main.c revision d7520b1d2a9ffae94323ffac9dc37d92f656051f
1/* 2 3 Broadcom B43 wireless driver 4 5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de> 6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it> 7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de> 8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org> 9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch> 10 11 SDIO support 12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es> 13 14 Some parts of the code in this file are derived from the ipw2200 15 driver Copyright(c) 2003 - 2004 Intel Corporation. 16 17 This program is free software; you can redistribute it and/or modify 18 it under the terms of the GNU General Public License as published by 19 the Free Software Foundation; either version 2 of the License, or 20 (at your option) any later version. 21 22 This program is distributed in the hope that it will be useful, 23 but WITHOUT ANY WARRANTY; without even the implied warranty of 24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 GNU General Public License for more details. 26 27 You should have received a copy of the GNU General Public License 28 along with this program; see the file COPYING. If not, write to 29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor, 30 Boston, MA 02110-1301, USA. 31 32*/ 33 34#include <linux/delay.h> 35#include <linux/init.h> 36#include <linux/moduleparam.h> 37#include <linux/if_arp.h> 38#include <linux/etherdevice.h> 39#include <linux/firmware.h> 40#include <linux/wireless.h> 41#include <linux/workqueue.h> 42#include <linux/skbuff.h> 43#include <linux/io.h> 44#include <linux/dma-mapping.h> 45#include <linux/slab.h> 46#include <asm/unaligned.h> 47 48#include "b43.h" 49#include "main.h" 50#include "debugfs.h" 51#include "phy_common.h" 52#include "phy_g.h" 53#include "phy_n.h" 54#include "dma.h" 55#include "pio.h" 56#include "sysfs.h" 57#include "xmit.h" 58#include "lo.h" 59#include "pcmcia.h" 60#include "sdio.h" 61#include <linux/mmc/sdio_func.h> 62 63MODULE_DESCRIPTION("Broadcom B43 wireless driver"); 64MODULE_AUTHOR("Martin Langer"); 65MODULE_AUTHOR("Stefano Brivio"); 66MODULE_AUTHOR("Michael Buesch"); 67MODULE_AUTHOR("Gábor Stefanik"); 68MODULE_LICENSE("GPL"); 69 70MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID); 71MODULE_FIRMWARE("b43/ucode11.fw"); 72MODULE_FIRMWARE("b43/ucode13.fw"); 73MODULE_FIRMWARE("b43/ucode14.fw"); 74MODULE_FIRMWARE("b43/ucode15.fw"); 75MODULE_FIRMWARE("b43/ucode16_mimo.fw"); 76MODULE_FIRMWARE("b43/ucode5.fw"); 77MODULE_FIRMWARE("b43/ucode9.fw"); 78 79static int modparam_bad_frames_preempt; 80module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444); 81MODULE_PARM_DESC(bad_frames_preempt, 82 "enable(1) / disable(0) Bad Frames Preemption"); 83 84static char modparam_fwpostfix[16]; 85module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444); 86MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load."); 87 88static int modparam_hwpctl; 89module_param_named(hwpctl, modparam_hwpctl, int, 0444); 90MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)"); 91 92static int modparam_nohwcrypt; 93module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444); 94MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption."); 95 96static int modparam_hwtkip; 97module_param_named(hwtkip, modparam_hwtkip, int, 0444); 98MODULE_PARM_DESC(hwtkip, "Enable hardware tkip."); 99 100static int modparam_qos = 1; 101module_param_named(qos, modparam_qos, int, 0444); 102MODULE_PARM_DESC(qos, "Enable QOS support (default on)"); 103 104static int modparam_btcoex = 1; 105module_param_named(btcoex, modparam_btcoex, int, 0444); 106MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)"); 107 108int b43_modparam_verbose = B43_VERBOSITY_DEFAULT; 109module_param_named(verbose, b43_modparam_verbose, int, 0644); 110MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug"); 111 112static int b43_modparam_pio = B43_PIO_DEFAULT; 113module_param_named(pio, b43_modparam_pio, int, 0644); 114MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO"); 115 116#ifdef CONFIG_B43_BCMA 117static const struct bcma_device_id b43_bcma_tbl[] = { 118 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS), 119 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS), 120 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS), 121 BCMA_CORETABLE_END 122}; 123MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl); 124#endif 125 126static const struct ssb_device_id b43_ssb_tbl[] = { 127 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5), 128 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6), 129 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7), 130 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9), 131 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10), 132 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11), 133 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12), 134 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13), 135 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15), 136 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16), 137 SSB_DEVTABLE_END 138}; 139 140MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl); 141 142/* Channel and ratetables are shared for all devices. 143 * They can't be const, because ieee80211 puts some precalculated 144 * data in there. This data is the same for all devices, so we don't 145 * get concurrency issues */ 146#define RATETAB_ENT(_rateid, _flags) \ 147 { \ 148 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \ 149 .hw_value = (_rateid), \ 150 .flags = (_flags), \ 151 } 152 153/* 154 * NOTE: When changing this, sync with xmit.c's 155 * b43_plcp_get_bitrate_idx_* functions! 156 */ 157static struct ieee80211_rate __b43_ratetable[] = { 158 RATETAB_ENT(B43_CCK_RATE_1MB, 0), 159 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE), 160 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE), 161 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE), 162 RATETAB_ENT(B43_OFDM_RATE_6MB, 0), 163 RATETAB_ENT(B43_OFDM_RATE_9MB, 0), 164 RATETAB_ENT(B43_OFDM_RATE_12MB, 0), 165 RATETAB_ENT(B43_OFDM_RATE_18MB, 0), 166 RATETAB_ENT(B43_OFDM_RATE_24MB, 0), 167 RATETAB_ENT(B43_OFDM_RATE_36MB, 0), 168 RATETAB_ENT(B43_OFDM_RATE_48MB, 0), 169 RATETAB_ENT(B43_OFDM_RATE_54MB, 0), 170}; 171 172#define b43_a_ratetable (__b43_ratetable + 4) 173#define b43_a_ratetable_size 8 174#define b43_b_ratetable (__b43_ratetable + 0) 175#define b43_b_ratetable_size 4 176#define b43_g_ratetable (__b43_ratetable + 0) 177#define b43_g_ratetable_size 12 178 179#define CHAN4G(_channel, _freq, _flags) { \ 180 .band = IEEE80211_BAND_2GHZ, \ 181 .center_freq = (_freq), \ 182 .hw_value = (_channel), \ 183 .flags = (_flags), \ 184 .max_antenna_gain = 0, \ 185 .max_power = 30, \ 186} 187static struct ieee80211_channel b43_2ghz_chantable[] = { 188 CHAN4G(1, 2412, 0), 189 CHAN4G(2, 2417, 0), 190 CHAN4G(3, 2422, 0), 191 CHAN4G(4, 2427, 0), 192 CHAN4G(5, 2432, 0), 193 CHAN4G(6, 2437, 0), 194 CHAN4G(7, 2442, 0), 195 CHAN4G(8, 2447, 0), 196 CHAN4G(9, 2452, 0), 197 CHAN4G(10, 2457, 0), 198 CHAN4G(11, 2462, 0), 199 CHAN4G(12, 2467, 0), 200 CHAN4G(13, 2472, 0), 201 CHAN4G(14, 2484, 0), 202}; 203#undef CHAN4G 204 205#define CHAN5G(_channel, _flags) { \ 206 .band = IEEE80211_BAND_5GHZ, \ 207 .center_freq = 5000 + (5 * (_channel)), \ 208 .hw_value = (_channel), \ 209 .flags = (_flags), \ 210 .max_antenna_gain = 0, \ 211 .max_power = 30, \ 212} 213static struct ieee80211_channel b43_5ghz_nphy_chantable[] = { 214 CHAN5G(32, 0), CHAN5G(34, 0), 215 CHAN5G(36, 0), CHAN5G(38, 0), 216 CHAN5G(40, 0), CHAN5G(42, 0), 217 CHAN5G(44, 0), CHAN5G(46, 0), 218 CHAN5G(48, 0), CHAN5G(50, 0), 219 CHAN5G(52, 0), CHAN5G(54, 0), 220 CHAN5G(56, 0), CHAN5G(58, 0), 221 CHAN5G(60, 0), CHAN5G(62, 0), 222 CHAN5G(64, 0), CHAN5G(66, 0), 223 CHAN5G(68, 0), CHAN5G(70, 0), 224 CHAN5G(72, 0), CHAN5G(74, 0), 225 CHAN5G(76, 0), CHAN5G(78, 0), 226 CHAN5G(80, 0), CHAN5G(82, 0), 227 CHAN5G(84, 0), CHAN5G(86, 0), 228 CHAN5G(88, 0), CHAN5G(90, 0), 229 CHAN5G(92, 0), CHAN5G(94, 0), 230 CHAN5G(96, 0), CHAN5G(98, 0), 231 CHAN5G(100, 0), CHAN5G(102, 0), 232 CHAN5G(104, 0), CHAN5G(106, 0), 233 CHAN5G(108, 0), CHAN5G(110, 0), 234 CHAN5G(112, 0), CHAN5G(114, 0), 235 CHAN5G(116, 0), CHAN5G(118, 0), 236 CHAN5G(120, 0), CHAN5G(122, 0), 237 CHAN5G(124, 0), CHAN5G(126, 0), 238 CHAN5G(128, 0), CHAN5G(130, 0), 239 CHAN5G(132, 0), CHAN5G(134, 0), 240 CHAN5G(136, 0), CHAN5G(138, 0), 241 CHAN5G(140, 0), CHAN5G(142, 0), 242 CHAN5G(144, 0), CHAN5G(145, 0), 243 CHAN5G(146, 0), CHAN5G(147, 0), 244 CHAN5G(148, 0), CHAN5G(149, 0), 245 CHAN5G(150, 0), CHAN5G(151, 0), 246 CHAN5G(152, 0), CHAN5G(153, 0), 247 CHAN5G(154, 0), CHAN5G(155, 0), 248 CHAN5G(156, 0), CHAN5G(157, 0), 249 CHAN5G(158, 0), CHAN5G(159, 0), 250 CHAN5G(160, 0), CHAN5G(161, 0), 251 CHAN5G(162, 0), CHAN5G(163, 0), 252 CHAN5G(164, 0), CHAN5G(165, 0), 253 CHAN5G(166, 0), CHAN5G(168, 0), 254 CHAN5G(170, 0), CHAN5G(172, 0), 255 CHAN5G(174, 0), CHAN5G(176, 0), 256 CHAN5G(178, 0), CHAN5G(180, 0), 257 CHAN5G(182, 0), CHAN5G(184, 0), 258 CHAN5G(186, 0), CHAN5G(188, 0), 259 CHAN5G(190, 0), CHAN5G(192, 0), 260 CHAN5G(194, 0), CHAN5G(196, 0), 261 CHAN5G(198, 0), CHAN5G(200, 0), 262 CHAN5G(202, 0), CHAN5G(204, 0), 263 CHAN5G(206, 0), CHAN5G(208, 0), 264 CHAN5G(210, 0), CHAN5G(212, 0), 265 CHAN5G(214, 0), CHAN5G(216, 0), 266 CHAN5G(218, 0), CHAN5G(220, 0), 267 CHAN5G(222, 0), CHAN5G(224, 0), 268 CHAN5G(226, 0), CHAN5G(228, 0), 269}; 270 271static struct ieee80211_channel b43_5ghz_aphy_chantable[] = { 272 CHAN5G(34, 0), CHAN5G(36, 0), 273 CHAN5G(38, 0), CHAN5G(40, 0), 274 CHAN5G(42, 0), CHAN5G(44, 0), 275 CHAN5G(46, 0), CHAN5G(48, 0), 276 CHAN5G(52, 0), CHAN5G(56, 0), 277 CHAN5G(60, 0), CHAN5G(64, 0), 278 CHAN5G(100, 0), CHAN5G(104, 0), 279 CHAN5G(108, 0), CHAN5G(112, 0), 280 CHAN5G(116, 0), CHAN5G(120, 0), 281 CHAN5G(124, 0), CHAN5G(128, 0), 282 CHAN5G(132, 0), CHAN5G(136, 0), 283 CHAN5G(140, 0), CHAN5G(149, 0), 284 CHAN5G(153, 0), CHAN5G(157, 0), 285 CHAN5G(161, 0), CHAN5G(165, 0), 286 CHAN5G(184, 0), CHAN5G(188, 0), 287 CHAN5G(192, 0), CHAN5G(196, 0), 288 CHAN5G(200, 0), CHAN5G(204, 0), 289 CHAN5G(208, 0), CHAN5G(212, 0), 290 CHAN5G(216, 0), 291}; 292#undef CHAN5G 293 294static struct ieee80211_supported_band b43_band_5GHz_nphy = { 295 .band = IEEE80211_BAND_5GHZ, 296 .channels = b43_5ghz_nphy_chantable, 297 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable), 298 .bitrates = b43_a_ratetable, 299 .n_bitrates = b43_a_ratetable_size, 300}; 301 302static struct ieee80211_supported_band b43_band_5GHz_aphy = { 303 .band = IEEE80211_BAND_5GHZ, 304 .channels = b43_5ghz_aphy_chantable, 305 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable), 306 .bitrates = b43_a_ratetable, 307 .n_bitrates = b43_a_ratetable_size, 308}; 309 310static struct ieee80211_supported_band b43_band_2GHz = { 311 .band = IEEE80211_BAND_2GHZ, 312 .channels = b43_2ghz_chantable, 313 .n_channels = ARRAY_SIZE(b43_2ghz_chantable), 314 .bitrates = b43_g_ratetable, 315 .n_bitrates = b43_g_ratetable_size, 316}; 317 318static void b43_wireless_core_exit(struct b43_wldev *dev); 319static int b43_wireless_core_init(struct b43_wldev *dev); 320static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev); 321static int b43_wireless_core_start(struct b43_wldev *dev); 322 323static int b43_ratelimit(struct b43_wl *wl) 324{ 325 if (!wl || !wl->current_dev) 326 return 1; 327 if (b43_status(wl->current_dev) < B43_STAT_STARTED) 328 return 1; 329 /* We are up and running. 330 * Ratelimit the messages to avoid DoS over the net. */ 331 return net_ratelimit(); 332} 333 334void b43info(struct b43_wl *wl, const char *fmt, ...) 335{ 336 struct va_format vaf; 337 va_list args; 338 339 if (b43_modparam_verbose < B43_VERBOSITY_INFO) 340 return; 341 if (!b43_ratelimit(wl)) 342 return; 343 344 va_start(args, fmt); 345 346 vaf.fmt = fmt; 347 vaf.va = &args; 348 349 printk(KERN_INFO "b43-%s: %pV", 350 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 351 352 va_end(args); 353} 354 355void b43err(struct b43_wl *wl, const char *fmt, ...) 356{ 357 struct va_format vaf; 358 va_list args; 359 360 if (b43_modparam_verbose < B43_VERBOSITY_ERROR) 361 return; 362 if (!b43_ratelimit(wl)) 363 return; 364 365 va_start(args, fmt); 366 367 vaf.fmt = fmt; 368 vaf.va = &args; 369 370 printk(KERN_ERR "b43-%s ERROR: %pV", 371 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 372 373 va_end(args); 374} 375 376void b43warn(struct b43_wl *wl, const char *fmt, ...) 377{ 378 struct va_format vaf; 379 va_list args; 380 381 if (b43_modparam_verbose < B43_VERBOSITY_WARN) 382 return; 383 if (!b43_ratelimit(wl)) 384 return; 385 386 va_start(args, fmt); 387 388 vaf.fmt = fmt; 389 vaf.va = &args; 390 391 printk(KERN_WARNING "b43-%s warning: %pV", 392 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 393 394 va_end(args); 395} 396 397void b43dbg(struct b43_wl *wl, const char *fmt, ...) 398{ 399 struct va_format vaf; 400 va_list args; 401 402 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 403 return; 404 405 va_start(args, fmt); 406 407 vaf.fmt = fmt; 408 vaf.va = &args; 409 410 printk(KERN_DEBUG "b43-%s debug: %pV", 411 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf); 412 413 va_end(args); 414} 415 416static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val) 417{ 418 u32 macctl; 419 420 B43_WARN_ON(offset % 4 != 0); 421 422 macctl = b43_read32(dev, B43_MMIO_MACCTL); 423 if (macctl & B43_MACCTL_BE) 424 val = swab32(val); 425 426 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset); 427 mmiowb(); 428 b43_write32(dev, B43_MMIO_RAM_DATA, val); 429} 430 431static inline void b43_shm_control_word(struct b43_wldev *dev, 432 u16 routing, u16 offset) 433{ 434 u32 control; 435 436 /* "offset" is the WORD offset. */ 437 control = routing; 438 control <<= 16; 439 control |= offset; 440 b43_write32(dev, B43_MMIO_SHM_CONTROL, control); 441} 442 443u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset) 444{ 445 u32 ret; 446 447 if (routing == B43_SHM_SHARED) { 448 B43_WARN_ON(offset & 0x0001); 449 if (offset & 0x0003) { 450 /* Unaligned access */ 451 b43_shm_control_word(dev, routing, offset >> 2); 452 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 453 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 454 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16; 455 456 goto out; 457 } 458 offset >>= 2; 459 } 460 b43_shm_control_word(dev, routing, offset); 461 ret = b43_read32(dev, B43_MMIO_SHM_DATA); 462out: 463 return ret; 464} 465 466u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset) 467{ 468 u16 ret; 469 470 if (routing == B43_SHM_SHARED) { 471 B43_WARN_ON(offset & 0x0001); 472 if (offset & 0x0003) { 473 /* Unaligned access */ 474 b43_shm_control_word(dev, routing, offset >> 2); 475 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED); 476 477 goto out; 478 } 479 offset >>= 2; 480 } 481 b43_shm_control_word(dev, routing, offset); 482 ret = b43_read16(dev, B43_MMIO_SHM_DATA); 483out: 484 return ret; 485} 486 487void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value) 488{ 489 if (routing == B43_SHM_SHARED) { 490 B43_WARN_ON(offset & 0x0001); 491 if (offset & 0x0003) { 492 /* Unaligned access */ 493 b43_shm_control_word(dev, routing, offset >> 2); 494 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, 495 value & 0xFFFF); 496 b43_shm_control_word(dev, routing, (offset >> 2) + 1); 497 b43_write16(dev, B43_MMIO_SHM_DATA, 498 (value >> 16) & 0xFFFF); 499 return; 500 } 501 offset >>= 2; 502 } 503 b43_shm_control_word(dev, routing, offset); 504 b43_write32(dev, B43_MMIO_SHM_DATA, value); 505} 506 507void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value) 508{ 509 if (routing == B43_SHM_SHARED) { 510 B43_WARN_ON(offset & 0x0001); 511 if (offset & 0x0003) { 512 /* Unaligned access */ 513 b43_shm_control_word(dev, routing, offset >> 2); 514 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value); 515 return; 516 } 517 offset >>= 2; 518 } 519 b43_shm_control_word(dev, routing, offset); 520 b43_write16(dev, B43_MMIO_SHM_DATA, value); 521} 522 523/* Read HostFlags */ 524u64 b43_hf_read(struct b43_wldev *dev) 525{ 526 u64 ret; 527 528 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI); 529 ret <<= 16; 530 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI); 531 ret <<= 16; 532 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO); 533 534 return ret; 535} 536 537/* Write HostFlags */ 538void b43_hf_write(struct b43_wldev *dev, u64 value) 539{ 540 u16 lo, mi, hi; 541 542 lo = (value & 0x00000000FFFFULL); 543 mi = (value & 0x0000FFFF0000ULL) >> 16; 544 hi = (value & 0xFFFF00000000ULL) >> 32; 545 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo); 546 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi); 547 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi); 548} 549 550/* Read the firmware capabilities bitmask (Opensource firmware only) */ 551static u16 b43_fwcapa_read(struct b43_wldev *dev) 552{ 553 B43_WARN_ON(!dev->fw.opensource); 554 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA); 555} 556 557void b43_tsf_read(struct b43_wldev *dev, u64 *tsf) 558{ 559 u32 low, high; 560 561 B43_WARN_ON(dev->dev->core_rev < 3); 562 563 /* The hardware guarantees us an atomic read, if we 564 * read the low register first. */ 565 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW); 566 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH); 567 568 *tsf = high; 569 *tsf <<= 32; 570 *tsf |= low; 571} 572 573static void b43_time_lock(struct b43_wldev *dev) 574{ 575 u32 macctl; 576 577 macctl = b43_read32(dev, B43_MMIO_MACCTL); 578 macctl |= B43_MACCTL_TBTTHOLD; 579 b43_write32(dev, B43_MMIO_MACCTL, macctl); 580 /* Commit the write */ 581 b43_read32(dev, B43_MMIO_MACCTL); 582} 583 584static void b43_time_unlock(struct b43_wldev *dev) 585{ 586 u32 macctl; 587 588 macctl = b43_read32(dev, B43_MMIO_MACCTL); 589 macctl &= ~B43_MACCTL_TBTTHOLD; 590 b43_write32(dev, B43_MMIO_MACCTL, macctl); 591 /* Commit the write */ 592 b43_read32(dev, B43_MMIO_MACCTL); 593} 594 595static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf) 596{ 597 u32 low, high; 598 599 B43_WARN_ON(dev->dev->core_rev < 3); 600 601 low = tsf; 602 high = (tsf >> 32); 603 /* The hardware guarantees us an atomic write, if we 604 * write the low register first. */ 605 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low); 606 mmiowb(); 607 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high); 608 mmiowb(); 609} 610 611void b43_tsf_write(struct b43_wldev *dev, u64 tsf) 612{ 613 b43_time_lock(dev); 614 b43_tsf_write_locked(dev, tsf); 615 b43_time_unlock(dev); 616} 617 618static 619void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac) 620{ 621 static const u8 zero_addr[ETH_ALEN] = { 0 }; 622 u16 data; 623 624 if (!mac) 625 mac = zero_addr; 626 627 offset |= 0x0020; 628 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset); 629 630 data = mac[0]; 631 data |= mac[1] << 8; 632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 633 data = mac[2]; 634 data |= mac[3] << 8; 635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 636 data = mac[4]; 637 data |= mac[5] << 8; 638 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data); 639} 640 641static void b43_write_mac_bssid_templates(struct b43_wldev *dev) 642{ 643 const u8 *mac; 644 const u8 *bssid; 645 u8 mac_bssid[ETH_ALEN * 2]; 646 int i; 647 u32 tmp; 648 649 bssid = dev->wl->bssid; 650 mac = dev->wl->mac_addr; 651 652 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid); 653 654 memcpy(mac_bssid, mac, ETH_ALEN); 655 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN); 656 657 /* Write our MAC address and BSSID to template ram */ 658 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) { 659 tmp = (u32) (mac_bssid[i + 0]); 660 tmp |= (u32) (mac_bssid[i + 1]) << 8; 661 tmp |= (u32) (mac_bssid[i + 2]) << 16; 662 tmp |= (u32) (mac_bssid[i + 3]) << 24; 663 b43_ram_write(dev, 0x20 + i, tmp); 664 } 665} 666 667static void b43_upload_card_macaddress(struct b43_wldev *dev) 668{ 669 b43_write_mac_bssid_templates(dev); 670 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr); 671} 672 673static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time) 674{ 675 /* slot_time is in usec. */ 676 /* This test used to exit for all but a G PHY. */ 677 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ) 678 return; 679 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time); 680 /* Shared memory location 0x0010 is the slot time and should be 681 * set to slot_time; however, this register is initially 0 and changing 682 * the value adversely affects the transmit rate for BCM4311 683 * devices. Until this behavior is unterstood, delete this step 684 * 685 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time); 686 */ 687} 688 689static void b43_short_slot_timing_enable(struct b43_wldev *dev) 690{ 691 b43_set_slot_time(dev, 9); 692} 693 694static void b43_short_slot_timing_disable(struct b43_wldev *dev) 695{ 696 b43_set_slot_time(dev, 20); 697} 698 699/* DummyTransmission function, as documented on 700 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission 701 */ 702void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on) 703{ 704 struct b43_phy *phy = &dev->phy; 705 unsigned int i, max_loop; 706 u16 value; 707 u32 buffer[5] = { 708 0x00000000, 709 0x00D40000, 710 0x00000000, 711 0x01000000, 712 0x00000000, 713 }; 714 715 if (ofdm) { 716 max_loop = 0x1E; 717 buffer[0] = 0x000201CC; 718 } else { 719 max_loop = 0xFA; 720 buffer[0] = 0x000B846E; 721 } 722 723 for (i = 0; i < 5; i++) 724 b43_ram_write(dev, i * 4, buffer[i]); 725 726 b43_write16(dev, 0x0568, 0x0000); 727 if (dev->dev->core_rev < 11) 728 b43_write16(dev, 0x07C0, 0x0000); 729 else 730 b43_write16(dev, 0x07C0, 0x0100); 731 value = (ofdm ? 