x0200; 2309 } 2310 if (dev->dev->id.revision >= 2) 2311 mask |= 0x0010; /* FIXME: This is redundant. */ 2312 2313#ifdef CONFIG_SSB_DRIVER_PCICORE 2314 pcidev = bus->pcicore.dev; 2315#endif 2316 gpiodev = bus->chipco.dev ? : pcidev; 2317 if (!gpiodev) 2318 return 0; 2319 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2320 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2321 & mask) | set); 2322 2323 return 0; 2324} 2325 2326/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2327static void b43_gpio_cleanup(struct b43_wldev *dev) 2328{ 2329 struct ssb_bus *bus = dev->dev->bus; 2330 struct ssb_device *gpiodev, *pcidev = NULL; 2331 2332#ifdef CONFIG_SSB_DRIVER_PCICORE 2333 pcidev = bus->pcicore.dev; 2334#endif 2335 gpiodev = bus->chipco.dev ? : pcidev; 2336 if (!gpiodev) 2337 return; 2338 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2339} 2340 2341/* http://bcm-specs.sipsolutions.net/EnableMac */ 2342static void b43_mac_enable(struct b43_wldev *dev) 2343{ 2344 dev->mac_suspended--; 2345 B43_WARN_ON(dev->mac_suspended < 0); 2346 if (dev->mac_suspended == 0) { 2347 b43_write32(dev, B43_MMIO_MACCTL, 2348 b43_read32(dev, B43_MMIO_MACCTL) 2349 | B43_MACCTL_ENABLED); 2350 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2351 B43_IRQ_MAC_SUSPENDED); 2352 /* Commit writes */ 2353 b43_read32(dev, B43_MMIO_MACCTL); 2354 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2355 b43_power_saving_ctl_bits(dev, 0); 2356 2357 /* Re-enable IRQs. */ 2358 spin_lock_irq(&dev->wl->irq_lock); 2359 b43_interrupt_enable(dev, dev->irq_savedstate); 2360 spin_unlock_irq(&dev->wl->irq_lock); 2361 } 2362} 2363 2364/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2365static void b43_mac_suspend(struct b43_wldev *dev) 2366{ 2367 int i; 2368 u32 tmp; 2369 2370 might_sleep(); 2371 B43_WARN_ON(dev->mac_suspended < 0); 2372 2373 if (dev->mac_suspended == 0) { 2374 /* Mask IRQs before suspending MAC. Otherwise 2375 * the MAC stays busy and won't suspend. */ 2376 spin_lock_irq(&dev->wl->irq_lock); 2377 tmp = b43_interrupt_disable(dev, B43_IRQ_ALL); 2378 spin_unlock_irq(&dev->wl->irq_lock); 2379 b43_synchronize_irq(dev); 2380 dev->irq_savedstate = tmp; 2381 2382 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2383 b43_write32(dev, B43_MMIO_MACCTL, 2384 b43_read32(dev, B43_MMIO_MACCTL) 2385 & ~B43_MACCTL_ENABLED); 2386 /* force pci to flush the write */ 2387 b43_read32(dev, B43_MMIO_MACCTL); 2388 for (i = 35; i; i--) { 2389 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2390 if (tmp & B43_IRQ_MAC_SUSPENDED) 2391 goto out; 2392 udelay(10); 2393 } 2394 /* Hm, it seems this will take some time. Use msleep(). */ 2395 for (i = 40; i; i--) { 2396 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2397 if (tmp & B43_IRQ_MAC_SUSPENDED) 2398 goto out; 2399 msleep(1); 2400 } 2401 b43err(dev->wl, "MAC suspend failed\n"); 2402 } 2403out: 2404 dev->mac_suspended++; 2405} 2406 2407static void b43_adjust_opmode(struct b43_wldev *dev) 2408{ 2409 struct b43_wl *wl = dev->wl; 2410 u32 ctl; 2411 u16 cfp_pretbtt; 2412 2413 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2414 /* Reset status to STA infrastructure mode. */ 2415 ctl &= ~B43_MACCTL_AP; 2416 ctl &= ~B43_MACCTL_KEEP_CTL; 2417 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2418 ctl &= ~B43_MACCTL_KEEP_BAD; 2419 ctl &= ~B43_MACCTL_PROMISC; 2420 ctl &= ~B43_MACCTL_BEACPROMISC; 2421 ctl |= B43_MACCTL_INFRA; 2422 2423 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 2424 ctl |= B43_MACCTL_AP; 2425 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS)) 2426 ctl &= ~B43_MACCTL_INFRA; 2427 2428 if (wl->filter_flags & FIF_CONTROL) 2429 ctl |= B43_MACCTL_KEEP_CTL; 2430 if (wl->filter_flags & FIF_FCSFAIL) 2431 ctl |= B43_MACCTL_KEEP_BAD; 2432 if (wl->filter_flags & FIF_PLCPFAIL) 2433 ctl |= B43_MACCTL_KEEP_BADPLCP; 2434 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2435 ctl |= B43_MACCTL_PROMISC; 2436 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2437 ctl |= B43_MACCTL_BEACPROMISC; 2438 2439 /* Workaround: On old hardware the HW-MAC-address-filter 2440 * doesn't work properly, so always run promisc in filter 2441 * it in software. */ 2442 if (dev->dev->id.revision <= 4) 2443 ctl |= B43_MACCTL_PROMISC; 2444 2445 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2446 2447 cfp_pretbtt = 2; 2448 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2449 if (dev->dev->bus->chip_id == 0x4306 && 2450 dev->dev->bus->chip_rev == 3) 2451 cfp_pretbtt = 100; 2452 else 2453 cfp_pretbtt = 50; 2454 } 2455 b43_write16(dev, 0x612, cfp_pretbtt); 2456} 2457 2458static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2459{ 2460 u16 offset; 2461 2462 if (is_ofdm) { 2463 offset = 0x480; 2464 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2465 } else { 2466 offset = 0x4C0; 2467 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2468 } 2469 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2470 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2471} 2472 2473static void b43_rate_memory_init(struct b43_wldev *dev) 2474{ 2475 switch (dev->phy.type) { 2476 case B43_PHYTYPE_A: 2477 case B43_PHYTYPE_G: 2478 case B43_PHYTYPE_N: 2479 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2480 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2481 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2482 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2483 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2484 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2485 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2486 if (dev->phy.type == B43_PHYTYPE_A) 2487 break; 2488 /* fallthrough */ 2489 case B43_PHYTYPE_B: 2490 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2491 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2492 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2493 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2494 break; 2495 default: 2496 B43_WARN_ON(1); 2497 } 2498} 2499 2500/* Set the default values for the PHY TX Control Words. */ 2501static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2502{ 2503 u16 ctl = 0; 2504 2505 ctl |= B43_TXH_PHY_ENC_CCK; 2506 ctl |= B43_TXH_PHY_ANT01AUTO; 2507 ctl |= B43_TXH_PHY_TXPWR; 2508 2509 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2510 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2511 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2512} 2513 2514/* Set the TX-Antenna for management frames sent by firmware. */ 2515static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2516{ 2517 u16 ant; 2518 u16 tmp; 2519 2520 ant = b43_antenna_to_phyctl(antenna); 2521 2522 /* For ACK/CTS */ 2523 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2524 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2525 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2526 /* For Probe Resposes */ 2527 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2528 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2529 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2530} 2531 2532/* This is the opposite of b43_chip_init() */ 2533static void b43_chip_exit(struct b43_wldev *dev) 2534{ 2535 b43_radio_turn_off(dev, 1); 2536 b43_gpio_cleanup(dev); 2537 /* firmware is released later */ 2538} 2539 2540/* Initialize the chip 2541 * http://bcm-specs.sipsolutions.net/ChipInit 2542 */ 2543static int b43_chip_init(struct b43_wldev *dev) 2544{ 2545 struct b43_phy *phy = &dev->phy; 2546 int err, tmp; 2547 u32 value32, macctl; 2548 u16 value16; 2549 2550 /* Initialize the MAC control */ 2551 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2552 if (dev->phy.gmode) 2553 macctl |= B43_MACCTL_GMODE; 2554 macctl |= B43_MACCTL_INFRA; 2555 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2556 2557 err = b43_request_firmware(dev); 2558 if (err) 2559 goto out; 2560 err = b43_upload_microcode(dev); 2561 if (err) 2562 goto out; /* firmware is released later */ 2563 2564 err = b43_gpio_init(dev); 2565 if (err) 2566 goto out; /* firmware is released later */ 2567 2568 err = b43_upload_initvals(dev); 2569 if (err) 2570 goto err_gpio_clean; 2571 b43_radio_turn_on(dev); 2572 2573 b43_write16(dev, 0x03E6, 0x0000); 2574 err = b43_phy_init(dev); 2575 if (err) 2576 goto err_radio_off; 2577 2578 /* Select initial Interference Mitigation. */ 2579 tmp = phy->interfmode; 2580 phy->interfmode = B43_INTERFMODE_NONE; 2581 b43_radio_set_interference_mitigation(dev, tmp); 2582 2583 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2584 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2585 2586 if (phy->type == B43_PHYTYPE_B) { 2587 value16 = b43_read16(dev, 0x005E); 2588 value16 |= 0x0004; 2589 b43_write16(dev, 0x005E, value16); 2590 } 2591 b43_write32(dev, 0x0100, 0x01000000); 2592 if (dev->dev->id.revision < 5) 2593 b43_write32(dev, 0x010C, 0x01000000); 2594 2595 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2596 & ~B43_MACCTL_INFRA); 2597 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2598 | B43_MACCTL_INFRA); 2599 2600 /* Probe Response Timeout value */ 2601 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2602 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2603 2604 /* Initially set the wireless operation mode. */ 2605 b43_adjust_opmode(dev); 2606 2607 if (dev->dev->id.revision < 3) { 2608 b43_write16(dev, 0x060E, 0x0000); 2609 b43_write16(dev, 0x0610, 0x8000); 2610 b43_write16(dev, 0x0604, 0x0000); 2611 b43_write16(dev, 0x0606, 0x0200); 2612 } else { 2613 b43_write32(dev, 0x0188, 0x80000000); 2614 b43_write32(dev, 0x018C, 0x02000000); 2615 } 2616 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2617 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2618 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2619 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2620 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2621 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2622 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2623 2624 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2625 value32 |= 0x00100000; 2626 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2627 2628 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2629 dev->dev->bus->chipco.fast_pwrup_delay); 2630 2631 err = 0; 2632 b43dbg(dev->wl, "Chip initialized\n"); 2633out: 2634 return err; 2635 2636err_radio_off: 2637 b43_radio_turn_off(dev, 1); 2638err_gpio_clean: 2639 b43_gpio_cleanup(dev); 2640 return err; 2641} 2642 2643static void b43_periodic_every120sec(struct b43_wldev *dev) 2644{ 2645 struct b43_phy *phy = &dev->phy; 2646 2647 if (phy->type != B43_PHYTYPE_G || phy->rev < 2) 2648 return; 2649 2650 b43_mac_suspend(dev); 2651 b43_lo_g_measure(dev); 2652 b43_mac_enable(dev); 2653 if (b43_has_hardware_pctl(phy)) 2654 b43_lo_g_ctl_mark_all_unused(dev); 2655} 2656 2657static void b43_periodic_every60sec(struct b43_wldev *dev) 2658{ 2659 struct b43_phy *phy = &dev->phy; 2660 2661 if (phy->type != B43_PHYTYPE_G) 2662 return; 2663 if (!b43_has_hardware_pctl(phy)) 2664 b43_lo_g_ctl_mark_all_unused(dev); 2665 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) { 2666 b43_mac_suspend(dev); 2667 b43_calc_nrssi_slope(dev); 2668 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) { 2669 u8 old_chan = phy->channel; 2670 2671 /* VCO Calibration */ 2672 if (old_chan >= 8) 2673 b43_radio_selectchannel(dev, 1, 0); 2674 else 2675 b43_radio_selectchannel(dev, 13, 0); 2676 b43_radio_selectchannel(dev, old_chan, 0); 2677 } 2678 b43_mac_enable(dev); 2679 } 2680} 2681 2682static void b43_periodic_every30sec(struct b43_wldev *dev) 2683{ 2684 /* Update device statistics. */ 2685 b43_calculate_link_quality(dev); 2686} 2687 2688static void b43_periodic_every15sec(struct b43_wldev *dev) 2689{ 2690 struct b43_phy *phy = &dev->phy; 2691 2692 if (phy->type == B43_PHYTYPE_G) { 2693 //TODO: update_aci_moving_average 2694 if (phy->aci_enable && phy->aci_wlan_automatic) { 2695 b43_mac_suspend(dev); 2696 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) { 2697 if (0 /*TODO: bunch of conditions */ ) { 2698 b43_radio_set_interference_mitigation 2699 (dev, B43_INTERFMODE_MANUALWLAN); 2700 } 2701 } else if (1 /*TODO*/) { 2702 /* 2703 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) { 2704 b43_radio_set_interference_mitigation(dev, 2705 B43_INTERFMODE_NONE); 2706 } 2707 */ 2708 } 2709 b43_mac_enable(dev); 2710 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN && 2711 phy->rev == 1) { 2712 //TODO: implement rev1 workaround 2713 } 2714 } 2715 b43_phy_xmitpower(dev); //FIXME: unless scanning? 2716 //TODO for APHY (temperature?) 2717 2718 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2719 wmb(); 2720} 2721 2722static void do_periodic_work(struct b43_wldev *dev) 2723{ 2724 unsigned int state; 2725 2726 state = dev->periodic_state; 2727 if (state % 8 == 0) 2728 b43_periodic_every120sec(dev); 2729 if (state % 4 == 0) 2730 b43_periodic_every60sec(dev); 2731 if (state % 2 == 0) 2732 b43_periodic_every30sec(dev); 2733 b43_periodic_every15sec(dev); 2734} 2735 2736/* Periodic work locking policy: 2737 * The whole periodic work handler is protected by 2738 * wl->mutex. If another lock is needed somewhere in the 2739 * pwork callchain, it's aquired in-place, where it's needed. 2740 */ 2741static void b43_periodic_work_handler(struct work_struct *work) 2742{ 2743 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2744 periodic_work.work); 2745 struct b43_wl *wl = dev->wl; 2746 unsigned long delay; 2747 2748 mutex_lock(&wl->mutex); 2749 2750 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2751 goto out; 2752 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2753 goto out_requeue; 2754 2755 do_periodic_work(dev); 2756 2757 dev->periodic_state++; 2758out_requeue: 2759 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2760 delay = msecs_to_jiffies(50); 2761 else 2762 delay = round_jiffies_relative(HZ * 15); 2763 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay); 2764out: 2765 mutex_unlock(&wl->mutex); 2766} 2767 2768static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2769{ 2770 struct delayed_work *work = &dev->periodic_work; 2771 2772 dev->periodic_state = 0; 2773 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2774 queue_delayed_work(dev->wl->hw->workqueue, work, 0); 2775} 2776 2777/* Check if communication with the device works correctly. */ 2778static int b43_validate_chipaccess(struct b43_wldev *dev) 2779{ 2780 u32 v, backup; 2781 2782 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0); 2783 2784 /* Check for read/write and endianness problems. */ 2785 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 2786 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 2787 goto error; 2788 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 2789 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 2790 goto error; 2791 2792 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup); 2793 2794 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 2795 /* The 32bit register shadows the two 16bit registers 2796 * with update sideeffects. Validate this. */ 2797 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 2798 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 2799 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 2800 goto error; 2801 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 2802 goto error; 2803 } 2804 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 2805 2806 v = b43_read32(dev, B43_MMIO_MACCTL); 2807 v |= B43_MACCTL_GMODE; 2808 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 2809 goto error; 2810 2811 return 0; 2812error: 2813 b43err(dev->wl, "Failed to validate the chipaccess\n"); 2814 return -ENODEV; 2815} 2816 2817static void b43_security_init(struct b43_wldev *dev) 2818{ 2819 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20; 2820 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key)); 2821 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 2822 /* KTP is a word address, but we address SHM bytewise. 2823 * So multiply by two. 2824 */ 2825 dev->ktp *= 2; 2826 if (dev->dev->id.revision >= 5) { 2827 /* Number of RCMTA address slots */ 2828 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8); 2829 } 2830 b43_clear_keys(dev); 2831} 2832 2833static int b43_rng_read(struct hwrng *rng, u32 * data) 2834{ 2835 struct b43_wl *wl = (struct b43_wl *)rng->priv; 2836 unsigned long flags; 2837 2838 /* Don't take wl->mutex here, as it could deadlock with 2839 * hwrng internal locking. It's not needed to take 2840 * wl->mutex here, anyway. */ 2841 2842 spin_lock_irqsave(&wl->irq_lock, flags); 2843 *data = b43_read16(wl->current_dev, B43_MMIO_RNG); 2844 spin_unlock_irqrestore(&wl->irq_lock, flags); 2845 2846 return (sizeof(u16)); 2847} 2848 2849static void b43_rng_exit(struct b43_wl *wl) 2850{ 2851 if (wl->rng_initialized) 2852 hwrng_unregister(&wl->rng); 2853} 2854 2855static int b43_rng_init(struct b43_wl *wl) 2856{ 2857 int err; 2858 2859 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 2860 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 2861 wl->rng.name = wl->rng_name; 2862 wl->rng.data_read = b43_rng_read; 2863 wl->rng.priv = (unsigned long)wl; 2864 wl->rng_initialized = 1; 2865 err = hwrng_register(&wl->rng); 2866 if (err) { 2867 wl->rng_initialized = 0; 2868 b43err(wl, "Failed to register the random " 2869 "number generator (%d)\n", err); 2870 } 2871 2872 return err; 2873} 2874 2875static int b43_op_tx(struct ieee80211_hw *hw, 2876 struct sk_buff *skb, 2877 struct ieee80211_tx_control *ctl) 2878{ 2879 struct b43_wl *wl = hw_to_b43_wl(hw); 2880 struct b43_wldev *dev = wl->current_dev; 2881 unsigned long flags; 2882 int err; 2883 2884 if (unlikely(skb->len < 2 + 2 + 6)) { 2885 /* Too short, this can't be a valid frame. */ 2886 goto drop_packet; 2887 } 2888 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 2889 if (unlikely(!dev)) 2890 goto drop_packet; 2891 2892 /* Transmissions on seperate queues can run concurrently. */ 2893 read_lock_irqsave(&wl->tx_lock, flags); 2894 2895 err = -ENODEV; 2896 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 2897 if (b43_using_pio_transfers(dev)) 2898 err = b43_pio_tx(dev, skb, ctl); 2899 else 2900 err = b43_dma_tx(dev, skb, ctl); 2901 } 2902 2903 read_unlock_irqrestore(&wl->tx_lock, flags); 2904 2905 if (unlikely(err)) 2906 goto drop_packet; 2907 return NETDEV_TX_OK; 2908 2909drop_packet: 2910 /* We can not transmit this packet. Drop it. */ 2911 dev_kfree_skb_any(skb); 2912 return NETDEV_TX_OK; 2913} 2914 2915/* Locking: wl->irq_lock */ 2916static void b43_qos_params_upload(struct b43_wldev *dev, 2917 const struct ieee80211_tx_queue_params *p, 2918 u16 shm_offset) 2919{ 2920 u16 params[B43_NR_QOSPARAMS]; 2921 int cw_min, cw_max, aifs, bslots, tmp; 2922 unsigned int i; 2923 2924 const u16 aCWmin = 0x0001; 2925 const u16 aCWmax = 0x03FF; 2926 2927 /* Calculate the default values for the parameters, if needed. */ 2928 switch (shm_offset) { 2929 case B43_QOS_VOICE: 2930 aifs = (p->aifs == -1) ? 