3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14 Some parts of the code in this file are derived from the ipw2200
15 driver Copyright(c) 2003 - 2004 Intel Corporation.
17 This program is free software; you can redistribute it and/or modify
18 it under the terms of the GNU General Public License as published by
19 the Free Software Foundation; either version 2 of the License, or
20 (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; see the file COPYING. If not, write to
29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
30 Boston, MA 02110-1301, USA.
34 #include <linux/delay.h>
35 #include <linux/init.h>
36 #include <linux/moduleparam.h>
37 #include <linux/if_arp.h>
38 #include <linux/etherdevice.h>
39 #include <linux/firmware.h>
40 #include <linux/wireless.h>
41 #include <linux/workqueue.h>
42 #include <linux/skbuff.h>
44 #include <linux/dma-mapping.h>
45 #include <linux/slab.h>
46 #include <asm/unaligned.h>
51 #include "phy_common.h"
61 #include <linux/mmc/sdio_func.h>
63 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64 MODULE_AUTHOR("Martin Langer");
65 MODULE_AUTHOR("Stefano Brivio");
66 MODULE_AUTHOR("Michael Buesch");
67 MODULE_AUTHOR("Gábor Stefanik");
68 MODULE_LICENSE("GPL");
70 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
71 MODULE_FIRMWARE("b43/ucode11.fw");
72 MODULE_FIRMWARE("b43/ucode13.fw");
73 MODULE_FIRMWARE("b43/ucode14.fw");
74 MODULE_FIRMWARE("b43/ucode15.fw");
75 MODULE_FIRMWARE("b43/ucode16_mimo.fw");
76 MODULE_FIRMWARE("b43/ucode5.fw");
77 MODULE_FIRMWARE("b43/ucode9.fw");
79 static int modparam_bad_frames_preempt;
80 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
81 MODULE_PARM_DESC(bad_frames_preempt,
82 "enable(1) / disable(0) Bad Frames Preemption");
84 static char modparam_fwpostfix[16];
85 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
86 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
88 static int modparam_hwpctl;
89 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
90 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
92 static int modparam_nohwcrypt;
93 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
94 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
96 static int modparam_hwtkip;
97 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
98 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
100 static int modparam_qos = 1;
101 module_param_named(qos, modparam_qos, int, 0444);
102 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
104 static int modparam_btcoex = 1;
105 module_param_named(btcoex, modparam_btcoex, int, 0444);
106 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
108 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
109 module_param_named(verbose, b43_modparam_verbose, int, 0644);
110 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
112 static int b43_modparam_pio = B43_PIO_DEFAULT;
113 module_param_named(pio, b43_modparam_pio, int, 0644);
114 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
116 #ifdef CONFIG_B43_BCMA
117 static const struct bcma_device_id b43_bcma_tbl[] = {
118 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS),
119 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS),
120 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS),
123 MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl);
126 static const struct ssb_device_id b43_ssb_tbl[] = {
127 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
128 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
129 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
130 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
131 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
132 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
133 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
134 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
135 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
136 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
140 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
142 /* Channel and ratetables are shared for all devices.
143 * They can't be const, because ieee80211 puts some precalculated
144 * data in there. This data is the same for all devices, so we don't
145 * get concurrency issues */
146 #define RATETAB_ENT(_rateid, _flags) \
148 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
149 .hw_value = (_rateid), \
154 * NOTE: When changing this, sync with xmit.c's
155 * b43_plcp_get_bitrate_idx_* functions!
157 static struct ieee80211_rate __b43_ratetable[] = {
158 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
159 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
160 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
161 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
162 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
163 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
164 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
165 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
166 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
167 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
168 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
169 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
172 #define b43_a_ratetable (__b43_ratetable + 4)
173 #define b43_a_ratetable_size 8
174 #define b43_b_ratetable (__b43_ratetable + 0)
175 #define b43_b_ratetable_size 4
176 #define b43_g_ratetable (__b43_ratetable + 0)
177 #define b43_g_ratetable_size 12
179 #define CHAN4G(_channel, _freq, _flags) { \
180 .band = IEEE80211_BAND_2GHZ, \
181 .center_freq = (_freq), \
182 .hw_value = (_channel), \
184 .max_antenna_gain = 0, \
187 static struct ieee80211_channel b43_2ghz_chantable[] = {
205 #define CHAN5G(_channel, _flags) { \
206 .band = IEEE80211_BAND_5GHZ, \
207 .center_freq = 5000 + (5 * (_channel)), \
208 .hw_value = (_channel), \
210 .max_antenna_gain = 0, \
213 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
214 CHAN5G(32, 0), CHAN5G(34, 0),
215 CHAN5G(36, 0), CHAN5G(38, 0),
216 CHAN5G(40, 0), CHAN5G(42, 0),
217 CHAN5G(44, 0), CHAN5G(46, 0),
218 CHAN5G(48, 0), CHAN5G(50, 0),
219 CHAN5G(52, 0), CHAN5G(54, 0),
220 CHAN5G(56, 0), CHAN5G(58, 0),
221 CHAN5G(60, 0), CHAN5G(62, 0),
222 CHAN5G(64, 0), CHAN5G(66, 0),
223 CHAN5G(68, 0), CHAN5G(70, 0),
224 CHAN5G(72, 0), CHAN5G(74, 0),
225 CHAN5G(76, 0), CHAN5G(78, 0),
226 CHAN5G(80, 0), CHAN5G(82, 0),
227 CHAN5G(84, 0), CHAN5G(86, 0),
228 CHAN5G(88, 0), CHAN5G(90, 0),
229 CHAN5G(92, 0), CHAN5G(94, 0),
230 CHAN5G(96, 0), CHAN5G(98, 0),
231 CHAN5G(100, 0), CHAN5G(102, 0),
232 CHAN5G(104, 0), CHAN5G(106, 0),
233 CHAN5G(108, 0), CHAN5G(110, 0),
234 CHAN5G(112, 0), CHAN5G(114, 0),
235 CHAN5G(116, 0), CHAN5G(118, 0),
236 CHAN5G(120, 0), CHAN5G(122, 0),
237 CHAN5G(124, 0), CHAN5G(126, 0),
238 CHAN5G(128, 0), CHAN5G(130, 0),
239 CHAN5G(132, 0), CHAN5G(134, 0),
240 CHAN5G(136, 0), CHAN5G(138, 0),
241 CHAN5G(140, 0), CHAN5G(142, 0),
242 CHAN5G(144, 0), CHAN5G(145, 0),
243 CHAN5G(146, 0), CHAN5G(147, 0),
244 CHAN5G(148, 0), CHAN5G(149, 0),
245 CHAN5G(150, 0), CHAN5G(151, 0),
246 CHAN5G(152, 0), CHAN5G(153, 0),
247 CHAN5G(154, 0), CHAN5G(155, 0),
248 CHAN5G(156, 0), CHAN5G(157, 0),
249 CHAN5G(158, 0), CHAN5G(159, 0),
250 CHAN5G(160, 0), CHAN5G(161, 0),
251 CHAN5G(162, 0), CHAN5G(163, 0),
252 CHAN5G(164, 0), CHAN5G(165, 0),
253 CHAN5G(166, 0), CHAN5G(168, 0),
254 CHAN5G(170, 0), CHAN5G(172, 0),
255 CHAN5G(174, 0), CHAN5G(176, 0),
256 CHAN5G(178, 0), CHAN5G(180, 0),
257 CHAN5G(182, 0), CHAN5G(184, 0),
258 CHAN5G(186, 0), CHAN5G(188, 0),
259 CHAN5G(190, 0), CHAN5G(192, 0),
260 CHAN5G(194, 0), CHAN5G(196, 0),
261 CHAN5G(198, 0), CHAN5G(200, 0),
262 CHAN5G(202, 0), CHAN5G(204, 0),
263 CHAN5G(206, 0), CHAN5G(208, 0),
264 CHAN5G(210, 0), CHAN5G(212, 0),
265 CHAN5G(214, 0), CHAN5G(216, 0),
266 CHAN5G(218, 0), CHAN5G(220, 0),
267 CHAN5G(222, 0), CHAN5G(224, 0),
268 CHAN5G(226, 0), CHAN5G(228, 0),
271 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
272 CHAN5G(34, 0), CHAN5G(36, 0),
273 CHAN5G(38, 0), CHAN5G(40, 0),
274 CHAN5G(42, 0), CHAN5G(44, 0),
275 CHAN5G(46, 0), CHAN5G(48, 0),
276 CHAN5G(52, 0), CHAN5G(56, 0),
277 CHAN5G(60, 0), CHAN5G(64, 0),
278 CHAN5G(100, 0), CHAN5G(104, 0),
279 CHAN5G(108, 0), CHAN5G(112, 0),
280 CHAN5G(116, 0), CHAN5G(120, 0),
281 CHAN5G(124, 0), CHAN5G(128, 0),
282 CHAN5G(132, 0), CHAN5G(136, 0),
283 CHAN5G(140, 0), CHAN5G(149, 0),
284 CHAN5G(153, 0), CHAN5G(157, 0),
285 CHAN5G(161, 0), CHAN5G(165, 0),
286 CHAN5G(184, 0), CHAN5G(188, 0),
287 CHAN5G(192, 0), CHAN5G(196, 0),
288 CHAN5G(200, 0), CHAN5G(204, 0),
289 CHAN5G(208, 0), CHAN5G(212, 0),
294 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
295 .band = IEEE80211_BAND_5GHZ,
296 .channels = b43_5ghz_nphy_chantable,
297 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
298 .bitrates = b43_a_ratetable,
299 .n_bitrates = b43_a_ratetable_size,
302 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
303 .band = IEEE80211_BAND_5GHZ,
304 .channels = b43_5ghz_aphy_chantable,
305 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
306 .bitrates = b43_a_ratetable,
307 .n_bitrates = b43_a_ratetable_size,
310 static struct ieee80211_supported_band b43_band_2GHz = {
311 .band = IEEE80211_BAND_2GHZ,
312 .channels = b43_2ghz_chantable,
313 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
314 .bitrates = b43_g_ratetable,
315 .n_bitrates = b43_g_ratetable_size,
318 static void b43_wireless_core_exit(struct b43_wldev *dev);
319 static int b43_wireless_core_init(struct b43_wldev *dev);
320 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
321 static int b43_wireless_core_start(struct b43_wldev *dev);
323 static int b43_ratelimit(struct b43_wl *wl)
325 if (!wl || !wl->current_dev)
327 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
329 /* We are up and running.
330 * Ratelimit the messages to avoid DoS over the net. */
331 return net_ratelimit();
334 void b43info(struct b43_wl *wl, const char *fmt, ...)
336 struct va_format vaf;
339 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
341 if (!b43_ratelimit(wl))
349 printk(KERN_INFO "b43-%s: %pV",
350 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
355 void b43err(struct b43_wl *wl, const char *fmt, ...)
357 struct va_format vaf;
360 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
362 if (!b43_ratelimit(wl))
370 printk(KERN_ERR "b43-%s ERROR: %pV",
371 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
376 void b43warn(struct b43_wl *wl, const char *fmt, ...)