0x41 : 0x40); 732 b43_write16(dev, 0x050C, value); 733 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP)) 734 b43_write16(dev, 0x0514, 0x1A02); 735 b43_write16(dev, 0x0508, 0x0000); 736 b43_write16(dev, 0x050A, 0x0000); 737 b43_write16(dev, 0x054C, 0x0000); 738 b43_write16(dev, 0x056A, 0x0014); 739 b43_write16(dev, 0x0568, 0x0826); 740 b43_write16(dev, 0x0500, 0x0000); 741 if (!pa_on && (phy->type == B43_PHYTYPE_N)) { 742 //SPEC TODO 743 } 744 745 switch (phy->type) { 746 case B43_PHYTYPE_N: 747 b43_write16(dev, 0x0502, 0x00D0); 748 break; 749 case B43_PHYTYPE_LP: 750 b43_write16(dev, 0x0502, 0x0050); 751 break; 752 default: 753 b43_write16(dev, 0x0502, 0x0030); 754 } 755 756 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 757 b43_radio_write16(dev, 0x0051, 0x0017); 758 for (i = 0x00; i < max_loop; i++) { 759 value = b43_read16(dev, 0x050E); 760 if (value & 0x0080) 761 break; 762 udelay(10); 763 } 764 for (i = 0x00; i < 0x0A; i++) { 765 value = b43_read16(dev, 0x050E); 766 if (value & 0x0400) 767 break; 768 udelay(10); 769 } 770 for (i = 0x00; i < 0x19; i++) { 771 value = b43_read16(dev, 0x0690); 772 if (!(value & 0x0100)) 773 break; 774 udelay(10); 775 } 776 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5) 777 b43_radio_write16(dev, 0x0051, 0x0037); 778} 779 780static void key_write(struct b43_wldev *dev, 781 u8 index, u8 algorithm, const u8 *key) 782{ 783 unsigned int i; 784 u32 offset; 785 u16 value; 786 u16 kidx; 787 788 /* Key index/algo block */ 789 kidx = b43_kidx_to_fw(dev, index); 790 value = ((kidx << 4) | algorithm); 791 b43_shm_write16(dev, B43_SHM_SHARED, 792 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value); 793 794 /* Write the key to the Key Table Pointer offset */ 795 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 796 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 797 value = key[i]; 798 value |= (u16) (key[i + 1]) << 8; 799 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value); 800 } 801} 802 803static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr) 804{ 805 u32 addrtmp[2] = { 0, 0, }; 806 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 807 808 if (b43_new_kidx_api(dev)) 809 pairwise_keys_start = B43_NR_GROUP_KEYS; 810 811 B43_WARN_ON(index < pairwise_keys_start); 812 /* We have four default TX keys and possibly four default RX keys. 813 * Physical mac 0 is mapped to physical key 4 or 8, depending 814 * on the firmware version. 815 * So we must adjust the index here. 816 */ 817 index -= pairwise_keys_start; 818 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 819 820 if (addr) { 821 addrtmp[0] = addr[0]; 822 addrtmp[0] |= ((u32) (addr[1]) << 8); 823 addrtmp[0] |= ((u32) (addr[2]) << 16); 824 addrtmp[0] |= ((u32) (addr[3]) << 24); 825 addrtmp[1] = addr[4]; 826 addrtmp[1] |= ((u32) (addr[5]) << 8); 827 } 828 829 /* Receive match transmitter address (RCMTA) mechanism */ 830 b43_shm_write32(dev, B43_SHM_RCMTA, 831 (index * 2) + 0, addrtmp[0]); 832 b43_shm_write16(dev, B43_SHM_RCMTA, 833 (index * 2) + 1, addrtmp[1]); 834} 835 836/* The ucode will use phase1 key with TEK key to decrypt rx packets. 837 * When a packet is received, the iv32 is checked. 838 * - if it doesn't the packet is returned without modification (and software 839 * decryption can be done). That's what happen when iv16 wrap. 840 * - if it does, the rc4 key is computed, and decryption is tried. 841 * Either it will success and B43_RX_MAC_DEC is returned, 842 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned 843 * and the packet is not usable (it got modified by the ucode). 844 * So in order to never have B43_RX_MAC_DECERR, we should provide 845 * a iv32 and phase1key that match. Because we drop packets in case of 846 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all 847 * packets will be lost without higher layer knowing (ie no resync possible 848 * until next wrap). 849 * 850 * NOTE : this should support 50 key like RCMTA because 851 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50 852 */ 853static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32, 854 u16 *phase1key) 855{ 856 unsigned int i; 857 u32 offset; 858 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 859 860 if (!modparam_hwtkip) 861 return; 862 863 if (b43_new_kidx_api(dev)) 864 pairwise_keys_start = B43_NR_GROUP_KEYS; 865 866 B43_WARN_ON(index < pairwise_keys_start); 867 /* We have four default TX keys and possibly four default RX keys. 868 * Physical mac 0 is mapped to physical key 4 or 8, depending 869 * on the firmware version. 870 * So we must adjust the index here. 871 */ 872 index -= pairwise_keys_start; 873 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS); 874 875 if (b43_debug(dev, B43_DBG_KEYS)) { 876 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n", 877 index, iv32); 878 } 879 /* Write the key to the RX tkip shared mem */ 880 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4); 881 for (i = 0; i < 10; i += 2) { 882 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, 883 phase1key ? phase1key[i / 2] : 0); 884 } 885 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32); 886 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16); 887} 888 889static void b43_op_update_tkip_key(struct ieee80211_hw *hw, 890 struct ieee80211_vif *vif, 891 struct ieee80211_key_conf *keyconf, 892 struct ieee80211_sta *sta, 893 u32 iv32, u16 *phase1key) 894{ 895 struct b43_wl *wl = hw_to_b43_wl(hw); 896 struct b43_wldev *dev; 897 int index = keyconf->hw_key_idx; 898 899 if (B43_WARN_ON(!modparam_hwtkip)) 900 return; 901 902 /* This is only called from the RX path through mac80211, where 903 * our mutex is already locked. */ 904 B43_WARN_ON(!mutex_is_locked(&wl->mutex)); 905 dev = wl->current_dev; 906 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED); 907 908 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */ 909 910 rx_tkip_phase1_write(dev, index, iv32, phase1key); 911 /* only pairwise TKIP keys are supported right now */ 912 if (WARN_ON(!sta)) 913 return; 914 keymac_write(dev, index, sta->addr); 915} 916 917static void do_key_write(struct b43_wldev *dev, 918 u8 index, u8 algorithm, 919 const u8 *key, size_t key_len, const u8 *mac_addr) 920{ 921 u8 buf[B43_SEC_KEYSIZE] = { 0, }; 922 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 923 924 if (b43_new_kidx_api(dev)) 925 pairwise_keys_start = B43_NR_GROUP_KEYS; 926 927 B43_WARN_ON(index >= ARRAY_SIZE(dev->key)); 928 B43_WARN_ON(key_len > B43_SEC_KEYSIZE); 929 930 if (index >= pairwise_keys_start) 931 keymac_write(dev, index, NULL); /* First zero out mac. */ 932 if (algorithm == B43_SEC_ALGO_TKIP) { 933 /* 934 * We should provide an initial iv32, phase1key pair. 935 * We could start with iv32=0 and compute the corresponding 936 * phase1key, but this means calling ieee80211_get_tkip_key 937 * with a fake skb (or export other tkip function). 938 * Because we are lazy we hope iv32 won't start with 939 * 0xffffffff and let's b43_op_update_tkip_key provide a 940 * correct pair. 941 */ 942 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf); 943 } else if (index >= pairwise_keys_start) /* clear it */ 944 rx_tkip_phase1_write(dev, index, 0, NULL); 945 if (key) 946 memcpy(buf, key, key_len); 947 key_write(dev, index, algorithm, buf); 948 if (index >= pairwise_keys_start) 949 keymac_write(dev, index, mac_addr); 950 951 dev->key[index].algorithm = algorithm; 952} 953 954static int b43_key_write(struct b43_wldev *dev, 955 int index, u8 algorithm, 956 const u8 *key, size_t key_len, 957 const u8 *mac_addr, 958 struct ieee80211_key_conf *keyconf) 959{ 960 int i; 961 int pairwise_keys_start; 962 963 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block: 964 * - Temporal Encryption Key (128 bits) 965 * - Temporal Authenticator Tx MIC Key (64 bits) 966 * - Temporal Authenticator Rx MIC Key (64 bits) 967 * 968 * Hardware only store TEK 969 */ 970 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32) 971 key_len = 16; 972 if (key_len > B43_SEC_KEYSIZE) 973 return -EINVAL; 974 for (i = 0; i < ARRAY_SIZE(dev->key); i++) { 975 /* Check that we don't already have this key. */ 976 B43_WARN_ON(dev->key[i].keyconf == keyconf); 977 } 978 if (index < 0) { 979 /* Pairwise key. Get an empty slot for the key. */ 980 if (b43_new_kidx_api(dev)) 981 pairwise_keys_start = B43_NR_GROUP_KEYS; 982 else 983 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 984 for (i = pairwise_keys_start; 985 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS; 986 i++) { 987 B43_WARN_ON(i >= ARRAY_SIZE(dev->key)); 988 if (!dev->key[i].keyconf) { 989 /* found empty */ 990 index = i; 991 break; 992 } 993 } 994 if (index < 0) { 995 b43warn(dev->wl, "Out of hardware key memory\n"); 996 return -ENOSPC; 997 } 998 } else 999 B43_WARN_ON(index > 3); 1000 1001 do_key_write(dev, index, algorithm, key, key_len, mac_addr); 1002 if ((index <= 3) && !b43_new_kidx_api(dev)) { 1003 /* Default RX key */ 1004 B43_WARN_ON(mac_addr); 1005 do_key_write(dev, index + 4, algorithm, key, key_len, NULL); 1006 } 1007 keyconf->hw_key_idx = index; 1008 dev->key[index].keyconf = keyconf; 1009 1010 return 0; 1011} 1012 1013static int b43_key_clear(struct b43_wldev *dev, int index) 1014{ 1015 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key)))) 1016 return -EINVAL; 1017 do_key_write(dev, index, B43_SEC_ALGO_NONE, 1018 NULL, B43_SEC_KEYSIZE, NULL); 1019 if ((index <= 3) && !b43_new_kidx_api(dev)) { 1020 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE, 1021 NULL, B43_SEC_KEYSIZE, NULL); 1022 } 1023 dev->key[index].keyconf = NULL; 1024 1025 return 0; 1026} 1027 1028static void b43_clear_keys(struct b43_wldev *dev) 1029{ 1030 int i, count; 1031 1032 if (b43_new_kidx_api(dev)) 1033 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1034 else 1035 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1036 for (i = 0; i < count; i++) 1037 b43_key_clear(dev, i); 1038} 1039 1040static void b43_dump_keymemory(struct b43_wldev *dev) 1041{ 1042 unsigned int i, index, count, offset, pairwise_keys_start; 1043 u8 mac[ETH_ALEN]; 1044 u16 algo; 1045 u32 rcmta0; 1046 u16 rcmta1; 1047 u64 hf; 1048 struct b43_key *key; 1049 1050 if (!b43_debug(dev, B43_DBG_KEYS)) 1051 return; 1052 1053 hf = b43_hf_read(dev); 1054 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n", 1055 !!(hf & B43_HF_USEDEFKEYS)); 1056 if (b43_new_kidx_api(dev)) { 1057 pairwise_keys_start = B43_NR_GROUP_KEYS; 1058 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS; 1059 } else { 1060 pairwise_keys_start = B43_NR_GROUP_KEYS * 2; 1061 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS; 1062 } 1063 for (index = 0; index < count; index++) { 1064 key = &(dev->key[index]); 1065 printk(KERN_DEBUG "Key slot %02u: %s", 1066 index, (key->keyconf == NULL) ? " " : "*"); 1067 offset = dev->ktp + (index * B43_SEC_KEYSIZE); 1068 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) { 1069 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1070 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1071 } 1072 1073 algo = b43_shm_read16(dev, B43_SHM_SHARED, 1074 B43_SHM_SH_KEYIDXBLOCK + (index * 2)); 1075 printk(" Algo: %04X/%02X", algo, key->algorithm); 1076 1077 if (index >= pairwise_keys_start) { 1078 if (key->algorithm == B43_SEC_ALGO_TKIP) { 1079 printk(" TKIP: "); 1080 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4); 1081 for (i = 0; i < 14; i += 2) { 1082 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i); 1083 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF)); 1084 } 1085 } 1086 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA, 1087 ((index - pairwise_keys_start) * 2) + 0); 1088 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA, 1089 ((index - pairwise_keys_start) * 2) + 1); 1090 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0); 1091 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1); 1092 printk(" MAC: %pM", mac); 1093 } else 1094 printk(" DEFAULT KEY"); 1095 printk("\n"); 1096 } 1097} 1098 1099void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags) 1100{ 1101 u32 macctl; 1102 u16 ucstat; 1103 bool hwps; 1104 bool awake; 1105 int i; 1106 1107 B43_WARN_ON((ps_flags & B43_PS_ENABLED) && 1108 (ps_flags & B43_PS_DISABLED)); 1109 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP)); 1110 1111 if (ps_flags & B43_PS_ENABLED) { 1112 hwps = 1; 1113 } else if (ps_flags & B43_PS_DISABLED) { 1114 hwps = 0; 1115 } else { 1116 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc 1117 // and thus is not an AP and we are associated, set bit 25 1118 } 1119 if (ps_flags & B43_PS_AWAKE) { 1120 awake = 1; 1121 } else if (ps_flags & B43_PS_ASLEEP) { 1122 awake = 0; 1123 } else { 1124 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME, 1125 // or we are associated, or FIXME, or the latest PS-Poll packet sent was 1126 // successful, set bit26 1127 } 1128 1129/* FIXME: For now we force awake-on and hwps-off */ 1130 hwps = 0; 1131 awake = 1; 1132 1133 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1134 if (hwps) 1135 macctl |= B43_MACCTL_HWPS; 1136 else 1137 macctl &= ~B43_MACCTL_HWPS; 1138 if (awake) 1139 macctl |= B43_MACCTL_AWAKE; 1140 else 1141 macctl &= ~B43_MACCTL_AWAKE; 1142 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1143 /* Commit write */ 1144 b43_read32(dev, B43_MMIO_MACCTL); 1145 if (awake && dev->dev->core_rev >= 5) { 1146 /* Wait for the microcode to wake up. */ 1147 for (i = 0; i < 100; i++) { 1148 ucstat = b43_shm_read16(dev, B43_SHM_SHARED, 1149 B43_SHM_SH_UCODESTAT); 1150 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP) 1151 break; 1152 udelay(10); 1153 } 1154 } 1155} 1156 1157static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode) 1158{ 1159 struct ssb_device *sdev = dev->dev->sdev; 1160 u32 tmslow; 1161 u32 flags = 0; 1162 1163 if (gmode) 1164 flags |= B43_TMSLOW_GMODE; 1165 flags |= B43_TMSLOW_PHYCLKEN; 1166 flags |= B43_TMSLOW_PHYRESET; 1167 if (dev->phy.type == B43_PHYTYPE_N) 1168 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */ 1169 b43_device_enable(dev, flags); 1170 msleep(2); /* Wait for the PLL to turn on. */ 1171 1172 /* Now take the PHY out of Reset again */ 1173 tmslow = ssb_read32(sdev, SSB_TMSLOW); 1174 tmslow |= SSB_TMSLOW_FGC; 1175 tmslow &= ~B43_TMSLOW_PHYRESET; 1176 ssb_write32(sdev, SSB_TMSLOW, tmslow); 1177 ssb_read32(sdev, SSB_TMSLOW); /* flush */ 1178 msleep(1); 1179 tmslow &= ~SSB_TMSLOW_FGC; 1180 ssb_write32(sdev, SSB_TMSLOW, tmslow); 1181 ssb_read32(sdev, SSB_TMSLOW); /* flush */ 1182 msleep(1); 1183} 1184 1185void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode) 1186{ 1187 u32 macctl; 1188 1189 b43_ssb_wireless_core_reset(dev, gmode); 1190 1191 /* Turn Analog ON, but only if we already know the PHY-type. 1192 * This protects against very early setup where we don't know the 1193 * PHY-type, yet. wireless_core_reset will be called once again later, 1194 * when we know the PHY-type. */ 1195 if (dev->phy.ops) 1196 dev->phy.ops->switch_analog(dev, 1); 1197 1198 macctl = b43_read32(dev, B43_MMIO_MACCTL); 1199 macctl &= ~B43_MACCTL_GMODE; 1200 if (gmode) 1201 macctl |= B43_MACCTL_GMODE; 1202 macctl |= B43_MACCTL_IHR_ENABLED; 1203 b43_write32(dev, B43_MMIO_MACCTL, macctl); 1204} 1205 1206static void handle_irq_transmit_status(struct b43_wldev *dev) 1207{ 1208 u32 v0, v1; 1209 u16 tmp; 1210 struct b43_txstatus stat; 1211 1212 while (1) { 1213 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1214 if (!(v0 & 0x00000001)) 1215 break; 1216 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1217 1218 stat.cookie = (v0 >> 16); 1219 stat.seq = (v1 & 0x0000FFFF); 1220 stat.phy_stat = ((v1 & 0x00FF0000) >> 16); 1221 tmp = (v0 & 0x0000FFFF); 1222 stat.frame_count = ((tmp & 0xF000) >> 12); 1223 stat.rts_count = ((tmp & 0x0F00) >> 8); 1224 stat.supp_reason = ((tmp & 0x001C) >> 2); 1225 stat.pm_indicated = !!(tmp & 0x0080); 1226 stat.intermediate = !!(tmp & 0x0040); 1227 stat.for_ampdu = !!(tmp & 0x0020); 1228 stat.acked = !!(tmp & 0x0002); 1229 1230 b43_handle_txstatus(dev, &stat); 1231 } 1232} 1233 1234static void drain_txstatus_queue(struct b43_wldev *dev) 1235{ 1236 u32 dummy; 1237 1238 if (dev->dev->core_rev < 5) 1239 return; 1240 /* Read all entries from the microcode TXstatus FIFO 1241 * and throw them away. 1242 */ 1243 while (1) { 1244 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0); 1245 if (!