3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14 Some parts of the code in this file are derived from the ipw2200
15 driver Copyright(c) 2003 - 2004 Intel Corporation.
17 This program is free software; you can redistribute it and/or modify
18 it under the terms of the GNU General Public License as published by
19 the Free Software Foundation; either version 2 of the License, or
20 (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; see the file COPYING. If not, write to
29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
30 Boston, MA 02110-1301, USA.
34 #include <linux/delay.h>
35 #include <linux/init.h>
36 #include <linux/moduleparam.h>
37 #include <linux/if_arp.h>
38 #include <linux/etherdevice.h>
39 #include <linux/firmware.h>
40 #include <linux/wireless.h>
41 #include <linux/workqueue.h>
42 #include <linux/skbuff.h>
44 #include <linux/dma-mapping.h>
45 #include <linux/slab.h>
46 #include <asm/unaligned.h>
51 #include "phy_common.h"
61 #include <linux/mmc/sdio_func.h>
63 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64 MODULE_AUTHOR("Martin Langer");
65 MODULE_AUTHOR("Stefano Brivio");
66 MODULE_AUTHOR("Michael Buesch");
67 MODULE_AUTHOR("Gábor Stefanik");
68 MODULE_LICENSE("GPL");
70 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
71 MODULE_FIRMWARE("b43/ucode11.fw");
72 MODULE_FIRMWARE("b43/ucode13.fw");
73 MODULE_FIRMWARE("b43/ucode14.fw");
74 MODULE_FIRMWARE("b43/ucode15.fw");
75 MODULE_FIRMWARE("b43/ucode16_mimo.fw");
76 MODULE_FIRMWARE("b43/ucode5.fw");
77 MODULE_FIRMWARE("b43/ucode9.fw");
79 static int modparam_bad_frames_preempt;
80 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
81 MODULE_PARM_DESC(bad_frames_preempt,
82 "enable(1) / disable(0) Bad Frames Preemption");
84 static char modparam_fwpostfix[16];
85 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
86 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
88 static int modparam_hwpctl;
89 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
90 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
92 static int modparam_nohwcrypt;
93 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
94 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
96 static int modparam_hwtkip;
97 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
98 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
100 static int modparam_qos = 1;
101 module_param_named(qos, modparam_qos, int, 0444);
102 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
104 static int modparam_btcoex = 1;
105 module_param_named(btcoex, modparam_btcoex, int, 0444);
106 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
108 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
109 module_param_named(verbose, b43_modparam_verbose, int, 0644);
110 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
112 static int b43_modparam_pio = B43_PIO_DEFAULT;
113 module_param_named(pio, b43_modparam_pio, int, 0644);
114 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
116 #ifdef CONFIG_B43_BCMA
117 static const struct bcma_device_id b43_bcma_tbl[] = {
118 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS),
119 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS),
120 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS),
123 MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl);
126 #ifdef CONFIG_B43_SSB
127 static const struct ssb_device_id b43_ssb_tbl[] = {
128 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
129 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
130 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
131 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
132 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
133 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
134 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
135 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
136 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
137 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
140 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
143 /* Channel and ratetables are shared for all devices.
144 * They can't be const, because ieee80211 puts some precalculated
145 * data in there. This data is the same for all devices, so we don't
146 * get concurrency issues */
147 #define RATETAB_ENT(_rateid, _flags) \
149 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
150 .hw_value = (_rateid), \
155 * NOTE: When changing this, sync with xmit.c's
156 * b43_plcp_get_bitrate_idx_* functions!
158 static struct ieee80211_rate __b43_ratetable[] = {
159 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
160 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
161 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
162 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
163 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
164 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
165 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
166 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
167 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
168 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
169 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
170 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
