3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14 Some parts of the code in this file are derived from the ipw2200
15 driver Copyright(c) 2003 - 2004 Intel Corporation.
17 This program is free software; you can redistribute it and/or modify
18 it under the terms of the GNU General Public License as published by
19 the Free Software Foundation; either version 2 of the License, or
20 (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; see the file COPYING. If not, write to
29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
30 Boston, MA 02110-1301, USA.
34 #include <linux/delay.h>
35 #include <linux/init.h>
36 #include <linux/moduleparam.h>
37 #include <linux/if_arp.h>
38 #include <linux/etherdevice.h>
39 #include <linux/firmware.h>
40 #include <linux/wireless.h>
41 #include <linux/workqueue.h>
42 #include <linux/skbuff.h>
44 #include <linux/dma-mapping.h>
45 #include <linux/slab.h>
46 #include <asm/unaligned.h>
51 #include "phy_common.h"
61 #include <linux/mmc/sdio_func.h>
63 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64 MODULE_AUTHOR("Martin Langer");
65 MODULE_AUTHOR("Stefano Brivio");
66 MODULE_AUTHOR("Michael Buesch");
67 MODULE_AUTHOR("Gábor Stefanik");
68 MODULE_LICENSE("GPL");
70 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
71 MODULE_FIRMWARE("b43/ucode11.fw");
72 MODULE_FIRMWARE("b43/ucode13.fw");
73 MODULE_FIRMWARE("b43/ucode14.fw");
74 MODULE_FIRMWARE("b43/ucode15.fw");
75 MODULE_FIRMWARE("b43/ucode5.fw");
76 MODULE_FIRMWARE("b43/ucode9.fw");
78 static int modparam_bad_frames_preempt;
79 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
80 MODULE_PARM_DESC(bad_frames_preempt,
81 "enable(1) / disable(0) Bad Frames Preemption");
83 static char modparam_fwpostfix[16];
84 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
85 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
87 static int modparam_hwpctl;
88 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
89 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
91 static int modparam_nohwcrypt;
92 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
93 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
95 static int modparam_hwtkip;
96 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
97 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
99 static int modparam_qos = 1;
100 module_param_named(qos, modparam_qos, int, 0444);
101 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
103 static int modparam_btcoex = 1;
104 module_param_named(btcoex, modparam_btcoex, int, 0444);
105 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
107 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
108 module_param_named(verbose, b43_modparam_verbose, int, 0644);
109 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
111 static int b43_modparam_pio = B43_PIO_DEFAULT;
112 module_param_named(pio, b43_modparam_pio, int, 0644);
113 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
115 static const struct ssb_device_id b43_ssb_tbl[] = {
116 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
129 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
131 /* Channel and ratetables are shared for all devices.
132 * They can't be const, because ieee80211 puts some precalculated
133 * data in there. This data is the same for all devices, so we don't
134 * get concurrency issues */
135 #define RATETAB_ENT(_rateid, _flags) \
137 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
138 .hw_value = (_rateid), \
143 * NOTE: When changing this, sync with xmit.c's
144 * b43_plcp_get_bitrate_idx_* functions!
146 static struct ieee80211_rate __b43_ratetable[] = {
147 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
148 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
149 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
150 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
151 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
152 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
153 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
154 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
155 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
156 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
157 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
158 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
161 #define b43_a_ratetable (__b43_ratetable + 4)
162 #define b43_a_ratetable_size 8
163 #define b43_b_ratetable (__b43_ratetable + 0)
164 #define b43_b_ratetable_size 4
165 #define b43_g_ratetable (__b43_ratetable + 0)
166 #define b43_g_ratetable_size 12
168 #define CHAN4G(_channel, _freq, _flags) { \
169 .band = IEEE80211_BAND_2GHZ, \
170 .center_freq = (_freq), \
171 .hw_value = (_channel), \
173 .max_antenna_gain = 0, \
176 static struct ieee80211_channel b43_2ghz_chantable[] = {
194 #define CHAN5G(_channel, _flags) { \
195 .band = IEEE80211_BAND_5GHZ, \
196 .center_freq = 5000 + (5 * (_channel)), \
197 .hw_value = (_channel), \
199 .max_antenna_gain = 0, \
202 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
203 CHAN5G(32, 0), CHAN5G(34, 0),
204 CHAN5G(36, 0), CHAN5G(38, 0),
205 CHAN5G(40, 0), CHAN5G(42, 0),
206 CHAN5G(44, 0), CHAN5G(46, 0),
207 CHAN5G(48, 0), CHAN5G(50, 0),
208 CHAN5G(52, 0), CHAN5G(54, 0),
209 CHAN5G(56, 0), CHAN5G(58, 0),
210 CHAN5G(60, 0), CHAN5G(62, 0),
211 CHAN5G(64, 0), CHAN5G(66, 0),
212 CHAN5G(68, 0), CHAN5G(70, 0),
213 CHAN5G(72, 0), CHAN5G(74, 0),
214 CHAN5G(76, 0), CHAN5G(78, 0),
215 CHAN5G(80, 0), CHAN5G(82, 0),
216 CHAN5G(84, 0), CHAN5G(86, 0),
217 CHAN5G(88, 0), CHAN5G(90, 0),
218 CHAN5G(92, 0), CHAN5G(94, 0),
219 CHAN5G(96, 0), CHAN5G(98, 0),
220 CHAN5G(100, 0), CHAN5G(102, 0),
221 CHAN5G(104, 0), CHAN5G(106, 0),
222 CHAN5G(108, 0), CHAN5G(110, 0),
223 CHAN5G(112, 0), CHAN5G(114, 0),
224 CHAN5G(116, 0), CHAN5G(118, 0),
225 CHAN5G(120, 0), CHAN5G(122, 0),
226 CHAN5G(124, 0), CHAN5G(126, 0),
227 CHAN5G(128, 0), CHAN5G(130, 0),
228 CHAN5G(132, 0), CHAN5G(134, 0),
229 CHAN5G(136, 0), CHAN5G(138, 0),
230 CHAN5G(140, 0), CHAN5G(142, 0),
231 CHAN5G(144, 0), CHAN5G(145, 0),
232 CHAN5G(146, 0), CHAN5G(147, 0),
233 CHAN5G(148, 0), CHAN5G(149, 0),
234 CHAN5G(150, 0), CHAN5G(151, 0),
235 CHAN5G(152, 0), CHAN5G(153, 0),
236 CHAN5G(154, 0), CHAN5G(155, 0),
237 CHAN5G(156, 0), CHAN5G(157, 0),
238 CHAN5G(158, 0), CHAN5G(159, 0),
239 CHAN5G(160, 0), CHAN5G(161, 0),
240 CHAN5G(162, 0), CHAN5G(163, 0),
241 CHAN5G(164, 0), CHAN5G(165, 0),
242 CHAN5G(166, 0), CHAN5G(168, 0),
243 CHAN5G(170, 0), CHAN5G(172, 0),
244 CHAN5G(174, 0), CHAN5G(176, 0),
245 CHAN5G(178, 0), CHAN5G(180, 0),
246 CHAN5G(182, 0), CHAN5G(184, 0),
247 CHAN5G(186, 0), CHAN5G(188, 0),
248 CHAN5G(190, 0), CHAN5G(192, 0),
249 CHAN5G(194, 0), CHAN5G(196, 0),
250 CHAN5G(198, 0), CHAN5G(200, 0),
251 CHAN5G(202, 0), CHAN5G(204, 0),
252 CHAN5G(206, 0), CHAN5G(208, 0),
253 CHAN5G(210, 0), CHAN5G(212, 0),
254 CHAN5G(214, 0), CHAN5G(216, 0),
255 CHAN5G(218, 0), CHAN5G(220, 0),
256 CHAN5G(222, 0), CHAN5G(224, 0),
257 CHAN5G(226, 0), CHAN5G(228, 0),
260 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
261 CHAN5G(34, 0), CHAN5G(36, 0),
262 CHAN5G(38, 0), CHAN5G(40, 0),
263 CHAN5G(42, 0), CHAN5G(44, 0),
264 CHAN5G(46, 0), CHAN5G(48, 0),
265 CHAN5G(52, 0), CHAN5G(56, 0),
266 CHAN5G(60, 0), CHAN5G(64, 0),
267 CHAN5G(100, 0), CHAN5G(104, 0),
268 CHAN5G(108, 0), CHAN5G(112, 0),
269 CHAN5G(116, 0), CHAN5G(120, 0),
270 CHAN5G(124, 0), CHAN5G(128, 0),
271 CHAN5G(132, 0), CHAN5G(136, 0),
272 CHAN5G(140, 0), CHAN5G(149, 0),
273 CHAN5G(153, 0), CHAN5G(157, 0),
274 CHAN5G(161, 0), CHAN5G(165, 0),
275 CHAN5G(184, 0), CHAN5G(188, 0),
276 CHAN5G(192, 0), CHAN5G(196, 0),
277 CHAN5G(200, 0), CHAN5G(204, 0),
278 CHAN5G(208, 0), CHAN5G(212, 0),
283 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
284 .band = IEEE80211_BAND_5GHZ,
285 .channels = b43_5ghz_nphy_chantable,
286 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
287 .bitrates = b43_a_ratetable,
288 .n_bitrates = b43_a_ratetable_size,
291 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
292 .band = IEEE80211_BAND_5GHZ,
293 .channels = b43_5ghz_aphy_chantable,
294 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
295 .bitrates = b43_a_ratetable,
296 .n_bitrates = b43_a_ratetable_size,
299 static struct ieee80211_supported_band b43_band_2GHz = {
300 .band = IEEE80211_BAND_2GHZ,
301 .channels = b43_2ghz_chantable,
302 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
303 .bitrates = b43_g_ratetable,
304 .n_bitrates = b43_g_ratetable_size,
307 static void b43_wireless_core_exit(struct b43_wldev *dev);
308 static int b43_wireless_core_init(struct b43_wldev *dev);
309 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
310 static int b43_wireless_core_start(struct b43_wldev *dev);
312 static int b43_ratelimit(struct b43_wl *wl)
314 if (!wl || !wl->current_dev)
316 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
318 /* We are up and running.
319 * Ratelimit the messages to avoid DoS over the net. */
320 return net_ratelimit();
323 void b43info(struct b43_wl *wl, const char *fmt, ...)
327 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
329 if (!b43_ratelimit(wl))
332 printk(KERN_INFO "b43-%s: ",
333 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
338 void b43err(struct b43_wl *wl, const char *fmt, ...)
342 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
344 if (!b43_ratelimit(wl))
347 printk(KERN_ERR "b43-%s ERROR: ",
348 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
353 void b43warn(struct b43_wl *wl, const char *fmt, ...)
357 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
359 if (!b43_ratelimit(wl))
362 printk(KERN_WARNING "b43-%s warning: ",
363 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
368 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
372 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
375 printk(KERN_DEBUG "b43-%s debug: ",
376 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
381 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
385 B43_WARN_ON(offset % 4 != 0);
387 macctl = b43_read32(dev, B43_MMIO_MACCTL);
388 if (macctl & B43_MACCTL_BE)
391 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
393 b43_write32(dev, B43_MMIO_RAM_DATA, val);
396 static inline void b43_shm_control_word(struct b43_wldev *dev,
397 u16 routing, u16 offset)
401 /* "offset" is the WORD offset. */
405 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
408 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
412 if (routing == B43_SHM_SHARED) {
413 B43_WARN_ON(offset & 0x0001);
414 if (offset & 0x0003) {
415 /* Unaligned access */
416 b43_shm_control_word(dev, routing, offset >> 2);
417 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
418 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
419 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
425 b43_shm_control_word(dev, routing, offset);
426 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
431 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
435 if (routing == B43_SHM_SHARED) {
436 B43_WARN_ON(offset & 0x0001);
437 if (offset & 0x0003) {
438 /* Unaligned access */
439 b43_shm_control_word(dev, routing, offset >> 2);
440 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
446 b43_shm_control_word(dev, routing, offset);
447 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
452 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
454 if (routing == B43_SHM_SHARED) {
455 B43_WARN_ON(offset & 0x0001);
456 if (offset & 0x0003) {
457 /* Unaligned access */
458 b43_shm_control_word(dev, routing, offset >> 2);
459 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
461 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
462 b43_write16(dev, B43_MMIO_SHM_DATA,
463 (value >> 16) & 0xFFFF);
468 b43_shm_control_word(dev, routing, offset);
469 b43_write32(dev, B43_MMIO_SHM_DATA, value);
472 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
474 if (routing == B43_SHM_SHARED) {
475 B43_WARN_ON(offset & 0x0001);
476 if (offset & 0x0003) {
477 /* Unaligned access */
478 b43_shm_control_word(dev, routing, offset >> 2);
479 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
484 b43_shm_control_word(dev, routing, offset);
485 b43_write16(dev, B43_MMIO_SHM_DATA, value);
489 u64 b43_hf_read(struct b43_wldev *dev)
493 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
495 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
497 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
502 /* Write HostFlags */
503 void b43_hf_write(struct b43_wldev *dev, u64 value)
507 lo = (value & 0x00000000FFFFULL);
508 mi = (value & 0x0000FFFF0000ULL) >> 16;
509 hi = (value & 0xFFFF00000000ULL) >> 32;
510 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
511 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
512 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
515 /* Read the firmware capabilities bitmask (Opensource firmware only) */
516 static u16 b43_fwcapa_read(struct b43_wldev *dev)
518 B43_WARN_ON(!dev->fw.opensource);
519 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
522 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
526 B43_WARN_ON(dev->dev->id.revision < 3);
528 /* The hardware guarantees us an atomic read, if we
529 * read the low register first. */
530 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
531 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
538 static void b43_time_lock(struct b43_wldev *dev)
542 macctl = b43_read32(dev, B43_MMIO_MACCTL);
543 macctl |= B43_MACCTL_TBTTHOLD;
544 b43_write32(dev, B43_MMIO_MACCTL, macctl);
545 /* Commit the write */
546 b43_read32(dev, B43_MMIO_MACCTL);
549 static void b43_time_unlock(struct b43_wldev *dev)
553 macctl = b43_read32(dev, B43_MMIO_MACCTL);
554 macctl &= ~B43_MACCTL_TBTTHOLD;
555 b43_write32(dev, B43_MMIO_MACCTL, macctl);
556 /* Commit the write */
557 b43_read32(dev, B43_MMIO_MACCTL);
560 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
564 B43_WARN_ON(dev->dev->id.revision < 3);
568 /* The hardware guarantees us an atomic write, if we
569 * write the low register first. */
570 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
572 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
576 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
579 b43_tsf_write_locked(dev, tsf);
580 b43_time_unlock(dev);
584 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
586 static const u8 zero_addr[ETH_ALEN] = { 0 };
593 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
597 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
600 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
603 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
606 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
610 u8 mac_bssid[ETH_ALEN * 2];
614 bssid = dev->wl->bssid;
615 mac = dev->wl->mac_addr;
617 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
619 memcpy(mac_bssid, mac, ETH_ALEN);
620 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
622 /* Write our MAC address and BSSID to template ram */
623 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
624 tmp = (u32) (mac_bssid[i + 0]);
625 tmp |= (u32) (mac_bssid[i + 1]) << 8;
626 tmp |= (u32) (mac_bssid[i + 2]) << 16;
627 tmp |= (u32) (mac_bssid[i + 3]) << 24;
628 b43_ram_write(dev, 0x20 + i, tmp);
632 static void b43_upload_card_macaddress(struct b43_wldev *dev)
634 b43_write_mac_bssid_templates(dev);
635 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
638 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
640 /* slot_time is in usec. */
641 /* This test used to exit for all but a G PHY. */
642 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
644 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
645 /* Shared memory location 0x0010 is the slot time and should be
646 * set to slot_time; however, this register is initially 0 and changing
647 * the value adversely affects the transmit rate for BCM4311
648 * devices. Until this behavior is unterstood, delete this step
650 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
654 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
656 b43_set_slot_time(dev, 9);
659 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
661 b43_set_slot_time(dev, 20);
664 /* DummyTransmission function, as documented on
665 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
667 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
669 struct b43_phy *phy = &dev->phy;
670 unsigned int i, max_loop;
682 buffer[0] = 0x000201CC;
685 buffer[0] = 0x000B846E;
688 for (i = 0; i < 5; i++)
689 b43_ram_write(dev, i * 4, buffer[i]);
691 b43_write16(dev, 0x0568, 0x0000);
692 if (dev->dev->id.revision < 11)
693 b43_write16(dev, 0x07C0, 0x0000);
695 b43_write16(dev, 0x07C0, 0x0100);
696 value = (ofdm ? 0x41 : 0x40);
697 b43_write16(dev, 0x050C, value);
698 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
699 b43_write16(dev, 0x0514, 0x1A02);
700 b43_write16(dev, 0x0508, 0x0000);
701 b43_write16(dev, 0x050A, 0x0000);
702 b43_write16(dev, 0x054C, 0x0000);
703 b43_write16(dev, 0x056A, 0x0014);
704 b43_write16(dev, 0x0568, 0x0826);
705 b43_write16(dev, 0x0500, 0x0000);
706 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
712 b43_write16(dev, 0x0502, 0x00D0);
715 b43_write16(dev, 0x0502, 0x0050);
718 b43_write16(dev, 0x0502, 0x0030);
721 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
722 b43_radio_write16(dev, 0x0051, 0x0017);
723 for (i = 0x00; i < max_loop; i++) {
724 value = b43_read16(dev, 0x050E);
729 for (i = 0x00; i < 0x0A; i++) {
730 value = b43_read16(dev, 0x050E);
735 for (i = 0x00; i < 0x19; i++) {
736 value = b43_read16(dev, 0x0690);
737 if (!(value & 0x0100))
741 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
742 b43_radio_write16(dev, 0x0051, 0x0037);
745 static void key_write(struct b43_wldev *dev,
746 u8 index, u8 algorithm, const u8 *key)
753 /* Key index/algo block */
754 kidx = b43_kidx_to_fw(dev, index);
755 value = ((kidx << 4) | algorithm);
756 b43_shm_write16(dev, B43_SHM_SHARED,
757 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
759 /* Write the key to the Key Table Pointer offset */
760 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
761 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
763 value |= (u16) (key[i + 1]) << 8;
764 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
768 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
770 u32 addrtmp[2] = { 0, 0, };
771 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
773 if (b43_new_kidx_api(dev))
774 pairwise_keys_start = B43_NR_GROUP_KEYS;
776 B43_WARN_ON(index < pairwise_keys_start);
777 /* We have four default TX keys and possibly four default RX keys.