(dummy & 0x00000001)) 1246 break; 1247 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1); 1248 } 1249} 1250 1251static u32 b43_jssi_read(struct b43_wldev *dev) 1252{ 1253 u32 val = 0; 1254 1255 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A); 1256 val <<= 16; 1257 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088); 1258 1259 return val; 1260} 1261 1262static void b43_jssi_write(struct b43_wldev *dev, u32 jssi) 1263{ 1264 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF)); 1265 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16); 1266} 1267 1268static void b43_generate_noise_sample(struct b43_wldev *dev) 1269{ 1270 b43_jssi_write(dev, 0x7F7F7F7F); 1271 b43_write32(dev, B43_MMIO_MACCMD, 1272 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE); 1273} 1274 1275static void b43_calculate_link_quality(struct b43_wldev *dev) 1276{ 1277 /* Top half of Link Quality calculation. */ 1278 1279 if (dev->phy.type != B43_PHYTYPE_G) 1280 return; 1281 if (dev->noisecalc.calculation_running) 1282 return; 1283 dev->noisecalc.calculation_running = 1; 1284 dev->noisecalc.nr_samples = 0; 1285 1286 b43_generate_noise_sample(dev); 1287} 1288 1289static void handle_irq_noise(struct b43_wldev *dev) 1290{ 1291 struct b43_phy_g *phy = dev->phy.g; 1292 u16 tmp; 1293 u8 noise[4]; 1294 u8 i, j; 1295 s32 average; 1296 1297 /* Bottom half of Link Quality calculation. */ 1298 1299 if (dev->phy.type != B43_PHYTYPE_G) 1300 return; 1301 1302 /* Possible race condition: It might be possible that the user 1303 * changed to a different channel in the meantime since we 1304 * started the calculation. We ignore that fact, since it's 1305 * not really that much of a problem. The background noise is 1306 * an estimation only anyway. Slightly wrong results will get damped 1307 * by the averaging of the 8 sample rounds. Additionally the 1308 * value is shortlived. So it will be replaced by the next noise 1309 * calculation round soon. */ 1310 1311 B43_WARN_ON(!dev->noisecalc.calculation_running); 1312 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev)); 1313 if (noise[0] == 0x7F || noise[1] == 0x7F || 1314 noise[2] == 0x7F || noise[3] == 0x7F) 1315 goto generate_new; 1316 1317 /* Get the noise samples. */ 1318 B43_WARN_ON(dev->noisecalc.nr_samples >= 8); 1319 i = dev->noisecalc.nr_samples; 1320 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1321 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1322 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1323 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1); 1324 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]]; 1325 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]]; 1326 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]]; 1327 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]]; 1328 dev->noisecalc.nr_samples++; 1329 if (dev->noisecalc.nr_samples == 8) { 1330 /* Calculate the Link Quality by the noise samples. */ 1331 average = 0; 1332 for (i = 0; i < 8; i++) { 1333 for (j = 0; j < 4; j++) 1334 average += dev->noisecalc.samples[i][j]; 1335 } 1336 average /= (8 * 4); 1337 average *= 125; 1338 average += 64; 1339 average /= 128; 1340 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C); 1341 tmp = (tmp / 128) & 0x1F; 1342 if (tmp >= 8) 1343 average += 2; 1344 else 1345 average -= 25; 1346 if (tmp == 8) 1347 average -= 72; 1348 else 1349 average -= 48; 1350 1351 dev->stats.link_noise = average; 1352 dev->noisecalc.calculation_running = 0; 1353 return; 1354 } 1355generate_new: 1356 b43_generate_noise_sample(dev); 1357} 1358 1359static void handle_irq_tbtt_indication(struct b43_wldev *dev) 1360{ 1361 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) { 1362 ///TODO: PS TBTT 1363 } else { 1364 if (1 /*FIXME: the last PSpoll frame was sent successfully */ ) 1365 b43_power_saving_ctl_bits(dev, 0); 1366 } 1367 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) 1368 dev->dfq_valid = 1; 1369} 1370 1371static void handle_irq_atim_end(struct b43_wldev *dev) 1372{ 1373 if (dev->dfq_valid) { 1374 b43_write32(dev, B43_MMIO_MACCMD, 1375 b43_read32(dev, B43_MMIO_MACCMD) 1376 | B43_MACCMD_DFQ_VALID); 1377 dev->dfq_valid = 0; 1378 } 1379} 1380 1381static void handle_irq_pmq(struct b43_wldev *dev) 1382{ 1383 u32 tmp; 1384 1385 //TODO: AP mode. 1386 1387 while (1) { 1388 tmp = b43_read32(dev, B43_MMIO_PS_STATUS); 1389 if (!(tmp & 0x00000008)) 1390 break; 1391 } 1392 /* 16bit write is odd, but correct. */ 1393 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002); 1394} 1395 1396static void b43_write_template_common(struct b43_wldev *dev, 1397 const u8 *data, u16 size, 1398 u16 ram_offset, 1399 u16 shm_size_offset, u8 rate) 1400{ 1401 u32 i, tmp; 1402 struct b43_plcp_hdr4 plcp; 1403 1404 plcp.data = 0; 1405 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate); 1406 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data)); 1407 ram_offset += sizeof(u32); 1408 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet. 1409 * So leave the first two bytes of the next write blank. 1410 */ 1411 tmp = (u32) (data[0]) << 16; 1412 tmp |= (u32) (data[1]) << 24; 1413 b43_ram_write(dev, ram_offset, tmp); 1414 ram_offset += sizeof(u32); 1415 for (i = 2; i < size; i += sizeof(u32)) { 1416 tmp = (u32) (data[i + 0]); 1417 if (i + 1 < size) 1418 tmp |= (u32) (data[i + 1]) << 8; 1419 if (i + 2 < size) 1420 tmp |= (u32) (data[i + 2]) << 16; 1421 if (i + 3 < size) 1422 tmp |= (u32) (data[i + 3]) << 24; 1423 b43_ram_write(dev, ram_offset + i - 2, tmp); 1424 } 1425 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset, 1426 size + sizeof(struct b43_plcp_hdr6)); 1427} 1428 1429/* Check if the use of the antenna that ieee80211 told us to 1430 * use is possible. This will fall back to DEFAULT. 1431 * "antenna_nr" is the antenna identifier we got from ieee80211. */ 1432u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev, 1433 u8 antenna_nr) 1434{ 1435 u8 antenna_mask; 1436 1437 if (antenna_nr == 0) { 1438 /* Zero means "use default antenna". That's always OK. */ 1439 return 0; 1440 } 1441 1442 /* Get the mask of available antennas. */ 1443 if (dev->phy.gmode) 1444 antenna_mask = dev->dev->bus_sprom->ant_available_bg; 1445 else 1446 antenna_mask = dev->dev->bus_sprom->ant_available_a; 1447 1448 if (!(antenna_mask & (1 << (antenna_nr - 1)))) { 1449 /* This antenna is not available. Fall back to default. */ 1450 return 0; 1451 } 1452 1453 return antenna_nr; 1454} 1455 1456/* Convert a b43 antenna number value to the PHY TX control value. */ 1457static u16 b43_antenna_to_phyctl(int antenna) 1458{ 1459 switch (antenna) { 1460 case B43_ANTENNA0: 1461 return B43_TXH_PHY_ANT0; 1462 case B43_ANTENNA1: 1463 return B43_TXH_PHY_ANT1; 1464 case B43_ANTENNA2: 1465 return B43_TXH_PHY_ANT2; 1466 case B43_ANTENNA3: 1467 return B43_TXH_PHY_ANT3; 1468 case B43_ANTENNA_AUTO0: 1469 case B43_ANTENNA_AUTO1: 1470 return B43_TXH_PHY_ANT01AUTO; 1471 } 1472 B43_WARN_ON(1); 1473 return 0; 1474} 1475 1476static void b43_write_beacon_template(struct b43_wldev *dev, 1477 u16 ram_offset, 1478 u16 shm_size_offset) 1479{ 1480 unsigned int i, len, variable_len; 1481 const struct ieee80211_mgmt *bcn; 1482 const u8 *ie; 1483 bool tim_found = 0; 1484 unsigned int rate; 1485 u16 ctl; 1486 int antenna; 1487 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon); 1488 1489 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data); 1490 len = min((size_t) dev->wl->current_beacon->len, 1491 0x200 - sizeof(struct b43_plcp_hdr6)); 1492 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value; 1493 1494 b43_write_template_common(dev, (const u8 *)bcn, 1495 len, ram_offset, shm_size_offset, rate); 1496 1497 /* Write the PHY TX control parameters. */ 1498 antenna = B43_ANTENNA_DEFAULT; 1499 antenna = b43_antenna_to_phyctl(antenna); 1500 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL); 1501 /* We can't send beacons with short preamble. Would get PHY errors. */ 1502 ctl &= ~B43_TXH_PHY_SHORTPRMBL; 1503 ctl &= ~B43_TXH_PHY_ANT; 1504 ctl &= ~B43_TXH_PHY_ENC; 1505 ctl |= antenna; 1506 if (b43_is_cck_rate(rate)) 1507 ctl |= B43_TXH_PHY_ENC_CCK; 1508 else 1509 ctl |= B43_TXH_PHY_ENC_OFDM; 1510 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 1511 1512 /* Find the position of the TIM and the DTIM_period value 1513 * and write them to SHM. */ 1514 ie = bcn->u.beacon.variable; 1515 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable); 1516 for (i = 0; i < variable_len - 2; ) { 1517 uint8_t ie_id, ie_len; 1518 1519 ie_id = ie[i]; 1520 ie_len = ie[i + 1]; 1521 if (ie_id == 5) { 1522 u16 tim_position; 1523 u16 dtim_period; 1524 /* This is the TIM Information Element */ 1525 1526 /* Check whether the ie_len is in the beacon data range. */ 1527 if (variable_len < ie_len + 2 + i) 1528 break; 1529 /* A valid TIM is at least 4 bytes long. */ 1530 if (ie_len < 4) 1531 break; 1532 tim_found = 1; 1533 1534 tim_position = sizeof(struct b43_plcp_hdr6); 1535 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable); 1536 tim_position += i; 1537 1538 dtim_period = ie[i + 3]; 1539 1540 b43_shm_write16(dev, B43_SHM_SHARED, 1541 B43_SHM_SH_TIMBPOS, tim_position); 1542 b43_shm_write16(dev, B43_SHM_SHARED, 1543 B43_SHM_SH_DTIMPER, dtim_period); 1544 break; 1545 } 1546 i += ie_len + 2; 1547 } 1548 if (!tim_found) { 1549 /* 1550 * If ucode wants to modify TIM do it behind the beacon, this 1551 * will happen, for example, when doing mesh networking. 1552 */ 1553 b43_shm_write16(dev, B43_SHM_SHARED, 1554 B43_SHM_SH_TIMBPOS, 1555 len + sizeof(struct b43_plcp_hdr6)); 1556 b43_shm_write16(dev, B43_SHM_SHARED, 1557 B43_SHM_SH_DTIMPER, 0); 1558 } 1559 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset); 1560} 1561 1562static void b43_upload_beacon0(struct b43_wldev *dev) 1563{ 1564 struct b43_wl *wl = dev->wl; 1565 1566 if (wl->beacon0_uploaded) 1567 return; 1568 b43_write_beacon_template(dev, 0x68, 0x18); 1569 wl->beacon0_uploaded = 1; 1570} 1571 1572static void b43_upload_beacon1(struct b43_wldev *dev) 1573{ 1574 struct b43_wl *wl = dev->wl; 1575 1576 if (wl->beacon1_uploaded) 1577 return; 1578 b43_write_beacon_template(dev, 0x468, 0x1A); 1579 wl->beacon1_uploaded = 1; 1580} 1581 1582static void handle_irq_beacon(struct b43_wldev *dev) 1583{ 1584 struct b43_wl *wl = dev->wl; 1585 u32 cmd, beacon0_valid, beacon1_valid; 1586 1587 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) && 1588 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 1589 return; 1590 1591 /* This is the bottom half of the asynchronous beacon update. */ 1592 1593 /* Ignore interrupt in the future. */ 1594 dev->irq_mask &= ~B43_IRQ_BEACON; 1595 1596 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1597 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID); 1598 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID); 1599 1600 /* Schedule interrupt manually, if busy. */ 1601 if (beacon0_valid && beacon1_valid) { 1602 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON); 1603 dev->irq_mask |= B43_IRQ_BEACON; 1604 return; 1605 } 1606 1607 if (unlikely(wl->beacon_templates_virgin)) { 1608 /* We never uploaded a beacon before. 1609 * Upload both templates now, but only mark one valid. */ 1610 wl->beacon_templates_virgin = 0; 1611 b43_upload_beacon0(dev); 1612 b43_upload_beacon1(dev); 1613 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1614 cmd |= B43_MACCMD_BEACON0_VALID; 1615 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1616 } else { 1617 if (!beacon0_valid) { 1618 b43_upload_beacon0(dev); 1619 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1620 cmd |= B43_MACCMD_BEACON0_VALID; 1621 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1622 } else if (!beacon1_valid) { 1623 b43_upload_beacon1(dev); 1624 cmd = b43_read32(dev, B43_MMIO_MACCMD); 1625 cmd |= B43_MACCMD_BEACON1_VALID; 1626 b43_write32(dev, B43_MMIO_MACCMD, cmd); 1627 } 1628 } 1629} 1630 1631static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev) 1632{ 1633 u32 old_irq_mask = dev->irq_mask; 1634 1635 /* update beacon right away or defer to irq */ 1636 handle_irq_beacon(dev); 1637 if (old_irq_mask != dev->irq_mask) { 1638 /* The handler updated the IRQ mask. */ 1639 B43_WARN_ON(!dev->irq_mask); 1640 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) { 1641 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1642 } else { 1643 /* Device interrupts are currently disabled. That means 1644 * we just ran the hardirq handler and scheduled the 1645 * IRQ thread. The thread will write the IRQ mask when 1646 * it finished, so there's nothing to do here. Writing 1647 * the mask _here_ would incorrectly re-enable IRQs. */ 1648 } 1649 } 1650} 1651 1652static void b43_beacon_update_trigger_work(struct work_struct *work) 1653{ 1654 struct b43_wl *wl = container_of(work, struct b43_wl, 1655 beacon_update_trigger); 1656 struct b43_wldev *dev; 1657 1658 mutex_lock(&wl->mutex); 1659 dev = wl->current_dev; 1660 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) { 1661 if (b43_bus_host_is_sdio(dev->dev)) { 1662 /* wl->mutex is enough. */ 1663 b43_do_beacon_update_trigger_work(dev); 1664 mmiowb(); 1665 } else { 1666 spin_lock_irq(&wl->hardirq_lock); 1667 b43_do_beacon_update_trigger_work(dev); 1668 mmiowb(); 1669 spin_unlock_irq(&wl->hardirq_lock); 1670 } 1671 } 1672 mutex_unlock(&wl->mutex); 1673} 1674 1675/* Asynchronously update the packet templates in template RAM. 1676 * Locking: Requires wl->mutex to be locked. */ 1677static void b43_update_templates(struct b43_wl *wl) 1678{ 1679 struct sk_buff *beacon; 1680 1681 /* This is the top half of the ansynchronous beacon update. 1682 * The bottom half is the beacon IRQ. 1683 * Beacon update must be asynchronous to avoid sending an 1684 * invalid beacon. This can happen for example, if the firmware 1685 * transmits a beacon while we are updating it. */ 1686 1687 /* We could modify the existing beacon and set the aid bit in 1688 * the TIM field, but that would probably require resizing and 1689 * moving of data within the beacon template. 1690 * Simply request a new beacon and let mac80211 do the hard work. */ 1691 beacon = ieee80211_beacon_get(wl->hw, wl->vif); 1692 if (unlikely(!beacon)) 1693 return; 1694 1695 if (wl->current_beacon) 1696 dev_kfree_skb_any(wl->current_beacon); 1697 wl->current_beacon = beacon; 1698 wl->beacon0_uploaded = 0; 1699 wl->beacon1_uploaded = 0; 1700 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger); 1701} 1702 1703static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int) 1704{ 1705 b43_time_lock(dev); 1706 if (dev->dev->core_rev >= 3) { 1707 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16)); 1708 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10)); 1709 } else { 1710 b43_write16(dev, 0x606, (beacon_int >> 6)); 1711 b43_write16(dev, 0x610, beacon_int); 1712 } 1713 b43_time_unlock(dev); 1714 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int); 1715} 1716 1717static void b43_handle_firmware_panic(struct b43_wldev *dev) 1718{ 1719 u16 reason; 1720 1721 /* Read the register that contains the reason code for the panic. */ 1722 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG); 1723 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason); 1724 1725 switch (reason) { 1726 default: 1727 b43dbg(dev->wl, "The panic reason is unknown.\n"); 1728 /* fallthrough */ 1729 case B43_FWPANIC_DIE: 1730 /* Do not restart the controller or firmware. 1731 * The device is nonfunctional from now on. 1732 * Restarting would result in this panic to trigger again, 1733 * so we avoid that recursion. */ 1734 break; 1735 case B43_FWPANIC_RESTART: 1736 b43_controller_restart(dev, "Microcode panic"); 1737 break; 1738 } 1739} 1740 1741static void handle_irq_ucode_debug(struct b43_wldev *dev) 1742{ 1743 unsigned int i, cnt; 1744 u16 reason, marker_id, marker_line; 1745 __le16 *buf; 1746 1747 /* The proprietary firmware doesn't have this IRQ. */ 1748 if (!dev->fw.opensource) 1749 return; 1750 1751 /* Read the register that contains the reason code for this IRQ. */ 1752 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG); 1753 1754 switch (reason) { 1755 case B43_DEBUGIRQ_PANIC: 1756 b43_handle_firmware_panic(dev); 1757 break; 1758 case B43_DEBUGIRQ_DUMP_SHM: 1759 if (!B43_DEBUG) 1760 break; /* Only with driver debugging enabled. */ 1761 buf = kmalloc(4096, GFP_ATOMIC); 1762 if (!buf) { 1763 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n"); 1764 goto out; 1765 } 1766 for (i = 0; i < 4096; i += 2) { 1767 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i); 1768 buf[i / 2] = cpu_to_le16(tmp); 1769 } 1770 b43info(dev->wl, "Shared memory dump:\n"); 1771 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET, 1772 16, 2, buf, 4096, 1); 1773 kfree(buf); 1774 break; 1775 case B43_DEBUGIRQ_DUMP_REGS: 1776 if (!B43_DEBUG) 1777 break; /* Only with driver debugging enabled. */ 1778 b43info(dev->wl, "Microcode register dump:\n"); 1779 for (i = 0, cnt = 0; i < 64; i++) { 1780 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i); 1781 if (cnt == 0) 1782 printk(KERN_INFO); 1783 printk("r%02u: 0x%04X ", i, tmp); 1784 cnt++; 1785 if (cnt == 6) { 1786 printk("\n"); 1787 cnt = 0; 1788 } 1789 } 1790 printk("\n"); 1791 break; 1792 case B43_DEBUGIRQ_MARKER: 1793 if (!B43_DEBUG) 1794 break; /* Only with driver debugging enabled. */ 1795 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH, 1796 B43_MARKER_ID_REG); 1797 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH, 1798 B43_MARKER_LINE_REG); 1799 b43info(dev->wl, "The firmware just executed the MARKER(%u) " 1800 "at line number %u\n", 1801 marker_id, marker_line); 1802 break; 1803 default: 1804 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n", 1805 reason); 1806 } 1807out: 1808 /* Acknowledge the debug-IRQ, so the firmware can continue. */ 1809 b43_shm_write16(dev, B43_SHM_SCRATCH, 1810 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK); 1811} 1812 1813static void b43_do_interrupt_thread(struct b43_wldev *dev) 1814{ 1815 u32 reason; 1816 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)]; 1817 u32 merged_dma_reason = 0; 1818 int i; 1819 1820 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 1821 return; 1822 1823 reason = dev->irq_reason; 1824 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) { 1825 dma_reason[i] = dev->dma_reason[i]; 1826 merged_dma_reason |= dma_reason[i]; 1827 } 1828 1829 if (unlikely(reason & B43_IRQ_MAC_TXERR)) 1830 b43err(dev->wl, "MAC transmission error\n"); 1831 1832 if (unlikely(reason & B43_IRQ_PHY_TXERR)) { 1833 b43err(dev->wl, "PHY transmission error\n"); 1834 rmb(); 1835 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) { 1836 atomic_set(&dev->phy.txerr_cnt, 1837 B43_PHY_TX_BADNESS_LIMIT); 1838 b43err(dev->wl, "Too many PHY TX errors, " 1839 "restarting the controller\n"); 1840 b43_controller_restart(dev, "PHY TX errors"); 1841 } 1842 } 1843 1844 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK | 1845 B43_DMAIRQ_NONFATALMASK))) { 1846 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) { 1847 b43err(dev->wl, "Fatal DMA error: " 1848 "0x%08X, 0x%08X, 0x%08X, " 1849 "0x%08X, 0x%08X, 0x%08X\n", 1850 dma_reason[0], dma_reason[1], 1851 dma_reason[2], dma_reason[3], 1852 dma_reason[4], dma_reason[5]); 1853 b43err(dev->wl, "This device does not support DMA " 1854 "on your system. It will now be switched to PIO.