main.c revision d014d043869cdc591f3a33243d3481fa4479c2d0
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <asm/unaligned.h> 46 47#include "b43.h" 48#include "main.h" 49#include "debugfs.h" 50#include "phy_common.h" 51#include "phy_g.h" 52#include "phy_n.h" 53#include "dma.h" 54#include "pio.h" 55#include "sysfs.h" 56#include "xmit.h" 57#include "lo.h" 58#include "pcmcia.h" 59#include "sdio.h" 60#include <linux/mmc/sdio_func.h> 61 62MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 63MODULE_AUTHOR("Martin Langer"); 64MODULE_AUTHOR("Stefano Brivio"); 65MODULE_AUTHOR("Michael Buesch"); 66MODULE_AUTHOR("Gábor Stefanik"); 67MODULE_LICENSE("GPL"); 68 69MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 70 71 72static int modparam_bad_frames_preempt; 73module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 74MODULE_PARM_DESC(bad_frames_preempt, 75 "enable(1) / disable(0) Bad Frames Preemption"); 76 77static char modparam_fwpostfix[16]; 78module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 79MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 80 81static int modparam_hwpctl; 82module_param_named(hwpctl, modparam_hwpctl, int, 0444); 83MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 84 85static int modparam_nohwcrypt; 86module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 87MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 88 89static int modparam_hwtkip; 90module_param_named(hwtkip, modparam_hwtkip, int, 0444); 91MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 92 93static int modparam_qos = 1; 94module_param_named(qos, modparam_qos, int, 0444); 95MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 96 97static int modparam_btcoex = 1; 98module_param_named(btcoex, modparam_btcoex, int, 0444); 99MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 100 101int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 102module_param_named(verbose, b43_modparam_verbose, int, 0644); 103MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 104 105 106static const struct ssb_device_id b43_ssb_tbl[] = { 107 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 108 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 109 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 110 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 111 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 112 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 113 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 114 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 115 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 116 SSB_DEVTABLE_END 117}; 118 119MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 120 121/* Channel and ratetables are shared for all devices. 122 * They can't be const, because ieee80211 puts some precalculated 123 * data in there. This data is the same for all devices, so we don't 124 * get concurrency issues */ 125#define RATETAB_ENT(_rateid, _flags) \ 126 { \ 127 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 128 .hw_value = (_rateid), \ 129 .flags = (_flags), \ 130 } 131 132/* 133 * NOTE: When changing this, sync with xmit.c's 134 * b43_plcp_get_bitrate_idx_* functions! 135 */ 136static struct ieee80211_rate __b43_ratetable[] = { 137 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 138 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 139 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 140 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 141 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 142 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 143 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 144 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 145 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 146 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 147 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 148 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 149}; 150 151#define b43_a_ratetable (__b43_ratetable + 4) 152#define b43_a_ratetable_size 8 153#define b43_b_ratetable (__b43_ratetable + 0) 154#define b43_b_ratetable_size 4 155#define b43_g_ratetable (__b43_ratetable + 0) 156#define b43_g_ratetable_size 12 157 158#define CHAN4G(_channel, _freq, _flags) { \ 159 .band = IEEE80211_BAND_2GHZ, \ 160 .center_freq = (_freq), \ 161 .hw_value = (_channel), \ 162 .flags = (_flags), \ 163 .max_antenna_gain = 0, \ 164 .max_power = 30, \ 165} 166static struct ieee80211_channel b43_2ghz_chantable[] = { 167 CHAN4G(1, 2412, 0), 168 CHAN4G(2, 2417, 0), 169 CHAN4G(3, 2422, 0), 170 CHAN4G(4, 2427, 0), 171 CHAN4G(5, 2432, 0), 172 CHAN4G(6, 2437, 0), 173 CHAN4G(7, 2442, 0), 174 CHAN4G(8, 2447, 0), 175 CHAN4G(9, 2452, 0), 176 CHAN4G(10, 2457, 0), 177 CHAN4G(11, 2462, 0), 178 CHAN4G(12, 2467, 0), 179 CHAN4G(13, 2472, 0), 180 CHAN4G(14, 2484, 0), 181}; 182#undef CHAN4G 183 184#define CHAN5G(_channel, _flags) { \ 185 .band = IEEE80211_BAND_5GHZ, \ 186 .center_freq = 5000 + (5 * (_channel)), \ 187 .hw_value = (_channel), \ 188 .flags = (_flags), \ 189 .max_antenna_gain = 0, \ 190 .max_power = 30, \ 191} 192static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 193 CHAN5G(32, 0), CHAN5G(34, 0), 194 CHAN5G(36, 0), CHAN5G(38, 0), 195 CHAN5G(40, 0), CHAN5G(42, 0), 196 CHAN5G(44, 0), CHAN5G(46, 0), 197 CHAN5G(48, 0), CHAN5G(50, 0), 198 CHAN5G(52, 0), CHAN5G(54, 0), 199 CHAN5G(56, 0), CHAN5G(58, 0), 200 CHAN5G(60, 0), CHAN5G(62, 0), 201 CHAN5G(64, 0), CHAN5G(66, 0), 202 CHAN5G(68, 0), CHAN5G(70, 0), 203 CHAN5G(72, 0), CHAN5G(74, 0), 204 CHAN5G(76, 0), CHAN5G(78, 0), 205 CHAN5G(80, 0), CHAN5G(82, 0), 206 CHAN5G(84, 0), CHAN5G(86, 0), 207 CHAN5G(88, 0), CHAN5G(90, 0), 208 CHAN5G(92, 0), CHAN5G(94, 0), 209 CHAN5G(96, 0), CHAN5G(98, 0), 210 CHAN5G(100, 0), CHAN5G(102, 0), 211 CHAN5G(104, 0), CHAN5G(106, 0), 212 CHAN5G(108, 0), CHAN5G(110, 0), 213 CHAN5G(112, 0), CHAN5G(114, 0), 214 CHAN5G(116, 0), CHAN5G(118, 0), 215 CHAN5G(120, 0), CHAN5G(122, 0), 216 CHAN5G(124, 0), CHAN5G(126, 0), 217 CHAN5G(128, 0), CHAN5G(130, 0), 218 CHAN5G(132, 0), CHAN5G(134, 0), 219 CHAN5G(136, 0), CHAN5G(138, 0), 220 CHAN5G(140, 0), CHAN5G(142, 0), 221 CHAN5G(144, 0), CHAN5G(145, 0), 222 CHAN5G(146, 0), CHAN5G(147, 0), 223 CHAN5G(148, 0), CHAN5G(149, 0), 224 CHAN5G(150, 0), CHAN5G(151, 0), 225 CHAN5G(152, 0), CHAN5G(153, 0), 226 CHAN5G(154, 0), CHAN5G(155, 0), 227 CHAN5G(156, 0), CHAN5G(157, 0), 228 CHAN5G(158, 0), CHAN5G(159, 0), 229 CHAN5G(160, 0), CHAN5G(161, 0), 230 CHAN5G(162, 0), CHAN5G(163, 0), 231 CHAN5G(164, 0), CHAN5G(165, 0), 232 CHAN5G(166, 0), CHAN5G(168, 0), 233 CHAN5G(170, 0), CHAN5G(172, 0), 234 CHAN5G(174, 0), CHAN5G(176, 0), 235 CHAN5G(178, 0), CHAN5G(180, 0), 236 CHAN5G(182, 0), CHAN5G(184, 0), 237 CHAN5G(186, 0), CHAN5G(188, 0), 238 CHAN5G(190, 0), CHAN5G(192, 0), 239 CHAN5G(194, 0), CHAN5G(196, 0), 240 CHAN5G(198, 0), CHAN5G(200, 0), 241 CHAN5G(202, 0), CHAN5G(204, 0), 242 CHAN5G(206, 0), CHAN5G(208, 0), 243 CHAN5G(210, 0), CHAN5G(212, 0), 244 CHAN5G(214, 0), CHAN5G(216, 0), 245 CHAN5G(218, 0), CHAN5G(220, 0), 246 CHAN5G(222, 0), CHAN5G(224, 0), 247 CHAN5G(226, 0), CHAN5G(228, 0), 248}; 249 250static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 251 CHAN5G(34, 0), CHAN5G(36, 0), 252 CHAN5G(38, 0), CHAN5G(40, 0), 253 CHAN5G(42, 0), CHAN5G(44, 0), 254 CHAN5G(46, 0), CHAN5G(48, 0), 255 CHAN5G(52, 0), CHAN5G(56, 0), 256 CHAN5G(60, 0), CHAN5G(64, 0), 257 CHAN5G(100, 0), CHAN5G(104, 0), 258 CHAN5G(108, 0), CHAN5G(112, 0), 259 CHAN5G(116, 0), CHAN5G(120, 0), 260 CHAN5G(124, 0), CHAN5G(128, 0), 261 CHAN5G(132, 0), CHAN5G(136, 0), 262 CHAN5G(140, 0), CHAN5G(149, 0), 263 CHAN5G(153, 0), CHAN5G(157, 0), 264 CHAN5G(161, 0), CHAN5G(165, 0), 265 CHAN5G(184, 0), CHAN5G(188, 0), 266 CHAN5G(192, 0), CHAN5G(196, 0), 267 CHAN5G(200, 0), CHAN5G(204, 0), 268 CHAN5G(208, 0), CHAN5G(212, 0), 269 CHAN5G(216, 0), 270}; 271#undef CHAN5G 272 273static struct ieee80211_supported_band b43_band_5GHz_nphy = { 274 .band = IEEE80211_BAND_5GHZ, 275 .channels = b43_5ghz_nphy_chantable, 276 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 277 .bitrates = b43_a_ratetable, 278 .n_bitrates = b43_a_ratetable_size, 279}; 280 281static struct ieee80211_supported_band b43_band_5GHz_aphy = { 282 .band = IEEE80211_BAND_5GHZ, 283 .channels = b43_5ghz_aphy_chantable, 284 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 285 .bitrates = b43_a_ratetable, 286 .n_bitrates = b43_a_ratetable_size, 287}; 288 289static struct ieee80211_supported_band b43_band_2GHz = { 290 .band = IEEE80211_BAND_2GHZ, 291 .channels = b43_2ghz_chantable, 292 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 293 .bitrates = b43_g_ratetable, 294 .n_bitrates = b43_g_ratetable_size, 295}; 296 297static void b43_wireless_core_exit(struct b43_wldev *dev); 298static int b43_wireless_core_init(struct b43_wldev *dev); 299static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 300static int b43_wireless_core_start(struct b43_wldev *dev); 301 302static int b43_ratelimit(struct b43_wl *wl) 303{ 304 if (!wl || !wl->current_dev) 305 return 1; 306 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 307 return 1; 308 /* We are up and running. 309 * Ratelimit the messages to avoid DoS over the net. */ 310 return net_ratelimit(); 311} 312 313void b43info(struct b43_wl *wl, const char *fmt, ...) 314{ 315 va_list args; 316 317 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 318 return; 319 if (!b43_ratelimit(wl)) 320 return; 321 va_start(args, fmt); 322 printk(KERN_INFO "b43-%s: ", 323 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 324 vprintk(fmt, args); 325 va_end(args); 326} 327 328void b43err(struct b43_wl *wl, const char *fmt, ...) 329{ 330 va_list args; 331 332 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 333 return; 334 if (!b43_ratelimit(wl)) 335 return; 336 va_start(args, fmt); 337 printk(KERN_ERR "b43-%s ERROR: ", 338 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 339 vprintk(fmt, args); 340 va_end(args); 341} 342 343void b43warn(struct b43_wl *wl, const char *fmt, ...) 344{ 345 va_list args; 346 347 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 348 return; 349 if (!b43_ratelimit(wl)) 350 return; 351 va_start(args, fmt); 352 printk(KERN_WARNING "b43-%s warning: ", 353 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 354 vprintk(fmt, args); 355 va_end(args); 356} 357 358void b43dbg(struct b43_wl *wl, const char *fmt, ...) 359{ 360 va_list args; 361 362 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 363 return; 364 va_start(args, fmt); 365 printk(KERN_DEBUG "b43-%s debug: ", 366 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan"); 367 vprintk(fmt, args); 368 va_end(args); 369} 370 371static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 372{ 373 u32 macctl; 374 375 B43_WARN_ON(offset % 4 != 0); 376 377 macctl = b43_read32(dev, B43_MMIO_MACCTL); 378 if (macctl & B43_MACCTL_BE) 379 val = swab32(val); 380 381 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 382 mmiowb(); 383 b43_write32(dev, B43_MMIO_RAM_DATA, val); 384} 385 386static inline void b43_shm_control_word(struct b43_wldev *dev, 387 u16 routing, u16 offset) 388{ 389 u32 control; 390 391 /* "offset" is the WORD offset. */ 392 control = routing; 393 control <<= 16; 394 control |= offset; 395 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 396} 397 398u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 399{ 400 u32 ret; 401 402 if (routing == B43_SHM_SHARED) { 403 B43_WARN_ON(offset & 0x0001); 404 if (offset & 0x0003) { 405 /* Unaligned access */ 406 b43_shm_control_word(dev, routing, offset >> 2); 407 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 408 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 409 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 410 411 goto out; 412 } 413 offset >>= 2; 414 } 415 b43_shm_control_word(dev, routing, offset); 416 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 417out: 418 return ret; 419} 420 421u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 422{ 423 u16 ret; 424 425 if (routing == B43_SHM_SHARED) { 426 B43_WARN_ON(offset & 0x0001); 427 if (offset & 0x0003) { 428 /* Unaligned access */ 429 b43_shm_control_word(dev, routing, offset >> 2); 430 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 431 432 goto out; 433 } 434 offset >>= 2; 435 } 436 b43_shm_control_word(dev, routing, offset); 437 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 438out: 439 return ret; 440} 441 442void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 443{ 444 if (routing == B43_SHM_SHARED) { 445 B43_WARN_ON(offset & 0x0001); 446 if (offset & 0x0003) { 447 /* Unaligned access */ 448 b43_shm_control_word(dev, routing, offset >> 2); 449 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 450 value & 0xFFFF); 451 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 452 b43_write16(dev, B43_MMIO_SHM_DATA, 453 (value >> 16) & 0xFFFF); 454 return; 455 } 456 offset >>= 2; 457 } 458 b43_shm_control_word(dev, routing, offset); 459 b43_write32(dev, B43_MMIO_SHM_DATA, value); 460} 461 462void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 463{ 464 if (routing == B43_SHM_SHARED) { 465 B43_WARN_ON(offset & 0x0001); 466 if (offset & 0x0003) { 467 /* Unaligned access */ 468 b43_shm_control_word(dev, routing, offset >> 2); 469 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 470 return; 471 } 472 offset >>= 2; 473 } 474 b43_shm_control_word(dev, routing, offset); 475 b43_write16(dev, B43_MMIO_SHM_DATA, value); 476} 477 478/* Read HostFlags */ 479u64 b43_hf_read(struct b43_wldev *dev) 480{ 481 u64 ret; 482 483 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 484 ret <<= 16; 485 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 486 ret <<= 16; 487 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 488 489 return ret; 490} 491 492/* Write HostFlags */ 493void b43_hf_write(struct b43_wldev *dev, u64 value) 494{ 495 u16 lo, mi, hi; 496 497 lo = (value & 0x00000000FFFFULL); 498 mi = (value & 0x0000FFFF0000ULL) >> 16; 499 hi = (value & 0xFFFF00000000ULL) >> 32; 500 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 501 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 502 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 503} 504 505/* Read the firmware capabilities bitmask (Opensource firmware only) */ 506static u16 b43_fwcapa_read(struct b43_wldev *dev) 507{ 508 B43_WARN_ON(!dev->fw.opensource); 509 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 510} 511 512void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 513{ 514 u32 low, high; 515 516 B43_WARN_ON(dev->dev->id.revision < 3); 517 518 /* The hardware guarantees us an atomic read, if we 519 * read the low register first. */ 520 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 521 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 522 523 *tsf = high; 524 *tsf <<= 32; 525 *tsf |= low; 526} 527 528static void b43_time_lock(struct b43_wldev *dev) 529{ 530 u32 macctl; 531 532 macctl = b43_read32(dev, B43_MMIO_MACCTL); 533 macctl |= B43_MACCTL_TBTTHOLD; 534 b43_write32(dev, B43_MMIO_MACCTL, macctl); 535 /* Commit the write */ 536 b43_read32(dev, B43_MMIO_MACCTL); 537} 538 539static void b43_time_unlock(struct b43_wldev *dev) 540{ 541 u32 macctl; 542 543 macctl = b43_read32(dev, B43_MMIO_MACCTL); 544 macctl &= ~B43_MACCTL_TBTTHOLD; 545 b43_write32(dev, B43_MMIO_MACCTL, macctl); 546 /* Commit the write */ 547 b43_read32(dev, B43_MMIO_MACCTL); 548} 549 550static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 551{ 552 u32 low, high; 553 554 B43_WARN_ON(dev->dev->id.revision < 3); 555 556 low = tsf; 557 high = (tsf >> 32); 558 /* The hardware guarantees us an atomic write, if we 559 * write the low register first. */ 560 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 561 mmiowb(); 562 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 563 mmiowb(); 564} 565 566void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 567{ 568 b43_time_lock(dev); 569 b43_tsf_write_locked(dev, tsf); 570 b43_time_unlock(dev); 571} 572 573static 574void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 575{ 576 static const u8 zero_addr[ETH_ALEN] = { 0 }; 577 u16 data; 578 579 if (!mac) 580 mac = zero_addr; 581 582 offset |= 0x0020; 583 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 584 585 data = mac[0]; 586 data |= mac[1] << 8; 587 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 588 data = mac[2]; 589 data |= mac[3] << 8; 590 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 591 data = mac[4]; 592 data |= mac[5] << 8; 593 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 594} 595 596static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 597{ 598 const u8 *mac; 599 const u8 *bssid; 600 u8 mac_bssid[ETH_ALEN * 2]; 601 int i; 602 u32 tmp; 603 604 bssid = dev->wl->bssid; 605 mac = dev->wl->mac_addr; 606 607 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 608 609 memcpy(mac_bssid, mac, ETH_ALEN); 610 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 611 612 /* Write our MAC address and BSSID to template ram */ 613 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 614 tmp = (u32) (mac_bssid[i + 0]); 615 tmp |= (u32) (mac_bssid[i + 1]) << 8; 616 tmp |= (u32) (mac_bssid[i + 2]) << 16; 617 tmp |= (u32) (mac_bssid[i + 3]) << 24; 618 b43_ram_write(dev, 0x20 + i, tmp); 619 } 620} 621 622static void b43_upload_card_macaddress(struct b43_wldev *dev) 623{ 624 b43_write_mac_bssid_templates(dev); 625 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 626} 627 628static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 629{ 630 /* slot_time is in usec. */ 631 if (dev->phy.type != B43_PHYTYPE_G) 632 return; 633 b43_write16(dev, 0x684, 510 + slot_time); 634 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 635} 636 637static void b43_short_slot_timing_enable(struct b43_wldev *dev) 638{ 639 b43_set_slot_time(dev, 9); 640} 641 642static void b43_short_slot_timing_disable(struct b43_wldev *dev) 643{ 644 b43_set_slot_time(dev, 20); 645} 646 647/* DummyTransmission function, as documented on 648 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 649 */ 650void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 651{ 652 struct b43_phy *phy = &dev->phy; 653 unsigned int i, max_loop; 654 u16 value; 655 u32 buffer[5] = { 656 0x00000000, 657 0x00D40000, 658 0x00000000, 659 0x01000000, 660 0x00000000, 661 }; 662 663 if (ofdm) { 664 max_loop = 0x1E; 665 buffer[0] = 0x000201CC; 666 } else { 667 max_loop = 0xFA; 668 buffer[0] = 0x000B846E; 669 } 670 671 for (i = 0; i < 5; i++) 672 b43_ram_write(dev, i * 4, buffer[i]); 673 674 b43_write16(dev, 0x0568, 0x0000); 675 if (dev->dev->id.revision < 11) 676 b43_write16(dev, 0x07C0, 0x0000); 677 else 678 b43_write16(dev, 0x07C0, 0x0100); 679 value = (ofdm ? 