778 * Physical mac 0 is mapped to physical key 4 or 8, depending
779 * on the firmware version.
780 * So we must adjust the index here.
782 index -= pairwise_keys_start;
783 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
786 addrtmp[0] = addr[0];
787 addrtmp[0] |= ((u32) (addr[1]) << 8);
788 addrtmp[0] |= ((u32) (addr[2]) << 16);
789 addrtmp[0] |= ((u32) (addr[3]) << 24);
790 addrtmp[1] = addr[4];
791 addrtmp[1] |= ((u32) (addr[5]) << 8);
794 /* Receive match transmitter address (RCMTA) mechanism */
795 b43_shm_write32(dev, B43_SHM_RCMTA,
796 (index * 2) + 0, addrtmp[0]);
797 b43_shm_write16(dev, B43_SHM_RCMTA,
798 (index * 2) + 1, addrtmp[1]);
801 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
802 * When a packet is received, the iv32 is checked.
803 * - if it doesn't the packet is returned without modification (and software
804 * decryption can be done). That's what happen when iv16 wrap.
805 * - if it does, the rc4 key is computed, and decryption is tried.
806 * Either it will success and B43_RX_MAC_DEC is returned,
807 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
808 * and the packet is not usable (it got modified by the ucode).
809 * So in order to never have B43_RX_MAC_DECERR, we should provide
810 * a iv32 and phase1key that match. Because we drop packets in case of
811 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
812 * packets will be lost without higher layer knowing (ie no resync possible
815 * NOTE : this should support 50 key like RCMTA because
816 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
818 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
823 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
825 if (!modparam_hwtkip)
828 if (b43_new_kidx_api(dev))
829 pairwise_keys_start = B43_NR_GROUP_KEYS;
831 B43_WARN_ON(index < pairwise_keys_start);
832 /* We have four default TX keys and possibly four default RX keys.
833 * Physical mac 0 is mapped to physical key 4 or 8, depending
834 * on the firmware version.
835 * So we must adjust the index here.
837 index -= pairwise_keys_start;
838 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
840 if (b43_debug(dev, B43_DBG_KEYS)) {
841 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
844 /* Write the key to the RX tkip shared mem */
845 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
846 for (i = 0; i < 10; i += 2) {
847 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
848 phase1key ? phase1key[i / 2] : 0);
850 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
851 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
854 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
855 struct ieee80211_vif *vif,
856 struct ieee80211_key_conf *keyconf,
857 struct ieee80211_sta *sta,
858 u32 iv32, u16 *phase1key)
860 struct b43_wl *wl = hw_to_b43_wl(hw);
861 struct b43_wldev *dev;
862 int index = keyconf->hw_key_idx;
864 if (B43_WARN_ON(!modparam_hwtkip))
867 /* This is only called from the RX path through mac80211, where
868 * our mutex is already locked. */
869 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
870 dev = wl->current_dev;
871 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
873 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
875 rx_tkip_phase1_write(dev, index, iv32, phase1key);
876 /* only pairwise TKIP keys are supported right now */
879 keymac_write(dev, index, sta->addr);
882 static void do_key_write(struct b43_wldev *dev,
883 u8 index, u8 algorithm,
884 const u8 *key, size_t key_len, const u8 *mac_addr)
886 u8 buf[B43_SEC_KEYSIZE] = { 0, };
887 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
889 if (b43_new_kidx_api(dev))
890 pairwise_keys_start = B43_NR_GROUP_KEYS;
892 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
893 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
895 if (index >= pairwise_keys_start)
896 keymac_write(dev, index, NULL); /* First zero out mac. */
897 if (algorithm == B43_SEC_ALGO_TKIP) {
899 * We should provide an initial iv32, phase1key pair.
900 * We could start with iv32=0 and compute the corresponding
901 * phase1key, but this means calling ieee80211_get_tkip_key
902 * with a fake skb (or export other tkip function).
903 * Because we are lazy we hope iv32 won't start with
904 * 0xffffffff and let's b43_op_update_tkip_key provide a
907 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
908 } else if (index >= pairwise_keys_start) /* clear it */
909 rx_tkip_phase1_write(dev, index, 0, NULL);
911 memcpy(buf, key, key_len);
912 key_write(dev, index, algorithm, buf);
913 if (index >= pairwise_keys_start)
914 keymac_write(dev, index, mac_addr);
916 dev->key[index].algorithm = algorithm;
919 static int b43_key_write(struct b43_wldev *dev,
920 int index, u8 algorithm,
921 const u8 *key, size_t key_len,
923 struct ieee80211_key_conf *keyconf)
926 int pairwise_keys_start;
928 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
929 * - Temporal Encryption Key (128 bits)
930 * - Temporal Authenticator Tx MIC Key (64 bits)
931 * - Temporal Authenticator Rx MIC Key (64 bits)
933 * Hardware only store TEK
935 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
937 if (key_len > B43_SEC_KEYSIZE)
939 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
940 /* Check that we don't already have this key. */
941 B43_WARN_ON(dev->key[i].keyconf == keyconf);
944 /* Pairwise key. Get an empty slot for the key. */
945 if (b43_new_kidx_api(dev))
946 pairwise_keys_start = B43_NR_GROUP_KEYS;
948 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
949 for (i = pairwise_keys_start;
950 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
952 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
953 if (!dev->key[i].keyconf) {
960 b43warn(dev->wl, "Out of hardware key memory\n");
964 B43_WARN_ON(index > 3);
966 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
967 if ((index <= 3) && !b43_new_kidx_api(dev)) {
969 B43_WARN_ON(mac_addr);
970 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
972 keyconf->hw_key_idx = index;
973 dev->key[index].keyconf = keyconf;
978 static int b43_key_clear(struct b43_wldev *dev, int index)
980 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
982 do_key_write(dev, index, B43_SEC_ALGO_NONE,
983 NULL, B43_SEC_KEYSIZE, NULL);
984 if ((index <= 3) && !b43_new_kidx_api(dev)) {
985 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
986 NULL, B43_SEC_KEYSIZE, NULL);
988 dev->key[index].keyconf = NULL;
993 static void b43_clear_keys(struct b43_wldev *dev)
997 if (b43_new_kidx_api(dev))
998 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1000 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1001 for (i = 0; i < count; i++)
1002 b43_key_clear(dev, i);
1005 static void b43_dump_keymemory(struct b43_wldev *dev)
1007 unsigned int i, index, count, offset, pairwise_keys_start;
1013 struct b43_key *key;
1015 if (!b43_debug(dev, B43_DBG_KEYS))
1018 hf = b43_hf_read(dev);
1019 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1020 !!(hf & B43_HF_USEDEFKEYS));
1021 if (b43_new_kidx_api(dev)) {
1022 pairwise_keys_start = B43_NR_GROUP_KEYS;
1023 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1025 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1026 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1028 for (index = 0; index < count; index++) {
1029 key = &(dev->key[index]);
1030 printk(KERN_DEBUG "Key slot %02u: %s",
1031 index, (key->keyconf == NULL) ? " " : "*");
1032 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1033 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1034 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1035 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1038 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1039 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1040 printk(" Algo: %04X/%02X", algo, key->algorithm);
1042 if (index >= pairwise_keys_start) {
1043 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1045 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1046 for (i = 0; i < 14; i += 2) {
1047 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1048 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1051 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1052 ((index - pairwise_keys_start) * 2) + 0);
1053 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1054 ((index - pairwise_keys_start) * 2) + 1);
1055 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1056 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1057 printk(" MAC: %pM", mac);
1059 printk(" DEFAULT KEY");
1064 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1072 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1073 (ps_flags & B43_PS_DISABLED));
1074 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1076 if (ps_flags & B43_PS_ENABLED) {
1078 } else if (ps_flags & B43_PS_DISABLED) {
1081 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1082 // and thus is not an AP and we are associated, set bit 25
1084 if (ps_flags & B43_PS_AWAKE) {
1086 } else if (ps_flags & B43_PS_ASLEEP) {
1089 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1090 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1091 // successful, set bit26
1094 /* FIXME: For now we force awake-on and hwps-off */
1098 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1100 macctl |= B43_MACCTL_HWPS;
1102 macctl &= ~B43_MACCTL_HWPS;
1104 macctl |= B43_MACCTL_AWAKE;
1106 macctl &= ~B43_MACCTL_AWAKE;
1107 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1109 b43_read32(dev, B43_MMIO_MACCTL);
1110 if (awake && dev->dev->id.revision >= 5) {
1111 /* Wait for the microcode to wake up. */
1112 for (i = 0; i < 100; i++) {
1113 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1114 B43_SHM_SH_UCODESTAT);
1115 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1122 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1127 flags |= B43_TMSLOW_PHYCLKEN;
1128 flags |= B43_TMSLOW_PHYRESET;
1129 ssb_device_enable(dev->dev, flags);
1130 msleep(2); /* Wait for the PLL to turn on. */
1132 /* Now take the PHY out of Reset again */
1133 tmslow = ssb_read32(dev->dev, SSB_TMSLOW);
1134 tmslow |= SSB_TMSLOW_FGC;
1135 tmslow &= ~B43_TMSLOW_PHYRESET;
1136 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1137 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1139 tmslow &= ~SSB_TMSLOW_FGC;
1140 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1141 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1144 /* Turn Analog ON, but only if we already know the PHY-type.
1145 * This protects against very early setup where we don't know the
1146 * PHY-type, yet. wireless_core_reset will be called once again later,
1147 * when we know the PHY-type. */
1149 dev->phy.ops->switch_analog(dev, 1);
1151 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1152 macctl &= ~B43_MACCTL_GMODE;
1153 if (flags & B43_TMSLOW_GMODE)
1154 macctl |= B43_MACCTL_GMODE;
1155 macctl |= B43_MACCTL_IHR_ENABLED;
1156 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1159 static void handle_irq_transmit_status(struct b43_wldev *dev)
1163 struct b43_txstatus stat;
1166 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1167 if (!(v0 & 0x00000001))
1169 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1171 stat.cookie = (v0 >> 16);
1172 stat.seq = (v1 & 0x0000FFFF);
1173 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1174 tmp = (v0 & 0x0000FFFF);
1175 stat.frame_count = ((tmp & 0xF000) >> 12);
1176 stat.rts_count = ((tmp & 0x0F00) >> 8);
1177 stat.supp_reason = ((tmp & 0x001C) >> 2);
1178 stat.pm_indicated = !!(tmp & 0x0080);
1179 stat.intermediate = !!(tmp & 0x0040);
1180 stat.for_ampdu = !!(tmp & 0x0020);
1181 stat.acked = !!(tmp & 0x0002);
1183 b43_handle_txstatus(dev, &stat);
1187 static void drain_txstatus_queue(struct b43_wldev *dev)
1191 if (dev->dev->id.revision < 5)
1193 /* Read all entries from the microcode TXstatus FIFO
1194 * and throw them away.