\n"); 1855 /* Fall back to PIO transfers if we get fatal DMA errors! */ 1856 dev->use_pio = 1; 1857 b43_controller_restart(dev, "DMA error"); 1858 return; 1859 } 1860 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) { 1861 b43err(dev->wl, "DMA error: " 1862 "0x%08X, 0x%08X, 0x%08X, " 1863 "0x%08X, 0x%08X, 0x%08X\n", 1864 dma_reason[0], dma_reason[1], 1865 dma_reason[2], dma_reason[3], 1866 dma_reason[4], dma_reason[5]); 1867 } 1868 } 1869 1870 if (unlikely(reason & B43_IRQ_UCODE_DEBUG)) 1871 handle_irq_ucode_debug(dev); 1872 if (reason & B43_IRQ_TBTT_INDI) 1873 handle_irq_tbtt_indication(dev); 1874 if (reason & B43_IRQ_ATIM_END) 1875 handle_irq_atim_end(dev); 1876 if (reason & B43_IRQ_BEACON) 1877 handle_irq_beacon(dev); 1878 if (reason & B43_IRQ_PMQ) 1879 handle_irq_pmq(dev); 1880 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) 1881 ;/* TODO */ 1882 if (reason & B43_IRQ_NOISESAMPLE_OK) 1883 handle_irq_noise(dev); 1884 1885 /* Check the DMA reason registers for received data. */ 1886 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) { 1887 if (b43_using_pio_transfers(dev)) 1888 b43_pio_rx(dev->pio.rx_queue); 1889 else 1890 b43_dma_rx(dev->dma.rx_ring); 1891 } 1892 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE); 1893 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE); 1894 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE); 1895 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE); 1896 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE); 1897 1898 if (reason & B43_IRQ_TX_OK) 1899 handle_irq_transmit_status(dev); 1900 1901 /* Re-enable interrupts on the device by restoring the current interrupt mask. */ 1902 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 1903 1904#if B43_DEBUG 1905 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 1906 dev->irq_count++; 1907 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 1908 if (reason & (1 << i)) 1909 dev->irq_bit_count[i]++; 1910 } 1911 } 1912#endif 1913} 1914 1915/* Interrupt thread handler. Handles device interrupts in thread context. */ 1916static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id) 1917{ 1918 struct b43_wldev *dev = dev_id; 1919 1920 mutex_lock(&dev->wl->mutex); 1921 b43_do_interrupt_thread(dev); 1922 mmiowb(); 1923 mutex_unlock(&dev->wl->mutex); 1924 1925 return IRQ_HANDLED; 1926} 1927 1928static irqreturn_t b43_do_interrupt(struct b43_wldev *dev) 1929{ 1930 u32 reason; 1931 1932 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses. 1933 * On SDIO, this runs under wl->mutex. */ 1934 1935 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 1936 if (reason == 0xffffffff) /* shared IRQ */ 1937 return IRQ_NONE; 1938 reason &= dev->irq_mask; 1939 if (!reason) 1940 return IRQ_HANDLED; 1941 1942 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON) 1943 & 0x0001DC00; 1944 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON) 1945 & 0x0000DC00; 1946 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON) 1947 & 0x0000DC00; 1948 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON) 1949 & 0x0001DC00; 1950 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON) 1951 & 0x0000DC00; 1952/* Unused ring 1953 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON) 1954 & 0x0000DC00; 1955*/ 1956 1957 /* ACK the interrupt. */ 1958 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason); 1959 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]); 1960 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]); 1961 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]); 1962 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]); 1963 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]); 1964/* Unused ring 1965 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]); 1966*/ 1967 1968 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */ 1969 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 1970 /* Save the reason bitmasks for the IRQ thread handler. */ 1971 dev->irq_reason = reason; 1972 1973 return IRQ_WAKE_THREAD; 1974} 1975 1976/* Interrupt handler top-half. This runs with interrupts disabled. */ 1977static irqreturn_t b43_interrupt_handler(int irq, void *dev_id) 1978{ 1979 struct b43_wldev *dev = dev_id; 1980 irqreturn_t ret; 1981 1982 if (unlikely(b43_status(dev) < B43_STAT_STARTED)) 1983 return IRQ_NONE; 1984 1985 spin_lock(&dev->wl->hardirq_lock); 1986 ret = b43_do_interrupt(dev); 1987 mmiowb(); 1988 spin_unlock(&dev->wl->hardirq_lock); 1989 1990 return ret; 1991} 1992 1993/* SDIO interrupt handler. This runs in process context. */ 1994static void b43_sdio_interrupt_handler(struct b43_wldev *dev) 1995{ 1996 struct b43_wl *wl = dev->wl; 1997 irqreturn_t ret; 1998 1999 mutex_lock(&wl->mutex); 2000 2001 ret = b43_do_interrupt(dev); 2002 if (ret == IRQ_WAKE_THREAD) 2003 b43_do_interrupt_thread(dev); 2004 2005 mutex_unlock(&wl->mutex); 2006} 2007 2008void b43_do_release_fw(struct b43_firmware_file *fw) 2009{ 2010 release_firmware(fw->data); 2011 fw->data = NULL; 2012 fw->filename = NULL; 2013} 2014 2015static void b43_release_firmware(struct b43_wldev *dev) 2016{ 2017 b43_do_release_fw(&dev->fw.ucode); 2018 b43_do_release_fw(&dev->fw.pcm); 2019 b43_do_release_fw(&dev->fw.initvals); 2020 b43_do_release_fw(&dev->fw.initvals_band); 2021} 2022 2023static void b43_print_fw_helptext(struct b43_wl *wl, bool error) 2024{ 2025 const char text[] = 2026 "You must go to " \ 2027 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \ 2028 "and download the correct firmware for this driver version. " \ 2029 "Please carefully read all instructions on this website.\n"; 2030 2031 if (error) 2032 b43err(wl, text); 2033 else 2034 b43warn(wl, text); 2035} 2036 2037int b43_do_request_fw(struct b43_request_fw_context *ctx, 2038 const char *name, 2039 struct b43_firmware_file *fw) 2040{ 2041 const struct firmware *blob; 2042 struct b43_fw_header *hdr; 2043 u32 size; 2044 int err; 2045 2046 if (!name) { 2047 /* Don't fetch anything. Free possibly cached firmware. */ 2048 /* FIXME: We should probably keep it anyway, to save some headache 2049 * on suspend/resume with multiband devices. */ 2050 b43_do_release_fw(fw); 2051 return 0; 2052 } 2053 if (fw->filename) { 2054 if ((fw->type == ctx->req_type) && 2055 (strcmp(fw->filename, name) == 0)) 2056 return 0; /* Already have this fw. */ 2057 /* Free the cached firmware first. */ 2058 /* FIXME: We should probably do this later after we successfully 2059 * got the new fw. This could reduce headache with multiband devices. 2060 * We could also redesign this to cache the firmware for all possible 2061 * bands all the time. */ 2062 b43_do_release_fw(fw); 2063 } 2064 2065 switch (ctx->req_type) { 2066 case B43_FWTYPE_PROPRIETARY: 2067 snprintf(ctx->fwname, sizeof(ctx->fwname), 2068 "b43%s/%s.fw", 2069 modparam_fwpostfix, name); 2070 break; 2071 case B43_FWTYPE_OPENSOURCE: 2072 snprintf(ctx->fwname, sizeof(ctx->fwname), 2073 "b43-open%s/%s.fw", 2074 modparam_fwpostfix, name); 2075 break; 2076 default: 2077 B43_WARN_ON(1); 2078 return -ENOSYS; 2079 } 2080 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev); 2081 if (err == -ENOENT) { 2082 snprintf(ctx->errors[ctx->req_type], 2083 sizeof(ctx->errors[ctx->req_type]), 2084 "Firmware file \"%s\" not found\n", ctx->fwname); 2085 return err; 2086 } else if (err) { 2087 snprintf(ctx->errors[ctx->req_type], 2088 sizeof(ctx->errors[ctx->req_type]), 2089 "Firmware file \"%s\" request failed (err=%d)\n", 2090 ctx->fwname, err); 2091 return err; 2092 } 2093 if (blob->size < sizeof(struct b43_fw_header)) 2094 goto err_format; 2095 hdr = (struct b43_fw_header *)(blob->data); 2096 switch (hdr->type) { 2097 case B43_FW_TYPE_UCODE: 2098 case B43_FW_TYPE_PCM: 2099 size = be32_to_cpu(hdr->size); 2100 if (size != blob->size - sizeof(struct b43_fw_header)) 2101 goto err_format; 2102 /* fallthrough */ 2103 case B43_FW_TYPE_IV: 2104 if (hdr->ver != 1) 2105 goto err_format; 2106 break; 2107 default: 2108 goto err_format; 2109 } 2110 2111 fw->data = blob; 2112 fw->filename = name; 2113 fw->type = ctx->req_type; 2114 2115 return 0; 2116 2117err_format: 2118 snprintf(ctx->errors[ctx->req_type], 2119 sizeof(ctx->errors[ctx->req_type]), 2120 "Firmware file \"%s\" format error.\n", ctx->fwname); 2121 release_firmware(blob); 2122 2123 return -EPROTO; 2124} 2125 2126static int b43_try_request_fw(struct b43_request_fw_context *ctx) 2127{ 2128 struct b43_wldev *dev = ctx->dev; 2129 struct b43_firmware *fw = &ctx->dev->fw; 2130 const u8 rev = ctx->dev->dev->core_rev; 2131 const char *filename; 2132 u32 tmshigh; 2133 int err; 2134 2135 /* Get microcode */ 2136 if ((rev >= 5) && (rev <= 10)) 2137 filename = "ucode5"; 2138 else if ((rev >= 11) && (rev <= 12)) 2139 filename = "ucode11"; 2140 else if (rev == 13) 2141 filename = "ucode13"; 2142 else if (rev == 14) 2143 filename = "ucode14"; 2144 else if (rev == 15) 2145 filename = "ucode15"; 2146 else if ((rev >= 16) && (rev <= 20)) 2147 filename = "ucode16_mimo"; 2148 else 2149 goto err_no_ucode; 2150 err = b43_do_request_fw(ctx, filename, &fw->ucode); 2151 if (err) 2152 goto err_load; 2153 2154 /* Get PCM code */ 2155 if ((rev >= 5) && (rev <= 10)) 2156 filename = "pcm5"; 2157 else if (rev >= 11) 2158 filename = NULL; 2159 else 2160 goto err_no_pcm; 2161 fw->pcm_request_failed = 0; 2162 err = b43_do_request_fw(ctx, filename, &fw->pcm); 2163 if (err == -ENOENT) { 2164 /* We did not find a PCM file? Not fatal, but 2165 * core rev <= 10 must do without hwcrypto then. */ 2166 fw->pcm_request_failed = 1; 2167 } else if (err) 2168 goto err_load; 2169 2170 /* Get initvals */ 2171 switch (dev->phy.type) { 2172 case B43_PHYTYPE_A: 2173 if ((rev >= 5) && (rev <= 10)) { 2174 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH); 2175 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2176 filename = "a0g1initvals5"; 2177 else 2178 filename = "a0g0initvals5"; 2179 } else 2180 goto err_no_initvals; 2181 break; 2182 case B43_PHYTYPE_G: 2183 if ((rev >= 5) && (rev <= 10)) 2184 filename = "b0g0initvals5"; 2185 else if (rev >= 13) 2186 filename = "b0g0initvals13"; 2187 else 2188 goto err_no_initvals; 2189 break; 2190 case B43_PHYTYPE_N: 2191 if (rev >= 16) 2192 filename = "n0initvals16"; 2193 else if ((rev >= 11) && (rev <= 12)) 2194 filename = "n0initvals11"; 2195 else 2196 goto err_no_initvals; 2197 break; 2198 case B43_PHYTYPE_LP: 2199 if (rev == 13) 2200 filename = "lp0initvals13"; 2201 else if (rev == 14) 2202 filename = "lp0initvals14"; 2203 else if (rev >= 15) 2204 filename = "lp0initvals15"; 2205 else 2206 goto err_no_initvals; 2207 break; 2208 default: 2209 goto err_no_initvals; 2210 } 2211 err = b43_do_request_fw(ctx, filename, &fw->initvals); 2212 if (err) 2213 goto err_load; 2214 2215 /* Get bandswitch initvals */ 2216 switch (dev->phy.type) { 2217 case B43_PHYTYPE_A: 2218 if ((rev >= 5) && (rev <= 10)) { 2219 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH); 2220 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY) 2221 filename = "a0g1bsinitvals5"; 2222 else 2223 filename = "a0g0bsinitvals5"; 2224 } else if (rev >= 11) 2225 filename = NULL; 2226 else 2227 goto err_no_initvals; 2228 break; 2229 case B43_PHYTYPE_G: 2230 if ((rev >= 5) && (rev <= 10)) 2231 filename = "b0g0bsinitvals5"; 2232 else if (rev >= 11) 2233 filename = NULL; 2234 else 2235 goto err_no_initvals; 2236 break; 2237 case B43_PHYTYPE_N: 2238 if (rev >= 16) 2239 filename = "n0bsinitvals16"; 2240 else if ((rev >= 11) && (rev <= 12)) 2241 filename = "n0bsinitvals11"; 2242 else 2243 goto err_no_initvals; 2244 break; 2245 case B43_PHYTYPE_LP: 2246 if (rev == 13) 2247 filename = "lp0bsinitvals13"; 2248 else if (rev == 14) 2249 filename = "lp0bsinitvals14"; 2250 else if (rev >= 15) 2251 filename = "lp0bsinitvals15"; 2252 else 2253 goto err_no_initvals; 2254 break; 2255 default: 2256 goto err_no_initvals; 2257 } 2258 err = b43_do_request_fw(ctx, filename, &fw->initvals_band); 2259 if (err) 2260 goto err_load; 2261 2262 return 0; 2263 2264err_no_ucode: 2265 err = ctx->fatal_failure = -EOPNOTSUPP; 2266 b43err(dev->wl, "The driver does not know which firmware (ucode) " 2267 "is required for your device (wl-core rev %u)\n", rev); 2268 goto error; 2269 2270err_no_pcm: 2271 err = ctx->fatal_failure = -EOPNOTSUPP; 2272 b43err(dev->wl, "The driver does not know which firmware (PCM) " 2273 "is required for your device (wl-core rev %u)\n", rev); 2274 goto error; 2275 2276err_no_initvals: 2277 err = ctx->fatal_failure = -EOPNOTSUPP; 2278 b43err(dev->wl, "The driver does not know which firmware (initvals) " 2279 "is required for your device (wl-core rev %u)\n", rev); 2280 goto error; 2281 2282err_load: 2283 /* We failed to load this firmware image. The error message 2284 * already is in ctx->errors. Return and let our caller decide 2285 * what to do. */ 2286 goto error; 2287 2288error: 2289 b43_release_firmware(dev); 2290 return err; 2291} 2292 2293static int b43_request_firmware(struct b43_wldev *dev) 2294{ 2295 struct b43_request_fw_context *ctx; 2296 unsigned int i; 2297 int err; 2298 const char *errmsg; 2299 2300 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); 2301 if (!ctx) 2302 return -ENOMEM; 2303 ctx->dev = dev; 2304 2305 ctx->req_type = B43_FWTYPE_PROPRIETARY; 2306 err = b43_try_request_fw(ctx); 2307 if (!err) 2308 goto out; /* Successfully loaded it. */ 2309 err = ctx->fatal_failure; 2310 if (err) 2311 goto out; 2312 2313 ctx->req_type = B43_FWTYPE_OPENSOURCE; 2314 err = b43_try_request_fw(ctx); 2315 if (!err) 2316 goto out; /* Successfully loaded it. */ 2317 err = ctx->fatal_failure; 2318 if (err) 2319 goto out; 2320 2321 /* Could not find a usable firmware. Print the errors. */ 2322 for (i = 0; i < B43_NR_FWTYPES; i++) { 2323 errmsg = ctx->errors[i]; 2324 if (strlen(errmsg)) 2325 b43err(dev->wl, errmsg); 2326 } 2327 b43_print_fw_helptext(dev->wl, 1); 2328 err = -ENOENT; 2329 2330out: 2331 kfree(ctx); 2332 return err; 2333} 2334 2335static int b43_upload_microcode(struct b43_wldev *dev) 2336{ 2337 struct wiphy *wiphy = dev->wl->hw->wiphy; 2338 const size_t hdr_len = sizeof(struct b43_fw_header); 2339 const __be32 *data; 2340 unsigned int i, len; 2341 u16 fwrev, fwpatch, fwdate, fwtime; 2342 u32 tmp, macctl; 2343 int err = 0; 2344 2345 /* Jump the microcode PSM to offset 0 */ 2346 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2347 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN); 2348 macctl |= B43_MACCTL_PSM_JMP0; 2349 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2350 /* Zero out all microcode PSM registers and shared memory. */ 2351 for (i = 0; i < 64; i++) 2352 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0); 2353 for (i = 0; i < 4096; i += 2) 2354 b43_shm_write16(dev, B43_SHM_SHARED, i, 0); 2355 2356 /* Upload Microcode. */ 2357 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len); 2358 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32); 2359 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000); 2360 for (i = 0; i < len; i++) { 2361 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2362 udelay(10); 2363 } 2364 2365 if (dev->fw.pcm.data) { 2366 /* Upload PCM data. */ 2367 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len); 2368 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32); 2369 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA); 2370 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000); 2371 /* No need for autoinc bit in SHM_HW */ 2372 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB); 2373 for (i = 0; i < len; i++) { 2374 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i])); 2375 udelay(10); 2376 } 2377 } 2378 2379 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL); 2380 2381 /* Start the microcode PSM */ 2382 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2383 macctl &= ~B43_MACCTL_PSM_JMP0; 2384 macctl |= B43_MACCTL_PSM_RUN; 2385 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2386 2387 /* Wait for the microcode to load and respond */ 2388 i = 0; 2389 while (1) { 2390 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2391 if (tmp == B43_IRQ_MAC_SUSPENDED) 2392 break; 2393 i++; 2394 if (i >= 20) { 2395 b43err(dev->wl, "Microcode not responding\n"); 2396 b43_print_fw_helptext(dev->wl, 1); 2397 err = -ENODEV; 2398 goto error; 2399 } 2400 msleep(50); 2401 } 2402 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */ 2403 2404 /* Get and check the revisions. */ 2405 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV); 2406 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH); 2407 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE); 2408 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME); 2409 2410 if (fwrev <= 0x128) { 2411 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from " 2412 "binary drivers older than version 4.x is unsupported. " 2413 "You must upgrade your firmware files.\n"); 2414 b43_print_fw_helptext(dev->wl, 1); 2415 err = -EOPNOTSUPP; 2416 goto error; 2417 } 2418 dev->fw.rev = fwrev; 2419 dev->fw.patch = fwpatch; 2420 dev->fw.opensource = (fwdate == 0xFFFF); 2421 2422 /* Default to use-all-queues. */ 2423 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues; 2424 dev->qos_enabled = !!modparam_qos; 2425 /* Default to firmware/hardware crypto acceleration. */ 2426 dev->hwcrypto_enabled = 1; 2427 2428 if (dev->fw.opensource) { 2429 u16 fwcapa; 2430 2431 /* Patchlevel info is encoded in the "time" field. */ 2432 dev->fw.patch = fwtime; 2433 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n", 2434 dev->fw.rev, dev->fw.patch); 2435 2436 fwcapa = b43_fwcapa_read(dev); 2437 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) { 2438 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n"); 2439 /* Disable hardware crypto and fall back to software crypto. */ 2440 dev->hwcrypto_enabled = 0; 2441 } 2442 if (!(fwcapa & B43_FWCAPA_QOS)) { 2443 b43info(dev->wl, "QoS not supported by firmware\n"); 2444 /* Disable QoS. Tweak hw->queues to 1. It will be restored before 2445 * ieee80211_unregister to make sure the networking core can 2446 * properly free possible resources. */ 2447 dev->wl->hw->queues = 1; 2448 dev->qos_enabled = 0; 2449 } 2450 } else { 2451 b43info(dev->wl, "Loading firmware version %u.%u " 2452 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n", 2453 fwrev, fwpatch, 2454 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF, 2455 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F); 2456 if (dev->fw.pcm_request_failed) { 2457 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. " 2458 "Hardware accelerated cryptography is disabled.\n"); 2459 b43_print_fw_helptext(dev->wl, 0); 2460 } 2461 } 2462 2463 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u", 2464 dev->fw.rev, dev->fw.patch); 2465 wiphy->hw_version = dev->dev->core_id; 2466 2467 if (b43_is_old_txhdr_format(dev)) { 2468 /* We're over the deadline, but we keep support for old fw 2469 * until it turns out to be in major conflict with something new. */ 2470 b43warn(dev->wl, "You are using an old firmware image. " 2471 "Support for old firmware will be removed soon " 2472 "(official deadline was July 2008).\n"); 2473 b43_print_fw_helptext(dev->wl, 0); 2474 } 2475 2476 return 0; 2477 2478error: 2479 macctl = b43_read32(dev, B43_MMIO_MACCTL); 2480 macctl &= ~B43_MACCTL_PSM_RUN; 2481 macctl |= B43_MACCTL_PSM_JMP0; 2482 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2483 2484 return err; 2485} 2486 2487static int b43_write_initvals(struct b43_wldev *dev, 2488 const struct b43_iv *ivals, 2489 size_t count, 2490 size_t array_size) 2491{ 2492 const struct b43_iv *iv; 2493 u16 offset; 2494 size_t i; 2495 bool bit32; 2496 2497 BUILD_BUG_ON(sizeof(struct b43_iv) != 6); 2498 iv = ivals; 2499 for (i = 0; i < count; i++) { 2500 if (array_size < sizeof(iv->offset_size)) 2501 goto err_format; 2502 array_size -= sizeof(iv->offset_size); 2503 offset = be16_to_cpu(iv->offset_size); 2504 bit32 = !!