0x41 : 0x40); 680 b43_write16(dev, 0x050C, value); 681 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 682 b43_write16(dev, 0x0514, 0x1A02); 683 b43_write16(dev, 0x0508, 0x0000); 684 b43_write16(dev, 0x050A, 0x0000); 685 b43_write16(dev, 0x054C, 0x0000); 686 b43_write16(dev, 0x056A, 0x0014); 687 b43_write16(dev, 0x0568, 0x0826); 688 b43_write16(dev, 0x0500, 0x0000); 689 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 690 //SPEC TODO 691 } 692 693 switch (phy->type) { 694 case B43_PHYTYPE_N: 695 b43_write16(dev, 0x0502, 0x00D0); 696 break; 697 case B43_PHYTYPE_LP: 698 b43_write16(dev, 0x0502, 0x0050); 699 break; 700 default: 701 b43_write16(dev, 0x0502, 0x0030); 702 } 703 704 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 705 b43_radio_write16(dev, 0x0051, 0x0017); 706 for (i = 0x00; i < max_loop; i++) { 707 value = b43_read16(dev, 0x050E); 708 if (value & 0x0080) 709 break; 710 udelay(10); 711 } 712 for (i = 0x00; i < 0x0A; i++) { 713 value = b43_read16(dev, 0x050E); 714 if (value & 0x0400) 715 break; 716 udelay(10); 717 } 718 for (i = 0x00; i < 0x19; i++) { 719 value = b43_read16(dev, 0x0690); 720 if (!(value & 0x0100)) 721 break; 722 udelay(10); 723 } 724 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 725 b43_radio_write16(dev, 0x0051, 0x0037); 726} 727 728static void key_write(struct b43_wldev *dev, 729 u8 index, u8 algorithm, const u8 *key) 730{ 731 unsigned int i; 732 u32 offset; 733 u16 value; 734 u16 kidx; 735 736 /* Key index/algo block */ 737 kidx = b43_kidx_to_fw(dev, index); 738 value = ((kidx << 4) | algorithm); 739 b43_shm_write16(dev, B43_SHM_SHARED, 740 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 741 742 /* Write the key to the Key Table Pointer offset */ 743 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 744 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 745 value = key[i]; 746 value |= (u16) (key[i + 1]) << 8; 747 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 748 } 749} 750 751static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 752{ 753 u32 addrtmp[2] = { 0, 0, }; 754 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 755 756 if (b43_new_kidx_api(dev)) 757 pairwise_keys_start = B43_NR_GROUP_KEYS; 758 759 B43_WARN_ON(index < pairwise_keys_start); 760 /* We have four default TX keys and possibly four default RX keys. 761 * Physical mac 0 is mapped to physical key 4 or 8, depending 762 * on the firmware version. 763 * So we must adjust the index here. 764 */ 765 index -= pairwise_keys_start; 766 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 767 768 if (addr) { 769 addrtmp[0] = addr[0]; 770 addrtmp[0] |= ((u32) (addr[1]) << 8); 771 addrtmp[0] |= ((u32) (addr[2]) << 16); 772 addrtmp[0] |= ((u32) (addr[3]) << 24); 773 addrtmp[1] = addr[4]; 774 addrtmp[1] |= ((u32) (addr[5]) << 8); 775 } 776 777 /* Receive match transmitter address (RCMTA) mechanism */ 778 b43_shm_write32(dev, B43_SHM_RCMTA, 779 (index * 2) + 0, addrtmp[0]); 780 b43_shm_write16(dev, B43_SHM_RCMTA, 781 (index * 2) + 1, addrtmp[1]); 782} 783 784/* The ucode will use phase1 key with TEK key to decrypt rx packets. 785 * When a packet is received, the iv32 is checked. 786 * - if it doesn't the packet is returned without modification (and software 787 * decryption can be done). That's what happen when iv16 wrap. 788 * - if it does, the rc4 key is computed, and decryption is tried. 789 * Either it will success and B43_RX_MAC_DEC is returned, 790 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 791 * and the packet is not usable (it got modified by the ucode). 792 * So in order to never have B43_RX_MAC_DECERR, we should provide 793 * a iv32 and phase1key that match. Because we drop packets in case of 794 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 795 * packets will be lost without higher layer knowing (ie no resync possible 796 * until next wrap). 797 * 798 * NOTE : this should support 50 key like RCMTA because 799 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 800 */ 801static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 802 u16 *phase1key) 803{ 804 unsigned int i; 805 u32 offset; 806 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 807 808 if (!modparam_hwtkip) 809 return; 810 811 if (b43_new_kidx_api(dev)) 812 pairwise_keys_start = B43_NR_GROUP_KEYS; 813 814 B43_WARN_ON(index < pairwise_keys_start); 815 /* We have four default TX keys and possibly four default RX keys. 816 * Physical mac 0 is mapped to physical key 4 or 8, depending 817 * on the firmware version. 818 * So we must adjust the index here. 819 */ 820 index -= pairwise_keys_start; 821 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 822 823 if (b43_debug(dev, B43_DBG_KEYS)) { 824 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 825 index, iv32); 826 } 827 /* Write the key to the RX tkip shared mem */ 828 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 829 for (i = 0; i < 10; i += 2) { 830 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 831 phase1key ? phase1key[i / 2] : 0); 832 } 833 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 834 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 835} 836 837static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 838 struct ieee80211_key_conf *keyconf, const u8 *addr, 839 u32 iv32, u16 *phase1key) 840{ 841 struct b43_wl *wl = hw_to_b43_wl(hw); 842 struct b43_wldev *dev; 843 int index = keyconf->hw_key_idx; 844 845 if (B43_WARN_ON(!modparam_hwtkip)) 846 return; 847 848 mutex_lock(&wl->mutex); 849 850 dev = wl->current_dev; 851 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 852 goto out_unlock; 853 854 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 855 856 rx_tkip_phase1_write(dev, index, iv32, phase1key); 857 keymac_write(dev, index, addr); 858 859out_unlock: 860 mutex_unlock(&wl->mutex); 861} 862 863static void do_key_write(struct b43_wldev *dev, 864 u8 index, u8 algorithm, 865 const u8 *key, size_t key_len, const u8 *mac_addr) 866{ 867 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 868 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 869 870 if (b43_new_kidx_api(dev)) 871 pairwise_keys_start = B43_NR_GROUP_KEYS; 872 873 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 874 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 875 876 if (index >= pairwise_keys_start) 877 keymac_write(dev, index, NULL); /* First zero out mac. */ 878 if (algorithm == B43_SEC_ALGO_TKIP) { 879 /* 880 * We should provide an initial iv32, phase1key pair. 881 * We could start with iv32=0 and compute the corresponding 882 * phase1key, but this means calling ieee80211_get_tkip_key 883 * with a fake skb (or export other tkip function). 884 * Because we are lazy we hope iv32 won't start with 885 * 0xffffffff and let's b43_op_update_tkip_key provide a 886 * correct pair. 887 */ 888 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 889 } else if (index >= pairwise_keys_start) /* clear it */ 890 rx_tkip_phase1_write(dev, index, 0, NULL); 891 if (key) 892 memcpy(buf, key, key_len); 893 key_write(dev, index, algorithm, buf); 894 if (index >= pairwise_keys_start) 895 keymac_write(dev, index, mac_addr); 896 897 dev->key[index].algorithm = algorithm; 898} 899 900static int b43_key_write(struct b43_wldev *dev, 901 int index, u8 algorithm, 902 const u8 *key, size_t key_len, 903 const u8 *mac_addr, 904 struct ieee80211_key_conf *keyconf) 905{ 906 int i; 907 int pairwise_keys_start; 908 909 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 910 * - Temporal Encryption Key (128 bits) 911 * - Temporal Authenticator Tx MIC Key (64 bits) 912 * - Temporal Authenticator Rx MIC Key (64 bits) 913 * 914 * Hardware only store TEK 915 */ 916 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 917 key_len = 16; 918 if (key_len > B43_SEC_KEYSIZE) 919 return -EINVAL; 920 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 921 /* Check that we don't already have this key. */ 922 B43_WARN_ON(dev->key[i].keyconf == keyconf); 923 } 924 if (index < 0) { 925 /* Pairwise key. Get an empty slot for the key. */ 926 if (b43_new_kidx_api(dev)) 927 pairwise_keys_start = B43_NR_GROUP_KEYS; 928 else 929 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 930 for (i = pairwise_keys_start; 931 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 932 i++) { 933 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 934 if (!dev->key[i].keyconf) { 935 /* found empty */ 936 index = i; 937 break; 938 } 939 } 940 if (index < 0) { 941 b43warn(dev->wl, "Out of hardware key memory\n"); 942 return -ENOSPC; 943 } 944 } else 945 B43_WARN_ON(index > 3); 946 947 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 948 if ((index <= 3) && !b43_new_kidx_api(dev)) { 949 /* Default RX key */ 950 B43_WARN_ON(mac_addr); 951 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 952 } 953 keyconf->hw_key_idx = index; 954 dev->key[index].keyconf = keyconf; 955 956 return 0; 957} 958 959static int b43_key_clear(struct b43_wldev *dev, int index) 960{ 961 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 962 return -EINVAL; 963 do_key_write(dev, index, B43_SEC_ALGO_NONE, 964 NULL, B43_SEC_KEYSIZE, NULL); 965 if ((index <= 3) && !b43_new_kidx_api(dev)) { 966 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 967 NULL, B43_SEC_KEYSIZE, NULL); 968 } 969 dev->key[index].keyconf = NULL; 970 971 return 0; 972} 973 974static void b43_clear_keys(struct b43_wldev *dev) 975{ 976 int i, count; 977 978 if (b43_new_kidx_api(dev)) 979 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 980 else 981 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 982 for (i = 0; i < count; i++) 983 b43_key_clear(dev, i); 984} 985 986static void b43_dump_keymemory(struct b43_wldev *dev) 987{ 988 unsigned int i, index, count, offset, pairwise_keys_start; 989 u8 mac[ETH_ALEN]; 990 u16 algo; 991 u32 rcmta0; 992 u16 rcmta1; 993 u64 hf; 994 struct b43_key *key; 995 996 if (!b43_debug(dev, B43_DBG_KEYS)) 997 return; 998 999 hf = b43_hf_read(dev); 1000 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1001 !!(hf & B43_HF_USEDEFKEYS)); 1002 if (b43_new_kidx_api(dev)) { 1003 pairwise_keys_start = B43_NR_GROUP_KEYS; 1004 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1005 } else { 1006 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1007 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1008 } 1009 for (index = 0; index < count; index++) { 1010 key = &(dev->key[index]); 1011 printk(KERN_DEBUG "Key slot %02u: %s", 1012 index, (key->keyconf == NULL) ? " " : "*"); 1013 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1014 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1015 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1016 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1017 } 1018 1019 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1020 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1021 printk(" Algo: %04X/%02X", algo, key->algorithm); 1022 1023 if (index >= pairwise_keys_start) { 1024 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1025 printk(" TKIP: "); 1026 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1027 for (i = 0; i < 14; i += 2) { 1028 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1029 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1030 } 1031 } 1032 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1033 ((index - pairwise_keys_start) * 2) + 0); 1034 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1035 ((index - pairwise_keys_start) * 2) + 1); 1036 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1037 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1038 printk(" MAC: %pM", mac); 1039 } else 1040 printk(" DEFAULT KEY"); 1041 printk("\n"); 1042 } 1043} 1044 1045void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1046{ 1047 u32 macctl; 1048 u16 ucstat; 1049 bool hwps; 1050 bool awake; 1051 int i; 1052 1053 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1054 (ps_flags & B43_PS_DISABLED)); 1055 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1056 1057 if (ps_flags & B43_PS_ENABLED) { 1058 hwps = 1; 1059 } else if (ps_flags & B43_PS_DISABLED) { 1060 hwps = 0; 1061 } else { 1062 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1063 // and thus is not an AP and we are associated, set bit 25 1064 } 1065 if (ps_flags & B43_PS_AWAKE) { 1066 awake = 1; 1067 } else if (ps_flags & B43_PS_ASLEEP) { 1068 awake = 0; 1069 } else { 1070 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1071 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1072 // successful, set bit26 1073 } 1074 1075/* FIXME: For now we force awake-on and hwps-off */ 1076 hwps = 0; 1077 awake = 1; 1078 1079 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1080 if (hwps) 1081 macctl |= B43_MACCTL_HWPS; 1082 else 1083 macctl &= ~B43_MACCTL_HWPS; 1084 if (awake) 1085 macctl |= B43_MACCTL_AWAKE; 1086 else 1087 macctl &= ~B43_MACCTL_AWAKE; 1088 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1089 /* Commit write */ 1090 b43_read32(dev, B43_MMIO_MACCTL); 1091 if (awake && dev->dev->id.revision >= 5) { 1092 /* Wait for the microcode to wake up. */ 1093 for (i = 0; i < 100; i++) { 1094 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1095 B43_SHM_SH_UCODESTAT); 1096 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1097 break; 1098 udelay(10); 1099 } 1100 } 1101} 1102 1103void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags) 1104{ 1105 u32 tmslow; 1106 u32 macctl; 1107 1108 flags |= B43_TMSLOW_PHYCLKEN; 1109 flags |= B43_TMSLOW_PHYRESET; 1110 ssb_device_enable(dev->dev, flags); 1111 msleep(2); /* Wait for the PLL to turn on. */ 1112 1113 /* Now take the PHY out of Reset again */ 1114 tmslow = ssb_read32(dev->dev, SSB_TMSLOW); 1115 tmslow |= SSB_TMSLOW_FGC; 1116 tmslow &= ~B43_TMSLOW_PHYRESET; 1117 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1118 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1119 msleep(1); 1120 tmslow &= ~SSB_TMSLOW_FGC; 1121 ssb_write32(dev->dev, SSB_TMSLOW, tmslow); 1122 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */ 1123 msleep(1); 1124 1125 /* Turn Analog ON, but only if we already know the PHY-type. 1126 * This protects against very early setup where we don't know the 1127 * PHY-type, yet. wireless_core_reset will be called once again later, 1128 * when we know the PHY-type. */ 1129 if (dev->phy.ops) 1130 dev->phy.ops->switch_analog(dev, 1); 1131 1132 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1133 macctl &= ~B43_MACCTL_GMODE; 1134 if (flags & B43_TMSLOW_GMODE) 1135 macctl |= B43_MACCTL_GMODE; 1136 macctl |= B43_MACCTL_IHR_ENABLED; 1137 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1138} 1139 1140static void handle_irq_transmit_status(struct b43_wldev *dev) 1141{ 1142 u32 v0, v1; 1143 u16 tmp; 1144 struct b43_txstatus stat; 1145 1146 while (1) { 1147 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1148 if (!(v0 & 0x00000001)) 1149 break; 1150 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1151 1152 stat.cookie = (v0 >> 16); 1153 stat.seq = (v1 & 0x0000FFFF); 1154 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1155 tmp = (v0 & 0x0000FFFF); 1156 stat.frame_count = ((tmp & 0xF000) >> 12); 1157 stat.rts_count = ((tmp & 0x0F00) >> 8); 1158 stat.supp_reason = ((tmp & 0x001C) >> 2); 1159 stat.pm_indicated = !!(tmp & 0x0080); 1160 stat.intermediate = !!(tmp & 0x0040); 1161 stat.for_ampdu = !!(tmp & 0x0020); 1162 stat.acked = !!(tmp & 0x0002); 1163 1164 b43_handle_txstatus(dev, &stat); 1165 } 1166} 1167 1168static void drain_txstatus_queue(struct b43_wldev *dev) 1169{ 1170 u32 dummy; 1171 1172 if (dev->dev->id.revision < 5) 1173 return; 1174 /* Read all entries from the microcode TXstatus FIFO 1175 * and throw them away. 1176 */ 1177 while (1) { 1178 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1179 if (!(dummy & 0x00000001)) 1180 break; 1181 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1182 } 1183} 1184 1185static u32 b43_jssi_read(struct b43_wldev *dev) 1186{ 1187 u32 val = 0; 1188 1189 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1190 val <<= 16; 1191 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1192 1193 return val; 1194} 1195 1196static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1197{ 1198 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1199 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1200} 1201 1202static void b43_generate_noise_sample(struct b43_wldev *dev) 1203{ 1204 b43_jssi_write(dev, 0x7F7F7F7F); 1205 b43_write32(dev, B43_MMIO_MACCMD, 1206 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1207} 1208 1209static void b43_calculate_link_quality(struct b43_wldev *dev) 1210{ 1211 /* Top half of Link Quality calculation. */ 1212 1213 if (dev->phy.type != B43_PHYTYPE_G) 1214 return; 1215 if (dev->noisecalc.calculation_running) 1216 return; 1217 dev->noisecalc.calculation_running = 1; 1218 dev->noisecalc.nr_samples = 0; 1219 1220 b43_generate_noise_sample(dev); 1221} 1222 1223static void handle_irq_noise(struct b43_wldev *dev) 1224{ 1225 struct b43_phy_g *phy = dev->phy.g; 1226 u16 tmp; 1227 u8 noise[4]; 1228 u8 i, j; 1229 s32 average; 1230 1231 /* Bottom half of Link Quality calculation. */ 1232 1233 if (dev->phy.type != B43_PHYTYPE_G) 1234 return; 1235 1236 /* Possible race condition: It might be possible that the user 1237 * changed to a different channel in the meantime since we 1238 * started the calculation. We ignore that fact, since it's 1239 * not really that much of a problem. The background noise is 1240 * an estimation only anyway. Slightly wrong results will get damped 1241 * by the averaging of the 8 sample rounds. Additionally the 1242 * value is shortlived. So it will be replaced by the next noise 1243 * calculation round soon. */ 1244 1245 B43_WARN_ON(!dev->noisecalc.calculation_running); 1246 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1247 if (noise[0] == 0x7F || noise[1] == 0x7F || 1248 noise[2] == 0x7F || noise[3] == 0x7F) 1249 goto generate_new; 1250 1251 /* Get the noise samples. */ 1252 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1253 i = dev->noisecalc.nr_samples; 1254 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1255 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1256 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1257 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1258 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1259 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1260 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1261 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1262 dev->noisecalc.nr_samples++; 1263 if (dev->noisecalc.nr_samples == 8) { 1264 /* Calculate the Link Quality by the noise samples. */ 1265 average = 0; 1266 for (i = 0; i < 8; i++) { 1267 for (j = 0; j < 4; j++) 1268 average += dev->noisecalc.samples[i][j]; 1269 } 1270 average /= (8 * 4); 1271 average *= 125; 1272 average += 64; 1273 average /= 128; 1274 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1275 tmp = (tmp / 128) & 0x1F; 1276 if (tmp >= 8) 1277 average += 2; 1278 else 1279 average -= 25; 1280 if (tmp == 8) 1281 average -= 72; 1282 else 1283 average -= 48; 1284 1285 dev->stats.link_noise = average; 1286 dev->noisecalc.calculation_running = 0; 1287 return; 1288 } 1289generate_new: 1290 b43_generate_noise_sample(dev); 1291} 1292 1293static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1294{ 1295 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1296 ///TODO: PS TBTT 1297 } else { 1298 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1299 b43_power_saving_ctl_bits(dev, 0); 1300 } 1301 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1302 dev->dfq_valid = 1; 1303} 1304 1305static void handle_irq_atim_end(struct b43_wldev *dev) 1306{ 1307 if (dev->dfq_valid) { 1308 b43_write32(dev, B43_MMIO_MACCMD, 1309 b43_read32(dev, B43_MMIO_MACCMD) 1310 | B43_MACCMD_DFQ_VALID); 1311 dev->dfq_valid = 0; 1312 } 1313} 1314 1315static void handle_irq_pmq(struct b43_wldev *dev) 1316{ 1317 u32 tmp; 1318 1319 //TODO: AP mode. 1320 1321 while (1) { 1322 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1323 if (!