378 struct va_format vaf;
381 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
383 if (!b43_ratelimit(wl))
391 printk(KERN_WARNING "b43-%s warning: %pV",
392 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
397 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
399 struct va_format vaf;
402 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
410 printk(KERN_DEBUG "b43-%s debug: %pV",
411 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
416 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
420 B43_WARN_ON(offset % 4 != 0);
422 macctl = b43_read32(dev, B43_MMIO_MACCTL);
423 if (macctl & B43_MACCTL_BE)
426 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
428 b43_write32(dev, B43_MMIO_RAM_DATA, val);
431 static inline void b43_shm_control_word(struct b43_wldev *dev,
432 u16 routing, u16 offset)
436 /* "offset" is the WORD offset. */
440 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
443 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
447 if (routing == B43_SHM_SHARED) {
448 B43_WARN_ON(offset & 0x0001);
449 if (offset & 0x0003) {
450 /* Unaligned access */
451 b43_shm_control_word(dev, routing, offset >> 2);
452 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
453 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
454 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
460 b43_shm_control_word(dev, routing, offset);
461 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
466 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
470 if (routing == B43_SHM_SHARED) {
471 B43_WARN_ON(offset & 0x0001);
472 if (offset & 0x0003) {
473 /* Unaligned access */
474 b43_shm_control_word(dev, routing, offset >> 2);
475 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
481 b43_shm_control_word(dev, routing, offset);
482 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
487 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
489 if (routing == B43_SHM_SHARED) {
490 B43_WARN_ON(offset & 0x0001);
491 if (offset & 0x0003) {
492 /* Unaligned access */
493 b43_shm_control_word(dev, routing, offset >> 2);
494 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
496 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
497 b43_write16(dev, B43_MMIO_SHM_DATA,
498 (value >> 16) & 0xFFFF);
503 b43_shm_control_word(dev, routing, offset);
504 b43_write32(dev, B43_MMIO_SHM_DATA, value);
507 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
509 if (routing == B43_SHM_SHARED) {
510 B43_WARN_ON(offset & 0x0001);
511 if (offset & 0x0003) {
512 /* Unaligned access */
513 b43_shm_control_word(dev, routing, offset >> 2);
514 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
519 b43_shm_control_word(dev, routing, offset);
520 b43_write16(dev, B43_MMIO_SHM_DATA, value);
524 u64 b43_hf_read(struct b43_wldev *dev)
528 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
530 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
532 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
537 /* Write HostFlags */
538 void b43_hf_write(struct b43_wldev *dev, u64 value)
542 lo = (value & 0x00000000FFFFULL);
543 mi = (value & 0x0000FFFF0000ULL) >> 16;
544 hi = (value & 0xFFFF00000000ULL) >> 32;
545 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
546 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
547 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
550 /* Read the firmware capabilities bitmask (Opensource firmware only) */
551 static u16 b43_fwcapa_read(struct b43_wldev *dev)
553 B43_WARN_ON(!dev->fw.opensource);
554 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
557 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
561 B43_WARN_ON(dev->dev->core_rev < 3);
563 /* The hardware guarantees us an atomic read, if we
564 * read the low register first. */
565 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
566 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
573 static void b43_time_lock(struct b43_wldev *dev)
577 macctl = b43_read32(dev, B43_MMIO_MACCTL);
578 macctl |= B43_MACCTL_TBTTHOLD;
579 b43_write32(dev, B43_MMIO_MACCTL, macctl);
580 /* Commit the write */
581 b43_read32(dev, B43_MMIO_MACCTL);
584 static void b43_time_unlock(struct b43_wldev *dev)
588 macctl = b43_read32(dev, B43_MMIO_MACCTL);
589 macctl &= ~B43_MACCTL_TBTTHOLD;
590 b43_write32(dev, B43_MMIO_MACCTL, macctl);
591 /* Commit the write */
592 b43_read32(dev, B43_MMIO_MACCTL);
595 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
599 B43_WARN_ON(dev->dev->core_rev < 3);
603 /* The hardware guarantees us an atomic write, if we
604 * write the low register first. */
605 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
607 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
611 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
614 b43_tsf_write_locked(dev, tsf);
615 b43_time_unlock(dev);
619 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
621 static const u8 zero_addr[ETH_ALEN] = { 0 };
628 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
632 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
635 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
638 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
641 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
645 u8 mac_bssid[ETH_ALEN * 2];
649 bssid = dev->wl->bssid;
650 mac = dev->wl->mac_addr;
652 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
654 memcpy(mac_bssid, mac, ETH_ALEN);
655 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
657 /* Write our MAC address and BSSID to template ram */
658 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
659 tmp = (u32) (mac_bssid[i + 0]);
660 tmp |= (u32) (mac_bssid[i + 1]) << 8;
661 tmp |= (u32) (mac_bssid[i + 2]) << 16;
662 tmp |= (u32) (mac_bssid[i + 3]) << 24;
663 b43_ram_write(dev, 0x20 + i, tmp);
667 static void b43_upload_card_macaddress(struct b43_wldev *dev)
669 b43_write_mac_bssid_templates(dev);
670 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
673 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
675 /* slot_time is in usec. */
676 /* This test used to exit for all but a G PHY. */
677 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
679 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
680 /* Shared memory location 0x0010 is the slot time and should be
681 * set to slot_time; however, this register is initially 0 and changing
682 * the value adversely affects the transmit rate for BCM4311
683 * devices. Until this behavior is unterstood, delete this step
685 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
689 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
691 b43_set_slot_time(dev, 9);
694 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
696 b43_set_slot_time(dev, 20);
699 /* DummyTransmission function, as documented on
700 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
702 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
704 struct b43_phy *phy = &dev->phy;
705 unsigned int i, max_loop;
717 buffer[0] = 0x000201CC;
720 buffer[0] = 0x000B846E;
723 for (i = 0; i < 5; i++)
724 b43_ram_write(dev, i * 4, buffer[i]);
726 b43_write16(dev, 0x0568, 0x0000);
727 if (dev->dev->core_rev < 11)
728 b43_write16(dev, 0x07C0, 0x0000);
730 b43_write16(dev, 0x07C0, 0x0100);
731 value = (ofdm ? 0x41 : 0x40);
732 b43_write16(dev, 0x050C, value);
733 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
734 b43_write16(dev, 0x0514, 0x1A02);
735 b43_write16(dev, 0x0508, 0x0000);
736 b43_write16(dev, 0x050A, 0x0000);
737 b43_write16(dev, 0x054C, 0x0000);
738 b43_write16(dev, 0x056A, 0x0014);
739 b43_write16(dev, 0x0568, 0x0826);
740 b43_write16(dev, 0x0500, 0x0000);
741 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
747 b43_write16(dev, 0x0502, 0x00D0);
750 b43_write16(dev, 0x0502, 0x0050);
753 b43_write16(dev, 0x0502, 0x0030);
756 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
757 b43_radio_write16(dev, 0x0051, 0x0017);
758 for (i = 0x00; i < max_loop; i++) {
759 value = b43_read16(dev, 0x050E);
764 for (i = 0x00; i < 0x0A; i++) {
765 value = b43_read16(dev, 0x050E);
770 for (i = 0x00; i < 0x19; i++) {
771 value = b43_read16(dev, 0x0690);
772 if (!(value & 0x0100))
776 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
777 b43_radio_write16(dev, 0x0051, 0x0037);
780 static void key_write(struct b43_wldev *dev,
781 u8 index, u8 algorithm, const u8 *key)
788 /* Key index/algo block */
789 kidx = b43_kidx_to_fw(dev, index);
790 value = ((kidx << 4) | algorithm);
791 b43_shm_write16(dev, B43_SHM_SHARED,
792 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
794 /* Write the key to the Key Table Pointer offset */
795 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
796 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
798 value |= (u16) (key[i + 1]) << 8;
799 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
803 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
805 u32 addrtmp[2] = { 0, 0, };
806 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
808 if (b43_new_kidx_api(dev))
809 pairwise_keys_start = B43_NR_GROUP_KEYS;
811 B43_WARN_ON(index < pairwise_keys_start);
812 /* We have four default TX keys and possibly four default RX keys.
813 * Physical mac 0 is mapped to physical key 4 or 8, depending
814 * on the firmware version.
815 * So we must adjust the index here.
817 index -= pairwise_keys_start;
818 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
821 addrtmp[0] = addr[0];
822 addrtmp[0] |= ((u32) (addr[1]) << 8);
823 addrtmp[0] |= ((u32) (addr[2]) << 16);
824 addrtmp[0] |= ((u32) (addr[3]) << 24);
825 addrtmp[1] = addr[4];
826 addrtmp[1] |= ((u32) (addr[5]) << 8);
829 /* Receive match transmitter address (RCMTA) mechanism */
830 b43_shm_write32(dev, B43_SHM_RCMTA,
831 (index * 2) + 0, addrtmp[0]);
832 b43_shm_write16(dev, B43_SHM_RCMTA,
833 (index * 2) + 1, addrtmp[1]);
836 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
837 * When a packet is received, the iv32 is checked.
838 * - if it doesn't the packet is returned without modification (and software
839 * decryption can be done). That's what happen when iv16 wrap.
840 * - if it does, the rc4 key is computed, and decryption is tried.
841 * Either it will success and B43_RX_MAC_DEC is returned,
842 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
843 * and the packet is not usable (it got modified by the ucode).
844 * So in order to never have B43_RX_MAC_DECERR, we should provide
845 * a iv32 and phase1key that match. Because we drop packets in case of
846 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
847 * packets will be lost without higher layer knowing (ie no resync possible
850 * NOTE : this should support 50 key like RCMTA because
851 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
853 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
858 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
860 if (!modparam_hwtkip)
863 if (b43_new_kidx_api(dev))
864 pairwise_keys_start = B43_NR_GROUP_KEYS;
866 B43_WARN_ON(index < pairwise_keys_start);
867 /* We have four default TX keys and possibly four default RX keys.
868 * Physical mac 0 is mapped to physical key 4 or 8, depending
869 * on the firmware version.
870 * So we must adjust the index here.
872 index -= pairwise_keys_start;
873 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
875 if (b43_debug(dev, B43_DBG_KEYS)) {
876 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
879 /* Write the key to the RX tkip shared mem */
880 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
881 for (i = 0; i < 10; i += 2) {
882 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
883 phase1key ? phase1key[i / 2] : 0);
885 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
886 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
889 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
890 struct ieee80211_vif *vif,
891 struct ieee80211_key_conf *keyconf,
892 struct ieee80211_sta *sta,
893 u32 iv32, u16 *phase1key)
895 struct b43_wl *wl = hw_to_b43_wl(hw);
896 struct b43_wldev *dev;
897 int index = keyconf->hw_key_idx;
899 if (B43_WARN_ON(!modparam_hwtkip))
902 /* This is only called from the RX path through mac80211, where
903 * our mutex is already locked. */
904 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
905 dev = wl->current_dev;
906 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
908 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
910 rx_tkip_phase1_write(dev, index, iv32, phase1key);
911 /* only pairwise TKIP keys are supported right now */
914 keymac_write(dev, index, sta->addr);
917 static void do_key_write(struct b43_wldev *dev,
918 u8 index, u8 algorithm,
919 const u8 *key, size_t key_len, const u8 *mac_addr)
921 u8 buf[B43_SEC_KEYSIZE] = { 0, };
922 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
924 if (b43_new_kidx_api(dev))
925 pairwise_keys_start = B43_NR_GROUP_KEYS;
927 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
928 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
930 if (index >= pairwise_keys_start)
931 keymac_write(dev, index, NULL); /* First zero out mac. */
932 if (algorithm == B43_SEC_ALGO_TKIP) {
934 * We should provide an initial iv32, phase1key pair.
935 * We could start with iv32=0 and compute the corresponding
936 * phase1key, but this means calling ieee80211_get_tkip_key
937 * with a fake skb (or export other tkip function).
938 * Because we are lazy we hope iv32 won't start with
939 * 0xffffffff and let's b43_op_update_tkip_key provide a
942 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
943 } else if (index >= pairwise_keys_start) /* clear it */
944 rx_tkip_phase1_write(dev, index, 0, NULL);
946 memcpy(buf, key, key_len);
947 key_write(dev, index, algorithm, buf);
948 if (index >= pairwise_keys_start)
949 keymac_write(dev, index, mac_addr);
951 dev->key[index].algorithm = algorithm;
954 static int b43_key_write(struct b43_wldev *dev,
955 int index, u8 algorithm,
956 const u8 *key, size_t key_len,
958 struct ieee80211_key_conf *keyconf)
961 int pairwise_keys_start;
963 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
964 * - Temporal Encryption Key (128 bits)
965 * - Temporal Authenticator Tx MIC Key (64 bits)
966 * - Temporal Authenticator Rx MIC Key (64 bits)
968 * Hardware only store TEK
970 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
972 if (key_len > B43_SEC_KEYSIZE)
974 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
975 /* Check that we don't already have this key. */
976 B43_WARN_ON(dev->key[i].keyconf == keyconf);
979 /* Pairwise key. Get an empty slot for the key. */
980 if (b43_new_kidx_api(dev))
981 pairwise_keys_start = B43_NR_GROUP_KEYS;
983 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
984 for (i = pairwise_keys_start;
985 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
987 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
988 if (!dev->key[i].keyconf) {
995 b43warn(dev->wl, "Out of hardware key memory\n");
999 B43_WARN_ON(index > 3);
1001 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
1002 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1003 /* Default RX key */
1004 B43_WARN_ON(mac_addr);
1005 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
1007 keyconf->hw_key_idx = index;
1008 dev->key[index].keyconf = keyconf;
1013 static int b43_key_clear(struct b43_wldev *dev, int index)
1015 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1017 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1018 NULL, B43_SEC_KEYSIZE, NULL);
1019 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1020 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1021 NULL, B43_SEC_KEYSIZE, NULL);
1023 dev->key[index].keyconf = NULL;
1028 static void b43_clear_keys(struct b43_wldev *dev)
1032 if (b43_new_kidx_api(dev))
1033 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1035 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1036 for (i = 0; i < count; i++)
1037 b43_key_clear(dev, i);
1040 static void b43_dump_keymemory(struct b43_wldev *dev)
1042 unsigned int i, index, count, offset, pairwise_keys_start;
1048 struct b43_key *key;
1050 if (!b43_debug(dev, B43_DBG_KEYS))
1053 hf = b43_hf_read(dev);
1054 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1055 !!(hf & B43_HF_USEDEFKEYS));
1056 if (b43_new_kidx_api(dev)) {
1057 pairwise_keys_start = B43_NR_GROUP_KEYS;
1058 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1060 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1061 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1063 for (index = 0; index < count; index++) {
1064 key = &(dev->key[index]);
1065 printk(KERN_DEBUG "Key slot %02u: %s",
1066 index, (key->keyconf == NULL) ? " " : "*");
1067 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1068 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1069 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1070 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1073 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1074 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1075 printk(" Algo: %04X/%02X", algo, key->algorithm);
1077 if (index >= pairwise_keys_start) {
1078 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1080 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1081 for (i = 0; i < 14; i += 2) {
1082 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1083 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1086 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1087 ((index - pairwise_keys_start) * 2) + 0);
1088 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1089 ((index - pairwise_keys_start) * 2) + 1);
1090 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1091 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1092 printk(" MAC: %pM", mac);
1094 printk(" DEFAULT KEY");
1099 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1107 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1108 (ps_flags & B43_PS_DISABLED));
1109 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1111 if (ps_flags & B43_PS_ENABLED) {
1113 } else if (ps_flags & B43_PS_DISABLED) {
1116 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1117 // and thus is not an AP and we are associated, set bit 25
1119 if (ps_flags & B43_PS_AWAKE) {
1121 } else if (ps_flags & B43_PS_ASLEEP) {
1124 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1125 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1126 // successful, set bit26
1129 /* FIXME: For now we force awake-on and hwps-off */
1133 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1135 macctl |= B43_MACCTL_HWPS;
1137 macctl &= ~B43_MACCTL_HWPS;
1139 macctl |= B43_MACCTL_AWAKE;
1141 macctl &= ~B43_MACCTL_AWAKE;
1142 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1144 b43_read32(dev, B43_MMIO_MACCTL);
1145 if (awake && dev->dev->core_rev >= 5) {
1146 /* Wait for the microcode to wake up. */
1147 for (i = 0; i < 100; i++) {
1148 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1149 B43_SHM_SH_UCODESTAT);
1150 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1157 static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1159 struct ssb_device *sdev = dev->dev->sdev;
1164 flags |= B43_TMSLOW_GMODE;
1165 flags |= B43_TMSLOW_PHYCLKEN;
1166 flags |= B43_TMSLOW_PHYRESET;
1167 if (dev->phy.type == B43_PHYTYPE_N)
1168 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1169 b43_device_enable(dev, flags);
1170 msleep(2); /* Wait for the PLL to turn on. */
1172 /* Now take the PHY out of Reset again */
1173 tmslow = ssb_read32(sdev, SSB_TMSLOW);
1174 tmslow |= SSB_TMSLOW_FGC;
1175 tmslow &= ~B43_TMSLOW_PHYRESET;
1176 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1177 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1179 tmslow &= ~SSB_TMSLOW_FGC;
1180 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1181 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1185 void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1189 b43_ssb_wireless_core_reset(dev, gmode);
1191 /* Turn Analog ON, but only if we already know the PHY-type.
1192 * This protects against very early setup where we don't know the
1193 * PHY-type, yet. wireless_core_reset will be called once again later,
1194 * when we know the PHY-type. */
1196 dev->phy.ops->switch_analog(dev, 1);
1198 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1199 macctl &= ~B43_MACCTL_GMODE;
1201 macctl |= B43_MACCTL_GMODE;
1202 macctl |= B43_MACCTL_IHR_ENABLED;
1203 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1206 static void handle_irq_transmit_status(struct b43_wldev *dev)
1210 struct b43_txstatus stat;
1213 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1214 if (!(v0 & 0x00000001))
1216 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1218 stat.cookie = (v0 >> 16);
1219 stat.seq = (v1 & 0x0000FFFF);
1220 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1221 tmp = (v0 & 0x0000FFFF);
1222 stat.frame_count = ((tmp & 0xF000) >> 12);
1223 stat.rts_count = ((tmp & 0x0F00) >> 8);
1224 stat.supp_reason = ((tmp & 0x001C) >> 2);
1225 stat.pm_indicated = !!(tmp & 0x0080);
1226 stat.intermediate = !!(tmp & 0x0040);
1227 stat.for_ampdu = !!(tmp & 0x0020);
1228 stat.acked = !!(tmp & 0x0002);
1230 b43_handle_txstatus(dev, &stat);
1234 static void drain_txstatus_queue(struct b43_wldev *dev)
1238 if (dev->dev->core_rev < 5)
1240 /* Read all entries from the microcode TXstatus FIFO
1241 * and throw them away.