173 #define b43_a_ratetable (__b43_ratetable + 4)
174 #define b43_a_ratetable_size 8
175 #define b43_b_ratetable (__b43_ratetable + 0)
176 #define b43_b_ratetable_size 4
177 #define b43_g_ratetable (__b43_ratetable + 0)
178 #define b43_g_ratetable_size 12
180 #define CHAN4G(_channel, _freq, _flags) { \
181 .band = IEEE80211_BAND_2GHZ, \
182 .center_freq = (_freq), \
183 .hw_value = (_channel), \
185 .max_antenna_gain = 0, \
188 static struct ieee80211_channel b43_2ghz_chantable[] = {
206 #define CHAN5G(_channel, _flags) { \
207 .band = IEEE80211_BAND_5GHZ, \
208 .center_freq = 5000 + (5 * (_channel)), \
209 .hw_value = (_channel), \
211 .max_antenna_gain = 0, \
214 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
215 CHAN5G(32, 0), CHAN5G(34, 0),
216 CHAN5G(36, 0), CHAN5G(38, 0),
217 CHAN5G(40, 0), CHAN5G(42, 0),
218 CHAN5G(44, 0), CHAN5G(46, 0),
219 CHAN5G(48, 0), CHAN5G(50, 0),
220 CHAN5G(52, 0), CHAN5G(54, 0),
221 CHAN5G(56, 0), CHAN5G(58, 0),
222 CHAN5G(60, 0), CHAN5G(62, 0),
223 CHAN5G(64, 0), CHAN5G(66, 0),
224 CHAN5G(68, 0), CHAN5G(70, 0),
225 CHAN5G(72, 0), CHAN5G(74, 0),
226 CHAN5G(76, 0), CHAN5G(78, 0),
227 CHAN5G(80, 0), CHAN5G(82, 0),
228 CHAN5G(84, 0), CHAN5G(86, 0),
229 CHAN5G(88, 0), CHAN5G(90, 0),
230 CHAN5G(92, 0), CHAN5G(94, 0),
231 CHAN5G(96, 0), CHAN5G(98, 0),
232 CHAN5G(100, 0), CHAN5G(102, 0),
233 CHAN5G(104, 0), CHAN5G(106, 0),
234 CHAN5G(108, 0), CHAN5G(110, 0),
235 CHAN5G(112, 0), CHAN5G(114, 0),
236 CHAN5G(116, 0), CHAN5G(118, 0),
237 CHAN5G(120, 0), CHAN5G(122, 0),
238 CHAN5G(124, 0), CHAN5G(126, 0),
239 CHAN5G(128, 0), CHAN5G(130, 0),
240 CHAN5G(132, 0), CHAN5G(134, 0),
241 CHAN5G(136, 0), CHAN5G(138, 0),
242 CHAN5G(140, 0), CHAN5G(142, 0),
243 CHAN5G(144, 0), CHAN5G(145, 0),
244 CHAN5G(146, 0), CHAN5G(147, 0),
245 CHAN5G(148, 0), CHAN5G(149, 0),
246 CHAN5G(150, 0), CHAN5G(151, 0),
247 CHAN5G(152, 0), CHAN5G(153, 0),
248 CHAN5G(154, 0), CHAN5G(155, 0),
249 CHAN5G(156, 0), CHAN5G(157, 0),
250 CHAN5G(158, 0), CHAN5G(159, 0),
251 CHAN5G(160, 0), CHAN5G(161, 0),
252 CHAN5G(162, 0), CHAN5G(163, 0),
253 CHAN5G(164, 0), CHAN5G(165, 0),
254 CHAN5G(166, 0), CHAN5G(168, 0),
255 CHAN5G(170, 0), CHAN5G(172, 0),
256 CHAN5G(174, 0), CHAN5G(176, 0),
257 CHAN5G(178, 0), CHAN5G(180, 0),
258 CHAN5G(182, 0), CHAN5G(184, 0),
259 CHAN5G(186, 0), CHAN5G(188, 0),
260 CHAN5G(190, 0), CHAN5G(192, 0),
261 CHAN5G(194, 0), CHAN5G(196, 0),
262 CHAN5G(198, 0), CHAN5G(200, 0),
263 CHAN5G(202, 0), CHAN5G(204, 0),
264 CHAN5G(206, 0), CHAN5G(208, 0),
265 CHAN5G(210, 0), CHAN5G(212, 0),
266 CHAN5G(214, 0), CHAN5G(216, 0),
267 CHAN5G(218, 0), CHAN5G(220, 0),
268 CHAN5G(222, 0), CHAN5G(224, 0),
269 CHAN5G(226, 0), CHAN5G(228, 0),
272 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
273 CHAN5G(34, 0), CHAN5G(36, 0),
274 CHAN5G(38, 0), CHAN5G(40, 0),
275 CHAN5G(42, 0), CHAN5G(44, 0),
276 CHAN5G(46, 0), CHAN5G(48, 0),
277 CHAN5G(52, 0), CHAN5G(56, 0),
278 CHAN5G(60, 0), CHAN5G(64, 0),
279 CHAN5G(100, 0), CHAN5G(104, 0),
280 CHAN5G(108, 0), CHAN5G(112, 0),
281 CHAN5G(116, 0), CHAN5G(120, 0),
282 CHAN5G(124, 0), CHAN5G(128, 0),
283 CHAN5G(132, 0), CHAN5G(136, 0),
284 CHAN5G(140, 0), CHAN5G(149, 0),
285 CHAN5G(153, 0), CHAN5G(157, 0),
286 CHAN5G(161, 0), CHAN5G(165, 0),
287 CHAN5G(184, 0), CHAN5G(188, 0),
288 CHAN5G(192, 0), CHAN5G(196, 0),
289 CHAN5G(200, 0), CHAN5G(204, 0),
290 CHAN5G(208, 0), CHAN5G(212, 0),
295 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
296 .band = IEEE80211_BAND_5GHZ,
297 .channels = b43_5ghz_nphy_chantable,
298 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
299 .bitrates = b43_a_ratetable,
300 .n_bitrates = b43_a_ratetable_size,
303 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
304 .band = IEEE80211_BAND_5GHZ,
305 .channels = b43_5ghz_aphy_chantable,
306 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
307 .bitrates = b43_a_ratetable,
308 .n_bitrates = b43_a_ratetable_size,
311 static struct ieee80211_supported_band b43_band_2GHz = {
312 .band = IEEE80211_BAND_2GHZ,
313 .channels = b43_2ghz_chantable,
314 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
315 .bitrates = b43_g_ratetable,
316 .n_bitrates = b43_g_ratetable_size,
319 static void b43_wireless_core_exit(struct b43_wldev *dev);
320 static int b43_wireless_core_init(struct b43_wldev *dev);
321 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
322 static int b43_wireless_core_start(struct b43_wldev *dev);
324 static int b43_ratelimit(struct b43_wl *wl)
326 if (!wl || !wl->current_dev)
328 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
330 /* We are up and running.
331 * Ratelimit the messages to avoid DoS over the net. */
332 return net_ratelimit();
335 void b43info(struct b43_wl *wl, const char *fmt, ...)
337 struct va_format vaf;
340 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
342 if (!b43_ratelimit(wl))
350 printk(KERN_INFO "b43-%s: %pV",
351 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
356 void b43err(struct b43_wl *wl, const char *fmt, ...)
358 struct va_format vaf;
361 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
363 if (!b43_ratelimit(wl))
371 printk(KERN_ERR "b43-%s ERROR: %pV",
372 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
377 void b43warn(struct b43_wl *wl, const char *fmt, ...)