(offset & B43_IV_32BIT); 2505 offset &= B43_IV_OFFSET_MASK; 2506 if (offset >= 0x1000) 2507 goto err_format; 2508 if (bit32) { 2509 u32 value; 2510 2511 if (array_size < sizeof(iv->data.d32)) 2512 goto err_format; 2513 array_size -= sizeof(iv->data.d32); 2514 2515 value = get_unaligned_be32(&iv->data.d32); 2516 b43_write32(dev, offset, value); 2517 2518 iv = (const struct b43_iv *)((const uint8_t *)iv + 2519 sizeof(__be16) + 2520 sizeof(__be32)); 2521 } else { 2522 u16 value; 2523 2524 if (array_size < sizeof(iv->data.d16)) 2525 goto err_format; 2526 array_size -= sizeof(iv->data.d16); 2527 2528 value = be16_to_cpu(iv->data.d16); 2529 b43_write16(dev, offset, value); 2530 2531 iv = (const struct b43_iv *)((const uint8_t *)iv + 2532 sizeof(__be16) + 2533 sizeof(__be16)); 2534 } 2535 } 2536 if (array_size) 2537 goto err_format; 2538 2539 return 0; 2540 2541err_format: 2542 b43err(dev->wl, "Initial Values Firmware file-format error.\n"); 2543 b43_print_fw_helptext(dev->wl, 1); 2544 2545 return -EPROTO; 2546} 2547 2548static int b43_upload_initvals(struct b43_wldev *dev) 2549{ 2550 const size_t hdr_len = sizeof(struct b43_fw_header); 2551 const struct b43_fw_header *hdr; 2552 struct b43_firmware *fw = &dev->fw; 2553 const struct b43_iv *ivals; 2554 size_t count; 2555 int err; 2556 2557 hdr = (const struct b43_fw_header *)(fw->initvals.data->data); 2558 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len); 2559 count = be32_to_cpu(hdr->size); 2560 err = b43_write_initvals(dev, ivals, count, 2561 fw->initvals.data->size - hdr_len); 2562 if (err) 2563 goto out; 2564 if (fw->initvals_band.data) { 2565 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data); 2566 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len); 2567 count = be32_to_cpu(hdr->size); 2568 err = b43_write_initvals(dev, ivals, count, 2569 fw->initvals_band.data->size - hdr_len); 2570 if (err) 2571 goto out; 2572 } 2573out: 2574 2575 return err; 2576} 2577 2578/* Initialize the GPIOs 2579 * http://bcm-specs.sipsolutions.net/GPIO 2580 */ 2581static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev) 2582{ 2583 struct ssb_bus *bus = dev->dev->sdev->bus; 2584 2585#ifdef CONFIG_SSB_DRIVER_PCICORE 2586 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev); 2587#else 2588 return bus->chipco.dev; 2589#endif 2590} 2591 2592static int b43_gpio_init(struct b43_wldev *dev) 2593{ 2594 struct ssb_device *gpiodev; 2595 u32 mask, set; 2596 2597 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2598 & ~B43_MACCTL_GPOUTSMSK); 2599 2600 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK) 2601 | 0x000F); 2602 2603 mask = 0x0000001F; 2604 set = 0x0000000F; 2605 if (dev->dev->chip_id == 0x4301) { 2606 mask |= 0x0060; 2607 set |= 0x0060; 2608 } 2609 if (0 /* FIXME: conditional unknown */ ) { 2610 b43_write16(dev, B43_MMIO_GPIO_MASK, 2611 b43_read16(dev, B43_MMIO_GPIO_MASK) 2612 | 0x0100); 2613 mask |= 0x0180; 2614 set |= 0x0180; 2615 } 2616 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) { 2617 b43_write16(dev, B43_MMIO_GPIO_MASK, 2618 b43_read16(dev, B43_MMIO_GPIO_MASK) 2619 | 0x0200); 2620 mask |= 0x0200; 2621 set |= 0x0200; 2622 } 2623 if (dev->dev->core_rev >= 2) 2624 mask |= 0x0010; /* FIXME: This is redundant. */ 2625 2626 gpiodev = b43_ssb_gpio_dev(dev); 2627 if (gpiodev) 2628 ssb_write32(gpiodev, B43_GPIO_CONTROL, 2629 (ssb_read32(gpiodev, B43_GPIO_CONTROL) 2630 & mask) | set); 2631 2632 return 0; 2633} 2634 2635/* Turn off all GPIO stuff. Call this on module unload, for example. */ 2636static void b43_gpio_cleanup(struct b43_wldev *dev) 2637{ 2638 struct ssb_device *gpiodev; 2639 2640 gpiodev = b43_ssb_gpio_dev(dev); 2641 if (gpiodev) 2642 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0); 2643} 2644 2645/* http://bcm-specs.sipsolutions.net/EnableMac */ 2646void b43_mac_enable(struct b43_wldev *dev) 2647{ 2648 if (b43_debug(dev, B43_DBG_FIRMWARE)) { 2649 u16 fwstate; 2650 2651 fwstate = b43_shm_read16(dev, B43_SHM_SHARED, 2652 B43_SHM_SH_UCODESTAT); 2653 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) && 2654 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) { 2655 b43err(dev->wl, "b43_mac_enable(): The firmware " 2656 "should be suspended, but current state is %u\n", 2657 fwstate); 2658 } 2659 } 2660 2661 dev->mac_suspended--; 2662 B43_WARN_ON(dev->mac_suspended < 0); 2663 if (dev->mac_suspended == 0) { 2664 b43_write32(dev, B43_MMIO_MACCTL, 2665 b43_read32(dev, B43_MMIO_MACCTL) 2666 | B43_MACCTL_ENABLED); 2667 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 2668 B43_IRQ_MAC_SUSPENDED); 2669 /* Commit writes */ 2670 b43_read32(dev, B43_MMIO_MACCTL); 2671 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2672 b43_power_saving_ctl_bits(dev, 0); 2673 } 2674} 2675 2676/* http://bcm-specs.sipsolutions.net/SuspendMAC */ 2677void b43_mac_suspend(struct b43_wldev *dev) 2678{ 2679 int i; 2680 u32 tmp; 2681 2682 might_sleep(); 2683 B43_WARN_ON(dev->mac_suspended < 0); 2684 2685 if (dev->mac_suspended == 0) { 2686 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE); 2687 b43_write32(dev, B43_MMIO_MACCTL, 2688 b43_read32(dev, B43_MMIO_MACCTL) 2689 & ~B43_MACCTL_ENABLED); 2690 /* force pci to flush the write */ 2691 b43_read32(dev, B43_MMIO_MACCTL); 2692 for (i = 35; i; i--) { 2693 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2694 if (tmp & B43_IRQ_MAC_SUSPENDED) 2695 goto out; 2696 udelay(10); 2697 } 2698 /* Hm, it seems this will take some time. Use msleep(). */ 2699 for (i = 40; i; i--) { 2700 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); 2701 if (tmp & B43_IRQ_MAC_SUSPENDED) 2702 goto out; 2703 msleep(1); 2704 } 2705 b43err(dev->wl, "MAC suspend failed\n"); 2706 } 2707out: 2708 dev->mac_suspended++; 2709} 2710 2711/* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */ 2712void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on) 2713{ 2714 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW); 2715 if (on) 2716 tmslow |= B43_TMSLOW_MACPHYCLKEN; 2717 else 2718 tmslow &= ~B43_TMSLOW_MACPHYCLKEN; 2719 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow); 2720} 2721 2722static void b43_adjust_opmode(struct b43_wldev *dev) 2723{ 2724 struct b43_wl *wl = dev->wl; 2725 u32 ctl; 2726 u16 cfp_pretbtt; 2727 2728 ctl = b43_read32(dev, B43_MMIO_MACCTL); 2729 /* Reset status to STA infrastructure mode. */ 2730 ctl &= ~B43_MACCTL_AP; 2731 ctl &= ~B43_MACCTL_KEEP_CTL; 2732 ctl &= ~B43_MACCTL_KEEP_BADPLCP; 2733 ctl &= ~B43_MACCTL_KEEP_BAD; 2734 ctl &= ~B43_MACCTL_PROMISC; 2735 ctl &= ~B43_MACCTL_BEACPROMISC; 2736 ctl |= B43_MACCTL_INFRA; 2737 2738 if (b43_is_mode(wl, NL80211_IFTYPE_AP) || 2739 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) 2740 ctl |= B43_MACCTL_AP; 2741 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) 2742 ctl &= ~B43_MACCTL_INFRA; 2743 2744 if (wl->filter_flags & FIF_CONTROL) 2745 ctl |= B43_MACCTL_KEEP_CTL; 2746 if (wl->filter_flags & FIF_FCSFAIL) 2747 ctl |= B43_MACCTL_KEEP_BAD; 2748 if (wl->filter_flags & FIF_PLCPFAIL) 2749 ctl |= B43_MACCTL_KEEP_BADPLCP; 2750 if (wl->filter_flags & FIF_PROMISC_IN_BSS) 2751 ctl |= B43_MACCTL_PROMISC; 2752 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC) 2753 ctl |= B43_MACCTL_BEACPROMISC; 2754 2755 /* Workaround: On old hardware the HW-MAC-address-filter 2756 * doesn't work properly, so always run promisc in filter 2757 * it in software. */ 2758 if (dev->dev->core_rev <= 4) 2759 ctl |= B43_MACCTL_PROMISC; 2760 2761 b43_write32(dev, B43_MMIO_MACCTL, ctl); 2762 2763 cfp_pretbtt = 2; 2764 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) { 2765 if (dev->dev->chip_id == 0x4306 && 2766 dev->dev->chip_rev == 3) 2767 cfp_pretbtt = 100; 2768 else 2769 cfp_pretbtt = 50; 2770 } 2771 b43_write16(dev, 0x612, cfp_pretbtt); 2772 2773 /* FIXME: We don't currently implement the PMQ mechanism, 2774 * so always disable it. If we want to implement PMQ, 2775 * we need to enable it here (clear DISCPMQ) in AP mode. 2776 */ 2777 if (0 /* ctl & B43_MACCTL_AP */) { 2778 b43_write32(dev, B43_MMIO_MACCTL, 2779 b43_read32(dev, B43_MMIO_MACCTL) 2780 & ~B43_MACCTL_DISCPMQ); 2781 } else { 2782 b43_write32(dev, B43_MMIO_MACCTL, 2783 b43_read32(dev, B43_MMIO_MACCTL) 2784 | B43_MACCTL_DISCPMQ); 2785 } 2786} 2787 2788static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm) 2789{ 2790 u16 offset; 2791 2792 if (is_ofdm) { 2793 offset = 0x480; 2794 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2; 2795 } else { 2796 offset = 0x4C0; 2797 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2; 2798 } 2799 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20, 2800 b43_shm_read16(dev, B43_SHM_SHARED, offset)); 2801} 2802 2803static void b43_rate_memory_init(struct b43_wldev *dev) 2804{ 2805 switch (dev->phy.type) { 2806 case B43_PHYTYPE_A: 2807 case B43_PHYTYPE_G: 2808 case B43_PHYTYPE_N: 2809 case B43_PHYTYPE_LP: 2810 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1); 2811 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1); 2812 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1); 2813 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1); 2814 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1); 2815 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1); 2816 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1); 2817 if (dev->phy.type == B43_PHYTYPE_A) 2818 break; 2819 /* fallthrough */ 2820 case B43_PHYTYPE_B: 2821 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0); 2822 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0); 2823 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0); 2824 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0); 2825 break; 2826 default: 2827 B43_WARN_ON(1); 2828 } 2829} 2830 2831/* Set the default values for the PHY TX Control Words. */ 2832static void b43_set_phytxctl_defaults(struct b43_wldev *dev) 2833{ 2834 u16 ctl = 0; 2835 2836 ctl |= B43_TXH_PHY_ENC_CCK; 2837 ctl |= B43_TXH_PHY_ANT01AUTO; 2838 ctl |= B43_TXH_PHY_TXPWR; 2839 2840 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl); 2841 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl); 2842 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl); 2843} 2844 2845/* Set the TX-Antenna for management frames sent by firmware. */ 2846static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna) 2847{ 2848 u16 ant; 2849 u16 tmp; 2850 2851 ant = b43_antenna_to_phyctl(antenna); 2852 2853 /* For ACK/CTS */ 2854 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL); 2855 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2856 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp); 2857 /* For Probe Resposes */ 2858 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL); 2859 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant; 2860 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp); 2861} 2862 2863/* This is the opposite of b43_chip_init() */ 2864static void b43_chip_exit(struct b43_wldev *dev) 2865{ 2866 b43_phy_exit(dev); 2867 b43_gpio_cleanup(dev); 2868 /* firmware is released later */ 2869} 2870 2871/* Initialize the chip 2872 * http://bcm-specs.sipsolutions.net/ChipInit 2873 */ 2874static int b43_chip_init(struct b43_wldev *dev) 2875{ 2876 struct b43_phy *phy = &dev->phy; 2877 int err; 2878 u32 macctl; 2879 u16 value16; 2880 2881 /* Initialize the MAC control */ 2882 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED; 2883 if (dev->phy.gmode) 2884 macctl |= B43_MACCTL_GMODE; 2885 macctl |= B43_MACCTL_INFRA; 2886 b43_write32(dev, B43_MMIO_MACCTL, macctl); 2887 2888 err = b43_request_firmware(dev); 2889 if (err) 2890 goto out; 2891 err = b43_upload_microcode(dev); 2892 if (err) 2893 goto out; /* firmware is released later */ 2894 2895 err = b43_gpio_init(dev); 2896 if (err) 2897 goto out; /* firmware is released later */ 2898 2899 err = b43_upload_initvals(dev); 2900 if (err) 2901 goto err_gpio_clean; 2902 2903 /* Turn the Analog on and initialize the PHY. */ 2904 phy->ops->switch_analog(dev, 1); 2905 err = b43_phy_init(dev); 2906 if (err) 2907 goto err_gpio_clean; 2908 2909 /* Disable Interference Mitigation. */ 2910 if (phy->ops->interf_mitigation) 2911 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE); 2912 2913 /* Select the antennae */ 2914 if (phy->ops->set_rx_antenna) 2915 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT); 2916 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT); 2917 2918 if (phy->type == B43_PHYTYPE_B) { 2919 value16 = b43_read16(dev, 0x005E); 2920 value16 |= 0x0004; 2921 b43_write16(dev, 0x005E, value16); 2922 } 2923 b43_write32(dev, 0x0100, 0x01000000); 2924 if (dev->dev->core_rev < 5) 2925 b43_write32(dev, 0x010C, 0x01000000); 2926 2927 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2928 & ~B43_MACCTL_INFRA); 2929 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL) 2930 | B43_MACCTL_INFRA); 2931 2932 /* Probe Response Timeout value */ 2933 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */ 2934 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000); 2935 2936 /* Initially set the wireless operation mode. */ 2937 b43_adjust_opmode(dev); 2938 2939 if (dev->dev->core_rev < 3) { 2940 b43_write16(dev, 0x060E, 0x0000); 2941 b43_write16(dev, 0x0610, 0x8000); 2942 b43_write16(dev, 0x0604, 0x0000); 2943 b43_write16(dev, 0x0606, 0x0200); 2944 } else { 2945 b43_write32(dev, 0x0188, 0x80000000); 2946 b43_write32(dev, 0x018C, 0x02000000); 2947 } 2948 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000); 2949 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00); 2950 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00); 2951 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00); 2952 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00); 2953 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00); 2954 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00); 2955 2956 b43_mac_phy_clock_set(dev, true); 2957 2958 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 2959 dev->sdev->bus->chipco.fast_pwrup_delay); 2960 2961 err = 0; 2962 b43dbg(dev->wl, "Chip initialized\n"); 2963out: 2964 return err; 2965 2966err_gpio_clean: 2967 b43_gpio_cleanup(dev); 2968 return err; 2969} 2970 2971static void b43_periodic_every60sec(struct b43_wldev *dev) 2972{ 2973 const struct b43_phy_operations *ops = dev->phy.ops; 2974 2975 if (ops->pwork_60sec) 2976 ops->pwork_60sec(dev); 2977 2978 /* Force check the TX power emission now. */ 2979 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME); 2980} 2981 2982static void b43_periodic_every30sec(struct b43_wldev *dev) 2983{ 2984 /* Update device statistics. */ 2985 b43_calculate_link_quality(dev); 2986} 2987 2988static void b43_periodic_every15sec(struct b43_wldev *dev) 2989{ 2990 struct b43_phy *phy = &dev->phy; 2991 u16 wdr; 2992 2993 if (dev->fw.opensource) { 2994 /* Check if the firmware is still alive. 2995 * It will reset the watchdog counter to 0 in its idle loop. */ 2996 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG); 2997 if (unlikely(wdr)) { 2998 b43err(dev->wl, "Firmware watchdog: The firmware died!\n"); 2999 b43_controller_restart(dev, "Firmware watchdog"); 3000 return; 3001 } else { 3002 b43_shm_write16(dev, B43_SHM_SCRATCH, 3003 B43_WATCHDOG_REG, 1); 3004 } 3005 } 3006 3007 if (phy->ops->pwork_15sec) 3008 phy->ops->pwork_15sec(dev); 3009 3010 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 3011 wmb(); 3012 3013#if B43_DEBUG 3014 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) { 3015 unsigned int i; 3016 3017 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n", 3018 dev->irq_count / 15, 3019 dev->tx_count / 15, 3020 dev->rx_count / 15); 3021 dev->irq_count = 0; 3022 dev->tx_count = 0; 3023 dev->rx_count = 0; 3024 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) { 3025 if (dev->irq_bit_count[i]) { 3026 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n", 3027 dev->irq_bit_count[i] / 15, i, (1 << i)); 3028 dev->irq_bit_count[i] = 0; 3029 } 3030 } 3031 } 3032#endif 3033} 3034 3035static void do_periodic_work(struct b43_wldev *dev) 3036{ 3037 unsigned int state; 3038 3039 state = dev->periodic_state; 3040 if (state % 4 == 0) 3041 b43_periodic_every60sec(dev); 3042 if (state % 2 == 0) 3043 b43_periodic_every30sec(dev); 3044 b43_periodic_every15sec(dev); 3045} 3046 3047/* Periodic work locking policy: 3048 * The whole periodic work handler is protected by 3049 * wl->mutex. If another lock is needed somewhere in the 3050 * pwork callchain, it's acquired in-place, where it's needed. 3051 */ 3052static void b43_periodic_work_handler(struct work_struct *work) 3053{ 3054 struct b43_wldev *dev = container_of(work, struct b43_wldev, 3055 periodic_work.work); 3056 struct b43_wl *wl = dev->wl; 3057 unsigned long delay; 3058 3059 mutex_lock(&wl->mutex); 3060 3061 if (unlikely(b43_status(dev) != B43_STAT_STARTED)) 3062 goto out; 3063 if (b43_debug(dev, B43_DBG_PWORK_STOP)) 3064 goto out_requeue; 3065 3066 do_periodic_work(dev); 3067 3068 dev->periodic_state++; 3069out_requeue: 3070 if (b43_debug(dev, B43_DBG_PWORK_FAST)) 3071 delay = msecs_to_jiffies(50); 3072 else 3073 delay = round_jiffies_relative(HZ * 15); 3074 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay); 3075out: 3076 mutex_unlock(&wl->mutex); 3077} 3078 3079static void b43_periodic_tasks_setup(struct b43_wldev *dev) 3080{ 3081 struct delayed_work *work = &dev->periodic_work; 3082 3083 dev->periodic_state = 0; 3084 INIT_DELAYED_WORK(work, b43_periodic_work_handler); 3085 ieee80211_queue_delayed_work(dev->wl->hw, work, 0); 3086} 3087 3088/* Check if communication with the device works correctly. */ 3089static int b43_validate_chipaccess(struct b43_wldev *dev) 3090{ 3091 u32 v, backup0, backup4; 3092 3093 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0); 3094 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4); 3095 3096 /* Check for read/write and endianness problems. */ 3097 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55); 3098 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55) 3099 goto error; 3100 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA); 3101 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA) 3102 goto error; 3103 3104 /* Check if unaligned 32bit SHM_SHARED access works properly. 3105 * However, don't bail out on failure, because it's noncritical. */ 3106 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122); 3107 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344); 3108 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566); 3109 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788); 3110 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344) 3111 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n"); 3112 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD); 3113 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 || 3114 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD || 3115 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB || 3116 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788) 3117 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n"); 3118 3119 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0); 3120 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4); 3121 3122 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) { 3123 /* The 32bit register shadows the two 16bit registers 3124 * with update sideeffects. Validate this. */ 3125 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA); 3126 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB); 3127 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB) 3128 goto error; 3129 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC) 3130 goto error; 3131 } 3132 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0); 3133 3134 v = b43_read32(dev, B43_MMIO_MACCTL); 3135 v |= B43_MACCTL_GMODE; 3136 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED)) 3137 goto error; 3138 3139 return 0; 3140error: 3141 b43err(dev->wl, "Failed to validate the chipaccess\n"); 3142 return -ENODEV; 3143} 3144 3145static void b43_security_init(struct b43_wldev *dev) 3146{ 3147 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP); 3148 /* KTP is a word address, but we address SHM bytewise. 