(tmp & 0x00000008)) 1324 break; 1325 } 1326 /* 16bit write is odd, but correct. */ 1327 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1328} 1329 1330static void b43_write_template_common(struct b43_wldev *dev, 1331 const u8 *data, u16 size, 1332 u16 ram_offset, 1333 u16 shm_size_offset, u8 rate) 1334{ 1335 u32 i, tmp; 1336 struct b43_plcp_hdr4 plcp; 1337 1338 plcp.data = 0; 1339 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1340 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1341 ram_offset += sizeof(u32); 1342 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1343 * So leave the first two bytes of the next write blank. 1344 */ 1345 tmp = (u32) (data[0]) << 16; 1346 tmp |= (u32) (data[1]) << 24; 1347 b43_ram_write(dev, ram_offset, tmp); 1348 ram_offset += sizeof(u32); 1349 for (i = 2; i < size; i += sizeof(u32)) { 1350 tmp = (u32) (data[i + 0]); 1351 if (i + 1 < size) 1352 tmp |= (u32) (data[i + 1]) << 8; 1353 if (i + 2 < size) 1354 tmp |= (u32) (data[i + 2]) << 16; 1355 if (i + 3 < size) 1356 tmp |= (u32) (data[i + 3]) << 24; 1357 b43_ram_write(dev, ram_offset + i - 2, tmp); 1358 } 1359 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1360 size + sizeof(struct b43_plcp_hdr6)); 1361} 1362 1363/* Check if the use of the antenna that ieee80211 told us to 1364 * use is possible. This will fall back to DEFAULT. 1365 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1366u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1367 u8 antenna_nr) 1368{ 1369 u8 antenna_mask; 1370 1371 if (antenna_nr == 0) { 1372 /* Zero means "use default antenna". That's always OK. */ 1373 return 0; 1374 } 1375 1376 /* Get the mask of available antennas. */ 1377 if (dev->phy.gmode) 1378 antenna_mask = dev->dev->bus->sprom.ant_available_bg; 1379 else 1380 antenna_mask = dev->dev->bus->sprom.ant_available_a; 1381 1382 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1383 /* This antenna is not available. Fall back to default. */ 1384 return 0; 1385 } 1386 1387 return antenna_nr; 1388} 1389 1390/* Convert a b43 antenna number value to the PHY TX control value. */ 1391static u16 b43_antenna_to_phyctl(int antenna) 1392{ 1393 switch (antenna) { 1394 case B43_ANTENNA0: 1395 return B43_TXH_PHY_ANT0; 1396 case B43_ANTENNA1: 1397 return B43_TXH_PHY_ANT1; 1398 case B43_ANTENNA2: 1399 return B43_TXH_PHY_ANT2; 1400 case B43_ANTENNA3: 1401 return B43_TXH_PHY_ANT3; 1402 case B43_ANTENNA_AUTO0: 1403 case B43_ANTENNA_AUTO1: 1404 return B43_TXH_PHY_ANT01AUTO; 1405 } 1406 B43_WARN_ON(1); 1407 return 0; 1408} 1409 1410static void b43_write_beacon_template(struct b43_wldev *dev, 1411 u16 ram_offset, 1412 u16 shm_size_offset) 1413{ 1414 unsigned int i, len, variable_len; 1415 const struct ieee80211_mgmt *bcn; 1416 const u8 *ie; 1417 bool tim_found = 0; 1418 unsigned int rate; 1419 u16 ctl; 1420 int antenna; 1421 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1422 1423 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1424 len = min((size_t) dev->wl->current_beacon->len, 1425 0x200 - sizeof(struct b43_plcp_hdr6)); 1426 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1427 1428 b43_write_template_common(dev, (const u8 *)bcn, 1429 len, ram_offset, shm_size_offset, rate); 1430 1431 /* Write the PHY TX control parameters. */ 1432 antenna = B43_ANTENNA_DEFAULT; 1433 antenna = b43_antenna_to_phyctl(antenna); 1434 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1435 /* We can't send beacons with short preamble. Would get PHY errors. */ 1436 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1437 ctl &= ~B43_TXH_PHY_ANT; 1438 ctl &= ~B43_TXH_PHY_ENC; 1439 ctl |= antenna; 1440 if (b43_is_cck_rate(rate)) 1441 ctl |= B43_TXH_PHY_ENC_CCK; 1442 else 1443 ctl |= B43_TXH_PHY_ENC_OFDM; 1444 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1445 1446 /* Find the position of the TIM and the DTIM_period value 1447 * and write them to SHM. */ 1448 ie = bcn->u.beacon.variable; 1449 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1450 for (i = 0; i < variable_len - 2; ) { 1451 uint8_t ie_id, ie_len; 1452 1453 ie_id = ie[i]; 1454 ie_len = ie[i + 1]; 1455 if (ie_id == 5) { 1456 u16 tim_position; 1457 u16 dtim_period; 1458 /* This is the TIM Information Element */ 1459 1460 /* Check whether the ie_len is in the beacon data range. */ 1461 if (variable_len < ie_len + 2 + i) 1462 break; 1463 /* A valid TIM is at least 4 bytes long. */ 1464 if (ie_len < 4) 1465 break; 1466 tim_found = 1; 1467 1468 tim_position = sizeof(struct b43_plcp_hdr6); 1469 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1470 tim_position += i; 1471 1472 dtim_period = ie[i + 3]; 1473 1474 b43_shm_write16(dev, B43_SHM_SHARED, 1475 B43_SHM_SH_TIMBPOS, tim_position); 1476 b43_shm_write16(dev, B43_SHM_SHARED, 1477 B43_SHM_SH_DTIMPER, dtim_period); 1478 break; 1479 } 1480 i += ie_len + 2; 1481 } 1482 if (!tim_found) { 1483 /* 1484 * If ucode wants to modify TIM do it behind the beacon, this 1485 * will happen, for example, when doing mesh networking. 1486 */ 1487 b43_shm_write16(dev, B43_SHM_SHARED, 1488 B43_SHM_SH_TIMBPOS, 1489 len + sizeof(struct b43_plcp_hdr6)); 1490 b43_shm_write16(dev, B43_SHM_SHARED, 1491 B43_SHM_SH_DTIMPER, 0); 1492 } 1493 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1494} 1495 1496static void b43_upload_beacon0(struct b43_wldev *dev) 1497{ 1498 struct b43_wl *wl = dev->wl; 1499 1500 if (wl->beacon0_uploaded) 1501 return; 1502 b43_write_beacon_template(dev, 0x68, 0x18); 1503 wl->beacon0_uploaded = 1; 1504} 1505 1506static void b43_upload_beacon1(struct b43_wldev *dev) 1507{ 1508 struct b43_wl *wl = dev->wl; 1509 1510 if (wl->beacon1_uploaded) 1511 return; 1512 b43_write_beacon_template(dev, 0x468, 0x1A); 1513 wl->beacon1_uploaded = 1; 1514} 1515 1516static void handle_irq_beacon(struct b43_wldev *dev) 1517{ 1518 struct b43_wl *wl = dev->wl; 1519 u32 cmd, beacon0_valid, beacon1_valid; 1520 1521 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1522 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1523 return; 1524 1525 /* This is the bottom half of the asynchronous beacon update. */ 1526 1527 /* Ignore interrupt in the future. */ 1528 dev->irq_mask &= ~B43_IRQ_BEACON; 1529 1530 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1531 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1532 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1533 1534 /* Schedule interrupt manually, if busy. */ 1535 if (beacon0_valid && beacon1_valid) { 1536 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1537 dev->irq_mask |= B43_IRQ_BEACON; 1538 return; 1539 } 1540 1541 if (unlikely(wl->beacon_templates_virgin)) { 1542 /* We never uploaded a beacon before. 1543 * Upload both templates now, but only mark one valid. */ 1544 wl->beacon_templates_virgin = 0; 1545 b43_upload_beacon0(dev); 1546 b43_upload_beacon1(dev); 1547 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1548 cmd |= B43_MACCMD_BEACON0_VALID; 1549 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1550 } else { 1551 if (!beacon0_valid) { 1552 b43_upload_beacon0(dev); 1553 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1554 cmd |= B43_MACCMD_BEACON0_VALID; 1555 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1556 } else if (!beacon1_valid) { 1557 b43_upload_beacon1(dev); 1558 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1559 cmd |= B43_MACCMD_BEACON1_VALID; 1560 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1561 } 1562 } 1563} 1564 1565static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1566{ 1567 u32 old_irq_mask = dev->irq_mask; 1568 1569 /* update beacon right away or defer to irq */ 1570 handle_irq_beacon(dev); 1571 if (old_irq_mask != dev->irq_mask) { 1572 /* The handler updated the IRQ mask. */ 1573 B43_WARN_ON(!dev->irq_mask); 1574 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1575 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1576 } else { 1577 /* Device interrupts are currently disabled. That means 1578 * we just ran the hardirq handler and scheduled the 1579 * IRQ thread. The thread will write the IRQ mask when 1580 * it finished, so there's nothing to do here. Writing 1581 * the mask _here_ would incorrectly re-enable IRQs. */ 1582 } 1583 } 1584} 1585 1586static void b43_beacon_update_trigger_work(struct work_struct *work) 1587{ 1588 struct b43_wl *wl = container_of(work, struct b43_wl, 1589 beacon_update_trigger); 1590 struct b43_wldev *dev; 1591 1592 mutex_lock(&wl->mutex); 1593 dev = wl->current_dev; 1594 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1595 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 1596 /* wl->mutex is enough. */ 1597 b43_do_beacon_update_trigger_work(dev); 1598 mmiowb(); 1599 } else { 1600 spin_lock_irq(&wl->hardirq_lock); 1601 b43_do_beacon_update_trigger_work(dev); 1602 mmiowb(); 1603 spin_unlock_irq(&wl->hardirq_lock); 1604 } 1605 } 1606 mutex_unlock(&wl->mutex); 1607} 1608 1609/* Asynchronously update the packet templates in template RAM. 1610 * Locking: Requires wl->mutex to be locked. */ 1611static void b43_update_templates(struct b43_wl *wl) 1612{ 1613 struct sk_buff *beacon; 1614 1615 /* This is the top half of the ansynchronous beacon update. 1616 * The bottom half is the beacon IRQ. 1617 * Beacon update must be asynchronous to avoid sending an 1618 * invalid beacon. This can happen for example, if the firmware 1619 * transmits a beacon while we are updating it. */ 1620 1621 /* We could modify the existing beacon and set the aid bit in 1622 * the TIM field, but that would probably require resizing and 1623 * moving of data within the beacon template. 1624 * Simply request a new beacon and let mac80211 do the hard work. */ 1625 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1626 if (unlikely(!beacon)) 1627 return; 1628 1629 if (wl->current_beacon) 1630 dev_kfree_skb_any(wl->current_beacon); 1631 wl->current_beacon = beacon; 1632 wl->beacon0_uploaded = 0; 1633 wl->beacon1_uploaded = 0; 1634 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1635} 1636 1637static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1638{ 1639 b43_time_lock(dev); 1640 if (dev->dev->id.revision >= 3) { 1641 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1642 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1643 } else { 1644 b43_write16(dev, 0x606, (beacon_int >> 6)); 1645 b43_write16(dev, 0x610, beacon_int); 1646 } 1647 b43_time_unlock(dev); 1648 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1649} 1650 1651static void b43_handle_firmware_panic(struct b43_wldev *dev) 1652{ 1653 u16 reason; 1654 1655 /* Read the register that contains the reason code for the panic. */ 1656 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1657 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1658 1659 switch (reason) { 1660 default: 1661 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1662 /* fallthrough */ 1663 case B43_FWPANIC_DIE: 1664 /* Do not restart the controller or firmware. 1665 * The device is nonfunctional from now on. 1666 * Restarting would result in this panic to trigger again, 1667 * so we avoid that recursion. */ 1668 break; 1669 case B43_FWPANIC_RESTART: 1670 b43_controller_restart(dev, "Microcode panic"); 1671 break; 1672 } 1673} 1674 1675static void handle_irq_ucode_debug(struct b43_wldev *dev) 1676{ 1677 unsigned int i, cnt; 1678 u16 reason, marker_id, marker_line; 1679 __le16 *buf; 1680 1681 /* The proprietary firmware doesn't have this IRQ. */ 1682 if (!dev->fw.opensource) 1683 return; 1684 1685 /* Read the register that contains the reason code for this IRQ. */ 1686 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1687 1688 switch (reason) { 1689 case B43_DEBUGIRQ_PANIC: 1690 b43_handle_firmware_panic(dev); 1691 break; 1692 case B43_DEBUGIRQ_DUMP_SHM: 1693 if (!B43_DEBUG) 1694 break; /* Only with driver debugging enabled. */ 1695 buf = kmalloc(4096, GFP_ATOMIC); 1696 if (!buf) { 1697 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1698 goto out; 1699 } 1700 for (i = 0; i < 4096; i += 2) { 1701 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1702 buf[i / 2] = cpu_to_le16(tmp); 1703 } 1704 b43info(dev->wl, "Shared memory dump:\n"); 1705 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1706 16, 2, buf, 4096, 1); 1707 kfree(buf); 1708 break; 1709 case B43_DEBUGIRQ_DUMP_REGS: 1710 if (!B43_DEBUG) 1711 break; /* Only with driver debugging enabled. */ 1712 b43info(dev->wl, "Microcode register dump:\n"); 1713 for (i = 0, cnt = 0; i < 64; i++) { 1714 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1715 if (cnt == 0) 1716 printk(KERN_INFO); 1717 printk("r%02u: 0x%04X ", i, tmp); 1718 cnt++; 1719 if (cnt == 6) { 1720 printk("\n"); 1721 cnt = 0; 1722 } 1723 } 1724 printk("\n"); 1725 break; 1726 case B43_DEBUGIRQ_MARKER: 1727 if (!B43_DEBUG) 1728 break; /* Only with driver debugging enabled. */ 1729 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1730 B43_MARKER_ID_REG); 1731 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1732 B43_MARKER_LINE_REG); 1733 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1734 "at line number %u\n", 1735 marker_id, marker_line); 1736 break; 1737 default: 1738 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1739 reason); 1740 } 1741out: 1742 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1743 b43_shm_write16(dev, B43_SHM_SCRATCH, 1744 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1745} 1746 1747static void b43_do_interrupt_thread(struct b43_wldev *dev) 1748{ 1749 u32 reason; 1750 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1751 u32 merged_dma_reason = 0; 1752 int i; 1753 1754 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1755 return; 1756 1757 reason = dev->irq_reason; 1758 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1759 dma_reason[i] = dev->dma_reason[i]; 1760 merged_dma_reason |= dma_reason[i]; 1761 } 1762 1763 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1764 b43err(dev->wl, "MAC transmission error\n"); 1765 1766 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1767 b43err(dev->wl, "PHY transmission error\n"); 1768 rmb(); 1769 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1770 atomic_set(&dev->phy.txerr_cnt, 1771 B43_PHY_TX_BADNESS_LIMIT); 1772 b43err(dev->wl, "Too many PHY TX errors, " 1773 "restarting the controller\n"); 1774 b43_controller_restart(dev, "PHY TX errors"); 1775 } 1776 } 1777 1778 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1779 B43_DMAIRQ_NONFATALMASK))) { 1780 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1781 b43err(dev->wl, "Fatal DMA error: " 1782 "0x%08X, 0x%08X, 0x%08X, " 1783 "0x%08X, 0x%08X, 0x%08X\n", 1784 dma_reason[0], dma_reason[1], 1785 dma_reason[2], dma_reason[3], 1786 dma_reason[4], dma_reason[5]); 1787 b43_controller_restart(dev, "DMA error"); 1788 return; 1789 } 1790 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1791 b43err(dev->wl, "DMA error: " 1792 "0x%08X, 0x%08X, 0x%08X, " 1793 "0x%08X, 0x%08X, 0x%08X\n", 1794 dma_reason[0], dma_reason[1], 1795 dma_reason[2], dma_reason[3], 1796 dma_reason[4], dma_reason[5]); 1797 } 1798 } 1799 1800 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1801 handle_irq_ucode_debug(dev); 1802 if (reason & B43_IRQ_TBTT_INDI) 1803 handle_irq_tbtt_indication(dev); 1804 if (reason & B43_IRQ_ATIM_END) 1805 handle_irq_atim_end(dev); 1806 if (reason & B43_IRQ_BEACON) 1807 handle_irq_beacon(dev); 1808 if (reason & B43_IRQ_PMQ) 1809 handle_irq_pmq(dev); 1810 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1811 ;/* TODO */ 1812 if (reason & B43_IRQ_NOISESAMPLE_OK) 1813 handle_irq_noise(dev); 1814 1815 /* Check the DMA reason registers for received data. */ 1816 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1817 if (b43_using_pio_transfers(dev)) 1818 b43_pio_rx(dev->pio.rx_queue); 1819 else 1820 b43_dma_rx(dev->dma.rx_ring); 1821 } 1822 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1823 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1824 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1825 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1826 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1827 1828 if (reason & B43_IRQ_TX_OK) 1829 handle_irq_transmit_status(dev); 1830 1831 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1832 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1833 1834#if B43_DEBUG 1835 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1836 dev->irq_count++; 1837 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1838 if (reason & (1 << i)) 1839 dev->irq_bit_count[i]++; 1840 } 1841 } 1842#endif 1843} 1844 1845/* Interrupt thread handler. Handles device interrupts in thread context. */ 1846static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1847{ 1848 struct b43_wldev *dev = dev_id; 1849 1850 mutex_lock(&dev->wl->mutex); 1851 b43_do_interrupt_thread(dev); 1852 mmiowb(); 1853 mutex_unlock(&dev->wl->mutex); 1854 1855 return IRQ_HANDLED; 1856} 1857 1858static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1859{ 1860 u32 reason; 1861 1862 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1863 * On SDIO, this runs under wl->mutex. */ 1864 1865 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1866 if (reason == 0xffffffff) /* shared IRQ */ 1867 return IRQ_NONE; 1868 reason &= dev->irq_mask; 1869 if (!reason) 1870 return IRQ_HANDLED; 1871 1872 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1873 & 0x0001DC00; 1874 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1875 & 0x0000DC00; 1876 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1877 & 0x0000DC00; 1878 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1879 & 0x0001DC00; 1880 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1881 & 0x0000DC00; 1882/* Unused ring 1883 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1884 & 0x0000DC00; 1885*/ 1886 1887 /* ACK the interrupt. */ 1888 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1889 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1890 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1891 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1892 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1893 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1894/* Unused ring 1895 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1896*/ 1897 1898 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1899 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1900 /* Save the reason bitmasks for the IRQ thread handler. */ 1901 dev->irq_reason = reason; 1902 1903 return IRQ_WAKE_THREAD; 1904} 1905 1906/* Interrupt handler top-half. This runs with interrupts disabled. */ 1907static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1908{ 1909 struct b43_wldev *dev = dev_id; 1910 irqreturn_t ret; 1911 1912 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1913 return IRQ_NONE; 1914 1915 spin_lock(&dev->wl->hardirq_lock); 1916 ret = b43_do_interrupt(dev); 1917 mmiowb(); 1918 spin_unlock(&dev->wl->hardirq_lock); 1919 1920 return ret; 1921} 1922 1923/* SDIO interrupt handler. This runs in process context. */ 1924static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1925{ 1926 struct b43_wl *wl = dev->wl; 1927 irqreturn_t ret; 1928 1929 mutex_lock(&wl->mutex); 1930 1931 ret = b43_do_interrupt(dev); 1932 if (ret == IRQ_WAKE_THREAD) 1933 b43_do_interrupt_thread(dev); 1934 1935 mutex_unlock(&wl->mutex); 1936} 1937 1938void b43_do_release_fw(struct b43_firmware_file *fw) 1939{ 1940 release_firmware(fw->data); 1941 fw->data = NULL; 1942 fw->filename = NULL; 1943} 1944 1945static void b43_release_firmware(struct b43_wldev *dev) 1946{ 1947 b43_do_release_fw(&dev->fw.ucode); 1948 b43_do_release_fw(&dev->fw.pcm); 1949 b43_do_release_fw(&dev->fw.initvals); 1950 b43_do_release_fw(&dev->fw.initvals_band); 1951} 1952 1953static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 1954{ 1955 const char text[] = 1956 "You must go to " \ 1957 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 1958 "and download the correct firmware for this driver version. " \ 1959 "Please carefully read all instructions on this website.\n"; 1960 1961 if (error) 1962 b43err(wl, text); 1963 else 1964 b43warn(wl, text); 1965} 1966 1967int b43_do_request_fw(struct b43_request_fw_context *ctx, 1968 const char *name, 1969 struct b43_firmware_file *fw) 1970{ 1971 const struct firmware *blob; 1972 struct b43_fw_header *hdr; 1973 u32 size; 1974 int err; 1975 1976 if (!name) { 1977 /* Don't fetch anything. Free possibly cached firmware. */ 1978 /* FIXME: We should probably keep it anyway, to save some headache 1979 * on suspend/resume with multiband devices. */ 1980 b43_do_release_fw(fw); 1981 return 0; 1982 } 1983 if (fw->filename) { 1984 if ((fw->type == ctx->req_type) && 1985 (strcmp(fw->filename, name) == 0)) 1986 return 0; /* Already have this fw. */ 1987 /* Free the cached firmware first. */ 1988 /* FIXME: We should probably do this later after we successfully 1989 * got the new fw. This could reduce headache with multiband devices. 1990 * We could also redesign this to cache the firmware for all possible 1991 * bands all the time. */ 1992 b43_do_release_fw(fw); 1993 } 1994 1995 switch (ctx->req_type) { 1996 case B43_FWTYPE_PROPRIETARY: 1997 snprintf(ctx->fwname, sizeof(ctx->fwname), 1998 "b43%s/%s.fw", 1999 modparam_fwpostfix, name); 2000 break; 2001 case B43_FWTYPE_OPENSOURCE: 2002 snprintf(ctx->fwname, sizeof(ctx->fwname), 2003 "b43-open%s/%s.fw", 2004 modparam_fwpostfix, name); 2005 break; 2006 default: 2007 B43_WARN_ON(1); 2008 return -ENOSYS; 2009 } 2010 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2011 if (err == -ENOENT) { 2012 snprintf(ctx->errors[ctx->req_type], 2013 sizeof(ctx->errors[ctx->req_type]), 2014 "Firmware file \"%s\" not found\n", ctx->fwname); 2015 return err; 2016 } else if (err) { 2017 snprintf(ctx->errors[ctx->req_type], 2018 sizeof(ctx->errors[ctx->req_type]), 2019 "Firmware file \"%s\" request failed (err=%d)\n", 2020 ctx->fwname, err); 2021 return err; 2022 } 2023 if (blob->size < sizeof(struct b43_fw_header)) 2024 goto err_format; 2025 hdr = (struct b43_fw_header *)(blob->data); 2026 switch (hdr->type) { 2027 case B43_FW_TYPE_UCODE: 2028 case B43_FW_TYPE_PCM: 2029 size = be32_to_cpu(hdr->size); 2030 if (size != blob->size - sizeof(struct b43_fw_header)) 2031 goto err_format; 2032 /* fallthrough */ 2033 case B43_FW_TYPE_IV: 2034 if (hdr->ver != 1) 2035 goto err_format; 2036 break; 2037 default: 2038 goto err_format; 2039 } 2040 2041 fw->data = blob; 2042 fw->filename = name; 2043 fw->type = ctx->req_type; 2044 2045 return 0; 2046 2047err_format: 2048 snprintf(ctx->errors[ctx->req_type], 2049 sizeof(ctx->errors[ctx->req_type]), 2050 "Firmware file \"%s\" format error.\n", ctx->fwname); 2051 release_firmware(blob); 2052 2053 return -EPROTO; 2054} 2055 2056static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2057{ 2058 struct b43_wldev *dev = ctx->dev; 2059 struct b43_firmware *fw = &ctx->dev->fw; 2060 const u8 rev = ctx->dev->dev->id.revision; 2061 const char *filename; 2062 u32 tmshigh; 2063 int err; 2064 2065 /* Get microcode */ 2066 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 2067 if ((rev >= 5) && (rev <= 10)) 2068 filename = "ucode5"; 2069 else if ((rev >= 11) && (rev <= 12)) 2070 filename = "ucode11"; 2071 else if (rev == 13) 2072 filename = "ucode13"; 2073 else if (rev == 14) 2074 filename = "ucode14"; 2075 else if (rev >= 15) 2076 filename = "ucode15"; 2077 else 2078 goto err_no_ucode; 2079 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2080 if (err) 2081 goto err_load; 2082 2083 /* Get PCM code */ 2084 if ((rev >= 5) && (rev <= 10)) 2085 filename = "pcm5"; 2086 else if (rev >= 11) 2087 filename = NULL; 2088 else 2089 goto err_no_pcm; 2090 fw->pcm_request_failed = 0; 2091 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2092 if (err == -ENOENT) { 2093 /* We did not find a PCM file? Not fatal, but 2094 * core rev <= 10 must do without hwcrypto then. */ 2095 fw->pcm_request_failed = 1; 2096 } else if (err) 2097 goto err_load; 2098 2099 /* Get initvals */ 2100 switch (dev->phy.type) { 2101 case B43_PHYTYPE_A: 2102 if ((rev >= 5) && (rev <= 10)) { 2103 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2104 filename = "a0g1initvals5"; 2105 else 2106 filename = "a0g0initvals5"; 2107 } else 2108 goto err_no_initvals; 2109 break; 2110 case B43_PHYTYPE_G: 2111 if ((rev >= 5) && (rev <= 10)) 2112 filename = "b0g0initvals5"; 2113 else if (rev >= 13) 2114 filename = "b0g0initvals13"; 2115 else 2116 goto err_no_initvals; 2117 break; 2118 case B43_PHYTYPE_N: 2119 if ((rev >= 11) && (rev <= 12)) 2120 filename = "n0initvals11"; 2121 else 2122 goto err_no_initvals; 2123 break; 2124 case B43_PHYTYPE_LP: 2125 if (rev == 13) 2126 filename = "lp0initvals13"; 2127 else if (rev == 14) 2128 filename = "lp0initvals14"; 2129 else if (rev >= 15) 2130 filename = "lp0initvals15"; 2131 else 2132 goto err_no_initvals; 2133 break; 2134 default: 2135 goto err_no_initvals; 2136 } 2137 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2138 if (err) 2139 goto err_load; 2140 2141 /* Get bandswitch initvals */ 2142 switch (dev->phy.type) { 2143 case B43_PHYTYPE_A: 2144 if ((rev >= 5) && (rev <= 10)) { 2145 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2146 filename = "a0g1bsinitvals5"; 2147 else 2148 filename = "a0g0bsinitvals5"; 2149 } else if (rev >= 11) 2150 filename = NULL; 2151 else 2152 goto err_no_initvals; 2153 break; 2154 case B43_PHYTYPE_G: 2155 if ((rev >= 5) && (rev <= 10)) 2156 filename = "b0g0bsinitvals5"; 2157 else if (rev >= 11) 2158 filename = NULL; 2159 else 2160 goto err_no_initvals; 2161 break; 2162 case B43_PHYTYPE_N: 2163 if ((rev >= 11) && (rev <= 12)) 2164 filename = "n0bsinitvals11"; 2165 else 2166 goto err_no_initvals; 2167 break; 2168 case B43_PHYTYPE_LP: 2169 if (rev == 13) 2170 filename = "lp0bsinitvals13"; 2171 else if (rev == 14) 2172 filename = "lp0bsinitvals14"; 2173 else if (rev >= 15) 2174 filename = "lp0bsinitvals15"; 2175 else 2176 goto err_no_initvals; 2177 break; 2178 default: 2179 goto err_no_initvals; 2180 } 2181 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2182 if (err) 2183 goto err_load; 2184 2185 return 0; 2186 2187err_no_ucode: 2188 err = ctx->fatal_failure = -EOPNOTSUPP; 2189 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2190 "is required for your device (wl-core rev %u)\n", rev); 2191 goto error; 2192 2193err_no_pcm: 2194 err = ctx->fatal_failure = -EOPNOTSUPP; 2195 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2196 "is required for your device (wl-core rev %u)\n", rev); 2197 goto error; 2198 2199err_no_initvals: 2200 err = ctx->fatal_failure = -EOPNOTSUPP; 2201 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2202 "is required for your device (wl-core rev %u)\n", rev); 2203 goto error; 2204 2205err_load: 2206 /* We failed to load this firmware image. The error message 2207 * already is in ctx->errors. Return and let our caller decide 2208 * what to do. */ 2209 goto error; 2210 2211error: 2212 b43_release_firmware(dev); 2213 return err; 2214} 2215 2216static int b43_request_firmware(struct b43_wldev *dev) 2217{ 2218 struct b43_request_fw_context *ctx; 2219 unsigned int i; 2220 int err; 2221 const char *errmsg; 2222 2223 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2224 if (!ctx) 2225 return -ENOMEM; 2226 ctx->dev = dev; 2227 2228 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2229 err = b43_try_request_fw(ctx); 2230 if (!err) 2231 goto out; /* Successfully loaded it. */ 2232 err = ctx->fatal_failure; 2233 if (err) 2234 goto out; 2235 2236 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2237 err = b43_try_request_fw(ctx); 2238 if (!err) 2239 goto out; /* Successfully loaded it. */ 2240 err = ctx->fatal_failure; 2241 if (err) 2242 goto out; 2243 2244 /* Could not find a usable firmware. Print the errors. */ 2245 for (i = 0; i < B43_NR_FWTYPES; i++) { 2246 errmsg = ctx->errors[i]; 2247 if (strlen(errmsg)) 2248 b43err(dev->wl, errmsg); 2249 } 2250 b43_print_fw_helptext(dev->wl, 1); 2251 err = -ENOENT; 2252 2253out: 2254 kfree(ctx); 2255 return err; 2256} 2257 2258static int b43_upload_microcode(struct b43_wldev *dev) 2259{ 2260 const size_t hdr_len = sizeof(struct b43_fw_header); 2261 const __be32 *data; 2262 unsigned int i, len; 2263 u16 fwrev, fwpatch, fwdate, fwtime; 2264 u32 tmp, macctl; 2265 int err = 0; 2266 2267 /* Jump the microcode PSM to offset 0 */ 2268 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2269 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2270 macctl |= B43_MACCTL_PSM_JMP0; 2271 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2272 /* Zero out all microcode PSM registers and shared memory. */ 2273 for (i = 0; i < 64; i++) 2274 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2275 for (i = 0; i < 4096; i += 2) 2276 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2277 2278 /* Upload Microcode. */ 2279 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2280 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2281 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2282 for (i = 0; i < len; i++) { 2283 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2284 udelay(10); 2285 } 2286 2287 if (dev->fw.pcm.data) { 2288 /* Upload PCM data. */ 2289 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2290 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2291 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2292 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2293 /* No need for autoinc bit in SHM_HW */ 2294 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2295 for (i = 0; i < len; i++) { 2296 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2297 udelay(10); 2298 } 2299 } 2300 2301 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2302 2303 /* Start the microcode PSM */ 2304 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2305 macctl &= ~B43_MACCTL_PSM_JMP0; 2306 macctl |= B43_MACCTL_PSM_RUN; 2307 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2308 2309 /* Wait for the microcode to load and respond */ 2310 i = 0; 2311 while (1) { 2312 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2313 if (tmp == B43_IRQ_MAC_SUSPENDED) 2314 break; 2315 i++; 2316 if (i >= 20) { 2317 b43err(dev->wl, "Microcode not responding\n"); 2318 b43_print_fw_helptext(dev->wl, 1); 2319 err = -ENODEV; 2320 goto error; 2321 } 2322 msleep(50); 2323 } 2324 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2325 2326 /* Get and check the revisions. */ 2327 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2328 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2329 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2330 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2331 2332 if (fwrev <= 0x128) { 2333 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2334 "binary drivers older than version 4.x is unsupported. " 2335 "You must upgrade your firmware files.\n"); 2336 b43_print_fw_helptext(dev->wl, 1); 2337 err = -EOPNOTSUPP; 2338 goto error; 2339 } 2340 dev->fw.rev = fwrev; 2341 dev->fw.patch = fwpatch; 2342 dev->fw.opensource = (fwdate == 0xFFFF); 2343 2344 /* Default to use-all-queues. */ 2345 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2346 dev->qos_enabled = !!modparam_qos; 2347 /* Default to firmware/hardware crypto acceleration. */ 2348 dev->hwcrypto_enabled = 1; 2349 2350 if (dev->fw.opensource) { 2351 u16 fwcapa; 2352 2353 /* Patchlevel info is encoded in the "time" field. */ 2354 dev->fw.patch = fwtime; 2355 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2356 dev->fw.rev, dev->fw.patch); 2357 2358 fwcapa = b43_fwcapa_read(dev); 2359 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2360 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2361 /* Disable hardware crypto and fall back to software crypto. */ 2362 dev->hwcrypto_enabled = 0; 2363 } 2364 if (!(fwcapa & B43_FWCAPA_QOS)) { 2365 b43info(dev->wl, "QoS not supported by firmware\n"); 2366 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2367 * ieee80211_unregister to make sure the networking core can 2368 * properly free possible resources. */ 2369 dev->wl->hw->queues = 1; 2370 dev->qos_enabled = 0; 2371 } 2372 } else { 2373 b43info(dev->wl, "Loading firmware version %u.%u " 2374 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2375 fwrev, fwpatch, 2376 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2377 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2378 if (dev->fw.pcm_request_failed) { 2379 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2380 "Hardware accelerated cryptography is disabled.\n"); 2381 b43_print_fw_helptext(dev->wl, 0); 2382 } 2383 } 2384 2385 if (b43_is_old_txhdr_format(dev)) { 2386 /* We're over the deadline, but we keep support for old fw 2387 * until it turns out to be in major conflict with something new. */ 2388 b43warn(dev->wl, "You are using an old firmware image. " 2389 "Support for old firmware will be removed soon " 2390 "(official deadline was July 2008).\n"); 2391 b43_print_fw_helptext(dev->wl, 0); 2392 } 2393 2394 return 0; 2395 2396error: 2397 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2398 macctl &= ~B43_MACCTL_PSM_RUN; 2399 macctl |= B43_MACCTL_PSM_JMP0; 2400 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2401 2402 return err; 2403} 2404 2405static int b43_write_initvals(struct b43_wldev *dev, 2406 const struct b43_iv *ivals, 2407 size_t count, 2408 size_t array_size) 2409{ 2410 const struct b43_iv *iv; 2411 u16 offset; 2412 size_t i; 2413 bool bit32; 2414 2415 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2416 iv = ivals; 2417 for (i = 0; i < count; i++) { 2418 if (array_size < sizeof(iv->offset_size)) 2419 goto err_format; 2420 array_size -= sizeof(iv->offset_size); 2421 offset = be16_to_cpu(iv->offset_size); 2422 bit32 = !!