379 struct va_format vaf;
382 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
384 if (!b43_ratelimit(wl))
392 printk(KERN_WARNING "b43-%s warning: %pV",
393 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
398 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
400 struct va_format vaf;
403 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
411 printk(KERN_DEBUG "b43-%s debug: %pV",
412 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
417 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
421 B43_WARN_ON(offset % 4 != 0);
423 macctl = b43_read32(dev, B43_MMIO_MACCTL);
424 if (macctl & B43_MACCTL_BE)
427 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
429 b43_write32(dev, B43_MMIO_RAM_DATA, val);
432 static inline void b43_shm_control_word(struct b43_wldev *dev,
433 u16 routing, u16 offset)
437 /* "offset" is the WORD offset. */
441 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
444 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
448 if (routing == B43_SHM_SHARED) {
449 B43_WARN_ON(offset & 0x0001);
450 if (offset & 0x0003) {
451 /* Unaligned access */
452 b43_shm_control_word(dev, routing, offset >> 2);
453 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
454 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
455 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
461 b43_shm_control_word(dev, routing, offset);
462 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
467 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
471 if (routing == B43_SHM_SHARED) {
472 B43_WARN_ON(offset & 0x0001);
473 if (offset & 0x0003) {
474 /* Unaligned access */
475 b43_shm_control_word(dev, routing, offset >> 2);
476 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
482 b43_shm_control_word(dev, routing, offset);
483 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
488 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
490 if (routing == B43_SHM_SHARED) {
491 B43_WARN_ON(offset & 0x0001);
492 if (offset & 0x0003) {
493 /* Unaligned access */
494 b43_shm_control_word(dev, routing, offset >> 2);
495 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
497 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
498 b43_write16(dev, B43_MMIO_SHM_DATA,
499 (value >> 16) & 0xFFFF);
504 b43_shm_control_word(dev, routing, offset);
505 b43_write32(dev, B43_MMIO_SHM_DATA, value);
508 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
510 if (routing == B43_SHM_SHARED) {
511 B43_WARN_ON(offset & 0x0001);
512 if (offset & 0x0003) {
513 /* Unaligned access */
514 b43_shm_control_word(dev, routing, offset >> 2);
515 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
520 b43_shm_control_word(dev, routing, offset);
521 b43_write16(dev, B43_MMIO_SHM_DATA, value);
525 u64 b43_hf_read(struct b43_wldev *dev)
529 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
531 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
533 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
538 /* Write HostFlags */
539 void b43_hf_write(struct b43_wldev *dev, u64 value)
543 lo = (value & 0x00000000FFFFULL);
544 mi = (value & 0x0000FFFF0000ULL) >> 16;
545 hi = (value & 0xFFFF00000000ULL) >> 32;
546 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
547 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
548 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
551 /* Read the firmware capabilities bitmask (Opensource firmware only) */
552 static u16 b43_fwcapa_read(struct b43_wldev *dev)
554 B43_WARN_ON(!dev->fw.opensource);
555 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
558 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
562 B43_WARN_ON(dev->dev->core_rev < 3);
564 /* The hardware guarantees us an atomic read, if we
565 * read the low register first. */
566 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
567 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
574 static void b43_time_lock(struct b43_wldev *dev)
578 macctl = b43_read32(dev, B43_MMIO_MACCTL);
579 macctl |= B43_MACCTL_TBTTHOLD;
580 b43_write32(dev, B43_MMIO_MACCTL, macctl);
581 /* Commit the write */
582 b43_read32(dev, B43_MMIO_MACCTL);
585 static void b43_time_unlock(struct b43_wldev *dev)
589 macctl = b43_read32(dev, B43_MMIO_MACCTL);
590 macctl &= ~B43_MACCTL_TBTTHOLD;
591 b43_write32(dev, B43_MMIO_MACCTL, macctl);
592 /* Commit the write */
593 b43_read32(dev, B43_MMIO_MACCTL);
596 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
600 B43_WARN_ON(dev->dev->core_rev < 3);
604 /* The hardware guarantees us an atomic write, if we
605 * write the low register first. */
606 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
608 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
612 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
615 b43_tsf_write_locked(dev, tsf);
616 b43_time_unlock(dev);
620 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
622 static const u8 zero_addr[ETH_ALEN] = { 0 };
629 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
633 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
636 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
639 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
642 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
646 u8 mac_bssid[ETH_ALEN * 2];
650 bssid = dev->wl->bssid;
651 mac = dev->wl->mac_addr;
653 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
655 memcpy(mac_bssid, mac, ETH_ALEN);
656 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
658 /* Write our MAC address and BSSID to template ram */
659 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
660 tmp = (u32) (mac_bssid[i + 0]);
661 tmp |= (u32) (mac_bssid[i + 1]) << 8;
662 tmp |= (u32) (mac_bssid[i + 2]) << 16;
663 tmp |= (u32) (mac_bssid[i + 3]) << 24;
664 b43_ram_write(dev, 0x20 + i, tmp);
668 static void b43_upload_card_macaddress(struct b43_wldev *dev)
670 b43_write_mac_bssid_templates(dev);
671 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
674 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
676 /* slot_time is in usec. */
677 /* This test used to exit for all but a G PHY. */
678 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
680 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
681 /* Shared memory location 0x0010 is the slot time and should be
682 * set to slot_time; however, this register is initially 0 and changing
683 * the value adversely affects the transmit rate for BCM4311
684 * devices. Until this behavior is unterstood, delete this step
686 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
690 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
692 b43_set_slot_time(dev, 9);
695 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
697 b43_set_slot_time(dev, 20);
700 /* DummyTransmission function, as documented on
701 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
703 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
705 struct b43_phy *phy = &dev->phy;
706 unsigned int i, max_loop;
718 buffer[0] = 0x000201CC;
721 buffer[0] = 0x000B846E;
724 for (i = 0; i < 5; i++)
725 b43_ram_write(dev, i * 4, buffer[i]);
727 b43_write16(dev, 0x0568, 0x0000);
728 if (dev->dev->core_rev < 11)
729 b43_write16(dev, 0x07C0, 0x0000);
731 b43_write16(dev, 0x07C0, 0x0100);
732 value = (ofdm ? 0x41 : 0x40);
733 b43_write16(dev, 0x050C, value);
734 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
735 b43_write16(dev, 0x0514, 0x1A02);
736 b43_write16(dev, 0x0508, 0x0000);
737 b43_write16(dev, 0x050A, 0x0000);
738 b43_write16(dev, 0x054C, 0x0000);
739 b43_write16(dev, 0x056A, 0x0014);
740 b43_write16(dev, 0x0568, 0x0826);
741 b43_write16(dev, 0x0500, 0x0000);
742 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
748 b43_write16(dev, 0x0502, 0x00D0);
751 b43_write16(dev, 0x0502, 0x0050);
754 b43_write16(dev, 0x0502, 0x0030);
757 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
758 b43_radio_write16(dev, 0x0051, 0x0017);
759 for (i = 0x00; i < max_loop; i++) {
760 value = b43_read16(dev, 0x050E);
765 for (i = 0x00; i < 0x0A; i++) {
766 value = b43_read16(dev, 0x050E);
771 for (i = 0x00; i < 0x19; i++) {
772 value = b43_read16(dev, 0x0690);
773 if (!(value & 0x0100))
777 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
778 b43_radio_write16(dev, 0x0051, 0x0037);
781 static void key_write(struct b43_wldev *dev,
782 u8 index, u8 algorithm, const u8 *key)
789 /* Key index/algo block */
790 kidx = b43_kidx_to_fw(dev, index);
791 value = ((kidx << 4) | algorithm);
792 b43_shm_write16(dev, B43_SHM_SHARED,
793 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
795 /* Write the key to the Key Table Pointer offset */
796 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
797 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
799 value |= (u16) (key[i + 1]) << 8;
800 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
804 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
806 u32 addrtmp[2] = { 0, 0, };
807 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
809 if (b43_new_kidx_api(dev))
810 pairwise_keys_start = B43_NR_GROUP_KEYS;
812 B43_WARN_ON(index < pairwise_keys_start);
813 /* We have four default TX keys and possibly four default RX keys.