1244 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1245 if (!(dummy & 0x00000001))
1247 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1251 static u32 b43_jssi_read(struct b43_wldev *dev)
1255 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1257 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1262 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1264 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1265 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1268 static void b43_generate_noise_sample(struct b43_wldev *dev)
1270 b43_jssi_write(dev, 0x7F7F7F7F);
1271 b43_write32(dev, B43_MMIO_MACCMD,
1272 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1275 static void b43_calculate_link_quality(struct b43_wldev *dev)
1277 /* Top half of Link Quality calculation. */
1279 if (dev->phy.type != B43_PHYTYPE_G)
1281 if (dev->noisecalc.calculation_running)
1283 dev->noisecalc.calculation_running = 1;
1284 dev->noisecalc.nr_samples = 0;
1286 b43_generate_noise_sample(dev);
1289 static void handle_irq_noise(struct b43_wldev *dev)
1291 struct b43_phy_g *phy = dev->phy.g;
1297 /* Bottom half of Link Quality calculation. */
1299 if (dev->phy.type != B43_PHYTYPE_G)
1302 /* Possible race condition: It might be possible that the user
1303 * changed to a different channel in the meantime since we
1304 * started the calculation. We ignore that fact, since it's
1305 * not really that much of a problem. The background noise is
1306 * an estimation only anyway. Slightly wrong results will get damped
1307 * by the averaging of the 8 sample rounds. Additionally the
1308 * value is shortlived. So it will be replaced by the next noise
1309 * calculation round soon. */
1311 B43_WARN_ON(!dev->noisecalc.calculation_running);
1312 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1313 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1314 noise[2] == 0x7F || noise[3] == 0x7F)
1317 /* Get the noise samples. */
1318 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1319 i = dev->noisecalc.nr_samples;
1320 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1321 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1322 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1323 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1324 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1325 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1326 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1327 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1328 dev->noisecalc.nr_samples++;
1329 if (dev->noisecalc.nr_samples == 8) {
1330 /* Calculate the Link Quality by the noise samples. */
1332 for (i = 0; i < 8; i++) {
1333 for (j = 0; j < 4; j++)
1334 average += dev->noisecalc.samples[i][j];
1340 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1341 tmp = (tmp / 128) & 0x1F;
1351 dev->stats.link_noise = average;
1352 dev->noisecalc.calculation_running = 0;
1356 b43_generate_noise_sample(dev);
1359 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1361 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1364 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1365 b43_power_saving_ctl_bits(dev, 0);
1367 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1371 static void handle_irq_atim_end(struct b43_wldev *dev)
1373 if (dev->dfq_valid) {
1374 b43_write32(dev, B43_MMIO_MACCMD,
1375 b43_read32(dev, B43_MMIO_MACCMD)
1376 | B43_MACCMD_DFQ_VALID);
1381 static void handle_irq_pmq(struct b43_wldev *dev)
1388 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1389 if (!(tmp & 0x00000008))
1392 /* 16bit write is odd, but correct. */
1393 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1396 static void b43_write_template_common(struct b43_wldev *dev,
1397 const u8 *data, u16 size,
1399 u16 shm_size_offset, u8 rate)
1402 struct b43_plcp_hdr4 plcp;
1405 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1406 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1407 ram_offset += sizeof(u32);
1408 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1409 * So leave the first two bytes of the next write blank.
1411 tmp = (u32) (data[0]) << 16;
1412 tmp |= (u32) (data[1]) << 24;
1413 b43_ram_write(dev, ram_offset, tmp);
1414 ram_offset += sizeof(u32);
1415 for (i = 2; i < size; i += sizeof(u32)) {
1416 tmp = (u32) (data[i + 0]);
1418 tmp |= (u32) (data[i + 1]) << 8;
1420 tmp |= (u32) (data[i + 2]) << 16;
1422 tmp |= (u32) (data[i + 3]) << 24;
1423 b43_ram_write(dev, ram_offset + i - 2, tmp);
1425 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1426 size + sizeof(struct b43_plcp_hdr6));
1429 /* Check if the use of the antenna that ieee80211 told us to
1430 * use is possible. This will fall back to DEFAULT.
1431 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1432 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1437 if (antenna_nr == 0) {
1438 /* Zero means "use default antenna". That's always OK. */
1442 /* Get the mask of available antennas. */
1444 antenna_mask = dev->dev->bus_sprom->ant_available_bg;
1446 antenna_mask = dev->dev->bus_sprom->ant_available_a;
1448 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1449 /* This antenna is not available. Fall back to default. */
1456 /* Convert a b43 antenna number value to the PHY TX control value. */
1457 static u16 b43_antenna_to_phyctl(int antenna)
1461 return B43_TXH_PHY_ANT0;
1463 return B43_TXH_PHY_ANT1;
1465 return B43_TXH_PHY_ANT2;
1467 return B43_TXH_PHY_ANT3;
1468 case B43_ANTENNA_AUTO0:
1469 case B43_ANTENNA_AUTO1:
1470 return B43_TXH_PHY_ANT01AUTO;
1476 static void b43_write_beacon_template(struct b43_wldev *dev,
1478 u16 shm_size_offset)
1480 unsigned int i, len, variable_len;
1481 const struct ieee80211_mgmt *bcn;
1487 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1489 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1490 len = min((size_t) dev->wl->current_beacon->len,
1491 0x200 - sizeof(struct b43_plcp_hdr6));
1492 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1494 b43_write_template_common(dev, (const u8 *)bcn,
1495 len, ram_offset, shm_size_offset, rate);
1497 /* Write the PHY TX control parameters. */
1498 antenna = B43_ANTENNA_DEFAULT;
1499 antenna = b43_antenna_to_phyctl(antenna);
1500 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1501 /* We can't send beacons with short preamble. Would get PHY errors. */
1502 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1503 ctl &= ~B43_TXH_PHY_ANT;
1504 ctl &= ~B43_TXH_PHY_ENC;
1506 if (b43_is_cck_rate(rate))
1507 ctl |= B43_TXH_PHY_ENC_CCK;
1509 ctl |= B43_TXH_PHY_ENC_OFDM;
1510 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1512 /* Find the position of the TIM and the DTIM_period value
1513 * and write them to SHM. */
1514 ie = bcn->u.beacon.variable;
1515 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1516 for (i = 0; i < variable_len - 2; ) {
1517 uint8_t ie_id, ie_len;
1524 /* This is the TIM Information Element */
1526 /* Check whether the ie_len is in the beacon data range. */
1527 if (variable_len < ie_len + 2 + i)
1529 /* A valid TIM is at least 4 bytes long. */
1534 tim_position = sizeof(struct b43_plcp_hdr6);
1535 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1538 dtim_period = ie[i + 3];
1540 b43_shm_write16(dev, B43_SHM_SHARED,
1541 B43_SHM_SH_TIMBPOS, tim_position);
1542 b43_shm_write16(dev, B43_SHM_SHARED,
1543 B43_SHM_SH_DTIMPER, dtim_period);
1550 * If ucode wants to modify TIM do it behind the beacon, this
1551 * will happen, for example, when doing mesh networking.
1553 b43_shm_write16(dev, B43_SHM_SHARED,
1555 len + sizeof(struct b43_plcp_hdr6));
1556 b43_shm_write16(dev, B43_SHM_SHARED,
1557 B43_SHM_SH_DTIMPER, 0);
1559 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1562 static void b43_upload_beacon0(struct b43_wldev *dev)
1564 struct b43_wl *wl = dev->wl;
1566 if (wl->beacon0_uploaded)
1568 b43_write_beacon_template(dev, 0x68, 0x18);
1569 wl->beacon0_uploaded = 1;
1572 static void b43_upload_beacon1(struct b43_wldev *dev)
1574 struct b43_wl *wl = dev->wl;
1576 if (wl->beacon1_uploaded)
1578 b43_write_beacon_template(dev, 0x468, 0x1A);
1579 wl->beacon1_uploaded = 1;
1582 static void handle_irq_beacon(struct b43_wldev *dev)
1584 struct b43_wl *wl = dev->wl;
1585 u32 cmd, beacon0_valid, beacon1_valid;
1587 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1588 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1591 /* This is the bottom half of the asynchronous beacon update. */
1593 /* Ignore interrupt in the future. */
1594 dev->irq_mask &= ~B43_IRQ_BEACON;
1596 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1597 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1598 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1600 /* Schedule interrupt manually, if busy. */
1601 if (beacon0_valid && beacon1_valid) {
1602 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1603 dev->irq_mask |= B43_IRQ_BEACON;
1607 if (unlikely(wl->beacon_templates_virgin)) {
1608 /* We never uploaded a beacon before.
1609 * Upload both templates now, but only mark one valid. */
1610 wl->beacon_templates_virgin = 0;
1611 b43_upload_beacon0(dev);
1612 b43_upload_beacon1(dev);
1613 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1614 cmd |= B43_MACCMD_BEACON0_VALID;
1615 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1617 if (!beacon0_valid) {
1618 b43_upload_beacon0(dev);
1619 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1620 cmd |= B43_MACCMD_BEACON0_VALID;
1621 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1622 } else if (!beacon1_valid) {
1623 b43_upload_beacon1(dev);
1624 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1625 cmd |= B43_MACCMD_BEACON1_VALID;
1626 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1631 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1633 u32 old_irq_mask = dev->irq_mask;
1635 /* update beacon right away or defer to irq */
1636 handle_irq_beacon(dev);
1637 if (old_irq_mask != dev->irq_mask) {
1638 /* The handler updated the IRQ mask. */
1639 B43_WARN_ON(!dev->irq_mask);
1640 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1641 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1643 /* Device interrupts are currently disabled. That means
1644 * we just ran the hardirq handler and scheduled the
1645 * IRQ thread. The thread will write the IRQ mask when
1646 * it finished, so there's nothing to do here. Writing
1647 * the mask _here_ would incorrectly re-enable IRQs. */
1652 static void b43_beacon_update_trigger_work(struct work_struct *work)
1654 struct b43_wl *wl = container_of(work, struct b43_wl,
1655 beacon_update_trigger);
1656 struct b43_wldev *dev;
1658 mutex_lock(&wl->mutex);
1659 dev = wl->current_dev;
1660 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1661 if (b43_bus_host_is_sdio(dev->dev)) {
1662 /* wl->mutex is enough. */
1663 b43_do_beacon_update_trigger_work(dev);
1666 spin_lock_irq(&wl->hardirq_lock);
1667 b43_do_beacon_update_trigger_work(dev);
1669 spin_unlock_irq(&wl->hardirq_lock);
1672 mutex_unlock(&wl->mutex);
1675 /* Asynchronously update the packet templates in template RAM.
1676 * Locking: Requires wl->mutex to be locked. */
1677 static void b43_update_templates(struct b43_wl *wl)
1679 struct sk_buff *beacon;
1681 /* This is the top half of the ansynchronous beacon update.
1682 * The bottom half is the beacon IRQ.
1683 * Beacon update must be asynchronous to avoid sending an
1684 * invalid beacon. This can happen for example, if the firmware
1685 * transmits a beacon while we are updating it. */
1687 /* We could modify the existing beacon and set the aid bit in
1688 * the TIM field, but that would probably require resizing and
1689 * moving of data within the beacon template.
1690 * Simply request a new beacon and let mac80211 do the hard work. */
1691 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1692 if (unlikely(!beacon))
1695 if (wl->current_beacon)
1696 dev_kfree_skb_any(wl->current_beacon);
1697 wl->current_beacon = beacon;
1698 wl->beacon0_uploaded = 0;
1699 wl->beacon1_uploaded = 0;
1700 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1703 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1706 if (dev->dev->core_rev >= 3) {
1707 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1708 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1710 b43_write16(dev, 0x606, (beacon_int >> 6));
1711 b43_write16(dev, 0x610, beacon_int);
1713 b43_time_unlock(dev);
1714 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1717 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1721 /* Read the register that contains the reason code for the panic. */
1722 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1723 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1727 b43dbg(dev->wl, "The panic reason is unknown.\n");
1729 case B43_FWPANIC_DIE:
1730 /* Do not restart the controller or firmware.
1731 * The device is nonfunctional from now on.
