3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
11 Some parts of the code in this file are derived from the ipw2200
12 driver Copyright(c) 2003 - 2004 Intel Corporation.
14 This program is free software; you can redistribute it and/or modify
15 it under the terms of the GNU General Public License as published by
16 the Free Software Foundation; either version 2 of the License, or
17 (at your option) any later version.
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 GNU General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; see the file COPYING. If not, write to
26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
27 Boston, MA 02110-1301, USA.
31 #include <linux/delay.h>
32 #include <linux/init.h>
33 #include <linux/moduleparam.h>
34 #include <linux/if_arp.h>
35 #include <linux/etherdevice.h>
36 #include <linux/firmware.h>
37 #include <linux/wireless.h>
38 #include <linux/workqueue.h>
39 #include <linux/skbuff.h>
41 #include <linux/dma-mapping.h>
42 #include <asm/unaligned.h>
47 #include "phy_common.h"
57 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
58 MODULE_AUTHOR("Martin Langer");
59 MODULE_AUTHOR("Stefano Brivio");
60 MODULE_AUTHOR("Michael Buesch");
61 MODULE_LICENSE("GPL");
63 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
66 static int modparam_bad_frames_preempt;
67 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
68 MODULE_PARM_DESC(bad_frames_preempt,
69 "enable(1) / disable(0) Bad Frames Preemption");
71 static char modparam_fwpostfix[16];
72 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
73 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
75 static int modparam_hwpctl;
76 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
77 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
79 static int modparam_nohwcrypt;
80 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
81 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
83 int b43_modparam_qos = 1;
84 module_param_named(qos, b43_modparam_qos, int, 0444);
85 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
87 static int modparam_btcoex = 1;
88 module_param_named(btcoex, modparam_btcoex, int, 0444);
89 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistance (default on)");
92 static const struct ssb_device_id b43_ssb_tbl[] = {
93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
96 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
97 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
98 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
99 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
100 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
101 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
105 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
107 /* Channel and ratetables are shared for all devices.
108 * They can't be const, because ieee80211 puts some precalculated
109 * data in there. This data is the same for all devices, so we don't
110 * get concurrency issues */
111 #define RATETAB_ENT(_rateid, _flags) \
113 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
114 .hw_value = (_rateid), \
119 * NOTE: When changing this, sync with xmit.c's
120 * b43_plcp_get_bitrate_idx_* functions!
122 static struct ieee80211_rate __b43_ratetable[] = {
123 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
124 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
125 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
126 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
127 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
128 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
129 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
130 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
131 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
132 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
133 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
134 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
137 #define b43_a_ratetable (__b43_ratetable + 4)
138 #define b43_a_ratetable_size 8
139 #define b43_b_ratetable (__b43_ratetable + 0)
140 #define b43_b_ratetable_size 4
141 #define b43_g_ratetable (__b43_ratetable + 0)
142 #define b43_g_ratetable_size 12
144 #define CHAN4G(_channel, _freq, _flags) { \
145 .band = IEEE80211_BAND_2GHZ, \
146 .center_freq = (_freq), \
147 .hw_value = (_channel), \
149 .max_antenna_gain = 0, \
152 static struct ieee80211_channel b43_2ghz_chantable[] = {
170 #define CHAN5G(_channel, _flags) { \
171 .band = IEEE80211_BAND_5GHZ, \
172 .center_freq = 5000 + (5 * (_channel)), \
173 .hw_value = (_channel), \
175 .max_antenna_gain = 0, \
178 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
179 CHAN5G(32, 0), CHAN5G(34, 0),
180 CHAN5G(36, 0), CHAN5G(38, 0),
181 CHAN5G(40, 0), CHAN5G(42, 0),
182 CHAN5G(44, 0), CHAN5G(46, 0),
183 CHAN5G(48, 0), CHAN5G(50, 0),
184 CHAN5G(52, 0), CHAN5G(54, 0),
185 CHAN5G(56, 0), CHAN5G(58, 0),
186 CHAN5G(60, 0), CHAN5G(62, 0),
187 CHAN5G(64, 0), CHAN5G(66, 0),
188 CHAN5G(68, 0), CHAN5G(70, 0),
189 CHAN5G(72, 0), CHAN5G(74, 0),
190 CHAN5G(76, 0), CHAN5G(78, 0),
191 CHAN5G(80, 0), CHAN5G(82, 0),
192 CHAN5G(84, 0), CHAN5G(86, 0),
193 CHAN5G(88, 0), CHAN5G(90, 0),
194 CHAN5G(92, 0), CHAN5G(94, 0),
195 CHAN5G(96, 0), CHAN5G(98, 0),
196 CHAN5G(100, 0), CHAN5G(102, 0),
197 CHAN5G(104, 0), CHAN5G(106, 0),
198 CHAN5G(108, 0), CHAN5G(110, 0),
199 CHAN5G(112, 0), CHAN5G(114, 0),
200 CHAN5G(116, 0), CHAN5G(118, 0),
201 CHAN5G(120, 0), CHAN5G(122, 0),
202 CHAN5G(124, 0), CHAN5G(126, 0),
203 CHAN5G(128, 0), CHAN5G(130, 0),
204 CHAN5G(132, 0), CHAN5G(134, 0),
205 CHAN5G(136, 0), CHAN5G(138, 0),
206 CHAN5G(140, 0), CHAN5G(142, 0),
207 CHAN5G(144, 0), CHAN5G(145, 0),
208 CHAN5G(146, 0), CHAN5G(147, 0),
209 CHAN5G(148, 0), CHAN5G(149, 0),
210 CHAN5G(150, 0), CHAN5G(151, 0),
211 CHAN5G(152, 0), CHAN5G(153, 0),
212 CHAN5G(154, 0), CHAN5G(155, 0),
213 CHAN5G(156, 0), CHAN5G(157, 0),
214 CHAN5G(158, 0), CHAN5G(159, 0),
215 CHAN5G(160, 0), CHAN5G(161, 0),
216 CHAN5G(162, 0), CHAN5G(163, 0),
217 CHAN5G(164, 0), CHAN5G(165, 0),
218 CHAN5G(166, 0), CHAN5G(168, 0),
219 CHAN5G(170, 0), CHAN5G(172, 0),
220 CHAN5G(174, 0), CHAN5G(176, 0),
221 CHAN5G(178, 0), CHAN5G(180, 0),
222 CHAN5G(182, 0), CHAN5G(184, 0),
223 CHAN5G(186, 0), CHAN5G(188, 0),
224 CHAN5G(190, 0), CHAN5G(192, 0),
225 CHAN5G(194, 0), CHAN5G(196, 0),
226 CHAN5G(198, 0), CHAN5G(200, 0),
227 CHAN5G(202, 0), CHAN5G(204, 0),
228 CHAN5G(206, 0), CHAN5G(208, 0),
229 CHAN5G(210, 0), CHAN5G(212, 0),
230 CHAN5G(214, 0), CHAN5G(216, 0),
231 CHAN5G(218, 0), CHAN5G(220, 0),
232 CHAN5G(222, 0), CHAN5G(224, 0),
233 CHAN5G(226, 0), CHAN5G(228, 0),
236 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
237 CHAN5G(34, 0), CHAN5G(36, 0),
238 CHAN5G(38, 0), CHAN5G(40, 0),
239 CHAN5G(42, 0), CHAN5G(44, 0),
240 CHAN5G(46, 0), CHAN5G(48, 0),
241 CHAN5G(52, 0), CHAN5G(56, 0),
242 CHAN5G(60, 0), CHAN5G(64, 0),
243 CHAN5G(100, 0), CHAN5G(104, 0),
244 CHAN5G(108, 0), CHAN5G(112, 0),
245 CHAN5G(116, 0), CHAN5G(120, 0),
246 CHAN5G(124, 0), CHAN5G(128, 0),
247 CHAN5G(132, 0), CHAN5G(136, 0),
248 CHAN5G(140, 0), CHAN5G(149, 0),
249 CHAN5G(153, 0), CHAN5G(157, 0),
250 CHAN5G(161, 0), CHAN5G(165, 0),
251 CHAN5G(184, 0), CHAN5G(188, 0),
252 CHAN5G(192, 0), CHAN5G(196, 0),
253 CHAN5G(200, 0), CHAN5G(204, 0),
254 CHAN5G(208, 0), CHAN5G(212, 0),
259 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
260 .band = IEEE80211_BAND_5GHZ,
261 .channels = b43_5ghz_nphy_chantable,
262 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
263 .bitrates = b43_a_ratetable,
264 .n_bitrates = b43_a_ratetable_size,
267 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
268 .band = IEEE80211_BAND_5GHZ,
269 .channels = b43_5ghz_aphy_chantable,
270 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
271 .bitrates = b43_a_ratetable,
272 .n_bitrates = b43_a_ratetable_size,
275 static struct ieee80211_supported_band b43_band_2GHz = {
276 .band = IEEE80211_BAND_2GHZ,
277 .channels = b43_2ghz_chantable,
278 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
279 .bitrates = b43_g_ratetable,
280 .n_bitrates = b43_g_ratetable_size,
283 static void b43_wireless_core_exit(struct b43_wldev *dev);
284 static int b43_wireless_core_init(struct b43_wldev *dev);
285 static void b43_wireless_core_stop(struct b43_wldev *dev);
286 static int b43_wireless_core_start(struct b43_wldev *dev);
288 static int b43_ratelimit(struct b43_wl *wl)
290 if (!wl || !wl->current_dev)
292 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
294 /* We are up and running.
295 * Ratelimit the messages to avoid DoS over the net. */
296 return net_ratelimit();
299 void b43info(struct b43_wl *wl, const char *fmt, ...)
303 if (!b43_ratelimit(wl))
306 printk(KERN_INFO "b43-%s: ",
307 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
312 void b43err(struct b43_wl *wl, const char *fmt, ...)
316 if (!b43_ratelimit(wl))
319 printk(KERN_ERR "b43-%s ERROR: ",
320 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
325 void b43warn(struct b43_wl *wl, const char *fmt, ...)
329 if (!b43_ratelimit(wl))
332 printk(KERN_WARNING "b43-%s warning: ",
333 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
339 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
344 printk(KERN_DEBUG "b43-%s debug: ",
345 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
351 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
355 B43_WARN_ON(offset % 4 != 0);
357 macctl = b43_read32(dev, B43_MMIO_MACCTL);
358 if (macctl & B43_MACCTL_BE)
361 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
363 b43_write32(dev, B43_MMIO_RAM_DATA, val);
366 static inline void b43_shm_control_word(struct b43_wldev *dev,
367 u16 routing, u16 offset)
371 /* "offset" is the WORD offset. */
375 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
378 u32 __b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
382 if (routing == B43_SHM_SHARED) {
383 B43_WARN_ON(offset & 0x0001);
384 if (offset & 0x0003) {
385 /* Unaligned access */
386 b43_shm_control_word(dev, routing, offset >> 2);
387 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
389 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
390 ret |= b43_read16(dev, B43_MMIO_SHM_DATA);
396 b43_shm_control_word(dev, routing, offset);
397 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
402 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
404 struct b43_wl *wl = dev->wl;
408 spin_lock_irqsave(&wl->shm_lock, flags);
409 ret = __b43_shm_read32(dev, routing, offset);
410 spin_unlock_irqrestore(&wl->shm_lock, flags);
415 u16 __b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
419 if (routing == B43_SHM_SHARED) {
420 B43_WARN_ON(offset & 0x0001);
421 if (offset & 0x0003) {
422 /* Unaligned access */
423 b43_shm_control_word(dev, routing, offset >> 2);
424 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
430 b43_shm_control_word(dev, routing, offset);
431 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
436 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
438 struct b43_wl *wl = dev->wl;
442 spin_lock_irqsave(&wl->shm_lock, flags);
443 ret = __b43_shm_read16(dev, routing, offset);
444 spin_unlock_irqrestore(&wl->shm_lock, flags);
449 void __b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
451 if (routing == B43_SHM_SHARED) {
452 B43_WARN_ON(offset & 0x0001);
453 if (offset & 0x0003) {
454 /* Unaligned access */
455 b43_shm_control_word(dev, routing, offset >> 2);
456 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
457 (value >> 16) & 0xffff);
458 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
459 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff);
464 b43_shm_control_word(dev, routing, offset);
465 b43_write32(dev, B43_MMIO_SHM_DATA, value);
468 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
470 struct b43_wl *wl = dev->wl;
473 spin_lock_irqsave(&wl->shm_lock, flags);
474 __b43_shm_write32(dev, routing, offset, value);
475 spin_unlock_irqrestore(&wl->shm_lock, flags);
478 void __b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
480 if (routing == B43_SHM_SHARED) {
481 B43_WARN_ON(offset & 0x0001);
482 if (offset & 0x0003) {
483 /* Unaligned access */
484 b43_shm_control_word(dev, routing, offset >> 2);
485 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
490 b43_shm_control_word(dev, routing, offset);
491 b43_write16(dev, B43_MMIO_SHM_DATA, value);
494 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
496 struct b43_wl *wl = dev->wl;
499 spin_lock_irqsave(&wl->shm_lock, flags);
500 __b43_shm_write16(dev, routing, offset, value);
501 spin_unlock_irqrestore(&wl->shm_lock, flags);
505 u64 b43_hf_read(struct b43_wldev * dev)
509 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
511 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
513 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
518 /* Write HostFlags */
519 void b43_hf_write(struct b43_wldev *dev, u64 value)
523 lo = (value & 0x00000000FFFFULL);
524 mi = (value & 0x0000FFFF0000ULL) >> 16;
525 hi = (value & 0xFFFF00000000ULL) >> 32;
526 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
527 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
528 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
531 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
535 B43_WARN_ON(dev->dev->id.revision < 3);
537 /* The hardware guarantees us an atomic read, if we
538 * read the low register first. */
539 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
540 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
547 static void b43_time_lock(struct b43_wldev *dev)
551 macctl = b43_read32(dev, B43_MMIO_MACCTL);
552 macctl |= B43_MACCTL_TBTTHOLD;
553 b43_write32(dev, B43_MMIO_MACCTL, macctl);
554 /* Commit the write */
555 b43_read32(dev, B43_MMIO_MACCTL);
558 static void b43_time_unlock(struct b43_wldev *dev)
562 macctl = b43_read32(dev, B43_MMIO_MACCTL);
563 macctl &= ~B43_MACCTL_TBTTHOLD;
564 b43_write32(dev, B43_MMIO_MACCTL, macctl);
565 /* Commit the write */
566 b43_read32(dev, B43_MMIO_MACCTL);
569 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
573 B43_WARN_ON(dev->dev->id.revision < 3);
577 /* The hardware guarantees us an atomic write, if we
578 * write the low register first. */
579 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
581 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
585 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
588 b43_tsf_write_locked(dev, tsf);
589 b43_time_unlock(dev);
593 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac)
595 static const u8 zero_addr[ETH_ALEN] = { 0 };
602 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
606 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
609 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
612 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
615 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
619 u8 mac_bssid[ETH_ALEN * 2];
623 bssid = dev->wl->bssid;
624 mac = dev->wl->mac_addr;
626 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
628 memcpy(mac_bssid, mac, ETH_ALEN);
629 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
631 /* Write our MAC address and BSSID to template ram */
632 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
633 tmp = (u32) (mac_bssid[i + 0]);
634 tmp |= (u32) (mac_bssid[i + 1]) << 8;
635 tmp |= (u32) (mac_bssid[i + 2]) << 16;
636 tmp |= (u32) (mac_bssid[i + 3]) << 24;
637 b43_ram_write(dev, 0x20 + i, tmp);
641 static void b43_upload_card_macaddress(struct b43_wldev *dev)
643 b43_write_mac_bssid_templates(dev);
644 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
647 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
649 /* slot_time is in usec. */
650 if (dev->phy.type != B43_PHYTYPE_G)
652 b43_write16(dev, 0x684, 510 + slot_time);
653 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
656 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
658 b43_set_slot_time(dev, 9);
661 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
663 b43_set_slot_time(dev, 20);
666 /* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable.