814 * Physical mac 0 is mapped to physical key 4 or 8, depending
815 * on the firmware version.
816 * So we must adjust the index here.
818 index -= pairwise_keys_start;
819 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
822 addrtmp[0] = addr[0];
823 addrtmp[0] |= ((u32) (addr[1]) << 8);
824 addrtmp[0] |= ((u32) (addr[2]) << 16);
825 addrtmp[0] |= ((u32) (addr[3]) << 24);
826 addrtmp[1] = addr[4];
827 addrtmp[1] |= ((u32) (addr[5]) << 8);
830 /* Receive match transmitter address (RCMTA) mechanism */
831 b43_shm_write32(dev, B43_SHM_RCMTA,
832 (index * 2) + 0, addrtmp[0]);
833 b43_shm_write16(dev, B43_SHM_RCMTA,
834 (index * 2) + 1, addrtmp[1]);
837 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
838 * When a packet is received, the iv32 is checked.
839 * - if it doesn't the packet is returned without modification (and software
840 * decryption can be done). That's what happen when iv16 wrap.
841 * - if it does, the rc4 key is computed, and decryption is tried.
842 * Either it will success and B43_RX_MAC_DEC is returned,
843 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
844 * and the packet is not usable (it got modified by the ucode).
845 * So in order to never have B43_RX_MAC_DECERR, we should provide
846 * a iv32 and phase1key that match. Because we drop packets in case of
847 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
848 * packets will be lost without higher layer knowing (ie no resync possible
851 * NOTE : this should support 50 key like RCMTA because
852 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
854 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
859 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
861 if (!modparam_hwtkip)
864 if (b43_new_kidx_api(dev))
865 pairwise_keys_start = B43_NR_GROUP_KEYS;
867 B43_WARN_ON(index < pairwise_keys_start);
868 /* We have four default TX keys and possibly four default RX keys.
869 * Physical mac 0 is mapped to physical key 4 or 8, depending
870 * on the firmware version.
871 * So we must adjust the index here.
873 index -= pairwise_keys_start;
874 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
876 if (b43_debug(dev, B43_DBG_KEYS)) {
877 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
880 /* Write the key to the RX tkip shared mem */
881 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
882 for (i = 0; i < 10; i += 2) {
883 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
884 phase1key ? phase1key[i / 2] : 0);
886 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
887 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
890 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
891 struct ieee80211_vif *vif,
892 struct ieee80211_key_conf *keyconf,
893 struct ieee80211_sta *sta,
894 u32 iv32, u16 *phase1key)
896 struct b43_wl *wl = hw_to_b43_wl(hw);
897 struct b43_wldev *dev;
898 int index = keyconf->hw_key_idx;
900 if (B43_WARN_ON(!modparam_hwtkip))
903 /* This is only called from the RX path through mac80211, where
904 * our mutex is already locked. */
905 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
906 dev = wl->current_dev;
907 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
909 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
911 rx_tkip_phase1_write(dev, index, iv32, phase1key);
912 /* only pairwise TKIP keys are supported right now */
915 keymac_write(dev, index, sta->addr);
918 static void do_key_write(struct b43_wldev *dev,
919 u8 index, u8 algorithm,
920 const u8 *key, size_t key_len, const u8 *mac_addr)
922 u8 buf[B43_SEC_KEYSIZE] = { 0, };
923 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
925 if (b43_new_kidx_api(dev))
926 pairwise_keys_start = B43_NR_GROUP_KEYS;
928 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
929 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
931 if (index >= pairwise_keys_start)
932 keymac_write(dev, index, NULL); /* First zero out mac. */
933 if (algorithm == B43_SEC_ALGO_TKIP) {
935 * We should provide an initial iv32, phase1key pair.
936 * We could start with iv32=0 and compute the corresponding
937 * phase1key, but this means calling ieee80211_get_tkip_key
938 * with a fake skb (or export other tkip function).
939 * Because we are lazy we hope iv32 won't start with
940 * 0xffffffff and let's b43_op_update_tkip_key provide a
943 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
944 } else if (index >= pairwise_keys_start) /* clear it */
945 rx_tkip_phase1_write(dev, index, 0, NULL);
947 memcpy(buf, key, key_len);
948 key_write(dev, index, algorithm, buf);
949 if (index >= pairwise_keys_start)
950 keymac_write(dev, index, mac_addr);
952 dev->key[index].algorithm = algorithm;
955 static int b43_key_write(struct b43_wldev *dev,
956 int index, u8 algorithm,
957 const u8 *key, size_t key_len,
959 struct ieee80211_key_conf *keyconf)
962 int pairwise_keys_start;
964 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
965 * - Temporal Encryption Key (128 bits)
966 * - Temporal Authenticator Tx MIC Key (64 bits)
967 * - Temporal Authenticator Rx MIC Key (64 bits)
969 * Hardware only store TEK
971 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
973 if (key_len > B43_SEC_KEYSIZE)
975 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
976 /* Check that we don't already have this key. */
977 B43_WARN_ON(dev->key[i].keyconf == keyconf);
980 /* Pairwise key. Get an empty slot for the key. */
981 if (b43_new_kidx_api(dev))
982 pairwise_keys_start = B43_NR_GROUP_KEYS;
984 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
985 for (i = pairwise_keys_start;
986 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
988 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
989 if (!dev->key[i].keyconf) {
996 b43warn(dev->wl, "Out of hardware key memory\n");
1000 B43_WARN_ON(index > 3);
1002 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
1003 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1004 /* Default RX key */
1005 B43_WARN_ON(mac_addr);
1006 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
1008 keyconf->hw_key_idx = index;
1009 dev->key[index].keyconf = keyconf;
1014 static int b43_key_clear(struct b43_wldev *dev, int index)
1016 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1018 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1019 NULL, B43_SEC_KEYSIZE, NULL);
1020 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1021 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1022 NULL, B43_SEC_KEYSIZE, NULL);
1024 dev->key[index].keyconf = NULL;
1029 static void b43_clear_keys(struct b43_wldev *dev)
1033 if (b43_new_kidx_api(dev))
1034 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1036 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1037 for (i = 0; i < count; i++)
1038 b43_key_clear(dev, i);
1041 static void b43_dump_keymemory(struct b43_wldev *dev)
1043 unsigned int i, index, count, offset, pairwise_keys_start;
1049 struct b43_key *key;
1051 if (!b43_debug(dev, B43_DBG_KEYS))
1054 hf = b43_hf_read(dev);
1055 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1056 !!(hf & B43_HF_USEDEFKEYS));
1057 if (b43_new_kidx_api(dev)) {
1058 pairwise_keys_start = B43_NR_GROUP_KEYS;
1059 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1061 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1062 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1064 for (index = 0; index < count; index++) {
1065 key = &(dev->key[index]);
1066 printk(KERN_DEBUG "Key slot %02u: %s",
1067 index, (key->keyconf == NULL) ? " " : "*");
1068 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1069 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1070 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1071 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1074 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1075 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1076 printk(" Algo: %04X/%02X", algo, key->algorithm);
1078 if (index >= pairwise_keys_start) {
1079 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1081 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1082 for (i = 0; i < 14; i += 2) {