3149 * So multiply by two. 3150 */ 3151 dev->ktp *= 2; 3152 /* Number of RCMTA address slots */ 3153 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS); 3154 /* Clear the key memory. */ 3155 b43_clear_keys(dev); 3156} 3157 3158#ifdef CONFIG_B43_HWRNG 3159static int b43_rng_read(struct hwrng *rng, u32 *data) 3160{ 3161 struct b43_wl *wl = (struct b43_wl *)rng->priv; 3162 struct b43_wldev *dev; 3163 int count = -ENODEV; 3164 3165 mutex_lock(&wl->mutex); 3166 dev = wl->current_dev; 3167 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) { 3168 *data = b43_read16(dev, B43_MMIO_RNG); 3169 count = sizeof(u16); 3170 } 3171 mutex_unlock(&wl->mutex); 3172 3173 return count; 3174} 3175#endif /* CONFIG_B43_HWRNG */ 3176 3177static void b43_rng_exit(struct b43_wl *wl) 3178{ 3179#ifdef CONFIG_B43_HWRNG 3180 if (wl->rng_initialized) 3181 hwrng_unregister(&wl->rng); 3182#endif /* CONFIG_B43_HWRNG */ 3183} 3184 3185static int b43_rng_init(struct b43_wl *wl) 3186{ 3187 int err = 0; 3188 3189#ifdef CONFIG_B43_HWRNG 3190 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name), 3191 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy)); 3192 wl->rng.name = wl->rng_name; 3193 wl->rng.data_read = b43_rng_read; 3194 wl->rng.priv = (unsigned long)wl; 3195 wl->rng_initialized = 1; 3196 err = hwrng_register(&wl->rng); 3197 if (err) { 3198 wl->rng_initialized = 0; 3199 b43err(wl, "Failed to register the random " 3200 "number generator (%d)\n", err); 3201 } 3202#endif /* CONFIG_B43_HWRNG */ 3203 3204 return err; 3205} 3206 3207static void b43_tx_work(struct work_struct *work) 3208{ 3209 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work); 3210 struct b43_wldev *dev; 3211 struct sk_buff *skb; 3212 int err = 0; 3213 3214 mutex_lock(&wl->mutex); 3215 dev = wl->current_dev; 3216 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) { 3217 mutex_unlock(&wl->mutex); 3218 return; 3219 } 3220 3221 while (skb_queue_len(&wl->tx_queue)) { 3222 skb = skb_dequeue(&wl->tx_queue); 3223 3224 if (b43_using_pio_transfers(dev)) 3225 err = b43_pio_tx(dev, skb); 3226 else 3227 err = b43_dma_tx(dev, skb); 3228 if (unlikely(err)) 3229 dev_kfree_skb(skb); /* Drop it */ 3230 } 3231 3232#if B43_DEBUG 3233 dev->tx_count++; 3234#endif 3235 mutex_unlock(&wl->mutex); 3236} 3237 3238static void b43_op_tx(struct ieee80211_hw *hw, 3239 struct sk_buff *skb) 3240{ 3241 struct b43_wl *wl = hw_to_b43_wl(hw); 3242 3243 if (unlikely(skb->len < 2 + 2 + 6)) { 3244 /* Too short, this can't be a valid frame. */ 3245 dev_kfree_skb_any(skb); 3246 return; 3247 } 3248 B43_WARN_ON(skb_shinfo(skb)->nr_frags); 3249 3250 skb_queue_tail(&wl->tx_queue, skb); 3251 ieee80211_queue_work(wl->hw, &wl->tx_work); 3252} 3253 3254static void b43_qos_params_upload(struct b43_wldev *dev, 3255 const struct ieee80211_tx_queue_params *p, 3256 u16 shm_offset) 3257{ 3258 u16 params[B43_NR_QOSPARAMS]; 3259 int bslots, tmp; 3260 unsigned int i; 3261 3262 if (!dev->qos_enabled) 3263 return; 3264 3265 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min; 3266 3267 memset(¶ms, 0, sizeof(params)); 3268 3269 params[B43_QOSPARAM_TXOP] = p->txop * 32; 3270 params[B43_QOSPARAM_CWMIN] = p->cw_min; 3271 params[B43_QOSPARAM_CWMAX] = p->cw_max; 3272 params[B43_QOSPARAM_CWCUR] = p->cw_min; 3273 params[B43_QOSPARAM_AIFS] = p->aifs; 3274 params[B43_QOSPARAM_BSLOTS] = bslots; 3275 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs; 3276 3277 for (i = 0; i < ARRAY_SIZE(params); i++) { 3278 if (i == B43_QOSPARAM_STATUS) { 3279 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 3280 shm_offset + (i * 2)); 3281 /* Mark the parameters as updated. */ 3282 tmp |= 0x100; 3283 b43_shm_write16(dev, B43_SHM_SHARED, 3284 shm_offset + (i * 2), 3285 tmp); 3286 } else { 3287 b43_shm_write16(dev, B43_SHM_SHARED, 3288 shm_offset + (i * 2), 3289 params[i]); 3290 } 3291 } 3292} 3293 3294/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */ 3295static const u16 b43_qos_shm_offsets[] = { 3296 /* [mac80211-queue-nr] = SHM_OFFSET, */ 3297 [0] = B43_QOS_VOICE, 3298 [1] = B43_QOS_VIDEO, 3299 [2] = B43_QOS_BESTEFFORT, 3300 [3] = B43_QOS_BACKGROUND, 3301}; 3302 3303/* Update all QOS parameters in hardware. */ 3304static void b43_qos_upload_all(struct b43_wldev *dev) 3305{ 3306 struct b43_wl *wl = dev->wl; 3307 struct b43_qos_params *params; 3308 unsigned int i; 3309 3310 if (!dev->qos_enabled) 3311 return; 3312 3313 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3314 ARRAY_SIZE(wl->qos_params)); 3315 3316 b43_mac_suspend(dev); 3317 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3318 params = &(wl->qos_params[i]); 3319 b43_qos_params_upload(dev, &(params->p), 3320 b43_qos_shm_offsets[i]); 3321 } 3322 b43_mac_enable(dev); 3323} 3324 3325static void b43_qos_clear(struct b43_wl *wl) 3326{ 3327 struct b43_qos_params *params; 3328 unsigned int i; 3329 3330 /* Initialize QoS parameters to sane defaults. */ 3331 3332 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3333 ARRAY_SIZE(wl->qos_params)); 3334 3335 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) { 3336 params = &(wl->qos_params[i]); 3337 3338 switch (b43_qos_shm_offsets[i]) { 3339 case B43_QOS_VOICE: 3340 params->p.txop = 0; 3341 params->p.aifs = 2; 3342 params->p.cw_min = 0x0001; 3343 params->p.cw_max = 0x0001; 3344 break; 3345 case B43_QOS_VIDEO: 3346 params->p.txop = 0; 3347 params->p.aifs = 2; 3348 params->p.cw_min = 0x0001; 3349 params->p.cw_max = 0x0001; 3350 break; 3351 case B43_QOS_BESTEFFORT: 3352 params->p.txop = 0; 3353 params->p.aifs = 3; 3354 params->p.cw_min = 0x0001; 3355 params->p.cw_max = 0x03FF; 3356 break; 3357 case B43_QOS_BACKGROUND: 3358 params->p.txop = 0; 3359 params->p.aifs = 7; 3360 params->p.cw_min = 0x0001; 3361 params->p.cw_max = 0x03FF; 3362 break; 3363 default: 3364 B43_WARN_ON(1); 3365 } 3366 } 3367} 3368 3369/* Initialize the core's QOS capabilities */ 3370static void b43_qos_init(struct b43_wldev *dev) 3371{ 3372 if (!dev->qos_enabled) { 3373 /* Disable QOS support. */ 3374 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF); 3375 b43_write16(dev, B43_MMIO_IFSCTL, 3376 b43_read16(dev, B43_MMIO_IFSCTL) 3377 & ~B43_MMIO_IFSCTL_USE_EDCF); 3378 b43dbg(dev->wl, "QoS disabled\n"); 3379 return; 3380 } 3381 3382 /* Upload the current QOS parameters. */ 3383 b43_qos_upload_all(dev); 3384 3385 /* Enable QOS support. */ 3386 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF); 3387 b43_write16(dev, B43_MMIO_IFSCTL, 3388 b43_read16(dev, B43_MMIO_IFSCTL) 3389 | B43_MMIO_IFSCTL_USE_EDCF); 3390 b43dbg(dev->wl, "QoS enabled\n"); 3391} 3392 3393static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue, 3394 const struct ieee80211_tx_queue_params *params) 3395{ 3396 struct b43_wl *wl = hw_to_b43_wl(hw); 3397 struct b43_wldev *dev; 3398 unsigned int queue = (unsigned int)_queue; 3399 int err = -ENODEV; 3400 3401 if (queue >= ARRAY_SIZE(wl->qos_params)) { 3402 /* Queue not available or don't support setting 3403 * params on this queue. Return success to not 3404 * confuse mac80211. */ 3405 return 0; 3406 } 3407 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) != 3408 ARRAY_SIZE(wl->qos_params)); 3409 3410 mutex_lock(&wl->mutex); 3411 dev = wl->current_dev; 3412 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) 3413 goto out_unlock; 3414 3415 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params)); 3416 b43_mac_suspend(dev); 3417 b43_qos_params_upload(dev, &(wl->qos_params[queue].p), 3418 b43_qos_shm_offsets[queue]); 3419 b43_mac_enable(dev); 3420 err = 0; 3421 3422out_unlock: 3423 mutex_unlock(&wl->mutex); 3424 3425 return err; 3426} 3427 3428static int b43_op_get_stats(struct ieee80211_hw *hw, 3429 struct ieee80211_low_level_stats *stats) 3430{ 3431 struct b43_wl *wl = hw_to_b43_wl(hw); 3432 3433 mutex_lock(&wl->mutex); 3434 memcpy(stats, &wl->ieee_stats, sizeof(*stats)); 3435 mutex_unlock(&wl->mutex); 3436 3437 return 0; 3438} 3439 3440static u64 b43_op_get_tsf(struct ieee80211_hw *hw) 3441{ 3442 struct b43_wl *wl = hw_to_b43_wl(hw); 3443 struct b43_wldev *dev; 3444 u64 tsf; 3445 3446 mutex_lock(&wl->mutex); 3447 dev = wl->current_dev; 3448 3449 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3450 b43_tsf_read(dev, &tsf); 3451 else 3452 tsf = 0; 3453 3454 mutex_unlock(&wl->mutex); 3455 3456 return tsf; 3457} 3458 3459static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf) 3460{ 3461 struct b43_wl *wl = hw_to_b43_wl(hw); 3462 struct b43_wldev *dev; 3463 3464 mutex_lock(&wl->mutex); 3465 dev = wl->current_dev; 3466 3467 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) 3468 b43_tsf_write(dev, tsf); 3469 3470 mutex_unlock(&wl->mutex); 3471} 3472 3473static void b43_put_phy_into_reset(struct b43_wldev *dev) 3474{ 3475 struct ssb_device *sdev = dev->sdev; 3476 u32 tmslow; 3477 3478 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3479 tmslow &= ~B43_TMSLOW_GMODE; 3480 tmslow |= B43_TMSLOW_PHYRESET; 3481 tmslow |= SSB_TMSLOW_FGC; 3482 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3483 msleep(1); 3484 3485 tmslow = ssb_read32(sdev, SSB_TMSLOW); 3486 tmslow &= ~SSB_TMSLOW_FGC; 3487 tmslow |= B43_TMSLOW_PHYRESET; 3488 ssb_write32(sdev, SSB_TMSLOW, tmslow); 3489 msleep(1); 3490} 3491 3492static const char *band_to_string(enum ieee80211_band band) 3493{ 3494 switch (band) { 3495 case IEEE80211_BAND_5GHZ: 3496 return "5"; 3497 case IEEE80211_BAND_2GHZ: 3498 return "2.4"; 3499 default: 3500 break; 3501 } 3502 B43_WARN_ON(1); 3503 return ""; 3504} 3505 3506/* Expects wl->mutex locked */ 3507static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan) 3508{ 3509 struct b43_wldev *up_dev = NULL; 3510 struct b43_wldev *down_dev; 3511 struct b43_wldev *d; 3512 int err; 3513 bool uninitialized_var(gmode); 3514 int prev_status; 3515 3516 /* Find a device and PHY which supports the band. */ 3517 list_for_each_entry(d, &wl->devlist, list) { 3518 switch (chan->band) { 3519 case IEEE80211_BAND_5GHZ: 3520 if (d->phy.supports_5ghz) { 3521 up_dev = d; 3522 gmode = 0; 3523 } 3524 break; 3525 case IEEE80211_BAND_2GHZ: 3526 if (d->phy.supports_2ghz) { 3527 up_dev = d; 3528 gmode = 1; 3529 } 3530 break; 3531 default: 3532 B43_WARN_ON(1); 3533 return -EINVAL; 3534 } 3535 if (up_dev) 3536 break; 3537 } 3538 if (!up_dev) { 3539 b43err(wl, "Could not find a device for %s-GHz band operation\n", 3540 band_to_string(chan->band)); 3541 return -ENODEV; 3542 } 3543 if ((up_dev == wl->current_dev) && 3544 (!!wl->current_dev->phy.gmode == !!gmode)) { 3545 /* This device is already running. */ 3546 return 0; 3547 } 3548 b43dbg(wl, "Switching to %s-GHz band\n", 3549 band_to_string(chan->band)); 3550 down_dev = wl->current_dev; 3551 3552 prev_status = b43_status(down_dev); 3553 /* Shutdown the currently running core. */ 3554 if (prev_status >= B43_STAT_STARTED) 3555 down_dev = b43_wireless_core_stop(down_dev); 3556 if (prev_status >= B43_STAT_INITIALIZED) 3557 b43_wireless_core_exit(down_dev); 3558 3559 if (down_dev != up_dev) { 3560 /* We switch to a different core, so we put PHY into 3561 * RESET on the old core. */ 3562 b43_put_phy_into_reset(down_dev); 3563 } 3564 3565 /* Now start the new core. */ 3566 up_dev->phy.gmode = gmode; 3567 if (prev_status >= B43_STAT_INITIALIZED) { 3568 err = b43_wireless_core_init(up_dev); 3569 if (err) { 3570 b43err(wl, "Fatal: Could not initialize device for " 3571 "selected %s-GHz band\n", 3572 band_to_string(chan->band)); 3573 goto init_failure; 3574 } 3575 } 3576 if (prev_status >= B43_STAT_STARTED) { 3577 err = b43_wireless_core_start(up_dev); 3578 if (err) { 3579 b43err(wl, "Fatal: Coult not start device for " 3580 "selected %s-GHz band\n", 3581 band_to_string(chan->band)); 3582 b43_wireless_core_exit(up_dev); 3583 goto init_failure; 3584 } 3585 } 3586 B43_WARN_ON(b43_status(up_dev) != prev_status); 3587 3588 wl->current_dev = up_dev; 3589 3590 return 0; 3591init_failure: 3592 /* Whoops, failed to init the new core. No core is operating now. */ 3593 wl->current_dev = NULL; 3594 return err; 3595} 3596 3597/* Write the short and long frame retry limit values. */ 3598static void b43_set_retry_limits(struct b43_wldev *dev, 3599 unsigned int short_retry, 3600 unsigned int long_retry) 3601{ 3602 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing 3603 * the chip-internal counter. */ 3604 short_retry = min(short_retry, (unsigned int)0xF); 3605 long_retry = min(long_retry, (unsigned int)0xF); 3606 3607 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT, 3608 short_retry); 3609 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT, 3610 long_retry); 3611} 3612 3613static int b43_op_config(struct ieee80211_hw *hw, u32 changed) 3614{ 3615 struct b43_wl *wl = hw_to_b43_wl(hw); 3616 struct b43_wldev *dev; 3617 struct b43_phy *phy; 3618 struct ieee80211_conf *conf = &hw->conf; 3619 int antenna; 3620 int err = 0; 3621 3622 mutex_lock(&wl->mutex); 3623 3624 /* Switch the band (if necessary). This might change the active core. */ 3625 err = b43_switch_band(wl, conf->channel); 3626 if (err) 3627 goto out_unlock_mutex; 3628 dev = wl->current_dev; 3629 phy = &dev->phy; 3630 3631 if (conf_is_ht(conf)) 3632 phy->is_40mhz = 3633 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf)); 3634 else 3635 phy->is_40mhz = false; 3636 3637 b43_mac_suspend(dev); 3638 3639 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS) 3640 b43_set_retry_limits(dev, conf->short_frame_max_tx_count, 3641 conf->long_frame_max_tx_count); 3642 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS; 3643 if (!changed) 3644 goto out_mac_enable; 3645 3646 /* Switch to the requested channel. 3647 * The firmware takes care of races with the TX handler. */ 3648 if (conf->channel->hw_value != phy->channel) 3649 b43_switch_channel(dev, conf->channel->hw_value); 3650 3651 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR); 3652 3653 /* Adjust the desired TX power level. */ 3654 if (conf->power_level != 0) { 3655 if (conf->power_level != phy->desired_txpower) { 3656 phy->desired_txpower = conf->power_level; 3657 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME | 3658 B43_TXPWR_IGNORE_TSSI); 3659 } 3660 } 3661 3662 /* Antennas for RX and management frame TX. */ 3663 antenna = B43_ANTENNA_DEFAULT; 3664 b43_mgmtframe_txantenna(dev, antenna); 3665 antenna = B43_ANTENNA_DEFAULT; 3666 if (phy->ops->set_rx_antenna) 3667 phy->ops->set_rx_antenna(dev, antenna); 3668 3669 if (wl->radio_enabled != phy->radio_on) { 3670 if (wl->radio_enabled) { 3671 b43_software_rfkill(dev, false); 3672 b43info(dev->wl, "Radio turned on by software\n"); 3673 if (!dev->radio_hw_enable) { 3674 b43info(dev->wl, "The hardware RF-kill button " 3675 "still turns the radio physically off. " 3676 "Press the button to turn it on.\n"); 3677 } 3678 } else { 3679 b43_software_rfkill(dev, true); 3680 b43info(dev->wl, "Radio turned off by software\n"); 3681 } 3682 } 3683 3684out_mac_enable: 3685 b43_mac_enable(dev); 3686out_unlock_mutex: 3687 mutex_unlock(&wl->mutex); 3688 3689 return err; 3690} 3691 3692static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates) 3693{ 3694 struct ieee80211_supported_band *sband = 3695 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)]; 3696 struct ieee80211_rate *rate; 3697 int i; 3698 u16 basic, direct, offset, basic_offset, rateptr; 3699 3700 for (i = 0; i < sband->n_bitrates; i++) { 3701 rate = &sband->bitrates[i]; 3702 3703 if (b43_is_cck_rate(rate->hw_value)) { 3704 direct = B43_SHM_SH_CCKDIRECT; 3705 basic = B43_SHM_SH_CCKBASIC; 3706 offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3707 offset &= 0xF; 3708 } else { 3709 direct = B43_SHM_SH_OFDMDIRECT; 3710 basic = B43_SHM_SH_OFDMBASIC; 3711 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3712 offset &= 0xF; 3713 } 3714 3715 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate); 3716 3717 if (b43_is_cck_rate(rate->hw_value)) { 3718 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value); 3719 basic_offset &= 0xF; 3720 } else { 3721 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value); 3722 basic_offset &= 0xF; 3723 } 3724 3725 /* 3726 * Get the pointer that we need to point to 3727 * from the direct map 3728 */ 3729 rateptr = b43_shm_read16(dev, B43_SHM_SHARED, 3730 direct + 2 * basic_offset); 3731 /* and write it to the basic map */ 3732 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset, 3733 rateptr); 3734 } 3735} 3736 3737static void b43_op_bss_info_changed(struct ieee80211_hw *hw, 3738 struct ieee80211_vif *vif, 3739 struct ieee80211_bss_conf *conf, 3740 u32 changed) 3741{ 3742 struct b43_wl *wl = hw_to_b43_wl(hw); 3743 struct b43_wldev *dev; 3744 3745 mutex_lock(&wl->mutex); 3746 3747 dev = wl->current_dev; 3748 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3749 goto out_unlock_mutex; 3750 3751 B43_WARN_ON(wl->vif != vif); 3752 3753 if (changed & BSS_CHANGED_BSSID) { 3754 if (conf->bssid) 3755 memcpy(wl->bssid, conf->bssid, ETH_ALEN); 3756 else 3757 memset(wl->bssid, 0, ETH_ALEN); 3758 } 3759 3760 if (b43_status(dev) >= B43_STAT_INITIALIZED) { 3761 if (changed & BSS_CHANGED_BEACON && 3762 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3763 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3764 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3765 b43_update_templates(wl); 3766 3767 if (changed & BSS_CHANGED_BSSID) 3768 b43_write_mac_bssid_templates(dev); 3769 } 3770 3771 b43_mac_suspend(dev); 3772 3773 /* Update templates for AP/mesh mode. */ 3774 if (changed & BSS_CHANGED_BEACON_INT && 3775 (b43_is_mode(wl, NL80211_IFTYPE_AP) || 3776 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) || 3777 b43_is_mode(wl, NL80211_IFTYPE_ADHOC))) 3778 b43_set_beacon_int(dev, conf->beacon_int); 3779 3780 if (changed & BSS_CHANGED_BASIC_RATES) 3781 b43_update_basic_rates(dev, conf->basic_rates); 3782 3783 if (changed & BSS_CHANGED_ERP_SLOT) { 3784 if (conf->use_short_slot) 3785 b43_short_slot_timing_enable(dev); 3786 else 3787 b43_short_slot_timing_disable(dev); 3788 } 3789 3790 b43_mac_enable(dev); 3791out_unlock_mutex: 3792 mutex_unlock(&wl->mutex); 3793} 3794 3795static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd, 3796 struct ieee80211_vif *vif, struct ieee80211_sta *sta, 3797 struct ieee80211_key_conf *key) 3798{ 3799 struct b43_wl *wl = hw_to_b43_wl(hw); 3800 struct b43_wldev *dev; 3801 u8 algorithm; 3802 u8 index; 3803 int err; 3804 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 3805 3806 if (modparam_nohwcrypt) 3807 return -ENOSPC; /* User disabled HW-crypto */ 3808 3809 mutex_lock(&wl->mutex); 3810 3811 dev = wl->current_dev; 3812 err = -ENODEV; 3813 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED) 3814 goto out_unlock; 3815 3816 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) { 3817 /* We don't have firmware for the crypto engine. 