667 * Returns the _previously_ enabled IRQ mask.
669 static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask)
673 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
674 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask);
679 /* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable.
680 * Returns the _previously_ enabled IRQ mask.
682 static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask)
686 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
687 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask);
692 /* Synchronize IRQ top- and bottom-half.
693 * IRQs must be masked before calling this.
694 * This must not be called with the irq_lock held.
696 static void b43_synchronize_irq(struct b43_wldev *dev)
698 synchronize_irq(dev->dev->irq);
699 tasklet_kill(&dev->isr_tasklet);
702 /* DummyTransmission function, as documented on
703 * http://bcm-specs.sipsolutions.net/DummyTransmission
705 void b43_dummy_transmission(struct b43_wldev *dev)
707 struct b43_wl *wl = dev->wl;
708 struct b43_phy *phy = &dev->phy;
709 unsigned int i, max_loop;
722 buffer[0] = 0x000201CC;
727 buffer[0] = 0x000B846E;
734 spin_lock_irq(&wl->irq_lock);
735 write_lock(&wl->tx_lock);
737 for (i = 0; i < 5; i++)
738 b43_ram_write(dev, i * 4, buffer[i]);
741 b43_read32(dev, B43_MMIO_MACCTL);
743 b43_write16(dev, 0x0568, 0x0000);
744 b43_write16(dev, 0x07C0, 0x0000);
745 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0);
746 b43_write16(dev, 0x050C, value);
747 b43_write16(dev, 0x0508, 0x0000);
748 b43_write16(dev, 0x050A, 0x0000);
749 b43_write16(dev, 0x054C, 0x0000);
750 b43_write16(dev, 0x056A, 0x0014);
751 b43_write16(dev, 0x0568, 0x0826);
752 b43_write16(dev, 0x0500, 0x0000);
753 b43_write16(dev, 0x0502, 0x0030);
755 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
756 b43_radio_write16(dev, 0x0051, 0x0017);
757 for (i = 0x00; i < max_loop; i++) {
758 value = b43_read16(dev, 0x050E);
763 for (i = 0x00; i < 0x0A; i++) {
764 value = b43_read16(dev, 0x050E);
769 for (i = 0x00; i < 0x19; i++) {
770 value = b43_read16(dev, 0x0690);
771 if (!(value & 0x0100))
775 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
776 b43_radio_write16(dev, 0x0051, 0x0037);
778 write_unlock(&wl->tx_lock);
779 spin_unlock_irq(&wl->irq_lock);
782 static void key_write(struct b43_wldev *dev,
783 u8 index, u8 algorithm, const u8 * key)
790 /* Key index/algo block */
791 kidx = b43_kidx_to_fw(dev, index);
792 value = ((kidx << 4) | algorithm);
793 b43_shm_write16(dev, B43_SHM_SHARED,
794 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
796 /* Write the key to the Key Table Pointer offset */
797 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
798 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
800 value |= (u16) (key[i + 1]) << 8;
801 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
805 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr)
807 u32 addrtmp[2] = { 0, 0, };
808 u8 per_sta_keys_start = 8;
810 if (b43_new_kidx_api(dev))
811 per_sta_keys_start = 4;
813 B43_WARN_ON(index < per_sta_keys_start);
814 /* We have two default TX keys and possibly two default RX keys.
815 * Physical mac 0 is mapped to physical key 4 or 8, depending
816 * on the firmware version.
817 * So we must adjust the index here.
819 index -= per_sta_keys_start;
822 addrtmp[0] = addr[0];
823 addrtmp[0] |= ((u32) (addr[1]) << 8);
824 addrtmp[0] |= ((u32) (addr[2]) << 16);
825 addrtmp[0] |= ((u32) (addr[3]) << 24);
826 addrtmp[1] = addr[4];
827 addrtmp[1] |= ((u32) (addr[5]) << 8);
830 if (dev->dev->id.revision >= 5) {
831 /* Receive match transmitter address mechanism */
832 b43_shm_write32(dev, B43_SHM_RCMTA,
833 (index * 2) + 0, addrtmp[0]);
834 b43_shm_write16(dev, B43_SHM_RCMTA,
835 (index * 2) + 1, addrtmp[1]);
837 /* RXE (Receive Engine) and
838 * PSM (Programmable State Machine) mechanism
841 /* TODO write to RCM 16, 19, 22 and 25 */
843 b43_shm_write32(dev, B43_SHM_SHARED,
844 B43_SHM_SH_PSM + (index * 6) + 0,
846 b43_shm_write16(dev, B43_SHM_SHARED,
847 B43_SHM_SH_PSM + (index * 6) + 4,
853 static void do_key_write(struct b43_wldev *dev,
854 u8 index, u8 algorithm,
855 const u8 * key, size_t key_len, const u8 * mac_addr)
857 u8 buf[B43_SEC_KEYSIZE] = { 0, };
858 u8 per_sta_keys_start = 8;
860 if (b43_new_kidx_api(dev))
861 per_sta_keys_start = 4;
863 B43_WARN_ON(index >= dev->max_nr_keys);
864 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
866 if (index >= per_sta_keys_start)
867 keymac_write(dev, index, NULL); /* First zero out mac. */
869 memcpy(buf, key, key_len);
870 key_write(dev, index, algorithm, buf);
871 if (index >= per_sta_keys_start)
872 keymac_write(dev, index, mac_addr);
874 dev->key[index].algorithm = algorithm;
877 static int b43_key_write(struct b43_wldev *dev,
878 int index, u8 algorithm,
879 const u8 * key, size_t key_len,
881 struct ieee80211_key_conf *keyconf)
886 if (key_len > B43_SEC_KEYSIZE)
888 for (i = 0; i < dev->max_nr_keys; i++) {
889 /* Check that we don't already have this key. */
890 B43_WARN_ON(dev->key[i].keyconf == keyconf);
893 /* Pairwise key. Get an empty slot for the key. */
894 if (b43_new_kidx_api(dev))
898 for (i = sta_keys_start; i < dev->max_nr_keys; i++) {
899 if (!dev->key[i].keyconf) {
906 b43warn(dev->wl, "Out of hardware key memory\n");
910 B43_WARN_ON(index > 3);
912 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
913 if ((index <= 3) && !b43_new_kidx_api(dev)) {
915 B43_WARN_ON(mac_addr);
916 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
918 keyconf->hw_key_idx = index;
919 dev->key[index].keyconf = keyconf;
924 static int b43_key_clear(struct b43_wldev *dev, int index)
926 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys)))
928 do_key_write(dev, index, B43_SEC_ALGO_NONE,
929 NULL, B43_SEC_KEYSIZE, NULL);
930 if ((index <= 3) && !b43_new_kidx_api(dev)) {
931 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
932 NULL, B43_SEC_KEYSIZE, NULL);
934 dev->key[index].keyconf = NULL;
939 static void b43_clear_keys(struct b43_wldev *dev)
943 for (i = 0; i < dev->max_nr_keys; i++)
944 b43_key_clear(dev, i);
947 static void b43_dump_keymemory(struct b43_wldev *dev)
949 unsigned int i, index, offset;
950 DECLARE_MAC_BUF(macbuf);
958 if (!b43_debug(dev, B43_DBG_KEYS))
961 hf = b43_hf_read(dev);
962 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
963 !!(hf & B43_HF_USEDEFKEYS));
964 for (index = 0; index < dev->max_nr_keys; index++) {
965 key = &(dev->key[index]);
966 printk(KERN_DEBUG "Key slot %02u: %s",
967 index, (key->keyconf == NULL) ? " " : "*");
968 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
969 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
970 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
971 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
974 algo = b43_shm_read16(dev, B43_SHM_SHARED,
975 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
976 printk(" Algo: %04X/%02X", algo, key->algorithm);
979 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
980 ((index - 4) * 2) + 0);
981 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
982 ((index - 4) * 2) + 1);
983 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
984 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
986 print_mac(macbuf, mac));
988 printk(" DEFAULT KEY");
993 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1001 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1002 (ps_flags & B43_PS_DISABLED));
1003 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1005 if (ps_flags & B43_PS_ENABLED) {
1007 } else if (ps_flags & B43_PS_DISABLED) {
1010 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1011 // and thus is not an AP and we are associated, set bit 25
1013 if (ps_flags & B43_PS_AWAKE) {
1015 } else if (ps_flags & B43_PS_ASLEEP) {
1018 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1019 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1020 // successful, set bit26
1023 /* FIXME: For now we force awake-on and hwps-off */
1027 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1029 macctl |= B43_MACCTL_HWPS;
1031 macctl &= ~B43_MACCTL_HWPS;
1033 macctl |= B43_MACCTL_AWAKE;
1035 macctl &= ~B43_MACCTL_AWAKE;
1036 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1038 b43_read32(dev, B43_MMIO_MACCTL);
1039 if (awake && dev->dev->id.revision >= 5) {
1040 /* Wait for the microcode to wake up. */
1041 for (i = 0; i < 100; i++) {
1042 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1043 B43_SHM_SH_UCODESTAT);
1044 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1051 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1056 flags |= B43_TMSLOW_PHYCLKEN;
1057 flags |= B43_TMSLOW_PHYRESET;
1058 ssb_device_enable(dev->dev, flags);
1059 msleep(2); /* Wait for the PLL to turn on. */
1061 /* Now take the PHY out of Reset again */
1062 tmslow = ssb_read32(dev->dev, SSB_TMSLOW);
1063 tmslow |= SSB_TMSLOW_FGC;
1064 tmslow &= ~B43_TMSLOW_PHYRESET;
1065 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1066 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1068 tmslow &= ~SSB_TMSLOW_FGC;
1069 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1070 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1073 /* Turn Analog ON, but only if we already know the PHY-type.
1074 * This protects against very early setup where we don't know the
1075 * PHY-type, yet. wireless_core_reset will be called once again later,
1076 * when we know the PHY-type. */
1078 dev->phy.ops->switch_analog(dev, 1);
1080 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1081 macctl &= ~B43_MACCTL_GMODE;
1082 if (flags & B43_TMSLOW_GMODE)
1083 macctl |= B43_MACCTL_GMODE;
1084 macctl |= B43_MACCTL_IHR_ENABLED;
1085 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1088 static void handle_irq_transmit_status(struct b43_wldev *dev)
1092 struct b43_txstatus stat;
1095 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1096 if (!(v0 & 0x00000001))
1098 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1100 stat.cookie = (v0 >> 16);
1101 stat.seq = (v1 & 0x0000FFFF);
1102 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1103 tmp = (v0 & 0x0000FFFF);
1104 stat.frame_count = ((tmp & 0xF000) >> 12);
1105 stat.rts_count = ((tmp & 0x0F00) >> 8);
1106 stat.supp_reason = ((tmp & 0x001C) >> 2);
1107 stat.pm_indicated = !!(tmp & 0x0080);
1108 stat.intermediate = !!(tmp & 0x0040);
1109 stat.for_ampdu = !!(tmp & 0x0020);
1110 stat.acked = !!(tmp & 0x0002);
1112 b43_handle_txstatus(dev, &stat);
1116 static void drain_txstatus_queue(struct b43_wldev *dev)
1120 if (dev->dev->id.revision < 5)
1122 /* Read all entries from the microcode TXstatus FIFO
1123 * and throw them away.
1126 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1127 if (!(dummy & 0x00000001))
1129 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1133 static u32 b43_jssi_read(struct b43_wldev *dev)
1137 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1139 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1144 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1146 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1147 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1150 static void b43_generate_noise_sample(struct b43_wldev *dev)
1152 b43_jssi_write(dev, 0x7F7F7F7F);
1153 b43_write32(dev, B43_MMIO_MACCMD,
1154 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1157 static void b43_calculate_link_quality(struct b43_wldev *dev)
1159 /* Top half of Link Quality calculation. */
1161 if (dev->phy.type != B43_PHYTYPE_G)
1163 if (dev->noisecalc.calculation_running)
1165 dev->noisecalc.calculation_running = 1;
1166 dev->noisecalc.nr_samples = 0;
1168 b43_generate_noise_sample(dev);
1171 static void handle_irq_noise(struct b43_wldev *dev)
1173 struct b43_phy_g *phy = dev->phy.g;
1179 /* Bottom half of Link Quality calculation. */
1181 if (dev->phy.type != B43_PHYTYPE_G)
1184 /* Possible race condition: It might be possible that the user
1185 * changed to a different channel in the meantime since we
1186 * started the calculation. We ignore that fact, since it's
1187 * not really that much of a problem. The background noise is
1188 * an estimation only anyway. Slightly wrong results will get damped
1189 * by the averaging of the 8 sample rounds. Additionally the
1190 * value is shortlived. So it will be replaced by the next noise
1191 * calculation round soon. */
1193 B43_WARN_ON(!dev->noisecalc.calculation_running);
1194 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1195 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1196 noise[2] == 0x7F || noise[3] == 0x7F)
1199 /* Get the noise samples. */
1200 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1201 i = dev->noisecalc.nr_samples;
1202 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1203 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1204 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1205 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1206 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1207 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1208 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1209 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1210 dev->noisecalc.nr_samples++;
1211 if (dev->noisecalc.nr_samples == 8) {
1212 /* Calculate the Link Quality by the noise samples. */
1214 for (i = 0; i < 8; i++) {
1215 for (j = 0; j < 4; j++)
1216 average += dev->noisecalc.samples[i][j];
1222 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1223 tmp = (tmp / 128) & 0x1F;
1233 dev->stats.link_noise = average;
1234 dev->noisecalc.calculation_running = 0;
1238 b43_generate_noise_sample(dev);
1241 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1243 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1246 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1247 b43_power_saving_ctl_bits(dev, 0);
1249 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1253 static void handle_irq_atim_end(struct b43_wldev *dev)
1255 if (dev->dfq_valid) {
1256 b43_write32(dev, B43_MMIO_MACCMD,
1257 b43_read32(dev, B43_MMIO_MACCMD)
1258 | B43_MACCMD_DFQ_VALID);
1263 static void handle_irq_pmq(struct b43_wldev *dev)
1270 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1271 if (!(tmp & 0x00000008))
1274 /* 16bit write is odd, but correct. */
1275 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1278 static void b43_write_template_common(struct b43_wldev *dev,
1279 const u8 * data, u16 size,
1281 u16 shm_size_offset, u8 rate)
1284 struct b43_plcp_hdr4 plcp;
1287 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1288 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1289 ram_offset += sizeof(u32);
1290 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1291 * So leave the first two bytes of the next write blank.