1197 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1198 if (!(dummy & 0x00000001))
1200 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1204 static u32 b43_jssi_read(struct b43_wldev *dev)
1208 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1210 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1215 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1217 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1218 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1221 static void b43_generate_noise_sample(struct b43_wldev *dev)
1223 b43_jssi_write(dev, 0x7F7F7F7F);
1224 b43_write32(dev, B43_MMIO_MACCMD,
1225 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1228 static void b43_calculate_link_quality(struct b43_wldev *dev)
1230 /* Top half of Link Quality calculation. */
1232 if (dev->phy.type != B43_PHYTYPE_G)
1234 if (dev->noisecalc.calculation_running)
1236 dev->noisecalc.calculation_running = 1;
1237 dev->noisecalc.nr_samples = 0;
1239 b43_generate_noise_sample(dev);
1242 static void handle_irq_noise(struct b43_wldev *dev)
1244 struct b43_phy_g *phy = dev->phy.g;
1250 /* Bottom half of Link Quality calculation. */
1252 if (dev->phy.type != B43_PHYTYPE_G)
1255 /* Possible race condition: It might be possible that the user
1256 * changed to a different channel in the meantime since we
1257 * started the calculation. We ignore that fact, since it's
1258 * not really that much of a problem. The background noise is
1259 * an estimation only anyway. Slightly wrong results will get damped
1260 * by the averaging of the 8 sample rounds. Additionally the
1261 * value is shortlived. So it will be replaced by the next noise
1262 * calculation round soon. */
1264 B43_WARN_ON(!dev->noisecalc.calculation_running);
1265 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1266 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1267 noise[2] == 0x7F || noise[3] == 0x7F)
1270 /* Get the noise samples. */
1271 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1272 i = dev->noisecalc.nr_samples;
1273 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1274 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1275 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1276 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1277 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1278 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1279 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1280 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1281 dev->noisecalc.nr_samples++;
1282 if (dev->noisecalc.nr_samples == 8) {
1283 /* Calculate the Link Quality by the noise samples. */
1285 for (i = 0; i < 8; i++) {
1286 for (j = 0; j < 4; j++)
1287 average += dev->noisecalc.samples[i][j];
1293 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1294 tmp = (tmp / 128) & 0x1F;
1304 dev->stats.link_noise = average;
1305 dev->noisecalc.calculation_running = 0;
1309 b43_generate_noise_sample(dev);
1312 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1314 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1317 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1318 b43_power_saving_ctl_bits(dev, 0);
1320 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1324 static void handle_irq_atim_end(struct b43_wldev *dev)
1326 if (dev->dfq_valid) {
1327 b43_write32(dev, B43_MMIO_MACCMD,
1328 b43_read32(dev, B43_MMIO_MACCMD)
1329 | B43_MACCMD_DFQ_VALID);
1334 static void handle_irq_pmq(struct b43_wldev *dev)
1341 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1342 if (!(tmp & 0x00000008))
1345 /* 16bit write is odd, but correct. */
1346 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1349 static void b43_write_template_common(struct b43_wldev *dev,
1350 const u8 *data, u16 size,
1352 u16 shm_size_offset, u8 rate)
1355 struct b43_plcp_hdr4 plcp;
1358 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1359 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1360 ram_offset += sizeof(u32);
1361 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1362 * So leave the first two bytes of the next write blank.
1364 tmp = (u32) (data[0]) << 16;
1365 tmp |= (u32) (data[1]) << 24;
1366 b43_ram_write(dev, ram_offset, tmp);
1367 ram_offset += sizeof(u32);
1368 for (i = 2; i < size; i += sizeof(u32)) {
1369 tmp = (u32) (data[i + 0]);
1371 tmp |= (u32) (data[i + 1]) << 8;
1373 tmp |= (u32) (data[i + 2]) << 16;
1375 tmp |= (u32) (data[i + 3]) << 24;
1376 b43_ram_write(dev, ram_offset + i - 2, tmp);
1378 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1379 size + sizeof(struct b43_plcp_hdr6));
1382 /* Check if the use of the antenna that ieee80211 told us to
1383 * use is possible. This will fall back to DEFAULT.
1384 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1385 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1390 if (antenna_nr == 0) {
1391 /* Zero means "use default antenna". That's always OK. */
1395 /* Get the mask of available antennas. */
1397 antenna_mask = dev->dev->bus->sprom.ant_available_bg;
1399 antenna_mask = dev->dev->bus->sprom.ant_available_a;
1401 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1402 /* This antenna is not available. Fall back to default. */
1409 /* Convert a b43 antenna number value to the PHY TX control value. */
1410 static u16 b43_antenna_to_phyctl(int antenna)
1414 return B43_TXH_PHY_ANT0;
1416 return B43_TXH_PHY_ANT1;
1418 return B43_TXH_PHY_ANT2;
1420 return B43_TXH_PHY_ANT3;
1421 case B43_ANTENNA_AUTO0:
1422 case B43_ANTENNA_AUTO1:
1423 return B43_TXH_PHY_ANT01AUTO;
1429 static void b43_write_beacon_template(struct b43_wldev *dev,
1431 u16 shm_size_offset)
1433 unsigned int i, len, variable_len;
1434 const struct ieee80211_mgmt *bcn;
1440 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1442 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1443 len = min((size_t) dev->wl->current_beacon->len,
1444 0x200 - sizeof(struct b43_plcp_hdr6));
1445 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1447 b43_write_template_common(dev, (const u8 *)bcn,
1448 len, ram_offset, shm_size_offset, rate);
1450 /* Write the PHY TX control parameters. */
1451 antenna = B43_ANTENNA_DEFAULT;
1452 antenna = b43_antenna_to_phyctl(antenna);
1453 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1454 /* We can't send beacons with short preamble. Would get PHY errors. */
1455 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1456 ctl &= ~B43_TXH_PHY_ANT;
1457 ctl &= ~B43_TXH_PHY_ENC;
1459 if (b43_is_cck_rate(rate))
1460 ctl |= B43_TXH_PHY_ENC_CCK;
1462 ctl |= B43_TXH_PHY_ENC_OFDM;
1463 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1465 /* Find the position of the TIM and the DTIM_period value
1466 * and write them to SHM. */
1467 ie = bcn->u.beacon.variable;
1468 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1469 for (i = 0; i < variable_len - 2; ) {
1470 uint8_t ie_id, ie_len;
1477 /* This is the TIM Information Element */
1479 /* Check whether the ie_len is in the beacon data range. */
1480 if (variable_len < ie_len + 2 + i)
1482 /* A valid TIM is at least 4 bytes long. */
1487 tim_position = sizeof(struct b43_plcp_hdr6);
1488 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1491 dtim_period = ie[i + 3];
1493 b43_shm_write16(dev, B43_SHM_SHARED,
1494 B43_SHM_SH_TIMBPOS, tim_position);
1495 b43_shm_write16(dev, B43_SHM_SHARED,
1496 B43_SHM_SH_DTIMPER, dtim_period);
1503 * If ucode wants to modify TIM do it behind the beacon, this
1504 * will happen, for example, when doing mesh networking.
1506 b43_shm_write16(dev, B43_SHM_SHARED,
1508 len + sizeof(struct b43_plcp_hdr6));
1509 b43_shm_write16(dev, B43_SHM_SHARED,
1510 B43_SHM_SH_DTIMPER, 0);
1512 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1515 static void b43_upload_beacon0(struct b43_wldev *dev)
1517 struct b43_wl *wl = dev->wl;
1519 if (wl->beacon0_uploaded)
1521 b43_write_beacon_template(dev, 0x68, 0x18);
1522 wl->beacon0_uploaded = 1;
1525 static void b43_upload_beacon1(struct b43_wldev *dev)
1527 struct b43_wl *wl = dev->wl;
1529 if (wl->beacon1_uploaded)
1531 b43_write_beacon_template(dev, 0x468, 0x1A);
1532 wl->beacon1_uploaded = 1;
1535 static void handle_irq_beacon(struct b43_wldev *dev)
1537 struct b43_wl *wl = dev->wl;
1538 u32 cmd, beacon0_valid, beacon1_valid;
1540 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1541 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1544 /* This is the bottom half of the asynchronous beacon update. */
1546 /* Ignore interrupt in the future. */
1547 dev->irq_mask &= ~B43_IRQ_BEACON;
1549 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1550 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1551 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1553 /* Schedule interrupt manually, if busy. */
1554 if (beacon0_valid && beacon1_valid) {
1555 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1556 dev->irq_mask |= B43_IRQ_BEACON;
1560 if (unlikely(wl->beacon_templates_virgin)) {
1561 /* We never uploaded a beacon before.
1562 * Upload both templates now, but only mark one valid. */
1563 wl->beacon_templates_virgin = 0;
1564 b43_upload_beacon0(dev);
1565 b43_upload_beacon1(dev);
1566 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1567 cmd |= B43_MACCMD_BEACON0_VALID;
1568 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1570 if (!beacon0_valid) {
1571 b43_upload_beacon0(dev);
1572 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1573 cmd |= B43_MACCMD_BEACON0_VALID;
1574 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1575 } else if (!beacon1_valid) {
1576 b43_upload_beacon1(dev);
1577 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1578 cmd |= B43_MACCMD_BEACON1_VALID;
1579 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1584 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1586 u32 old_irq_mask = dev->irq_mask;
1588 /* update beacon right away or defer to irq */
1589 handle_irq_beacon(dev);
1590 if (old_irq_mask != dev->irq_mask) {
1591 /* The handler updated the IRQ mask. */
1592 B43_WARN_ON(!dev->irq_mask);
1593 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1594 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1596 /* Device interrupts are currently disabled. That means
1597 * we just ran the hardirq handler and scheduled the
1598 * IRQ thread. The thread will write the IRQ mask when
1599 * it finished, so there's nothing to do here. Writing
1600 * the mask _here_ would incorrectly re-enable IRQs. */
1605 static void b43_beacon_update_trigger_work(struct work_struct *work)
1607 struct b43_wl *wl = container_of(work, struct b43_wl,
1608 beacon_update_trigger);
1609 struct b43_wldev *dev;
1611 mutex_lock(&wl->mutex);
1612 dev = wl->current_dev;
1613 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1614 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) {
1615 /* wl->mutex is enough. */
1616 b43_do_beacon_update_trigger_work(dev);
1619 spin_lock_irq(&wl->hardirq_lock);
1620 b43_do_beacon_update_trigger_work(dev);
1622 spin_unlock_irq(&wl->hardirq_lock);
1625 mutex_unlock(&wl->mutex);
1628 /* Asynchronously update the packet templates in template RAM.
1629 * Locking: Requires wl->mutex to be locked. */
1630 static void b43_update_templates(struct b43_wl *wl)
1632 struct sk_buff *beacon;
1634 /* This is the top half of the ansynchronous beacon update.
1635 * The bottom half is the beacon IRQ.
1636 * Beacon update must be asynchronous to avoid sending an
1637 * invalid beacon. This can happen for example, if the firmware
1638 * transmits a beacon while we are updating it. */
1640 /* We could modify the existing beacon and set the aid bit in
1641 * the TIM field, but that would probably require resizing and
1642 * moving of data within the beacon template.
1643 * Simply request a new beacon and let mac80211 do the hard work. */
1644 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1645 if (unlikely(!beacon))
1648 if (wl->current_beacon)
1649 dev_kfree_skb_any(wl->current_beacon);
1650 wl->current_beacon = beacon;
1651 wl->beacon0_uploaded = 0;
1652 wl->beacon1_uploaded = 0;
1653 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1656 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1659 if (dev->dev->id.revision >= 3) {
1660 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1661 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1663 b43_write16(dev, 0x606, (beacon_int >> 6));
1664 b43_write16(dev, 0x610, beacon_int);
1666 b43_time_unlock(dev);
1667 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1670 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1674 /* Read the register that contains the reason code for the panic. */
1675 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1676 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1680 b43dbg(dev->wl, "The panic reason is unknown.\n");
1682 case B43_FWPANIC_DIE:
1683 /* Do not restart the controller or firmware.
1684 * The device is nonfunctional from now on.