3818 * Must use software-crypto. */ 3819 err = -EOPNOTSUPP; 3820 goto out_unlock; 3821 } 3822 3823 err = -EINVAL; 3824 switch (key->cipher) { 3825 case WLAN_CIPHER_SUITE_WEP40: 3826 algorithm = B43_SEC_ALGO_WEP40; 3827 break; 3828 case WLAN_CIPHER_SUITE_WEP104: 3829 algorithm = B43_SEC_ALGO_WEP104; 3830 break; 3831 case WLAN_CIPHER_SUITE_TKIP: 3832 algorithm = B43_SEC_ALGO_TKIP; 3833 break; 3834 case WLAN_CIPHER_SUITE_CCMP: 3835 algorithm = B43_SEC_ALGO_AES; 3836 break; 3837 default: 3838 B43_WARN_ON(1); 3839 goto out_unlock; 3840 } 3841 index = (u8) (key->keyidx); 3842 if (index > 3) 3843 goto out_unlock; 3844 3845 switch (cmd) { 3846 case SET_KEY: 3847 if (algorithm == B43_SEC_ALGO_TKIP && 3848 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) || 3849 !modparam_hwtkip)) { 3850 /* We support only pairwise key */ 3851 err = -EOPNOTSUPP; 3852 goto out_unlock; 3853 } 3854 3855 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) { 3856 if (WARN_ON(!sta)) { 3857 err = -EOPNOTSUPP; 3858 goto out_unlock; 3859 } 3860 /* Pairwise key with an assigned MAC address. */ 3861 err = b43_key_write(dev, -1, algorithm, 3862 key->key, key->keylen, 3863 sta->addr, key); 3864 } else { 3865 /* Group key */ 3866 err = b43_key_write(dev, index, algorithm, 3867 key->key, key->keylen, NULL, key); 3868 } 3869 if (err) 3870 goto out_unlock; 3871 3872 if (algorithm == B43_SEC_ALGO_WEP40 || 3873 algorithm == B43_SEC_ALGO_WEP104) { 3874 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS); 3875 } else { 3876 b43_hf_write(dev, 3877 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS); 3878 } 3879 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV; 3880 if (algorithm == B43_SEC_ALGO_TKIP) 3881 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC; 3882 break; 3883 case DISABLE_KEY: { 3884 err = b43_key_clear(dev, key->hw_key_idx); 3885 if (err) 3886 goto out_unlock; 3887 break; 3888 } 3889 default: 3890 B43_WARN_ON(1); 3891 } 3892 3893out_unlock: 3894 if (!err) { 3895 b43dbg(wl, "%s hardware based encryption for keyidx: %d, " 3896 "mac: %pM\n", 3897 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx, 3898 sta ? sta->addr : bcast_addr); 3899 b43_dump_keymemory(dev); 3900 } 3901 mutex_unlock(&wl->mutex); 3902 3903 return err; 3904} 3905 3906static void b43_op_configure_filter(struct ieee80211_hw *hw, 3907 unsigned int changed, unsigned int *fflags, 3908 u64 multicast) 3909{ 3910 struct b43_wl *wl = hw_to_b43_wl(hw); 3911 struct b43_wldev *dev; 3912 3913 mutex_lock(&wl->mutex); 3914 dev = wl->current_dev; 3915 if (!dev) { 3916 *fflags = 0; 3917 goto out_unlock; 3918 } 3919 3920 *fflags &= FIF_PROMISC_IN_BSS | 3921 FIF_ALLMULTI | 3922 FIF_FCSFAIL | 3923 FIF_PLCPFAIL | 3924 FIF_CONTROL | 3925 FIF_OTHER_BSS | 3926 FIF_BCN_PRBRESP_PROMISC; 3927 3928 changed &= FIF_PROMISC_IN_BSS | 3929 FIF_ALLMULTI | 3930 FIF_FCSFAIL | 3931 FIF_PLCPFAIL | 3932 FIF_CONTROL | 3933 FIF_OTHER_BSS | 3934 FIF_BCN_PRBRESP_PROMISC; 3935 3936 wl->filter_flags = *fflags; 3937 3938 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED) 3939 b43_adjust_opmode(dev); 3940 3941out_unlock: 3942 mutex_unlock(&wl->mutex); 3943} 3944 3945/* Locking: wl->mutex 3946 * Returns the current dev. This might be different from the passed in dev, 3947 * because the core might be gone away while we unlocked the mutex. */ 3948static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev) 3949{ 3950 struct b43_wl *wl = dev->wl; 3951 struct b43_wldev *orig_dev; 3952 u32 mask; 3953 3954redo: 3955 if (!dev || b43_status(dev) < B43_STAT_STARTED) 3956 return dev; 3957 3958 /* Cancel work. Unlock to avoid deadlocks. */ 3959 mutex_unlock(&wl->mutex); 3960 cancel_delayed_work_sync(&dev->periodic_work); 3961 cancel_work_sync(&wl->tx_work); 3962 mutex_lock(&wl->mutex); 3963 dev = wl->current_dev; 3964 if (!dev || b43_status(dev) < B43_STAT_STARTED) { 3965 /* Whoops, aliens ate up the device while we were unlocked. */ 3966 return dev; 3967 } 3968 3969 /* Disable interrupts on the device. */ 3970 b43_set_status(dev, B43_STAT_INITIALIZED); 3971 if (b43_bus_host_is_sdio(dev->dev)) { 3972 /* wl->mutex is locked. That is enough. */ 3973 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3974 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3975 } else { 3976 spin_lock_irq(&wl->hardirq_lock); 3977 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0); 3978 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */ 3979 spin_unlock_irq(&wl->hardirq_lock); 3980 } 3981 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */ 3982 orig_dev = dev; 3983 mutex_unlock(&wl->mutex); 3984 if (b43_bus_host_is_sdio(dev->dev)) { 3985 b43_sdio_free_irq(dev); 3986 } else { 3987 synchronize_irq(dev->dev->irq); 3988 free_irq(dev->dev->irq, dev); 3989 } 3990 mutex_lock(&wl->mutex); 3991 dev = wl->current_dev; 3992 if (!dev) 3993 return dev; 3994 if (dev != orig_dev) { 3995 if (b43_status(dev) >= B43_STAT_STARTED) 3996 goto redo; 3997 return dev; 3998 } 3999 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); 4000 B43_WARN_ON(mask != 0xFFFFFFFF && mask); 4001 4002 /* Drain the TX queue */ 4003 while (skb_queue_len(&wl->tx_queue)) 4004 dev_kfree_skb(skb_dequeue(&wl->tx_queue)); 4005 4006 b43_mac_suspend(dev); 4007 b43_leds_exit(dev); 4008 b43dbg(wl, "Wireless interface stopped\n"); 4009 4010 return dev; 4011} 4012 4013/* Locking: wl->mutex */ 4014static int b43_wireless_core_start(struct b43_wldev *dev) 4015{ 4016 int err; 4017 4018 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED); 4019 4020 drain_txstatus_queue(dev); 4021 if (b43_bus_host_is_sdio(dev->dev)) { 4022 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler); 4023 if (err) { 4024 b43err(dev->wl, "Cannot request SDIO IRQ\n"); 4025 goto out; 4026 } 4027 } else { 4028 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler, 4029 b43_interrupt_thread_handler, 4030 IRQF_SHARED, KBUILD_MODNAME, dev); 4031 if (err) { 4032 b43err(dev->wl, "Cannot request IRQ-%d\n", 4033 dev->dev->irq); 4034 goto out; 4035 } 4036 } 4037 4038 /* We are ready to run. */ 4039 ieee80211_wake_queues(dev->wl->hw); 4040 b43_set_status(dev, B43_STAT_STARTED); 4041 4042 /* Start data flow (TX/RX). */ 4043 b43_mac_enable(dev); 4044 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask); 4045 4046 /* Start maintenance work */ 4047 b43_periodic_tasks_setup(dev); 4048 4049 b43_leds_init(dev); 4050 4051 b43dbg(dev->wl, "Wireless interface started\n"); 4052out: 4053 return err; 4054} 4055 4056/* Get PHY and RADIO versioning numbers */ 4057static int b43_phy_versioning(struct b43_wldev *dev) 4058{ 4059 struct b43_phy *phy = &dev->phy; 4060 u32 tmp; 4061 u8 analog_type; 4062 u8 phy_type; 4063 u8 phy_rev; 4064 u16 radio_manuf; 4065 u16 radio_ver; 4066 u16 radio_rev; 4067 int unsupported = 0; 4068 4069 /* Get PHY versioning */ 4070 tmp = b43_read16(dev, B43_MMIO_PHY_VER); 4071 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT; 4072 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT; 4073 phy_rev = (tmp & B43_PHYVER_VERSION); 4074 switch (phy_type) { 4075 case B43_PHYTYPE_A: 4076 if (phy_rev >= 4) 4077 unsupported = 1; 4078 break; 4079 case B43_PHYTYPE_B: 4080 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6 4081 && phy_rev != 7) 4082 unsupported = 1; 4083 break; 4084 case B43_PHYTYPE_G: 4085 if (phy_rev > 9) 4086 unsupported = 1; 4087 break; 4088#ifdef CONFIG_B43_PHY_N 4089 case B43_PHYTYPE_N: 4090 if (phy_rev > 9) 4091 unsupported = 1; 4092 break; 4093#endif 4094#ifdef CONFIG_B43_PHY_LP 4095 case B43_PHYTYPE_LP: 4096 if (phy_rev > 2) 4097 unsupported = 1; 4098 break; 4099#endif 4100#ifdef CONFIG_B43_PHY_HT 4101 case B43_PHYTYPE_HT: 4102 if (phy_rev > 1) 4103 unsupported = 1; 4104 break; 4105#endif 4106 default: 4107 unsupported = 1; 4108 }; 4109 if (unsupported) { 4110 b43err(dev->wl, "FOUND UNSUPPORTED PHY " 4111 "(Analog %u, Type %u, Revision %u)\n", 4112 analog_type, phy_type, phy_rev); 4113 return -EOPNOTSUPP; 4114 } 4115 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n", 4116 analog_type, phy_type, phy_rev); 4117 4118 /* Get RADIO versioning */ 4119 if (dev->dev->chip_id == 0x4317) { 4120 if (dev->dev->chip_rev == 0) 4121 tmp = 0x3205017F; 4122 else if (dev->dev->chip_rev == 1) 4123 tmp = 0x4205017F; 4124 else 4125 tmp = 0x5205017F; 4126 } else { 4127 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4128 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW); 4129 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID); 4130 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16; 4131 } 4132 radio_manuf = (tmp & 0x00000FFF); 4133 radio_ver = (tmp & 0x0FFFF000) >> 12; 4134 radio_rev = (tmp & 0xF0000000) >> 28; 4135 if (radio_manuf != 0x17F /* Broadcom */) 4136 unsupported = 1; 4137 switch (phy_type) { 4138 case B43_PHYTYPE_A: 4139 if (radio_ver != 0x2060) 4140 unsupported = 1; 4141 if (radio_rev != 1) 4142 unsupported = 1; 4143 if (radio_manuf != 0x17F) 4144 unsupported = 1; 4145 break; 4146 case B43_PHYTYPE_B: 4147 if ((radio_ver & 0xFFF0) != 0x2050) 4148 unsupported = 1; 4149 break; 4150 case B43_PHYTYPE_G: 4151 if (radio_ver != 0x2050) 4152 unsupported = 1; 4153 break; 4154 case B43_PHYTYPE_N: 4155 if (radio_ver != 0x2055 && radio_ver != 0x2056) 4156 unsupported = 1; 4157 break; 4158 case B43_PHYTYPE_LP: 4159 if (radio_ver != 0x2062 && radio_ver != 0x2063) 4160 unsupported = 1; 4161 break; 4162 case B43_PHYTYPE_HT: 4163 if (radio_ver != 0x2059) 4164 unsupported = 1; 4165 break; 4166 default: 4167 B43_WARN_ON(1); 4168 } 4169 if (unsupported) { 4170 b43err(dev->wl, "FOUND UNSUPPORTED RADIO " 4171 "(Manuf 0x%X, Version 0x%X, Revision %u)\n", 4172 radio_manuf, radio_ver, radio_rev); 4173 return -EOPNOTSUPP; 4174 } 4175 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n", 4176 radio_manuf, radio_ver, radio_rev); 4177 4178 phy->radio_manuf = radio_manuf; 4179 phy->radio_ver = radio_ver; 4180 phy->radio_rev = radio_rev; 4181 4182 phy->analog = analog_type; 4183 phy->type = phy_type; 4184 phy->rev = phy_rev; 4185 4186 return 0; 4187} 4188 4189static void setup_struct_phy_for_init(struct b43_wldev *dev, 4190 struct b43_phy *phy) 4191{ 4192 phy->hardware_power_control = !!modparam_hwpctl; 4193 phy->next_txpwr_check_time = jiffies; 4194 /* PHY TX errors counter. */ 4195 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT); 4196 4197#if B43_DEBUG 4198 phy->phy_locked = 0; 4199 phy->radio_locked = 0; 4200#endif 4201} 4202 4203static void setup_struct_wldev_for_init(struct b43_wldev *dev) 4204{ 4205 dev->dfq_valid = 0; 4206 4207 /* Assume the radio is enabled. If it's not enabled, the state will 4208 * immediately get fixed on the first periodic work run. */ 4209 dev->radio_hw_enable = 1; 4210 4211 /* Stats */ 4212 memset(&dev->stats, 0, sizeof(dev->stats)); 4213 4214 setup_struct_phy_for_init(dev, &dev->phy); 4215 4216 /* IRQ related flags */ 4217 dev->irq_reason = 0; 4218 memset(dev->dma_reason, 0, sizeof(dev->dma_reason)); 4219 dev->irq_mask = B43_IRQ_MASKTEMPLATE; 4220 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG) 4221 dev->irq_mask &= ~B43_IRQ_PHY_TXERR; 4222 4223 dev->mac_suspended = 1; 4224 4225 /* Noise calculation context */ 4226 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc)); 4227} 4228 4229static void b43_bluetooth_coext_enable(struct b43_wldev *dev) 4230{ 4231 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4232 u64 hf; 4233 4234 if (!modparam_btcoex) 4235 return; 4236 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST)) 4237 return; 4238 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode) 4239 return; 4240 4241 hf = b43_hf_read(dev); 4242 if (sprom->boardflags_lo & B43_BFL_BTCMOD) 4243 hf |= B43_HF_BTCOEXALT; 4244 else 4245 hf |= B43_HF_BTCOEX; 4246 b43_hf_write(dev, hf); 4247} 4248 4249static void b43_bluetooth_coext_disable(struct b43_wldev *dev) 4250{ 4251 if (!modparam_btcoex) 4252 return; 4253 //TODO 4254} 4255 4256static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev) 4257{ 4258 struct ssb_bus *bus; 4259 u32 tmp; 4260 4261 if (dev->dev->bus_type != B43_BUS_SSB) 4262 return; 4263 4264 bus = dev->dev->sdev->bus; 4265 4266 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) || 4267 (bus->chip_id == 0x4312)) { 4268 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO); 4269 tmp &= ~SSB_IMCFGLO_REQTO; 4270 tmp &= ~SSB_IMCFGLO_SERTO; 4271 tmp |= 0x3; 4272 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp); 4273 ssb_commit_settings(bus); 4274 } 4275} 4276 4277static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle) 4278{ 4279 u16 pu_delay; 4280 4281 /* The time value is in microseconds. */ 4282 if (dev->phy.type == B43_PHYTYPE_A) 4283 pu_delay = 3700; 4284 else 4285 pu_delay = 1050; 4286 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle) 4287 pu_delay = 500; 4288 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8)) 4289 pu_delay = max(pu_delay, (u16)2400); 4290 4291 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay); 4292} 4293 4294/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */ 4295static void b43_set_pretbtt(struct b43_wldev *dev) 4296{ 4297 u16 pretbtt; 4298 4299 /* The time value is in microseconds. */ 4300 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) { 4301 pretbtt = 2; 4302 } else { 4303 if (dev->phy.type == B43_PHYTYPE_A) 4304 pretbtt = 120; 4305 else 4306 pretbtt = 250; 4307 } 4308 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt); 4309 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt); 4310} 4311 4312/* Shutdown a wireless core */ 4313/* Locking: wl->mutex */ 4314static void b43_wireless_core_exit(struct b43_wldev *dev) 4315{ 4316 u32 macctl; 4317 4318 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED); 4319 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED) 4320 return; 4321 4322 /* Unregister HW RNG driver */ 4323 b43_rng_exit(dev->wl); 4324 4325 b43_set_status(dev, B43_STAT_UNINIT); 4326 4327 /* Stop the microcode PSM. */ 4328 macctl = b43_read32(dev, B43_MMIO_MACCTL); 4329 macctl &= ~B43_MACCTL_PSM_RUN; 4330 macctl |= B43_MACCTL_PSM_JMP0; 4331 b43_write32(dev, B43_MMIO_MACCTL, macctl); 4332 4333 b43_dma_free(dev); 4334 b43_pio_free(dev); 4335 b43_chip_exit(dev); 4336 dev->phy.ops->switch_analog(dev, 0); 4337 if (dev->wl->current_beacon) { 4338 dev_kfree_skb_any(dev->wl->current_beacon); 4339 dev->wl->current_beacon = NULL; 4340 } 4341 4342 b43_device_disable(dev, 0); 4343 b43_bus_may_powerdown(dev); 4344} 4345 4346/* Initialize a wireless core */ 4347static int b43_wireless_core_init(struct b43_wldev *dev) 4348{ 4349 struct ssb_bus *bus = dev->sdev->bus; 4350 struct ssb_sprom *sprom = dev->dev->bus_sprom; 4351 struct b43_phy *phy = &dev->phy; 4352 int err; 4353 u64 hf; 4354 4355 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4356 4357 err = b43_bus_powerup(dev, 0); 4358 if (err) 4359 goto out; 4360 if (!b43_device_is_enabled(dev)) 4361 b43_wireless_core_reset(dev, phy->gmode); 4362 4363 /* Reset all data structures. */ 4364 setup_struct_wldev_for_init(dev); 4365 phy->ops->prepare_structs(dev); 4366 4367 /* Enable IRQ routing to this device. */ 4368 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev); 4369 4370 b43_imcfglo_timeouts_workaround(dev); 4371 b43_bluetooth_coext_disable(dev); 4372 if (phy->ops->prepare_hardware) { 4373 err = phy->ops->prepare_hardware(dev); 4374 if (err) 4375 goto err_busdown; 4376 } 4377 err = b43_chip_init(dev); 4378 if (err) 4379 goto err_busdown; 4380 b43_shm_write16(dev, B43_SHM_SHARED, 4381 B43_SHM_SH_WLCOREREV, dev->dev->core_rev); 4382 hf = b43_hf_read(dev); 4383 if (phy->type == B43_PHYTYPE_G) { 4384 hf |= B43_HF_SYMW; 4385 if (phy->rev == 1) 4386 hf |= B43_HF_GDCW; 4387 if (sprom->boardflags_lo & B43_BFL_PACTRL) 4388 hf |= B43_HF_OFDMPABOOST; 4389 } 4390 if (phy->radio_ver == 0x2050) { 4391 if (phy->radio_rev == 6) 4392 hf |= B43_HF_4318TSSI; 4393 if (phy->radio_rev < 6) 4394 hf |= B43_HF_VCORECALC; 4395 } 4396 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW) 4397 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */ 4398#ifdef CONFIG_SSB_DRIVER_PCICORE 4399 if ((bus->bustype == SSB_BUSTYPE_PCI) && 4400 (bus->pcicore.dev->id.revision <= 10)) 4401 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */ 4402#endif 4403 hf &= ~B43_HF_SKCFPUP; 4404 b43_hf_write(dev, hf); 4405 4406 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT, 4407 B43_DEFAULT_LONG_RETRY_LIMIT); 4408 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3); 4409 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2); 4410 4411 /* Disable sending probe responses from firmware. 