1293 tmp = (u32) (data[0]) << 16;
1294 tmp |= (u32) (data[1]) << 24;
1295 b43_ram_write(dev, ram_offset, tmp);
1296 ram_offset += sizeof(u32);
1297 for (i = 2; i < size; i += sizeof(u32)) {
1298 tmp = (u32) (data[i + 0]);
1300 tmp |= (u32) (data[i + 1]) << 8;
1302 tmp |= (u32) (data[i + 2]) << 16;
1304 tmp |= (u32) (data[i + 3]) << 24;
1305 b43_ram_write(dev, ram_offset + i - 2, tmp);
1307 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1308 size + sizeof(struct b43_plcp_hdr6));
1311 /* Check if the use of the antenna that ieee80211 told us to
1312 * use is possible. This will fall back to DEFAULT.
1313 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1314 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1319 if (antenna_nr == 0) {
1320 /* Zero means "use default antenna". That's always OK. */
1324 /* Get the mask of available antennas. */
1326 antenna_mask = dev->dev->bus->sprom.ant_available_bg;
1328 antenna_mask = dev->dev->bus->sprom.ant_available_a;
1330 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1331 /* This antenna is not available. Fall back to default. */
1338 /* Convert a b43 antenna number value to the PHY TX control value. */
1339 static u16 b43_antenna_to_phyctl(int antenna)
1343 return B43_TXH_PHY_ANT0;
1345 return B43_TXH_PHY_ANT1;
1347 return B43_TXH_PHY_ANT2;
1349 return B43_TXH_PHY_ANT3;
1350 case B43_ANTENNA_AUTO:
1351 return B43_TXH_PHY_ANT01AUTO;
1357 static void b43_write_beacon_template(struct b43_wldev *dev,
1359 u16 shm_size_offset)
1361 unsigned int i, len, variable_len;
1362 const struct ieee80211_mgmt *bcn;
1368 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1370 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1371 len = min((size_t) dev->wl->current_beacon->len,
1372 0x200 - sizeof(struct b43_plcp_hdr6));
1373 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1375 b43_write_template_common(dev, (const u8 *)bcn,
1376 len, ram_offset, shm_size_offset, rate);
1378 /* Write the PHY TX control parameters. */
1379 antenna = B43_ANTENNA_DEFAULT;
1380 antenna = b43_antenna_to_phyctl(antenna);
1381 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1382 /* We can't send beacons with short preamble. Would get PHY errors. */
1383 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1384 ctl &= ~B43_TXH_PHY_ANT;
1385 ctl &= ~B43_TXH_PHY_ENC;
1387 if (b43_is_cck_rate(rate))
1388 ctl |= B43_TXH_PHY_ENC_CCK;
1390 ctl |= B43_TXH_PHY_ENC_OFDM;
1391 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1393 /* Find the position of the TIM and the DTIM_period value
1394 * and write them to SHM. */
1395 ie = bcn->u.beacon.variable;
1396 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1397 for (i = 0; i < variable_len - 2; ) {
1398 uint8_t ie_id, ie_len;
1405 /* This is the TIM Information Element */
1407 /* Check whether the ie_len is in the beacon data range. */
1408 if (variable_len < ie_len + 2 + i)
1410 /* A valid TIM is at least 4 bytes long. */
1415 tim_position = sizeof(struct b43_plcp_hdr6);
1416 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1419 dtim_period = ie[i + 3];
1421 b43_shm_write16(dev, B43_SHM_SHARED,
1422 B43_SHM_SH_TIMBPOS, tim_position);
1423 b43_shm_write16(dev, B43_SHM_SHARED,
1424 B43_SHM_SH_DTIMPER, dtim_period);
1431 * If ucode wants to modify TIM do it behind the beacon, this
1432 * will happen, for example, when doing mesh networking.
1434 b43_shm_write16(dev, B43_SHM_SHARED,
1436 len + sizeof(struct b43_plcp_hdr6));
1437 b43_shm_write16(dev, B43_SHM_SHARED,
1438 B43_SHM_SH_DTIMPER, 0);
1440 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1443 static void b43_write_probe_resp_plcp(struct b43_wldev *dev,
1444 u16 shm_offset, u16 size,
1445 struct ieee80211_rate *rate)
1447 struct b43_plcp_hdr4 plcp;
1452 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value);
1453 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1456 /* Write PLCP in two parts and timing for packet transfer */
1457 tmp = le32_to_cpu(plcp.data);
1458 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF);
1459 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16);
1460 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur));
1463 /* Instead of using custom probe response template, this function
1464 * just patches custom beacon template by:
1465 * 1) Changing packet type
1466 * 2) Patching duration field
1469 static const u8 * b43_generate_probe_resp(struct b43_wldev *dev,
1471 struct ieee80211_rate *rate)
1475 u16 src_size, elem_size, src_pos, dest_pos;
1477 struct ieee80211_hdr *hdr;
1480 src_size = dev->wl->current_beacon->len;
1481 src_data = (const u8 *)dev->wl->current_beacon->data;
1483 /* Get the start offset of the variable IEs in the packet. */
1484 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
1485 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable));
1487 if (B43_WARN_ON(src_size < ie_start))
1490 dest_data = kmalloc(src_size, GFP_ATOMIC);
1491 if (unlikely(!dest_data))
1494 /* Copy the static data and all Information Elements, except the TIM. */
1495 memcpy(dest_data, src_data, ie_start);
1497 dest_pos = ie_start;
1498 for ( ; src_pos < src_size - 2; src_pos += elem_size) {
1499 elem_size = src_data[src_pos + 1] + 2;
1500 if (src_data[src_pos] == 5) {
1501 /* This is the TIM. */
1504 memcpy(dest_data + dest_pos, src_data + src_pos,
1506 dest_pos += elem_size;
1508 *dest_size = dest_pos;
1509 hdr = (struct ieee80211_hdr *)dest_data;
1511 /* Set the frame control. */
1512 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1513 IEEE80211_STYPE_PROBE_RESP);
1514 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1515 dev->wl->vif, *dest_size,
1517 hdr->duration_id = dur;
1522 static void b43_write_probe_resp_template(struct b43_wldev *dev,
1524 u16 shm_size_offset,
1525 struct ieee80211_rate *rate)
1527 const u8 *probe_resp_data;
1530 size = dev->wl->current_beacon->len;
1531 probe_resp_data = b43_generate_probe_resp(dev, &size, rate);
1532 if (unlikely(!probe_resp_data))
1535 /* Looks like PLCP headers plus packet timings are stored for
1536 * all possible basic rates
1538 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]);
1539 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]);
1540 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]);
1541 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]);
1543 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6));
1544 b43_write_template_common(dev, probe_resp_data,
1545 size, ram_offset, shm_size_offset,
1547 kfree(probe_resp_data);
1550 static void b43_upload_beacon0(struct b43_wldev *dev)
1552 struct b43_wl *wl = dev->wl;
1554 if (wl->beacon0_uploaded)
1556 b43_write_beacon_template(dev, 0x68, 0x18);
1557 /* FIXME: Probe resp upload doesn't really belong here,
1558 * but we don't use that feature anyway. */
1559 b43_write_probe_resp_template(dev, 0x268, 0x4A,
1560 &__b43_ratetable[3]);
1561 wl->beacon0_uploaded = 1;
1564 static void b43_upload_beacon1(struct b43_wldev *dev)
1566 struct b43_wl *wl = dev->wl;
1568 if (wl->beacon1_uploaded)
1570 b43_write_beacon_template(dev, 0x468, 0x1A);
1571 wl->beacon1_uploaded = 1;
1574 static void handle_irq_beacon(struct b43_wldev *dev)
1576 struct b43_wl *wl = dev->wl;
1577 u32 cmd, beacon0_valid, beacon1_valid;
1579 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1580 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1583 /* This is the bottom half of the asynchronous beacon update. */
1585 /* Ignore interrupt in the future. */
1586 dev->irq_savedstate &= ~B43_IRQ_BEACON;
1588 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1589 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1590 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1592 /* Schedule interrupt manually, if busy. */
1593 if (beacon0_valid && beacon1_valid) {
1594 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1595 dev->irq_savedstate |= B43_IRQ_BEACON;
1599 if (unlikely(wl->beacon_templates_virgin)) {
1600 /* We never uploaded a beacon before.
1601 * Upload both templates now, but only mark one valid. */
1602 wl->beacon_templates_virgin = 0;
1603 b43_upload_beacon0(dev);
1604 b43_upload_beacon1(dev);
1605 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1606 cmd |= B43_MACCMD_BEACON0_VALID;
1607 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1609 if (!beacon0_valid) {
1610 b43_upload_beacon0(dev);
1611 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1612 cmd |= B43_MACCMD_BEACON0_VALID;
1613 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1614 } else if (!beacon1_valid) {
1615 b43_upload_beacon1(dev);
1616 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1617 cmd |= B43_MACCMD_BEACON1_VALID;
1618 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1623 static void b43_beacon_update_trigger_work(struct work_struct *work)
1625 struct b43_wl *wl = container_of(work, struct b43_wl,
1626 beacon_update_trigger);
1627 struct b43_wldev *dev;
1629 mutex_lock(&wl->mutex);
1630 dev = wl->current_dev;
1631 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1632 spin_lock_irq(&wl->irq_lock);
1633 /* update beacon right away or defer to irq */
1634 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1635 handle_irq_beacon(dev);
1636 /* The handler might have updated the IRQ mask. */
1637 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK,
1638 dev->irq_savedstate);
1640 spin_unlock_irq(&wl->irq_lock);
1642 mutex_unlock(&wl->mutex);
1645 /* Asynchronously update the packet templates in template RAM.
1646 * Locking: Requires wl->irq_lock to be locked. */
1647 static void b43_update_templates(struct b43_wl *wl)
1649 struct sk_buff *beacon;
1651 /* This is the top half of the ansynchronous beacon update.
1652 * The bottom half is the beacon IRQ.
1653 * Beacon update must be asynchronous to avoid sending an
1654 * invalid beacon. This can happen for example, if the firmware
1655 * transmits a beacon while we are updating it. */
1657 /* We could modify the existing beacon and set the aid bit in
1658 * the TIM field, but that would probably require resizing and
1659 * moving of data within the beacon template.
1660 * Simply request a new beacon and let mac80211 do the hard work. */
1661 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1662 if (unlikely(!beacon))
1665 if (wl->current_beacon)
1666 dev_kfree_skb_any(wl->current_beacon);
1667 wl->current_beacon = beacon;
1668 wl->beacon0_uploaded = 0;
1669 wl->beacon1_uploaded = 0;
1670 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger);
1673 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1676 if (dev->dev->id.revision >= 3) {
1677 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1678 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1680 b43_write16(dev, 0x606, (beacon_int >> 6));
1681 b43_write16(dev, 0x610, beacon_int);
1683 b43_time_unlock(dev);
1684 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1687 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1691 /* Read the register that contains the reason code for the panic. */
1692 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1693 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1697 b43dbg(dev->wl, "The panic reason is unknown.\n");
1699 case B43_FWPANIC_DIE:
1700 /* Do not restart the controller or firmware.
1701 * The device is nonfunctional from now on.