(offset & B43_IV_32BIT); 2423 offset &= B43_IV_OFFSET_MASK; 2424 if (offset >= 0x1000) 2425 goto err_format; 2426 if (bit32) { 2427 u32 value; 2428 2429 if (array_size < sizeof(iv->data.d32)) 2430 goto err_format; 2431 array_size -= sizeof(iv->data.d32); 2432 2433 value = get_unaligned_be32(&iv->data.d32); 2434 b43_write32(dev, offset, value); 2435 2436 iv = (const struct b43_iv *)((const uint8_t *)iv + 2437 sizeof(__be16) + 2438 sizeof(__be32)); 2439 } else { 2440 u16 value; 2441 2442 if (array_size < sizeof(iv->data.d16)) 2443 goto err_format; 2444 array_size -= sizeof(iv->data.d16); 2445 2446 value = be16_to_cpu(iv->data.d16); 2447 b43_write16(dev, offset, value); 2448 2449 iv = (const struct b43_iv *)((const uint8_t *)iv + 2450 sizeof(__be16) + 2451 sizeof(__be16)); 2452 } 2453 } 2454 if (array_size) 2455 goto err_format; 2456 2457 return 0; 2458 2459err_format: 2460 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2461 b43_print_fw_helptext(dev->wl, 1); 2462 2463 return -EPROTO; 2464} 2465 2466static int b43_upload_initvals(struct b43_wldev *dev) 2467{ 2468 const size_t hdr_len = sizeof(struct b43_fw_header); 2469 const struct b43_fw_header *hdr; 2470 struct b43_firmware *fw = &dev->fw; 2471 const struct b43_iv *ivals; 2472 size_t count; 2473 int err; 2474 2475 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2476 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2477 count = be32_to_cpu(hdr->size); 2478 err = b43_write_initvals(dev, ivals, count, 2479 fw->initvals.data->size - hdr_len); 2480 if (err) 2481 goto out; 2482 if (fw->initvals_band.data) { 2483 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2484 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2485 count = be32_to_cpu(hdr->size); 2486 err = b43_write_initvals(dev, ivals, count, 2487 fw->initvals_band.data->size - hdr_len); 2488 if (err) 2489 goto out; 2490 } 2491out: 2492 2493 return err; 2494} 2495 2496/* Initialize the GPIOs 2497 * http://bcm-specs.sipsolutions.net/GPIO 2498 */ 2499static int b43_gpio_init(struct b43_wldev *dev) 2500{ 2501 struct ssb_bus *bus = dev->dev->bus; 2502 struct ssb_device *gpiodev, *pcidev = NULL; 2503 u32 mask, set; 2504 2505 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2506 & ~B43_MACCTL_GPOUTSMSK); 2507 2508 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2509 | 0x000F); 2510 2511 mask = 0x0000001F; 2512 set = 0x0000000F; 2513 if (dev->dev->bus->chip_id == 0x4301) { 2514 mask |= 0x0060; 2515 set |= 0x0060; 2516 } 2517 if (0 /* FIXME: conditional unknown */ ) { 2518 b43_write16(dev, B43_MMIO_GPIO_MASK, 2519 b43_read16(dev, B43_MMIO_GPIO_MASK) 2520 | 0x0100); 2521 mask |= 0x0180; 2522 set |= 0x0180; 2523 } 2524 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) { 2525 b43_write16(dev, B43_MMIO_GPIO_MASK, 2526 b43_read16(dev, B43_MMIO_GPIO_MASK) 2527 | 0x0200); 2528 mask |= 0x0200; 2529 set |= 0x0200; 2530 } 2531 if (dev->dev->id.revision >= 2) 2532 mask |= 0x0010; /* FIXME: This is redundant. */ 2533 2534#ifdef CONFIG_SSB_DRIVER_PCICORE 2535 pcidev = bus->pcicore.dev; 2536#endif 2537 gpiodev = bus->chipco.dev ? : pcidev; 2538 if (!gpiodev) 2539 return 0; 2540 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2541 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2542 & mask) | set); 2543 2544 return 0; 2545} 2546 2547/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2548static void b43_gpio_cleanup(struct b43_wldev *dev) 2549{ 2550 struct ssb_bus *bus = dev->dev->bus; 2551 struct ssb_device *gpiodev, *pcidev = NULL; 2552 2553#ifdef CONFIG_SSB_DRIVER_PCICORE 2554 pcidev = bus->pcicore.dev; 2555#endif 2556 gpiodev = bus->chipco.dev ? : pcidev; 2557 if (!gpiodev) 2558 return; 2559 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2560} 2561 2562/* http://bcm-specs.sipsolutions.net/EnableMac */ 2563void b43_mac_enable(struct b43_wldev *dev) 2564{ 2565 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2566 u16 fwstate; 2567 2568 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2569 B43_SHM_SH_UCODESTAT); 2570 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2571 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2572 b43err(dev->wl, "b43_mac_enable(): The firmware " 2573 "should be suspended, but current state is %u\n", 2574 fwstate); 2575 } 2576 } 2577 2578 dev->mac_suspended--; 2579 B43_WARN_ON(dev->mac_suspended < 0); 2580 if (dev->mac_suspended == 0) { 2581 b43_write32(dev, B43_MMIO_MACCTL, 2582 b43_read32(dev, B43_MMIO_MACCTL) 2583 | B43_MACCTL_ENABLED); 2584 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2585 B43_IRQ_MAC_SUSPENDED); 2586 /* Commit writes */ 2587 b43_read32(dev, B43_MMIO_MACCTL); 2588 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2589 b43_power_saving_ctl_bits(dev, 0); 2590 } 2591} 2592 2593/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2594void b43_mac_suspend(struct b43_wldev *dev) 2595{ 2596 int i; 2597 u32 tmp; 2598 2599 might_sleep(); 2600 B43_WARN_ON(dev->mac_suspended < 0); 2601 2602 if (dev->mac_suspended == 0) { 2603 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2604 b43_write32(dev, B43_MMIO_MACCTL, 2605 b43_read32(dev, B43_MMIO_MACCTL) 2606 & ~B43_MACCTL_ENABLED); 2607 /* force pci to flush the write */ 2608 b43_read32(dev, B43_MMIO_MACCTL); 2609 for (i = 35; i; i--) { 2610 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2611 if (tmp & B43_IRQ_MAC_SUSPENDED) 2612 goto out; 2613 udelay(10); 2614 } 2615 /* Hm, it seems this will take some time. Use msleep(). */ 2616 for (i = 40; i; i--) { 2617 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2618 if (tmp & B43_IRQ_MAC_SUSPENDED) 2619 goto out; 2620 msleep(1); 2621 } 2622 b43err(dev->wl, "MAC suspend failed\n"); 2623 } 2624out: 2625 dev->mac_suspended++; 2626} 2627 2628static void b43_adjust_opmode(struct b43_wldev *dev) 2629{ 2630 struct b43_wl *wl = dev->wl; 2631 u32 ctl; 2632 u16 cfp_pretbtt; 2633 2634 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2635 /* Reset status to STA infrastructure mode. */ 2636 ctl &= ~B43_MACCTL_AP; 2637 ctl &= ~B43_MACCTL_KEEP_CTL; 2638 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2639 ctl &= ~B43_MACCTL_KEEP_BAD; 2640 ctl &= ~B43_MACCTL_PROMISC; 2641 ctl &= ~B43_MACCTL_BEACPROMISC; 2642 ctl |= B43_MACCTL_INFRA; 2643 2644 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2645 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2646 ctl |= B43_MACCTL_AP; 2647 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2648 ctl &= ~B43_MACCTL_INFRA; 2649 2650 if (wl->filter_flags & FIF_CONTROL) 2651 ctl |= B43_MACCTL_KEEP_CTL; 2652 if (wl->filter_flags & FIF_FCSFAIL) 2653 ctl |= B43_MACCTL_KEEP_BAD; 2654 if (wl->filter_flags & FIF_PLCPFAIL) 2655 ctl |= B43_MACCTL_KEEP_BADPLCP; 2656 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2657 ctl |= B43_MACCTL_PROMISC; 2658 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2659 ctl |= B43_MACCTL_BEACPROMISC; 2660 2661 /* Workaround: On old hardware the HW-MAC-address-filter 2662 * doesn't work properly, so always run promisc in filter 2663 * it in software. */ 2664 if (dev->dev->id.revision <= 4) 2665 ctl |= B43_MACCTL_PROMISC; 2666 2667 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2668 2669 cfp_pretbtt = 2; 2670 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2671 if (dev->dev->bus->chip_id == 0x4306 && 2672 dev->dev->bus->chip_rev == 3) 2673 cfp_pretbtt = 100; 2674 else 2675 cfp_pretbtt = 50; 2676 } 2677 b43_write16(dev, 0x612, cfp_pretbtt); 2678 2679 /* FIXME: We don't currently implement the PMQ mechanism, 2680 * so always disable it. If we want to implement PMQ, 2681 * we need to enable it here (clear DISCPMQ) in AP mode. 2682 */ 2683 if (0 /* ctl & B43_MACCTL_AP */) { 2684 b43_write32(dev, B43_MMIO_MACCTL, 2685 b43_read32(dev, B43_MMIO_MACCTL) 2686 & ~B43_MACCTL_DISCPMQ); 2687 } else { 2688 b43_write32(dev, B43_MMIO_MACCTL, 2689 b43_read32(dev, B43_MMIO_MACCTL) 2690 | B43_MACCTL_DISCPMQ); 2691 } 2692} 2693 2694static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2695{ 2696 u16 offset; 2697 2698 if (is_ofdm) { 2699 offset = 0x480; 2700 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2701 } else { 2702 offset = 0x4C0; 2703 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2704 } 2705 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2706 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2707} 2708 2709static void b43_rate_memory_init(struct b43_wldev *dev) 2710{ 2711 switch (dev->phy.type) { 2712 case B43_PHYTYPE_A: 2713 case B43_PHYTYPE_G: 2714 case B43_PHYTYPE_N: 2715 case B43_PHYTYPE_LP: 2716 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2717 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2718 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2719 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2720 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2721 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2722 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2723 if (dev->phy.type == B43_PHYTYPE_A) 2724 break; 2725 /* fallthrough */ 2726 case B43_PHYTYPE_B: 2727 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2728 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2729 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2730 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2731 break; 2732 default: 2733 B43_WARN_ON(1); 2734 } 2735} 2736 2737/* Set the default values for the PHY TX Control Words. */ 2738static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2739{ 2740 u16 ctl = 0; 2741 2742 ctl |= B43_TXH_PHY_ENC_CCK; 2743 ctl |= B43_TXH_PHY_ANT01AUTO; 2744 ctl |= B43_TXH_PHY_TXPWR; 2745 2746 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2747 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2748 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2749} 2750 2751/* Set the TX-Antenna for management frames sent by firmware. */ 2752static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2753{ 2754 u16 ant; 2755 u16 tmp; 2756 2757 ant = b43_antenna_to_phyctl(antenna); 2758 2759 /* For ACK/CTS */ 2760 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2761 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2762 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2763 /* For Probe Resposes */ 2764 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2765 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2766 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2767} 2768 2769/* This is the opposite of b43_chip_init() */ 2770static void b43_chip_exit(struct b43_wldev *dev) 2771{ 2772 b43_phy_exit(dev); 2773 b43_gpio_cleanup(dev); 2774 /* firmware is released later */ 2775} 2776 2777/* Initialize the chip 2778 * http://bcm-specs.sipsolutions.net/ChipInit 2779 */ 2780static int b43_chip_init(struct b43_wldev *dev) 2781{ 2782 struct b43_phy *phy = &dev->phy; 2783 int err; 2784 u32 value32, macctl; 2785 u16 value16; 2786 2787 /* Initialize the MAC control */ 2788 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2789 if (dev->phy.gmode) 2790 macctl |= B43_MACCTL_GMODE; 2791 macctl |= B43_MACCTL_INFRA; 2792 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2793 2794 err = b43_request_firmware(dev); 2795 if (err) 2796 goto out; 2797 err = b43_upload_microcode(dev); 2798 if (err) 2799 goto out; /* firmware is released later */ 2800 2801 err = b43_gpio_init(dev); 2802 if (err) 2803 goto out; /* firmware is released later */ 2804 2805 err = b43_upload_initvals(dev); 2806 if (err) 2807 goto err_gpio_clean; 2808 2809 /* Turn the Analog on and initialize the PHY. */ 2810 phy->ops->switch_analog(dev, 1); 2811 err = b43_phy_init(dev); 2812 if (err) 2813 goto err_gpio_clean; 2814 2815 /* Disable Interference Mitigation. */ 2816 if (phy->ops->interf_mitigation) 2817 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2818 2819 /* Select the antennae */ 2820 if (phy->ops->set_rx_antenna) 2821 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2822 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2823 2824 if (phy->type == B43_PHYTYPE_B) { 2825 value16 = b43_read16(dev, 0x005E); 2826 value16 |= 0x0004; 2827 b43_write16(dev, 0x005E, value16); 2828 } 2829 b43_write32(dev, 0x0100, 0x01000000); 2830 if (dev->dev->id.revision < 5) 2831 b43_write32(dev, 0x010C, 0x01000000); 2832 2833 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2834 & ~B43_MACCTL_INFRA); 2835 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2836 | B43_MACCTL_INFRA); 2837 2838 /* Probe Response Timeout value */ 2839 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2840 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2841 2842 /* Initially set the wireless operation mode. */ 2843 b43_adjust_opmode(dev); 2844 2845 if (dev->dev->id.revision < 3) { 2846 b43_write16(dev, 0x060E, 0x0000); 2847 b43_write16(dev, 0x0610, 0x8000); 2848 b43_write16(dev, 0x0604, 0x0000); 2849 b43_write16(dev, 0x0606, 0x0200); 2850 } else { 2851 b43_write32(dev, 0x0188, 0x80000000); 2852 b43_write32(dev, 0x018C, 0x02000000); 2853 } 2854 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2855 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2856 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2857 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2858 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2859 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2860 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2861 2862 value32 = ssb_read32(dev->dev, SSB_TMSLOW); 2863 value32 |= 0x00100000; 2864 ssb_write32(dev->dev, SSB_TMSLOW, value32); 2865 2866 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2867 dev->dev->bus->chipco.fast_pwrup_delay); 2868 2869 err = 0; 2870 b43dbg(dev->wl, "Chip initialized\n"); 2871out: 2872 return err; 2873 2874err_gpio_clean: 2875 b43_gpio_cleanup(dev); 2876 return err; 2877} 2878 2879static void b43_periodic_every60sec(struct b43_wldev *dev) 2880{ 2881 const struct b43_phy_operations *ops = dev->phy.ops; 2882 2883 if (ops->pwork_60sec) 2884 ops->pwork_60sec(dev); 2885 2886 /* Force check the TX power emission now. */ 2887 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2888} 2889 2890static void b43_periodic_every30sec(struct b43_wldev *dev) 2891{ 2892 /* Update device statistics. */ 2893 b43_calculate_link_quality(dev); 2894} 2895 2896static void b43_periodic_every15sec(struct b43_wldev *dev) 2897{ 2898 struct b43_phy *phy = &dev->phy; 2899 u16 wdr; 2900 2901 if (dev->fw.opensource) { 2902 /* Check if the firmware is still alive. 2903 * It will reset the watchdog counter to 0 in its idle loop. */ 2904 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2905 if (unlikely(wdr)) { 2906 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2907 b43_controller_restart(dev, "Firmware watchdog"); 2908 return; 2909 } else { 2910 b43_shm_write16(dev, B43_SHM_SCRATCH, 2911 B43_WATCHDOG_REG, 1); 2912 } 2913 } 2914 2915 if (phy->ops->pwork_15sec) 2916 phy->ops->pwork_15sec(dev); 2917 2918 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 2919 wmb(); 2920 2921#if B43_DEBUG 2922 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 2923 unsigned int i; 2924 2925 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 2926 dev->irq_count / 15, 2927 dev->tx_count / 15, 2928 dev->rx_count / 15); 2929 dev->irq_count = 0; 2930 dev->tx_count = 0; 2931 dev->rx_count = 0; 2932 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 2933 if (dev->irq_bit_count[i]) { 2934 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 2935 dev->irq_bit_count[i] / 15, i, (1 << i)); 2936 dev->irq_bit_count[i] = 0; 2937 } 2938 } 2939 } 2940#endif 2941} 2942 2943static void do_periodic_work(struct b43_wldev *dev) 2944{ 2945 unsigned int state; 2946 2947 state = dev->periodic_state; 2948 if (state % 4 == 0) 2949 b43_periodic_every60sec(dev); 2950 if (state % 2 == 0) 2951 b43_periodic_every30sec(dev); 2952 b43_periodic_every15sec(dev); 2953} 2954 2955/* Periodic work locking policy: 2956 * The whole periodic work handler is protected by 2957 * wl->mutex. If another lock is needed somewhere in the 2958 * pwork callchain, it's acquired in-place, where it's needed. 2959 */ 2960static void b43_periodic_work_handler(struct work_struct *work) 2961{ 2962 struct b43_wldev *dev = container_of(work, struct b43_wldev, 2963 periodic_work.work); 2964 struct b43_wl *wl = dev->wl; 2965 unsigned long delay; 2966 2967 mutex_lock(&wl->mutex); 2968 2969 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 2970 goto out; 2971 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 2972 goto out_requeue; 2973 2974 do_periodic_work(dev); 2975 2976 dev->periodic_state++; 2977out_requeue: 2978 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 2979 delay = msecs_to_jiffies(50); 2980 else 2981 delay = round_jiffies_relative(HZ * 15); 2982 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 2983out: 2984 mutex_unlock(&wl->mutex); 2985} 2986 2987static void b43_periodic_tasks_setup(struct b43_wldev *dev) 2988{ 2989 struct delayed_work *work = &dev->periodic_work; 2990 2991 dev->periodic_state = 0; 2992 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 2993 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 2994} 2995 2996/* Check if communication with the device works correctly. */ 2997static int b43_validate_chipaccess(struct b43_wldev *dev) 2998{ 2999 u32 v, backup0, backup4; 3000 3001 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3002 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3003 3004 /* Check for read/write and endianness problems. */ 3005 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3006 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3007 goto error; 3008 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3009 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3010 goto error; 3011 3012 /* Check if unaligned 32bit SHM_SHARED access works properly. 3013 * However, don't bail out on failure, because it's noncritical. */ 3014 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3015 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3016 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3017 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3018 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3019 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3020 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3021 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3022 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3023 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3024 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3025 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3026 3027 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3028 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3029 3030 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) { 3031 /* The 32bit register shadows the two 16bit registers 3032 * with update sideeffects. Validate this. */ 3033 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3034 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3035 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3036 goto error; 3037 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3038 goto error; 3039 } 3040 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3041 3042 v = b43_read32(dev, B43_MMIO_MACCTL); 3043 v |= B43_MACCTL_GMODE; 3044 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3045 goto error; 3046 3047 return 0; 3048error: 3049 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3050 return -ENODEV; 3051} 3052 3053static void b43_security_init(struct b43_wldev *dev) 3054{ 3055 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3056 /* KTP is a word address, but we address SHM bytewise. 