1083 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1084 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1087 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1088 ((index - pairwise_keys_start) * 2) + 0);
1089 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1090 ((index - pairwise_keys_start) * 2) + 1);
1091 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1092 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1093 printk(" MAC: %pM", mac);
1095 printk(" DEFAULT KEY");
1100 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1108 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1109 (ps_flags & B43_PS_DISABLED));
1110 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1112 if (ps_flags & B43_PS_ENABLED) {
1114 } else if (ps_flags & B43_PS_DISABLED) {
1117 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1118 // and thus is not an AP and we are associated, set bit 25
1120 if (ps_flags & B43_PS_AWAKE) {
1122 } else if (ps_flags & B43_PS_ASLEEP) {
1125 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1126 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1127 // successful, set bit26
1130 /* FIXME: For now we force awake-on and hwps-off */
1134 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1136 macctl |= B43_MACCTL_HWPS;
1138 macctl &= ~B43_MACCTL_HWPS;
1140 macctl |= B43_MACCTL_AWAKE;
1142 macctl &= ~B43_MACCTL_AWAKE;
1143 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1145 b43_read32(dev, B43_MMIO_MACCTL);
1146 if (awake && dev->dev->core_rev >= 5) {
1147 /* Wait for the microcode to wake up. */
1148 for (i = 0; i < 100; i++) {
1149 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1150 B43_SHM_SH_UCODESTAT);
1151 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1158 static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1160 struct ssb_device *sdev = dev->dev->sdev;
1165 flags |= B43_TMSLOW_GMODE;
1166 flags |= B43_TMSLOW_PHYCLKEN;
1167 flags |= B43_TMSLOW_PHYRESET;
1168 if (dev->phy.type == B43_PHYTYPE_N)
1169 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1170 b43_device_enable(dev, flags);
1171 msleep(2); /* Wait for the PLL to turn on. */
1173 /* Now take the PHY out of Reset again */
1174 tmslow = ssb_read32(sdev, SSB_TMSLOW);
1175 tmslow |= SSB_TMSLOW_FGC;
1176 tmslow &= ~B43_TMSLOW_PHYRESET;
1177 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1178 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1180 tmslow &= ~SSB_TMSLOW_FGC;
1181 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1182 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1186 void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1190 b43_ssb_wireless_core_reset(dev, gmode);
1192 /* Turn Analog ON, but only if we already know the PHY-type.
1193 * This protects against very early setup where we don't know the
1194 * PHY-type, yet. wireless_core_reset will be called once again later,
1195 * when we know the PHY-type. */
1197 dev->phy.ops->switch_analog(dev, 1);
1199 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1200 macctl &= ~B43_MACCTL_GMODE;
1202 macctl |= B43_MACCTL_GMODE;
1203 macctl |= B43_MACCTL_IHR_ENABLED;
1204 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1207 static void handle_irq_transmit_status(struct b43_wldev *dev)
1211 struct b43_txstatus stat;
1214 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1215 if (!(v0 & 0x00000001))
1217 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1219 stat.cookie = (v0 >> 16);
1220 stat.seq = (v1 & 0x0000FFFF);
1221 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1222 tmp = (v0 & 0x0000FFFF);
1223 stat.frame_count = ((tmp & 0xF000) >> 12);
1224 stat.rts_count = ((tmp & 0x0F00) >> 8);
1225 stat.supp_reason = ((tmp & 0x001C) >> 2);
1226 stat.pm_indicated = !!(tmp & 0x0080);
1227 stat.intermediate = !!(tmp & 0x0040);
1228 stat.for_ampdu = !!(tmp & 0x0020);
1229 stat.acked = !!(tmp & 0x0002);
1231 b43_handle_txstatus(dev, &stat);
1235 static void drain_txstatus_queue(struct b43_wldev *dev)
1239 if (dev->dev->core_rev < 5)
1241 /* Read all entries from the microcode TXstatus FIFO
1242 * and throw them away.
1245 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1246 if (!(dummy & 0x00000001))
1248 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1252 static u32 b43_jssi_read(struct b43_wldev *dev)
1256 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1258 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1263 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1265 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1266 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1269 static void b43_generate_noise_sample(struct b43_wldev *dev)
1271 b43_jssi_write(dev, 0x7F7F7F7F);
1272 b43_write32(dev, B43_MMIO_MACCMD,
1273 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1276 static void b43_calculate_link_quality(struct b43_wldev *dev)
1278 /* Top half of Link Quality calculation. */
1280 if (dev->phy.type != B43_PHYTYPE_G)
1282 if (dev->noisecalc.calculation_running)
1284 dev->noisecalc.calculation_running = 1;
1285 dev->noisecalc.nr_samples = 0;
1287 b43_generate_noise_sample(dev);
1290 static void handle_irq_noise(struct b43_wldev *dev)
1292 struct b43_phy_g *phy = dev->phy.g;
1298 /* Bottom half of Link Quality calculation. */
1300 if (dev->phy.type != B43_PHYTYPE_G)
1303 /* Possible race condition: It might be possible that the user
1304 * changed to a different channel in the meantime since we
1305 * started the calculation. We ignore that fact, since it's
1306 * not really that much of a problem. The background noise is
1307 * an estimation only anyway. Slightly wrong results will get damped
1308 * by the averaging of the 8 sample rounds. Additionally the
1309 * value is shortlived. So it will be replaced by the next noise
1310 * calculation round soon. */
1312 B43_WARN_ON(!dev->noisecalc.calculation_running);
1313 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1314 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1315 noise[2] == 0x7F || noise[3] == 0x7F)
1318 /* Get the noise samples. */
1319 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1320 i = dev->noisecalc.nr_samples;
1321 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1322 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1323 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1324 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1325 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1326 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1327 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1328 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1329 dev->noisecalc.nr_samples++;
1330 if (dev->noisecalc.nr_samples == 8) {
1331 /* Calculate the Link Quality by the noise samples. */
1333 for (i = 0; i < 8; i++) {
1334 for (j = 0; j < 4; j++)
1335 average += dev->noisecalc.samples[i][j];
1341 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1342 tmp = (tmp / 128) & 0x1F;
1352 dev->stats.link_noise = average;
1353 dev->noisecalc.calculation_running = 0;
1357 b43_generate_noise_sample(dev);
1360 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1362 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1365 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1366 b43_power_saving_ctl_bits(dev, 0);
1368 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1372 static void handle_irq_atim_end(struct b43_wldev *dev)
1374 if (dev->dfq_valid) {
1375 b43_write32(dev, B43_MMIO_MACCMD,
1376 b43_read32(dev, B43_MMIO_MACCMD)
1377 | B43_MACCMD_DFQ_VALID);
1382 static void handle_irq_pmq(struct b43_wldev *dev)
1389 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1390 if (!(tmp & 0x00000008))
1393 /* 16bit write is odd, but correct. */
1394 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1397 static void b43_write_template_common(struct b43_wldev *dev,
1398 const u8 *data, u16 size,
1400 u16 shm_size_offset, u8 rate)
1403 struct b43_plcp_hdr4 plcp;
1406 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1407 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1408 ram_offset += sizeof(u32);
1409 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1410 * So leave the first two bytes of the next write blank.