1685 * Restarting would result in this panic to trigger again,
1686 * so we avoid that recursion. */
1688 case B43_FWPANIC_RESTART:
1689 b43_controller_restart(dev, "Microcode panic");
1694 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1696 unsigned int i, cnt;
1697 u16 reason, marker_id, marker_line;
1700 /* The proprietary firmware doesn't have this IRQ. */
1701 if (!dev->fw.opensource)
1704 /* Read the register that contains the reason code for this IRQ. */
1705 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1708 case B43_DEBUGIRQ_PANIC:
1709 b43_handle_firmware_panic(dev);
1711 case B43_DEBUGIRQ_DUMP_SHM:
1713 break; /* Only with driver debugging enabled. */
1714 buf = kmalloc(4096, GFP_ATOMIC);
1716 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1719 for (i = 0; i < 4096; i += 2) {
1720 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1721 buf[i / 2] = cpu_to_le16(tmp);
1723 b43info(dev->wl, "Shared memory dump:\n");
1724 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1725 16, 2, buf, 4096, 1);
1728 case B43_DEBUGIRQ_DUMP_REGS:
1730 break; /* Only with driver debugging enabled. */
1731 b43info(dev->wl, "Microcode register dump:\n");
1732 for (i = 0, cnt = 0; i < 64; i++) {
1733 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1736 printk("r%02u: 0x%04X ", i, tmp);
1745 case B43_DEBUGIRQ_MARKER:
1747 break; /* Only with driver debugging enabled. */
1748 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1750 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1751 B43_MARKER_LINE_REG);
1752 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1753 "at line number %u\n",
1754 marker_id, marker_line);
1757 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1761 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1762 b43_shm_write16(dev, B43_SHM_SCRATCH,
1763 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1766 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1769 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1770 u32 merged_dma_reason = 0;
1773 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1776 reason = dev->irq_reason;
1777 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1778 dma_reason[i] = dev->dma_reason[i];
1779 merged_dma_reason |= dma_reason[i];
1782 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1783 b43err(dev->wl, "MAC transmission error\n");
1785 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1786 b43err(dev->wl, "PHY transmission error\n");
1788 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1789 atomic_set(&dev->phy.txerr_cnt,
1790 B43_PHY_TX_BADNESS_LIMIT);
1791 b43err(dev->wl, "Too many PHY TX errors, "
1792 "restarting the controller\n");
1793 b43_controller_restart(dev, "PHY TX errors");
1797 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1798 B43_DMAIRQ_NONFATALMASK))) {
1799 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1800 b43err(dev->wl, "Fatal DMA error: "
1801 "0x%08X, 0x%08X, 0x%08X, "
1802 "0x%08X, 0x%08X, 0x%08X\n",
1803 dma_reason[0], dma_reason[1],
1804 dma_reason[2], dma_reason[3],
1805 dma_reason[4], dma_reason[5]);
1806 b43err(dev->wl, "This device does not support DMA "
1807 "on your system. It will now be switched to PIO.\n");
1808 /* Fall back to PIO transfers if we get fatal DMA errors! */
1810 b43_controller_restart(dev, "DMA error");
1813 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1814 b43err(dev->wl, "DMA error: "
1815 "0x%08X, 0x%08X, 0x%08X, "
1816 "0x%08X, 0x%08X, 0x%08X\n",
1817 dma_reason[0], dma_reason[1],
1818 dma_reason[2], dma_reason[3],
1819 dma_reason[4], dma_reason[5]);
1823 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1824 handle_irq_ucode_debug(dev);
1825 if (reason & B43_IRQ_TBTT_INDI)
1826 handle_irq_tbtt_indication(dev);
1827 if (reason & B43_IRQ_ATIM_END)
1828 handle_irq_atim_end(dev);
1829 if (reason & B43_IRQ_BEACON)
1830 handle_irq_beacon(dev);
1831 if (reason & B43_IRQ_PMQ)
1832 handle_irq_pmq(dev);
1833 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1835 if (reason & B43_IRQ_NOISESAMPLE_OK)
1836 handle_irq_noise(dev);
1838 /* Check the DMA reason registers for received data. */
1839 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1840 if (b43_using_pio_transfers(dev))
1841 b43_pio_rx(dev->pio.rx_queue);
1843 b43_dma_rx(dev->dma.rx_ring);
1845 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1846 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1847 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1848 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1849 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1851 if (reason & B43_IRQ_TX_OK)
1852 handle_irq_transmit_status(dev);
1854 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1855 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1858 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1860 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1861 if (reason & (1 << i))
1862 dev->irq_bit_count[i]++;
1868 /* Interrupt thread handler. Handles device interrupts in thread context. */
1869 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1871 struct b43_wldev *dev = dev_id;
1873 mutex_lock(&dev->wl->mutex);
1874 b43_do_interrupt_thread(dev);
1876 mutex_unlock(&dev->wl->mutex);
1881 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1885 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1886 * On SDIO, this runs under wl->mutex. */
1888 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1889 if (reason == 0xffffffff) /* shared IRQ */
1891 reason &= dev->irq_mask;
1895 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1897 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1899 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1901 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1903 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1906 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1910 /* ACK the interrupt. */
1911 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1912 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1913 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1914 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1915 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1916 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1918 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1921 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1922 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1923 /* Save the reason bitmasks for the IRQ thread handler. */
1924 dev->irq_reason = reason;
1926 return IRQ_WAKE_THREAD;
1929 /* Interrupt handler top-half. This runs with interrupts disabled. */
1930 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1932 struct b43_wldev *dev = dev_id;
1935 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1938 spin_lock(&dev->wl->hardirq_lock);
1939 ret = b43_do_interrupt(dev);
1941 spin_unlock(&dev->wl->hardirq_lock);
1946 /* SDIO interrupt handler. This runs in process context. */
1947 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
1949 struct b43_wl *wl = dev->wl;
1952 mutex_lock(&wl->mutex);
1954 ret = b43_do_interrupt(dev);
1955 if (ret == IRQ_WAKE_THREAD)
1956 b43_do_interrupt_thread(dev);
1958 mutex_unlock(&wl->mutex);
1961 void b43_do_release_fw(struct b43_firmware_file *fw)
1963 release_firmware(fw->data);
1965 fw->filename = NULL;
1968 static void b43_release_firmware(struct b43_wldev *dev)
1970 b43_do_release_fw(&dev->fw.ucode);
1971 b43_do_release_fw(&dev->fw.pcm);
1972 b43_do_release_fw(&dev->fw.initvals);
1973 b43_do_release_fw(&dev->fw.initvals_band);
1976 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
1980 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
1981 "and download the correct firmware for this driver version. " \
1982 "Please carefully read all instructions on this website.\n";
1990 int b43_do_request_fw(struct b43_request_fw_context *ctx,
1992 struct b43_firmware_file *fw)
1994 const struct firmware *blob;
1995 struct b43_fw_header *hdr;
2000 /* Don't fetch anything. Free possibly cached firmware. */
2001 /* FIXME: We should probably keep it anyway, to save some headache
2002 * on suspend/resume with multiband devices. */
2003 b43_do_release_fw(fw);
2007 if ((fw->type == ctx->req_type) &&
2008 (strcmp(fw->filename, name) == 0))
2009 return 0; /* Already have this fw. */
2010 /* Free the cached firmware first. */
2011 /* FIXME: We should probably do this later after we successfully
2012 * got the new fw. This could reduce headache with multiband devices.
2013 * We could also redesign this to cache the firmware for all possible
2014 * bands all the time. */
2015 b43_do_release_fw(fw);
2018 switch (ctx->req_type) {
2019 case B43_FWTYPE_PROPRIETARY:
2020 snprintf(ctx->fwname, sizeof(ctx->fwname),
2022 modparam_fwpostfix, name);
2024 case B43_FWTYPE_OPENSOURCE:
2025 snprintf(ctx->fwname, sizeof(ctx->fwname),
2027 modparam_fwpostfix, name);
2033 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev);
2034 if (err == -ENOENT) {
2035 snprintf(ctx->errors[ctx->req_type],
2036 sizeof(ctx->errors[ctx->req_type]),
2037 "Firmware file \"%s\" not found\n", ctx->fwname);
2040 snprintf(ctx->errors[ctx->req_type],
2041 sizeof(ctx->errors[ctx->req_type]),
2042 "Firmware file \"%s\" request failed (err=%d)\n",
2046 if (blob->size < sizeof(struct b43_fw_header))
2048 hdr = (struct b43_fw_header *)(blob->data);
2049 switch (hdr->type) {
2050 case B43_FW_TYPE_UCODE:
2051 case B43_FW_TYPE_PCM:
2052 size = be32_to_cpu(hdr->size);
2053 if (size != blob->size - sizeof(struct b43_fw_header))
2056 case B43_FW_TYPE_IV:
2065 fw->filename = name;
2066 fw->type = ctx->req_type;
2071 snprintf(ctx->errors[ctx->req_type],
2072 sizeof(ctx->errors[ctx->req_type]),
2073 "Firmware file \"%s\" format error.\n", ctx->fwname);
2074 release_firmware(blob);
2079 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2081 struct b43_wldev *dev = ctx->dev;
2082 struct b43_firmware *fw = &ctx->dev->fw;
2083 const u8 rev = ctx->dev->dev->id.revision;
2084 const char *filename;
2089 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
2090 if ((rev >= 5) && (rev <= 10))
2091 filename = "ucode5";
2092 else if ((rev >= 11) && (rev <= 12))
2093 filename = "ucode11";
2095 filename = "ucode13";
2097 filename = "ucode14";
2099 filename = "ucode15";
2102 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2107 if ((rev >= 5) && (rev <= 10))
2113 fw->pcm_request_failed = 0;
2114 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2115 if (err == -ENOENT) {
2116 /* We did not find a PCM file? Not fatal, but
2117 * core rev <= 10 must do without hwcrypto then. */
2118 fw->pcm_request_failed = 1;
2123 switch (dev->phy.type) {
2125 if ((rev >= 5) && (rev <= 10)) {
2126 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2127 filename = "a0g1initvals5";
2129 filename = "a0g0initvals5";
2131 goto err_no_initvals;
2134 if ((rev >= 5) && (rev <= 10))
2135 filename = "b0g0initvals5";
2137 filename = "b0g0initvals13";
2139 goto err_no_initvals;
2142 if ((rev >= 11) && (rev <= 12))
2143 filename = "n0initvals11";
2145 goto err_no_initvals;
2147 case B43_PHYTYPE_LP:
2149 filename = "lp0initvals13";
2151 filename = "lp0initvals14";
2153 filename = "lp0initvals15";
2155 goto err_no_initvals;
2158 goto err_no_initvals;
2160 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2164 /* Get bandswitch initvals */
2165 switch (dev->phy.type) {
2167 if ((rev >= 5) && (rev <= 10)) {
2168 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2169 filename = "a0g1bsinitvals5";
2171 filename = "a0g0bsinitvals5";
2172 } else if (rev >= 11)
2175 goto err_no_initvals;
2178 if ((rev >= 5) && (rev <= 10))
2179 filename = "b0g0bsinitvals5";
2183 goto err_no_initvals;
2186 if ((rev >= 11) && (rev <= 12))
2187 filename = "n0bsinitvals11";
2189 goto err_no_initvals;
2191 case B43_PHYTYPE_LP:
2193 filename = "lp0bsinitvals13";
2195 filename = "lp0bsinitvals14";
2197 filename = "lp0bsinitvals15";
2199 goto err_no_initvals;
2202 goto err_no_initvals;
2204 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2211 err = ctx->fatal_failure = -EOPNOTSUPP;
2212 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2213 "is required for your device (wl-core rev %u)\n", rev);
2217 err = ctx->fatal_failure = -EOPNOTSUPP;
2218 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2219 "is required for your device (wl-core rev %u)\n", rev);
2223 err = ctx->fatal_failure = -EOPNOTSUPP;
2224 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2225 "is required for your device (wl-core rev %u)\n", rev);
2229 /* We failed to load this firmware image. The error message
2230 * already is in ctx->errors. Return and let our caller decide
2235 b43_release_firmware(dev);
2239 static int b43_request_firmware(struct b43_wldev *dev)
2241 struct b43_request_fw_context *ctx;
2246 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2251 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2252 err = b43_try_request_fw(ctx);
2254 goto out; /* Successfully loaded it. */
2255 err = ctx->fatal_failure;
2259 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2260 err = b43_try_request_fw(ctx);
2262 goto out; /* Successfully loaded it. */
2263 err = ctx->fatal_failure;
2267 /* Could not find a usable firmware. Print the errors. */
2268 for (i = 0; i < B43_NR_FWTYPES; i++) {
2269 errmsg = ctx->errors[i];
2271 b43err(dev->wl, errmsg);
2273 b43_print_fw_helptext(dev->wl, 1);
2281 static int b43_upload_microcode(struct b43_wldev *dev)
2283 struct wiphy *wiphy = dev->wl->hw->wiphy;
2284 const size_t hdr_len = sizeof(struct b43_fw_header);
2286 unsigned int i, len;
2287 u16 fwrev, fwpatch, fwdate, fwtime;
2291 /* Jump the microcode PSM to offset 0 */
2292 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2293 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2294 macctl |= B43_MACCTL_PSM_JMP0;
2295 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2296 /* Zero out all microcode PSM registers and shared memory. */
2297 for (i = 0; i < 64; i++)
2298 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2299 for (i = 0; i < 4096; i += 2)
2300 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2302 /* Upload Microcode. */
2303 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2304 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2305 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2306 for (i = 0; i < len; i++) {
2307 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2311 if (dev->fw.pcm.data) {
2312 /* Upload PCM data. */
2313 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2314 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2315 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2316 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2317 /* No need for autoinc bit in SHM_HW */
2318 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2319 for (i = 0; i < len; i++) {
2320 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2325 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2327 /* Start the microcode PSM */
2328 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2329 macctl &= ~B43_MACCTL_PSM_JMP0;
2330 macctl |= B43_MACCTL_PSM_RUN;
2331 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2333 /* Wait for the microcode to load and respond */
2336 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2337 if (tmp == B43_IRQ_MAC_SUSPENDED)
2341 b43err(dev->wl, "Microcode not responding\n");
2342 b43_print_fw_helptext(dev->wl, 1);
2348 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2350 /* Get and check the revisions. */
2351 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2352 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2353 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2354 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2356 if (fwrev <= 0x128) {
2357 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2358 "binary drivers older than version 4.x is unsupported. "
2359 "You must upgrade your firmware files.\n");
2360 b43_print_fw_helptext(dev->wl, 1);
2364 dev->fw.rev = fwrev;
2365 dev->fw.patch = fwpatch;
2366 dev->fw.opensource = (fwdate == 0xFFFF);
2368 /* Default to use-all-queues. */
2369 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2370 dev->qos_enabled = !!modparam_qos;
2371 /* Default to firmware/hardware crypto acceleration. */
2372 dev->hwcrypto_enabled = 1;
2374 if (dev->fw.opensource) {
2377 /* Patchlevel info is encoded in the "time" field. */
2378 dev->fw.patch = fwtime;
2379 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2380 dev->fw.rev, dev->fw.patch);
2382 fwcapa = b43_fwcapa_read(dev);
2383 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2384 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2385 /* Disable hardware crypto and fall back to software crypto. */
2386 dev->hwcrypto_enabled = 0;
2388 if (!(fwcapa & B43_FWCAPA_QOS)) {
2389 b43info(dev->wl, "QoS not supported by firmware\n");
2390 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2391 * ieee80211_unregister to make sure the networking core can
2392 * properly free possible resources. */
2393 dev->wl->hw->queues = 1;
2394 dev->qos_enabled = 0;
2397 b43info(dev->wl, "Loading firmware version %u.%u "
2398 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2400 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2401 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2402 if (dev->fw.pcm_request_failed) {
2403 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2404 "Hardware accelerated cryptography is disabled.\n");
2405 b43_print_fw_helptext(dev->wl, 0);
2409 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2410 dev->fw.rev, dev->fw.patch);