1702 * Restarting would result in this panic to trigger again,
1703 * so we avoid that recursion. */
1705 case B43_FWPANIC_RESTART:
1706 b43_controller_restart(dev, "Microcode panic");
1711 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1713 unsigned int i, cnt;
1714 u16 reason, marker_id, marker_line;
1717 /* The proprietary firmware doesn't have this IRQ. */
1718 if (!dev->fw.opensource)
1721 /* Read the register that contains the reason code for this IRQ. */
1722 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1725 case B43_DEBUGIRQ_PANIC:
1726 b43_handle_firmware_panic(dev);
1728 case B43_DEBUGIRQ_DUMP_SHM:
1730 break; /* Only with driver debugging enabled. */
1731 buf = kmalloc(4096, GFP_ATOMIC);
1733 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1736 for (i = 0; i < 4096; i += 2) {
1737 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1738 buf[i / 2] = cpu_to_le16(tmp);
1740 b43info(dev->wl, "Shared memory dump:\n");
1741 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1742 16, 2, buf, 4096, 1);
1745 case B43_DEBUGIRQ_DUMP_REGS:
1747 break; /* Only with driver debugging enabled. */
1748 b43info(dev->wl, "Microcode register dump:\n");
1749 for (i = 0, cnt = 0; i < 64; i++) {
1750 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1753 printk("r%02u: 0x%04X ", i, tmp);
1762 case B43_DEBUGIRQ_MARKER:
1764 break; /* Only with driver debugging enabled. */
1765 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1767 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1768 B43_MARKER_LINE_REG);
1769 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1770 "at line number %u\n",
1771 marker_id, marker_line);
1774 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1778 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1779 b43_shm_write16(dev, B43_SHM_SCRATCH,
1780 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1783 /* Interrupt handler bottom-half */
1784 static void b43_interrupt_tasklet(struct b43_wldev *dev)
1787 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1788 u32 merged_dma_reason = 0;
1790 unsigned long flags;
1792 spin_lock_irqsave(&dev->wl->irq_lock, flags);
1794 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED);
1796 reason = dev->irq_reason;
1797 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1798 dma_reason[i] = dev->dma_reason[i];
1799 merged_dma_reason |= dma_reason[i];
1802 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1803 b43err(dev->wl, "MAC transmission error\n");
1805 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1806 b43err(dev->wl, "PHY transmission error\n");
1808 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1809 atomic_set(&dev->phy.txerr_cnt,
1810 B43_PHY_TX_BADNESS_LIMIT);
1811 b43err(dev->wl, "Too many PHY TX errors, "
1812 "restarting the controller\n");
1813 b43_controller_restart(dev, "PHY TX errors");
1817 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1818 B43_DMAIRQ_NONFATALMASK))) {
1819 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1820 b43err(dev->wl, "Fatal DMA error: "
1821 "0x%08X, 0x%08X, 0x%08X, "
1822 "0x%08X, 0x%08X, 0x%08X\n",
1823 dma_reason[0], dma_reason[1],
1824 dma_reason[2], dma_reason[3],
1825 dma_reason[4], dma_reason[5]);
1826 b43_controller_restart(dev, "DMA error");
1828 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1831 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1832 b43err(dev->wl, "DMA error: "
1833 "0x%08X, 0x%08X, 0x%08X, "
1834 "0x%08X, 0x%08X, 0x%08X\n",
1835 dma_reason[0], dma_reason[1],
1836 dma_reason[2], dma_reason[3],
1837 dma_reason[4], dma_reason[5]);
1841 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1842 handle_irq_ucode_debug(dev);
1843 if (reason & B43_IRQ_TBTT_INDI)
1844 handle_irq_tbtt_indication(dev);
1845 if (reason & B43_IRQ_ATIM_END)
1846 handle_irq_atim_end(dev);
1847 if (reason & B43_IRQ_BEACON)
1848 handle_irq_beacon(dev);
1849 if (reason & B43_IRQ_PMQ)
1850 handle_irq_pmq(dev);
1851 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1853 if (reason & B43_IRQ_NOISESAMPLE_OK)
1854 handle_irq_noise(dev);
1856 /* Check the DMA reason registers for received data. */
1857 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1858 if (b43_using_pio_transfers(dev))
1859 b43_pio_rx(dev->pio.rx_queue);
1861 b43_dma_rx(dev->dma.rx_ring);
1863 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1864 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1865 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1866 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1867 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1869 if (reason & B43_IRQ_TX_OK)
1870 handle_irq_transmit_status(dev);
1872 b43_interrupt_enable(dev, dev->irq_savedstate);
1874 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1877 static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason)
1879 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1881 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1882 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1883 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1884 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1885 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1886 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1889 /* Interrupt handler top-half */
1890 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1892 irqreturn_t ret = IRQ_NONE;
1893 struct b43_wldev *dev = dev_id;
1899 spin_lock(&dev->wl->irq_lock);
1901 if (b43_status(dev) < B43_STAT_STARTED)
1903 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1904 if (reason == 0xffffffff) /* shared IRQ */
1907 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1911 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1913 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1915 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1917 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1919 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1921 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1924 b43_interrupt_ack(dev, reason);
1925 /* disable all IRQs. They are enabled again in the bottom half. */
1926 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
1927 /* save the reason code and call our bottom half. */
1928 dev->irq_reason = reason;
1929 tasklet_schedule(&dev->isr_tasklet);
1932 spin_unlock(&dev->wl->irq_lock);
1937 static void do_release_fw(struct b43_firmware_file *fw)
1939 release_firmware(fw->data);
1941 fw->filename = NULL;
1944 static void b43_release_firmware(struct b43_wldev *dev)
1946 do_release_fw(&dev->fw.ucode);
1947 do_release_fw(&dev->fw.pcm);
1948 do_release_fw(&dev->fw.initvals);
1949 do_release_fw(&dev->fw.initvals_band);
1952 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
1956 text = "You must go to "
1957 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware "
1958 "and download the correct firmware for this driver version. "
1959 "Please carefully read all instructions on this website.\n";
1966 static int do_request_fw(struct b43_wldev *dev,
1968 struct b43_firmware_file *fw,
1971 char path[sizeof(modparam_fwpostfix) + 32];
1972 const struct firmware *blob;
1973 struct b43_fw_header *hdr;
1978 /* Don't fetch anything. Free possibly cached firmware. */
1983 if (strcmp(fw->filename, name) == 0)
1984 return 0; /* Already have this fw. */
1985 /* Free the cached firmware first. */
1989 snprintf(path, ARRAY_SIZE(path),
1991 modparam_fwpostfix, name);
1992 err = request_firmware(&blob, path, dev->dev->dev);
1993 if (err == -ENOENT) {
1995 b43err(dev->wl, "Firmware file \"%s\" not found\n",
2000 b43err(dev->wl, "Firmware file \"%s\" request failed (err=%d)\n",
2004 if (blob->size < sizeof(struct b43_fw_header))
2006 hdr = (struct b43_fw_header *)(blob->data);
2007 switch (hdr->type) {
2008 case B43_FW_TYPE_UCODE:
2009 case B43_FW_TYPE_PCM:
2010 size = be32_to_cpu(hdr->size);
2011 if (size != blob->size - sizeof(struct b43_fw_header))
2014 case B43_FW_TYPE_IV:
2023 fw->filename = name;
2028 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path);
2029 release_firmware(blob);
2034 static int b43_request_firmware(struct b43_wldev *dev)
2036 struct b43_firmware *fw = &dev->fw;
2037 const u8 rev = dev->dev->id.revision;
2038 const char *filename;
2043 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
2044 if ((rev >= 5) && (rev <= 10))
2045 filename = "ucode5";
2046 else if ((rev >= 11) && (rev <= 12))
2047 filename = "ucode11";
2049 filename = "ucode13";
2052 err = do_request_fw(dev, filename, &fw->ucode, 0);
2057 if ((rev >= 5) && (rev <= 10))
2063 fw->pcm_request_failed = 0;
2064 err = do_request_fw(dev, filename, &fw->pcm, 1);
2065 if (err == -ENOENT) {
2066 /* We did not find a PCM file? Not fatal, but
2067 * core rev <= 10 must do without hwcrypto then. */
2068 fw->pcm_request_failed = 1;
2073 switch (dev->phy.type) {
2075 if ((rev >= 5) && (rev <= 10)) {
2076 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2077 filename = "a0g1initvals5";
2079 filename = "a0g0initvals5";
2081 goto err_no_initvals;
2084 if ((rev >= 5) && (rev <= 10))
2085 filename = "b0g0initvals5";
2087 filename = "b0g0initvals13";
2089 goto err_no_initvals;
2092 if ((rev >= 11) && (rev <= 12))
2093 filename = "n0initvals11";
2095 goto err_no_initvals;
2098 goto err_no_initvals;
2100 err = do_request_fw(dev, filename, &fw->initvals, 0);
2104 /* Get bandswitch initvals */
2105 switch (dev->phy.type) {
2107 if ((rev >= 5) && (rev <= 10)) {
2108 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2109 filename = "a0g1bsinitvals5";
2111 filename = "a0g0bsinitvals5";
2112 } else if (rev >= 11)
2115 goto err_no_initvals;
2118 if ((rev >= 5) && (rev <= 10))
2119 filename = "b0g0bsinitvals5";
2123 goto err_no_initvals;
2126 if ((rev >= 11) && (rev <= 12))
2127 filename = "n0bsinitvals11";
2129 goto err_no_initvals;
2132 goto err_no_initvals;
2134 err = do_request_fw(dev, filename, &fw->initvals_band, 0);
2141 b43_print_fw_helptext(dev->wl, 1);
2146 b43err(dev->wl, "No microcode available for core rev %u\n", rev);
2151 b43err(dev->wl, "No PCM available for core rev %u\n", rev);
2156 b43err(dev->wl, "No Initial Values firmware file for PHY %u, "
2157 "core rev %u\n", dev->phy.type, rev);
2161 b43_release_firmware(dev);
2165 static int b43_upload_microcode(struct b43_wldev *dev)
2167 const size_t hdr_len = sizeof(struct b43_fw_header);
2169 unsigned int i, len;
2170 u16 fwrev, fwpatch, fwdate, fwtime;
2174 /* Jump the microcode PSM to offset 0 */
2175 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2176 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2177 macctl |= B43_MACCTL_PSM_JMP0;
2178 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2179 /* Zero out all microcode PSM registers and shared memory. */
2180 for (i = 0; i < 64; i++)
2181 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2182 for (i = 0; i < 4096; i += 2)
2183 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2185 /* Upload Microcode. */
2186 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2187 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2188 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2189 for (i = 0; i < len; i++) {
2190 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2194 if (dev->fw.pcm.data) {
2195 /* Upload PCM data. */
2196 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2197 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2198 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2199 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2200 /* No need for autoinc bit in SHM_HW */
2201 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2202 for (i = 0; i < len; i++) {
2203 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2208 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2210 /* Start the microcode PSM */
2211 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2212 macctl &= ~B43_MACCTL_PSM_JMP0;
2213 macctl |= B43_MACCTL_PSM_RUN;
2214 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2216 /* Wait for the microcode to load and respond */
2219 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2220 if (tmp == B43_IRQ_MAC_SUSPENDED)
2224 b43err(dev->wl, "Microcode not responding\n");
2225 b43_print_fw_helptext(dev->wl, 1);
2229 msleep_interruptible(50);
2230 if (signal_pending(current)) {
2235 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2237 /* Get and check the revisions. */
2238 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2239 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2240 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2241 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2243 if (fwrev <= 0x128) {
2244 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2245 "binary drivers older than version 4.x is unsupported. "
2246 "You must upgrade your firmware files.\n");
2247 b43_print_fw_helptext(dev->wl, 1);
2251 dev->fw.rev = fwrev;
2252 dev->fw.patch = fwpatch;
2253 dev->fw.opensource = (fwdate == 0xFFFF);
2255 if (dev->fw.opensource) {
2256 /* Patchlevel info is encoded in the "time" field. */
2257 dev->fw.patch = fwtime;
2258 b43info(dev->wl, "Loading OpenSource firmware version %u.%u%s\n",
2259 dev->fw.rev, dev->fw.patch,
2260 dev->fw.pcm_request_failed ? " (Hardware crypto not supported)" : "");
2262 b43info(dev->wl, "Loading firmware version %u.%u "
2263 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2265 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2266 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2267 if (dev->fw.pcm_request_failed) {
2268 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2269 "Hardware accelerated cryptography is disabled.\n");
2270 b43_print_fw_helptext(dev->wl, 0);
2274 if (b43_is_old_txhdr_format(dev)) {
2275 /* We're over the deadline, but we keep support for old fw
2276 * until it turns out to be in major conflict with something new. */
2277 b43warn(dev->wl, "You are using an old firmware image. "
2278 "Support for old firmware will be removed soon "
2279 "(official deadline was July 2008).\n");
2280 b43_print_fw_helptext(dev->wl, 0);
2286 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2287 macctl &= ~B43_MACCTL_PSM_RUN;
2288 macctl |= B43_MACCTL_PSM_JMP0;
2289 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2294 static int b43_write_initvals(struct b43_wldev *dev,
2295 const struct b43_iv *ivals,
2299 const struct b43_iv *iv;
2304 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2306 for (i = 0; i < count; i++) {
2307 if (array_size < sizeof(iv->offset_size))
2309 array_size -= sizeof(iv->offset_size);
2310 offset = be16_to_cpu(iv->offset_size);
2311 bit32 = !!(offset & B43_IV_32BIT);
2312 offset &= B43_IV_OFFSET_MASK;
2313 if (offset >= 0x1000)
2318 if (array_size < sizeof(iv->data.d32))