3057 * So multiply by two. 3058 */ 3059 dev->ktp *= 2; 3060 /* Number of RCMTA address slots */ 3061 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3062 /* Clear the key memory. */ 3063 b43_clear_keys(dev); 3064} 3065 3066#ifdef CONFIG_B43_HWRNG 3067static int b43_rng_read(struct hwrng *rng, u32 *data) 3068{ 3069 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3070 struct b43_wldev *dev; 3071 int count = -ENODEV; 3072 3073 mutex_lock(&wl->mutex); 3074 dev = wl->current_dev; 3075 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3076 *data = b43_read16(dev, B43_MMIO_RNG); 3077 count = sizeof(u16); 3078 } 3079 mutex_unlock(&wl->mutex); 3080 3081 return count; 3082} 3083#endif /* CONFIG_B43_HWRNG */ 3084 3085static void b43_rng_exit(struct b43_wl *wl) 3086{ 3087#ifdef CONFIG_B43_HWRNG 3088 if (wl->rng_initialized) 3089 hwrng_unregister(&wl->rng); 3090#endif /* CONFIG_B43_HWRNG */ 3091} 3092 3093static int b43_rng_init(struct b43_wl *wl) 3094{ 3095 int err = 0; 3096 3097#ifdef CONFIG_B43_HWRNG 3098 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3099 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3100 wl->rng.name = wl->rng_name; 3101 wl->rng.data_read = b43_rng_read; 3102 wl->rng.priv = (unsigned long)wl; 3103 wl->rng_initialized = 1; 3104 err = hwrng_register(&wl->rng); 3105 if (err) { 3106 wl->rng_initialized = 0; 3107 b43err(wl, "Failed to register the random " 3108 "number generator (%d)\n", err); 3109 } 3110#endif /* CONFIG_B43_HWRNG */ 3111 3112 return err; 3113} 3114 3115static void b43_tx_work(struct work_struct *work) 3116{ 3117 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3118 struct b43_wldev *dev; 3119 struct sk_buff *skb; 3120 int err = 0; 3121 3122 mutex_lock(&wl->mutex); 3123 dev = wl->current_dev; 3124 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3125 mutex_unlock(&wl->mutex); 3126 return; 3127 } 3128 3129 while (skb_queue_len(&wl->tx_queue)) { 3130 skb = skb_dequeue(&wl->tx_queue); 3131 3132 if (b43_using_pio_transfers(dev)) 3133 err = b43_pio_tx(dev, skb); 3134 else 3135 err = b43_dma_tx(dev, skb); 3136 if (unlikely(err)) 3137 dev_kfree_skb(skb); /* Drop it */ 3138 } 3139 3140#if B43_DEBUG 3141 dev->tx_count++; 3142#endif 3143 mutex_unlock(&wl->mutex); 3144} 3145 3146static int b43_op_tx(struct ieee80211_hw *hw, 3147 struct sk_buff *skb) 3148{ 3149 struct b43_wl *wl = hw_to_b43_wl(hw); 3150 3151 if (unlikely(skb->len < 2 + 2 + 6)) { 3152 /* Too short, this can't be a valid frame. */ 3153 dev_kfree_skb_any(skb); 3154 return NETDEV_TX_OK; 3155 } 3156 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3157 3158 skb_queue_tail(&wl->tx_queue, skb); 3159 ieee80211_queue_work(wl->hw, &wl->tx_work); 3160 3161 return NETDEV_TX_OK; 3162} 3163 3164static void b43_qos_params_upload(struct b43_wldev *dev, 3165 const struct ieee80211_tx_queue_params *p, 3166 u16 shm_offset) 3167{ 3168 u16 params[B43_NR_QOSPARAMS]; 3169 int bslots, tmp; 3170 unsigned int i; 3171 3172 if (!dev->qos_enabled) 3173 return; 3174 3175 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3176 3177 memset(¶ms, 0, sizeof(params)); 3178 3179 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3180 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3181 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3182 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3183 params[B43_QOSPARAM_AIFS] = p->aifs; 3184 params[B43_QOSPARAM_BSLOTS] = bslots; 3185 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3186 3187 for (i = 0; i < ARRAY_SIZE(params); i++) { 3188 if (i == B43_QOSPARAM_STATUS) { 3189 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3190 shm_offset + (i * 2)); 3191 /* Mark the parameters as updated. */ 3192 tmp |= 0x100; 3193 b43_shm_write16(dev, B43_SHM_SHARED, 3194 shm_offset + (i * 2), 3195 tmp); 3196 } else { 3197 b43_shm_write16(dev, B43_SHM_SHARED, 3198 shm_offset + (i * 2), 3199 params[i]); 3200 } 3201 } 3202} 3203 3204/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3205static const u16 b43_qos_shm_offsets[] = { 3206 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3207 [0] = B43_QOS_VOICE, 3208 [1] = B43_QOS_VIDEO, 3209 [2] = B43_QOS_BESTEFFORT, 3210 [3] = B43_QOS_BACKGROUND, 3211}; 3212 3213/* Update all QOS parameters in hardware. */ 3214static void b43_qos_upload_all(struct b43_wldev *dev) 3215{ 3216 struct b43_wl *wl = dev->wl; 3217 struct b43_qos_params *params; 3218 unsigned int i; 3219 3220 if (!dev->qos_enabled) 3221 return; 3222 3223 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3224 ARRAY_SIZE(wl->qos_params)); 3225 3226 b43_mac_suspend(dev); 3227 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3228 params = &(wl->qos_params[i]); 3229 b43_qos_params_upload(dev, &(params->p), 3230 b43_qos_shm_offsets[i]); 3231 } 3232 b43_mac_enable(dev); 3233} 3234 3235static void b43_qos_clear(struct b43_wl *wl) 3236{ 3237 struct b43_qos_params *params; 3238 unsigned int i; 3239 3240 /* Initialize QoS parameters to sane defaults. */ 3241 3242 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3243 ARRAY_SIZE(wl->qos_params)); 3244 3245 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3246 params = &(wl->qos_params[i]); 3247 3248 switch (b43_qos_shm_offsets[i]) { 3249 case B43_QOS_VOICE: 3250 params->p.txop = 0; 3251 params->p.aifs = 2; 3252 params->p.cw_min = 0x0001; 3253 params->p.cw_max = 0x0001; 3254 break; 3255 case B43_QOS_VIDEO: 3256 params->p.txop = 0; 3257 params->p.aifs = 2; 3258 params->p.cw_min = 0x0001; 3259 params->p.cw_max = 0x0001; 3260 break; 3261 case B43_QOS_BESTEFFORT: 3262 params->p.txop = 0; 3263 params->p.aifs = 3; 3264 params->p.cw_min = 0x0001; 3265 params->p.cw_max = 0x03FF; 3266 break; 3267 case B43_QOS_BACKGROUND: 3268 params->p.txop = 0; 3269 params->p.aifs = 7; 3270 params->p.cw_min = 0x0001; 3271 params->p.cw_max = 0x03FF; 3272 break; 3273 default: 3274 B43_WARN_ON(1); 3275 } 3276 } 3277} 3278 3279/* Initialize the core's QOS capabilities */ 3280static void b43_qos_init(struct b43_wldev *dev) 3281{ 3282 if (!dev->qos_enabled) { 3283 /* Disable QOS support. */ 3284 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3285 b43_write16(dev, B43_MMIO_IFSCTL, 3286 b43_read16(dev, B43_MMIO_IFSCTL) 3287 & ~B43_MMIO_IFSCTL_USE_EDCF); 3288 b43dbg(dev->wl, "QoS disabled\n"); 3289 return; 3290 } 3291 3292 /* Upload the current QOS parameters. */ 3293 b43_qos_upload_all(dev); 3294 3295 /* Enable QOS support. */ 3296 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3297 b43_write16(dev, B43_MMIO_IFSCTL, 3298 b43_read16(dev, B43_MMIO_IFSCTL) 3299 | B43_MMIO_IFSCTL_USE_EDCF); 3300 b43dbg(dev->wl, "QoS enabled\n"); 3301} 3302 3303static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3304 const struct ieee80211_tx_queue_params *params) 3305{ 3306 struct b43_wl *wl = hw_to_b43_wl(hw); 3307 struct b43_wldev *dev; 3308 unsigned int queue = (unsigned int)_queue; 3309 int err = -ENODEV; 3310 3311 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3312 /* Queue not available or don't support setting 3313 * params on this queue. Return success to not 3314 * confuse mac80211. */ 3315 return 0; 3316 } 3317 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3318 ARRAY_SIZE(wl->qos_params)); 3319 3320 mutex_lock(&wl->mutex); 3321 dev = wl->current_dev; 3322 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3323 goto out_unlock; 3324 3325 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3326 b43_mac_suspend(dev); 3327 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3328 b43_qos_shm_offsets[queue]); 3329 b43_mac_enable(dev); 3330 err = 0; 3331 3332out_unlock: 3333 mutex_unlock(&wl->mutex); 3334 3335 return err; 3336} 3337 3338static int b43_op_get_tx_stats(struct ieee80211_hw *hw, 3339 struct ieee80211_tx_queue_stats *stats) 3340{ 3341 struct b43_wl *wl = hw_to_b43_wl(hw); 3342 struct b43_wldev *dev; 3343 int err = -ENODEV; 3344 3345 mutex_lock(&wl->mutex); 3346 dev = wl->current_dev; 3347 if (dev && b43_status(dev) >= B43_STAT_STARTED) { 3348 if (b43_using_pio_transfers(dev)) 3349 b43_pio_get_tx_stats(dev, stats); 3350 else 3351 b43_dma_get_tx_stats(dev, stats); 3352 err = 0; 3353 } 3354 mutex_unlock(&wl->mutex); 3355 3356 return err; 3357} 3358 3359static int b43_op_get_stats(struct ieee80211_hw *hw, 3360 struct ieee80211_low_level_stats *stats) 3361{ 3362 struct b43_wl *wl = hw_to_b43_wl(hw); 3363 3364 mutex_lock(&wl->mutex); 3365 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3366 mutex_unlock(&wl->mutex); 3367 3368 return 0; 3369} 3370 3371static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3372{ 3373 struct b43_wl *wl = hw_to_b43_wl(hw); 3374 struct b43_wldev *dev; 3375 u64 tsf; 3376 3377 mutex_lock(&wl->mutex); 3378 dev = wl->current_dev; 3379 3380 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3381 b43_tsf_read(dev, &tsf); 3382 else 3383 tsf = 0; 3384 3385 mutex_unlock(&wl->mutex); 3386 3387 return tsf; 3388} 3389 3390static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3391{ 3392 struct b43_wl *wl = hw_to_b43_wl(hw); 3393 struct b43_wldev *dev; 3394 3395 mutex_lock(&wl->mutex); 3396 dev = wl->current_dev; 3397 3398 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3399 b43_tsf_write(dev, tsf); 3400 3401 mutex_unlock(&wl->mutex); 3402} 3403 3404static void b43_put_phy_into_reset(struct b43_wldev *dev) 3405{ 3406 struct ssb_device *sdev = dev->dev; 3407 u32 tmslow; 3408 3409 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3410 tmslow &= ~B43_TMSLOW_GMODE; 3411 tmslow |= B43_TMSLOW_PHYRESET; 3412 tmslow |= SSB_TMSLOW_FGC; 3413 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3414 msleep(1); 3415 3416 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3417 tmslow &= ~SSB_TMSLOW_FGC; 3418 tmslow |= B43_TMSLOW_PHYRESET; 3419 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3420 msleep(1); 3421} 3422 3423static const char *band_to_string(enum ieee80211_band band) 3424{ 3425 switch (band) { 3426 case IEEE80211_BAND_5GHZ: 3427 return "5"; 3428 case IEEE80211_BAND_2GHZ: 3429 return "2.4"; 3430 default: 3431 break; 3432 } 3433 B43_WARN_ON(1); 3434 return ""; 3435} 3436 3437/* Expects wl->mutex locked */ 3438static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3439{ 3440 struct b43_wldev *up_dev = NULL; 3441 struct b43_wldev *down_dev; 3442 struct b43_wldev *d; 3443 int err; 3444 bool uninitialized_var(gmode); 3445 int prev_status; 3446 3447 /* Find a device and PHY which supports the band. */ 3448 list_for_each_entry(d, &wl->devlist, list) { 3449 switch (chan->band) { 3450 case IEEE80211_BAND_5GHZ: 3451 if (d->phy.supports_5ghz) { 3452 up_dev = d; 3453 gmode = 0; 3454 } 3455 break; 3456 case IEEE80211_BAND_2GHZ: 3457 if (d->phy.supports_2ghz) { 3458 up_dev = d; 3459 gmode = 1; 3460 } 3461 break; 3462 default: 3463 B43_WARN_ON(1); 3464 return -EINVAL; 3465 } 3466 if (up_dev) 3467 break; 3468 } 3469 if (!up_dev) { 3470 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3471 band_to_string(chan->band)); 3472 return -ENODEV; 3473 } 3474 if ((up_dev == wl->current_dev) && 3475 (!!wl->current_dev->phy.gmode == !!gmode)) { 3476 /* This device is already running. */ 3477 return 0; 3478 } 3479 b43dbg(wl, "Switching to %s-GHz band\n", 3480 band_to_string(chan->band)); 3481 down_dev = wl->current_dev; 3482 3483 prev_status = b43_status(down_dev); 3484 /* Shutdown the currently running core. */ 3485 if (prev_status >= B43_STAT_STARTED) 3486 down_dev = b43_wireless_core_stop(down_dev); 3487 if (prev_status >= B43_STAT_INITIALIZED) 3488 b43_wireless_core_exit(down_dev); 3489 3490 if (down_dev != up_dev) { 3491 /* We switch to a different core, so we put PHY into 3492 * RESET on the old core. */ 3493 b43_put_phy_into_reset(down_dev); 3494 } 3495 3496 /* Now start the new core. */ 3497 up_dev->phy.gmode = gmode; 3498 if (prev_status >= B43_STAT_INITIALIZED) { 3499 err = b43_wireless_core_init(up_dev); 3500 if (err) { 3501 b43err(wl, "Fatal: Could not initialize device for " 3502 "selected %s-GHz band\n", 3503 band_to_string(chan->band)); 3504 goto init_failure; 3505 } 3506 } 3507 if (prev_status >= B43_STAT_STARTED) { 3508 err = b43_wireless_core_start(up_dev); 3509 if (err) { 3510 b43err(wl, "Fatal: Coult not start device for " 3511 "selected %s-GHz band\n", 3512 band_to_string(chan->band)); 3513 b43_wireless_core_exit(up_dev); 3514 goto init_failure; 3515 } 3516 } 3517 B43_WARN_ON(b43_status(up_dev) != prev_status); 3518 3519 wl->current_dev = up_dev; 3520 3521 return 0; 3522init_failure: 3523 /* Whoops, failed to init the new core. No core is operating now. */ 3524 wl->current_dev = NULL; 3525 return err; 3526} 3527 3528/* Write the short and long frame retry limit values. */ 3529static void b43_set_retry_limits(struct b43_wldev *dev, 3530 unsigned int short_retry, 3531 unsigned int long_retry) 3532{ 3533 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3534 * the chip-internal counter. */ 3535 short_retry = min(short_retry, (unsigned int)0xF); 3536 long_retry = min(long_retry, (unsigned int)0xF); 3537 3538 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3539 short_retry); 3540 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3541 long_retry); 3542} 3543 3544static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3545{ 3546 struct b43_wl *wl = hw_to_b43_wl(hw); 3547 struct b43_wldev *dev; 3548 struct b43_phy *phy; 3549 struct ieee80211_conf *conf = &hw->conf; 3550 int antenna; 3551 int err = 0; 3552 3553 mutex_lock(&wl->mutex); 3554 3555 /* Switch the band (if necessary). This might change the active core. */ 3556 err = b43_switch_band(wl, conf->channel); 3557 if (err) 3558 goto out_unlock_mutex; 3559 dev = wl->current_dev; 3560 phy = &dev->phy; 3561 3562 b43_mac_suspend(dev); 3563 3564 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3565 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3566 conf->long_frame_max_tx_count); 3567 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3568 if (!changed) 3569 goto out_mac_enable; 3570 3571 /* Switch to the requested channel. 3572 * The firmware takes care of races with the TX handler. */ 3573 if (conf->channel->hw_value != phy->channel) 3574 b43_switch_channel(dev, conf->channel->hw_value); 3575 3576 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP); 3577 3578 /* Adjust the desired TX power level. */ 3579 if (conf->power_level != 0) { 3580 if (conf->power_level != phy->desired_txpower) { 3581 phy->desired_txpower = conf->power_level; 3582 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3583 B43_TXPWR_IGNORE_TSSI); 3584 } 3585 } 3586 3587 /* Antennas for RX and management frame TX. */ 3588 antenna = B43_ANTENNA_DEFAULT; 3589 b43_mgmtframe_txantenna(dev, antenna); 3590 antenna = B43_ANTENNA_DEFAULT; 3591 if (phy->ops->set_rx_antenna) 3592 phy->ops->set_rx_antenna(dev, antenna); 3593 3594 if (wl->radio_enabled != phy->radio_on) { 3595 if (wl->radio_enabled) { 3596 b43_software_rfkill(dev, false); 3597 b43info(dev->wl, "Radio turned on by software\n"); 3598 if (!dev->radio_hw_enable) { 3599 b43info(dev->wl, "The hardware RF-kill button " 3600 "still turns the radio physically off. " 3601 "Press the button to turn it on.\n"); 3602 } 3603 } else { 3604 b43_software_rfkill(dev, true); 3605 b43info(dev->wl, "Radio turned off by software\n"); 3606 } 3607 } 3608 3609out_mac_enable: 3610 b43_mac_enable(dev); 3611out_unlock_mutex: 3612 mutex_unlock(&wl->mutex); 3613 3614 return err; 3615} 3616 3617static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3618{ 3619 struct ieee80211_supported_band *sband = 3620 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3621 struct ieee80211_rate *rate; 3622 int i; 3623 u16 basic, direct, offset, basic_offset, rateptr; 3624 3625 for (i = 0; i < sband->n_bitrates; i++) { 3626 rate = &sband->bitrates[i]; 3627 3628 if (b43_is_cck_rate(rate->hw_value)) { 3629 direct = B43_SHM_SH_CCKDIRECT; 3630 basic = B43_SHM_SH_CCKBASIC; 3631 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3632 offset &= 0xF; 3633 } else { 3634 direct = B43_SHM_SH_OFDMDIRECT; 3635 basic = B43_SHM_SH_OFDMBASIC; 3636 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3637 offset &= 0xF; 3638 } 3639 3640 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3641 3642 if (b43_is_cck_rate(rate->hw_value)) { 3643 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3644 basic_offset &= 0xF; 3645 } else { 3646 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3647 basic_offset &= 0xF; 3648 } 3649 3650 /* 3651 * Get the pointer that we need to point to 3652 * from the direct map 3653 */ 3654 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3655 direct + 2 * basic_offset); 3656 /* and write it to the basic map */ 3657 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3658 rateptr); 3659 } 3660} 3661 3662static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3663 struct ieee80211_vif *vif, 3664 struct ieee80211_bss_conf *conf, 3665 u32 changed) 3666{ 3667 struct b43_wl *wl = hw_to_b43_wl(hw); 3668 struct b43_wldev *dev; 3669 3670 mutex_lock(&wl->mutex); 3671 3672 dev = wl->current_dev; 3673 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3674 goto out_unlock_mutex; 3675 3676 B43_WARN_ON(wl->vif != vif); 3677 3678 if (changed & BSS_CHANGED_BSSID) { 3679 if (conf->bssid) 3680 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3681 else 3682 memset(wl->bssid, 0, ETH_ALEN); 3683 } 3684 3685 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3686 if (changed & BSS_CHANGED_BEACON && 3687 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3688 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3689 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3690 b43_update_templates(wl); 3691 3692 if (changed & BSS_CHANGED_BSSID) 3693 b43_write_mac_bssid_templates(dev); 3694 } 3695 3696 b43_mac_suspend(dev); 3697 3698 /* Update templates for AP/mesh mode. */ 3699 if (changed & BSS_CHANGED_BEACON_INT && 3700 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3701 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3702 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3703 b43_set_beacon_int(dev, conf->beacon_int); 3704 3705 if (changed & BSS_CHANGED_BASIC_RATES) 3706 b43_update_basic_rates(dev, conf->basic_rates); 3707 3708 if (changed & BSS_CHANGED_ERP_SLOT) { 3709 if (conf->use_short_slot) 3710 b43_short_slot_timing_enable(dev); 3711 else 3712 b43_short_slot_timing_disable(dev); 3713 } 3714 3715 b43_mac_enable(dev); 3716out_unlock_mutex: 3717 mutex_unlock(&wl->mutex); 3718} 3719 3720static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3721 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3722 struct ieee80211_key_conf *key) 3723{ 3724 struct b43_wl *wl = hw_to_b43_wl(hw); 3725 struct b43_wldev *dev; 3726 u8 algorithm; 3727 u8 index; 3728 int err; 3729 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3730 3731 if (modparam_nohwcrypt) 3732 return -ENOSPC; /* User disabled HW-crypto */ 3733 3734 mutex_lock(&wl->mutex); 3735 3736 dev = wl->current_dev; 3737 err = -ENODEV; 3738 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3739 goto out_unlock; 3740 3741 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3742 /* We don't have firmware for the crypto engine. 