1412 tmp = (u32) (data[0]) << 16;
1413 tmp |= (u32) (data[1]) << 24;
1414 b43_ram_write(dev, ram_offset, tmp);
1415 ram_offset += sizeof(u32);
1416 for (i = 2; i < size; i += sizeof(u32)) {
1417 tmp = (u32) (data[i + 0]);
1419 tmp |= (u32) (data[i + 1]) << 8;
1421 tmp |= (u32) (data[i + 2]) << 16;
1423 tmp |= (u32) (data[i + 3]) << 24;
1424 b43_ram_write(dev, ram_offset + i - 2, tmp);
1426 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1427 size + sizeof(struct b43_plcp_hdr6));
1430 /* Check if the use of the antenna that ieee80211 told us to
1431 * use is possible. This will fall back to DEFAULT.
1432 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1433 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1438 if (antenna_nr == 0) {
1439 /* Zero means "use default antenna". That's always OK. */
1443 /* Get the mask of available antennas. */
1445 antenna_mask = dev->dev->bus_sprom->ant_available_bg;
1447 antenna_mask = dev->dev->bus_sprom->ant_available_a;
1449 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1450 /* This antenna is not available. Fall back to default. */
1457 /* Convert a b43 antenna number value to the PHY TX control value. */
1458 static u16 b43_antenna_to_phyctl(int antenna)
1462 return B43_TXH_PHY_ANT0;
1464 return B43_TXH_PHY_ANT1;
1466 return B43_TXH_PHY_ANT2;
1468 return B43_TXH_PHY_ANT3;
1469 case B43_ANTENNA_AUTO0:
1470 case B43_ANTENNA_AUTO1:
1471 return B43_TXH_PHY_ANT01AUTO;
1477 static void b43_write_beacon_template(struct b43_wldev *dev,
1479 u16 shm_size_offset)
1481 unsigned int i, len, variable_len;
1482 const struct ieee80211_mgmt *bcn;
1488 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1490 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1491 len = min((size_t) dev->wl->current_beacon->len,
1492 0x200 - sizeof(struct b43_plcp_hdr6));
1493 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1495 b43_write_template_common(dev, (const u8 *)bcn,
1496 len, ram_offset, shm_size_offset, rate);
1498 /* Write the PHY TX control parameters. */
1499 antenna = B43_ANTENNA_DEFAULT;
1500 antenna = b43_antenna_to_phyctl(antenna);
1501 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1502 /* We can't send beacons with short preamble. Would get PHY errors. */
1503 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1504 ctl &= ~B43_TXH_PHY_ANT;
1505 ctl &= ~B43_TXH_PHY_ENC;
1507 if (b43_is_cck_rate(rate))
1508 ctl |= B43_TXH_PHY_ENC_CCK;
1510 ctl |= B43_TXH_PHY_ENC_OFDM;
1511 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1513 /* Find the position of the TIM and the DTIM_period value
1514 * and write them to SHM. */
1515 ie = bcn->u.beacon.variable;
1516 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1517 for (i = 0; i < variable_len - 2; ) {
1518 uint8_t ie_id, ie_len;
1525 /* This is the TIM Information Element */
1527 /* Check whether the ie_len is in the beacon data range. */
1528 if (variable_len < ie_len + 2 + i)
1530 /* A valid TIM is at least 4 bytes long. */
1535 tim_position = sizeof(struct b43_plcp_hdr6);
1536 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1539 dtim_period = ie[i + 3];
1541 b43_shm_write16(dev, B43_SHM_SHARED,
1542 B43_SHM_SH_TIMBPOS, tim_position);
1543 b43_shm_write16(dev, B43_SHM_SHARED,
1544 B43_SHM_SH_DTIMPER, dtim_period);
1551 * If ucode wants to modify TIM do it behind the beacon, this
1552 * will happen, for example, when doing mesh networking.
1554 b43_shm_write16(dev, B43_SHM_SHARED,
1556 len + sizeof(struct b43_plcp_hdr6));
1557 b43_shm_write16(dev, B43_SHM_SHARED,
1558 B43_SHM_SH_DTIMPER, 0);
1560 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1563 static void b43_upload_beacon0(struct b43_wldev *dev)
1565 struct b43_wl *wl = dev->wl;
1567 if (wl->beacon0_uploaded)
1569 b43_write_beacon_template(dev, 0x68, 0x18);
1570 wl->beacon0_uploaded = 1;
1573 static void b43_upload_beacon1(struct b43_wldev *dev)
1575 struct b43_wl *wl = dev->wl;
1577 if (wl->beacon1_uploaded)
1579 b43_write_beacon_template(dev, 0x468, 0x1A);
1580 wl->beacon1_uploaded = 1;
1583 static void handle_irq_beacon(struct b43_wldev *dev)
1585 struct b43_wl *wl = dev->wl;
1586 u32 cmd, beacon0_valid, beacon1_valid;
1588 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1589 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1592 /* This is the bottom half of the asynchronous beacon update. */
1594 /* Ignore interrupt in the future. */
1595 dev->irq_mask &= ~B43_IRQ_BEACON;
1597 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1598 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1599 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1601 /* Schedule interrupt manually, if busy. */
1602 if (beacon0_valid && beacon1_valid) {
1603 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1604 dev->irq_mask |= B43_IRQ_BEACON;
1608 if (unlikely(wl->beacon_templates_virgin)) {
1609 /* We never uploaded a beacon before.