1732 * Restarting would result in this panic to trigger again,
1733 * so we avoid that recursion. */
1735 case B43_FWPANIC_RESTART:
1736 b43_controller_restart(dev, "Microcode panic");
1741 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1743 unsigned int i, cnt;
1744 u16 reason, marker_id, marker_line;
1747 /* The proprietary firmware doesn't have this IRQ. */
1748 if (!dev->fw.opensource)
1751 /* Read the register that contains the reason code for this IRQ. */
1752 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1755 case B43_DEBUGIRQ_PANIC:
1756 b43_handle_firmware_panic(dev);
1758 case B43_DEBUGIRQ_DUMP_SHM:
1760 break; /* Only with driver debugging enabled. */
1761 buf = kmalloc(4096, GFP_ATOMIC);
1763 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1766 for (i = 0; i < 4096; i += 2) {
1767 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1768 buf[i / 2] = cpu_to_le16(tmp);
1770 b43info(dev->wl, "Shared memory dump:\n");
1771 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1772 16, 2, buf, 4096, 1);
1775 case B43_DEBUGIRQ_DUMP_REGS:
1777 break; /* Only with driver debugging enabled. */
1778 b43info(dev->wl, "Microcode register dump:\n");
1779 for (i = 0, cnt = 0; i < 64; i++) {
1780 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1783 printk("r%02u: 0x%04X ", i, tmp);
1792 case B43_DEBUGIRQ_MARKER:
1794 break; /* Only with driver debugging enabled. */
1795 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1797 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1798 B43_MARKER_LINE_REG);
1799 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1800 "at line number %u\n",
1801 marker_id, marker_line);
1804 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1808 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1809 b43_shm_write16(dev, B43_SHM_SCRATCH,
1810 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1813 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1816 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1817 u32 merged_dma_reason = 0;
1820 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1823 reason = dev->irq_reason;
1824 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1825 dma_reason[i] = dev->dma_reason[i];
1826 merged_dma_reason |= dma_reason[i];
1829 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1830 b43err(dev->wl, "MAC transmission error\n");
1832 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1833 b43err(dev->wl, "PHY transmission error\n");
1835 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1836 atomic_set(&dev->phy.txerr_cnt,
1837 B43_PHY_TX_BADNESS_LIMIT);
1838 b43err(dev->wl, "Too many PHY TX errors, "
1839 "restarting the controller\n");
1840 b43_controller_restart(dev, "PHY TX errors");
1844 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1845 B43_DMAIRQ_NONFATALMASK))) {
1846 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1847 b43err(dev->wl, "Fatal DMA error: "
1848 "0x%08X, 0x%08X, 0x%08X, "
1849 "0x%08X, 0x%08X, 0x%08X\n",
1850 dma_reason[0], dma_reason[1],
1851 dma_reason[2], dma_reason[3],
1852 dma_reason[4], dma_reason[5]);
1853 b43err(dev->wl, "This device does not support DMA "
1854 "on your system. It will now be switched to PIO.\n");
1855 /* Fall back to PIO transfers if we get fatal DMA errors! */
1857 b43_controller_restart(dev, "DMA error");
1860 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1861 b43err(dev->wl, "DMA error: "
1862 "0x%08X, 0x%08X, 0x%08X, "
1863 "0x%08X, 0x%08X, 0x%08X\n",
1864 dma_reason[0], dma_reason[1],
1865 dma_reason[2], dma_reason[3],
1866 dma_reason[4], dma_reason[5]);
1870 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1871 handle_irq_ucode_debug(dev);
1872 if (reason & B43_IRQ_TBTT_INDI)
1873 handle_irq_tbtt_indication(dev);
1874 if (reason & B43_IRQ_ATIM_END)
1875 handle_irq_atim_end(dev);
1876 if (reason & B43_IRQ_BEACON)
1877 handle_irq_beacon(dev);
1878 if (reason & B43_IRQ_PMQ)
1879 handle_irq_pmq(dev);
1880 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1882 if (reason & B43_IRQ_NOISESAMPLE_OK)
1883 handle_irq_noise(dev);
1885 /* Check the DMA reason registers for received data. */
1886 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1887 if (b43_using_pio_transfers(dev))
1888 b43_pio_rx(dev->pio.rx_queue);
1890 b43_dma_rx(dev->dma.rx_ring);
1892 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1893 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1894 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1895 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1896 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1898 if (reason & B43_IRQ_TX_OK)
1899 handle_irq_transmit_status(dev);
1901 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1902 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1905 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1907 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1908 if (reason & (1 << i))
1909 dev->irq_bit_count[i]++;
1915 /* Interrupt thread handler. Handles device interrupts in thread context. */
1916 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1918 struct b43_wldev *dev = dev_id;
1920 mutex_lock(&dev->wl->mutex);
1921 b43_do_interrupt_thread(dev);
1923 mutex_unlock(&dev->wl->mutex);
1928 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1932 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1933 * On SDIO, this runs under wl->mutex. */
1935 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1936 if (reason == 0xffffffff) /* shared IRQ */
1938 reason &= dev->irq_mask;
1942 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1944 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1946 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1948 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1950 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1953 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1957 /* ACK the interrupt. */
1958 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1959 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1960 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1961 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1962 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1963 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1965 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1968 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1969 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1970 /* Save the reason bitmasks for the IRQ thread handler. */
1971 dev->irq_reason = reason;
1973 return IRQ_WAKE_THREAD;
1976 /* Interrupt handler top-half. This runs with interrupts disabled. */
1977 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1979 struct b43_wldev *dev = dev_id;
1982 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1985 spin_lock(&dev->wl->hardirq_lock);
1986 ret = b43_do_interrupt(dev);
1988 spin_unlock(&dev->wl->hardirq_lock);
1993 /* SDIO interrupt handler. This runs in process context. */
1994 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
1996 struct b43_wl *wl = dev->wl;
1999 mutex_lock(&wl->mutex);
2001 ret = b43_do_interrupt(dev);
2002 if (ret == IRQ_WAKE_THREAD)
2003 b43_do_interrupt_thread(dev);
2005 mutex_unlock(&wl->mutex);
2008 void b43_do_release_fw(struct b43_firmware_file *fw)
2010 release_firmware(fw->data);
2012 fw->filename = NULL;
2015 static void b43_release_firmware(struct b43_wldev *dev)
2017 b43_do_release_fw(&dev->fw.ucode);
2018 b43_do_release_fw(&dev->fw.pcm);
2019 b43_do_release_fw(&dev->fw.initvals);
2020 b43_do_release_fw(&dev->fw.initvals_band);
2023 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2027 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
2028 "and download the correct firmware for this driver version. " \
2029 "Please carefully read all instructions on this website.\n";
2037 int b43_do_request_fw(struct b43_request_fw_context *ctx,
2039 struct b43_firmware_file *fw)
2041 const struct firmware *blob;
2042 struct b43_fw_header *hdr;
2047 /* Don't fetch anything. Free possibly cached firmware. */
2048 /* FIXME: We should probably keep it anyway, to save some headache
2049 * on suspend/resume with multiband devices. */
2050 b43_do_release_fw(fw);
2054 if ((fw->type == ctx->req_type) &&
2055 (strcmp(fw->filename, name) == 0))
2056 return 0; /* Already have this fw. */
2057 /* Free the cached firmware first. */
2058 /* FIXME: We should probably do this later after we successfully
2059 * got the new fw. This could reduce headache with multiband devices.
2060 * We could also redesign this to cache the firmware for all possible
2061 * bands all the time. */
2062 b43_do_release_fw(fw);
2065 switch (ctx->req_type) {
2066 case B43_FWTYPE_PROPRIETARY:
2067 snprintf(ctx->fwname, sizeof(ctx->fwname),
2069 modparam_fwpostfix, name);
2071 case B43_FWTYPE_OPENSOURCE:
2072 snprintf(ctx->fwname, sizeof(ctx->fwname),
2074 modparam_fwpostfix, name);
2080 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev);
2081 if (err == -ENOENT) {
2082 snprintf(ctx->errors[ctx->req_type],
2083 sizeof(ctx->errors[ctx->req_type]),
2084 "Firmware file \"%s\" not found\n", ctx->fwname);
2087 snprintf(ctx->errors[ctx->req_type],
2088 sizeof(ctx->errors[ctx->req_type]),
2089 "Firmware file \"%s\" request failed (err=%d)\n",
2093 if (blob->size < sizeof(struct b43_fw_header))
2095 hdr = (struct b43_fw_header *)(blob->data);
2096 switch (hdr->type) {
2097 case B43_FW_TYPE_UCODE:
2098 case B43_FW_TYPE_PCM:
2099 size = be32_to_cpu(hdr->size);
2100 if (size != blob->size - sizeof(struct b43_fw_header))
2103 case B43_FW_TYPE_IV:
2112 fw->filename = name;
2113 fw->type = ctx->req_type;
2118 snprintf(ctx->errors[ctx->req_type],
2119 sizeof(ctx->errors[ctx->req_type]),
2120 "Firmware file \"%s\" format error.\n", ctx->fwname);
2121 release_firmware(blob);
2126 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2128 struct b43_wldev *dev = ctx->dev;
2129 struct b43_firmware *fw = &ctx->dev->fw;
2130 const u8 rev = ctx->dev->dev->core_rev;
2131 const char *filename;
2136 if ((rev >= 5) && (rev <= 10))
2137 filename = "ucode5";
2138 else if ((rev >= 11) && (rev <= 12))
2139 filename = "ucode11";
2141 filename = "ucode13";
2143 filename = "ucode14";
2145 filename = "ucode15";
2146 else if ((rev >= 16) && (rev <= 20))
2147 filename = "ucode16_mimo";
2150 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2155 if ((rev >= 5) && (rev <= 10))
2161 fw->pcm_request_failed = 0;
2162 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2163 if (err == -ENOENT) {
2164 /* We did not find a PCM file? Not fatal, but
2165 * core rev <= 10 must do without hwcrypto then. */
2166 fw->pcm_request_failed = 1;
2171 switch (dev->phy.type) {
2173 if ((rev >= 5) && (rev <= 10)) {
2174 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2175 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2176 filename = "a0g1initvals5";
2178 filename = "a0g0initvals5";
2180 goto err_no_initvals;
2183 if ((rev >= 5) && (rev <= 10))
2184 filename = "b0g0initvals5";
2186 filename = "b0g0initvals13";
2188 goto err_no_initvals;
2192 filename = "n0initvals16";
2193 else if ((rev >= 11) && (rev <= 12))
2194 filename = "n0initvals11";
2196 goto err_no_initvals;
2198 case B43_PHYTYPE_LP:
2200 filename = "lp0initvals13";
2202 filename = "lp0initvals14";
2204 filename = "lp0initvals15";
2206 goto err_no_initvals;
2209 goto err_no_initvals;
2211 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2215 /* Get bandswitch initvals */
2216 switch (dev->phy.type) {
2218 if ((rev >= 5) && (rev <= 10)) {
2219 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2220 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2221 filename = "a0g1bsinitvals5";
2223 filename = "a0g0bsinitvals5";
2224 } else if (rev >= 11)
2227 goto err_no_initvals;
2230 if ((rev >= 5) && (rev <= 10))
2231 filename = "b0g0bsinitvals5";
2235 goto err_no_initvals;
2239 filename = "n0bsinitvals16";
2240 else if ((rev >= 11) && (rev <= 12))
2241 filename = "n0bsinitvals11";
2243 goto err_no_initvals;
2245 case B43_PHYTYPE_LP:
2247 filename = "lp0bsinitvals13";
2249 filename = "lp0bsinitvals14";
2251 filename = "lp0bsinitvals15";
2253 goto err_no_initvals;
2256 goto err_no_initvals;
2258 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2265 err = ctx->fatal_failure = -EOPNOTSUPP;
2266 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2267 "is required for your device (wl-core rev %u)\n", rev);
2271 err = ctx->fatal_failure = -EOPNOTSUPP;
2272 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2273 "is required for your device (wl-core rev %u)\n", rev);
2277 err = ctx->fatal_failure = -EOPNOTSUPP;
2278 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2279 "is required for your device (wl-core rev %u)\n", rev);
2283 /* We failed to load this firmware image. The error message
2284 * already is in ctx->errors. Return and let our caller decide
2289 b43_release_firmware(dev);
2293 static int b43_request_firmware(struct b43_wldev *dev)
2295 struct b43_request_fw_context *ctx;
2300 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2305 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2306 err = b43_try_request_fw(ctx);
2308 goto out; /* Successfully loaded it. */
2309 err = ctx->fatal_failure;
2313 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2314 err = b43_try_request_fw(ctx);
2316 goto out; /* Successfully loaded it. */
2317 err = ctx->fatal_failure;
2321 /* Could not find a usable firmware. Print the errors. */
2322 for (i = 0; i < B43_NR_FWTYPES; i++) {
2323 errmsg = ctx->errors[i];
2325 b43err(dev->wl, errmsg);
2327 b43_print_fw_helptext(dev->wl, 1);
2335 static int b43_upload_microcode(struct b43_wldev *dev)
2337 struct wiphy *wiphy = dev->wl->hw->wiphy;
2338 const size_t hdr_len = sizeof(struct b43_fw_header);
2340 unsigned int i, len;
2341 u16 fwrev, fwpatch, fwdate, fwtime;
2345 /* Jump the microcode PSM to offset 0 */
2346 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2347 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2348 macctl |= B43_MACCTL_PSM_JMP0;
2349 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2350 /* Zero out all microcode PSM registers and shared memory. */
2351 for (i = 0; i < 64; i++)
2352 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2353 for (i = 0; i < 4096; i += 2)
2354 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2356 /* Upload Microcode. */
2357 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2358 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2359 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2360 for (i = 0; i < len; i++) {
2361 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2365 if (dev->fw.pcm.data) {
2366 /* Upload PCM data. */
2367 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2368 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2369 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2370 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2371 /* No need for autoinc bit in SHM_HW */
2372 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2373 for (i = 0; i < len; i++) {
2374 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2379 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2381 /* Start the microcode PSM */
2382 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2383 macctl &= ~B43_MACCTL_PSM_JMP0;
2384 macctl |= B43_MACCTL_PSM_RUN;
2385 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2387 /* Wait for the microcode to load and respond */
2390 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2391 if (tmp == B43_IRQ_MAC_SUSPENDED)
2395 b43err(dev->wl, "Microcode not responding\n");
2396 b43_print_fw_helptext(dev->wl, 1);
2402 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2404 /* Get and check the revisions. */
2405 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2406 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2407 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2408 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2410 if (fwrev <= 0x128) {
2411 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2412 "binary drivers older than version 4.x is unsupported. "
2413 "You must upgrade your firmware files.\n");
2414 b43_print_fw_helptext(dev->wl, 1);
2418 dev->fw.rev = fwrev;
2419 dev->fw.patch = fwpatch;
2420 dev->fw.opensource = (fwdate == 0xFFFF);
2422 /* Default to use-all-queues. */
2423 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2424 dev->qos_enabled = !!modparam_qos;
2425 /* Default to firmware/hardware crypto acceleration. */
2426 dev->hwcrypto_enabled = 1;
2428 if (dev->fw.opensource) {
2431 /* Patchlevel info is encoded in the "time" field. */
2432 dev->fw.patch = fwtime;
2433 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2434 dev->fw.rev, dev->fw.patch);
2436 fwcapa = b43_fwcapa_read(dev);
2437 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2438 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2439 /* Disable hardware crypto and fall back to software crypto. */
2440 dev->hwcrypto_enabled = 0;
2442 if (!(fwcapa & B43_FWCAPA_QOS)) {
2443 b43info(dev->wl, "QoS not supported by firmware\n");
2444 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2445 * ieee80211_unregister to make sure the networking core can
2446 * properly free possible resources. */
2447 dev->wl->hw->queues = 1;
2448 dev->qos_enabled = 0;
2451 b43info(dev->wl, "Loading firmware version %u.%u "
2452 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2454 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2455 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2456 if (dev->fw.pcm_request_failed) {
2457 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2458 "Hardware accelerated cryptography is disabled.\n");
2459 b43_print_fw_helptext(dev->wl, 0);