2320 array_size -= sizeof(iv->data.d32);
2322 value = get_unaligned_be32(&iv->data.d32);
2323 b43_write32(dev, offset, value);
2325 iv = (const struct b43_iv *)((const uint8_t *)iv +
2331 if (array_size < sizeof(iv->data.d16))
2333 array_size -= sizeof(iv->data.d16);
2335 value = be16_to_cpu(iv->data.d16);
2336 b43_write16(dev, offset, value);
2338 iv = (const struct b43_iv *)((const uint8_t *)iv +
2349 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2350 b43_print_fw_helptext(dev->wl, 1);
2355 static int b43_upload_initvals(struct b43_wldev *dev)
2357 const size_t hdr_len = sizeof(struct b43_fw_header);
2358 const struct b43_fw_header *hdr;
2359 struct b43_firmware *fw = &dev->fw;
2360 const struct b43_iv *ivals;
2364 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2365 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2366 count = be32_to_cpu(hdr->size);
2367 err = b43_write_initvals(dev, ivals, count,
2368 fw->initvals.data->size - hdr_len);
2371 if (fw->initvals_band.data) {
2372 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2373 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2374 count = be32_to_cpu(hdr->size);
2375 err = b43_write_initvals(dev, ivals, count,
2376 fw->initvals_band.data->size - hdr_len);
2385 /* Initialize the GPIOs
2386 * http://bcm-specs.sipsolutions.net/GPIO
2388 static int b43_gpio_init(struct b43_wldev *dev)
2390 struct ssb_bus *bus = dev->dev->bus;
2391 struct ssb_device *gpiodev, *pcidev = NULL;
2394 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2395 & ~B43_MACCTL_GPOUTSMSK);
2397 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2402 if (dev->dev->bus->chip_id == 0x4301) {
2406 if (0 /* FIXME: conditional unknown */ ) {
2407 b43_write16(dev, B43_MMIO_GPIO_MASK,
2408 b43_read16(dev, B43_MMIO_GPIO_MASK)
2413 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2414 b43_write16(dev, B43_MMIO_GPIO_MASK,
2415 b43_read16(dev, B43_MMIO_GPIO_MASK)
2420 if (dev->dev->id.revision >= 2)
2421 mask |= 0x0010; /* FIXME: This is redundant. */
2423 #ifdef CONFIG_SSB_DRIVER_PCICORE
2424 pcidev = bus->pcicore.dev;
2426 gpiodev = bus->chipco.dev ? : pcidev;
2429 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2430 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2436 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2437 static void b43_gpio_cleanup(struct b43_wldev *dev)
2439 struct ssb_bus *bus = dev->dev->bus;
2440 struct ssb_device *gpiodev, *pcidev = NULL;
2442 #ifdef CONFIG_SSB_DRIVER_PCICORE
2443 pcidev = bus->pcicore.dev;
2445 gpiodev = bus->chipco.dev ? : pcidev;
2448 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2451 /* http://bcm-specs.sipsolutions.net/EnableMac */
2452 void b43_mac_enable(struct b43_wldev *dev)
2454 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2457 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2458 B43_SHM_SH_UCODESTAT);
2459 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2460 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2461 b43err(dev->wl, "b43_mac_enable(): The firmware "
2462 "should be suspended, but current state is %u\n",
2467 dev->mac_suspended--;
2468 B43_WARN_ON(dev->mac_suspended < 0);
2469 if (dev->mac_suspended == 0) {
2470 b43_write32(dev, B43_MMIO_MACCTL,
2471 b43_read32(dev, B43_MMIO_MACCTL)
2472 | B43_MACCTL_ENABLED);
2473 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2474 B43_IRQ_MAC_SUSPENDED);
2476 b43_read32(dev, B43_MMIO_MACCTL);
2477 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2478 b43_power_saving_ctl_bits(dev, 0);
2482 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2483 void b43_mac_suspend(struct b43_wldev *dev)
2489 B43_WARN_ON(dev->mac_suspended < 0);
2491 if (dev->mac_suspended == 0) {
2492 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2493 b43_write32(dev, B43_MMIO_MACCTL,
2494 b43_read32(dev, B43_MMIO_MACCTL)
2495 & ~B43_MACCTL_ENABLED);
2496 /* force pci to flush the write */
2497 b43_read32(dev, B43_MMIO_MACCTL);
2498 for (i = 35; i; i--) {
2499 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2500 if (tmp & B43_IRQ_MAC_SUSPENDED)
2504 /* Hm, it seems this will take some time. Use msleep(). */
2505 for (i = 40; i; i--) {
2506 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2507 if (tmp & B43_IRQ_MAC_SUSPENDED)
2511 b43err(dev->wl, "MAC suspend failed\n");
2514 dev->mac_suspended++;
2517 static void b43_adjust_opmode(struct b43_wldev *dev)
2519 struct b43_wl *wl = dev->wl;
2523 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2524 /* Reset status to STA infrastructure mode. */
2525 ctl &= ~B43_MACCTL_AP;
2526 ctl &= ~B43_MACCTL_KEEP_CTL;
2527 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2528 ctl &= ~B43_MACCTL_KEEP_BAD;
2529 ctl &= ~B43_MACCTL_PROMISC;
2530 ctl &= ~B43_MACCTL_BEACPROMISC;
2531 ctl |= B43_MACCTL_INFRA;
2533 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2534 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2535 ctl |= B43_MACCTL_AP;
2536 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2537 ctl &= ~B43_MACCTL_INFRA;
2539 if (wl->filter_flags & FIF_CONTROL)
2540 ctl |= B43_MACCTL_KEEP_CTL;
2541 if (wl->filter_flags & FIF_FCSFAIL)
2542 ctl |= B43_MACCTL_KEEP_BAD;
2543 if (wl->filter_flags & FIF_PLCPFAIL)
2544 ctl |= B43_MACCTL_KEEP_BADPLCP;
2545 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2546 ctl |= B43_MACCTL_PROMISC;
2547 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2548 ctl |= B43_MACCTL_BEACPROMISC;
2550 /* Workaround: On old hardware the HW-MAC-address-filter
2551 * doesn't work properly, so always run promisc in filter
2552 * it in software. */
2553 if (dev->dev->id.revision <= 4)
2554 ctl |= B43_MACCTL_PROMISC;
2556 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2559 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2560 if (dev->dev->bus->chip_id == 0x4306 &&
2561 dev->dev->bus->chip_rev == 3)
2566 b43_write16(dev, 0x612, cfp_pretbtt);
2569 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2575 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2578 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2580 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2581 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2584 static void b43_rate_memory_init(struct b43_wldev *dev)
2586 switch (dev->phy.type) {
2590 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2591 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2592 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2593 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2594 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2595 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2596 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2597 if (dev->phy.type == B43_PHYTYPE_A)
2601 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2602 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2603 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2604 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2611 /* Set the default values for the PHY TX Control Words. */
2612 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2616 ctl |= B43_TXH_PHY_ENC_CCK;
2617 ctl |= B43_TXH_PHY_ANT01AUTO;
2618 ctl |= B43_TXH_PHY_TXPWR;
2620 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2621 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2622 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2625 /* Set the TX-Antenna for management frames sent by firmware. */
2626 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2631 ant = b43_antenna_to_phyctl(antenna);
2634 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2635 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2636 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2637 /* For Probe Resposes */
2638 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2639 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2640 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2643 /* This is the opposite of b43_chip_init() */
2644 static void b43_chip_exit(struct b43_wldev *dev)
2647 b43_gpio_cleanup(dev);
2648 /* firmware is released later */
2651 /* Initialize the chip
2652 * http://bcm-specs.sipsolutions.net/ChipInit
2654 static int b43_chip_init(struct b43_wldev *dev)
2656 struct b43_phy *phy = &dev->phy;
2658 u32 value32, macctl;
2661 /* Initialize the MAC control */
2662 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2664 macctl |= B43_MACCTL_GMODE;
2665 macctl |= B43_MACCTL_INFRA;
2666 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2668 err = b43_request_firmware(dev);
2671 err = b43_upload_microcode(dev);
2673 goto out; /* firmware is released later */
2675 err = b43_gpio_init(dev);
2677 goto out; /* firmware is released later */
2679 err = b43_upload_initvals(dev);
2681 goto err_gpio_clean;
2683 /* Turn the Analog on and initialize the PHY. */
2684 phy->ops->switch_analog(dev, 1);
2685 err = b43_phy_init(dev);
2687 goto err_gpio_clean;
2689 /* Disable Interference Mitigation. */
2690 if (phy->ops->interf_mitigation)
2691 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2693 /* Select the antennae */
2694 if (phy->ops->set_rx_antenna)
2695 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2696 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2698 if (phy->type == B43_PHYTYPE_B) {
2699 value16 = b43_read16(dev, 0x005E);
2701 b43_write16(dev, 0x005E, value16);
2703 b43_write32(dev, 0x0100, 0x01000000);
2704 if (dev->dev->id.revision < 5)
2705 b43_write32(dev, 0x010C, 0x01000000);
2707 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2708 & ~B43_MACCTL_INFRA);
2709 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2710 | B43_MACCTL_INFRA);
2712 /* Probe Response Timeout value */
2713 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2714 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2716 /* Initially set the wireless operation mode. */
2717 b43_adjust_opmode(dev);
2719 if (dev->dev->id.revision < 3) {
2720 b43_write16(dev, 0x060E, 0x0000);
2721 b43_write16(dev, 0x0610, 0x8000);
2722 b43_write16(dev, 0x0604, 0x0000);
2723 b43_write16(dev, 0x0606, 0x0200);
2725 b43_write32(dev, 0x0188, 0x80000000);
2726 b43_write32(dev, 0x018C, 0x02000000);
2728 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2729 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2730 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2731 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2732 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2733 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2734 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2736 value32 = ssb_read32(dev->dev, SSB_TMSLOW);
2737 value32 |= 0x00100000;
2738 ssb_write32(dev->dev, SSB_TMSLOW, value32);
2740 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2741 dev->dev->bus->chipco.fast_pwrup_delay);
2744 b43dbg(dev->wl, "Chip initialized\n");
2749 b43_gpio_cleanup(dev);
2753 static void b43_periodic_every60sec(struct b43_wldev *dev)
2755 const struct b43_phy_operations *ops = dev->phy.ops;
2757 if (ops->pwork_60sec)
2758 ops->pwork_60sec(dev);
2760 /* Force check the TX power emission now. */
2761 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2764 static void b43_periodic_every30sec(struct b43_wldev *dev)
2766 /* Update device statistics. */
2767 b43_calculate_link_quality(dev);
2770 static void b43_periodic_every15sec(struct b43_wldev *dev)
2772 struct b43_phy *phy = &dev->phy;
2775 if (dev->fw.opensource) {
2776 /* Check if the firmware is still alive.
2777 * It will reset the watchdog counter to 0 in its idle loop. */
2778 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2779 if (unlikely(wdr)) {
2780 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2781 b43_controller_restart(dev, "Firmware watchdog");
2784 b43_shm_write16(dev, B43_SHM_SCRATCH,
2785 B43_WATCHDOG_REG, 1);
2789 if (phy->ops->pwork_15sec)
2790 phy->ops->pwork_15sec(dev);
2792 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
2796 static void do_periodic_work(struct b43_wldev *dev)
2800 state = dev->periodic_state;
2802 b43_periodic_every60sec(dev);
2804 b43_periodic_every30sec(dev);
2805 b43_periodic_every15sec(dev);
2808 /* Periodic work locking policy:
2809 * The whole periodic work handler is protected by
2810 * wl->mutex. If another lock is needed somewhere in the
2811 * pwork callchain, it's aquired in-place, where it's needed.
2813 static void b43_periodic_work_handler(struct work_struct *work)
2815 struct b43_wldev *dev = container_of(work, struct b43_wldev,
2816 periodic_work.work);
2817 struct b43_wl *wl = dev->wl;
2818 unsigned long delay;
2820 mutex_lock(&wl->mutex);
2822 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
2824 if (b43_debug(dev, B43_DBG_PWORK_STOP))
2827 do_periodic_work(dev);
2829 dev->periodic_state++;
2831 if (b43_debug(dev, B43_DBG_PWORK_FAST))
2832 delay = msecs_to_jiffies(50);
2834 delay = round_jiffies_relative(HZ * 15);
2835 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay);
2837 mutex_unlock(&wl->mutex);
2840 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
2842 struct delayed_work *work = &dev->periodic_work;
2844 dev->periodic_state = 0;
2845 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
2846 queue_delayed_work(dev->wl->hw->workqueue, work, 0);
2849 /* Check if communication with the device works correctly. */
2850 static int b43_validate_chipaccess(struct b43_wldev *dev)
2854 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0);
2856 /* Check for read/write and endianness problems. */
2857 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
2858 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
2860 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
2861 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
2864 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup);
2866 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) {
2867 /* The 32bit register shadows the two 16bit registers
2868 * with update sideeffects. Validate this. */
2869 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
2870 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
2871 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
2873 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
2876 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
2878 v = b43_read32(dev, B43_MMIO_MACCTL);
2879 v |= B43_MACCTL_GMODE;
2880 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
2885 b43err(dev->wl, "Failed to validate the chipaccess\n");
2889 static void b43_security_init(struct b43_wldev *dev)
2891 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20;
2892 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key));
2893 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
2894 /* KTP is a word address, but we address SHM bytewise.
2895 * So multiply by two.