3743 * Must use software-crypto. */ 3744 err = -EOPNOTSUPP; 3745 goto out_unlock; 3746 } 3747 3748 err = -EINVAL; 3749 switch (key->alg) { 3750 case ALG_WEP: 3751 if (key->keylen == WLAN_KEY_LEN_WEP40) 3752 algorithm = B43_SEC_ALGO_WEP40; 3753 else 3754 algorithm = B43_SEC_ALGO_WEP104; 3755 break; 3756 case ALG_TKIP: 3757 algorithm = B43_SEC_ALGO_TKIP; 3758 break; 3759 case ALG_CCMP: 3760 algorithm = B43_SEC_ALGO_AES; 3761 break; 3762 default: 3763 B43_WARN_ON(1); 3764 goto out_unlock; 3765 } 3766 index = (u8) (key->keyidx); 3767 if (index > 3) 3768 goto out_unlock; 3769 3770 switch (cmd) { 3771 case SET_KEY: 3772 if (algorithm == B43_SEC_ALGO_TKIP && 3773 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3774 !modparam_hwtkip)) { 3775 /* We support only pairwise key */ 3776 err = -EOPNOTSUPP; 3777 goto out_unlock; 3778 } 3779 3780 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3781 if (WARN_ON(!sta)) { 3782 err = -EOPNOTSUPP; 3783 goto out_unlock; 3784 } 3785 /* Pairwise key with an assigned MAC address. */ 3786 err = b43_key_write(dev, -1, algorithm, 3787 key->key, key->keylen, 3788 sta->addr, key); 3789 } else { 3790 /* Group key */ 3791 err = b43_key_write(dev, index, algorithm, 3792 key->key, key->keylen, NULL, key); 3793 } 3794 if (err) 3795 goto out_unlock; 3796 3797 if (algorithm == B43_SEC_ALGO_WEP40 || 3798 algorithm == B43_SEC_ALGO_WEP104) { 3799 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3800 } else { 3801 b43_hf_write(dev, 3802 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3803 } 3804 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3805 if (algorithm == B43_SEC_ALGO_TKIP) 3806 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3807 break; 3808 case DISABLE_KEY: { 3809 err = b43_key_clear(dev, key->hw_key_idx); 3810 if (err) 3811 goto out_unlock; 3812 break; 3813 } 3814 default: 3815 B43_WARN_ON(1); 3816 } 3817 3818out_unlock: 3819 if (!err) { 3820 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3821 "mac: %pM\n", 3822 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3823 sta ? sta->addr : bcast_addr); 3824 b43_dump_keymemory(dev); 3825 } 3826 mutex_unlock(&wl->mutex); 3827 3828 return err; 3829} 3830 3831static void b43_op_configure_filter(struct ieee80211_hw *hw, 3832 unsigned int changed, unsigned int *fflags, 3833 u64 multicast) 3834{ 3835 struct b43_wl *wl = hw_to_b43_wl(hw); 3836 struct b43_wldev *dev; 3837 3838 mutex_lock(&wl->mutex); 3839 dev = wl->current_dev; 3840 if (!dev) { 3841 *fflags = 0; 3842 goto out_unlock; 3843 } 3844 3845 *fflags &= FIF_PROMISC_IN_BSS | 3846 FIF_ALLMULTI | 3847 FIF_FCSFAIL | 3848 FIF_PLCPFAIL | 3849 FIF_CONTROL | 3850 FIF_OTHER_BSS | 3851 FIF_BCN_PRBRESP_PROMISC; 3852 3853 changed &= FIF_PROMISC_IN_BSS | 3854 FIF_ALLMULTI | 3855 FIF_FCSFAIL | 3856 FIF_PLCPFAIL | 3857 FIF_CONTROL | 3858 FIF_OTHER_BSS | 3859 FIF_BCN_PRBRESP_PROMISC; 3860 3861 wl->filter_flags = *fflags; 3862 3863 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3864 b43_adjust_opmode(dev); 3865 3866out_unlock: 3867 mutex_unlock(&wl->mutex); 3868} 3869 3870/* Locking: wl->mutex 3871 * Returns the current dev. This might be different from the passed in dev, 3872 * because the core might be gone away while we unlocked the mutex. */ 3873static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3874{ 3875 struct b43_wl *wl = dev->wl; 3876 struct b43_wldev *orig_dev; 3877 u32 mask; 3878 3879redo: 3880 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3881 return dev; 3882 3883 /* Cancel work. Unlock to avoid deadlocks. */ 3884 mutex_unlock(&wl->mutex); 3885 cancel_delayed_work_sync(&dev->periodic_work); 3886 cancel_work_sync(&wl->tx_work); 3887 mutex_lock(&wl->mutex); 3888 dev = wl->current_dev; 3889 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3890 /* Whoops, aliens ate up the device while we were unlocked. */ 3891 return dev; 3892 } 3893 3894 /* Disable interrupts on the device. */ 3895 b43_set_status(dev, B43_STAT_INITIALIZED); 3896 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3897 /* wl->mutex is locked. That is enough. */ 3898 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3899 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3900 } else { 3901 spin_lock_irq(&wl->hardirq_lock); 3902 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3903 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3904 spin_unlock_irq(&wl->hardirq_lock); 3905 } 3906 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3907 orig_dev = dev; 3908 mutex_unlock(&wl->mutex); 3909 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3910 b43_sdio_free_irq(dev); 3911 } else { 3912 synchronize_irq(dev->dev->irq); 3913 free_irq(dev->dev->irq, dev); 3914 } 3915 mutex_lock(&wl->mutex); 3916 dev = wl->current_dev; 3917 if (!dev) 3918 return dev; 3919 if (dev != orig_dev) { 3920 if (b43_status(dev) >= B43_STAT_STARTED) 3921 goto redo; 3922 return dev; 3923 } 3924 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 3925 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 3926 3927 /* Drain the TX queue */ 3928 while (skb_queue_len(&wl->tx_queue)) 3929 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 3930 3931 b43_mac_suspend(dev); 3932 b43_leds_exit(dev); 3933 b43dbg(wl, "Wireless interface stopped\n"); 3934 3935 return dev; 3936} 3937 3938/* Locking: wl->mutex */ 3939static int b43_wireless_core_start(struct b43_wldev *dev) 3940{ 3941 int err; 3942 3943 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 3944 3945 drain_txstatus_queue(dev); 3946 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) { 3947 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 3948 if (err) { 3949 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 3950 goto out; 3951 } 3952 } else { 3953 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 3954 b43_interrupt_thread_handler, 3955 IRQF_SHARED, KBUILD_MODNAME, dev); 3956 if (err) { 3957 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq); 3958 goto out; 3959 } 3960 } 3961 3962 /* We are ready to run. */ 3963 b43_set_status(dev, B43_STAT_STARTED); 3964 3965 /* Start data flow (TX/RX). */ 3966 b43_mac_enable(dev); 3967 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 3968 3969 /* Start maintainance work */ 3970 b43_periodic_tasks_setup(dev); 3971 3972 b43_leds_init(dev); 3973 3974 b43dbg(dev->wl, "Wireless interface started\n"); 3975out: 3976 return err; 3977} 3978 3979/* Get PHY and RADIO versioning numbers */ 3980static int b43_phy_versioning(struct b43_wldev *dev) 3981{ 3982 struct b43_phy *phy = &dev->phy; 3983 u32 tmp; 3984 u8 analog_type; 3985 u8 phy_type; 3986 u8 phy_rev; 3987 u16 radio_manuf; 3988 u16 radio_ver; 3989 u16 radio_rev; 3990 int unsupported = 0; 3991 3992 /* Get PHY versioning */ 3993 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 3994 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 3995 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 3996 phy_rev = (tmp & B43_PHYVER_VERSION); 3997 switch (phy_type) { 3998 case B43_PHYTYPE_A: 3999 if (phy_rev >= 4) 4000 unsupported = 1; 4001 break; 4002 case B43_PHYTYPE_B: 4003 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4004 && phy_rev != 7) 4005 unsupported = 1; 4006 break; 4007 case B43_PHYTYPE_G: 4008 if (phy_rev > 9) 4009 unsupported = 1; 4010 break; 4011#ifdef CONFIG_B43_NPHY 4012 case B43_PHYTYPE_N: 4013 if (phy_rev > 4) 4014 unsupported = 1; 4015 break; 4016#endif 4017#ifdef CONFIG_B43_PHY_LP 4018 case B43_PHYTYPE_LP: 4019 if (phy_rev > 2) 4020 unsupported = 1; 4021 break; 4022#endif 4023 default: 4024 unsupported = 1; 4025 }; 4026 if (unsupported) { 4027 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4028 "(Analog %u, Type %u, Revision %u)\n", 4029 analog_type, phy_type, phy_rev); 4030 return -EOPNOTSUPP; 4031 } 4032 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4033 analog_type, phy_type, phy_rev); 4034 4035 /* Get RADIO versioning */ 4036 if (dev->dev->bus->chip_id == 0x4317) { 4037 if (dev->dev->bus->chip_rev == 0) 4038 tmp = 0x3205017F; 4039 else if (dev->dev->bus->chip_rev == 1) 4040 tmp = 0x4205017F; 4041 else 4042 tmp = 0x5205017F; 4043 } else { 4044 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4045 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4046 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4047 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4048 } 4049 radio_manuf = (tmp & 0x00000FFF); 4050 radio_ver = (tmp & 0x0FFFF000) >> 12; 4051 radio_rev = (tmp & 0xF0000000) >> 28; 4052 if (radio_manuf != 0x17F /* Broadcom */) 4053 unsupported = 1; 4054 switch (phy_type) { 4055 case B43_PHYTYPE_A: 4056 if (radio_ver != 0x2060) 4057 unsupported = 1; 4058 if (radio_rev != 1) 4059 unsupported = 1; 4060 if (radio_manuf != 0x17F) 4061 unsupported = 1; 4062 break; 4063 case B43_PHYTYPE_B: 4064 if ((radio_ver & 0xFFF0) != 0x2050) 4065 unsupported = 1; 4066 break; 4067 case B43_PHYTYPE_G: 4068 if (radio_ver != 0x2050) 4069 unsupported = 1; 4070 break; 4071 case B43_PHYTYPE_N: 4072 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4073 unsupported = 1; 4074 break; 4075 case B43_PHYTYPE_LP: 4076 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4077 unsupported = 1; 4078 break; 4079 default: 4080 B43_WARN_ON(1); 4081 } 4082 if (unsupported) { 4083 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4084 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4085 radio_manuf, radio_ver, radio_rev); 4086 return -EOPNOTSUPP; 4087 } 4088 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4089 radio_manuf, radio_ver, radio_rev); 4090 4091 phy->radio_manuf = radio_manuf; 4092 phy->radio_ver = radio_ver; 4093 phy->radio_rev = radio_rev; 4094 4095 phy->analog = analog_type; 4096 phy->type = phy_type; 4097 phy->rev = phy_rev; 4098 4099 return 0; 4100} 4101 4102static void setup_struct_phy_for_init(struct b43_wldev *dev, 4103 struct b43_phy *phy) 4104{ 4105 phy->hardware_power_control = !!modparam_hwpctl; 4106 phy->next_txpwr_check_time = jiffies; 4107 /* PHY TX errors counter. */ 4108 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4109 4110#if B43_DEBUG 4111 phy->phy_locked = 0; 4112 phy->radio_locked = 0; 4113#endif 4114} 4115 4116static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4117{ 4118 dev->dfq_valid = 0; 4119 4120 /* Assume the radio is enabled. If it's not enabled, the state will 4121 * immediately get fixed on the first periodic work run. */ 4122 dev->radio_hw_enable = 1; 4123 4124 /* Stats */ 4125 memset(&dev->stats, 0, sizeof(dev->stats)); 4126 4127 setup_struct_phy_for_init(dev, &dev->phy); 4128 4129 /* IRQ related flags */ 4130 dev->irq_reason = 0; 4131 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4132 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4133 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4134 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4135 4136 dev->mac_suspended = 1; 4137 4138 /* Noise calculation context */ 4139 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4140} 4141 4142static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4143{ 4144 struct ssb_sprom *sprom = &dev->dev->bus->sprom; 4145 u64 hf; 4146 4147 if (!modparam_btcoex) 4148 return; 4149 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4150 return; 4151 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4152 return; 4153 4154 hf = b43_hf_read(dev); 4155 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4156 hf |= B43_HF_BTCOEXALT; 4157 else 4158 hf |= B43_HF_BTCOEX; 4159 b43_hf_write(dev, hf); 4160} 4161 4162static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4163{ 4164 if (!modparam_btcoex) 4165 return; 4166 //TODO 4167} 4168 4169static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4170{ 4171#ifdef CONFIG_SSB_DRIVER_PCICORE 4172 struct ssb_bus *bus = dev->dev->bus; 4173 u32 tmp; 4174 4175 if (bus->pcicore.dev && 4176 bus->pcicore.dev->id.coreid == SSB_DEV_PCI && 4177 bus->pcicore.dev->id.revision <= 5) { 4178 /* IMCFGLO timeouts workaround. */ 4179 tmp = ssb_read32(dev->dev, SSB_IMCFGLO); 4180 switch (bus->bustype) { 4181 case SSB_BUSTYPE_PCI: 4182 case SSB_BUSTYPE_PCMCIA: 4183 tmp &= ~SSB_IMCFGLO_REQTO; 4184 tmp &= ~SSB_IMCFGLO_SERTO; 4185 tmp |= 0x32; 4186 break; 4187 case SSB_BUSTYPE_SSB: 4188 tmp &= ~SSB_IMCFGLO_REQTO; 4189 tmp &= ~SSB_IMCFGLO_SERTO; 4190 tmp |= 0x53; 4191 break; 4192 default: 4193 break; 4194 } 4195 ssb_write32(dev->dev, SSB_IMCFGLO, tmp); 4196 } 4197#endif /* CONFIG_SSB_DRIVER_PCICORE */ 4198} 4199 4200static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4201{ 4202 u16 pu_delay; 4203 4204 /* The time value is in microseconds. */ 4205 if (dev->phy.type == B43_PHYTYPE_A) 4206 pu_delay = 3700; 4207 else 4208 pu_delay = 1050; 4209 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4210 pu_delay = 500; 4211 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4212 pu_delay = max(pu_delay, (u16)2400); 4213 4214 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4215} 4216 4217/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4218static void b43_set_pretbtt(struct b43_wldev *dev) 4219{ 4220 u16 pretbtt; 4221 4222 /* The time value is in microseconds. */ 4223 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4224 pretbtt = 2; 4225 } else { 4226 if (dev->phy.type == B43_PHYTYPE_A) 4227 pretbtt = 120; 4228 else 4229 pretbtt = 250; 4230 } 4231 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4232 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4233} 4234 4235/* Shutdown a wireless core */ 4236/* Locking: wl->mutex */ 4237static void b43_wireless_core_exit(struct b43_wldev *dev) 4238{ 4239 u32 macctl; 4240 4241 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4242 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4243 return; 4244 b43_set_status(dev, B43_STAT_UNINIT); 4245 4246 /* Stop the microcode PSM. */ 4247 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4248 macctl &= ~B43_MACCTL_PSM_RUN; 4249 macctl |= B43_MACCTL_PSM_JMP0; 4250 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4251 4252 b43_dma_free(dev); 4253 b43_pio_free(dev); 4254 b43_chip_exit(dev); 4255 dev->phy.ops->switch_analog(dev, 0); 4256 if (dev->wl->current_beacon) { 4257 dev_kfree_skb_any(dev->wl->current_beacon); 4258 dev->wl->current_beacon = NULL; 4259 } 4260 4261 ssb_device_disable(dev->dev, 0); 4262 ssb_bus_may_powerdown(dev->dev->bus); 4263} 4264 4265/* Initialize a wireless core */ 4266static int b43_wireless_core_init(struct b43_wldev *dev) 4267{ 4268 struct ssb_bus *bus = dev->dev->bus; 4269 struct ssb_sprom *sprom = &bus->sprom; 4270 struct b43_phy *phy = &dev->phy; 4271 int err; 4272 u64 hf; 4273 u32 tmp; 4274 4275 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4276 4277 err = ssb_bus_powerup(bus, 0); 4278 if (err) 4279 goto out; 4280 if (!ssb_device_is_enabled(dev->dev)) { 4281 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0; 4282 b43_wireless_core_reset(dev, tmp); 4283 } 4284 4285 /* Reset all data structures. */ 4286 setup_struct_wldev_for_init(dev); 4287 phy->ops->prepare_structs(dev); 4288 4289 /* Enable IRQ routing to this device. */ 4290 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev); 4291 4292 b43_imcfglo_timeouts_workaround(dev); 4293 b43_bluetooth_coext_disable(dev); 4294 if (phy->ops->prepare_hardware) { 4295 err = phy->ops->prepare_hardware(dev); 4296 if (err) 4297 goto err_busdown; 4298 } 4299 err = b43_chip_init(dev); 4300 if (err) 4301 goto err_busdown; 4302 b43_shm_write16(dev, B43_SHM_SHARED, 4303 B43_SHM_SH_WLCOREREV, dev->dev->id.revision); 4304 hf = b43_hf_read(dev); 4305 if (phy->type == B43_PHYTYPE_G) { 4306 hf |= B43_HF_SYMW; 4307 if (phy->rev == 1) 4308 hf |= B43_HF_GDCW; 4309 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4310 hf |= B43_HF_OFDMPABOOST; 4311 } 4312 if (phy->radio_ver == 0x2050) { 4313 if (phy->radio_rev == 6) 4314 hf |= B43_HF_4318TSSI; 4315 if (phy->radio_rev < 6) 4316 hf |= B43_HF_VCORECALC; 4317 } 4318 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4319 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4320#ifdef CONFIG_SSB_DRIVER_PCICORE 4321 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4322 (bus->pcicore.dev->id.revision <= 10)) 4323 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4324#endif 4325 hf &= ~B43_HF_SKCFPUP; 4326 b43_hf_write(dev, hf); 4327 4328 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4329 B43_DEFAULT_LONG_RETRY_LIMIT); 4330 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4331 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4332 4333 /* Disable sending probe responses from firmware. 