2411 wiphy->hw_version = dev->dev->id.coreid;
2413 if (b43_is_old_txhdr_format(dev)) {
2414 /* We're over the deadline, but we keep support for old fw
2415 * until it turns out to be in major conflict with something new. */
2416 b43warn(dev->wl, "You are using an old firmware image. "
2417 "Support for old firmware will be removed soon "
2418 "(official deadline was July 2008).\n");
2419 b43_print_fw_helptext(dev->wl, 0);
2425 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2426 macctl &= ~B43_MACCTL_PSM_RUN;
2427 macctl |= B43_MACCTL_PSM_JMP0;
2428 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2433 static int b43_write_initvals(struct b43_wldev *dev,
2434 const struct b43_iv *ivals,
2438 const struct b43_iv *iv;
2443 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2445 for (i = 0; i < count; i++) {
2446 if (array_size < sizeof(iv->offset_size))
2448 array_size -= sizeof(iv->offset_size);
2449 offset = be16_to_cpu(iv->offset_size);
2450 bit32 = !!(offset & B43_IV_32BIT);
2451 offset &= B43_IV_OFFSET_MASK;
2452 if (offset >= 0x1000)
2457 if (array_size < sizeof(iv->data.d32))
2459 array_size -= sizeof(iv->data.d32);
2461 value = get_unaligned_be32(&iv->data.d32);
2462 b43_write32(dev, offset, value);
2464 iv = (const struct b43_iv *)((const uint8_t *)iv +
2470 if (array_size < sizeof(iv->data.d16))
2472 array_size -= sizeof(iv->data.d16);
2474 value = be16_to_cpu(iv->data.d16);
2475 b43_write16(dev, offset, value);
2477 iv = (const struct b43_iv *)((const uint8_t *)iv +
2488 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2489 b43_print_fw_helptext(dev->wl, 1);
2494 static int b43_upload_initvals(struct b43_wldev *dev)
2496 const size_t hdr_len = sizeof(struct b43_fw_header);
2497 const struct b43_fw_header *hdr;
2498 struct b43_firmware *fw = &dev->fw;
2499 const struct b43_iv *ivals;
2503 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2504 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2505 count = be32_to_cpu(hdr->size);
2506 err = b43_write_initvals(dev, ivals, count,
2507 fw->initvals.data->size - hdr_len);
2510 if (fw->initvals_band.data) {
2511 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2512 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2513 count = be32_to_cpu(hdr->size);
2514 err = b43_write_initvals(dev, ivals, count,
2515 fw->initvals_band.data->size - hdr_len);
2524 /* Initialize the GPIOs
2525 * http://bcm-specs.sipsolutions.net/GPIO
2527 static int b43_gpio_init(struct b43_wldev *dev)
2529 struct ssb_bus *bus = dev->dev->bus;
2530 struct ssb_device *gpiodev, *pcidev = NULL;
2533 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2534 & ~B43_MACCTL_GPOUTSMSK);
2536 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2541 if (dev->dev->bus->chip_id == 0x4301) {
2545 if (0 /* FIXME: conditional unknown */ ) {
2546 b43_write16(dev, B43_MMIO_GPIO_MASK,
2547 b43_read16(dev, B43_MMIO_GPIO_MASK)
2552 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2553 b43_write16(dev, B43_MMIO_GPIO_MASK,
2554 b43_read16(dev, B43_MMIO_GPIO_MASK)
2559 if (dev->dev->id.revision >= 2)
2560 mask |= 0x0010; /* FIXME: This is redundant. */
2562 #ifdef CONFIG_SSB_DRIVER_PCICORE
2563 pcidev = bus->pcicore.dev;
2565 gpiodev = bus->chipco.dev ? : pcidev;
2568 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2569 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2575 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2576 static void b43_gpio_cleanup(struct b43_wldev *dev)
2578 struct ssb_bus *bus = dev->dev->bus;
2579 struct ssb_device *gpiodev, *pcidev = NULL;
2581 #ifdef CONFIG_SSB_DRIVER_PCICORE
2582 pcidev = bus->pcicore.dev;
2584 gpiodev = bus->chipco.dev ? : pcidev;
2587 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2590 /* http://bcm-specs.sipsolutions.net/EnableMac */
2591 void b43_mac_enable(struct b43_wldev *dev)
2593 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2596 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2597 B43_SHM_SH_UCODESTAT);
2598 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2599 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2600 b43err(dev->wl, "b43_mac_enable(): The firmware "
2601 "should be suspended, but current state is %u\n",
2606 dev->mac_suspended--;
2607 B43_WARN_ON(dev->mac_suspended < 0);
2608 if (dev->mac_suspended == 0) {
2609 b43_write32(dev, B43_MMIO_MACCTL,
2610 b43_read32(dev, B43_MMIO_MACCTL)
2611 | B43_MACCTL_ENABLED);
2612 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2613 B43_IRQ_MAC_SUSPENDED);
2615 b43_read32(dev, B43_MMIO_MACCTL);
2616 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2617 b43_power_saving_ctl_bits(dev, 0);
2621 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2622 void b43_mac_suspend(struct b43_wldev *dev)
2628 B43_WARN_ON(dev->mac_suspended < 0);
2630 if (dev->mac_suspended == 0) {
2631 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2632 b43_write32(dev, B43_MMIO_MACCTL,
2633 b43_read32(dev, B43_MMIO_MACCTL)
2634 & ~B43_MACCTL_ENABLED);
2635 /* force pci to flush the write */
2636 b43_read32(dev, B43_MMIO_MACCTL);
2637 for (i = 35; i; i--) {
2638 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2639 if (tmp & B43_IRQ_MAC_SUSPENDED)
2643 /* Hm, it seems this will take some time. Use msleep(). */
2644 for (i = 40; i; i--) {
2645 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2646 if (tmp & B43_IRQ_MAC_SUSPENDED)
2650 b43err(dev->wl, "MAC suspend failed\n");
2653 dev->mac_suspended++;
2656 static void b43_adjust_opmode(struct b43_wldev *dev)
2658 struct b43_wl *wl = dev->wl;
2662 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2663 /* Reset status to STA infrastructure mode. */
2664 ctl &= ~B43_MACCTL_AP;
2665 ctl &= ~B43_MACCTL_KEEP_CTL;
2666 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2667 ctl &= ~B43_MACCTL_KEEP_BAD;
2668 ctl &= ~B43_MACCTL_PROMISC;
2669 ctl &= ~B43_MACCTL_BEACPROMISC;
2670 ctl |= B43_MACCTL_INFRA;
2672 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2673 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2674 ctl |= B43_MACCTL_AP;
2675 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2676 ctl &= ~B43_MACCTL_INFRA;
2678 if (wl->filter_flags & FIF_CONTROL)
2679 ctl |= B43_MACCTL_KEEP_CTL;
2680 if (wl->filter_flags & FIF_FCSFAIL)
2681 ctl |= B43_MACCTL_KEEP_BAD;
2682 if (wl->filter_flags & FIF_PLCPFAIL)
2683 ctl |= B43_MACCTL_KEEP_BADPLCP;
2684 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2685 ctl |= B43_MACCTL_PROMISC;
2686 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2687 ctl |= B43_MACCTL_BEACPROMISC;
2689 /* Workaround: On old hardware the HW-MAC-address-filter
2690 * doesn't work properly, so always run promisc in filter
2691 * it in software. */
2692 if (dev->dev->id.revision <= 4)
2693 ctl |= B43_MACCTL_PROMISC;
2695 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2698 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2699 if (dev->dev->bus->chip_id == 0x4306 &&
2700 dev->dev->bus->chip_rev == 3)
2705 b43_write16(dev, 0x612, cfp_pretbtt);
2707 /* FIXME: We don't currently implement the PMQ mechanism,
2708 * so always disable it. If we want to implement PMQ,
2709 * we need to enable it here (clear DISCPMQ) in AP mode.
2711 if (0 /* ctl & B43_MACCTL_AP */) {
2712 b43_write32(dev, B43_MMIO_MACCTL,
2713 b43_read32(dev, B43_MMIO_MACCTL)
2714 & ~B43_MACCTL_DISCPMQ);
2716 b43_write32(dev, B43_MMIO_MACCTL,
2717 b43_read32(dev, B43_MMIO_MACCTL)
2718 | B43_MACCTL_DISCPMQ);
2722 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2728 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2731 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2733 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2734 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2737 static void b43_rate_memory_init(struct b43_wldev *dev)
2739 switch (dev->phy.type) {
2743 case B43_PHYTYPE_LP:
2744 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2745 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2746 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2747 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2748 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2749 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2750 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2751 if (dev->phy.type == B43_PHYTYPE_A)
2755 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2756 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2757 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2758 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2765 /* Set the default values for the PHY TX Control Words. */
2766 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2770 ctl |= B43_TXH_PHY_ENC_CCK;
2771 ctl |= B43_TXH_PHY_ANT01AUTO;
2772 ctl |= B43_TXH_PHY_TXPWR;
2774 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2775 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2776 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2779 /* Set the TX-Antenna for management frames sent by firmware. */
2780 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2785 ant = b43_antenna_to_phyctl(antenna);
2788 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2789 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2790 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2791 /* For Probe Resposes */
2792 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2793 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2794 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2797 /* This is the opposite of b43_chip_init() */
2798 static void b43_chip_exit(struct b43_wldev *dev)
2801 b43_gpio_cleanup(dev);
2802 /* firmware is released later */
2805 /* Initialize the chip
2806 * http://bcm-specs.sipsolutions.net/ChipInit
2808 static int b43_chip_init(struct b43_wldev *dev)
2810 struct b43_phy *phy = &dev->phy;
2812 u32 value32, macctl;
2815 /* Initialize the MAC control */
2816 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2818 macctl |= B43_MACCTL_GMODE;
2819 macctl |= B43_MACCTL_INFRA;
2820 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2822 err = b43_request_firmware(dev);
2825 err = b43_upload_microcode(dev);
2827 goto out; /* firmware is released later */
2829 err = b43_gpio_init(dev);
2831 goto out; /* firmware is released later */
2833 err = b43_upload_initvals(dev);
2835 goto err_gpio_clean;
2837 /* Turn the Analog on and initialize the PHY. */
2838 phy->ops->switch_analog(dev, 1);
2839 err = b43_phy_init(dev);
2841 goto err_gpio_clean;
2843 /* Disable Interference Mitigation. */
2844 if (phy->ops->interf_mitigation)
2845 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2847 /* Select the antennae */
2848 if (phy->ops->set_rx_antenna)
2849 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2850 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2852 if (phy->type == B43_PHYTYPE_B) {
2853 value16 = b43_read16(dev, 0x005E);
2855 b43_write16(dev, 0x005E, value16);
2857 b43_write32(dev, 0x0100, 0x01000000);
2858 if (dev->dev->id.revision < 5)
2859 b43_write32(dev, 0x010C, 0x01000000);
2861 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2862 & ~B43_MACCTL_INFRA);
2863 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2864 | B43_MACCTL_INFRA);
2866 /* Probe Response Timeout value */
2867 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2868 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2870 /* Initially set the wireless operation mode. */
2871 b43_adjust_opmode(dev);
2873 if (dev->dev->id.revision < 3) {
2874 b43_write16(dev, 0x060E, 0x0000);
2875 b43_write16(dev, 0x0610, 0x8000);
2876 b43_write16(dev, 0x0604, 0x0000);
2877 b43_write16(dev, 0x0606, 0x0200);
2879 b43_write32(dev, 0x0188, 0x80000000);
2880 b43_write32(dev, 0x018C, 0x02000000);
2882 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2883 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2884 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2885 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2886 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2887 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2888 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2890 value32 = ssb_read32(dev->dev, SSB_TMSLOW);
2891 value32 |= 0x00100000;
2892 ssb_write32(dev->dev, SSB_TMSLOW, value32);
2894 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2895 dev->dev->bus->chipco.fast_pwrup_delay);
2898 b43dbg(dev->wl, "Chip initialized\n");
2903 b43_gpio_cleanup(dev);
2907 static void b43_periodic_every60sec(struct b43_wldev *dev)
2909 const struct b43_phy_operations *ops = dev->phy.ops;
2911 if (ops->pwork_60sec)
2912 ops->pwork_60sec(dev);
2914 /* Force check the TX power emission now. */
2915 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2918 static void b43_periodic_every30sec(struct b43_wldev *dev)
2920 /* Update device statistics. */
2921 b43_calculate_link_quality(dev);
2924 static void b43_periodic_every15sec(struct b43_wldev *dev)
2926 struct b43_phy *phy = &dev->phy;
2929 if (dev->fw.opensource) {
2930 /* Check if the firmware is still alive.
2931 * It will reset the watchdog counter to 0 in its idle loop. */
2932 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2933 if (unlikely(wdr)) {
2934 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2935 b43_controller_restart(dev, "Firmware watchdog");
2938 b43_shm_write16(dev, B43_SHM_SCRATCH,
2939 B43_WATCHDOG_REG, 1);
2943 if (phy->ops->pwork_15sec)
2944 phy->ops->pwork_15sec(dev);
2946 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
2950 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
2953 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
2954 dev->irq_count / 15,
2956 dev->rx_count / 15);
2960 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
2961 if (dev->irq_bit_count[i]) {
2962 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
2963 dev->irq_bit_count[i] / 15, i, (1 << i));
2964 dev->irq_bit_count[i] = 0;
2971 static void do_periodic_work(struct b43_wldev *dev)
2975 state = dev->periodic_state;
2977 b43_periodic_every60sec(dev);
2979 b43_periodic_every30sec(dev);
2980 b43_periodic_every15sec(dev);
2983 /* Periodic work locking policy:
2984 * The whole periodic work handler is protected by
2985 * wl->mutex. If another lock is needed somewhere in the
2986 * pwork callchain, it's acquired in-place, where it's needed.
2988 static void b43_periodic_work_handler(struct work_struct *work)
2990 struct b43_wldev *dev = container_of(work, struct b43_wldev,
2991 periodic_work.work);
2992 struct b43_wl *wl = dev->wl;
2993 unsigned long delay;
2995 mutex_lock(&wl->mutex);
2997 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
2999 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3002 do_periodic_work(dev);
3004 dev->periodic_state++;
3006 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3007 delay = msecs_to_jiffies(50);
3009 delay = round_jiffies_relative(HZ * 15);
3010 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3012 mutex_unlock(&wl->mutex);
3015 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3017 struct delayed_work *work = &dev->periodic_work;
3019 dev->periodic_state = 0;
3020 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3021 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3024 /* Check if communication with the device works correctly. */
3025 static int b43_validate_chipaccess(struct b43_wldev *dev)
3027 u32 v, backup0, backup4;
3029 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3030 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3032 /* Check for read/write and endianness problems. */
3033 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3034 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3036 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3037 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3040 /* Check if unaligned 32bit SHM_SHARED access works properly.
3041 * However, don't bail out on failure, because it's noncritical. */
3042 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3043 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3044 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3045 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3046 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3047 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3048 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3049 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3050 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3051 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3052 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3053 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3055 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3056 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3058 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) {
3059 /* The 32bit register shadows the two 16bit registers
3060 * with update sideeffects. Validate this. */
3061 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3062 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3063 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3065 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3068 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3070 v = b43_read32(dev, B43_MMIO_MACCTL);
3071 v |= B43_MACCTL_GMODE;
3072 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3077 b43err(dev->wl, "Failed to validate the chipaccess\n");
3081 static void b43_security_init(struct b43_wldev *dev)
3083 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3084 /* KTP is a word address, but we address SHM bytewise.
3085 * So multiply by two.