2463 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2464 dev->fw.rev, dev->fw.patch);
2465 wiphy->hw_version = dev->dev->core_id;
2467 if (b43_is_old_txhdr_format(dev)) {
2468 /* We're over the deadline, but we keep support for old fw
2469 * until it turns out to be in major conflict with something new. */
2470 b43warn(dev->wl, "You are using an old firmware image. "
2471 "Support for old firmware will be removed soon "
2472 "(official deadline was July 2008).\n");
2473 b43_print_fw_helptext(dev->wl, 0);
2479 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2480 macctl &= ~B43_MACCTL_PSM_RUN;
2481 macctl |= B43_MACCTL_PSM_JMP0;
2482 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2487 static int b43_write_initvals(struct b43_wldev *dev,
2488 const struct b43_iv *ivals,
2492 const struct b43_iv *iv;
2497 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2499 for (i = 0; i < count; i++) {
2500 if (array_size < sizeof(iv->offset_size))
2502 array_size -= sizeof(iv->offset_size);
2503 offset = be16_to_cpu(iv->offset_size);
2504 bit32 = !!(offset & B43_IV_32BIT);
2505 offset &= B43_IV_OFFSET_MASK;
2506 if (offset >= 0x1000)
2511 if (array_size < sizeof(iv->data.d32))
2513 array_size -= sizeof(iv->data.d32);
2515 value = get_unaligned_be32(&iv->data.d32);
2516 b43_write32(dev, offset, value);
2518 iv = (const struct b43_iv *)((const uint8_t *)iv +
2524 if (array_size < sizeof(iv->data.d16))
2526 array_size -= sizeof(iv->data.d16);
2528 value = be16_to_cpu(iv->data.d16);
2529 b43_write16(dev, offset, value);
2531 iv = (const struct b43_iv *)((const uint8_t *)iv +
2542 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2543 b43_print_fw_helptext(dev->wl, 1);
2548 static int b43_upload_initvals(struct b43_wldev *dev)
2550 const size_t hdr_len = sizeof(struct b43_fw_header);
2551 const struct b43_fw_header *hdr;
2552 struct b43_firmware *fw = &dev->fw;
2553 const struct b43_iv *ivals;
2557 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2558 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2559 count = be32_to_cpu(hdr->size);
2560 err = b43_write_initvals(dev, ivals, count,
2561 fw->initvals.data->size - hdr_len);
2564 if (fw->initvals_band.data) {
2565 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2566 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2567 count = be32_to_cpu(hdr->size);
2568 err = b43_write_initvals(dev, ivals, count,
2569 fw->initvals_band.data->size - hdr_len);
2578 /* Initialize the GPIOs
2579 * http://bcm-specs.sipsolutions.net/GPIO
2581 static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2583 struct ssb_bus *bus = dev->dev->sdev->bus;
2585 #ifdef CONFIG_SSB_DRIVER_PCICORE
2586 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2588 return bus->chipco.dev;
2592 static int b43_gpio_init(struct b43_wldev *dev)
2594 struct ssb_device *gpiodev;
2597 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2598 & ~B43_MACCTL_GPOUTSMSK);
2600 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2605 if (dev->dev->chip_id == 0x4301) {
2609 if (0 /* FIXME: conditional unknown */ ) {
2610 b43_write16(dev, B43_MMIO_GPIO_MASK,
2611 b43_read16(dev, B43_MMIO_GPIO_MASK)
2616 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) {
2617 b43_write16(dev, B43_MMIO_GPIO_MASK,
2618 b43_read16(dev, B43_MMIO_GPIO_MASK)
2623 if (dev->dev->core_rev >= 2)
2624 mask |= 0x0010; /* FIXME: This is redundant. */
2626 gpiodev = b43_ssb_gpio_dev(dev);
2628 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2629 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2635 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2636 static void b43_gpio_cleanup(struct b43_wldev *dev)
2638 struct ssb_device *gpiodev;
2640 gpiodev = b43_ssb_gpio_dev(dev);
2642 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2645 /* http://bcm-specs.sipsolutions.net/EnableMac */
2646 void b43_mac_enable(struct b43_wldev *dev)
2648 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2651 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2652 B43_SHM_SH_UCODESTAT);
2653 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2654 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2655 b43err(dev->wl, "b43_mac_enable(): The firmware "
2656 "should be suspended, but current state is %u\n",
2661 dev->mac_suspended--;
2662 B43_WARN_ON(dev->mac_suspended < 0);
2663 if (dev->mac_suspended == 0) {
2664 b43_write32(dev, B43_MMIO_MACCTL,
2665 b43_read32(dev, B43_MMIO_MACCTL)
2666 | B43_MACCTL_ENABLED);
2667 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2668 B43_IRQ_MAC_SUSPENDED);
2670 b43_read32(dev, B43_MMIO_MACCTL);
2671 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2672 b43_power_saving_ctl_bits(dev, 0);
2676 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2677 void b43_mac_suspend(struct b43_wldev *dev)
2683 B43_WARN_ON(dev->mac_suspended < 0);
2685 if (dev->mac_suspended == 0) {
2686 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2687 b43_write32(dev, B43_MMIO_MACCTL,
2688 b43_read32(dev, B43_MMIO_MACCTL)
2689 & ~B43_MACCTL_ENABLED);
2690 /* force pci to flush the write */
2691 b43_read32(dev, B43_MMIO_MACCTL);
2692 for (i = 35; i; i--) {
2693 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2694 if (tmp & B43_IRQ_MAC_SUSPENDED)
2698 /* Hm, it seems this will take some time. Use msleep(). */
2699 for (i = 40; i; i--) {
2700 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2701 if (tmp & B43_IRQ_MAC_SUSPENDED)
2705 b43err(dev->wl, "MAC suspend failed\n");
2708 dev->mac_suspended++;
2711 /* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2712 void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
2714 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
2716 tmslow |= B43_TMSLOW_MACPHYCLKEN;
2718 tmslow &= ~B43_TMSLOW_MACPHYCLKEN;
2719 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
2722 static void b43_adjust_opmode(struct b43_wldev *dev)
2724 struct b43_wl *wl = dev->wl;
2728 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2729 /* Reset status to STA infrastructure mode. */
2730 ctl &= ~B43_MACCTL_AP;
2731 ctl &= ~B43_MACCTL_KEEP_CTL;
2732 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2733 ctl &= ~B43_MACCTL_KEEP_BAD;
2734 ctl &= ~B43_MACCTL_PROMISC;
2735 ctl &= ~B43_MACCTL_BEACPROMISC;
2736 ctl |= B43_MACCTL_INFRA;
2738 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2739 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2740 ctl |= B43_MACCTL_AP;
2741 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2742 ctl &= ~B43_MACCTL_INFRA;
2744 if (wl->filter_flags & FIF_CONTROL)
2745 ctl |= B43_MACCTL_KEEP_CTL;
2746 if (wl->filter_flags & FIF_FCSFAIL)
2747 ctl |= B43_MACCTL_KEEP_BAD;
2748 if (wl->filter_flags & FIF_PLCPFAIL)
2749 ctl |= B43_MACCTL_KEEP_BADPLCP;
2750 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2751 ctl |= B43_MACCTL_PROMISC;
2752 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2753 ctl |= B43_MACCTL_BEACPROMISC;
2755 /* Workaround: On old hardware the HW-MAC-address-filter
2756 * doesn't work properly, so always run promisc in filter
2757 * it in software. */
2758 if (dev->dev->core_rev <= 4)
2759 ctl |= B43_MACCTL_PROMISC;
2761 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2764 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2765 if (dev->dev->chip_id == 0x4306 &&
2766 dev->dev->chip_rev == 3)
2771 b43_write16(dev, 0x612, cfp_pretbtt);
2773 /* FIXME: We don't currently implement the PMQ mechanism,
2774 * so always disable it. If we want to implement PMQ,
2775 * we need to enable it here (clear DISCPMQ) in AP mode.
2777 if (0 /* ctl & B43_MACCTL_AP */) {
2778 b43_write32(dev, B43_MMIO_MACCTL,
2779 b43_read32(dev, B43_MMIO_MACCTL)
2780 & ~B43_MACCTL_DISCPMQ);
2782 b43_write32(dev, B43_MMIO_MACCTL,
2783 b43_read32(dev, B43_MMIO_MACCTL)
2784 | B43_MACCTL_DISCPMQ);
2788 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2794 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2797 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2799 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2800 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2803 static void b43_rate_memory_init(struct b43_wldev *dev)
2805 switch (dev->phy.type) {
2809 case B43_PHYTYPE_LP:
2810 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2811 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2812 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2813 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2814 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2815 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2816 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2817 if (dev->phy.type == B43_PHYTYPE_A)
2821 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2822 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2823 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2824 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2831 /* Set the default values for the PHY TX Control Words. */
2832 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2836 ctl |= B43_TXH_PHY_ENC_CCK;
2837 ctl |= B43_TXH_PHY_ANT01AUTO;
2838 ctl |= B43_TXH_PHY_TXPWR;
2840 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2841 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2842 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2845 /* Set the TX-Antenna for management frames sent by firmware. */
2846 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2851 ant = b43_antenna_to_phyctl(antenna);
2854 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2855 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2856 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2857 /* For Probe Resposes */
2858 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2859 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2860 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2863 /* This is the opposite of b43_chip_init() */
2864 static void b43_chip_exit(struct b43_wldev *dev)
2867 b43_gpio_cleanup(dev);
2868 /* firmware is released later */
2871 /* Initialize the chip
2872 * http://bcm-specs.sipsolutions.net/ChipInit
2874 static int b43_chip_init(struct b43_wldev *dev)
2876 struct b43_phy *phy = &dev->phy;
2881 /* Initialize the MAC control */
2882 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2884 macctl |= B43_MACCTL_GMODE;
2885 macctl |= B43_MACCTL_INFRA;
2886 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2888 err = b43_request_firmware(dev);
2891 err = b43_upload_microcode(dev);
2893 goto out; /* firmware is released later */
2895 err = b43_gpio_init(dev);
2897 goto out; /* firmware is released later */
2899 err = b43_upload_initvals(dev);
2901 goto err_gpio_clean;
2903 /* Turn the Analog on and initialize the PHY. */
2904 phy->ops->switch_analog(dev, 1);
2905 err = b43_phy_init(dev);
2907 goto err_gpio_clean;
2909 /* Disable Interference Mitigation. */
2910 if (phy->ops->interf_mitigation)
2911 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2913 /* Select the antennae */
2914 if (phy->ops->set_rx_antenna)
2915 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2916 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2918 if (phy->type == B43_PHYTYPE_B) {
2919 value16 = b43_read16(dev, 0x005E);
2921 b43_write16(dev, 0x005E, value16);
2923 b43_write32(dev, 0x0100, 0x01000000);
2924 if (dev->dev->core_rev < 5)
2925 b43_write32(dev, 0x010C, 0x01000000);
2927 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2928 & ~B43_MACCTL_INFRA);
2929 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2930 | B43_MACCTL_INFRA);
2932 /* Probe Response Timeout value */
2933 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2934 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2936 /* Initially set the wireless operation mode. */
2937 b43_adjust_opmode(dev);
2939 if (dev->dev->core_rev < 3) {
2940 b43_write16(dev, 0x060E, 0x0000);
2941 b43_write16(dev, 0x0610, 0x8000);
2942 b43_write16(dev, 0x0604, 0x0000);
2943 b43_write16(dev, 0x0606, 0x0200);
2945 b43_write32(dev, 0x0188, 0x80000000);
2946 b43_write32(dev, 0x018C, 0x02000000);
2948 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2949 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2950 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2951 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2952 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2953 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2954 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2956 b43_mac_phy_clock_set(dev, true);
2958 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2959 dev->sdev->bus->chipco.fast_pwrup_delay);
2962 b43dbg(dev->wl, "Chip initialized\n");
2967 b43_gpio_cleanup(dev);
2971 static void b43_periodic_every60sec(struct b43_wldev *dev)
2973 const struct b43_phy_operations *ops = dev->phy.ops;
2975 if (ops->pwork_60sec)
2976 ops->pwork_60sec(dev);
2978 /* Force check the TX power emission now. */
2979 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2982 static void b43_periodic_every30sec(struct b43_wldev *dev)
2984 /* Update device statistics. */
2985 b43_calculate_link_quality(dev);
2988 static void b43_periodic_every15sec(struct b43_wldev *dev)
2990 struct b43_phy *phy = &dev->phy;
2993 if (dev->fw.opensource) {
2994 /* Check if the firmware is still alive.
2995 * It will reset the watchdog counter to 0 in its idle loop. */
2996 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2997 if (unlikely(wdr)) {
2998 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2999 b43_controller_restart(dev, "Firmware watchdog");
3002 b43_shm_write16(dev, B43_SHM_SCRATCH,
3003 B43_WATCHDOG_REG, 1);
3007 if (phy->ops->pwork_15sec)
3008 phy->ops->pwork_15sec(dev);
3010 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3014 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3017 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3018 dev->irq_count / 15,
3020 dev->rx_count / 15);
3024 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3025 if (dev->irq_bit_count[i]) {
3026 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3027 dev->irq_bit_count[i] / 15, i, (1 << i));
3028 dev->irq_bit_count[i] = 0;
3035 static void do_periodic_work(struct b43_wldev *dev)
3039 state = dev->periodic_state;
3041 b43_periodic_every60sec(dev);
3043 b43_periodic_every30sec(dev);
3044 b43_periodic_every15sec(dev);
3047 /* Periodic work locking policy:
3048 * The whole periodic work handler is protected by
3049 * wl->mutex. If another lock is needed somewhere in the
3050 * pwork callchain, it's acquired in-place, where it's needed.
3052 static void b43_periodic_work_handler(struct work_struct *work)
3054 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3055 periodic_work.work);
3056 struct b43_wl *wl = dev->wl;
3057 unsigned long delay;
3059 mutex_lock(&wl->mutex);
3061 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3063 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3066 do_periodic_work(dev);
3068 dev->periodic_state++;
3070 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3071 delay = msecs_to_jiffies(50);
3073 delay = round_jiffies_relative(HZ * 15);
3074 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3076 mutex_unlock(&wl->mutex);
3079 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3081 struct delayed_work *work = &dev->periodic_work;
3083 dev->periodic_state = 0;
3084 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3085 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3088 /* Check if communication with the device works correctly. */
3089 static int b43_validate_chipaccess(struct b43_wldev *dev)
3091 u32 v, backup0, backup4;
3093 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3094 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3096 /* Check for read/write and endianness problems. */
3097 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3098 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3100 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3101 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3104 /* Check if unaligned 32bit SHM_SHARED access works properly.
3105 * However, don't bail out on failure, because it's noncritical. */
3106 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3107 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3108 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3109 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3110 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3111 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3112 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3113 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3114 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3115 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3116 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3117 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3119 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3120 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3122 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) {
3123 /* The 32bit register shadows the two 16bit registers
3124 * with update sideeffects. Validate this. */
3125 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3126 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3127 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3129 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3132 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3134 v = b43_read32(dev, B43_MMIO_MACCTL);
3135 v |= B43_MACCTL_GMODE;
3136 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3141 b43err(dev->wl, "Failed to validate the chipaccess\n");
3145 static void b43_security_init(struct b43_wldev *dev)
3147 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3148 /* KTP is a word address, but we address SHM bytewise.
3149 * So multiply by two.