2 : p->aifs; 2931 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min; 2932 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max; 2933 break; 2934 case B43_QOS_VIDEO: 2935 aifs = (p->aifs == -1) ? 2 : p->aifs; 2936 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min; 2937 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max; 2938 break; 2939 case B43_QOS_BESTEFFORT: 2940 aifs = (p->aifs == -1) ? 3 : p->aifs; 2941 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2942 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2943 break; 2944 case B43_QOS_BACKGROUND: 2945 aifs = (p->aifs == -1) ? 7 : p->aifs; 2946 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min; 2947 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max; 2948 break; 2949 default: 2950 B43_WARN_ON(1); 2951 return; 2952 } 2953 if (cw_min <= 0) 2954 cw_min = aCWmin; 2955 if (cw_max <= 0) 2956 cw_max = aCWmin; 2957 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min; 2958 2959 memset(¶ms, 0, sizeof(params)); 2960 2961 params[B43_QOSPARAM_TXOP] = p->txop * 32; 2962 params[B43_QOSPARAM_CWMIN] = cw_min; 2963 params[B43_QOSPARAM_CWMAX] = cw_max; 2964 params[B43_QOSPARAM_CWCUR] = cw_min; 2965 params[B43_QOSPARAM_AIFS] = aifs; 2966 params[B43_QOSPARAM_BSLOTS] = bslots; 2967 params[B43_QOSPARAM_REGGAP] = bslots + aifs; 2968 2969 for (i = 0; i < ARRAY_SIZE(params); i++) { 2970 if (i == B43_QOSPARAM_STATUS) { 2971 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 2972 shm_offset + (i * 2)); 2973 /* Mark the parameters as updated. */ 2974 tmp |= 0x100; 2975 b43_shm_write16(dev, B43_SHM_SHARED, 2976 shm_offset + (i * 2), 2977 tmp); 2978 } else { 2979 b43_shm_write16(dev, B43_SHM_SHARED, 2980 shm_offset + (i * 2), 2981 params[i]); 2982 } 2983 } 2984} 2985 2986/* Update the QOS parameters in hardware. */ 2987static void b43_qos_update(struct b43_wldev *dev) 2988{ 2989 struct b43_wl *wl = dev->wl; 2990 struct b43_qos_params *params; 2991 unsigned long flags; 2992 unsigned int i; 2993 2994 /* Mapping of mac80211 queues to b43 SHM offsets. */ 2995 static const u16 qos_shm_offsets[] = { 2996 [0] = B43_QOS_VOICE, 2997 [1] = B43_QOS_VIDEO, 2998 [2] = B43_QOS_BESTEFFORT, 2999 [3] = B43_QOS_BACKGROUND, 3000 }; 3001 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params)); 3002 3003 b43_mac_suspend(dev); 3004 spin_lock_irqsave(&wl->irq_lock, flags); 3005 3006 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3007 params = &(wl->qos_params[i]); 3008 if (params->need_hw_update) { 3009 b43_qos_params_upload(dev, &(params->p), 3010 qos_shm_offsets[i]); 3011 params->need_hw_update = 0; 3012 } 3013 } 3014 3015 spin_unlock_irqrestore(&wl->irq_lock, flags); 3016 b43_mac_enable(dev); 3017} 3018 3019static void b43_qos_clear(struct b43_wl *wl) 3020{ 3021 struct b43_qos_params *params; 3022 unsigned int i; 3023 3024 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3025 params = &(wl->qos_params[i]); 3026 3027 memset(&(params->p), 0, sizeof(params->p)); 3028 params->p.aifs = -1; 3029 params->need_hw_update = 1; 3030 } 3031} 3032 3033/* Initialize the core's QOS capabilities */ 3034static void b43_qos_init(struct b43_wldev *dev) 3035{ 3036 struct b43_wl *wl = dev->wl; 3037 unsigned int i; 3038 3039 /* Upload the current QOS parameters. */ 3040 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) 3041 wl->qos_params[i].need_hw_update = 1; 3042 b43_qos_update(dev); 3043 3044 /* Enable QOS support. */ 3045 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3046 b43_write16(dev, B43_MMIO_IFSCTL, 3047 b43_read16(dev, B43_MMIO_IFSCTL) 3048 | B43_MMIO_IFSCTL_USE_EDCF); 3049} 3050 3051static void b43_qos_update_work(struct work_struct *work) 3052{ 3053 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work); 3054 struct b43_wldev *dev; 3055 3056 mutex_lock(&wl->mutex); 3057 dev = wl->current_dev; 3058 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) 3059 b43_qos_update(dev); 3060 mutex_unlock(&wl->mutex); 3061} 3062 3063static int b43_op_conf_tx(struct ieee80211_hw *hw, 3064 int _queue, 3065 const struct ieee80211_tx_queue_params *params) 3066{ 3067 struct b43_wl *wl = hw_to_b43_wl(hw); 3068 unsigned long flags; 3069 unsigned int queue = (unsigned int)_queue; 3070 struct b43_qos_params *p; 3071 3072 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3073 /* Queue not available or don't support setting 3074 * params on this queue. Return success to not 3075 * confuse mac80211. */ 3076 return 0; 3077 } 3078 3079 spin_lock_irqsave(&wl->irq_lock, flags); 3080 p = &(wl->qos_params[queue]); 3081 memcpy(&(p->p), params, sizeof(p->p)); 3082 p->need_hw_update = 1; 3083 spin_unlock_irqrestore(&wl->irq_lock, flags); 3084 3085 queue_work(hw->workqueue, &wl->qos_update_work); 3086 3087 return 0; 3088} 3089 3090static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3091 struct ieee80211_tx_queue_stats *stats) 3092{ 3093 struct b43_wl *wl = hw_to_b43_wl(hw); 3094 struct b43_wldev *dev = wl->current_dev; 3095 unsigned long flags; 3096 int err = -ENODEV; 3097 3098 if (!dev) 3099 goto out; 3100 spin_lock_irqsave(&wl->irq_lock, flags); 3101 if (likely(b43_status(dev) >= B43_STAT_STARTED)) { 3102 if (b43_using_pio_transfers(dev)) 3103 b43_pio_get_tx_stats(dev, stats); 3104 else 3105 b43_dma_get_tx_stats(dev, stats); 3106 err = 0; 3107 } 3108 spin_unlock_irqrestore(&wl->irq_lock, flags); 3109out: 3110 return err; 3111} 3112 3113static int b43_op_get_stats(struct ieee80211_hw *hw, 3114 struct ieee80211_low_level_stats *stats) 3115{ 3116 struct b43_wl *wl = hw_to_b43_wl(hw); 3117 unsigned long flags; 3118 3119 spin_lock_irqsave(&wl->irq_lock, flags); 3120 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3121 spin_unlock_irqrestore(&wl->irq_lock, flags); 3122 3123 return 0; 3124} 3125 3126static void b43_put_phy_into_reset(struct b43_wldev *dev) 3127{ 3128 struct ssb_device *sdev = dev->dev; 3129 u32 tmslow; 3130 3131 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3132 tmslow &= ~B43_TMSLOW_GMODE; 3133 tmslow |= B43_TMSLOW_PHYRESET; 3134 tmslow |= SSB_TMSLOW_FGC; 3135 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3136 msleep(1); 3137 3138 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3139 tmslow &= ~SSB_TMSLOW_FGC; 3140 tmslow |= B43_TMSLOW_PHYRESET; 3141 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3142 msleep(1); 3143} 3144 3145static const char * band_to_string(enum ieee80211_band band) 3146{ 3147 switch (band) { 3148 case IEEE80211_BAND_5GHZ: 3149 return "5"; 3150 case IEEE80211_BAND_2GHZ: 3151 return "2.4"; 3152 default: 3153 break; 3154 } 3155 B43_WARN_ON(1); 3156 return ""; 3157} 3158 3159/* Expects wl->mutex locked */ 3160static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3161{ 3162 struct b43_wldev *up_dev = NULL; 3163 struct b43_wldev *down_dev; 3164 struct b43_wldev *d; 3165 int err; 3166 bool gmode; 3167 int prev_status; 3168 3169 /* Find a device and PHY which supports the band. */ 3170 list_for_each_entry(d, &wl->devlist, list) { 3171 switch (chan->band) { 3172 case IEEE80211_BAND_5GHZ: 3173 if (d->phy.supports_5ghz) { 3174 up_dev = d; 3175 gmode = 0; 3176 } 3177 break; 3178 case IEEE80211_BAND_2GHZ: 3179 if (d->phy.supports_2ghz) { 3180 up_dev = d; 3181 gmode = 1; 3182 } 3183 break; 3184 default: 3185 B43_WARN_ON(1); 3186 return -EINVAL; 3187 } 3188 if (up_dev) 3189 break; 3190 } 3191 if (!up_dev) { 3192 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3193 band_to_string(chan->band)); 3194 return -ENODEV; 3195 } 3196 if ((up_dev == wl->current_dev) && 3197 (!!wl->current_dev->phy.gmode == !!gmode)) { 3198 /* This device is already running. */ 3199 return 0; 3200 } 3201 b43dbg(wl, "Switching to %s-GHz band\n", 3202 band_to_string(chan->band)); 3203 