3088 /* Number of RCMTA address slots */
3089 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3090 /* Clear the key memory. */
3091 b43_clear_keys(dev);
3094 #ifdef CONFIG_B43_HWRNG
3095 static int b43_rng_read(struct hwrng *rng, u32 *data)
3097 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3098 struct b43_wldev *dev;
3099 int count = -ENODEV;
3101 mutex_lock(&wl->mutex);
3102 dev = wl->current_dev;
3103 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3104 *data = b43_read16(dev, B43_MMIO_RNG);
3105 count = sizeof(u16);
3107 mutex_unlock(&wl->mutex);
3111 #endif /* CONFIG_B43_HWRNG */
3113 static void b43_rng_exit(struct b43_wl *wl)
3115 #ifdef CONFIG_B43_HWRNG
3116 if (wl->rng_initialized)
3117 hwrng_unregister(&wl->rng);
3118 #endif /* CONFIG_B43_HWRNG */
3121 static int b43_rng_init(struct b43_wl *wl)
3125 #ifdef CONFIG_B43_HWRNG
3126 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3127 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3128 wl->rng.name = wl->rng_name;
3129 wl->rng.data_read = b43_rng_read;
3130 wl->rng.priv = (unsigned long)wl;
3131 wl->rng_initialized = 1;
3132 err = hwrng_register(&wl->rng);
3134 wl->rng_initialized = 0;
3135 b43err(wl, "Failed to register the random "
3136 "number generator (%d)\n", err);
3138 #endif /* CONFIG_B43_HWRNG */
3143 static void b43_tx_work(struct work_struct *work)
3145 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3146 struct b43_wldev *dev;
3147 struct sk_buff *skb;
3150 mutex_lock(&wl->mutex);
3151 dev = wl->current_dev;
3152 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3153 mutex_unlock(&wl->mutex);
3157 while (skb_queue_len(&wl->tx_queue)) {
3158 skb = skb_dequeue(&wl->tx_queue);
3160 if (b43_using_pio_transfers(dev))
3161 err = b43_pio_tx(dev, skb);
3163 err = b43_dma_tx(dev, skb);
3165 dev_kfree_skb(skb); /* Drop it */
3171 mutex_unlock(&wl->mutex);
3174 static int b43_op_tx(struct ieee80211_hw *hw,
3175 struct sk_buff *skb)
3177 struct b43_wl *wl = hw_to_b43_wl(hw);
3179 if (unlikely(skb->len < 2 + 2 + 6)) {
3180 /* Too short, this can't be a valid frame. */
3181 dev_kfree_skb_any(skb);
3182 return NETDEV_TX_OK;
3184 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3186 skb_queue_tail(&wl->tx_queue, skb);
3187 ieee80211_queue_work(wl->hw, &wl->tx_work);
3189 return NETDEV_TX_OK;
3192 static void b43_qos_params_upload(struct b43_wldev *dev,
3193 const struct ieee80211_tx_queue_params *p,
3196 u16 params[B43_NR_QOSPARAMS];
3200 if (!dev->qos_enabled)
3203 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3205 memset(¶ms, 0, sizeof(params));
3207 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3208 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3209 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3210 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3211 params[B43_QOSPARAM_AIFS] = p->aifs;
3212 params[B43_QOSPARAM_BSLOTS] = bslots;
3213 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3215 for (i = 0; i < ARRAY_SIZE(params); i++) {
3216 if (i == B43_QOSPARAM_STATUS) {
3217 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3218 shm_offset + (i * 2));
3219 /* Mark the parameters as updated. */
3221 b43_shm_write16(dev, B43_SHM_SHARED,
3222 shm_offset + (i * 2),
3225 b43_shm_write16(dev, B43_SHM_SHARED,
3226 shm_offset + (i * 2),
3232 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3233 static const u16 b43_qos_shm_offsets[] = {
3234 /* [mac80211-queue-nr] = SHM_OFFSET, */
3235 [0] = B43_QOS_VOICE,
3236 [1] = B43_QOS_VIDEO,
3237 [2] = B43_QOS_BESTEFFORT,
3238 [3] = B43_QOS_BACKGROUND,
3241 /* Update all QOS parameters in hardware. */
3242 static void b43_qos_upload_all(struct b43_wldev *dev)
3244 struct b43_wl *wl = dev->wl;
3245 struct b43_qos_params *params;
3248 if (!dev->qos_enabled)
3251 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3252 ARRAY_SIZE(wl->qos_params));
3254 b43_mac_suspend(dev);
3255 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3256 params = &(wl->qos_params[i]);
3257 b43_qos_params_upload(dev, &(params->p),
3258 b43_qos_shm_offsets[i]);
3260 b43_mac_enable(dev);
3263 static void b43_qos_clear(struct b43_wl *wl)
3265 struct b43_qos_params *params;
3268 /* Initialize QoS parameters to sane defaults. */
3270 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3271 ARRAY_SIZE(wl->qos_params));
3273 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3274 params = &(wl->qos_params[i]);
3276 switch (b43_qos_shm_offsets[i]) {
3280 params->p.cw_min = 0x0001;
3281 params->p.cw_max = 0x0001;
3286 params->p.cw_min = 0x0001;
3287 params->p.cw_max = 0x0001;
3289 case B43_QOS_BESTEFFORT:
3292 params->p.cw_min = 0x0001;
3293 params->p.cw_max = 0x03FF;
3295 case B43_QOS_BACKGROUND:
3298 params->p.cw_min = 0x0001;
3299 params->p.cw_max = 0x03FF;
3307 /* Initialize the core's QOS capabilities */
3308 static void b43_qos_init(struct b43_wldev *dev)
3310 if (!dev->qos_enabled) {
3311 /* Disable QOS support. */
3312 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3313 b43_write16(dev, B43_MMIO_IFSCTL,
3314 b43_read16(dev, B43_MMIO_IFSCTL)
3315 & ~B43_MMIO_IFSCTL_USE_EDCF);
3316 b43dbg(dev->wl, "QoS disabled\n");
3320 /* Upload the current QOS parameters. */
3321 b43_qos_upload_all(dev);
3323 /* Enable QOS support. */
3324 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3325 b43_write16(dev, B43_MMIO_IFSCTL,
3326 b43_read16(dev, B43_MMIO_IFSCTL)
3327 | B43_MMIO_IFSCTL_USE_EDCF);
3328 b43dbg(dev->wl, "QoS enabled\n");
3331 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3332 const struct ieee80211_tx_queue_params *params)
3334 struct b43_wl *wl = hw_to_b43_wl(hw);
3335 struct b43_wldev *dev;
3336 unsigned int queue = (unsigned int)_queue;
3339 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3340 /* Queue not available or don't support setting
3341 * params on this queue. Return success to not
3342 * confuse mac80211. */
3345 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3346 ARRAY_SIZE(wl->qos_params));
3348 mutex_lock(&wl->mutex);
3349 dev = wl->current_dev;
3350 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3353 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3354 b43_mac_suspend(dev);
3355 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3356 b43_qos_shm_offsets[queue]);
3357 b43_mac_enable(dev);
3361 mutex_unlock(&wl->mutex);
3366 static int b43_op_get_stats(struct ieee80211_hw *hw,
3367 struct ieee80211_low_level_stats *stats)
3369 struct b43_wl *wl = hw_to_b43_wl(hw);
3371 mutex_lock(&wl->mutex);
3372 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3373 mutex_unlock(&wl->mutex);
3378 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3380 struct b43_wl *wl = hw_to_b43_wl(hw);
3381 struct b43_wldev *dev;
3384 mutex_lock(&wl->mutex);
3385 dev = wl->current_dev;
3387 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3388 b43_tsf_read(dev, &tsf);
3392 mutex_unlock(&wl->mutex);
3397 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3399 struct b43_wl *wl = hw_to_b43_wl(hw);
3400 struct b43_wldev *dev;
3402 mutex_lock(&wl->mutex);
3403 dev = wl->current_dev;
3405 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3406 b43_tsf_write(dev, tsf);
3408 mutex_unlock(&wl->mutex);
3411 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3413 struct ssb_device *sdev = dev->dev;
3416 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3417 tmslow &= ~B43_TMSLOW_GMODE;
3418 tmslow |= B43_TMSLOW_PHYRESET;
3419 tmslow |= SSB_TMSLOW_FGC;
3420 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3423 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3424 tmslow &= ~SSB_TMSLOW_FGC;
3425 tmslow |= B43_TMSLOW_PHYRESET;
3426 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3430 static const char *band_to_string(enum ieee80211_band band)
3433 case IEEE80211_BAND_5GHZ:
3435 case IEEE80211_BAND_2GHZ:
3444 /* Expects wl->mutex locked */
3445 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3447 struct b43_wldev *up_dev = NULL;
3448 struct b43_wldev *down_dev;
3449 struct b43_wldev *d;
3451 bool uninitialized_var(gmode);
3454 /* Find a device and PHY which supports the band. */
3455 list_for_each_entry(d, &wl->devlist, list) {
3456 switch (chan->band) {
3457 case IEEE80211_BAND_5GHZ:
3458 if (d->phy.supports_5ghz) {
3463 case IEEE80211_BAND_2GHZ:
3464 if (d->phy.supports_2ghz) {
3477 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3478 band_to_string(chan->band));
3481 if ((up_dev == wl->current_dev) &&
3482 (!!wl->current_dev->phy.gmode == !!gmode)) {
3483 /* This device is already running. */
3486 b43dbg(wl, "Switching to %s-GHz band\n",
3487 band_to_string(chan->band));
3488 down_dev = wl->current_dev;
3490 prev_status = b43_status(down_dev);
3491 /* Shutdown the currently running core. */
3492 if (prev_status >= B43_STAT_STARTED)
3493 down_dev = b43_wireless_core_stop(down_dev);
3494 if (prev_status >= B43_STAT_INITIALIZED)
3495 b43_wireless_core_exit(down_dev);
3497 if (down_dev != up_dev) {
3498 /* We switch to a different core, so we put PHY into
3499 * RESET on the old core. */
3500 b43_put_phy_into_reset(down_dev);
3503 /* Now start the new core. */
3504 up_dev->phy.gmode = gmode;
3505 if (prev_status >= B43_STAT_INITIALIZED) {
3506 err = b43_wireless_core_init(up_dev);
3508 b43err(wl, "Fatal: Could not initialize device for "
3509 "selected %s-GHz band\n",
3510 band_to_string(chan->band));
3514 if (prev_status >= B43_STAT_STARTED) {
3515 err = b43_wireless_core_start(up_dev);
3517 b43err(wl, "Fatal: Coult not start device for "
3518 "selected %s-GHz band\n",
3519 band_to_string(chan->band));
3520 b43_wireless_core_exit(up_dev);
3524 B43_WARN_ON(b43_status(up_dev) != prev_status);
3526 wl->current_dev = up_dev;
3530 /* Whoops, failed to init the new core. No core is operating now. */
3531 wl->current_dev = NULL;
3535 /* Write the short and long frame retry limit values. */
3536 static void b43_set_retry_limits(struct b43_wldev *dev,
3537 unsigned int short_retry,
3538 unsigned int long_retry)
3540 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3541 * the chip-internal counter. */
3542 short_retry = min(short_retry, (unsigned int)0xF);
3543 long_retry = min(long_retry, (unsigned int)0xF);
3545 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3547 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3551 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3553 struct b43_wl *wl = hw_to_b43_wl(hw);
3554 struct b43_wldev *dev;
3555 struct b43_phy *phy;
3556 struct ieee80211_conf *conf = &hw->conf;
3560 mutex_lock(&wl->mutex);
3562 /* Switch the band (if necessary). This might change the active core. */
3563 err = b43_switch_band(wl, conf->channel);
3565 goto out_unlock_mutex;
3566 dev = wl->current_dev;
3569 if (conf_is_ht(conf))
3571 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3573 phy->is_40mhz = false;
3575 b43_mac_suspend(dev);
3577 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3578 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3579 conf->long_frame_max_tx_count);
3580 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3582 goto out_mac_enable;
3584 /* Switch to the requested channel.
3585 * The firmware takes care of races with the TX handler. */
3586 if (conf->channel->hw_value != phy->channel)
3587 b43_switch_channel(dev, conf->channel->hw_value);
3589 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3591 /* Adjust the desired TX power level. */
3592 if (conf->power_level != 0) {
3593 if (conf->power_level != phy->desired_txpower) {
3594 phy->desired_txpower = conf->power_level;
3595 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3596 B43_TXPWR_IGNORE_TSSI);
3600 /* Antennas for RX and management frame TX. */
3601 antenna = B43_ANTENNA_DEFAULT;
3602 b43_mgmtframe_txantenna(dev, antenna);
3603 antenna = B43_ANTENNA_DEFAULT;
3604 if (phy->ops->set_rx_antenna)
3605 phy->ops->set_rx_antenna(dev, antenna);
3607 if (wl->radio_enabled != phy->radio_on) {
3608 if (wl->radio_enabled) {
3609 b43_software_rfkill(dev, false);
3610 b43info(dev->wl, "Radio turned on by software\n");
3611 if (!dev->radio_hw_enable) {
3612 b43info(dev->wl, "The hardware RF-kill button "
3613 "still turns the radio physically off. "
3614 "Press the button to turn it on.\n");
3617 b43_software_rfkill(dev, true);
3618 b43info(dev->wl, "Radio turned off by software\n");
3623 b43_mac_enable(dev);
3625 mutex_unlock(&wl->mutex);
3630 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3632 struct ieee80211_supported_band *sband =
3633 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3634 struct ieee80211_rate *rate;
3636 u16 basic, direct, offset, basic_offset, rateptr;
3638 for (i = 0; i < sband->n_bitrates; i++) {
3639 rate = &sband->bitrates[i];
3641 if (b43_is_cck_rate(rate->hw_value)) {
3642 direct = B43_SHM_SH_CCKDIRECT;
3643 basic = B43_SHM_SH_CCKBASIC;
3644 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3647 direct = B43_SHM_SH_OFDMDIRECT;
3648 basic = B43_SHM_SH_OFDMBASIC;
3649 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3653 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3655 if (b43_is_cck_rate(rate->hw_value)) {
3656 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3657 basic_offset &= 0xF;
3659 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3660 basic_offset &= 0xF;
3664 * Get the pointer that we need to point to
3665 * from the direct map
3667 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3668 direct + 2 * basic_offset);
3669 /* and write it to the basic map */
3670 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3675 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3676 struct ieee80211_vif *vif,
3677 struct ieee80211_bss_conf *conf,
3680 struct b43_wl *wl = hw_to_b43_wl(hw);
3681 struct b43_wldev *dev;
3683 mutex_lock(&wl->mutex);
3685 dev = wl->current_dev;
3686 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3687 goto out_unlock_mutex;
3689 B43_WARN_ON(wl->vif != vif);
3691 if (changed & BSS_CHANGED_BSSID) {
3693 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3695 memset(wl->bssid, 0, ETH_ALEN);
3698 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3699 if (changed & BSS_CHANGED_BEACON &&
3700 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3701 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3702 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3703 b43_update_templates(wl);
3705 if (changed & BSS_CHANGED_BSSID)
3706 b43_write_mac_bssid_templates(dev);
3709 b43_mac_suspend(dev);
3711 /* Update templates for AP/mesh mode. */
3712 if (changed & BSS_CHANGED_BEACON_INT &&
3713 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3714 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3715 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3716 b43_set_beacon_int(dev, conf->beacon_int);
3718 if (changed & BSS_CHANGED_BASIC_RATES)
3719 b43_update_basic_rates(dev, conf->basic_rates);
3721 if (changed & BSS_CHANGED_ERP_SLOT) {
3722 if (conf->use_short_slot)
3723 b43_short_slot_timing_enable(dev);
3725 b43_short_slot_timing_disable(dev);
3728 b43_mac_enable(dev);
3730 mutex_unlock(&wl->mutex);
3733 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3734 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3735 struct ieee80211_key_conf *key)
3737 struct b43_wl *wl = hw_to_b43_wl(hw);
3738 struct b43_wldev *dev;
3742 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3744 if (modparam_nohwcrypt)
3745 return -ENOSPC; /* User disabled HW-crypto */
3747 mutex_lock(&wl->mutex);
3749 dev = wl->current_dev;
3751 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3754 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3755 /* We don't have firmware for the crypto engine.