2898 if (dev->dev->id.revision >= 5) {
2899 /* Number of RCMTA address slots */
2900 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8);
2902 b43_clear_keys(dev);
2905 static int b43_rng_read(struct hwrng *rng, u32 * data)
2907 struct b43_wl *wl = (struct b43_wl *)rng->priv;
2908 unsigned long flags;
2910 /* Don't take wl->mutex here, as it could deadlock with
2911 * hwrng internal locking. It's not needed to take
2912 * wl->mutex here, anyway. */
2914 spin_lock_irqsave(&wl->irq_lock, flags);
2915 *data = b43_read16(wl->current_dev, B43_MMIO_RNG);
2916 spin_unlock_irqrestore(&wl->irq_lock, flags);
2918 return (sizeof(u16));
2921 static void b43_rng_exit(struct b43_wl *wl)
2923 if (wl->rng_initialized)
2924 hwrng_unregister(&wl->rng);
2927 static int b43_rng_init(struct b43_wl *wl)
2931 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
2932 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
2933 wl->rng.name = wl->rng_name;
2934 wl->rng.data_read = b43_rng_read;
2935 wl->rng.priv = (unsigned long)wl;
2936 wl->rng_initialized = 1;
2937 err = hwrng_register(&wl->rng);
2939 wl->rng_initialized = 0;
2940 b43err(wl, "Failed to register the random "
2941 "number generator (%d)\n", err);
2947 static int b43_op_tx(struct ieee80211_hw *hw,
2948 struct sk_buff *skb)
2950 struct b43_wl *wl = hw_to_b43_wl(hw);
2951 struct b43_wldev *dev = wl->current_dev;
2952 unsigned long flags;
2955 if (unlikely(skb->len < 2 + 2 + 6)) {
2956 /* Too short, this can't be a valid frame. */
2959 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
2963 /* Transmissions on seperate queues can run concurrently. */
2964 read_lock_irqsave(&wl->tx_lock, flags);
2967 if (likely(b43_status(dev) >= B43_STAT_STARTED)) {
2968 if (b43_using_pio_transfers(dev))
2969 err = b43_pio_tx(dev, skb);
2971 err = b43_dma_tx(dev, skb);
2974 read_unlock_irqrestore(&wl->tx_lock, flags);
2978 return NETDEV_TX_OK;
2981 /* We can not transmit this packet. Drop it. */
2982 dev_kfree_skb_any(skb);
2983 return NETDEV_TX_OK;
2986 /* Locking: wl->irq_lock */
2987 static void b43_qos_params_upload(struct b43_wldev *dev,
2988 const struct ieee80211_tx_queue_params *p,
2991 u16 params[B43_NR_QOSPARAMS];
2995 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
2997 memset(¶ms, 0, sizeof(params));
2999 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3000 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3001 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3002 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3003 params[B43_QOSPARAM_AIFS] = p->aifs;
3004 params[B43_QOSPARAM_BSLOTS] = bslots;
3005 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3007 for (i = 0; i < ARRAY_SIZE(params); i++) {
3008 if (i == B43_QOSPARAM_STATUS) {
3009 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3010 shm_offset + (i * 2));
3011 /* Mark the parameters as updated. */
3013 b43_shm_write16(dev, B43_SHM_SHARED,
3014 shm_offset + (i * 2),
3017 b43_shm_write16(dev, B43_SHM_SHARED,
3018 shm_offset + (i * 2),
3024 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3025 static const u16 b43_qos_shm_offsets[] = {
3026 /* [mac80211-queue-nr] = SHM_OFFSET, */
3027 [0] = B43_QOS_VOICE,
3028 [1] = B43_QOS_VIDEO,
3029 [2] = B43_QOS_BESTEFFORT,
3030 [3] = B43_QOS_BACKGROUND,
3033 /* Update all QOS parameters in hardware. */
3034 static void b43_qos_upload_all(struct b43_wldev *dev)
3036 struct b43_wl *wl = dev->wl;
3037 struct b43_qos_params *params;
3040 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3041 ARRAY_SIZE(wl->qos_params));
3043 b43_mac_suspend(dev);
3044 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3045 params = &(wl->qos_params[i]);
3046 b43_qos_params_upload(dev, &(params->p),
3047 b43_qos_shm_offsets[i]);
3049 b43_mac_enable(dev);
3052 static void b43_qos_clear(struct b43_wl *wl)
3054 struct b43_qos_params *params;
3057 /* Initialize QoS parameters to sane defaults. */
3059 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3060 ARRAY_SIZE(wl->qos_params));
3062 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3063 params = &(wl->qos_params[i]);
3065 switch (b43_qos_shm_offsets[i]) {
3069 params->p.cw_min = 0x0001;
3070 params->p.cw_max = 0x0001;
3075 params->p.cw_min = 0x0001;
3076 params->p.cw_max = 0x0001;
3078 case B43_QOS_BESTEFFORT:
3081 params->p.cw_min = 0x0001;
3082 params->p.cw_max = 0x03FF;
3084 case B43_QOS_BACKGROUND:
3087 params->p.cw_min = 0x0001;
3088 params->p.cw_max = 0x03FF;
3096 /* Initialize the core's QOS capabilities */
3097 static void b43_qos_init(struct b43_wldev *dev)
3099 /* Upload the current QOS parameters. */
3100 b43_qos_upload_all(dev);
3102 /* Enable QOS support. */
3103 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3104 b43_write16(dev, B43_MMIO_IFSCTL,
3105 b43_read16(dev, B43_MMIO_IFSCTL)
3106 | B43_MMIO_IFSCTL_USE_EDCF);
3109 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3110 const struct ieee80211_tx_queue_params *params)
3112 struct b43_wl *wl = hw_to_b43_wl(hw);
3113 struct b43_wldev *dev;
3114 unsigned int queue = (unsigned int)_queue;
3117 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3118 /* Queue not available or don't support setting
3119 * params on this queue. Return success to not
3120 * confuse mac80211. */
3123 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3124 ARRAY_SIZE(wl->qos_params));
3126 mutex_lock(&wl->mutex);
3127 dev = wl->current_dev;
3128 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3131 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3132 b43_mac_suspend(dev);
3133 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3134 b43_qos_shm_offsets[queue]);
3135 b43_mac_enable(dev);
3139 mutex_unlock(&wl->mutex);
3144 static int b43_op_get_tx_stats(struct ieee80211_hw *hw,
3145 struct ieee80211_tx_queue_stats *stats)
3147 struct b43_wl *wl = hw_to_b43_wl(hw);
3148 struct b43_wldev *dev = wl->current_dev;
3149 unsigned long flags;
3154 spin_lock_irqsave(&wl->irq_lock, flags);
3155 if (likely(b43_status(dev) >= B43_STAT_STARTED)) {
3156 if (b43_using_pio_transfers(dev))
3157 b43_pio_get_tx_stats(dev, stats);
3159 b43_dma_get_tx_stats(dev, stats);
3162 spin_unlock_irqrestore(&wl->irq_lock, flags);
3167 static int b43_op_get_stats(struct ieee80211_hw *hw,
3168 struct ieee80211_low_level_stats *stats)
3170 struct b43_wl *wl = hw_to_b43_wl(hw);
3171 unsigned long flags;
3173 spin_lock_irqsave(&wl->irq_lock, flags);
3174 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3175 spin_unlock_irqrestore(&wl->irq_lock, flags);
3180 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3182 struct ssb_device *sdev = dev->dev;
3185 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3186 tmslow &= ~B43_TMSLOW_GMODE;
3187 tmslow |= B43_TMSLOW_PHYRESET;
3188 tmslow |= SSB_TMSLOW_FGC;
3189 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3192 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3193 tmslow &= ~SSB_TMSLOW_FGC;
3194 tmslow |= B43_TMSLOW_PHYRESET;
3195 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3199 static const char * band_to_string(enum ieee80211_band band)
3202 case IEEE80211_BAND_5GHZ:
3204 case IEEE80211_BAND_2GHZ:
3213 /* Expects wl->mutex locked */
3214 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3216 struct b43_wldev *up_dev = NULL;
3217 struct b43_wldev *down_dev;
3218 struct b43_wldev *d;
3220 bool uninitialized_var(gmode);
3223 /* Find a device and PHY which supports the band. */
3224 list_for_each_entry(d, &wl->devlist, list) {
3225 switch (chan->band) {
3226 case IEEE80211_BAND_5GHZ:
3227 if (d->phy.supports_5ghz) {
3232 case IEEE80211_BAND_2GHZ:
3233 if (d->phy.supports_2ghz) {
3246 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3247 band_to_string(chan->band));
3250 if ((up_dev == wl->current_dev) &&
3251 (!!wl->current_dev->phy.gmode == !!gmode)) {
3252 /* This device is already running. */
3255 b43dbg(wl, "Switching to %s-GHz band\n",
3256 band_to_string(chan->band));
3257 down_dev = wl->current_dev;
3259 prev_status = b43_status(down_dev);
3260 /* Shutdown the currently running core. */
3261 if (prev_status >= B43_STAT_STARTED)
3262 b43_wireless_core_stop(down_dev);
3263 if (prev_status >= B43_STAT_INITIALIZED)
3264 b43_wireless_core_exit(down_dev);
3266 if (down_dev != up_dev) {
3267 /* We switch to a different core, so we put PHY into
3268 * RESET on the old core. */
3269 b43_put_phy_into_reset(down_dev);
3272 /* Now start the new core. */
3273 up_dev->phy.gmode = gmode;
3274 if (prev_status >= B43_STAT_INITIALIZED) {
3275 err = b43_wireless_core_init(up_dev);
3277 b43err(wl, "Fatal: Could not initialize device for "
3278 "selected %s-GHz band\n",
3279 band_to_string(chan->band));
3283 if (prev_status >= B43_STAT_STARTED) {
3284 err = b43_wireless_core_start(up_dev);
3286 b43err(wl, "Fatal: Coult not start device for "
3287 "selected %s-GHz band\n",
3288 band_to_string(chan->band));
3289 b43_wireless_core_exit(up_dev);
3293 B43_WARN_ON(b43_status(up_dev) != prev_status);
3295 wl->current_dev = up_dev;
3299 /* Whoops, failed to init the new core. No core is operating now. */
3300 wl->current_dev = NULL;
3304 /* Write the short and long frame retry limit values. */
3305 static void b43_set_retry_limits(struct b43_wldev *dev,
3306 unsigned int short_retry,
3307 unsigned int long_retry)
3309 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3310 * the chip-internal counter. */
3311 short_retry = min(short_retry, (unsigned int)0xF);
3312 long_retry = min(long_retry, (unsigned int)0xF);
3314 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3316 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3320 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3322 struct b43_wl *wl = hw_to_b43_wl(hw);
3323 struct b43_wldev *dev;
3324 struct b43_phy *phy;
3325 struct ieee80211_conf *conf = &hw->conf;
3326 unsigned long flags;
3330 mutex_lock(&wl->mutex);
3332 /* Switch the band (if necessary). This might change the active core. */
3333 err = b43_switch_band(wl, conf->channel);
3335 goto out_unlock_mutex;
3336 dev = wl->current_dev;
3339 b43_mac_suspend(dev);
3341 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3342 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3343 conf->long_frame_max_tx_count);
3344 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3346 goto out_mac_enable;
3348 /* Switch to the requested channel.
3349 * The firmware takes care of races with the TX handler. */
3350 if (conf->channel->hw_value != phy->channel)
3351 b43_switch_channel(dev, conf->channel->hw_value);
3353 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
3355 /* Adjust the desired TX power level. */
3356 if (conf->power_level != 0) {
3357 spin_lock_irqsave(&wl->irq_lock, flags);
3358 if (conf->power_level != phy->desired_txpower) {
3359 phy->desired_txpower = conf->power_level;
3360 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3361 B43_TXPWR_IGNORE_TSSI);
3363 spin_unlock_irqrestore(&wl->irq_lock, flags);
3366 /* Antennas for RX and management frame TX. */
3367 antenna = B43_ANTENNA_DEFAULT;
3368 b43_mgmtframe_txantenna(dev, antenna);
3369 antenna = B43_ANTENNA_DEFAULT;
3370 if (phy->ops->set_rx_antenna)
3371 phy->ops->set_rx_antenna(dev, antenna);
3373 /* Update templates for AP/mesh mode. */
3374 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3375 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
3376 b43_set_beacon_int(dev, conf->beacon_int);
3378 if (!!conf->radio_enabled != phy->radio_on) {
3379 if (conf->radio_enabled) {
3380 b43_software_rfkill(dev, RFKILL_STATE_UNBLOCKED);
3381 b43info(dev->wl, "Radio turned on by software\n");
3382 if (!dev->radio_hw_enable) {
3383 b43info(dev->wl, "The hardware RF-kill button "
3384 "still turns the radio physically off. "
3385 "Press the button to turn it on.\n");
3388 b43_software_rfkill(dev, RFKILL_STATE_SOFT_BLOCKED);
3389 b43info(dev->wl, "Radio turned off by software\n");
3394 b43_mac_enable(dev);
3396 mutex_unlock(&wl->mutex);
3401 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3403 struct ieee80211_supported_band *sband =
3404 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3405 struct ieee80211_rate *rate;
3407 u16 basic, direct, offset, basic_offset, rateptr;
3409 for (i = 0; i < sband->n_bitrates; i++) {
3410 rate = &sband->bitrates[i];
3412 if (b43_is_cck_rate(rate->hw_value)) {
3413 direct = B43_SHM_SH_CCKDIRECT;
3414 basic = B43_SHM_SH_CCKBASIC;
3415 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3418 direct = B43_SHM_SH_OFDMDIRECT;
3419 basic = B43_SHM_SH_OFDMBASIC;
3420 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3424 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3426 if (b43_is_cck_rate(rate->hw_value)) {
3427 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3428 basic_offset &= 0xF;
3430 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3431 basic_offset &= 0xF;
3435 * Get the pointer that we need to point to
3436 * from the direct map
3438 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3439 direct + 2 * basic_offset);
3440 /* and write it to the basic map */
3441 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3446 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3447 struct ieee80211_vif *vif,
3448 struct ieee80211_bss_conf *conf,
3451 struct b43_wl *wl = hw_to_b43_wl(hw);
3452 struct b43_wldev *dev;
3454 mutex_lock(&wl->mutex);
3456 dev = wl->current_dev;
3457 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3458 goto out_unlock_mutex;
3459 b43_mac_suspend(dev);
3461 if (changed & BSS_CHANGED_BASIC_RATES)
3462 b43_update_basic_rates(dev, conf->basic_rates);
3464 if (changed & BSS_CHANGED_ERP_SLOT) {
3465 if (conf->use_short_slot)
3466 b43_short_slot_timing_enable(dev);
3468 b43_short_slot_timing_disable(dev);
3471 b43_mac_enable(dev);
3473 mutex_unlock(&wl->mutex);
3478 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3479 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3480 struct ieee80211_key_conf *key)
3482 struct b43_wl *wl = hw_to_b43_wl(hw);
3483 struct b43_wldev *dev;
3488 static const u8 bcast_addr[ETH_ALEN] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
3491 if (modparam_nohwcrypt)
3492 return -ENOSPC; /* User disabled HW-crypto */
3494 mutex_lock(&wl->mutex);
3495 spin_lock_irq(&wl->irq_lock);
3496 write_lock(&wl->tx_lock);
3497 /* Why do we need all this locking here?
3498 * mutex -> Every config operation must take it.
3499 * irq_lock -> We modify the dev->key array, which is accessed
3500 * in the IRQ handlers.
3501 * tx_lock -> We modify the dev->key array, which is accessed
3502 * in the TX handler.
3505 dev = wl->current_dev;
3507 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3510 if (dev->fw.pcm_request_failed) {
3511 /* We don't have firmware for the crypto engine.
3512 * Must use software-crypto. */
3520 if (key->keylen == LEN_WEP40)
3521 algorithm = B43_SEC_ALGO_WEP40;
3523 algorithm = B43_SEC_ALGO_WEP104;
3526 algorithm = B43_SEC_ALGO_TKIP;
3529 algorithm = B43_SEC_ALGO_AES;
3535 index = (u8) (key->keyidx);
3541 if (algorithm == B43_SEC_ALGO_TKIP) {
3542 /* FIXME: No TKIP hardware encryption for now. */
3547 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3548 if (WARN_ON(!sta)) {
3552 /* Pairwise key with an assigned MAC address. */
3553 err = b43_key_write(dev, -1, algorithm,
3554 key->key, key->keylen,
3558 err = b43_key_write(dev, index, algorithm,
3559 key->key, key->keylen, NULL, key);
3564 if (algorithm == B43_SEC_ALGO_WEP40 ||
3565 algorithm == B43_SEC_ALGO_WEP104) {
3566 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3569 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3571 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3574 err = b43_key_clear(dev, key->hw_key_idx);
3585 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3587 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3588 sta ? sta->addr : bcast_addr);
3589 b43_dump_keymemory(dev);
3591 write_unlock(&wl->tx_lock);
3592 spin_unlock_irq(&wl->irq_lock);
3593 mutex_unlock(&wl->mutex);
3598 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3599 unsigned int changed, unsigned int *fflags,
3600 int mc_count, struct dev_addr_list *mc_list)
3602 struct b43_wl *wl = hw_to_b43_wl(hw);
3603 struct b43_wldev *dev = wl->current_dev;
3604 unsigned long flags;
3611 spin_lock_irqsave(&wl->irq_lock, flags);
3612 *fflags &= FIF_PROMISC_IN_BSS |
3618 FIF_BCN_PRBRESP_PROMISC;
3620 changed &= FIF_PROMISC_IN_BSS |
3626 FIF_BCN_PRBRESP_PROMISC;
3628 wl->filter_flags = *fflags;
3630 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3631 b43_adjust_opmode(dev);
3632 spin_unlock_irqrestore(&wl->irq_lock, flags);
3635 static int b43_op_config_interface(struct ieee80211_hw *hw,
3636 struct ieee80211_vif *vif,
3637 struct ieee80211_if_conf *conf)
3639 struct b43_wl *wl = hw_to_b43_wl(hw);
3640 struct b43_wldev *dev = wl->current_dev;
3641 unsigned long flags;
3645 mutex_lock(&wl->mutex);
3646 spin_lock_irqsave(&wl->irq_lock, flags);
3647 B43_WARN_ON(wl->vif != vif);
3649 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3651 memset(wl->bssid, 0, ETH_ALEN);
3652 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3653 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3654 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT)) {
3655 B43_WARN_ON(vif->type != wl->if_type);
3656 if (conf->changed & IEEE80211_IFCC_BEACON)
3657 b43_update_templates(wl);
3658 } else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) {
3659 if (conf->changed & IEEE80211_IFCC_BEACON)
3660 b43_update_templates(wl);
3662 b43_write_mac_bssid_templates(dev);
3664 spin_unlock_irqrestore(&wl->irq_lock, flags);
3665 mutex_unlock(&wl->mutex);
3670 /* Locking: wl->mutex */
3671 static void b43_wireless_core_stop(struct b43_wldev *dev)
3673 struct b43_wl *wl = dev->wl;
3674 unsigned long flags;
3676 if (b43_status(dev) < B43_STAT_STARTED)
3679 /* Disable and sync interrupts. We must do this before than
3680 * setting the status to INITIALIZED, as the interrupt handler
3681 * won't care about IRQs then. */
3682 spin_lock_irqsave(&wl->irq_lock, flags);
3683 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
3684 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */
3685 spin_unlock_irqrestore(&wl->irq_lock, flags);
3686 b43_synchronize_irq(dev);
3688 write_lock_irqsave(&wl->tx_lock, flags);
3689 b43_set_status(dev, B43_STAT_INITIALIZED);
3690 write_unlock_irqrestore(&wl->tx_lock, flags);
3693 mutex_unlock(&wl->mutex);
3694 /* Must unlock as it would otherwise deadlock. No races here.