down_dev = wl->current_dev; 3204 3205 prev_status = b43_status(down_dev); 3206 /* Shutdown the currently running core. */ 3207 if (prev_status >= B43_STAT_STARTED) 3208 b43_wireless_core_stop(down_dev); 3209 if (prev_status >= B43_STAT_INITIALIZED) 3210 b43_wireless_core_exit(down_dev); 3211 3212 if (down_dev != up_dev) { 3213 /* We switch to a different core, so we put PHY into 3214 * RESET on the old core. */ 3215 b43_put_phy_into_reset(down_dev); 3216 } 3217 3218 /* Now start the new core. */ 3219 up_dev->phy.gmode = gmode; 3220 if (prev_status >= B43_STAT_INITIALIZED) { 3221 err = b43_wireless_core_init(up_dev); 3222 if (err) { 3223 b43err(wl, "Fatal: Could not initialize device for " 3224 "selected %s-GHz band\n", 3225 band_to_string(chan->band)); 3226 goto init_failure; 3227 } 3228 } 3229 if (prev_status >= B43_STAT_STARTED) { 3230 err = b43_wireless_core_start(up_dev); 3231 if (err) { 3232 b43err(wl, "Fatal: Coult not start device for " 3233 "selected %s-GHz band\n", 3234 band_to_string(chan->band)); 3235 b43_wireless_core_exit(up_dev); 3236 goto init_failure; 3237 } 3238 } 3239 B43_WARN_ON(b43_status(up_dev) != prev_status); 3240 3241 wl->current_dev = up_dev; 3242 3243 return 0; 3244init_failure: 3245 /* Whoops, failed to init the new core. No core is operating now. */ 3246 wl->current_dev = NULL; 3247 return err; 3248} 3249 3250static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf) 3251{ 3252 struct b43_wl *wl = hw_to_b43_wl(hw); 3253 struct b43_wldev *dev; 3254 struct b43_phy *phy; 3255 unsigned long flags; 3256 int antenna; 3257 int err = 0; 3258 u32 savedirqs; 3259 3260 mutex_lock(&wl->mutex); 3261 3262 /* Switch the band (if necessary). This might change the active core. */ 3263 err = b43_switch_band(wl, conf->channel); 3264 if (err) 3265 goto out_unlock_mutex; 3266 dev = wl->current_dev; 3267 phy = &dev->phy; 3268 3269 /* Disable IRQs while reconfiguring the device. 3270 * This makes it possible to drop the spinlock throughout 3271 * the reconfiguration process. */ 3272 spin_lock_irqsave(&wl->irq_lock, flags); 3273 if (b43_status(dev) < B43_STAT_STARTED) { 3274 spin_unlock_irqrestore(&wl->irq_lock, flags); 3275 goto out_unlock_mutex; 3276 } 3277 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL); 3278 spin_unlock_irqrestore(&wl->irq_lock, flags); 3279 b43_synchronize_irq(dev); 3280 3281 /* Switch to the requested channel. 3282 * The firmware takes care of races with the TX handler. */ 3283 if (conf->channel->hw_value != phy->channel) 3284 b43_radio_selectchannel(dev, conf->channel->hw_value, 0); 3285 3286 /* Enable/Disable ShortSlot timing. */ 3287 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) != 3288 dev->short_slot) { 3289 B43_WARN_ON(phy->type != B43_PHYTYPE_G); 3290 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME) 3291 b43_short_slot_timing_enable(dev); 3292 else 3293 b43_short_slot_timing_disable(dev); 3294 } 3295 3296 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP); 3297 3298 /* Adjust the desired TX power level. */ 3299 if (conf->power_level != 0) { 3300 if (conf->power_level != phy->power_level) { 3301 phy->power_level = conf->power_level; 3302 b43_phy_xmitpower(dev); 3303 } 3304 } 3305 3306 /* Antennas for RX and management frame TX. */ 3307 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx); 3308 b43_mgmtframe_txantenna(dev, antenna); 3309 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx); 3310 b43_set_rx_antenna(dev, antenna); 3311 3312 /* Update templates for AP mode. */ 3313 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) 3314 b43_set_beacon_int(dev, conf->beacon_int); 3315 3316 if (!!conf->radio_enabled != phy->radio_on) { 3317 if (conf->radio_enabled) { 3318 b43_radio_turn_on(dev); 3319 b43info(dev->wl, "Radio turned on by software\n"); 3320 if (!dev->radio_hw_enable) { 3321 b43info(dev->wl, "The hardware RF-kill button " 3322 "still turns the radio physically off. " 3323 "Press the button to turn it on.\n"); 3324 } 3325 } else { 3326 b43_radio_turn_off(dev, 0); 3327 b43info(dev->wl, "Radio turned off by software\n"); 3328 } 3329 } 3330 3331 spin_lock_irqsave(&wl->irq_lock, flags); 3332 b43_interrupt_enable(dev, savedirqs); 3333 mmiowb(); 3334 spin_unlock_irqrestore(&wl->irq_lock, flags); 3335 out_unlock_mutex: 3336 mutex_unlock(&wl->mutex); 3337 3338 return err; 3339} 3340 3341static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3342 const u8 *local_addr, const u8 *addr, 3343 struct ieee80211_key_conf *key) 3344{ 3345 struct b43_wl *wl = hw_to_b43_wl(hw); 3346 struct b43_wldev *dev; 3347 unsigned long flags; 3348 u8 algorithm; 3349 u8 index; 3350 int err; 3351 DECLARE_MAC_BUF(mac); 3352 3353 if (modparam_nohwcrypt) 3354 return -ENOSPC; /* User disabled HW-crypto */ 3355 3356 mutex_lock(&wl->mutex); 3357 spin_lock_irqsave(&wl->irq_lock, flags); 3358 3359 dev = wl->current_dev; 3360 err = -ENODEV; 3361 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3362 goto out_unlock; 3363 3364 err = -EINVAL; 3365 switch (key->alg) { 3366 case ALG_WEP: 3367 if (key->keylen == 5) 3368 algorithm = B43_SEC_ALGO_WEP40; 3369 else 3370 algorithm = B43_SEC_ALGO_WEP104; 3371 break; 3372 case ALG_TKIP: 3373 algorithm = B43_SEC_ALGO_TKIP; 3374 break; 3375 case ALG_CCMP: 3376 algorithm = B43_SEC_ALGO_AES; 3377 break; 3378 default: 3379 B43_WARN_ON(1); 3380 goto out_unlock; 3381 } 3382 index = (u8) (key->keyidx); 3383 if (index > 3) 3384 goto out_unlock; 3385 3386 switch (cmd) { 3387 case SET_KEY: 3388 if (algorithm == B43_SEC_ALGO_TKIP) { 3389 /* FIXME: No TKIP hardware encryption for now. */ 3390 err = -EOPNOTSUPP; 3391 goto out_unlock; 3392 } 3393 3394 if (is_broadcast_ether_addr(addr)) { 3395 /* addr is FF:FF:FF:FF:FF:FF for default keys */ 3396 err = b43_key_write(dev, index, algorithm, 3397 key->key, key->keylen, NULL, key); 3398 } else { 3399 /* 3400 * either pairwise key or address is 00:00:00:00:00:00 3401 * for transmit-only keys 3402 */ 3403 err = b43_key_write(dev, -1, algorithm, 3404 key->key, key->keylen, addr, key); 3405 } 3406 if (err) 3407 goto out_unlock; 3408 3409 if (algorithm == B43_SEC_ALGO_WEP40 || 3410 algorithm == B43_SEC_ALGO_WEP104) { 3411 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3412 } else { 3413 b43_hf_write(dev, 3414 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3415 } 3416 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3417 break; 3418 case DISABLE_KEY: { 3419 err = b43_key_clear(dev, key->hw_key_idx); 3420 if (err) 3421 goto out_unlock; 3422 break; 3423 } 3424 default: 3425 B43_WARN_ON(1); 3426 } 3427out_unlock: 3428 spin_unlock_irqrestore(&wl->irq_lock, flags); 3429 mutex_unlock(&wl->mutex); 3430 if (!err) { 3431 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3432 "mac: %s\n", 3433 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3434 print_mac(mac, addr)); 3435 } 3436 return err; 3437} 3438 3439static void b43_op_configure_filter(struct ieee80211_hw *hw, 3440 unsigned int changed, unsigned int *fflags, 3441 int mc_count, struct dev_addr_list *mc_list) 3442{ 3443 struct b43_wl *wl = hw_to_b43_wl(hw); 3444 struct b43_wldev *dev = wl->current_dev; 3445 unsigned long flags; 3446 3447 if (!dev) { 3448 *fflags = 0; 3449 return; 3450 } 3451 3452 spin_lock_irqsave(&wl->irq_lock, flags); 3453 *fflags &= FIF_PROMISC_IN_BSS | 3454 FIF_ALLMULTI | 3455 FIF_FCSFAIL | 3456 FIF_PLCPFAIL | 3457 FIF_CONTROL | 3458 FIF_OTHER_BSS | 3459 FIF_BCN_PRBRESP_PROMISC; 3460 3461 changed &= FIF_PROMISC_IN_BSS | 3462 FIF_ALLMULTI | 3463 FIF_FCSFAIL | 3464 FIF_PLCPFAIL | 3465 FIF_CONTROL | 3466 FIF_OTHER_BSS | 3467 FIF_BCN_PRBRESP_PROMISC; 3468 3469 wl->filter_flags = *fflags; 3470 3471 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3472 b43_adjust_opmode(dev); 3473 spin_unlock_irqrestore(&wl->irq_lock, flags); 3474} 3475 3476static int b43_op_config_interface(struct ieee80211_hw *hw, 3477 struct ieee80211_vif *vif, 3478 struct ieee80211_if_conf *conf) 3479{ 3480 struct b43_wl *wl = hw_to_b43_wl(hw); 3481 struct b43_wldev *dev = wl->current_dev; 3482 unsigned long flags; 3483 3484 if (!dev) 3485 return -ENODEV; 3486 mutex_lock(&wl->mutex); 3487 spin_lock_irqsave(&wl->irq_lock, flags); 3488 B43_WARN_ON(wl->vif != vif); 3489 if (conf->bssid) 3490 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3491 else 3492 memset(wl->bssid, 0, ETH_ALEN); 3493 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3494 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) { 3495 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP); 3496 b43_set_ssid(dev, conf->ssid, conf->ssid_len); 3497 if (conf->beacon) { 3498 b43_update_templates(wl, conf->beacon, 3499 conf->beacon_control); 3500 } 3501 } 3502 b43_write_mac_bssid_templates(dev); 3503 } 3504 spin_unlock_irqrestore(&wl->irq_lock, flags); 3505 mutex_unlock(&wl->mutex); 3506 3507 return 0; 3508} 3509 3510/* Locking: wl->mutex */ 3511static void b43_wireless_core_stop(struct b43_wldev *dev) 3512{ 3513 struct b43_wl *wl = dev->wl; 3514 unsigned long flags; 3515 3516 if (b43_status(dev) < B43_STAT_STARTED) 3517 return; 3518 3519 /* Disable and sync interrupts. We must do this before than 3520 * setting the status to INITIALIZED, as the interrupt handler 3521 * won't care about IRQs then. */ 3522 spin_lock_irqsave(&wl->irq_lock, flags); 3523 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL); 3524 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */ 3525 spin_unlock_irqrestore(&wl->irq_lock, flags); 3526 b43_synchronize_irq(dev); 3527 3528 write_lock_irqsave(&wl->tx_lock, flags); 3529 b43_set_status(dev, B43_STAT_INITIALIZED); 3530 write_unlock_irqrestore(&wl->tx_lock, flags); 3531 3532 b43_pio_stop(dev); 3533 mutex_unlock(&wl->mutex); 3534 /* Must unlock as it would otherwise deadlock. No races here. 3535 * Cancel the possibly running self-rearming periodic work. */ 3536 cancel_delayed_work_sync(&dev->periodic_work); 3537 mutex_lock(&wl->mutex); 3538 3539 b43_mac_suspend(dev); 3540 free_irq(dev->dev->irq, dev); 3541 b43dbg(wl, "Wireless interface stopped\n"); 3542} 3543 3544/* Locking: wl->mutex */ 3545static int b43_wireless_core_start(struct b43_wldev *dev) 3546{ 3547 int err; 3548 3549 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3550 3551 drain_txstatus_queue(dev); 3552 err = request_irq(dev->dev->irq, b43_interrupt_handler, 3553 IRQF_SHARED, KBUILD_MODNAME, dev); 3554 if (err) { 3555 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3556 goto out; 3557 } 3558 3559 /* We are ready to run. */ 3560 b43_set_status(dev, B43_STAT_STARTED); 3561 3562 /* Start data flow (TX/RX). */ 3563 b43_mac_enable(dev); 3564 b43_interrupt_enable(dev, dev->irq_savedstate); 3565 ieee80211_start_queues(dev->wl->hw); 3566 3567 /* Start maintainance work */ 3568 b43_periodic_tasks_setup(dev); 3569 3570 b43dbg(dev->wl, "Wireless interface started\n"); 3571 out: 3572 return err; 3573} 3574 3575/* Get PHY and RADIO versioning numbers */ 3576static int b43_phy_versioning(struct b43_wldev *dev) 3577{ 3578 struct b43_phy *phy = &dev->phy; 3579 u32 tmp; 3580 u8 analog_type; 3581 u8 phy_type; 3582 u8 phy_rev; 3583 u16 radio_manuf; 3584 u16 radio_ver; 3585 u16 radio_rev; 3586 int unsupported = 0; 3587 3588 /* Get PHY versioning */ 3589 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3590 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3591 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3592 phy_rev = (tmp & B43_PHYVER_VERSION); 3593 switch (phy_type) { 3594 case B43_PHYTYPE_A: 3595 if (phy_rev >= 4) 3596 unsupported = 1; 3597 break; 3598 case B43_PHYTYPE_B: 3599 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 3600 && phy_rev != 7) 3601 unsupported = 1; 3602 break; 3603 case B43_PHYTYPE_G: 3604 if (phy_rev > 9) 3605 unsupported = 1; 3606 break; 3607#ifdef CONFIG_B43_NPHY 3608 case B43_PHYTYPE_N: 3609 if (phy_rev > 1) 3610 unsupported = 1; 3611 break; 3612#endif 3613 default: 3614 unsupported = 1; 3615 }; 3616 if (unsupported) { 3617 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 3618 "(Analog %u, Type %u, Revision %u)\n", 3619 analog_type, phy_type, phy_rev); 3620 return -EOPNOTSUPP; 3621 } 3622 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 3623 analog_type, phy_type, phy_rev); 3624 3625 /* Get RADIO versioning */ 3626 if (dev->dev->bus->chip_id == 0x4317) { 3627 if (dev->dev->bus->chip_rev == 0) 3628 tmp = 0x3205017F; 3629 else if (dev->dev->bus->chip_rev == 1) 3630 tmp = 0x4205017F; 3631 else 3632 tmp = 0x5205017F; 3633 } else { 3634 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3635 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 3636 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 3637 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 3638 } 3639 radio_manuf = (tmp & 0x00000FFF); 3640 radio_ver = (tmp & 0x0FFFF000) >> 12; 3641 radio_rev = (tmp & 0xF0000000) >> 28; 3642 if (radio_manuf != 0x17F /* Broadcom */) 3643 unsupported = 1; 3644 switch (phy_type) { 3645 case B43_PHYTYPE_A: 3646 if (radio_ver != 0x2060) 3647 unsupported = 1; 3648 if (radio_rev != 1) 3649 unsupported = 1; 3650 if (radio_manuf != 0x17F) 3651 unsupported = 1; 3652 break; 3653 case B43_PHYTYPE_B: 3654 if ((radio_ver & 0xFFF0) != 0x2050) 3655 unsupported = 1; 3656 break; 3657 case B43_PHYTYPE_G: 3658 if (radio_ver != 0x2050) 3659 unsupported = 1; 3660 break; 3661 case B43_PHYTYPE_N: 3662 if (radio_ver != 0x2055) 3663 unsupported = 1; 3664 break; 3665 default: 3666 B43_WARN_ON(1); 3667 } 3668 if (unsupported) { 3669 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 3670 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 3671 radio_manuf, radio_ver, radio_rev); 3672 return -EOPNOTSUPP; 3673 } 3674 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 3675 radio_manuf, radio_ver, radio_rev); 3676 3677 phy->radio_manuf = radio_manuf; 3678 phy->radio_ver = radio_ver; 3679 phy->radio_rev = radio_rev; 3680 3681 phy->analog = analog_type; 3682 phy->type = phy_type; 3683 phy->rev = phy_rev; 3684 3685 return 0; 3686} 3687 3688static void setup_struct_phy_for_init(struct b43_wldev *dev, 3689 struct b43_phy *phy) 3690{ 3691 struct b43_txpower_lo_control *lo; 3692 int i; 3693 3694 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig)); 3695 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos)); 3696 3697 phy->aci_enable = 0; 3698 phy->aci_wlan_automatic = 0; 3699 phy->aci_hw_rssi = 0; 3700 3701 phy->radio_off_context.valid = 0; 3702 3703 lo = phy->lo_control; 3704 if (lo) { 3705 memset(lo, 0, sizeof(*(phy->lo_control))); 3706 lo->rebuild = 1; 3707 lo->tx_bias = 0xFF; 3708 } 3709 phy->max_lb_gain = 0; 3710 phy->trsw_rx_gain = 0; 3711 phy->txpwr_offset = 0; 3712 3713 /* NRSSI */ 3714 phy->nrssislope = 0; 3715 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++) 3716 phy->nrssi[i] = -1000; 3717 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++) 3718 phy->nrssi_lt[i] = i; 3719 3720 phy->lofcal = 0xFFFF; 3721 phy->initval = 0xFFFF; 3722 3723 phy->interfmode = B43_INTERFMODE_NONE; 3724 phy->channel = 0xFF; 3725 3726 phy->hardware_power_control = !!modparam_hwpctl; 3727 3728 /* PHY TX errors counter. */ 3729 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3730 3731 /* OFDM-table address caching. */ 3732 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN; 3733} 3734 3735static void setup_struct_wldev_for_init(struct b43_wldev *dev) 3736{ 3737 dev->dfq_valid = 0; 3738 3739 /* Assume the radio is enabled. If it's not enabled, the state will 3740 * immediately get fixed on the first periodic work run. */ 3741 dev->radio_hw_enable = 1; 3742 3743 /* Stats */ 3744 memset(&dev->stats, 0, sizeof(dev->stats)); 3745 3746 setup_struct_phy_for_init(dev, &dev->phy); 3747 3748 /* IRQ related flags */ 3749 dev->irq_reason = 0; 3750 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 3751 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE; 3752 3753 dev->mac_suspended = 1; 3754 3755 /* Noise calculation context */ 3756 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 3757} 3758 3759static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 3760{ 3761 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 3762 u64 hf; 3763 3764 if (!modparam_btcoex) 3765 return; 3766 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 3767 return; 3768 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 3769 return; 3770 3771 hf = b43_hf_read(dev); 3772 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 3773 hf |= B43_HF_BTCOEXALT; 3774 else 3775 hf |= B43_HF_BTCOEX; 3776 b43_hf_write(dev, hf); 3777} 3778 3779static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 3780{ 3781 if (!modparam_btcoex) 3782 return; 3783 //TODO 3784} 3785 3786static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 3787{ 3788#ifdef CONFIG_SSB_DRIVER_PCICORE 3789 struct ssb_bus *bus = dev->dev->bus; 3790 u32 tmp; 3791 3792 if (bus->pcicore.dev && 3793 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 3794 bus->pcicore.dev->id.revision <= 5) { 3795 /* IMCFGLO timeouts workaround. */ 3796 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 3797 tmp &= ~SSB_IMCFGLO_REQTO; 3798 tmp &= ~SSB_IMCFGLO_SERTO; 3799 switch (bus->bustype) { 3800 case SSB_BUSTYPE_PCI: 3801 case SSB_BUSTYPE_PCMCIA: 3802 tmp |= 0x32; 3803 break; 3804 case SSB_BUSTYPE_SSB: 3805 tmp |= 0x53; 3806 break; 3807 } 3808 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 3809 } 3810#endif /* CONFIG_SSB_DRIVER_PCICORE */ 3811} 3812 3813/* Write the short and long frame retry limit values. */ 3814static void b43_set_retry_limits(struct b43_wldev *dev, 3815 unsigned int short_retry, 3816 unsigned int long_retry) 3817{ 3818 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3819 * the chip-internal counter. */ 3820 short_retry = min(short_retry, (unsigned int)0xF); 3821 long_retry = min(long_retry, (unsigned int)0xF); 3822 3823 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3824 