3756 * Must use software-crypto. */
3762 switch (key->cipher) {
3763 case WLAN_CIPHER_SUITE_WEP40:
3764 algorithm = B43_SEC_ALGO_WEP40;
3766 case WLAN_CIPHER_SUITE_WEP104:
3767 algorithm = B43_SEC_ALGO_WEP104;
3769 case WLAN_CIPHER_SUITE_TKIP:
3770 algorithm = B43_SEC_ALGO_TKIP;
3772 case WLAN_CIPHER_SUITE_CCMP:
3773 algorithm = B43_SEC_ALGO_AES;
3779 index = (u8) (key->keyidx);
3785 if (algorithm == B43_SEC_ALGO_TKIP &&
3786 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3787 !modparam_hwtkip)) {
3788 /* We support only pairwise key */
3793 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3794 if (WARN_ON(!sta)) {
3798 /* Pairwise key with an assigned MAC address. */
3799 err = b43_key_write(dev, -1, algorithm,
3800 key->key, key->keylen,
3804 err = b43_key_write(dev, index, algorithm,
3805 key->key, key->keylen, NULL, key);
3810 if (algorithm == B43_SEC_ALGO_WEP40 ||
3811 algorithm == B43_SEC_ALGO_WEP104) {
3812 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3815 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3817 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3818 if (algorithm == B43_SEC_ALGO_TKIP)
3819 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3822 err = b43_key_clear(dev, key->hw_key_idx);
3833 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3835 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3836 sta ? sta->addr : bcast_addr);
3837 b43_dump_keymemory(dev);
3839 mutex_unlock(&wl->mutex);
3844 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3845 unsigned int changed, unsigned int *fflags,
3848 struct b43_wl *wl = hw_to_b43_wl(hw);
3849 struct b43_wldev *dev;
3851 mutex_lock(&wl->mutex);
3852 dev = wl->current_dev;
3858 *fflags &= FIF_PROMISC_IN_BSS |
3864 FIF_BCN_PRBRESP_PROMISC;
3866 changed &= FIF_PROMISC_IN_BSS |
3872 FIF_BCN_PRBRESP_PROMISC;
3874 wl->filter_flags = *fflags;
3876 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3877 b43_adjust_opmode(dev);
3880 mutex_unlock(&wl->mutex);
3883 /* Locking: wl->mutex
3884 * Returns the current dev. This might be different from the passed in dev,
3885 * because the core might be gone away while we unlocked the mutex. */
3886 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3888 struct b43_wl *wl = dev->wl;
3889 struct b43_wldev *orig_dev;
3893 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3896 /* Cancel work. Unlock to avoid deadlocks. */
3897 mutex_unlock(&wl->mutex);
3898 cancel_delayed_work_sync(&dev->periodic_work);
3899 cancel_work_sync(&wl->tx_work);
3900 mutex_lock(&wl->mutex);
3901 dev = wl->current_dev;
3902 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3903 /* Whoops, aliens ate up the device while we were unlocked. */
3907 /* Disable interrupts on the device. */
3908 b43_set_status(dev, B43_STAT_INITIALIZED);
3909 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) {
3910 /* wl->mutex is locked. That is enough. */
3911 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3912 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3914 spin_lock_irq(&wl->hardirq_lock);
3915 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3916 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3917 spin_unlock_irq(&wl->hardirq_lock);
3919 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
3921 mutex_unlock(&wl->mutex);
3922 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) {
3923 b43_sdio_free_irq(dev);
3925 synchronize_irq(dev->dev->irq);
3926 free_irq(dev->dev->irq, dev);
3928 mutex_lock(&wl->mutex);
3929 dev = wl->current_dev;
3932 if (dev != orig_dev) {
3933 if (b43_status(dev) >= B43_STAT_STARTED)
3937 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
3938 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
3940 /* Drain the TX queue */
3941 while (skb_queue_len(&wl->tx_queue))
3942 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
3944 b43_mac_suspend(dev);
3946 b43dbg(wl, "Wireless interface stopped\n");
3951 /* Locking: wl->mutex */
3952 static int b43_wireless_core_start(struct b43_wldev *dev)
3956 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
3958 drain_txstatus_queue(dev);
3959 if (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) {
3960 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
3962 b43err(dev->wl, "Cannot request SDIO IRQ\n");
3966 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
3967 b43_interrupt_thread_handler,
3968 IRQF_SHARED, KBUILD_MODNAME, dev);
3970 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq);
3975 /* We are ready to run. */
3976 ieee80211_wake_queues(dev->wl->hw);
3977 b43_set_status(dev, B43_STAT_STARTED);
3979 /* Start data flow (TX/RX). */
3980 b43_mac_enable(dev);
3981 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
3983 /* Start maintainance work */
3984 b43_periodic_tasks_setup(dev);
3988 b43dbg(dev->wl, "Wireless interface started\n");
3993 /* Get PHY and RADIO versioning numbers */
3994 static int b43_phy_versioning(struct b43_wldev *dev)
3996 struct b43_phy *phy = &dev->phy;
4004 int unsupported = 0;
4006 /* Get PHY versioning */
4007 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4008 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4009 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4010 phy_rev = (tmp & B43_PHYVER_VERSION);
4017 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4025 #ifdef CONFIG_B43_NPHY
4031 #ifdef CONFIG_B43_PHY_LP
4032 case B43_PHYTYPE_LP:
4041 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
4042 "(Analog %u, Type %u, Revision %u)\n",
4043 analog_type, phy_type, phy_rev);
4046 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
4047 analog_type, phy_type, phy_rev);
4049 /* Get RADIO versioning */
4050 if (dev->dev->bus->chip_id == 0x4317) {
4051 if (dev->dev->bus->chip_rev == 0)
4053 else if (dev->dev->bus->chip_rev == 1)
4058 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4059 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4060 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4061 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4063 radio_manuf = (tmp & 0x00000FFF);
4064 radio_ver = (tmp & 0x0FFFF000) >> 12;
4065 radio_rev = (tmp & 0xF0000000) >> 28;
4066 if (radio_manuf != 0x17F /* Broadcom */)
4070 if (radio_ver != 0x2060)
4074 if (radio_manuf != 0x17F)
4078 if ((radio_ver & 0xFFF0) != 0x2050)
4082 if (radio_ver != 0x2050)
4086 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4089 case B43_PHYTYPE_LP:
4090 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4097 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4098 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4099 radio_manuf, radio_ver, radio_rev);
4102 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4103 radio_manuf, radio_ver, radio_rev);
4105 phy->radio_manuf = radio_manuf;
4106 phy->radio_ver = radio_ver;
4107 phy->radio_rev = radio_rev;
4109 phy->analog = analog_type;
4110 phy->type = phy_type;
4116 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4117 struct b43_phy *phy)
4119 phy->hardware_power_control = !!modparam_hwpctl;
4120 phy->next_txpwr_check_time = jiffies;
4121 /* PHY TX errors counter. */
4122 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4125 phy->phy_locked = 0;
4126 phy->radio_locked = 0;
4130 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4134 /* Assume the radio is enabled. If it's not enabled, the state will
4135 * immediately get fixed on the first periodic work run. */
4136 dev->radio_hw_enable = 1;
4139 memset(&dev->stats, 0, sizeof(dev->stats));
4141 setup_struct_phy_for_init(dev, &dev->phy);
4143 /* IRQ related flags */
4144 dev->irq_reason = 0;
4145 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4146 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4147 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4148 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4150 dev->mac_suspended = 1;
4152 /* Noise calculation context */
4153 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4156 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4158 struct ssb_sprom *sprom = &dev->dev->bus->sprom;
4161 if (!modparam_btcoex)
4163 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4165 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4168 hf = b43_hf_read(dev);
4169 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4170 hf |= B43_HF_BTCOEXALT;
4172 hf |= B43_HF_BTCOEX;
4173 b43_hf_write(dev, hf);
4176 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4178 if (!modparam_btcoex)
4183 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4185 #ifdef CONFIG_SSB_DRIVER_PCICORE
4186 struct ssb_bus *bus = dev->dev->bus;
4189 if (bus->pcicore.dev &&
4190 bus->pcicore.dev->id.coreid == SSB_DEV_PCI &&
4191 bus->pcicore.dev->id.revision <= 5) {
4192 /* IMCFGLO timeouts workaround. */
4193 tmp = ssb_read32(dev->dev, SSB_IMCFGLO);
4194 switch (bus->bustype) {
4195 case SSB_BUSTYPE_PCI:
4196 case SSB_BUSTYPE_PCMCIA:
4197 tmp &= ~SSB_IMCFGLO_REQTO;
4198 tmp &= ~SSB_IMCFGLO_SERTO;
4201 case SSB_BUSTYPE_SSB:
4202 tmp &= ~SSB_IMCFGLO_REQTO;
4203 tmp &= ~SSB_IMCFGLO_SERTO;
4209 ssb_write32(dev->dev, SSB_IMCFGLO, tmp);
4211 #endif /* CONFIG_SSB_DRIVER_PCICORE */
4214 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4218 /* The time value is in microseconds. */
4219 if (dev->phy.type == B43_PHYTYPE_A)
4223 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4225 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4226 pu_delay = max(pu_delay, (u16)2400);
4228 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4231 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4232 static void b43_set_pretbtt(struct b43_wldev *dev)
4236 /* The time value is in microseconds. */
4237 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4240 if (dev->phy.type == B43_PHYTYPE_A)
4245 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4246 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4249 /* Shutdown a wireless core */
4250 /* Locking: wl->mutex */
4251 static void b43_wireless_core_exit(struct b43_wldev *dev)
4255 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4256 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4259 /* Unregister HW RNG driver */
4260 b43_rng_exit(dev->wl);
4262 b43_set_status(dev, B43_STAT_UNINIT);
4264 /* Stop the microcode PSM. */
4265 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4266 macctl &= ~B43_MACCTL_PSM_RUN;
4267 macctl |= B43_MACCTL_PSM_JMP0;
4268 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4273 dev->phy.ops->switch_analog(dev, 0);
4274 if (dev->wl->current_beacon) {
4275 dev_kfree_skb_any(dev->wl->current_beacon);
4276 dev->wl->current_beacon = NULL;
4279 ssb_device_disable(dev->dev, 0);
4280 ssb_bus_may_powerdown(dev->dev->bus);
4283 /* Initialize a wireless core */
4284 static int b43_wireless_core_init(struct b43_wldev *dev)
4286 struct ssb_bus *bus = dev->dev->bus;
4287 struct ssb_sprom *sprom = &bus->sprom;
4288 struct b43_phy *phy = &dev->phy;
4293 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4295 err = ssb_bus_powerup(bus, 0);
4298 if (!ssb_device_is_enabled(dev->dev)) {
4299 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
4300 b43_wireless_core_reset(dev, tmp);
4303 /* Reset all data structures. */
4304 setup_struct_wldev_for_init(dev);
4305 phy->ops->prepare_structs(dev);
4307 /* Enable IRQ routing to this device. */
4308 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev);
4310 b43_imcfglo_timeouts_workaround(dev);
4311 b43_bluetooth_coext_disable(dev);
4312 if (phy->ops->prepare_hardware) {
4313 err = phy->ops->prepare_hardware(dev);
4317 err = b43_chip_init(dev);
4320 b43_shm_write16(dev, B43_SHM_SHARED,
4321 B43_SHM_SH_WLCOREREV, dev->dev->id.revision);
4322 hf = b43_hf_read(dev);
4323 if (phy->type == B43_PHYTYPE_G) {
4327 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4328 hf |= B43_HF_OFDMPABOOST;
4330 if (phy->radio_ver == 0x2050) {
4331 if (phy->radio_rev == 6)
4332 hf |= B43_HF_4318TSSI;
4333 if (phy->radio_rev < 6)
4334 hf |= B43_HF_VCORECALC;
4336 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4337 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4338 #ifdef CONFIG_SSB_DRIVER_PCICORE
4339 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4340 (bus->pcicore.dev->id.revision <= 10))
4341 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4343 hf &= ~B43_HF_SKCFPUP;
4344 b43_hf_write(dev, hf);
4346 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4347 B43_DEFAULT_LONG_RETRY_LIMIT);
4348 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4349 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4351 /* Disable sending probe responses from firmware.
4352 * Setting the MaxTime to one usec will always trigger
4353 * a timeout, so we never send any probe resp.