3695 * Cancel the possibly running self-rearming periodic work. */
3696 cancel_delayed_work_sync(&dev->periodic_work);
3697 mutex_lock(&wl->mutex);
3699 b43_mac_suspend(dev);
3700 free_irq(dev->dev->irq, dev);
3701 b43dbg(wl, "Wireless interface stopped\n");
3704 /* Locking: wl->mutex */
3705 static int b43_wireless_core_start(struct b43_wldev *dev)
3709 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
3711 drain_txstatus_queue(dev);
3712 err = request_irq(dev->dev->irq, b43_interrupt_handler,
3713 IRQF_SHARED, KBUILD_MODNAME, dev);
3715 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq);
3719 /* We are ready to run. */
3720 b43_set_status(dev, B43_STAT_STARTED);
3722 /* Start data flow (TX/RX). */
3723 b43_mac_enable(dev);
3724 b43_interrupt_enable(dev, dev->irq_savedstate);
3726 /* Start maintainance work */
3727 b43_periodic_tasks_setup(dev);
3729 b43dbg(dev->wl, "Wireless interface started\n");
3734 /* Get PHY and RADIO versioning numbers */
3735 static int b43_phy_versioning(struct b43_wldev *dev)
3737 struct b43_phy *phy = &dev->phy;
3745 int unsupported = 0;
3747 /* Get PHY versioning */
3748 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
3749 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
3750 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
3751 phy_rev = (tmp & B43_PHYVER_VERSION);
3758 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
3766 #ifdef CONFIG_B43_NPHY
3772 #ifdef CONFIG_B43_PHY_LP
3773 case B43_PHYTYPE_LP:
3782 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
3783 "(Analog %u, Type %u, Revision %u)\n",
3784 analog_type, phy_type, phy_rev);
3787 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
3788 analog_type, phy_type, phy_rev);
3790 /* Get RADIO versioning */
3791 if (dev->dev->bus->chip_id == 0x4317) {
3792 if (dev->dev->bus->chip_rev == 0)
3794 else if (dev->dev->bus->chip_rev == 1)
3799 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3800 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
3801 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3802 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
3804 radio_manuf = (tmp & 0x00000FFF);
3805 radio_ver = (tmp & 0x0FFFF000) >> 12;
3806 radio_rev = (tmp & 0xF0000000) >> 28;
3807 if (radio_manuf != 0x17F /* Broadcom */)
3811 if (radio_ver != 0x2060)
3815 if (radio_manuf != 0x17F)
3819 if ((radio_ver & 0xFFF0) != 0x2050)
3823 if (radio_ver != 0x2050)
3827 if (radio_ver != 0x2055 && radio_ver != 0x2056)
3830 case B43_PHYTYPE_LP:
3831 if (radio_ver != 0x2062)
3838 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
3839 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
3840 radio_manuf, radio_ver, radio_rev);
3843 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
3844 radio_manuf, radio_ver, radio_rev);
3846 phy->radio_manuf = radio_manuf;
3847 phy->radio_ver = radio_ver;
3848 phy->radio_rev = radio_rev;
3850 phy->analog = analog_type;
3851 phy->type = phy_type;
3857 static void setup_struct_phy_for_init(struct b43_wldev *dev,
3858 struct b43_phy *phy)
3860 phy->hardware_power_control = !!modparam_hwpctl;
3861 phy->next_txpwr_check_time = jiffies;
3862 /* PHY TX errors counter. */
3863 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3866 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
3870 /* Assume the radio is enabled. If it's not enabled, the state will
3871 * immediately get fixed on the first periodic work run. */
3872 dev->radio_hw_enable = 1;
3875 memset(&dev->stats, 0, sizeof(dev->stats));
3877 setup_struct_phy_for_init(dev, &dev->phy);
3879 /* IRQ related flags */
3880 dev->irq_reason = 0;
3881 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
3882 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE;
3884 dev->mac_suspended = 1;
3886 /* Noise calculation context */
3887 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
3890 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
3892 struct ssb_sprom *sprom = &dev->dev->bus->sprom;
3895 if (!modparam_btcoex)
3897 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
3899 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
3902 hf = b43_hf_read(dev);
3903 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
3904 hf |= B43_HF_BTCOEXALT;
3906 hf |= B43_HF_BTCOEX;
3907 b43_hf_write(dev, hf);
3910 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
3912 if (!modparam_btcoex)
3917 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
3919 #ifdef CONFIG_SSB_DRIVER_PCICORE
3920 struct ssb_bus *bus = dev->dev->bus;
3923 if (bus->pcicore.dev &&
3924 bus->pcicore.dev->id.coreid == SSB_DEV_PCI &&
3925 bus->pcicore.dev->id.revision <= 5) {
3926 /* IMCFGLO timeouts workaround. */
3927 tmp = ssb_read32(dev->dev, SSB_IMCFGLO);
3928 tmp &= ~SSB_IMCFGLO_REQTO;
3929 tmp &= ~SSB_IMCFGLO_SERTO;
3930 switch (bus->bustype) {
3931 case SSB_BUSTYPE_PCI:
3932 case SSB_BUSTYPE_PCMCIA:
3935 case SSB_BUSTYPE_SSB:
3939 ssb_write32(dev->dev, SSB_IMCFGLO, tmp);
3941 #endif /* CONFIG_SSB_DRIVER_PCICORE */
3944 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
3948 /* The time value is in microseconds. */
3949 if (dev->phy.type == B43_PHYTYPE_A)
3953 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
3955 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
3956 pu_delay = max(pu_delay, (u16)2400);
3958 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
3961 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
3962 static void b43_set_pretbtt(struct b43_wldev *dev)
3966 /* The time value is in microseconds. */
3967 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
3970 if (dev->phy.type == B43_PHYTYPE_A)
3975 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
3976 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
3979 /* Shutdown a wireless core */
3980 /* Locking: wl->mutex */
3981 static void b43_wireless_core_exit(struct b43_wldev *dev)
3985 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED);
3986 if (b43_status(dev) != B43_STAT_INITIALIZED)
3988 b43_set_status(dev, B43_STAT_UNINIT);
3990 /* Stop the microcode PSM. */
3991 macctl = b43_read32(dev, B43_MMIO_MACCTL);
3992 macctl &= ~B43_MACCTL_PSM_RUN;
3993 macctl |= B43_MACCTL_PSM_JMP0;
3994 b43_write32(dev, B43_MMIO_MACCTL, macctl);
3996 if (!dev->suspend_in_progress) {
3998 b43_rng_exit(dev->wl);
4003 dev->phy.ops->switch_analog(dev, 0);
4004 if (dev->wl->current_beacon) {
4005 dev_kfree_skb_any(dev->wl->current_beacon);
4006 dev->wl->current_beacon = NULL;
4009 ssb_device_disable(dev->dev, 0);
4010 ssb_bus_may_powerdown(dev->dev->bus);
4013 /* Initialize a wireless core */
4014 static int b43_wireless_core_init(struct b43_wldev *dev)
4016 struct b43_wl *wl = dev->wl;
4017 struct ssb_bus *bus = dev->dev->bus;
4018 struct ssb_sprom *sprom = &bus->sprom;
4019 struct b43_phy *phy = &dev->phy;
4024 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4026 err = ssb_bus_powerup(bus, 0);
4029 if (!ssb_device_is_enabled(dev->dev)) {
4030 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
4031 b43_wireless_core_reset(dev, tmp);
4034 /* Reset all data structures. */
4035 setup_struct_wldev_for_init(dev);
4036 phy->ops->prepare_structs(dev);
4038 /* Enable IRQ routing to this device. */
4039 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev);
4041 b43_imcfglo_timeouts_workaround(dev);
4042 b43_bluetooth_coext_disable(dev);
4043 if (phy->ops->prepare_hardware) {
4044 err = phy->ops->prepare_hardware(dev);
4048 err = b43_chip_init(dev);
4051 b43_shm_write16(dev, B43_SHM_SHARED,
4052 B43_SHM_SH_WLCOREREV, dev->dev->id.revision);
4053 hf = b43_hf_read(dev);
4054 if (phy->type == B43_PHYTYPE_G) {
4058 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4059 hf |= B43_HF_OFDMPABOOST;
4060 } else if (phy->type == B43_PHYTYPE_B) {
4062 if (phy->rev >= 2 && phy->radio_ver == 0x2050)
4065 b43_hf_write(dev, hf);
4067 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4068 B43_DEFAULT_LONG_RETRY_LIMIT);
4069 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4070 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4072 /* Disable sending probe responses from firmware.
4073 * Setting the MaxTime to one usec will always trigger
4074 * a timeout, so we never send any probe resp.
4075 * A timeout of zero is infinite. */
4076 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4078 b43_rate_memory_init(dev);
4079 b43_set_phytxctl_defaults(dev);
4081 /* Minimum Contention Window */
4082 if (phy->type == B43_PHYTYPE_B) {
4083 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4085 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4087 /* Maximum Contention Window */
4088 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4090 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) {
4091 dev->__using_pio_transfers = 1;
4092 err = b43_pio_init(dev);
4094 dev->__using_pio_transfers = 0;
4095 err = b43_dma_init(dev);
4100 b43_set_synth_pu_delay(dev, 1);
4101 b43_bluetooth_coext_enable(dev);
4103 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */
4104 b43_upload_card_macaddress(dev);
4105 b43_security_init(dev);
4106 if (!dev->suspend_in_progress)
4109 b43_set_status(dev, B43_STAT_INITIALIZED);
4111 if (!dev->suspend_in_progress)
4119 ssb_bus_may_powerdown(bus);
4120 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4124 static int b43_op_add_interface(struct ieee80211_hw *hw,
4125 struct ieee80211_if_init_conf *conf)
4127 struct b43_wl *wl = hw_to_b43_wl(hw);
4128 struct b43_wldev *dev;
4129 unsigned long flags;
4130 int err = -EOPNOTSUPP;
4132 /* TODO: allow WDS/AP devices to coexist */
4134 if (conf->type != NL80211_IFTYPE_AP &&
4135 conf->type != NL80211_IFTYPE_MESH_POINT &&
4136 conf->type != NL80211_IFTYPE_STATION &&
4137 conf->type != NL80211_IFTYPE_WDS &&
4138 conf->type != NL80211_IFTYPE_ADHOC)
4141 mutex_lock(&wl->mutex);
4143 goto out_mutex_unlock;
4145 b43dbg(wl, "Adding Interface type %d\n", conf->type);
4147 dev = wl->current_dev;
4149 wl->vif = conf->vif;
4150 wl->if_type = conf->type;
4151 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN);
4153 spin_lock_irqsave(&wl->irq_lock, flags);
4154 b43_adjust_opmode(dev);
4155 b43_set_pretbtt(dev);
4156 b43_set_synth_pu_delay(dev, 0);
4157 b43_upload_card_macaddress(dev);
4158 spin_unlock_irqrestore(&wl->irq_lock, flags);
4162 mutex_unlock(&wl->mutex);
4167 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4168 struct ieee80211_if_init_conf *conf)
4170 struct b43_wl *wl = hw_to_b43_wl(hw);
4171 struct b43_wldev *dev = wl->current_dev;
4172 unsigned long flags;
4174 b43dbg(wl, "Removing Interface type %d\n", conf->type);
4176 mutex_lock(&wl->mutex);
4178 B43_WARN_ON(!wl->operating);
4179 B43_WARN_ON(wl->vif != conf->vif);
4184 spin_lock_irqsave(&wl->irq_lock, flags);
4185 b43_adjust_opmode(dev);
4186 memset(wl->mac_addr, 0, ETH_ALEN);
4187 b43_upload_card_macaddress(dev);
4188 spin_unlock_irqrestore(&wl->irq_lock, flags);
4190 mutex_unlock(&wl->mutex);
4193 static int b43_op_start(struct ieee80211_hw *hw)
4195 struct b43_wl *wl = hw_to_b43_wl(hw);
4196 struct b43_wldev *dev = wl->current_dev;
4199 bool do_rfkill_exit = 0;
4201 /* Kill all old instance specific information to make sure
4202 * the card won't use it in the short timeframe between start
4203 * and mac80211 reconfiguring it. */
4204 memset(wl->bssid, 0, ETH_ALEN);
4205 memset(wl->mac_addr, 0, ETH_ALEN);
4206 wl->filter_flags = 0;
4207 wl->radiotap_enabled = 0;
4209 wl->beacon0_uploaded = 0;
4210 wl->beacon1_uploaded = 0;
4211 wl->beacon_templates_virgin = 1;
4213 /* First register RFkill.