short_retry); 3825 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3826 long_retry); 3827} 3828 3829static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 3830{ 3831 u16 pu_delay; 3832 3833 /* The time value is in microseconds. */ 3834 if (dev->phy.type == B43_PHYTYPE_A) 3835 pu_delay = 3700; 3836 else 3837 pu_delay = 1050; 3838 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS) || idle) 3839 pu_delay = 500; 3840 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 3841 pu_delay = max(pu_delay, (u16)2400); 3842 3843 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 3844} 3845 3846/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 3847static void b43_set_pretbtt(struct b43_wldev *dev) 3848{ 3849 u16 pretbtt; 3850 3851 /* The time value is in microseconds. */ 3852 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) { 3853 pretbtt = 2; 3854 } else { 3855 if (dev->phy.type == B43_PHYTYPE_A) 3856 pretbtt = 120; 3857 else 3858 pretbtt = 250; 3859 } 3860 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 3861 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 3862} 3863 3864/* Shutdown a wireless core */ 3865/* Locking: wl->mutex */ 3866static void b43_wireless_core_exit(struct b43_wldev *dev) 3867{ 3868 struct b43_phy *phy = &dev->phy; 3869 u32 macctl; 3870 3871 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED); 3872 if (b43_status(dev) != B43_STAT_INITIALIZED) 3873 return; 3874 b43_set_status(dev, B43_STAT_UNINIT); 3875 3876 /* Stop the microcode PSM. */ 3877 macctl = b43_read32(dev, B43_MMIO_MACCTL); 3878 macctl &= ~B43_MACCTL_PSM_RUN; 3879 macctl |= B43_MACCTL_PSM_JMP0; 3880 b43_write32(dev, B43_MMIO_MACCTL, macctl); 3881 3882 if (!dev->suspend_in_progress) { 3883 b43_leds_exit(dev); 3884 b43_rng_exit(dev->wl); 3885 } 3886 b43_dma_free(dev); 3887 b43_pio_free(dev); 3888 b43_chip_exit(dev); 3889 b43_radio_turn_off(dev, 1); 3890 b43_switch_analog(dev, 0); 3891 if (phy->dyn_tssi_tbl) 3892 kfree(phy->tssi2dbm); 3893 kfree(phy->lo_control); 3894 phy->lo_control = NULL; 3895 if (dev->wl->current_beacon) { 3896 dev_kfree_skb_any(dev->wl->current_beacon); 3897 dev->wl->current_beacon = NULL; 3898 } 3899 3900 ssb_device_disable(dev->dev, 0); 3901 ssb_bus_may_powerdown(dev->dev->bus); 3902} 3903 3904/* Initialize a wireless core */ 3905static int b43_wireless_core_init(struct b43_wldev *dev) 3906{ 3907 struct b43_wl *wl = dev->wl; 3908 struct ssb_bus *bus = dev->dev->bus; 3909 struct ssb_sprom *sprom = &bus->sprom; 3910 struct b43_phy *phy = &dev->phy; 3911 int err; 3912 u64 hf; 3913 u32 tmp; 3914 3915 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 3916 3917 err = ssb_bus_powerup(bus, 0); 3918 if (err) 3919 goto out; 3920 if (!ssb_device_is_enabled(dev->dev)) { 3921 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 3922 b43_wireless_core_reset(dev, tmp); 3923 } 3924 3925 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) { 3926 phy->lo_control = 3927 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL); 3928 if (!phy->lo_control) { 3929 err = -ENOMEM; 3930 goto err_busdown; 3931 } 3932 } 3933 setup_struct_wldev_for_init(dev); 3934 3935 err = b43_phy_init_tssi2dbm_table(dev); 3936 if (err) 3937 goto err_kfree_lo_control; 3938 3939 /* Enable IRQ routing to this device. */ 3940 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 3941 3942 b43_imcfglo_timeouts_workaround(dev); 3943 b43_bluetooth_coext_disable(dev); 3944 b43_phy_early_init(dev); 3945 err = b43_chip_init(dev); 3946 if (err) 3947 goto err_kfree_tssitbl; 3948 b43_shm_write16(dev, B43_SHM_SHARED, 3949 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 3950 hf = b43_hf_read(dev); 3951 if (phy->type == B43_PHYTYPE_G) { 3952 hf |= B43_HF_SYMW; 3953 if (phy->rev == 1) 3954 hf |= B43_HF_GDCW; 3955 if (sprom->boardflags_lo & B43_BFL_PACTRL) 3956 hf |= B43_HF_OFDMPABOOST; 3957 } else if (phy->type == B43_PHYTYPE_B) { 3958 hf |= B43_HF_SYMW; 3959 if (phy->rev >= 2 && phy->radio_ver == 0x2050) 3960 hf &= ~B43_HF_GDCW; 3961 } 3962 b43_hf_write(dev, hf); 3963 3964 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 3965 B43_DEFAULT_LONG_RETRY_LIMIT); 3966 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 3967 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 3968 3969 /* Disable sending probe responses from firmware. 3970 * Setting the MaxTime to one usec will always trigger 3971 * a timeout, so we never send any probe resp. 3972 * A timeout of zero is infinite. */ 3973 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 3974 3975 b43_rate_memory_init(dev); 3976 b43_set_phytxctl_defaults(dev); 3977 3978 /* Minimum Contention Window */ 3979 if (phy->type == B43_PHYTYPE_B) { 3980 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 3981 } else { 3982 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 3983 } 3984 /* Maximum Contention Window */ 3985 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 3986 3987 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) { 3988 dev->__using_pio_transfers = 1; 3989 err = b43_pio_init(dev); 3990 } else { 3991 dev->__using_pio_transfers = 0; 3992 err = b43_dma_init(dev); 3993 } 3994 if (err) 3995 goto err_chip_exit; 3996 b43_qos_init(dev); 3997 b43_set_synth_pu_delay(dev, 1); 3998 b43_bluetooth_coext_enable(dev); 3999 4000 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */ 4001 b43_upload_card_macaddress(dev); 4002 b43_security_init(dev); 4003 if (!dev->suspend_in_progress) 4004 b43_rng_init(wl); 4005 4006 b43_set_status(dev, B43_STAT_INITIALIZED); 4007 4008 if (!dev->suspend_in_progress) 4009 b43_leds_init(dev); 4010out: 4011 return err; 4012 4013 err_chip_exit: 4014 b43_chip_exit(dev); 4015 err_kfree_tssitbl: 4016 if (phy->dyn_tssi_tbl) 4017 kfree(phy->tssi2dbm); 4018 err_kfree_lo_control: 4019 kfree(phy->lo_control); 4020 phy->lo_control = NULL; 4021 err_busdown: 4022 ssb_bus_may_powerdown(bus); 4023 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4024 return err; 4025} 4026 4027static int b43_op_add_interface(struct ieee80211_hw *hw, 4028 struct ieee80211_if_init_conf *conf) 4029{ 4030 struct b43_wl *wl = hw_to_b43_wl(hw); 4031 struct b43_wldev *dev; 4032 unsigned long flags; 4033 int err = -EOPNOTSUPP; 4034 4035 /* TODO: allow WDS/AP devices to coexist */ 4036 4037 if (conf->type != IEEE80211_IF_TYPE_AP && 4038 conf->type != IEEE80211_IF_TYPE_STA && 4039 conf->type != IEEE80211_IF_TYPE_WDS && 4040 conf->type != IEEE80211_IF_TYPE_IBSS) 4041 return -EOPNOTSUPP; 4042 4043 mutex_lock(&wl->mutex); 4044 if (wl->operating) 4045 goto out_mutex_unlock; 4046 4047 b43dbg(wl, "Adding Interface type %d\n", conf->type); 4048 4049 dev = wl->current_dev; 4050 wl->operating = 1; 4051 wl->vif = conf->vif; 4052 wl->if_type = conf->type; 4053 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 4054 4055 spin_lock_irqsave(&wl->irq_lock, flags); 4056 b43_adjust_opmode(dev); 4057 b43_set_pretbtt(dev); 4058 b43_set_synth_pu_delay(dev, 0); 4059 b43_upload_card_macaddress(dev); 4060 spin_unlock_irqrestore(&wl->irq_lock, flags); 4061 4062 err = 0; 4063 out_mutex_unlock: 4064 mutex_unlock(&wl->mutex); 4065 4066 return err; 4067} 4068 4069static void b43_op_remove_interface(struct ieee80211_hw *hw, 4070 struct ieee80211_if_init_conf *conf) 4071{ 4072 struct b43_wl *wl = hw_to_b43_wl(hw); 4073 struct b43_wldev *dev = wl->current_dev; 4074 unsigned long flags; 4075 4076 b43dbg(wl, "Removing Interface type %d\n", conf->type); 4077 4078 mutex_lock(&wl->mutex); 4079 4080 B43_WARN_ON(!wl->operating); 4081 B43_WARN_ON(wl->vif != conf->vif); 4082 wl->vif = NULL; 4083 4084 wl->operating = 0; 4085 4086 spin_lock_irqsave(&wl->irq_lock, flags); 4087 b43_adjust_opmode(dev); 4088 memset(wl->mac_addr, 0, ETH_ALEN); 4089 b43_upload_card_macaddress(dev); 4090 spin_unlock_irqrestore(&wl->irq_lock, flags); 4091 4092 mutex_unlock(&wl->mutex); 4093} 4094 4095static int b43_op_start(struct ieee80211_hw *hw) 4096{ 4097 struct b43_wl *wl = hw_to_b43_wl(hw); 4098 struct b43_wldev *dev = wl->current_dev; 4099 int did_init = 0; 4100 int err = 0; 4101 bool do_rfkill_exit = 0; 4102 4103 /* Kill all old instance specific information to make sure 4104 * the card won't use it in the short timeframe between start 4105 * and mac80211 reconfiguring it. */ 4106 memset(wl->bssid, 0, ETH_ALEN); 4107 memset(wl->mac_addr, 0, ETH_ALEN); 4108 wl->filter_flags = 0; 4109 wl->radiotap_enabled = 0; 4110 b43_qos_clear(wl); 4111 wl->beacon0_uploaded = 0; 4112 wl->beacon1_uploaded = 0; 4113 wl->beacon_templates_virgin = 1; 4114 4115 /* First register RFkill. 