4354 * A timeout of zero is infinite. */
4355 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4357 b43_rate_memory_init(dev);
4358 b43_set_phytxctl_defaults(dev);
4360 /* Minimum Contention Window */
4361 if (phy->type == B43_PHYTYPE_B)
4362 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4364 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4365 /* Maximum Contention Window */
4366 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4368 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) ||
4369 (dev->dev->bus->bustype == SSB_BUSTYPE_SDIO) ||
4371 dev->__using_pio_transfers = 1;
4372 err = b43_pio_init(dev);
4374 dev->__using_pio_transfers = 0;
4375 err = b43_dma_init(dev);
4380 b43_set_synth_pu_delay(dev, 1);
4381 b43_bluetooth_coext_enable(dev);
4383 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4384 b43_upload_card_macaddress(dev);
4385 b43_security_init(dev);
4387 ieee80211_wake_queues(dev->wl->hw);
4389 b43_set_status(dev, B43_STAT_INITIALIZED);
4391 /* Register HW RNG driver */
4392 b43_rng_init(dev->wl);
4400 ssb_bus_may_powerdown(bus);
4401 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4405 static int b43_op_add_interface(struct ieee80211_hw *hw,
4406 struct ieee80211_vif *vif)
4408 struct b43_wl *wl = hw_to_b43_wl(hw);
4409 struct b43_wldev *dev;
4410 int err = -EOPNOTSUPP;
4412 /* TODO: allow WDS/AP devices to coexist */
4414 if (vif->type != NL80211_IFTYPE_AP &&
4415 vif->type != NL80211_IFTYPE_MESH_POINT &&
4416 vif->type != NL80211_IFTYPE_STATION &&
4417 vif->type != NL80211_IFTYPE_WDS &&
4418 vif->type != NL80211_IFTYPE_ADHOC)
4421 mutex_lock(&wl->mutex);
4423 goto out_mutex_unlock;
4425 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4427 dev = wl->current_dev;
4430 wl->if_type = vif->type;
4431 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4433 b43_adjust_opmode(dev);
4434 b43_set_pretbtt(dev);
4435 b43_set_synth_pu_delay(dev, 0);
4436 b43_upload_card_macaddress(dev);
4440 mutex_unlock(&wl->mutex);
4445 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4446 struct ieee80211_vif *vif)
4448 struct b43_wl *wl = hw_to_b43_wl(hw);
4449 struct b43_wldev *dev = wl->current_dev;
4451 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4453 mutex_lock(&wl->mutex);
4455 B43_WARN_ON(!wl->operating);
4456 B43_WARN_ON(wl->vif != vif);
4461 b43_adjust_opmode(dev);
4462 memset(wl->mac_addr, 0, ETH_ALEN);
4463 b43_upload_card_macaddress(dev);
4465 mutex_unlock(&wl->mutex);
4468 static int b43_op_start(struct ieee80211_hw *hw)
4470 struct b43_wl *wl = hw_to_b43_wl(hw);
4471 struct b43_wldev *dev = wl->current_dev;
4475 /* Kill all old instance specific information to make sure
4476 * the card won't use it in the short timeframe between start
4477 * and mac80211 reconfiguring it. */
4478 memset(wl->bssid, 0, ETH_ALEN);
4479 memset(wl->mac_addr, 0, ETH_ALEN);
4480 wl->filter_flags = 0;
4481 wl->radiotap_enabled = 0;
4483 wl->beacon0_uploaded = 0;
4484 wl->beacon1_uploaded = 0;
4485 wl->beacon_templates_virgin = 1;
4486 wl->radio_enabled = 1;
4488 mutex_lock(&wl->mutex);
4490 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4491 err = b43_wireless_core_init(dev);
4493 goto out_mutex_unlock;
4497 if (b43_status(dev) < B43_STAT_STARTED) {
4498 err = b43_wireless_core_start(dev);
4501 b43_wireless_core_exit(dev);
4502 goto out_mutex_unlock;
4506 /* XXX: only do if device doesn't support rfkill irq */
4507 wiphy_rfkill_start_polling(hw->wiphy);
4510 mutex_unlock(&wl->mutex);
4515 static void b43_op_stop(struct ieee80211_hw *hw)
4517 struct b43_wl *wl = hw_to_b43_wl(hw);
4518 struct b43_wldev *dev = wl->current_dev;
4520 cancel_work_sync(&(wl->beacon_update_trigger));
4522 mutex_lock(&wl->mutex);
4523 if (b43_status(dev) >= B43_STAT_STARTED) {
4524 dev = b43_wireless_core_stop(dev);
4528 b43_wireless_core_exit(dev);
4529 wl->radio_enabled = 0;
4532 mutex_unlock(&wl->mutex);
4534 cancel_work_sync(&(wl->txpower_adjust_work));
4537 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4538 struct ieee80211_sta *sta, bool set)
4540 struct b43_wl *wl = hw_to_b43_wl(hw);
4542 /* FIXME: add locking */
4543 b43_update_templates(wl);
4548 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4549 struct ieee80211_vif *vif,
4550 enum sta_notify_cmd notify_cmd,
4551 struct ieee80211_sta *sta)
4553 struct b43_wl *wl = hw_to_b43_wl(hw);
4555 B43_WARN_ON(!vif || wl->vif != vif);
4558 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4560 struct b43_wl *wl = hw_to_b43_wl(hw);
4561 struct b43_wldev *dev;
4563 mutex_lock(&wl->mutex);
4564 dev = wl->current_dev;
4565 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4566 /* Disable CFP update during scan on other channels. */
4567 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4569 mutex_unlock(&wl->mutex);
4572 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4574 struct b43_wl *wl = hw_to_b43_wl(hw);
4575 struct b43_wldev *dev;
4577 mutex_lock(&wl->mutex);
4578 dev = wl->current_dev;
4579 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4580 /* Re-enable CFP update. */
4581 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4583 mutex_unlock(&wl->mutex);
4586 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
4587 struct survey_info *survey)
4589 struct b43_wl *wl = hw_to_b43_wl(hw);
4590 struct b43_wldev *dev = wl->current_dev;
4591 struct ieee80211_conf *conf = &hw->conf;
4596 survey->channel = conf->channel;
4597 survey->filled = SURVEY_INFO_NOISE_DBM;
4598 survey->noise = dev->stats.link_noise;
4603 static const struct ieee80211_ops b43_hw_ops = {
4605 .conf_tx = b43_op_conf_tx,
4606 .add_interface = b43_op_add_interface,
4607 .remove_interface = b43_op_remove_interface,
4608 .config = b43_op_config,
4609 .bss_info_changed = b43_op_bss_info_changed,
4610 .configure_filter = b43_op_configure_filter,
4611 .set_key = b43_op_set_key,
4612 .update_tkip_key = b43_op_update_tkip_key,
4613 .get_stats = b43_op_get_stats,
4614 .get_tsf = b43_op_get_tsf,
4615 .set_tsf = b43_op_set_tsf,
4616 .start = b43_op_start,
4617 .stop = b43_op_stop,
4618 .set_tim = b43_op_beacon_set_tim,
4619 .sta_notify = b43_op_sta_notify,
4620 .sw_scan_start = b43_op_sw_scan_start_notifier,
4621 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4622 .get_survey = b43_op_get_survey,
4623 .rfkill_poll = b43_rfkill_poll,
4626 /* Hard-reset the chip. Do not call this directly.
4627 * Use b43_controller_restart()
4629 static void b43_chip_reset(struct work_struct *work)
4631 struct b43_wldev *dev =
4632 container_of(work, struct b43_wldev, restart_work);
4633 struct b43_wl *wl = dev->wl;
4637 mutex_lock(&wl->mutex);
4639 prev_status = b43_status(dev);
4640 /* Bring the device down... */
4641 if (prev_status >= B43_STAT_STARTED) {
4642 dev = b43_wireless_core_stop(dev);
4648 if (prev_status >= B43_STAT_INITIALIZED)
4649 b43_wireless_core_exit(dev);
4651 /* ...and up again. */
4652 if (prev_status >= B43_STAT_INITIALIZED) {
4653 err = b43_wireless_core_init(dev);
4657 if (prev_status >= B43_STAT_STARTED) {
4658 err = b43_wireless_core_start(dev);
4660 b43_wireless_core_exit(dev);
4666 wl->current_dev = NULL; /* Failed to init the dev. */
4667 mutex_unlock(&wl->mutex);
4669 b43err(wl, "Controller restart FAILED\n");
4671 b43info(wl, "Controller restarted\n");
4674 static int b43_setup_bands(struct b43_wldev *dev,
4675 bool have_2ghz_phy, bool have_5ghz_phy)
4677 struct ieee80211_hw *hw = dev->wl->hw;
4680 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4681 if (dev->phy.type == B43_PHYTYPE_N) {
4683 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4686 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4689 dev->phy.supports_2ghz = have_2ghz_phy;
4690 dev->phy.supports_5ghz = have_5ghz_phy;
4695 static void b43_wireless_core_detach(struct b43_wldev *dev)
4697 /* We release firmware that late to not be required to re-request
4698 * is all the time when we reinit the core. */
4699 b43_release_firmware(dev);
4703 static int b43_wireless_core_attach(struct b43_wldev *dev)
4705 struct b43_wl *wl = dev->wl;
4706 struct ssb_bus *bus = dev->dev->bus;
4707 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL;
4709 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4712 /* Do NOT do any device initialization here.
4713 * Do it in wireless_core_init() instead.
4714 * This function is for gathering basic information about the HW, only.
4715 * Also some structs may be set up here. But most likely you want to have
4716 * that in core_init(), too.
4719 err = ssb_bus_powerup(bus, 0);
4721 b43err(wl, "Bus powerup failed\n");
4724 /* Get the PHY type. */
4725 if (dev->dev->id.revision >= 5) {
4728 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
4729 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4730 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4734 dev->phy.gmode = have_2ghz_phy;
4735 dev->phy.radio_on = 1;
4736 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4737 b43_wireless_core_reset(dev, tmp);
4739 err = b43_phy_versioning(dev);
4742 /* Check if this device supports multiband. */
4744 (pdev->device != 0x4312 &&
4745 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4746 /* No multiband support. */
4749 switch (dev->phy.type) {
4753 case B43_PHYTYPE_LP: //FIXME not always!
4754 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4765 if (dev->phy.type == B43_PHYTYPE_A) {
4767 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4771 if (1 /* disable A-PHY */) {
4772 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4773 if (dev->phy.type != B43_PHYTYPE_N &&
4774 dev->phy.type != B43_PHYTYPE_LP) {
4780 err = b43_phy_allocate(dev);
4784 dev->phy.gmode = have_2ghz_phy;
4785 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4786 b43_wireless_core_reset(dev, tmp);
4788 err = b43_validate_chipaccess(dev);
4791 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4795 /* Now set some default "current_dev" */
4796 if (!wl->current_dev)
4797 wl->current_dev = dev;
4798 INIT_WORK(&dev->restart_work, b43_chip_reset);
4800 dev->phy.ops->switch_analog(dev, 0);
4801 ssb_device_disable(dev->dev, 0);
4802 ssb_bus_may_powerdown(bus);
4810 ssb_bus_may_powerdown(bus);
4814 static void b43_one_core_detach(struct ssb_device *dev)
4816 struct b43_wldev *wldev;
4819 /* Do not cancel ieee80211-workqueue based work here.
4820 * See comment in b43_remove(). */
4822 wldev = ssb_get_drvdata(dev);
4824 b43_debugfs_remove_device(wldev);
4825 b43_wireless_core_detach(wldev);
4826 list_del(&wldev->list);
4828 ssb_set_drvdata(dev, NULL);
4832 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4834 struct b43_wldev *wldev;
4835 struct pci_dev *pdev;
4838 if (!list_empty(&wl->devlist)) {
4839 /* We are not the first core on this chip. */
4840 pdev = (dev->bus->bustype == SSB_BUSTYPE_PCI) ? dev->bus->host_pci : NULL;
4841 /* Only special chips support more than one wireless
4842 * core, although some of the other chips have more than
4843 * one wireless core as well. Check for this and
4847 ((pdev->device != 0x4321) &&
4848 (pdev->device != 0x4313) && (pdev->device != 0x431A))) {
4849 b43dbg(wl, "Ignoring unconnected 802.11 core\n");
4854 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4858 wldev->use_pio = b43_modparam_pio;
4861 b43_set_status(wldev, B43_STAT_UNINIT);
4862 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4863 INIT_LIST_HEAD(&wldev->list);
4865 err = b43_wireless_core_attach(wldev);
4867 goto err_kfree_wldev;
4869 list_add(&wldev->list, &wl->devlist);
4871 ssb_set_drvdata(dev, wldev);
4872 b43_debugfs_add_device(wldev);
4882 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4883 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4884 (pdev->device == _device) && \
4885 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4886 (pdev->subsystem_device == _subdevice) )
4888 static void b43_sprom_fixup(struct ssb_bus *bus)
4890 struct pci_dev *pdev;
4892 /* boardflags workarounds */
4893 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4894 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4895 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4896 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4897 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4898 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4899 if (bus->bustype == SSB_BUSTYPE_PCI) {
4900 pdev = bus->host_pci;
4901 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4902 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4903 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4904 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4905 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4906 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4907 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4908 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4912 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4914 struct ieee80211_hw *hw = wl->hw;
4916 ssb_set_devtypedata(dev, NULL);
4917 ieee80211_free_hw(hw);
4920 static int b43_wireless_init(struct ssb_device *dev)
4922 struct ssb_sprom *sprom = &dev->bus->sprom;
4923 struct ieee80211_hw *hw;
4927 b43_sprom_fixup(dev->bus);
4929 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4931 b43err(NULL, "Could not allocate ieee80211 device\n");
4934 wl = hw_to_b43_wl(hw);
4937 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4938 IEEE80211_HW_SIGNAL_DBM;
4940 hw->wiphy->interface_modes =
4941 BIT(NL80211_IFTYPE_AP) |
4942 BIT(NL80211_IFTYPE_MESH_POINT) |
4943 BIT(NL80211_IFTYPE_STATION) |
4944 BIT(NL80211_IFTYPE_WDS) |
4945 BIT(NL80211_IFTYPE_ADHOC);
4947 hw->queues = modparam_qos ? 4 : 1;
4948 wl->mac80211_initially_registered_queues = hw->queues;
4950 SET_IEEE80211_DEV(hw, dev->dev);
4951 if (is_valid_ether_addr(sprom->et1mac))
4952 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4954 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4956 /* Initialize struct b43_wl */
4958 mutex_init(&wl->mutex);
4959 spin_lock_init(&wl->hardirq_lock);
4960 INIT_LIST_HEAD(&wl->devlist);
4961 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4962 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4963 INIT_WORK(&wl->tx_work, b43_tx_work);
4964 skb_queue_head_init(&wl->tx_queue);
4966 ssb_set_devtypedata(dev, wl);
4967 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
4968 dev->bus->chip_id, dev->id.revision);
4974 static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4980 wl = ssb_get_devtypedata(dev);
4982 /* Probing the first core. Must setup common struct b43_wl */
4984 err = b43_wireless_init(dev);
4987 wl = ssb_get_devtypedata(dev);
4990 err = b43_one_core_attach(dev, wl);
4992 goto err_wireless_exit;
4995 err = ieee80211_register_hw(wl->hw);
4997 goto err_one_core_detach;
4998 b43_leds_register(wl->current_dev);
5004 err_one_core_detach:
5005 b43_one_core_detach(dev);
5008 b43_wireless_exit(dev, wl);
5012 static void b43_remove(struct ssb_device *dev)
5014 struct b43_wl *wl = ssb_get_devtypedata(dev);
5015 struct b43_wldev *wldev = ssb_get_drvdata(dev);
5017 /* We must cancel any work here before unregistering from ieee80211,
5018 * as the ieee80211 unreg will destroy the workqueue. */
5019 cancel_work_sync(&wldev->restart_work);
5022 if (wl->current_dev == wldev) {
5023 /* Restore the queues count before unregistering, because firmware detect
5024 * might have modified it. Restoring is important, so the networking
5025 * stack can properly free resources. */
5026 wl->hw->queues = wl->mac80211_initially_registered_queues;
5027 b43_leds_stop(wldev);
5028 ieee80211_unregister_hw(wl->hw);
5031 b43_one_core_detach(dev);
5033 if (list_empty(&wl->devlist)) {
5034 b43_leds_unregister(wl);
5035 /* Last core on the chip unregistered.
5036 * We can destroy common struct b43_wl.
5038 b43_wireless_exit(dev, wl);
5042 /* Perform a hardware reset. This can be called from any context. */
5043 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5045 /* Must avoid requeueing, if we are in shutdown. */
5046 if (b43_status(dev) < B43_STAT_INITIALIZED)
5048 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5049 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5052 static struct ssb_driver b43_ssb_driver = {
5053 .name = KBUILD_MODNAME,
5054 .id_table = b43_ssb_tbl,
5056 .remove = b43_remove,
5059 static void b43_print_driverinfo(void)
5061 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5062 *feat_leds = "", *feat_sdio = "";
5064 #ifdef CONFIG_B43_PCI_AUTOSELECT
5067 #ifdef CONFIG_B43_PCMCIA
5070 #ifdef CONFIG_B43_NPHY
5073 #ifdef CONFIG_B43_LEDS
5076 #ifdef CONFIG_B43_SDIO
5079 printk(KERN_INFO "Broadcom 43xx driver loaded "
5080 "[ Features: %s%s%s%s%s, Firmware-ID: "
5081 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5082 feat_pci, feat_pcmcia, feat_nphy,
5083 feat_leds, feat_sdio);
5086 static int __init b43_init(void)
5091 err = b43_pcmcia_init();
5094 err = b43_sdio_init();
5096 goto err_pcmcia_exit;
5097 err = ssb_driver_register(&b43_ssb_driver);
5100 b43_print_driverinfo();
5113 static void __exit b43_exit(void)
5115 ssb_driver_unregister(&b43_ssb_driver);
5121 module_init(b43_init)
5122 module_exit(b43_exit)
git.openpandora.org / pandora-kernel.git / blob