1610 * Upload both templates now, but only mark one valid. */
1611 wl->beacon_templates_virgin = 0;
1612 b43_upload_beacon0(dev);
1613 b43_upload_beacon1(dev);
1614 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1615 cmd |= B43_MACCMD_BEACON0_VALID;
1616 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1618 if (!beacon0_valid) {
1619 b43_upload_beacon0(dev);
1620 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1621 cmd |= B43_MACCMD_BEACON0_VALID;
1622 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1623 } else if (!beacon1_valid) {
1624 b43_upload_beacon1(dev);
1625 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1626 cmd |= B43_MACCMD_BEACON1_VALID;
1627 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1632 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1634 u32 old_irq_mask = dev->irq_mask;
1636 /* update beacon right away or defer to irq */
1637 handle_irq_beacon(dev);
1638 if (old_irq_mask != dev->irq_mask) {
1639 /* The handler updated the IRQ mask. */
1640 B43_WARN_ON(!dev->irq_mask);
1641 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1642 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1644 /* Device interrupts are currently disabled. That means
1645 * we just ran the hardirq handler and scheduled the
1646 * IRQ thread. The thread will write the IRQ mask when
1647 * it finished, so there's nothing to do here. Writing
1648 * the mask _here_ would incorrectly re-enable IRQs. */
1653 static void b43_beacon_update_trigger_work(struct work_struct *work)
1655 struct b43_wl *wl = container_of(work, struct b43_wl,
1656 beacon_update_trigger);
1657 struct b43_wldev *dev;
1659 mutex_lock(&wl->mutex);
1660 dev = wl->current_dev;
1661 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1662 if (b43_bus_host_is_sdio(dev->dev)) {
1663 /* wl->mutex is enough. */
1664 b43_do_beacon_update_trigger_work(dev);
1667 spin_lock_irq(&wl->hardirq_lock);
1668 b43_do_beacon_update_trigger_work(dev);
1670 spin_unlock_irq(&wl->hardirq_lock);
1673 mutex_unlock(&wl->mutex);
1676 /* Asynchronously update the packet templates in template RAM.
1677 * Locking: Requires wl->mutex to be locked. */
1678 static void b43_update_templates(struct b43_wl *wl)
1680 struct sk_buff *beacon;
1682 /* This is the top half of the ansynchronous beacon update.
1683 * The bottom half is the beacon IRQ.
1684 * Beacon update must be asynchronous to avoid sending an
1685 * invalid beacon. This can happen for example, if the firmware
1686 * transmits a beacon while we are updating it. */
1688 /* We could modify the existing beacon and set the aid bit in
1689 * the TIM field, but that would probably require resizing and
1690 * moving of data within the beacon template.
1691 * Simply request a new beacon and let mac80211 do the hard work. */
1692 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1693 if (unlikely(!beacon))
1696 if (wl->current_beacon)
1697 dev_kfree_skb_any(wl->current_beacon);
1698 wl->current_beacon = beacon;
1699 wl->beacon0_uploaded = 0;
1700 wl->beacon1_uploaded = 0;
1701 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1704 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1707 if (dev->dev->core_rev >= 3) {
1708 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1709 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1711 b43_write16(dev, 0x606, (beacon_int >> 6));
1712 b43_write16(dev, 0x610, beacon_int);
1714 b43_time_unlock(dev);
1715 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1718 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1722 /* Read the register that contains the reason code for the panic. */
1723 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1724 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1728 b43dbg(dev->wl, "The panic reason is unknown.\n");
1730 case B43_FWPANIC_DIE:
1731 /* Do not restart the controller or firmware.
1732 * The device is nonfunctional from now on.
1733 * Restarting would result in this panic to trigger again,
1734 * so we avoid that recursion. */
1736 case B43_FWPANIC_RESTART:
1737 b43_controller_restart(dev, "Microcode panic");
1742 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1744 unsigned int i, cnt;
1745 u16 reason, marker_id, marker_line;
1748 /* The proprietary firmware doesn't have this IRQ. */
1749 if (!dev->fw.opensource)
1752 /* Read the register that contains the reason code for this IRQ. */
1753 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1756 case B43_DEBUGIRQ_PANIC:
1757 b43_handle_firmware_panic(dev);
1759 case B43_DEBUGIRQ_DUMP_SHM:
1761 break; /* Only with driver debugging enabled. */
1762 buf = kmalloc(4096, GFP_ATOMIC);
1764 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1767 for (i = 0; i < 4096; i += 2) {
1768 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1769 buf[i / 2] = cpu_to_le16(tmp);
1771 b43info(dev->wl, "Shared memory dump:\n");
1772 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1773 16, 2, buf, 4096, 1);
1776 case B43_DEBUGIRQ_DUMP_REGS:
1778 break; /* Only with driver debugging enabled. */
1779 b43info(dev->wl, "Microcode register dump:\n");
1780 for (i = 0, cnt = 0; i < 64; i++) {
1781 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1784 printk("r%02u: 0x%04X ", i, tmp);
1793 case B43_DEBUGIRQ_MARKER:
1795 break; /* Only with driver debugging enabled. */
1796 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1798 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1799 B43_MARKER_LINE_REG);
1800 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1801 "at line number %u\n",
1802 marker_id, marker_line);
1805 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1809 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1810 b43_shm_write16(dev, B43_SHM_SCRATCH,
1811 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1814 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1817 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1818 u32 merged_dma_reason = 0;
1821 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1824 reason = dev->irq_reason;
1825 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1826 dma_reason[i] = dev->dma_reason[i];
1827 merged_dma_reason |= dma_reason[i];
1830 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1831 b43err(dev->wl, "MAC transmission error\n");
1833 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1834 b43err(dev->wl, "PHY transmission error\n");
1836 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1837 atomic_set(&dev->phy.txerr_cnt,
1838 B43_PHY_TX_BADNESS_LIMIT);
1839 b43err(dev->wl, "Too many PHY TX errors, "
1840 "restarting the controller\n");
1841 b43_controller_restart(dev, "PHY TX errors");
1845 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1846 B43_DMAIRQ_NONFATALMASK))) {