3152 /* Number of RCMTA address slots */
3153 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3154 /* Clear the key memory. */
3155 b43_clear_keys(dev);
3158 #ifdef CONFIG_B43_HWRNG
3159 static int b43_rng_read(struct hwrng *rng, u32 *data)
3161 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3162 struct b43_wldev *dev;
3163 int count = -ENODEV;
3165 mutex_lock(&wl->mutex);
3166 dev = wl->current_dev;
3167 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3168 *data = b43_read16(dev, B43_MMIO_RNG);
3169 count = sizeof(u16);
3171 mutex_unlock(&wl->mutex);
3175 #endif /* CONFIG_B43_HWRNG */
3177 static void b43_rng_exit(struct b43_wl *wl)
3179 #ifdef CONFIG_B43_HWRNG
3180 if (wl->rng_initialized)
3181 hwrng_unregister(&wl->rng);
3182 #endif /* CONFIG_B43_HWRNG */
3185 static int b43_rng_init(struct b43_wl *wl)
3189 #ifdef CONFIG_B43_HWRNG
3190 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3191 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3192 wl->rng.name = wl->rng_name;
3193 wl->rng.data_read = b43_rng_read;
3194 wl->rng.priv = (unsigned long)wl;
3195 wl->rng_initialized = 1;
3196 err = hwrng_register(&wl->rng);
3198 wl->rng_initialized = 0;
3199 b43err(wl, "Failed to register the random "
3200 "number generator (%d)\n", err);
3202 #endif /* CONFIG_B43_HWRNG */
3207 static void b43_tx_work(struct work_struct *work)
3209 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3210 struct b43_wldev *dev;
3211 struct sk_buff *skb;
3214 mutex_lock(&wl->mutex);
3215 dev = wl->current_dev;
3216 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3217 mutex_unlock(&wl->mutex);
3221 while (skb_queue_len(&wl->tx_queue)) {
3222 skb = skb_dequeue(&wl->tx_queue);
3224 if (b43_using_pio_transfers(dev))
3225 err = b43_pio_tx(dev, skb);
3227 err = b43_dma_tx(dev, skb);
3229 dev_kfree_skb(skb); /* Drop it */
3235 mutex_unlock(&wl->mutex);
3238 static void b43_op_tx(struct ieee80211_hw *hw,
3239 struct sk_buff *skb)
3241 struct b43_wl *wl = hw_to_b43_wl(hw);
3243 if (unlikely(skb->len < 2 + 2 + 6)) {
3244 /* Too short, this can't be a valid frame. */
3245 dev_kfree_skb_any(skb);
3248 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3250 skb_queue_tail(&wl->tx_queue, skb);
3251 ieee80211_queue_work(wl->hw, &wl->tx_work);
3254 static void b43_qos_params_upload(struct b43_wldev *dev,
3255 const struct ieee80211_tx_queue_params *p,
3258 u16 params[B43_NR_QOSPARAMS];
3262 if (!dev->qos_enabled)
3265 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3267 memset(¶ms, 0, sizeof(params));
3269 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3270 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3271 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3272 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3273 params[B43_QOSPARAM_AIFS] = p->aifs;
3274 params[B43_QOSPARAM_BSLOTS] = bslots;
3275 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3277 for (i = 0; i < ARRAY_SIZE(params); i++) {
3278 if (i == B43_QOSPARAM_STATUS) {
3279 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3280 shm_offset + (i * 2));
3281 /* Mark the parameters as updated. */
3283 b43_shm_write16(dev, B43_SHM_SHARED,
3284 shm_offset + (i * 2),
3287 b43_shm_write16(dev, B43_SHM_SHARED,
3288 shm_offset + (i * 2),
3294 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3295 static const u16 b43_qos_shm_offsets[] = {
3296 /* [mac80211-queue-nr] = SHM_OFFSET, */
3297 [0] = B43_QOS_VOICE,
3298 [1] = B43_QOS_VIDEO,
3299 [2] = B43_QOS_BESTEFFORT,
3300 [3] = B43_QOS_BACKGROUND,
3303 /* Update all QOS parameters in hardware. */
3304 static void b43_qos_upload_all(struct b43_wldev *dev)
3306 struct b43_wl *wl = dev->wl;
3307 struct b43_qos_params *params;
3310 if (!dev->qos_enabled)
3313 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3314 ARRAY_SIZE(wl->qos_params));
3316 b43_mac_suspend(dev);
3317 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3318 params = &(wl->qos_params[i]);
3319 b43_qos_params_upload(dev, &(params->p),
3320 b43_qos_shm_offsets[i]);
3322 b43_mac_enable(dev);
3325 static void b43_qos_clear(struct b43_wl *wl)
3327 struct b43_qos_params *params;
3330 /* Initialize QoS parameters to sane defaults. */
3332 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3333 ARRAY_SIZE(wl->qos_params));
3335 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3336 params = &(wl->qos_params[i]);
3338 switch (b43_qos_shm_offsets[i]) {
3342 params->p.cw_min = 0x0001;
3343 params->p.cw_max = 0x0001;
3348 params->p.cw_min = 0x0001;
3349 params->p.cw_max = 0x0001;
3351 case B43_QOS_BESTEFFORT:
3354 params->p.cw_min = 0x0001;
3355 params->p.cw_max = 0x03FF;
3357 case B43_QOS_BACKGROUND:
3360 params->p.cw_min = 0x0001;
3361 params->p.cw_max = 0x03FF;
3369 /* Initialize the core's QOS capabilities */
3370 static void b43_qos_init(struct b43_wldev *dev)
3372 if (!dev->qos_enabled) {
3373 /* Disable QOS support. */
3374 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3375 b43_write16(dev, B43_MMIO_IFSCTL,
3376 b43_read16(dev, B43_MMIO_IFSCTL)
3377 & ~B43_MMIO_IFSCTL_USE_EDCF);
3378 b43dbg(dev->wl, "QoS disabled\n");
3382 /* Upload the current QOS parameters. */
3383 b43_qos_upload_all(dev);
3385 /* Enable QOS support. */
3386 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3387 b43_write16(dev, B43_MMIO_IFSCTL,
3388 b43_read16(dev, B43_MMIO_IFSCTL)
3389 | B43_MMIO_IFSCTL_USE_EDCF);
3390 b43dbg(dev->wl, "QoS enabled\n");
3393 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3394 const struct ieee80211_tx_queue_params *params)
3396 struct b43_wl *wl = hw_to_b43_wl(hw);
3397 struct b43_wldev *dev;
3398 unsigned int queue = (unsigned int)_queue;
3401 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3402 /* Queue not available or don't support setting
3403 * params on this queue. Return success to not
3404 * confuse mac80211. */
3407 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3408 ARRAY_SIZE(wl->qos_params));
3410 mutex_lock(&wl->mutex);
3411 dev = wl->current_dev;
3412 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3415 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3416 b43_mac_suspend(dev);
3417 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3418 b43_qos_shm_offsets[queue]);
3419 b43_mac_enable(dev);
3423 mutex_unlock(&wl->mutex);
3428 static int b43_op_get_stats(struct ieee80211_hw *hw,
3429 struct ieee80211_low_level_stats *stats)
3431 struct b43_wl *wl = hw_to_b43_wl(hw);
3433 mutex_lock(&wl->mutex);
3434 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3435 mutex_unlock(&wl->mutex);
3440 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3442 struct b43_wl *wl = hw_to_b43_wl(hw);
3443 struct b43_wldev *dev;
3446 mutex_lock(&wl->mutex);
3447 dev = wl->current_dev;
3449 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3450 b43_tsf_read(dev, &tsf);
3454 mutex_unlock(&wl->mutex);
3459 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3461 struct b43_wl *wl = hw_to_b43_wl(hw);
3462 struct b43_wldev *dev;
3464 mutex_lock(&wl->mutex);
3465 dev = wl->current_dev;
3467 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3468 b43_tsf_write(dev, tsf);
3470 mutex_unlock(&wl->mutex);
3473 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3475 struct ssb_device *sdev = dev->sdev;
3478 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3479 tmslow &= ~B43_TMSLOW_GMODE;
3480 tmslow |= B43_TMSLOW_PHYRESET;
3481 tmslow |= SSB_TMSLOW_FGC;
3482 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3485 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3486 tmslow &= ~SSB_TMSLOW_FGC;
3487 tmslow |= B43_TMSLOW_PHYRESET;
3488 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3492 static const char *band_to_string(enum ieee80211_band band)
3495 case IEEE80211_BAND_5GHZ:
3497 case IEEE80211_BAND_2GHZ:
3506 /* Expects wl->mutex locked */
3507 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3509 struct b43_wldev *up_dev = NULL;
3510 struct b43_wldev *down_dev;
3511 struct b43_wldev *d;
3513 bool uninitialized_var(gmode);
3516 /* Find a device and PHY which supports the band. */
3517 list_for_each_entry(d, &wl->devlist, list) {
3518 switch (chan->band) {
3519 case IEEE80211_BAND_5GHZ:
3520 if (d->phy.supports_5ghz) {
3525 case IEEE80211_BAND_2GHZ:
3526 if (d->phy.supports_2ghz) {
3539 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3540 band_to_string(chan->band));
3543 if ((up_dev == wl->current_dev) &&
3544 (!!wl->current_dev->phy.gmode == !!gmode)) {
3545 /* This device is already running. */
3548 b43dbg(wl, "Switching to %s-GHz band\n",
3549 band_to_string(chan->band));
3550 down_dev = wl->current_dev;
3552 prev_status = b43_status(down_dev);
3553 /* Shutdown the currently running core. */
3554 if (prev_status >= B43_STAT_STARTED)
3555 down_dev = b43_wireless_core_stop(down_dev);
3556 if (prev_status >= B43_STAT_INITIALIZED)
3557 b43_wireless_core_exit(down_dev);
3559 if (down_dev != up_dev) {
3560 /* We switch to a different core, so we put PHY into
3561 * RESET on the old core. */
3562 b43_put_phy_into_reset(down_dev);
3565 /* Now start the new core. */
3566 up_dev->phy.gmode = gmode;
3567 if (prev_status >= B43_STAT_INITIALIZED) {
3568 err = b43_wireless_core_init(up_dev);
3570 b43err(wl, "Fatal: Could not initialize device for "
3571 "selected %s-GHz band\n",
3572 band_to_string(chan->band));
3576 if (prev_status >= B43_STAT_STARTED) {
3577 err = b43_wireless_core_start(up_dev);
3579 b43err(wl, "Fatal: Coult not start device for "
3580 "selected %s-GHz band\n",
3581 band_to_string(chan->band));
3582 b43_wireless_core_exit(up_dev);
3586 B43_WARN_ON(b43_status(up_dev) != prev_status);
3588 wl->current_dev = up_dev;
3592 /* Whoops, failed to init the new core. No core is operating now. */
3593 wl->current_dev = NULL;
3597 /* Write the short and long frame retry limit values. */
3598 static void b43_set_retry_limits(struct b43_wldev *dev,
3599 unsigned int short_retry,
3600 unsigned int long_retry)
3602 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3603 * the chip-internal counter. */
3604 short_retry = min(short_retry, (unsigned int)0xF);
3605 long_retry = min(long_retry, (unsigned int)0xF);
3607 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3609 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3613 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3615 struct b43_wl *wl = hw_to_b43_wl(hw);
3616 struct b43_wldev *dev;
3617 struct b43_phy *phy;
3618 struct ieee80211_conf *conf = &hw->conf;
3622 mutex_lock(&wl->mutex);
3624 /* Switch the band (if necessary). This might change the active core. */
3625 err = b43_switch_band(wl, conf->channel);
3627 goto out_unlock_mutex;
3628 dev = wl->current_dev;
3631 if (conf_is_ht(conf))
3633 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3635 phy->is_40mhz = false;
3637 b43_mac_suspend(dev);
3639 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3640 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3641 conf->long_frame_max_tx_count);
3642 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3644 goto out_mac_enable;
3646 /* Switch to the requested channel.
3647 * The firmware takes care of races with the TX handler. */
3648 if (conf->channel->hw_value != phy->channel)
3649 b43_switch_channel(dev, conf->channel->hw_value);
3651 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3653 /* Adjust the desired TX power level. */
3654 if (conf->power_level != 0) {
3655 if (conf->power_level != phy->desired_txpower) {
3656 phy->desired_txpower = conf->power_level;
3657 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3658 B43_TXPWR_IGNORE_TSSI);
3662 /* Antennas for RX and management frame TX. */
3663 antenna = B43_ANTENNA_DEFAULT;
3664 b43_mgmtframe_txantenna(dev, antenna);
3665 antenna = B43_ANTENNA_DEFAULT;
3666 if (phy->ops->set_rx_antenna)
3667 phy->ops->set_rx_antenna(dev, antenna);
3669 if (wl->radio_enabled != phy->radio_on) {
3670 if (wl->radio_enabled) {
3671 b43_software_rfkill(dev, false);
3672 b43info(dev->wl, "Radio turned on by software\n");
3673 if (!dev->radio_hw_enable) {
3674 b43info(dev->wl, "The hardware RF-kill button "
3675 "still turns the radio physically off. "
3676 "Press the button to turn it on.\n");
3679 b43_software_rfkill(dev, true);
3680 b43info(dev->wl, "Radio turned off by software\n");
3685 b43_mac_enable(dev);
3687 mutex_unlock(&wl->mutex);
3692 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3694 struct ieee80211_supported_band *sband =
3695 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3696 struct ieee80211_rate *rate;
3698 u16 basic, direct, offset, basic_offset, rateptr;
3700 for (i = 0; i < sband->n_bitrates; i++) {
3701 rate = &sband->bitrates[i];
3703 if (b43_is_cck_rate(rate->hw_value)) {
3704 direct = B43_SHM_SH_CCKDIRECT;
3705 basic = B43_SHM_SH_CCKBASIC;
3706 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3709 direct = B43_SHM_SH_OFDMDIRECT;
3710 basic = B43_SHM_SH_OFDMBASIC;
3711 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3715 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3717 if (b43_is_cck_rate(rate->hw_value)) {
3718 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3719 basic_offset &= 0xF;
3721 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3722 basic_offset &= 0xF;
3726 * Get the pointer that we need to point to
3727 * from the direct map
3729 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3730 direct + 2 * basic_offset);
3731 /* and write it to the basic map */
3732 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3737 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3738 struct ieee80211_vif *vif,
3739 struct ieee80211_bss_conf *conf,
3742 struct b43_wl *wl = hw_to_b43_wl(hw);
3743 struct b43_wldev *dev;
3745 mutex_lock(&wl->mutex);
3747 dev = wl->current_dev;
3748 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3749 goto out_unlock_mutex;
3751 B43_WARN_ON(wl->vif != vif);
3753 if (changed & BSS_CHANGED_BSSID) {
3755 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3757 memset(wl->bssid, 0, ETH_ALEN);
3760 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3761 if (changed & BSS_CHANGED_BEACON &&
3762 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3763 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3764 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3765 b43_update_templates(wl);
3767 if (changed & BSS_CHANGED_BSSID)
3768 b43_write_mac_bssid_templates(dev);
3771 b43_mac_suspend(dev);
3773 /* Update templates for AP/mesh mode. */
3774 if (changed & BSS_CHANGED_BEACON_INT &&
3775 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3776 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3777 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3778 b43_set_beacon_int(dev, conf->beacon_int);
3780 if (changed & BSS_CHANGED_BASIC_RATES)
3781 b43_update_basic_rates(dev, conf->basic_rates);
3783 if (changed & BSS_CHANGED_ERP_SLOT) {
3784 if (conf->use_short_slot)
3785 b43_short_slot_timing_enable(dev);
3787 b43_short_slot_timing_disable(dev);
3790 b43_mac_enable(dev);
3792 mutex_unlock(&wl->mutex);
3795 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3796 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3797 struct ieee80211_key_conf *key)
3799 struct b43_wl *wl = hw_to_b43_wl(hw);
3800 struct b43_wldev *dev;
3804 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3806 if (modparam_nohwcrypt)
3807 return -ENOSPC; /* User disabled HW-crypto */
3809 mutex_lock(&wl->mutex);
3811 dev = wl->current_dev;
3813 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3816 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3817 /* We don't have firmware for the crypto engine.