4412 * Setting the MaxTime to one usec will always trigger 4413 * a timeout, so we never send any probe resp. 4414 * A timeout of zero is infinite. */ 4415 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1); 4416 4417 b43_rate_memory_init(dev); 4418 b43_set_phytxctl_defaults(dev); 4419 4420 /* Minimum Contention Window */ 4421 if (phy->type == B43_PHYTYPE_B) 4422 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F); 4423 else 4424 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF); 4425 /* Maximum Contention Window */ 4426 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF); 4427 4428 if (b43_bus_host_is_pcmcia(dev->dev) || 4429 b43_bus_host_is_sdio(dev->dev) || 4430 dev->use_pio) { 4431 dev->__using_pio_transfers = 1; 4432 err = b43_pio_init(dev); 4433 } else { 4434 dev->__using_pio_transfers = 0; 4435 err = b43_dma_init(dev); 4436 } 4437 if (err) 4438 goto err_chip_exit; 4439 b43_qos_init(dev); 4440 b43_set_synth_pu_delay(dev, 1); 4441 b43_bluetooth_coext_enable(dev); 4442 4443 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)); 4444 b43_upload_card_macaddress(dev); 4445 b43_security_init(dev); 4446 4447 ieee80211_wake_queues(dev->wl->hw); 4448 4449 b43_set_status(dev, B43_STAT_INITIALIZED); 4450 4451 /* Register HW RNG driver */ 4452 b43_rng_init(dev->wl); 4453 4454out: 4455 return err; 4456 4457err_chip_exit: 4458 b43_chip_exit(dev); 4459err_busdown: 4460 b43_bus_may_powerdown(dev); 4461 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT); 4462 return err; 4463} 4464 4465static int b43_op_add_interface(struct ieee80211_hw *hw, 4466 struct ieee80211_vif *vif) 4467{ 4468 struct b43_wl *wl = hw_to_b43_wl(hw); 4469 struct b43_wldev *dev; 4470 int err = -EOPNOTSUPP; 4471 4472 /* TODO: allow WDS/AP devices to coexist */ 4473 4474 if (vif->type != NL80211_IFTYPE_AP && 4475 vif->type != NL80211_IFTYPE_MESH_POINT && 4476 vif->type != NL80211_IFTYPE_STATION && 4477 vif->type != NL80211_IFTYPE_WDS && 4478 vif->type != NL80211_IFTYPE_ADHOC) 4479 return -EOPNOTSUPP; 4480 4481 mutex_lock(&wl->mutex); 4482 if (wl->operating) 4483 goto out_mutex_unlock; 4484 4485 b43dbg(wl, "Adding Interface type %d\n", vif->type); 4486 4487 dev = wl->current_dev; 4488 wl->operating = 1; 4489 wl->vif = vif; 4490 wl->if_type = vif->type; 4491 memcpy(wl->mac_addr, vif->addr, ETH_ALEN); 4492 4493 b43_adjust_opmode(dev); 4494 b43_set_pretbtt(dev); 4495 b43_set_synth_pu_delay(dev, 0); 4496 b43_upload_card_macaddress(dev); 4497 4498 err = 0; 4499 out_mutex_unlock: 4500 mutex_unlock(&wl->mutex); 4501 4502 return err; 4503} 4504 4505static void b43_op_remove_interface(struct ieee80211_hw *hw, 4506 struct ieee80211_vif *vif) 4507{ 4508 struct b43_wl *wl = hw_to_b43_wl(hw); 4509 struct b43_wldev *dev = wl->current_dev; 4510 4511 b43dbg(wl, "Removing Interface type %d\n", vif->type); 4512 4513 mutex_lock(&wl->mutex); 4514 4515 B43_WARN_ON(!wl->operating); 4516 B43_WARN_ON(wl->vif != vif); 4517 wl->vif = NULL; 4518 4519 wl->operating = 0; 4520 4521 b43_adjust_opmode(dev); 4522 memset(wl->mac_addr, 0, ETH_ALEN); 4523 b43_upload_card_macaddress(dev); 4524 4525 mutex_unlock(&wl->mutex); 4526} 4527 4528static int b43_op_start(struct ieee80211_hw *hw) 4529{ 4530 struct b43_wl *wl = hw_to_b43_wl(hw); 4531 struct b43_wldev *dev = wl->current_dev; 4532 int did_init = 0; 4533 int err = 0; 4534 4535 /* Kill all old instance specific information to make sure 4536 * the card won't use it in the short timeframe between start 4537 * and mac80211 reconfiguring it. */ 4538 memset(wl->bssid, 0, ETH_ALEN); 4539 memset(wl->mac_addr, 0, ETH_ALEN); 4540 wl->filter_flags = 0; 4541 wl->radiotap_enabled = 0; 4542 b43_qos_clear(wl); 4543 wl->beacon0_uploaded = 0; 4544 wl->beacon1_uploaded = 0; 4545 wl->beacon_templates_virgin = 1; 4546 wl->radio_enabled = 1; 4547 4548 mutex_lock(&wl->mutex); 4549 4550 if (b43_status(dev) < B43_STAT_INITIALIZED) { 4551 err = b43_wireless_core_init(dev); 4552 if (err) 4553 goto out_mutex_unlock; 4554 did_init = 1; 4555 } 4556 4557 if (b43_status(dev) < B43_STAT_STARTED) { 4558 err = b43_wireless_core_start(dev); 4559 if (err) { 4560 if (did_init) 4561 b43_wireless_core_exit(dev); 4562 goto out_mutex_unlock; 4563 } 4564 } 4565 4566 /* XXX: only do if device doesn't support rfkill irq */ 4567 wiphy_rfkill_start_polling(hw->wiphy); 4568 4569 out_mutex_unlock: 4570 mutex_unlock(&wl->mutex); 4571 4572 return err; 4573} 4574 4575static void b43_op_stop(struct ieee80211_hw *hw) 4576{ 4577 struct b43_wl *wl = hw_to_b43_wl(hw); 4578 struct b43_wldev *dev = wl->current_dev; 4579 4580 cancel_work_sync(&(wl->beacon_update_trigger)); 4581 4582 mutex_lock(&wl->mutex); 4583 if (b43_status(dev) >= B43_STAT_STARTED) { 4584 dev = b43_wireless_core_stop(dev); 4585 if (!dev) 4586 goto out_unlock; 4587 } 4588 b43_wireless_core_exit(dev); 4589 wl->radio_enabled = 0; 4590 4591out_unlock: 4592 mutex_unlock(&wl->mutex); 4593 4594 cancel_work_sync(&(wl->txpower_adjust_work)); 4595} 4596 4597static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, 4598 struct ieee80211_sta *sta, bool set) 4599{ 4600 struct b43_wl *wl = hw_to_b43_wl(hw); 4601 4602 /* FIXME: add locking */ 4603 b43_update_templates(wl); 4604 4605 return 0; 4606} 4607 4608static void b43_op_sta_notify(struct ieee80211_hw *hw, 4609 struct ieee80211_vif *vif, 4610 enum sta_notify_cmd notify_cmd, 4611 struct ieee80211_sta *sta) 4612{ 4613 struct b43_wl *wl = hw_to_b43_wl(hw); 4614 4615 B43_WARN_ON(!vif || wl->vif != vif); 4616} 4617 4618static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw) 4619{ 4620 struct b43_wl *wl = hw_to_b43_wl(hw); 4621 struct b43_wldev *dev; 4622 4623 mutex_lock(&wl->mutex); 4624 dev = wl->current_dev; 4625 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4626 /* Disable CFP update during scan on other channels. */ 4627 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP); 4628 } 4629 mutex_unlock(&wl->mutex); 4630} 4631 4632static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw) 4633{ 4634 struct b43_wl *wl = hw_to_b43_wl(hw); 4635 struct b43_wldev *dev; 4636 4637 mutex_lock(&wl->mutex); 4638 dev = wl->current_dev; 4639 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) { 4640 /* Re-enable CFP update. */ 4641 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP); 4642 } 4643 mutex_unlock(&wl->mutex); 4644} 4645 4646static int b43_op_get_survey(struct ieee80211_hw *hw, int idx, 4647 struct survey_info *survey) 4648{ 4649 struct b43_wl *wl = hw_to_b43_wl(hw); 4650 struct b43_wldev *dev = wl->current_dev; 4651 struct ieee80211_conf *conf = &hw->conf; 4652 4653 if (idx != 0) 4654 return -ENOENT; 4655 4656 survey->channel = conf->channel; 4657 survey->filled = SURVEY_INFO_NOISE_DBM; 4658 survey->noise = dev->stats.link_noise; 4659 4660 return 0; 4661} 4662 4663static const struct ieee80211_ops b43_hw_ops = { 4664 .tx = b43_op_tx, 4665 .conf_tx = b43_op_conf_tx, 4666 .add_interface = b43_op_add_interface, 4667 .remove_interface = b43_op_remove_interface, 4668 .config = b43_op_config, 4669 .bss_info_changed = b43_op_bss_info_changed, 4670 .configure_filter = b43_op_configure_filter, 4671 .set_key = b43_op_set_key, 4672 .update_tkip_key = b43_op_update_tkip_key, 4673 .get_stats = b43_op_get_stats, 4674 .get_tsf = b43_op_get_tsf, 4675 .set_tsf = b43_op_set_tsf, 4676 .start = b43_op_start, 4677 .stop = b43_op_stop, 4678 .set_tim = b43_op_beacon_set_tim, 4679 .sta_notify = b43_op_sta_notify, 4680 .sw_scan_start = b43_op_sw_scan_start_notifier, 4681 .sw_scan_complete = b43_op_sw_scan_complete_notifier, 4682 .get_survey = b43_op_get_survey, 4683 .rfkill_poll = b43_rfkill_poll, 4684}; 4685 4686/* Hard-reset the chip. Do not call this directly. 4687 * Use b43_controller_restart() 4688 */ 4689static void b43_chip_reset(struct work_struct *work) 4690{ 4691 struct b43_wldev *dev = 4692 container_of(work, struct b43_wldev, restart_work); 4693 struct b43_wl *wl = dev->wl; 4694 int err = 0; 4695 int prev_status; 4696 4697 mutex_lock(&wl->mutex); 4698 4699 prev_status = b43_status(dev); 4700 /* Bring the device down... */ 4701 if (prev_status >= B43_STAT_STARTED) { 4702 dev = b43_wireless_core_stop(dev); 4703 if (!dev) { 4704 err = -ENODEV; 4705 goto out; 4706 } 4707 } 4708 if (prev_status >= B43_STAT_INITIALIZED) 4709 b43_wireless_core_exit(dev); 4710 4711 /* ...and up again. */ 4712 if (prev_status >= B43_STAT_INITIALIZED) { 4713 err = b43_wireless_core_init(dev); 4714 if (err) 4715 goto out; 4716 } 4717 if (prev_status >= B43_STAT_STARTED) { 4718 err = b43_wireless_core_start(dev); 4719 if (err) { 4720 b43_wireless_core_exit(dev); 4721 goto out; 4722 } 4723 } 4724out: 4725 if (err) 4726 wl->current_dev = NULL; /* Failed to init the dev. */ 4727 mutex_unlock(&wl->mutex); 4728 if (err) 4729 b43err(wl, "Controller restart FAILED\n"); 4730 else 4731 b43info(wl, "Controller restarted\n"); 4732} 4733 4734static int b43_setup_bands(struct b43_wldev *dev, 4735 bool have_2ghz_phy, bool have_5ghz_phy) 4736{ 4737 struct ieee80211_hw *hw = dev->wl->hw; 4738 4739 if (have_2ghz_phy) 4740 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz; 4741 if (dev->phy.type == B43_PHYTYPE_N) { 4742 if (have_5ghz_phy) 4743 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy; 4744 } else { 4745 if (have_5ghz_phy) 4746 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy; 4747 } 4748 4749 dev->phy.supports_2ghz = have_2ghz_phy; 4750 dev->phy.supports_5ghz = have_5ghz_phy; 4751 4752 return 0; 4753} 4754 4755static void b43_wireless_core_detach(struct b43_wldev *dev) 4756{ 4757 /* We release firmware that late to not be required to re-request 4758 * is all the time when we reinit the core. */ 4759 b43_release_firmware(dev); 4760 b43_phy_free(dev); 4761} 4762 4763static int b43_wireless_core_attach(struct b43_wldev *dev) 4764{ 4765 struct b43_wl *wl = dev->wl; 4766 struct ssb_bus *bus = dev->sdev->bus; 4767 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL; 4768 int err; 4769 bool have_2ghz_phy = 0, have_5ghz_phy = 0; 4770 4771 /* Do NOT do any device initialization here. 4772 * Do it in wireless_core_init() instead. 4773 * This function is for gathering basic information about the HW, only. 4774 * Also some structs may be set up here. But most likely you want to have 4775 * that in core_init(), too. 4776 */ 4777 4778 err = b43_bus_powerup(dev, 0); 4779 if (err) { 4780 b43err(wl, "Bus powerup failed\n"); 4781 goto out; 4782 } 4783 /* Get the PHY type. */ 4784 if (dev->dev->core_rev >= 5) { 4785 u32 tmshigh; 4786 4787 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH); 4788 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY); 4789 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY); 4790 } else 4791 B43_WARN_ON(1); 4792 4793 dev->phy.gmode = have_2ghz_phy; 4794 dev->phy.radio_on = 1; 4795 b43_wireless_core_reset(dev, dev->phy.gmode); 4796 4797 err = b43_phy_versioning(dev); 4798 if (err) 4799 goto err_powerdown; 4800 /* Check if this device supports multiband. */ 4801 if (!pdev || 4802 (pdev->device != 0x4312 && 4803 pdev->device != 0x4319 && pdev->device != 0x4324)) { 4804 /* No multiband support. */ 4805 have_2ghz_phy = 0; 4806 have_5ghz_phy = 0; 4807 switch (dev->phy.type) { 4808 case B43_PHYTYPE_A: 4809 have_5ghz_phy = 1; 4810 break; 4811 case B43_PHYTYPE_LP: //FIXME not always! 4812#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference 4813 have_5ghz_phy = 1; 4814#endif 4815 case B43_PHYTYPE_G: 4816 case B43_PHYTYPE_N: 4817 have_2ghz_phy = 1; 4818 break; 4819 default: 4820 B43_WARN_ON(1); 4821 } 4822 } 4823 if (dev->phy.type == B43_PHYTYPE_A) { 4824 /* FIXME */ 4825 b43err(wl, "IEEE 802.11a devices are unsupported\n"); 4826 err = -EOPNOTSUPP; 4827 goto err_powerdown; 4828 } 4829 if (1 /* disable A-PHY */) { 4830 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */ 4831 if (dev->phy.type != B43_PHYTYPE_N && 4832 dev->phy.type != B43_PHYTYPE_LP) { 4833 have_2ghz_phy = 1; 4834 have_5ghz_phy = 0; 4835 } 4836 } 4837 4838 err = b43_phy_allocate(dev); 4839 if (err) 4840 goto err_powerdown; 4841 4842 dev->phy.gmode = have_2ghz_phy; 4843 b43_wireless_core_reset(dev, dev->phy.gmode); 4844 4845 err = b43_validate_chipaccess(dev); 4846 if (err) 4847 goto err_phy_free; 4848 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy); 4849 if (err) 4850 goto err_phy_free; 4851 4852 /* Now set some default "current_dev" */ 4853 if (!wl->current_dev) 4854 wl->current_dev = dev; 4855 INIT_WORK(&dev->restart_work, b43_chip_reset); 4856 4857 dev->phy.ops->switch_analog(dev, 0); 4858 b43_device_disable(dev, 0); 4859 b43_bus_may_powerdown(dev); 4860 4861out: 4862 return err; 4863 4864err_phy_free: 4865 b43_phy_free(dev); 4866err_powerdown: 4867 b43_bus_may_powerdown(dev); 4868 return err; 4869} 4870 4871static void b43_one_core_detach(struct b43_bus_dev *dev) 4872{ 4873 struct b43_wldev *wldev; 4874 struct b43_wl *wl; 4875 4876 /* Do not cancel ieee80211-workqueue based work here. 4877 * See comment in b43_remove(). */ 4878 4879 wldev = ssb_get_drvdata(dev->sdev); 4880 wl = wldev->wl; 4881 b43_debugfs_remove_device(wldev); 4882 b43_wireless_core_detach(wldev); 4883 list_del(&wldev->list); 4884 wl->nr_devs--; 4885 ssb_set_drvdata(dev->sdev, NULL); 4886 kfree(wldev); 4887} 4888 4889static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl) 4890{ 4891 struct b43_wldev *wldev; 4892 int err = -ENOMEM; 4893 4894 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL); 4895 if (!wldev) 4896 goto out; 4897 4898 wldev->use_pio = b43_modparam_pio; 4899 wldev->dev = dev; 4900 wldev->sdev = dev->sdev; /* TODO: Remove when not needed */ 4901 wldev->wl = wl; 4902 b43_set_status(wldev, B43_STAT_UNINIT); 4903 wldev->bad_frames_preempt = modparam_bad_frames_preempt; 4904 INIT_LIST_HEAD(&wldev->list); 4905 4906 err = b43_wireless_core_attach(wldev); 4907 if (err) 4908 goto err_kfree_wldev; 4909 4910 list_add(&wldev->list, &wl->devlist); 4911 wl->nr_devs++; 4912 ssb_set_drvdata(dev->sdev, wldev); 4913 b43_debugfs_add_device(wldev); 4914 4915 out: 4916 return err; 4917 4918 err_kfree_wldev: 4919 kfree(wldev); 4920 return err; 4921} 4922 4923#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \ 4924 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \ 4925 (pdev->device == _device) && \ 4926 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \ 4927 (pdev->subsystem_device == _subdevice) ) 4928 4929static void b43_sprom_fixup(struct ssb_bus *bus) 4930{ 4931 struct pci_dev *pdev; 4932 4933 /* boardflags workarounds */ 4934 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL && 4935 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74) 4936 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST; 4937 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE && 4938 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40) 4939 bus->sprom.boardflags_lo |= B43_BFL_PACTRL; 4940 if (bus->bustype == SSB_BUSTYPE_PCI) { 4941 pdev = bus->host_pci; 4942 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) || 4943 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) || 4944 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) || 4945 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) || 4946 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) || 4947 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) || 4948 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010)) 4949 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST; 4950 } 4951} 4952 4953static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl) 4954{ 4955 struct ieee80211_hw *hw = wl->hw; 4956 4957 ssb_set_devtypedata(dev->sdev, NULL); 4958 ieee80211_free_hw(hw); 4959} 4960 4961static struct b43_wl *b43_wireless_init(struct ssb_device *dev) 4962{ 4963 struct ssb_sprom *sprom = &dev->bus->sprom; 4964 struct ieee80211_hw *hw; 4965 struct b43_wl *wl; 4966 4967 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops); 4968 if (!hw) { 4969 b43err(NULL, "Could not allocate ieee80211 device\n"); 4970 return ERR_PTR(-ENOMEM); 4971 } 4972 wl = hw_to_b43_wl(hw); 4973 4974 /* fill hw info */ 4975 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS | 4976 IEEE80211_HW_SIGNAL_DBM; 4977 4978 hw->wiphy->interface_modes = 4979 BIT(NL80211_IFTYPE_AP) | 4980 BIT(NL80211_IFTYPE_MESH_POINT) | 4981 BIT(NL80211_IFTYPE_STATION) | 4982 BIT(NL80211_IFTYPE_WDS) | 4983 BIT(NL80211_IFTYPE_ADHOC); 4984 4985 hw->queues = modparam_qos ? 4 : 1; 4986 wl->mac80211_initially_registered_queues = hw->queues; 4987 hw->max_rates = 2; 4988 SET_IEEE80211_DEV(hw, dev->dev); 4989 if (is_valid_ether_addr(sprom->et1mac)) 4990 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac); 4991 else 4992 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac); 4993 4994 /* Initialize struct b43_wl */ 4995 wl->hw = hw; 4996 mutex_init(&wl->mutex); 4997 spin_lock_init(&wl->hardirq_lock); 4998 INIT_LIST_HEAD(&wl->devlist); 4999 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work); 5000 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work); 5001 INIT_WORK(&wl->tx_work, b43_tx_work); 5002 skb_queue_head_init(&wl->tx_queue); 5003 5004 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n", 5005 dev->bus->chip_id, dev->id.revision); 5006 return wl; 5007} 5008 5009#ifdef CONFIG_B43_BCMA 5010static int b43_bcma_probe(struct bcma_device *core) 5011{ 5012 b43err(NULL, "BCMA is not supported yet!"); 5013 return -EOPNOTSUPP; 5014} 5015 5016static void b43_bcma_remove(struct bcma_device *core) 5017{ 5018 /* TODO */ 5019} 5020 5021static struct bcma_driver b43_bcma_driver = { 5022 .name = KBUILD_MODNAME, 5023 .id_table = b43_bcma_tbl, 5024 .probe = b43_bcma_probe, 5025 .remove = b43_bcma_remove, 5026}; 5027#endif 5028 5029static 5030int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id) 5031{ 5032 struct b43_bus_dev *dev; 5033 struct b43_wl *wl; 5034 int err; 5035 int first = 0; 5036 5037 dev = b43_bus_dev_ssb_init(sdev); 5038 if (!dev) 5039 return -ENOMEM; 5040 5041 wl = ssb_get_devtypedata(sdev); 5042 if (!wl) { 5043 /* Probing the first core. Must setup common struct b43_wl */ 5044 first = 1; 5045 b43_sprom_fixup(sdev->bus); 5046 wl = b43_wireless_init(sdev); 5047 if (IS_ERR(wl)) { 5048 err = PTR_ERR(wl); 5049 goto out; 5050 } 5051 ssb_set_devtypedata(sdev, wl); 5052 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl); 5053 } 5054 err = b43_one_core_attach(dev, wl); 5055 if (err) 5056 goto err_wireless_exit; 5057 5058 if (first) { 5059 err = ieee80211_register_hw(wl->hw); 5060 if (err) 5061 goto err_one_core_detach; 5062 b43_leds_register(wl->current_dev); 5063 } 5064 5065 out: 5066 return err; 5067 5068 err_one_core_detach: 5069 b43_one_core_detach(dev); 5070 err_wireless_exit: 5071 if (first) 5072 b43_wireless_exit(dev, wl); 5073 return err; 5074} 5075 5076static void b43_ssb_remove(struct ssb_device *sdev) 5077{ 5078 struct b43_wl *wl = ssb_get_devtypedata(sdev); 5079 struct b43_wldev *wldev = ssb_get_drvdata(sdev); 5080 5081 /* We must cancel any work here before unregistering from ieee80211, 5082 * as the ieee80211 unreg will destroy the workqueue. */ 5083 cancel_work_sync(&wldev->restart_work); 5084 5085 B43_WARN_ON(!wl); 5086 if (wl->current_dev == wldev) { 5087 /* Restore the queues count before unregistering, because firmware detect 5088 * might have modified it. Restoring is important, so the networking 5089 * stack can properly free resources. */ 5090 wl->hw->queues = wl->mac80211_initially_registered_queues; 5091 b43_leds_stop(wldev); 5092 ieee80211_unregister_hw(wl->hw); 5093 } 5094 5095 b43_one_core_detach(wldev->dev); 5096 5097 if (list_empty(&wl->devlist)) { 5098 b43_leds_unregister(wl); 5099 /* Last core on the chip unregistered. 5100 * We can destroy common struct b43_wl. 5101 */ 5102 b43_wireless_exit(wldev->dev, wl); 5103 } 5104} 5105 5106/* Perform a hardware reset. This can be called from any context. */ 5107void b43_controller_restart(struct b43_wldev *dev, const char *reason) 5108{ 5109 /* Must avoid requeueing, if we are in shutdown. */ 5110 if (b43_status(dev) < B43_STAT_INITIALIZED) 5111 return; 5112 b43info(dev->wl, "Controller RESET (%s) ...\n", reason); 5113 ieee80211_queue_work(dev->wl->hw, &dev->restart_work); 5114} 5115 5116static struct ssb_driver b43_ssb_driver = { 5117 .name = KBUILD_MODNAME, 5118 .id_table = b43_ssb_tbl, 5119 .probe = b43_ssb_probe, 5120 .remove = b43_ssb_remove, 5121}; 5122 5123static void b43_print_driverinfo(void) 5124{ 5125 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "", 5126 *feat_leds = "", *feat_sdio = ""; 5127 5128#ifdef CONFIG_B43_PCI_AUTOSELECT 5129 feat_pci = "P"; 5130#endif 5131#ifdef CONFIG_B43_PCMCIA 5132 feat_pcmcia = "M"; 5133#endif 5134#ifdef CONFIG_B43_PHY_N 5135 feat_nphy = "N"; 5136#endif 5137#ifdef CONFIG_B43_LEDS 5138 feat_leds = "L"; 5139#endif 5140#ifdef CONFIG_B43_SDIO 5141 feat_sdio = "S"; 5142#endif 5143 printk(KERN_INFO "Broadcom 43xx driver loaded " 5144 "[ Features: %s%s%s%s%s, Firmware-ID: " 5145 B43_SUPPORTED_FIRMWARE_ID " ]\n", 5146 feat_pci, feat_pcmcia, feat_nphy, 5147 feat_leds, feat_sdio); 5148} 5149 5150static int __init b43_init(void) 5151{ 5152 int err; 5153 5154 b43_debugfs_init(); 5155 err = b43_pcmcia_init(); 5156 if (err) 5157 goto err_dfs_exit; 5158 err = b43_sdio_init(); 5159 if (err) 5160 goto err_pcmcia_exit; 5161#ifdef CONFIG_B43_BCMA 5162 err = bcma_driver_register(&b43_bcma_driver); 5163 if (err) 5164 goto err_sdio_exit; 5165#endif 5166 err = ssb_driver_register(&b43_ssb_driver); 5167 if (err) 5168 goto err_bcma_driver_exit; 5169 b43_print_driverinfo(); 5170 5171 return err; 5172 5173err_bcma_driver_exit: 5174#ifdef CONFIG_B43_BCMA 5175 bcma_driver_unregister(&b43_bcma_driver); 5176err_sdio_exit: 5177#endif 5178 b43_sdio_exit(); 5179err_pcmcia_exit: 5180 b43_pcmcia_exit(); 5181err_dfs_exit: 5182 b43_debugfs_exit(); 5183 return err; 5184} 5185 5186static void __exit b43_exit(void) 5187{ 5188 ssb_driver_unregister(&b43_ssb_driver); 5189#ifdef CONFIG_B43_BCMA 5190 bcma_driver_unregister(&b43_bcma_driver); 5191#endif 5192 b43_sdio_exit(); 5193 b43_pcmcia_exit(); 5194 b43_debugfs_exit(); 5195} 5196 5197module_init(b43_init) 5198module_exit(b43_exit) 5199