4116 * LEDs that are registered later depend on it. */ 4117 b43_rfkill_init(dev); 4118 4119 mutex_lock(&wl->mutex); 4120 4121 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4122 err = b43_wireless_core_init(dev); 4123 if (err) { 4124 do_rfkill_exit = 1; 4125 goto out_mutex_unlock; 4126 } 4127 did_init = 1; 4128 } 4129 4130 if (b43_status(dev) < B43_STAT_STARTED) { 4131 err = b43_wireless_core_start(dev); 4132 if (err) { 4133 if (did_init) 4134 b43_wireless_core_exit(dev); 4135 do_rfkill_exit = 1; 4136 goto out_mutex_unlock; 4137 } 4138 } 4139 4140 out_mutex_unlock: 4141 mutex_unlock(&wl->mutex); 4142 4143 if (do_rfkill_exit) 4144 b43_rfkill_exit(dev); 4145 4146 return err; 4147} 4148 4149static void b43_op_stop(struct ieee80211_hw *hw) 4150{ 4151 struct b43_wl *wl = hw_to_b43_wl(hw); 4152 struct b43_wldev *dev = wl->current_dev; 4153 4154 b43_rfkill_exit(dev); 4155 cancel_work_sync(&(wl->qos_update_work)); 4156 cancel_work_sync(&(wl->beacon_update_trigger)); 4157 4158 mutex_lock(&wl->mutex); 4159 if (b43_status(dev) >= B43_STAT_STARTED) 4160 b43_wireless_core_stop(dev); 4161 b43_wireless_core_exit(dev); 4162 mutex_unlock(&wl->mutex); 4163} 4164 4165static int b43_op_set_retry_limit(struct ieee80211_hw *hw, 4166 u32 short_retry_limit, u32 long_retry_limit) 4167{ 4168 struct b43_wl *wl = hw_to_b43_wl(hw); 4169 struct b43_wldev *dev; 4170 int err = 0; 4171 4172 mutex_lock(&wl->mutex); 4173 dev = wl->current_dev; 4174 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) { 4175 err = -ENODEV; 4176 goto out_unlock; 4177 } 4178 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit); 4179out_unlock: 4180 mutex_unlock(&wl->mutex); 4181 4182 return err; 4183} 4184 4185static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set) 4186{ 4187 struct b43_wl *wl = hw_to_b43_wl(hw); 4188 struct sk_buff *beacon; 4189 unsigned long flags; 4190 struct ieee80211_tx_control txctl; 4191 4192 /* We could modify the existing beacon and set the aid bit in 4193 * the TIM field, but that would probably require resizing and 4194 * moving of data within the beacon template. 4195 * Simply request a new beacon and let mac80211 do the hard work. */ 4196 beacon = ieee80211_beacon_get(hw, wl->vif, &txctl); 4197 if (unlikely(!beacon)) 4198 return -ENOMEM; 4199 spin_lock_irqsave(&wl->irq_lock, flags); 4200 b43_update_templates(wl, beacon, &txctl); 4201 spin_unlock_irqrestore(&wl->irq_lock, flags); 4202 4203 return 0; 4204} 4205 4206static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw, 4207 struct sk_buff *beacon, 4208 struct ieee80211_tx_control *ctl) 4209{ 4210 struct b43_wl *wl = hw_to_b43_wl(hw); 4211 unsigned long flags; 4212 4213 spin_lock_irqsave(&wl->irq_lock, flags); 4214 b43_update_templates(wl, beacon, ctl); 4215 spin_unlock_irqrestore(&wl->irq_lock, flags); 4216 4217 return 0; 4218} 4219 4220static void b43_op_sta_notify(struct ieee80211_hw *hw, 4221 struct ieee80211_vif *vif, 4222 enum sta_notify_cmd notify_cmd, 4223 const u8 *addr) 4224{ 4225 struct b43_wl *wl = hw_to_b43_wl(hw); 4226 4227 B43_WARN_ON(!vif || wl->vif != vif); 4228} 4229 4230static const struct ieee80211_ops b43_hw_ops = { 4231 .tx = b43_op_tx, 4232 .conf_tx = b43_op_conf_tx, 4233 .add_interface = b43_op_add_interface, 4234 .remove_interface = b43_op_remove_interface, 4235 .config = b43_op_config, 4236 .config_interface = b43_op_config_interface, 4237 .configure_filter = b43_op_configure_filter, 4238 .set_key = b43_op_set_key, 4239 .get_stats = b43_op_get_stats, 4240 .get_tx_stats = b43_op_get_tx_stats, 4241 .start = b43_op_start, 4242 .stop = b43_op_stop, 4243 .set_retry_limit = b43_op_set_retry_limit, 4244 .set_tim = b43_op_beacon_set_tim, 4245 .beacon_update = b43_op_ibss_beacon_update, 4246 .sta_notify = b43_op_sta_notify, 4247}; 4248 4249/* Hard-reset the chip. Do not call this directly. 4250 * Use b43_controller_restart() 4251 */ 4252static void b43_chip_reset(struct work_struct *work) 4253{ 4254 struct b43_wldev *dev = 4255 container_of(work, struct b43_wldev, restart_work); 4256 struct b43_wl *wl = dev->wl; 4257 int err = 0; 4258 int prev_status; 4259 4260 mutex_lock(&wl->mutex); 4261 4262 prev_status = b43_status(dev); 4263 /* Bring the device down... */ 4264 if (prev_status >= B43_STAT_STARTED) 4265 b43_wireless_core_stop(dev); 4266 if (prev_status >= B43_STAT_INITIALIZED) 4267 b43_wireless_core_exit(dev); 4268 4269 /* ...and up again. */ 4270 if (prev_status >= B43_STAT_INITIALIZED) { 4271 err = b43_wireless_core_init(dev); 4272 if (err) 4273 goto out; 4274 } 4275 if (prev_status >= B43_STAT_STARTED) { 4276 err = b43_wireless_core_start(dev); 4277 if (err) { 4278 b43_wireless_core_exit(dev); 4279 goto out; 4280 } 4281 } 4282out: 4283 if (err) 4284 wl->current_dev = NULL; /* Failed to init the dev. */ 4285 mutex_unlock(&wl->mutex); 4286 if (err) 4287 b43err(wl, "Controller restart FAILED\n"); 4288 else 4289 b43info(wl, "Controller restarted\n"); 4290} 4291 4292static int b43_setup_bands(struct b43_wldev *dev, 4293 bool have_2ghz_phy, bool have_5ghz_phy) 4294{ 4295 struct ieee80211_hw *hw = dev->wl->hw; 4296 4297 if (have_2ghz_phy) 4298 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4299 if (dev->phy.type == B43_PHYTYPE_N) { 4300 if (have_5ghz_phy) 4301 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4302 } else { 4303 if (have_5ghz_phy) 4304 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4305 } 4306 4307 dev->phy.supports_2ghz = have_2ghz_phy; 4308 dev->phy.supports_5ghz = have_5ghz_phy; 4309 4310 return 0; 4311} 4312 4313static void b43_wireless_core_detach(struct b43_wldev *dev) 4314{ 4315 /* We release firmware that late to not be required to re-request 4316 * is all the time when we reinit the core. */ 4317 b43_release_firmware(dev); 4318} 4319 4320static int b43_wireless_core_attach(struct b43_wldev *dev) 4321{ 4322 struct b43_wl *wl = dev->wl; 4323 struct ssb_bus *bus = dev->dev->bus; 4324 struct pci_dev *pdev = bus->host_pci; 4325 int err; 4326 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4327 u32 tmp; 4328 4329 /* Do NOT do any device initialization here. 4330 * Do it in wireless_core_init() instead. 4331 * This function is for gathering basic information about the HW, only. 4332 * Also some structs may be set up here. But most likely you want to have 4333 * that in core_init(), too. 4334 */ 4335 4336 err = ssb_bus_powerup(bus, 0); 4337 if (err) { 4338 b43err(wl, "Bus powerup failed\n"); 4339 goto out; 4340 } 4341 /* Get the PHY type. */ 4342 if (dev->dev->id.revision >= 5) { 4343 u32 tmshigh; 4344 4345 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4346 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4347 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4348 } else 4349 B43_WARN_ON(1); 4350 4351 dev->phy.gmode = have_2ghz_phy; 4352 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4353 b43_wireless_core_reset(dev, tmp); 4354 4355 err = b43_phy_versioning(dev); 4356 if (err) 4357 goto err_powerdown; 4358 /* Check if this device supports multiband. */ 4359 if (!pdev || 4360 (pdev->device != 0x4312 && 4361 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4362 /* No multiband support. */ 4363 have_2ghz_phy = 0; 4364 have_5ghz_phy = 0; 4365 switch (dev->phy.type) { 4366 case B43_PHYTYPE_A: 4367 have_5ghz_phy = 1; 4368 break; 4369 case B43_PHYTYPE_G: 4370 case B43_PHYTYPE_N: 4371 have_2ghz_phy = 1; 4372 break; 4373 default: 4374 B43_WARN_ON(1); 4375 } 4376 } 4377 if (dev->phy.type == B43_PHYTYPE_A) { 4378 /* FIXME */ 4379 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4380 err = -EOPNOTSUPP; 4381 goto err_powerdown; 4382 } 4383 if (1 /* disable A-PHY */) { 4384 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4385 if (dev->phy.type != B43_PHYTYPE_N) { 4386 have_2ghz_phy = 1; 4387 have_5ghz_phy = 0; 4388 } 4389 } 4390 4391 dev->phy.gmode = have_2ghz_phy; 4392 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4393 b43_wireless_core_reset(dev, tmp); 4394 4395 err = b43_validate_chipaccess(dev); 4396 if (err) 4397 goto err_powerdown; 4398 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4399 if (err) 4400 goto err_powerdown; 4401 4402 /* Now set some default "current_dev" */ 4403 if (!wl->current_dev) 4404 wl->current_dev = dev; 4405 INIT_WORK(&dev->restart_work, b43_chip_reset); 4406 4407 b43_radio_turn_off(dev, 1); 4408 b43_switch_analog(dev, 0); 4409 ssb_device_disable(dev->dev, 0); 4410 ssb_bus_may_powerdown(bus); 4411 4412out: 4413 return err; 4414 4415err_powerdown: 4416 ssb_bus_may_powerdown(bus); 4417 return err; 4418} 4419 4420static void b43_one_core_detach(struct ssb_device *dev) 4421{ 4422 struct b43_wldev *wldev; 4423 struct b43_wl *wl; 4424 4425 /* Do not cancel ieee80211-workqueue based work here. 4426 * See comment in b43_remove(). */ 4427 4428 wldev = ssb_get_drvdata(dev); 4429 wl = wldev->wl; 4430 b43_debugfs_remove_device(wldev); 4431 b43_wireless_core_detach(wldev); 4432 list_del(&wldev->list); 4433 wl->nr_devs--; 4434 ssb_set_drvdata(dev, NULL); 4435 kfree(wldev); 4436} 4437 4438static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4439{ 4440 struct b43_wldev *wldev; 4441 struct pci_dev *pdev; 4442 int err = -ENOMEM; 4443 4444 if (!list_empty(&wl->devlist)) { 4445 /* We are not the first core on this chip. */ 4446 pdev = dev->bus->host_pci; 4447 /* Only special chips support more than one wireless 4448 * core, although some of the other chips have more than 4449 * one wireless core as well. Check for this and 4450 * bail out early. 