3818 * Must use software-crypto. */
3824 switch (key->cipher) {
3825 case WLAN_CIPHER_SUITE_WEP40:
3826 algorithm = B43_SEC_ALGO_WEP40;
3828 case WLAN_CIPHER_SUITE_WEP104:
3829 algorithm = B43_SEC_ALGO_WEP104;
3831 case WLAN_CIPHER_SUITE_TKIP:
3832 algorithm = B43_SEC_ALGO_TKIP;
3834 case WLAN_CIPHER_SUITE_CCMP:
3835 algorithm = B43_SEC_ALGO_AES;
3841 index = (u8) (key->keyidx);
3847 if (algorithm == B43_SEC_ALGO_TKIP &&
3848 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3849 !modparam_hwtkip)) {
3850 /* We support only pairwise key */
3855 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3856 if (WARN_ON(!sta)) {
3860 /* Pairwise key with an assigned MAC address. */
3861 err = b43_key_write(dev, -1, algorithm,
3862 key->key, key->keylen,
3866 err = b43_key_write(dev, index, algorithm,
3867 key->key, key->keylen, NULL, key);
3872 if (algorithm == B43_SEC_ALGO_WEP40 ||
3873 algorithm == B43_SEC_ALGO_WEP104) {
3874 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3877 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3879 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3880 if (algorithm == B43_SEC_ALGO_TKIP)
3881 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3884 err = b43_key_clear(dev, key->hw_key_idx);
3895 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3897 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3898 sta ? sta->addr : bcast_addr);
3899 b43_dump_keymemory(dev);
3901 mutex_unlock(&wl->mutex);
3906 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3907 unsigned int changed, unsigned int *fflags,
3910 struct b43_wl *wl = hw_to_b43_wl(hw);
3911 struct b43_wldev *dev;
3913 mutex_lock(&wl->mutex);
3914 dev = wl->current_dev;
3920 *fflags &= FIF_PROMISC_IN_BSS |
3926 FIF_BCN_PRBRESP_PROMISC;
3928 changed &= FIF_PROMISC_IN_BSS |
3934 FIF_BCN_PRBRESP_PROMISC;
3936 wl->filter_flags = *fflags;
3938 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3939 b43_adjust_opmode(dev);
3942 mutex_unlock(&wl->mutex);
3945 /* Locking: wl->mutex
3946 * Returns the current dev. This might be different from the passed in dev,
3947 * because the core might be gone away while we unlocked the mutex. */
3948 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3950 struct b43_wl *wl = dev->wl;
3951 struct b43_wldev *orig_dev;
3955 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3958 /* Cancel work. Unlock to avoid deadlocks. */
3959 mutex_unlock(&wl->mutex);
3960 cancel_delayed_work_sync(&dev->periodic_work);
3961 cancel_work_sync(&wl->tx_work);
3962 mutex_lock(&wl->mutex);
3963 dev = wl->current_dev;
3964 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3965 /* Whoops, aliens ate up the device while we were unlocked. */
3969 /* Disable interrupts on the device. */
3970 b43_set_status(dev, B43_STAT_INITIALIZED);
3971 if (b43_bus_host_is_sdio(dev->dev)) {
3972 /* wl->mutex is locked. That is enough. */
3973 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3974 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3976 spin_lock_irq(&wl->hardirq_lock);
3977 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3978 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3979 spin_unlock_irq(&wl->hardirq_lock);
3981 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
3983 mutex_unlock(&wl->mutex);
3984 if (b43_bus_host_is_sdio(dev->dev)) {
3985 b43_sdio_free_irq(dev);
3987 synchronize_irq(dev->dev->irq);
3988 free_irq(dev->dev->irq, dev);
3990 mutex_lock(&wl->mutex);
3991 dev = wl->current_dev;
3994 if (dev != orig_dev) {
3995 if (b43_status(dev) >= B43_STAT_STARTED)
3999 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
4000 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
4002 /* Drain the TX queue */
4003 while (skb_queue_len(&wl->tx_queue))
4004 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
4006 b43_mac_suspend(dev);
4008 b43dbg(wl, "Wireless interface stopped\n");
4013 /* Locking: wl->mutex */
4014 static int b43_wireless_core_start(struct b43_wldev *dev)
4018 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4020 drain_txstatus_queue(dev);
4021 if (b43_bus_host_is_sdio(dev->dev)) {
4022 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4024 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4028 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
4029 b43_interrupt_thread_handler,
4030 IRQF_SHARED, KBUILD_MODNAME, dev);
4032 b43err(dev->wl, "Cannot request IRQ-%d\n",
4038 /* We are ready to run. */
4039 ieee80211_wake_queues(dev->wl->hw);
4040 b43_set_status(dev, B43_STAT_STARTED);
4042 /* Start data flow (TX/RX). */
4043 b43_mac_enable(dev);
4044 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4046 /* Start maintenance work */
4047 b43_periodic_tasks_setup(dev);
4051 b43dbg(dev->wl, "Wireless interface started\n");
4056 /* Get PHY and RADIO versioning numbers */
4057 static int b43_phy_versioning(struct b43_wldev *dev)
4059 struct b43_phy *phy = &dev->phy;
4067 int unsupported = 0;
4069 /* Get PHY versioning */
4070 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4071 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4072 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4073 phy_rev = (tmp & B43_PHYVER_VERSION);
4080 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4088 #ifdef CONFIG_B43_PHY_N
4094 #ifdef CONFIG_B43_PHY_LP
4095 case B43_PHYTYPE_LP:
4104 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
4105 "(Analog %u, Type %u, Revision %u)\n",
4106 analog_type, phy_type, phy_rev);
4109 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
4110 analog_type, phy_type, phy_rev);
4112 /* Get RADIO versioning */
4113 if (dev->dev->chip_id == 0x4317) {
4114 if (dev->dev->chip_rev == 0)
4116 else if (dev->dev->chip_rev == 1)
4121 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4122 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4123 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4124 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4126 radio_manuf = (tmp & 0x00000FFF);
4127 radio_ver = (tmp & 0x0FFFF000) >> 12;
4128 radio_rev = (tmp & 0xF0000000) >> 28;
4129 if (radio_manuf != 0x17F /* Broadcom */)
4133 if (radio_ver != 0x2060)
4137 if (radio_manuf != 0x17F)
4141 if ((radio_ver & 0xFFF0) != 0x2050)
4145 if (radio_ver != 0x2050)
4149 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4152 case B43_PHYTYPE_LP:
4153 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4160 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4161 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4162 radio_manuf, radio_ver, radio_rev);
4165 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4166 radio_manuf, radio_ver, radio_rev);
4168 phy->radio_manuf = radio_manuf;
4169 phy->radio_ver = radio_ver;
4170 phy->radio_rev = radio_rev;
4172 phy->analog = analog_type;
4173 phy->type = phy_type;
4179 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4180 struct b43_phy *phy)
4182 phy->hardware_power_control = !!modparam_hwpctl;
4183 phy->next_txpwr_check_time = jiffies;
4184 /* PHY TX errors counter. */
4185 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4188 phy->phy_locked = 0;
4189 phy->radio_locked = 0;
4193 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4197 /* Assume the radio is enabled. If it's not enabled, the state will
4198 * immediately get fixed on the first periodic work run. */
4199 dev->radio_hw_enable = 1;
4202 memset(&dev->stats, 0, sizeof(dev->stats));
4204 setup_struct_phy_for_init(dev, &dev->phy);
4206 /* IRQ related flags */
4207 dev->irq_reason = 0;
4208 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4209 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4210 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4211 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4213 dev->mac_suspended = 1;
4215 /* Noise calculation context */
4216 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4219 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4221 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4224 if (!modparam_btcoex)
4226 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4228 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4231 hf = b43_hf_read(dev);
4232 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4233 hf |= B43_HF_BTCOEXALT;
4235 hf |= B43_HF_BTCOEX;
4236 b43_hf_write(dev, hf);
4239 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4241 if (!modparam_btcoex)
4246 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4248 struct ssb_bus *bus;
4251 if (dev->dev->bus_type != B43_BUS_SSB)
4254 bus = dev->dev->sdev->bus;
4256 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4257 (bus->chip_id == 0x4312)) {
4258 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO);
4259 tmp &= ~SSB_IMCFGLO_REQTO;
4260 tmp &= ~SSB_IMCFGLO_SERTO;
4262 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp);
4263 ssb_commit_settings(bus);
4267 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4271 /* The time value is in microseconds. */
4272 if (dev->phy.type == B43_PHYTYPE_A)
4276 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4278 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4279 pu_delay = max(pu_delay, (u16)2400);
4281 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4284 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4285 static void b43_set_pretbtt(struct b43_wldev *dev)
4289 /* The time value is in microseconds. */
4290 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4293 if (dev->phy.type == B43_PHYTYPE_A)
4298 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4299 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4302 /* Shutdown a wireless core */
4303 /* Locking: wl->mutex */
4304 static void b43_wireless_core_exit(struct b43_wldev *dev)
4308 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4309 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4312 /* Unregister HW RNG driver */
4313 b43_rng_exit(dev->wl);
4315 b43_set_status(dev, B43_STAT_UNINIT);
4317 /* Stop the microcode PSM. */
4318 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4319 macctl &= ~B43_MACCTL_PSM_RUN;
4320 macctl |= B43_MACCTL_PSM_JMP0;
4321 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4326 dev->phy.ops->switch_analog(dev, 0);
4327 if (dev->wl->current_beacon) {
4328 dev_kfree_skb_any(dev->wl->current_beacon);
4329 dev->wl->current_beacon = NULL;
4332 b43_device_disable(dev, 0);
4333 b43_bus_may_powerdown(dev);
4336 /* Initialize a wireless core */
4337 static int b43_wireless_core_init(struct b43_wldev *dev)
4339 struct ssb_bus *bus = dev->sdev->bus;
4340 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4341 struct b43_phy *phy = &dev->phy;
4345 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4347 err = b43_bus_powerup(dev, 0);
4350 if (!b43_device_is_enabled(dev))
4351 b43_wireless_core_reset(dev, phy->gmode);
4353 /* Reset all data structures. */
4354 setup_struct_wldev_for_init(dev);
4355 phy->ops->prepare_structs(dev);
4357 /* Enable IRQ routing to this device. */
4358 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev);
4360 b43_imcfglo_timeouts_workaround(dev);
4361 b43_bluetooth_coext_disable(dev);
4362 if (phy->ops->prepare_hardware) {
4363 err = phy->ops->prepare_hardware(dev);
4367 err = b43_chip_init(dev);
4370 b43_shm_write16(dev, B43_SHM_SHARED,
4371 B43_SHM_SH_WLCOREREV, dev->dev->core_rev);
4372 hf = b43_hf_read(dev);
4373 if (phy->type == B43_PHYTYPE_G) {
4377 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4378 hf |= B43_HF_OFDMPABOOST;
4380 if (phy->radio_ver == 0x2050) {
4381 if (phy->radio_rev == 6)
4382 hf |= B43_HF_4318TSSI;
4383 if (phy->radio_rev < 6)
4384 hf |= B43_HF_VCORECALC;
4386 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4387 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4388 #ifdef CONFIG_SSB_DRIVER_PCICORE
4389 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4390 (bus->pcicore.dev->id.revision <= 10))
4391 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4393 hf &= ~B43_HF_SKCFPUP;
4394 b43_hf_write(dev, hf);
4396 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4397 B43_DEFAULT_LONG_RETRY_LIMIT);
4398 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4399 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4401 /* Disable sending probe responses from firmware.
4402 * Setting the MaxTime to one usec will always trigger
4403 * a timeout, so we never send any probe resp.
4404 * A timeout of zero is infinite. */
4405 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4407 b43_rate_memory_init(dev);
4408 b43_set_phytxctl_defaults(dev);
4410 /* Minimum Contention Window */
4411 if (phy->type == B43_PHYTYPE_B)
4412 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4414 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4415 /* Maximum Contention Window */
4416 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4418 if (b43_bus_host_is_pcmcia(dev->dev) ||
4419 b43_bus_host_is_sdio(dev->dev) ||
4421 dev->__using_pio_transfers = 1;
4422 err = b43_pio_init(dev);
4424 dev->__using_pio_transfers = 0;
4425 err = b43_dma_init(dev);
4430 b43_set_synth_pu_delay(dev, 1);
4431 b43_bluetooth_coext_enable(dev);
4433 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4434 b43_upload_card_macaddress(dev);
4435 b43_security_init(dev);
4437 ieee80211_wake_queues(dev->wl->hw);
4439 b43_set_status(dev, B43_STAT_INITIALIZED);
4441 /* Register HW RNG driver */
4442 b43_rng_init(dev->wl);
4450 b43_bus_may_powerdown(dev);
4451 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4455 static int b43_op_add_interface(struct ieee80211_hw *hw,
4456 struct ieee80211_vif *vif)
4458 struct b43_wl *wl = hw_to_b43_wl(hw);
4459 struct b43_wldev *dev;
4460 int err = -EOPNOTSUPP;
4462 /* TODO: allow WDS/AP devices to coexist */
4464 if (vif->type != NL80211_IFTYPE_AP &&
4465 vif->type != NL80211_IFTYPE_MESH_POINT &&
4466 vif->type != NL80211_IFTYPE_STATION &&
4467 vif->type != NL80211_IFTYPE_WDS &&
4468 vif->type != NL80211_IFTYPE_ADHOC)
4471 mutex_lock(&wl->mutex);
4473 goto out_mutex_unlock;
4475 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4477 dev = wl->current_dev;
4480 wl->if_type = vif->type;
4481 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4483 b43_adjust_opmode(dev);
4484 b43_set_pretbtt(dev);
4485 b43_set_synth_pu_delay(dev, 0);
4486 b43_upload_card_macaddress(dev);
4490 mutex_unlock(&wl->mutex);
4495 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4496 struct ieee80211_vif *vif)
4498 struct b43_wl *wl = hw_to_b43_wl(hw);
4499 struct b43_wldev *dev = wl->current_dev;
4501 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4503 mutex_lock(&wl->mutex);
4505 B43_WARN_ON(!wl->operating);
4506 B43_WARN_ON(wl->vif != vif);
4511 b43_adjust_opmode(dev);
4512 memset(wl->mac_addr, 0, ETH_ALEN);
4513 b43_upload_card_macaddress(dev);
4515 mutex_unlock(&wl->mutex);
4518 static int b43_op_start(struct ieee80211_hw *hw)
4520 struct b43_wl *wl = hw_to_b43_wl(hw);
4521 struct b43_wldev *dev = wl->current_dev;
4525 /* Kill all old instance specific information to make sure
4526 * the card won't use it in the short timeframe between start
4527 * and mac80211 reconfiguring it. */
4528 memset(wl->bssid, 0, ETH_ALEN);
4529 memset(wl->mac_addr, 0, ETH_ALEN);
4530 wl->filter_flags = 0;
4531 wl->radiotap_enabled = 0;
4533 wl->beacon0_uploaded = 0;
4534 wl->beacon1_uploaded = 0;
4535 wl->beacon_templates_virgin = 1;
4536 wl->radio_enabled = 1;
4538 mutex_lock(&wl->mutex);
4540 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4541 err = b43_wireless_core_init(dev);
4543 goto out_mutex_unlock;
4547 if (b43_status(dev) < B43_STAT_STARTED) {
4548 err = b43_wireless_core_start(dev);
4551 b43_wireless_core_exit(dev);
4552 goto out_mutex_unlock;
4556 /* XXX: only do if device doesn't support rfkill irq */
4557 wiphy_rfkill_start_polling(hw->wiphy);
4560 mutex_unlock(&wl->mutex);
4565 static void b43_op_stop(struct ieee80211_hw *hw)
4567 struct b43_wl *wl = hw_to_b43_wl(hw);
4568 struct b43_wldev *dev = wl->current_dev;
4570 cancel_work_sync(&(wl->beacon_update_trigger));
4572 mutex_lock(&wl->mutex);
4573 if (b43_status(dev) >= B43_STAT_STARTED) {
4574 dev = b43_wireless_core_stop(dev);
4578 b43_wireless_core_exit(dev);
4579 wl->radio_enabled = 0;
4582 mutex_unlock(&wl->mutex);
4584 cancel_work_sync(&(wl->txpower_adjust_work));
4587 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4588 struct ieee80211_sta *sta, bool set)
4590 struct b43_wl *wl = hw_to_b43_wl(hw);
4592 /* FIXME: add locking */
4593 b43_update_templates(wl);
4598 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4599 struct ieee80211_vif *vif,
4600 enum sta_notify_cmd notify_cmd,
4601 struct ieee80211_sta *sta)
4603 struct b43_wl *wl = hw_to_b43_wl(hw);
4605 B43_WARN_ON(!vif || wl->vif != vif);
4608 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4610 struct b43_wl *wl = hw_to_b43_wl(hw);
4611 struct b43_wldev *dev;
4613 mutex_lock(&wl->mutex);
4614 dev = wl->current_dev;
4615 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4616 /* Disable CFP update during scan on other channels. */
4617 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4619 mutex_unlock(&wl->mutex);
4622 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4624 struct b43_wl *wl = hw_to_b43_wl(hw);
4625 struct b43_wldev *dev;
4627 mutex_lock(&wl->mutex);
4628 dev = wl->current_dev;
4629 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4630 /* Re-enable CFP update. */
4631 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4633 mutex_unlock(&wl->mutex);
4636 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
4637 struct survey_info *survey)
4639 struct b43_wl *wl = hw_to_b43_wl(hw);
4640 struct b43_wldev *dev = wl->current_dev;
4641 struct ieee80211_conf *conf = &hw->conf;
4646 survey->channel = conf->channel;
4647 survey->filled = SURVEY_INFO_NOISE_DBM;
4648 survey->noise = dev->stats.link_noise;
4653 static const struct ieee80211_ops b43_hw_ops = {
4655 .conf_tx = b43_op_conf_tx,
4656 .add_interface = b43_op_add_interface,
4657 .remove_interface = b43_op_remove_interface,
4658 .config = b43_op_config,
4659 .bss_info_changed = b43_op_bss_info_changed,
4660 .configure_filter = b43_op_configure_filter,
4661 .set_key = b43_op_set_key,
4662 .update_tkip_key = b43_op_update_tkip_key,
4663 .get_stats = b43_op_get_stats,
4664 .get_tsf = b43_op_get_tsf,
4665 .set_tsf = b43_op_set_tsf,
4666 .start = b43_op_start,
4667 .stop = b43_op_stop,
4668 .set_tim = b43_op_beacon_set_tim,
4669 .sta_notify = b43_op_sta_notify,
4670 .sw_scan_start = b43_op_sw_scan_start_notifier,
4671 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4672 .get_survey = b43_op_get_survey,
4673 .rfkill_poll = b43_rfkill_poll,
4676 /* Hard-reset the chip. Do not call this directly.