4334 * Setting the MaxTime to one usec will always trigger 4335 * a timeout, so we never send any probe resp. 4336 * A timeout of zero is infinite. */ 4337 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4338 4339 b43_rate_memory_init(dev); 4340 b43_set_phytxctl_defaults(dev); 4341 4342 /* Minimum Contention Window */ 4343 if (phy->type == B43_PHYTYPE_B) { 4344 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4345 } else { 4346 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4347 } 4348 /* Maximum Contention Window */ 4349 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4350 4351 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || 4352 (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) || 4353 B43_FORCE_PIO) { 4354 dev->__using_pio_transfers = 1; 4355 err = b43_pio_init(dev); 4356 } else { 4357 dev->__using_pio_transfers = 0; 4358 err = b43_dma_init(dev); 4359 } 4360 if (err) 4361 goto err_chip_exit; 4362 b43_qos_init(dev); 4363 b43_set_synth_pu_delay(dev, 1); 4364 b43_bluetooth_coext_enable(dev); 4365 4366 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4367 b43_upload_card_macaddress(dev); 4368 b43_security_init(dev); 4369 4370 ieee80211_wake_queues(dev->wl->hw); 4371 4372 ieee80211_wake_queues(dev->wl->hw); 4373 4374 b43_set_status(dev, B43_STAT_INITIALIZED); 4375 4376out: 4377 return err; 4378 4379err_chip_exit: 4380 b43_chip_exit(dev); 4381err_busdown: 4382 ssb_bus_may_powerdown(bus); 4383 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4384 return err; 4385} 4386 4387static int b43_op_add_interface(struct ieee80211_hw *hw, 4388 struct ieee80211_if_init_conf *conf) 4389{ 4390 struct b43_wl *wl = hw_to_b43_wl(hw); 4391 struct b43_wldev *dev; 4392 int err = -EOPNOTSUPP; 4393 4394 /* TODO: allow WDS/AP devices to coexist */ 4395 4396 if (conf->type != NL80211_IFTYPE_AP && 4397 conf->type != NL80211_IFTYPE_MESH_POINT && 4398 conf->type != NL80211_IFTYPE_STATION && 4399 conf->type != NL80211_IFTYPE_WDS && 4400 conf->type != NL80211_IFTYPE_ADHOC) 4401 return -EOPNOTSUPP; 4402 4403 mutex_lock(&wl->mutex); 4404 if (wl->operating) 4405 goto out_mutex_unlock; 4406 4407 b43dbg(wl, "Adding Interface type %d\n", conf->type); 4408 4409 dev = wl->current_dev; 4410 wl->operating = 1; 4411 wl->vif = conf->vif; 4412 wl->if_type = conf->type; 4413 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN); 4414 4415 b43_adjust_opmode(dev); 4416 b43_set_pretbtt(dev); 4417 b43_set_synth_pu_delay(dev, 0); 4418 b43_upload_card_macaddress(dev); 4419 4420 err = 0; 4421 out_mutex_unlock: 4422 mutex_unlock(&wl->mutex); 4423 4424 return err; 4425} 4426 4427static void b43_op_remove_interface(struct ieee80211_hw *hw, 4428 struct ieee80211_if_init_conf *conf) 4429{ 4430 struct b43_wl *wl = hw_to_b43_wl(hw); 4431 struct b43_wldev *dev = wl->current_dev; 4432 4433 b43dbg(wl, "Removing Interface type %d\n", conf->type); 4434 4435 mutex_lock(&wl->mutex); 4436 4437 B43_WARN_ON(!wl->operating); 4438 B43_WARN_ON(wl->vif != conf->vif); 4439 wl->vif = NULL; 4440 4441 wl->operating = 0; 4442 4443 b43_adjust_opmode(dev); 4444 memset(wl->mac_addr, 0, ETH_ALEN); 4445 b43_upload_card_macaddress(dev); 4446 4447 mutex_unlock(&wl->mutex); 4448} 4449 4450static int b43_op_start(struct ieee80211_hw *hw) 4451{ 4452 struct b43_wl *wl = hw_to_b43_wl(hw); 4453 struct b43_wldev *dev = wl->current_dev; 4454 int did_init = 0; 4455 int err = 0; 4456 4457 /* Kill all old instance specific information to make sure 4458 * the card won't use it in the short timeframe between start 4459 * and mac80211 reconfiguring it. */ 4460 memset(wl->bssid, 0, ETH_ALEN); 4461 memset(wl->mac_addr, 0, ETH_ALEN); 4462 wl->filter_flags = 0; 4463 wl->radiotap_enabled = 0; 4464 b43_qos_clear(wl); 4465 wl->beacon0_uploaded = 0; 4466 wl->beacon1_uploaded = 0; 4467 wl->beacon_templates_virgin = 1; 4468 wl->radio_enabled = 1; 4469 4470 mutex_lock(&wl->mutex); 4471 4472 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4473 err = b43_wireless_core_init(dev); 4474 if (err) 4475 goto out_mutex_unlock; 4476 did_init = 1; 4477 } 4478 4479 if (b43_status(dev) < B43_STAT_STARTED) { 4480 err = b43_wireless_core_start(dev); 4481 if (err) { 4482 if (did_init) 4483 b43_wireless_core_exit(dev); 4484 goto out_mutex_unlock; 4485 } 4486 } 4487 4488 /* XXX: only do if device doesn't support rfkill irq */ 4489 wiphy_rfkill_start_polling(hw->wiphy); 4490 4491 out_mutex_unlock: 4492 mutex_unlock(&wl->mutex); 4493 4494 return err; 4495} 4496 4497static void b43_op_stop(struct ieee80211_hw *hw) 4498{ 4499 struct b43_wl *wl = hw_to_b43_wl(hw); 4500 struct b43_wldev *dev = wl->current_dev; 4501 4502 cancel_work_sync(&(wl->beacon_update_trigger)); 4503 4504 mutex_lock(&wl->mutex); 4505 if (b43_status(dev) >= B43_STAT_STARTED) { 4506 dev = b43_wireless_core_stop(dev); 4507 if (!dev) 4508 goto out_unlock; 4509 } 4510 b43_wireless_core_exit(dev); 4511 wl->radio_enabled = 0; 4512 4513out_unlock: 4514 mutex_unlock(&wl->mutex); 4515 4516 cancel_work_sync(&(wl->txpower_adjust_work)); 4517} 4518 4519static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4520 struct ieee80211_sta *sta, bool set) 4521{ 4522 struct b43_wl *wl = hw_to_b43_wl(hw); 4523 4524 /* FIXME: add locking */ 4525 b43_update_templates(wl); 4526 4527 return 0; 4528} 4529 4530static void b43_op_sta_notify(struct ieee80211_hw *hw, 4531 struct ieee80211_vif *vif, 4532 enum sta_notify_cmd notify_cmd, 4533 struct ieee80211_sta *sta) 4534{ 4535 struct b43_wl *wl = hw_to_b43_wl(hw); 4536 4537 B43_WARN_ON(!vif || wl->vif != vif); 4538} 4539 4540static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4541{ 4542 struct b43_wl *wl = hw_to_b43_wl(hw); 4543 struct b43_wldev *dev; 4544 4545 mutex_lock(&wl->mutex); 4546 dev = wl->current_dev; 4547 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4548 /* Disable CFP update during scan on other channels. */ 4549 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4550 } 4551 mutex_unlock(&wl->mutex); 4552} 4553 4554static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4555{ 4556 struct b43_wl *wl = hw_to_b43_wl(hw); 4557 struct b43_wldev *dev; 4558 4559 mutex_lock(&wl->mutex); 4560 dev = wl->current_dev; 4561 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4562 /* Re-enable CFP update. */ 4563 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4564 } 4565 mutex_unlock(&wl->mutex); 4566} 4567 4568static const struct ieee80211_ops b43_hw_ops = { 4569 .tx = b43_op_tx, 4570 .conf_tx = b43_op_conf_tx, 4571 .add_interface = b43_op_add_interface, 4572 .remove_interface = b43_op_remove_interface, 4573 .config = b43_op_config, 4574 .bss_info_changed = b43_op_bss_info_changed, 4575 .configure_filter = b43_op_configure_filter, 4576 .set_key = b43_op_set_key, 4577 .update_tkip_key = b43_op_update_tkip_key, 4578 .get_stats = b43_op_get_stats, 4579 .get_tx_stats = b43_op_get_tx_stats, 4580 .get_tsf = b43_op_get_tsf, 4581 .set_tsf = b43_op_set_tsf, 4582 .start = b43_op_start, 4583 .stop = b43_op_stop, 4584 .set_tim = b43_op_beacon_set_tim, 4585 .sta_notify = b43_op_sta_notify, 4586 .sw_scan_start = b43_op_sw_scan_start_notifier, 4587 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4588 .rfkill_poll = b43_rfkill_poll, 4589}; 4590 4591/* Hard-reset the chip. Do not call this directly. 4592 * Use b43_controller_restart() 4593 */ 4594static void b43_chip_reset(struct work_struct *work) 4595{ 4596 struct b43_wldev *dev = 4597 container_of(work, struct b43_wldev, restart_work); 4598 struct b43_wl *wl = dev->wl; 4599 int err = 0; 4600 int prev_status; 4601 4602 mutex_lock(&wl->mutex); 4603 4604 prev_status = b43_status(dev); 4605 /* Bring the device down... */ 4606 if (prev_status >= B43_STAT_STARTED) { 4607 dev = b43_wireless_core_stop(dev); 4608 if (!dev) { 4609 err = -ENODEV; 4610 goto out; 4611 } 4612 } 4613 if (prev_status >= B43_STAT_INITIALIZED) 4614 b43_wireless_core_exit(dev); 4615 4616 /* ...and up again. */ 4617 if (prev_status >= B43_STAT_INITIALIZED) { 4618 err = b43_wireless_core_init(dev); 4619 if (err) 4620 goto out; 4621 } 4622 if (prev_status >= B43_STAT_STARTED) { 4623 err = b43_wireless_core_start(dev); 4624 if (err) { 4625 b43_wireless_core_exit(dev); 4626 goto out; 4627 } 4628 } 4629out: 4630 if (err) 4631 wl->current_dev = NULL; /* Failed to init the dev. */ 4632 mutex_unlock(&wl->mutex); 4633 if (err) 4634 b43err(wl, "Controller restart FAILED\n"); 4635 else 4636 b43info(wl, "Controller restarted\n"); 4637} 4638 4639static int b43_setup_bands(struct b43_wldev *dev, 4640 bool have_2ghz_phy, bool have_5ghz_phy) 4641{ 4642 struct ieee80211_hw *hw = dev->wl->hw; 4643 4644 if (have_2ghz_phy) 4645 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4646 if (dev->phy.type == B43_PHYTYPE_N) { 4647 if (have_5ghz_phy) 4648 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4649 } else { 4650 if (have_5ghz_phy) 4651 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4652 } 4653 4654 dev->phy.supports_2ghz = have_2ghz_phy; 4655 dev->phy.supports_5ghz = have_5ghz_phy; 4656 4657 return 0; 4658} 4659 4660static void b43_wireless_core_detach(struct b43_wldev *dev) 4661{ 4662 /* We release firmware that late to not be required to re-request 4663 * is all the time when we reinit the core. */ 4664 b43_release_firmware(dev); 4665 b43_phy_free(dev); 4666} 4667 4668static int b43_wireless_core_attach(struct b43_wldev *dev) 4669{ 4670 struct b43_wl *wl = dev->wl; 4671 struct ssb_bus *bus = dev->dev->bus; 4672 struct pci_dev *pdev = bus->host_pci; 4673 int err; 4674 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4675 u32 tmp; 4676 4677 /* Do NOT do any device initialization here. 4678 * Do it in wireless_core_init() instead. 4679 * This function is for gathering basic information about the HW, only. 4680 * Also some structs may be set up here. But most likely you want to have 4681 * that in core_init(), too. 4682 */ 4683 4684 err = ssb_bus_powerup(bus, 0); 4685 if (err) { 4686 b43err(wl, "Bus powerup failed\n"); 4687 goto out; 4688 } 4689 /* Get the PHY type. */ 4690 if (dev->dev->id.revision >= 5) { 4691 u32 tmshigh; 4692 4693 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH); 4694 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4695 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4696 } else 4697 B43_WARN_ON(1); 4698 4699 dev->phy.gmode = have_2ghz_phy; 4700 dev->phy.radio_on = 1; 4701 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4702 b43_wireless_core_reset(dev, tmp); 4703 4704 err = b43_phy_versioning(dev); 4705 if (err) 4706 goto err_powerdown; 4707 /* Check if this device supports multiband. */ 4708 if (!pdev || 4709 (pdev->device != 0x4312 && 4710 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4711 /* No multiband support. */ 4712 have_2ghz_phy = 0; 4713 have_5ghz_phy = 0; 4714 switch (dev->phy.type) { 4715 case B43_PHYTYPE_A: 4716 have_5ghz_phy = 1; 4717 break; 4718 case B43_PHYTYPE_LP: //FIXME not always! 4719#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4720 have_5ghz_phy = 1; 4721#endif 4722 case B43_PHYTYPE_G: 4723 case B43_PHYTYPE_N: 4724 have_2ghz_phy = 1; 4725 break; 4726 default: 4727 B43_WARN_ON(1); 4728 } 4729 } 4730 if (dev->phy.type == B43_PHYTYPE_A) { 4731 /* FIXME */ 4732 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4733 err = -EOPNOTSUPP; 4734 goto err_powerdown; 4735 } 4736 if (1 /* disable A-PHY */) { 4737 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4738 if (dev->phy.type != B43_PHYTYPE_N && 4739 dev->phy.type != B43_PHYTYPE_LP) { 4740 have_2ghz_phy = 1; 4741 have_5ghz_phy = 0; 4742 } 4743 } 4744 4745 err = b43_phy_allocate(dev); 4746 if (err) 4747 goto err_powerdown; 4748 4749 dev->phy.gmode = have_2ghz_phy; 4750 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0; 4751 b43_wireless_core_reset(dev, tmp); 4752 4753 err = b43_validate_chipaccess(dev); 4754 if (err) 4755 goto err_phy_free; 4756 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4757 if (err) 4758 goto err_phy_free; 4759 4760 /* Now set some default "current_dev" */ 4761 if (!wl->current_dev) 4762 wl->current_dev = dev; 4763 INIT_WORK(&dev->restart_work, b43_chip_reset); 4764 4765 dev->phy.ops->switch_analog(dev, 0); 4766 ssb_device_disable(dev->dev, 0); 4767 ssb_bus_may_powerdown(bus); 4768 4769out: 4770 return err; 4771 4772err_phy_free: 4773 b43_phy_free(dev); 4774err_powerdown: 4775 ssb_bus_may_powerdown(bus); 4776 return err; 4777} 4778 4779static void b43_one_core_detach(struct ssb_device *dev) 4780{ 4781 struct b43_wldev *wldev; 4782 struct b43_wl *wl; 4783 4784 /* Do not cancel ieee80211-workqueue based work here. 4785 * See comment in b43_remove(). */ 4786 4787 wldev = ssb_get_drvdata(dev); 4788 wl = wldev->wl; 4789 b43_debugfs_remove_device(wldev); 4790 b43_wireless_core_detach(wldev); 4791 list_del(&wldev->list); 4792 wl->nr_devs--; 4793 ssb_set_drvdata(dev, NULL); 4794 kfree(wldev); 4795} 4796 4797static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl) 4798{ 4799 struct b43_wldev *wldev; 4800 struct pci_dev *pdev; 4801 int err = -ENOMEM; 4802 4803 if (!list_empty(&wl->devlist)) { 4804 /* We are not the first core on this chip. */ 4805 pdev = dev->bus->host_pci; 4806 /* Only special chips support more than one wireless 4807 * core, although some of the other chips have more than 4808 * one wireless core as well. Check for this and 4809 * bail out early. 4810 */ 4811 if (!pdev || 4812 ((pdev->device != 0x4321) && 4813 (pdev->device != 0x4313) && (pdev->device != 0x431A))) { 4814 b43dbg(wl, "Ignoring unconnected 802.11 core\n"); 4815 return -ENODEV; 4816 } 4817 } 4818 4819 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4820 if (!wldev) 4821 goto out; 4822 4823 wldev->dev = dev; 4824 wldev->wl = wl; 4825 b43_set_status(wldev, B43_STAT_UNINIT); 4826 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4827 INIT_LIST_HEAD(&wldev->list); 4828 4829 err = b43_wireless_core_attach(wldev); 4830 if (err) 4831 goto err_kfree_wldev; 4832 4833 list_add(&wldev->list, &wl->devlist); 4834 wl->nr_devs++; 4835 ssb_set_drvdata(dev, wldev); 4836 b43_debugfs_add_device(wldev); 4837 4838 out: 4839 return err; 4840 4841 err_kfree_wldev: 4842 kfree(wldev); 4843 return err; 4844} 4845 4846#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4847 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4848 (pdev->device == _device) && \ 4849 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4850 (pdev->subsystem_device == _subdevice) ) 4851 4852static void b43_sprom_fixup(struct ssb_bus *bus) 4853{ 4854 struct pci_dev *pdev; 4855 4856 /* boardflags workarounds */ 4857 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4858 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4859 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4860 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4861 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4862 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4863 if (bus->bustype == SSB_BUSTYPE_PCI) { 4864 pdev = bus->host_pci; 4865 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4866 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4867 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4868 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4869 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4870 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4871 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4872 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4873 } 4874} 4875 4876static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl) 4877{ 4878 struct ieee80211_hw *hw = wl->hw; 4879 4880 ssb_set_devtypedata(dev, NULL); 4881 ieee80211_free_hw(hw); 4882} 4883 4884static int b43_wireless_init(struct ssb_device *dev) 4885{ 4886 struct ssb_sprom *sprom = &dev->bus->sprom; 4887 struct ieee80211_hw *hw; 4888 struct b43_wl *wl; 4889 int err = -ENOMEM; 4890 4891 b43_sprom_fixup(dev->bus); 4892 4893 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4894 if (!hw) { 4895 b43err(NULL, "Could not allocate ieee80211 device\n"); 4896 goto out; 4897 } 4898 wl = hw_to_b43_wl(hw); 4899 4900 /* fill hw info */ 4901 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4902 IEEE80211_HW_SIGNAL_DBM | 4903 IEEE80211_HW_NOISE_DBM; 4904 4905 hw->wiphy->interface_modes = 4906 BIT(NL80211_IFTYPE_AP) | 4907 BIT(NL80211_IFTYPE_MESH_POINT) | 4908 BIT(NL80211_IFTYPE_STATION) | 4909 BIT(NL80211_IFTYPE_WDS) | 4910 BIT(NL80211_IFTYPE_ADHOC); 4911 4912 hw->queues = modparam_qos ? 4 : 1; 4913 wl->mac80211_initially_registered_queues = hw->queues; 4914 hw->max_rates = 2; 4915 SET_IEEE80211_DEV(hw, dev->dev); 4916 if (is_valid_ether_addr(sprom->et1mac)) 4917 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4918 else 4919 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4920 4921 /* Initialize struct b43_wl */ 4922 wl->hw = hw; 4923 mutex_init(&wl->mutex); 4924 spin_lock_init(&wl->hardirq_lock); 4925 INIT_LIST_HEAD(&wl->devlist); 4926 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 4927 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 4928 INIT_WORK(&wl->tx_work, b43_tx_work); 4929 skb_queue_head_init(&wl->tx_queue); 4930 4931 ssb_set_devtypedata(dev, wl); 4932 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 4933 dev->bus->chip_id, dev->id.revision); 4934 err = 0; 4935out: 4936 return err; 4937} 4938 4939static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id) 4940{ 4941 struct b43_wl *wl; 4942 int err; 4943 int first = 0; 4944 4945 wl = ssb_get_devtypedata(dev); 4946 if (!wl) { 4947 /* Probing the first core. Must setup common struct b43_wl */ 4948 first = 1; 4949 err = b43_wireless_init(dev); 4950 if (err) 4951 goto out; 4952 wl = ssb_get_devtypedata(dev); 4953 B43_WARN_ON(!wl); 4954 } 4955 err = b43_one_core_attach(dev, wl); 4956 if (err) 4957 goto err_wireless_exit; 4958 4959 if (first) { 4960 err = ieee80211_register_hw(wl->hw); 4961 if (err) 4962 goto err_one_core_detach; 4963 b43_leds_register(wl->current_dev); 4964 b43_rng_init(wl); 4965 } 4966 4967 out: 4968 return err; 4969 4970 err_one_core_detach: 4971 b43_one_core_detach(dev); 4972 err_wireless_exit: 4973 if (first) 4974 b43_wireless_exit(dev, wl); 4975 return err; 4976} 4977 4978static void b43_remove(struct ssb_device *dev) 4979{ 4980 struct b43_wl *wl = ssb_get_devtypedata(dev); 4981 struct b43_wldev *wldev = ssb_get_drvdata(dev); 4982 4983 /* We must cancel any work here before unregistering from ieee80211, 4984 * as the ieee80211 unreg will destroy the workqueue. */ 4985 cancel_work_sync(&wldev->restart_work); 4986 4987 B43_WARN_ON(!wl); 4988 if (wl->current_dev == wldev) { 4989 /* Restore the queues count before unregistering, because firmware detect 4990 * might have modified it. Restoring is important, so the networking 4991 * stack can properly free resources. */ 4992 wl->hw->queues = wl->mac80211_initially_registered_queues; 4993 b43_leds_stop(wldev); 4994 ieee80211_unregister_hw(wl->hw); 4995 } 4996 4997 b43_one_core_detach(dev); 4998 4999 if (list_empty(&wl->devlist)) { 5000 b43_rng_exit(wl); 5001 b43_leds_unregister(wl); 5002 /* Last core on the chip unregistered. 5003 * We can destroy common struct b43_wl. 5004 */ 5005 b43_wireless_exit(dev, wl); 5006 } 5007} 5008 5009/* Perform a hardware reset. This can be called from any context. */ 5010void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5011{ 5012 /* Must avoid requeueing, if we are in shutdown. */ 5013 if (b43_status(dev) < B43_STAT_INITIALIZED) 5014 return; 5015 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5016 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5017} 5018 5019static struct ssb_driver b43_ssb_driver = { 5020 .name = KBUILD_MODNAME, 5021 .id_table = b43_ssb_tbl, 5022 .probe = b43_probe, 5023 .remove = b43_remove, 5024}; 5025 5026static void b43_print_driverinfo(void) 5027{ 5028 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5029 *feat_leds = "", *feat_sdio = ""; 5030 5031#ifdef CONFIG_B43_PCI_AUTOSELECT 5032 feat_pci = "P"; 5033#endif 5034#ifdef CONFIG_B43_PCMCIA 5035 feat_pcmcia = "M"; 5036#endif 5037#ifdef CONFIG_B43_NPHY 5038 feat_nphy = "N"; 5039#endif 5040#ifdef CONFIG_B43_LEDS 5041 feat_leds = "L"; 5042#endif 5043#ifdef CONFIG_B43_SDIO 5044 feat_sdio = "S"; 5045#endif 5046 printk(KERN_INFO "Broadcom 43xx driver loaded " 5047 "[ Features: %s%s%s%s%s, Firmware-ID: " 5048 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5049 feat_pci, feat_pcmcia, feat_nphy, 5050 feat_leds, feat_sdio); 5051} 5052 5053static int __init b43_init(void) 5054{ 5055 int err; 5056 5057 b43_debugfs_init(); 5058 err = b43_pcmcia_init(); 5059 if (err) 5060 goto err_dfs_exit; 5061 err = b43_sdio_init(); 5062 if (err) 5063 goto err_pcmcia_exit; 5064 err = ssb_driver_register(&b43_ssb_driver); 5065 if (err) 5066 goto err_sdio_exit; 5067 b43_print_driverinfo(); 5068 5069 return err; 5070 5071err_sdio_exit: 5072 b43_sdio_exit(); 5073err_pcmcia_exit: 5074 b43_pcmcia_exit(); 5075err_dfs_exit: 5076 b43_debugfs_exit(); 5077 return err; 5078} 5079 5080static void __exit b43_exit(void) 5081{ 5082 ssb_driver_unregister(&b43_ssb_driver); 5083 b43_sdio_exit(); 5084 b43_pcmcia_exit(); 5085 b43_debugfs_exit(); 5086} 5087 5088module_init(b43_init) 5089module_exit(b43_exit) 5090