4451 */ 4452 if (!pdev || 4453 ((pdev->device != 0x4321) && 4454 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4455 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4456 return -ENODEV; 4457 } 4458 } 4459 4460 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4461 if (!wldev) 4462 goto out; 4463 4464 wldev->dev = dev; 4465 wldev->wl = wl; 4466 b43_set_status(wldev, B43_STAT_UNINIT); 4467 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4468 tasklet_init(&wldev->isr_tasklet, 4469 (void (*)(unsigned long))b43_interrupt_tasklet, 4470 (unsigned long)wldev); 4471 INIT_LIST_HEAD(&wldev->list); 4472 4473 err = b43_wireless_core_attach(wldev); 4474 if (err) 4475 goto err_kfree_wldev; 4476 4477 list_add(&wldev->list, &wl->devlist); 4478 wl->nr_devs++; 4479 ssb_set_drvdata(dev, wldev); 4480 b43_debugfs_add_device(wldev); 4481 4482 out: 4483 return err; 4484 4485 err_kfree_wldev: 4486 kfree(wldev); 4487 return err; 4488} 4489 4490#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4491 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4492 (pdev->device == _device) && \ 4493 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4494 (pdev->subsystem_device == _subdevice) ) 4495 4496static void b43_sprom_fixup(struct ssb_bus *bus) 4497{ 4498 struct pci_dev *pdev; 4499 4500 /* boardflags workarounds */ 4501 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4502 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4503 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4504 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4505 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4506 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4507 if (bus->bustype == SSB_BUSTYPE_PCI) { 4508 pdev = bus->host_pci; 4509 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4510 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4511 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013)) 4512 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4513 } 4514} 4515 4516static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4517{ 4518 struct ieee80211_hw *hw = wl->hw; 4519 4520 ssb_set_devtypedata(dev, NULL); 4521 ieee80211_free_hw(hw); 4522} 4523 4524static int b43_wireless_init(struct ssb_device *dev) 4525{ 4526 struct ssb_sprom *sprom = &dev->bus->sprom; 4527 struct ieee80211_hw *hw; 4528 struct b43_wl *wl; 4529 int err = -ENOMEM; 4530 4531 b43_sprom_fixup(dev->bus); 4532 4533 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4534 if (!hw) { 4535 b43err(NULL, "Could not allocate ieee80211 device\n"); 4536 goto out; 4537 } 4538 4539 /* fill hw info */ 4540 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE | 4541 IEEE80211_HW_RX_INCLUDES_FCS; 4542 hw->max_signal = 100; 4543 hw->max_rssi = -110; 4544 hw->max_noise = -110; 4545 hw->queues = b43_modparam_qos ? 4 : 1; 4546 SET_IEEE80211_DEV(hw, dev->dev); 4547 if (is_valid_ether_addr(sprom->et1mac)) 4548 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4549 else 4550 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4551 4552 /* Get and initialize struct b43_wl */ 4553 wl = hw_to_b43_wl(hw); 4554 memset(wl, 0, sizeof(*wl)); 4555 wl->hw = hw; 4556 spin_lock_init(&wl->irq_lock); 4557 rwlock_init(&wl->tx_lock); 4558 spin_lock_init(&wl->leds_lock); 4559 spin_lock_init(&wl->shm_lock); 4560 mutex_init(&wl->mutex); 4561 INIT_LIST_HEAD(&wl->devlist); 4562 INIT_WORK(&wl->qos_update_work, b43_qos_update_work); 4563 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4564 4565 ssb_set_devtypedata(dev, wl); 4566 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id); 4567 err = 0; 4568 out: 4569 return err; 4570} 4571 4572static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4573{ 4574 struct b43_wl *wl; 4575 int err; 4576 int first = 0; 4577 4578 wl = ssb_get_devtypedata(dev); 4579 if (!wl) { 4580 /* Probing the first core. Must setup common struct b43_wl */ 4581 first = 1; 4582 err = b43_wireless_init(dev); 4583 if (err) 4584 goto out; 4585 wl = ssb_get_devtypedata(dev); 4586 B43_WARN_ON(!wl); 4587 } 4588 err = b43_one_core_attach(dev, wl); 4589 if (err) 4590 goto err_wireless_exit; 4591 4592 if (first) { 4593 err = ieee80211_register_hw(wl->hw); 4594 if (err) 4595 goto err_one_core_detach; 4596 } 4597 4598 out: 4599 return err; 4600 4601 err_one_core_detach: 4602 b43_one_core_detach(dev); 4603 err_wireless_exit: 4604 if (first) 4605 b43_wireless_exit(dev, wl); 4606 return err; 4607} 4608 4609static void b43_remove(struct ssb_device *dev) 4610{ 4611 struct b43_wl *wl = ssb_get_devtypedata(dev); 4612 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4613 4614 /* We must cancel any work here before unregistering from ieee80211, 4615 * as the ieee80211 unreg will destroy the workqueue. */ 4616 cancel_work_sync(&wldev->restart_work); 4617 4618 B43_WARN_ON(!wl); 4619 if (wl->current_dev == wldev) 4620 ieee80211_unregister_hw(wl->hw); 4621 4622 b43_one_core_detach(dev); 4623 4624 if (list_empty(&wl->devlist)) { 4625 /* Last core on the chip unregistered. 4626 * We can destroy common struct b43_wl. 4627 */ 4628 b43_wireless_exit(dev, wl); 4629 } 4630} 4631 4632/* Perform a hardware reset. This can be called from any context. */ 4633void b43_controller_restart(struct b43_wldev *dev, const char *reason) 4634{ 4635 /* Must avoid requeueing, if we are in shutdown. */ 4636 if (b43_status(dev) < B43_STAT_INITIALIZED) 4637 return; 4638 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 4639 queue_work(dev->wl->hw->workqueue, &dev->restart_work); 4640} 4641 4642#ifdef CONFIG_PM 4643 4644static int b43_suspend(struct ssb_device *dev, pm_message_t state) 4645{ 4646 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4647 struct b43_wl *wl = wldev->wl; 4648 4649 b43dbg(wl, "Suspending...\n"); 4650 4651 mutex_lock(&wl->mutex); 4652 wldev->suspend_in_progress = true; 4653 wldev->suspend_init_status = b43_status(wldev); 4654 if (wldev->suspend_init_status >= B43_STAT_STARTED) 4655 b43_wireless_core_stop(wldev); 4656 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) 4657 b43_wireless_core_exit(wldev); 4658 mutex_unlock(&wl->mutex); 4659 4660 b43dbg(wl, "Device suspended.\n"); 4661 4662 return 0; 4663} 4664 4665static int b43_resume(struct ssb_device *dev) 4666{ 4667 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4668 struct b43_wl *wl = wldev->wl; 4669 int err = 0; 4670 4671 b43dbg(wl, "Resuming...\n"); 4672 4673 mutex_lock(&wl->mutex); 4674 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) { 4675 err = b43_wireless_core_init(wldev); 4676 if (err) { 4677 b43err(wl, "Resume failed at core init\n"); 4678 goto out; 4679 } 4680 } 4681 if (wldev->suspend_init_status >= B43_STAT_STARTED) { 4682 err = b43_wireless_core_start(wldev); 4683 if (err) { 4684 b43_leds_exit(wldev); 4685 b43_rng_exit(wldev->wl); 4686 b43_wireless_core_exit(wldev); 4687 b43err(wl, "Resume failed at core start\n"); 4688 goto out; 4689 } 4690 } 4691 b43dbg(wl, "Device resumed.\n"); 4692 out: 4693 wldev->suspend_in_progress = false; 4694 mutex_unlock(&wl->mutex); 4695 return err; 4696} 4697 4698#else /* CONFIG_PM */ 4699# define b43_suspend NULL 4700# define b43_resume NULL 4701#endif /* CONFIG_PM */ 4702 4703static struct ssb_driver b43_ssb_driver = { 4704 .name = KBUILD_MODNAME, 4705 .id_table = b43_ssb_tbl, 4706 .probe = b43_probe, 4707 .remove = b43_remove, 4708 .suspend = b43_suspend, 4709 .resume = b43_resume, 4710}; 4711 4712static void b43_print_driverinfo(void) 4713{ 4714 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 4715 *feat_leds = "", *feat_rfkill = ""; 4716 4717#ifdef CONFIG_B43_PCI_AUTOSELECT 4718 feat_pci = "P"; 4719#endif 4720#ifdef CONFIG_B43_PCMCIA 4721 feat_pcmcia = "M"; 4722#endif 4723#ifdef CONFIG_B43_NPHY 4724 feat_nphy = "N"; 4725#endif 4726#ifdef CONFIG_B43_LEDS 4727 feat_leds = "L"; 4728#endif 4729#ifdef CONFIG_B43_RFKILL 4730 feat_rfkill = "R"; 4731#endif 4732 printk(KERN_INFO "Broadcom 43xx driver loaded " 4733 "[ Features: %s%s%s%s%s, Firmware-ID: " 4734 B43_SUPPORTED_FIRMWARE_ID " ]\n", 4735 feat_pci, feat_pcmcia, feat_nphy, 4736 feat_leds, feat_rfkill); 4737} 4738 4739static int __init b43_init(void) 4740{ 4741 int err; 4742 4743 b43_debugfs_init(); 4744 err = b43_pcmcia_init(); 4745 if (err) 4746 goto err_dfs_exit; 4747 err = ssb_driver_register(&b43_ssb_driver); 4748 if (err) 4749 goto err_pcmcia_exit; 4750 b43_print_driverinfo(); 4751 4752 return err; 4753 4754err_pcmcia_exit: 4755 b43_pcmcia_exit(); 4756err_dfs_exit: 4757 b43_debugfs_exit(); 4758 return err; 4759} 4760 4761static void __exit b43_exit(void) 4762{ 4763 ssb_driver_unregister(&b43_ssb_driver); 4764 b43_pcmcia_exit(); 4765 b43_debugfs_exit(); 4766} 4767 4768module_init(b43_init) 4769module_exit(b43_exit) 4770