4677 * Use b43_controller_restart()
4679 static void b43_chip_reset(struct work_struct *work)
4681 struct b43_wldev *dev =
4682 container_of(work, struct b43_wldev, restart_work);
4683 struct b43_wl *wl = dev->wl;
4687 mutex_lock(&wl->mutex);
4689 prev_status = b43_status(dev);
4690 /* Bring the device down... */
4691 if (prev_status >= B43_STAT_STARTED) {
4692 dev = b43_wireless_core_stop(dev);
4698 if (prev_status >= B43_STAT_INITIALIZED)
4699 b43_wireless_core_exit(dev);
4701 /* ...and up again. */
4702 if (prev_status >= B43_STAT_INITIALIZED) {
4703 err = b43_wireless_core_init(dev);
4707 if (prev_status >= B43_STAT_STARTED) {
4708 err = b43_wireless_core_start(dev);
4710 b43_wireless_core_exit(dev);
4716 wl->current_dev = NULL; /* Failed to init the dev. */
4717 mutex_unlock(&wl->mutex);
4719 b43err(wl, "Controller restart FAILED\n");
4721 b43info(wl, "Controller restarted\n");
4724 static int b43_setup_bands(struct b43_wldev *dev,
4725 bool have_2ghz_phy, bool have_5ghz_phy)
4727 struct ieee80211_hw *hw = dev->wl->hw;
4730 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4731 if (dev->phy.type == B43_PHYTYPE_N) {
4733 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4736 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4739 dev->phy.supports_2ghz = have_2ghz_phy;
4740 dev->phy.supports_5ghz = have_5ghz_phy;
4745 static void b43_wireless_core_detach(struct b43_wldev *dev)
4747 /* We release firmware that late to not be required to re-request
4748 * is all the time when we reinit the core. */
4749 b43_release_firmware(dev);
4753 static int b43_wireless_core_attach(struct b43_wldev *dev)
4755 struct b43_wl *wl = dev->wl;
4756 struct ssb_bus *bus = dev->sdev->bus;
4757 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL;
4759 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4761 /* Do NOT do any device initialization here.
4762 * Do it in wireless_core_init() instead.
4763 * This function is for gathering basic information about the HW, only.
4764 * Also some structs may be set up here. But most likely you want to have
4765 * that in core_init(), too.
4768 err = b43_bus_powerup(dev, 0);
4770 b43err(wl, "Bus powerup failed\n");
4773 /* Get the PHY type. */
4774 if (dev->dev->core_rev >= 5) {
4777 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
4778 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4779 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4783 dev->phy.gmode = have_2ghz_phy;
4784 dev->phy.radio_on = 1;
4785 b43_wireless_core_reset(dev, dev->phy.gmode);
4787 err = b43_phy_versioning(dev);
4790 /* Check if this device supports multiband. */
4792 (pdev->device != 0x4312 &&
4793 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4794 /* No multiband support. */
4797 switch (dev->phy.type) {
4801 case B43_PHYTYPE_LP: //FIXME not always!
4802 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4813 if (dev->phy.type == B43_PHYTYPE_A) {
4815 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4819 if (1 /* disable A-PHY */) {
4820 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4821 if (dev->phy.type != B43_PHYTYPE_N &&
4822 dev->phy.type != B43_PHYTYPE_LP) {
4828 err = b43_phy_allocate(dev);
4832 dev->phy.gmode = have_2ghz_phy;
4833 b43_wireless_core_reset(dev, dev->phy.gmode);
4835 err = b43_validate_chipaccess(dev);
4838 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4842 /* Now set some default "current_dev" */
4843 if (!wl->current_dev)
4844 wl->current_dev = dev;
4845 INIT_WORK(&dev->restart_work, b43_chip_reset);
4847 dev->phy.ops->switch_analog(dev, 0);
4848 b43_device_disable(dev, 0);
4849 b43_bus_may_powerdown(dev);
4857 b43_bus_may_powerdown(dev);
4861 static void b43_one_core_detach(struct b43_bus_dev *dev)
4863 struct b43_wldev *wldev;
4866 /* Do not cancel ieee80211-workqueue based work here.
4867 * See comment in b43_remove(). */
4869 wldev = ssb_get_drvdata(dev->sdev);
4871 b43_debugfs_remove_device(wldev);
4872 b43_wireless_core_detach(wldev);
4873 list_del(&wldev->list);
4875 ssb_set_drvdata(dev->sdev, NULL);
4879 static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl)
4881 struct b43_wldev *wldev;
4884 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4888 wldev->use_pio = b43_modparam_pio;
4890 wldev->sdev = dev->sdev; /* TODO: Remove when not needed */
4892 b43_set_status(wldev, B43_STAT_UNINIT);
4893 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4894 INIT_LIST_HEAD(&wldev->list);
4896 err = b43_wireless_core_attach(wldev);
4898 goto err_kfree_wldev;
4900 list_add(&wldev->list, &wl->devlist);
4902 ssb_set_drvdata(dev->sdev, wldev);
4903 b43_debugfs_add_device(wldev);
4913 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4914 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4915 (pdev->device == _device) && \
4916 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4917 (pdev->subsystem_device == _subdevice) )
4919 static void b43_sprom_fixup(struct ssb_bus *bus)
4921 struct pci_dev *pdev;
4923 /* boardflags workarounds */
4924 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4925 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4926 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4927 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4928 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4929 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4930 if (bus->bustype == SSB_BUSTYPE_PCI) {
4931 pdev = bus->host_pci;
4932 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4933 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4934 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4935 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4936 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4937 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4938 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4939 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4943 static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl)
4945 struct ieee80211_hw *hw = wl->hw;
4947 ssb_set_devtypedata(dev->sdev, NULL);
4948 ieee80211_free_hw(hw);
4951 static struct b43_wl *b43_wireless_init(struct ssb_device *dev)
4953 struct ssb_sprom *sprom = &dev->bus->sprom;
4954 struct ieee80211_hw *hw;
4957 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4959 b43err(NULL, "Could not allocate ieee80211 device\n");
4960 return ERR_PTR(-ENOMEM);
4962 wl = hw_to_b43_wl(hw);
4965 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4966 IEEE80211_HW_SIGNAL_DBM;
4968 hw->wiphy->interface_modes =
4969 BIT(NL80211_IFTYPE_AP) |
4970 BIT(NL80211_IFTYPE_MESH_POINT) |
4971 BIT(NL80211_IFTYPE_STATION) |
4972 BIT(NL80211_IFTYPE_WDS) |
4973 BIT(NL80211_IFTYPE_ADHOC);
4975 hw->queues = modparam_qos ? 4 : 1;
4976 wl->mac80211_initially_registered_queues = hw->queues;
4978 SET_IEEE80211_DEV(hw, dev->dev);
4979 if (is_valid_ether_addr(sprom->et1mac))
4980 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4982 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4984 /* Initialize struct b43_wl */
4986 mutex_init(&wl->mutex);
4987 spin_lock_init(&wl->hardirq_lock);
4988 INIT_LIST_HEAD(&wl->devlist);
4989 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4990 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4991 INIT_WORK(&wl->tx_work, b43_tx_work);
4992 skb_queue_head_init(&wl->tx_queue);
4994 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
4995 dev->bus->chip_id, dev->id.revision);
4999 #ifdef CONFIG_B43_BCMA
5000 static int b43_bcma_probe(struct bcma_device *core)
5002 b43err(NULL, "BCMA is not supported yet!");
5006 static void b43_bcma_remove(struct bcma_device *core)
5011 static struct bcma_driver b43_bcma_driver = {
5012 .name = KBUILD_MODNAME,
5013 .id_table = b43_bcma_tbl,
5014 .probe = b43_bcma_probe,
5015 .remove = b43_bcma_remove,
5020 int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id)
5022 struct b43_bus_dev *dev;
5027 dev = b43_bus_dev_ssb_init(sdev);
5029 wl = ssb_get_devtypedata(sdev);
5031 /* Probing the first core. Must setup common struct b43_wl */
5033 b43_sprom_fixup(sdev->bus);
5034 wl = b43_wireless_init(sdev);
5039 ssb_set_devtypedata(sdev, wl);
5040 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl);
5042 err = b43_one_core_attach(dev, wl);
5044 goto err_wireless_exit;
5047 err = ieee80211_register_hw(wl->hw);
5049 goto err_one_core_detach;
5050 b43_leds_register(wl->current_dev);
5056 err_one_core_detach:
5057 b43_one_core_detach(dev);
5060 b43_wireless_exit(dev, wl);
5064 static void b43_ssb_remove(struct ssb_device *sdev)
5066 struct b43_wl *wl = ssb_get_devtypedata(sdev);
5067 struct b43_wldev *wldev = ssb_get_drvdata(sdev);
5069 /* We must cancel any work here before unregistering from ieee80211,
5070 * as the ieee80211 unreg will destroy the workqueue. */
5071 cancel_work_sync(&wldev->restart_work);
5074 if (wl->current_dev == wldev) {
5075 /* Restore the queues count before unregistering, because firmware detect
5076 * might have modified it. Restoring is important, so the networking
5077 * stack can properly free resources. */
5078 wl->hw->queues = wl->mac80211_initially_registered_queues;
5079 b43_leds_stop(wldev);
5080 ieee80211_unregister_hw(wl->hw);
5083 b43_one_core_detach(wldev->dev);
5085 if (list_empty(&wl->devlist)) {
5086 b43_leds_unregister(wl);
5087 /* Last core on the chip unregistered.
5088 * We can destroy common struct b43_wl.
5090 b43_wireless_exit(wldev->dev, wl);
5094 /* Perform a hardware reset. This can be called from any context. */
5095 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5097 /* Must avoid requeueing, if we are in shutdown. */
5098 if (b43_status(dev) < B43_STAT_INITIALIZED)
5100 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5101 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5104 static struct ssb_driver b43_ssb_driver = {
5105 .name = KBUILD_MODNAME,
5106 .id_table = b43_ssb_tbl,
5107 .probe = b43_ssb_probe,
5108 .remove = b43_ssb_remove,
5111 static void b43_print_driverinfo(void)
5113 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5114 *feat_leds = "", *feat_sdio = "";
5116 #ifdef CONFIG_B43_PCI_AUTOSELECT
5119 #ifdef CONFIG_B43_PCMCIA
5122 #ifdef CONFIG_B43_PHY_N
5125 #ifdef CONFIG_B43_LEDS
5128 #ifdef CONFIG_B43_SDIO
5131 printk(KERN_INFO "Broadcom 43xx driver loaded "
5132 "[ Features: %s%s%s%s%s, Firmware-ID: "
5133 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5134 feat_pci, feat_pcmcia, feat_nphy,
5135 feat_leds, feat_sdio);
5138 static int __init b43_init(void)
5143 err = b43_pcmcia_init();
5146 err = b43_sdio_init();
5148 goto err_pcmcia_exit;
5149 #ifdef CONFIG_B43_BCMA
5150 err = bcma_driver_register(&b43_bcma_driver);
5154 err = ssb_driver_register(&b43_ssb_driver);
5156 goto err_bcma_driver_exit;
5157 b43_print_driverinfo();
5161 err_bcma_driver_exit:
5162 #ifdef CONFIG_B43_BCMA
5163 bcma_driver_unregister(&b43_bcma_driver);
5174 static void __exit b43_exit(void)
5176 ssb_driver_unregister(&b43_ssb_driver);
5177 #ifdef CONFIG_B43_BCMA
5178 bcma_driver_unregister(&b43_bcma_driver);
5185 module_init(b43_init)
5186 module_exit(b43_exit)
git.openpandora.org / pandora-kernel.git / blob