4214 * LEDs that are registered later depend on it. */
4215 b43_rfkill_init(dev);
4217 mutex_lock(&wl->mutex);
4219 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4220 err = b43_wireless_core_init(dev);
4223 goto out_mutex_unlock;
4228 if (b43_status(dev) < B43_STAT_STARTED) {
4229 err = b43_wireless_core_start(dev);
4232 b43_wireless_core_exit(dev);
4234 goto out_mutex_unlock;
4239 mutex_unlock(&wl->mutex);
4242 b43_rfkill_exit(dev);
4247 static void b43_op_stop(struct ieee80211_hw *hw)
4249 struct b43_wl *wl = hw_to_b43_wl(hw);
4250 struct b43_wldev *dev = wl->current_dev;
4252 b43_rfkill_exit(dev);
4253 cancel_work_sync(&(wl->beacon_update_trigger));
4255 mutex_lock(&wl->mutex);
4256 if (b43_status(dev) >= B43_STAT_STARTED)
4257 b43_wireless_core_stop(dev);
4258 b43_wireless_core_exit(dev);
4259 mutex_unlock(&wl->mutex);
4261 cancel_work_sync(&(wl->txpower_adjust_work));
4264 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4265 struct ieee80211_sta *sta, bool set)
4267 struct b43_wl *wl = hw_to_b43_wl(hw);
4268 unsigned long flags;
4270 spin_lock_irqsave(&wl->irq_lock, flags);
4271 b43_update_templates(wl);
4272 spin_unlock_irqrestore(&wl->irq_lock, flags);
4277 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4278 struct ieee80211_vif *vif,
4279 enum sta_notify_cmd notify_cmd,
4280 struct ieee80211_sta *sta)
4282 struct b43_wl *wl = hw_to_b43_wl(hw);
4284 B43_WARN_ON(!vif || wl->vif != vif);
4287 static const struct ieee80211_ops b43_hw_ops = {
4289 .conf_tx = b43_op_conf_tx,
4290 .add_interface = b43_op_add_interface,
4291 .remove_interface = b43_op_remove_interface,
4292 .config = b43_op_config,
4293 .bss_info_changed = b43_op_bss_info_changed,
4294 .config_interface = b43_op_config_interface,
4295 .configure_filter = b43_op_configure_filter,
4296 .set_key = b43_op_set_key,
4297 .get_stats = b43_op_get_stats,
4298 .get_tx_stats = b43_op_get_tx_stats,
4299 .start = b43_op_start,
4300 .stop = b43_op_stop,
4301 .set_tim = b43_op_beacon_set_tim,
4302 .sta_notify = b43_op_sta_notify,
4305 /* Hard-reset the chip. Do not call this directly.
4306 * Use b43_controller_restart()
4308 static void b43_chip_reset(struct work_struct *work)
4310 struct b43_wldev *dev =
4311 container_of(work, struct b43_wldev, restart_work);
4312 struct b43_wl *wl = dev->wl;
4316 mutex_lock(&wl->mutex);
4318 prev_status = b43_status(dev);
4319 /* Bring the device down... */
4320 if (prev_status >= B43_STAT_STARTED)
4321 b43_wireless_core_stop(dev);
4322 if (prev_status >= B43_STAT_INITIALIZED)
4323 b43_wireless_core_exit(dev);
4325 /* ...and up again. */
4326 if (prev_status >= B43_STAT_INITIALIZED) {
4327 err = b43_wireless_core_init(dev);
4331 if (prev_status >= B43_STAT_STARTED) {
4332 err = b43_wireless_core_start(dev);
4334 b43_wireless_core_exit(dev);
4340 wl->current_dev = NULL; /* Failed to init the dev. */
4341 mutex_unlock(&wl->mutex);
4343 b43err(wl, "Controller restart FAILED\n");
4345 b43info(wl, "Controller restarted\n");
4348 static int b43_setup_bands(struct b43_wldev *dev,
4349 bool have_2ghz_phy, bool have_5ghz_phy)
4351 struct ieee80211_hw *hw = dev->wl->hw;
4354 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4355 if (dev->phy.type == B43_PHYTYPE_N) {
4357 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4360 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4363 dev->phy.supports_2ghz = have_2ghz_phy;
4364 dev->phy.supports_5ghz = have_5ghz_phy;
4369 static void b43_wireless_core_detach(struct b43_wldev *dev)
4371 /* We release firmware that late to not be required to re-request
4372 * is all the time when we reinit the core. */
4373 b43_release_firmware(dev);
4377 static int b43_wireless_core_attach(struct b43_wldev *dev)
4379 struct b43_wl *wl = dev->wl;
4380 struct ssb_bus *bus = dev->dev->bus;
4381 struct pci_dev *pdev = bus->host_pci;
4383 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4386 /* Do NOT do any device initialization here.
4387 * Do it in wireless_core_init() instead.
4388 * This function is for gathering basic information about the HW, only.
4389 * Also some structs may be set up here. But most likely you want to have
4390 * that in core_init(), too.
4393 err = ssb_bus_powerup(bus, 0);
4395 b43err(wl, "Bus powerup failed\n");
4398 /* Get the PHY type. */
4399 if (dev->dev->id.revision >= 5) {
4402 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
4403 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4404 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4408 dev->phy.gmode = have_2ghz_phy;
4409 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4410 b43_wireless_core_reset(dev, tmp);
4412 err = b43_phy_versioning(dev);
4415 /* Check if this device supports multiband. */
4417 (pdev->device != 0x4312 &&
4418 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4419 /* No multiband support. */
4422 switch (dev->phy.type) {
4428 case B43_PHYTYPE_LP:
4435 if (dev->phy.type == B43_PHYTYPE_A) {
4437 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4441 if (1 /* disable A-PHY */) {
4442 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4443 if (dev->phy.type != B43_PHYTYPE_N) {
4449 err = b43_phy_allocate(dev);
4453 dev->phy.gmode = have_2ghz_phy;
4454 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4455 b43_wireless_core_reset(dev, tmp);
4457 err = b43_validate_chipaccess(dev);
4460 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4464 /* Now set some default "current_dev" */
4465 if (!wl->current_dev)
4466 wl->current_dev = dev;
4467 INIT_WORK(&dev->restart_work, b43_chip_reset);
4469 dev->phy.ops->switch_analog(dev, 0);
4470 ssb_device_disable(dev->dev, 0);
4471 ssb_bus_may_powerdown(bus);
4479 ssb_bus_may_powerdown(bus);
4483 static void b43_one_core_detach(struct ssb_device *dev)
4485 struct b43_wldev *wldev;
4488 /* Do not cancel ieee80211-workqueue based work here.
4489 * See comment in b43_remove(). */
4491 wldev = ssb_get_drvdata(dev);
4493 b43_debugfs_remove_device(wldev);
4494 b43_wireless_core_detach(wldev);
4495 list_del(&wldev->list);
4497 ssb_set_drvdata(dev, NULL);
4501 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4503 struct b43_wldev *wldev;
4504 struct pci_dev *pdev;
4507 if (!list_empty(&wl->devlist)) {
4508 /* We are not the first core on this chip. */
4509 pdev = dev->bus->host_pci;
4510 /* Only special chips support more than one wireless
4511 * core, although some of the other chips have more than
4512 * one wireless core as well. Check for this and
4516 ((pdev->device != 0x4321) &&
4517 (pdev->device != 0x4313) && (pdev->device != 0x431A))) {
4518 b43dbg(wl, "Ignoring unconnected 802.11 core\n");
4523 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4529 b43_set_status(wldev, B43_STAT_UNINIT);
4530 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4531 tasklet_init(&wldev->isr_tasklet,
4532 (void (*)(unsigned long))b43_interrupt_tasklet,
4533 (unsigned long)wldev);
4534 INIT_LIST_HEAD(&wldev->list);
4536 err = b43_wireless_core_attach(wldev);
4538 goto err_kfree_wldev;
4540 list_add(&wldev->list, &wl->devlist);
4542 ssb_set_drvdata(dev, wldev);
4543 b43_debugfs_add_device(wldev);
4553 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4554 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4555 (pdev->device == _device) && \
4556 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4557 (pdev->subsystem_device == _subdevice) )
4559 static void b43_sprom_fixup(struct ssb_bus *bus)
4561 struct pci_dev *pdev;
4563 /* boardflags workarounds */
4564 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4565 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4566 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4567 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4568 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4569 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4570 if (bus->bustype == SSB_BUSTYPE_PCI) {
4571 pdev = bus->host_pci;
4572 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4573 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4574 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4575 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4576 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4577 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4578 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4579 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4583 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4585 struct ieee80211_hw *hw = wl->hw;
4587 ssb_set_devtypedata(dev, NULL);
4588 ieee80211_free_hw(hw);
4591 static int b43_wireless_init(struct ssb_device *dev)
4593 struct ssb_sprom *sprom = &dev->bus->sprom;
4594 struct ieee80211_hw *hw;
4598 b43_sprom_fixup(dev->bus);
4600 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4602 b43err(NULL, "Could not allocate ieee80211 device\n");
4607 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4608 IEEE80211_HW_SIGNAL_DBM |
4609 IEEE80211_HW_NOISE_DBM;
4611 hw->wiphy->interface_modes =
4612 BIT(NL80211_IFTYPE_AP) |
4613 BIT(NL80211_IFTYPE_MESH_POINT) |
4614 BIT(NL80211_IFTYPE_STATION) |
4615 BIT(NL80211_IFTYPE_WDS) |
4616 BIT(NL80211_IFTYPE_ADHOC);
4618 hw->queues = b43_modparam_qos ? 4 : 1;
4620 SET_IEEE80211_DEV(hw, dev->dev);
4621 if (is_valid_ether_addr(sprom->et1mac))
4622 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4624 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4626 /* Get and initialize struct b43_wl */
4627 wl = hw_to_b43_wl(hw);
4628 memset(wl, 0, sizeof(*wl));
4630 spin_lock_init(&wl->irq_lock);
4631 rwlock_init(&wl->tx_lock);
4632 spin_lock_init(&wl->leds_lock);
4633 spin_lock_init(&wl->shm_lock);
4634 mutex_init(&wl->mutex);
4635 INIT_LIST_HEAD(&wl->devlist);
4636 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4637 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4639 ssb_set_devtypedata(dev, wl);
4640 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id);
4646 static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4652 wl = ssb_get_devtypedata(dev);
4654 /* Probing the first core. Must setup common struct b43_wl */
4656 err = b43_wireless_init(dev);
4659 wl = ssb_get_devtypedata(dev);
4662 err = b43_one_core_attach(dev, wl);
4664 goto err_wireless_exit;
4667 err = ieee80211_register_hw(wl->hw);
4669 goto err_one_core_detach;
4675 err_one_core_detach:
4676 b43_one_core_detach(dev);
4679 b43_wireless_exit(dev, wl);
4683 static void b43_remove(struct ssb_device *dev)
4685 struct b43_wl *wl = ssb_get_devtypedata(dev);
4686 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4688 /* We must cancel any work here before unregistering from ieee80211,
4689 * as the ieee80211 unreg will destroy the workqueue. */
4690 cancel_work_sync(&wldev->restart_work);
4693 if (wl->current_dev == wldev)
4694 ieee80211_unregister_hw(wl->hw);
4696 b43_one_core_detach(dev);
4698 if (list_empty(&wl->devlist)) {
4699 /* Last core on the chip unregistered.
4700 * We can destroy common struct b43_wl.
4702 b43_wireless_exit(dev, wl);
4706 /* Perform a hardware reset. This can be called from any context. */
4707 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
4709 /* Must avoid requeueing, if we are in shutdown. */
4710 if (b43_status(dev) < B43_STAT_INITIALIZED)
4712 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
4713 queue_work(dev->wl->hw->workqueue, &dev->restart_work);
4718 static int b43_suspend(struct ssb_device *dev, pm_message_t state)
4720 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4721 struct b43_wl *wl = wldev->wl;
4723 b43dbg(wl, "Suspending...\n");
4725 mutex_lock(&wl->mutex);
4726 wldev->suspend_in_progress = true;
4727 wldev->suspend_init_status = b43_status(wldev);
4728 if (wldev->suspend_init_status >= B43_STAT_STARTED)
4729 b43_wireless_core_stop(wldev);
4730 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED)
4731 b43_wireless_core_exit(wldev);
4732 mutex_unlock(&wl->mutex);
4734 b43dbg(wl, "Device suspended.\n");
4739 static int b43_resume(struct ssb_device *dev)
4741 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4742 struct b43_wl *wl = wldev->wl;
4745 b43dbg(wl, "Resuming...\n");
4747 mutex_lock(&wl->mutex);
4748 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) {
4749 err = b43_wireless_core_init(wldev);
4751 b43err(wl, "Resume failed at core init\n");
4755 if (wldev->suspend_init_status >= B43_STAT_STARTED) {
4756 err = b43_wireless_core_start(wldev);
4758 b43_leds_exit(wldev);
4759 b43_rng_exit(wldev->wl);
4760 b43_wireless_core_exit(wldev);
4761 b43err(wl, "Resume failed at core start\n");
4765 b43dbg(wl, "Device resumed.\n");
4767 wldev->suspend_in_progress = false;
4768 mutex_unlock(&wl->mutex);
4772 #else /* CONFIG_PM */
4773 # define b43_suspend NULL
4774 # define b43_resume NULL
4775 #endif /* CONFIG_PM */
4777 static struct ssb_driver b43_ssb_driver = {
4778 .name = KBUILD_MODNAME,
4779 .id_table = b43_ssb_tbl,
4781 .remove = b43_remove,
4782 .suspend = b43_suspend,
4783 .resume = b43_resume,
4786 static void b43_print_driverinfo(void)
4788 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
4789 *feat_leds = "", *feat_rfkill = "";
4791 #ifdef CONFIG_B43_PCI_AUTOSELECT
4794 #ifdef CONFIG_B43_PCMCIA
4797 #ifdef CONFIG_B43_NPHY
4800 #ifdef CONFIG_B43_LEDS
4803 #ifdef CONFIG_B43_RFKILL
4806 printk(KERN_INFO "Broadcom 43xx driver loaded "
4807 "[ Features: %s%s%s%s%s, Firmware-ID: "
4808 B43_SUPPORTED_FIRMWARE_ID " ]\n",
4809 feat_pci, feat_pcmcia, feat_nphy,
4810 feat_leds, feat_rfkill);
4813 static int __init b43_init(void)
4818 err = b43_pcmcia_init();
4821 err = ssb_driver_register(&b43_ssb_driver);
4823 goto err_pcmcia_exit;
4824 b43_print_driverinfo();
4835 static void __exit b43_exit(void)
4837 ssb_driver_unregister(&b43_ssb_driver);
4842 module_init(b43_init)
4843 module_exit(b43_exit)
git://bbs.cooldavid.org / net-next-2.6.git / blob