1847 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1848 b43err(dev->wl, "Fatal DMA error: "
1849 "0x%08X, 0x%08X, 0x%08X, "
1850 "0x%08X, 0x%08X, 0x%08X\n",
1851 dma_reason[0], dma_reason[1],
1852 dma_reason[2], dma_reason[3],
1853 dma_reason[4], dma_reason[5]);
1854 b43err(dev->wl, "This device does not support DMA "
1855 "on your system. It will now be switched to PIO.\n");
1856 /* Fall back to PIO transfers if we get fatal DMA errors! */
1858 b43_controller_restart(dev, "DMA error");
1861 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1862 b43err(dev->wl, "DMA error: "
1863 "0x%08X, 0x%08X, 0x%08X, "
1864 "0x%08X, 0x%08X, 0x%08X\n",
1865 dma_reason[0], dma_reason[1],
1866 dma_reason[2], dma_reason[3],
1867 dma_reason[4], dma_reason[5]);
1871 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1872 handle_irq_ucode_debug(dev);
1873 if (reason & B43_IRQ_TBTT_INDI)
1874 handle_irq_tbtt_indication(dev);
1875 if (reason & B43_IRQ_ATIM_END)
1876 handle_irq_atim_end(dev);
1877 if (reason & B43_IRQ_BEACON)
1878 handle_irq_beacon(dev);
1879 if (reason & B43_IRQ_PMQ)
1880 handle_irq_pmq(dev);
1881 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1883 if (reason & B43_IRQ_NOISESAMPLE_OK)
1884 handle_irq_noise(dev);
1886 /* Check the DMA reason registers for received data. */
1887 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1888 if (b43_using_pio_transfers(dev))
1889 b43_pio_rx(dev->pio.rx_queue);
1891 b43_dma_rx(dev->dma.rx_ring);
1893 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1894 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1895 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1896 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1897 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1899 if (reason & B43_IRQ_TX_OK)
1900 handle_irq_transmit_status(dev);
1902 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1903 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1906 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1908 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1909 if (reason & (1 << i))
1910 dev->irq_bit_count[i]++;
1916 /* Interrupt thread handler. Handles device interrupts in thread context. */
1917 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1919 struct b43_wldev *dev = dev_id;
1921 mutex_lock(&dev->wl->mutex);
1922 b43_do_interrupt_thread(dev);
1924 mutex_unlock(&dev->wl->mutex);
1929 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1933 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1934 * On SDIO, this runs under wl->mutex. */
1936 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1937 if (reason == 0xffffffff) /* shared IRQ */
1939 reason &= dev->irq_mask;
1943 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1945 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1947 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1949 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1951 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1954 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1958 /* ACK the interrupt. */
1959 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1960 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1961 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1962 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1963 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1964 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1966 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1969 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1970 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1971 /* Save the reason bitmasks for the IRQ thread handler. */
1972 dev->irq_reason = reason;
1974 return IRQ_WAKE_THREAD;
1977 /* Interrupt handler top-half. This runs with interrupts disabled. */
1978 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1980 struct b43_wldev *dev = dev_id;
1983 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1986 spin_lock(&dev->wl->hardirq_lock);
1987 ret = b43_do_interrupt(dev);
1989 spin_unlock(&dev->wl->hardirq_lock);
1994 /* SDIO interrupt handler. This runs in process context. */
1995 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
1997 struct b43_wl *wl = dev->wl;
2000 mutex_lock(&wl->mutex);
2002 ret = b43_do_interrupt(dev);
2003 if (ret == IRQ_WAKE_THREAD)
2004 b43_do_interrupt_thread(dev);
2006 mutex_unlock(&wl->mutex);
2009 void b43_do_release_fw(struct b43_firmware_file *fw)
2011 release_firmware(fw->data);
2013 fw->filename = NULL;
2016 static void b43_release_firmware(struct b43_wldev *dev)
2018 b43_do_release_fw(&dev->fw.ucode);
2019 b43_do_release_fw(&dev->fw.pcm);
2020 b43_do_release_fw(&dev->fw.initvals);
2021 b43_do_release_fw(&dev->fw.initvals_band);
2024 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2028 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
2029 "and download the correct firmware for this driver version. " \
2030 "Please carefully read all instructions on this website.\n";
2038 int b43_do_request_fw(struct b43_request_fw_context *ctx,
2040 struct b43_firmware_file *fw)
2042 const struct firmware *blob;
2043 struct b43_fw_header *hdr;
2048 /* Don't fetch anything. Free possibly cached firmware. */
2049 /* FIXME: We should probably keep it anyway, to save some headache
2050 * on suspend/resume with multiband devices. */
2051 b43_do_release_fw(fw);
2055 if ((fw->type == ctx->req_type) &&
2056 (strcmp(fw->filename, name) == 0))
2057 return 0; /* Already have this fw. */
2058 /* Free the cached firmware first. */
2059 /* FIXME: We should probably do this later after we successfully
2060 * got the new fw. This could reduce headache with multiband devices.
2061 * We could also redesign this to cache the firmware for all possible
2062 * bands all the time. */
2063 b43_do_release_fw(fw);
2066 switch (ctx->req_type) {
2067 case B43_FWTYPE_PROPRIETARY:
2068 snprintf(ctx->fwname, sizeof(ctx->fwname),
2070 modparam_fwpostfix, name);
2072 case B43_FWTYPE_OPENSOURCE:
2073 snprintf(ctx->fwname, sizeof(ctx->fwname),
2075 modparam_fwpostfix, name);
2081 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev);
2082 if (err == -ENOENT) {
2083 snprintf(ctx->errors[ctx->req_type],
2084 sizeof(ctx->errors[ctx->req_type]),
2085 "Firmware file \"%s\" not found\n", ctx->fwname);
2088 snprintf(ctx->errors[ctx->req_type],
2089 sizeof(ctx->errors[ctx->req_type]),
2090 "Firmware file \"%s\" request failed (err=%d)\n",
2094 if (blob->size < sizeof(struct b43_fw_header))
2096 hdr = (struct b43_fw_header *)(blob->data);
2097 switch (hdr->type) {
2098 case B43_FW_TYPE_UCODE:
2099 case B43_FW_TYPE_PCM:
2100 size = be32_to_cpu(hdr->size);
2101 if (size != blob->size - sizeof(struct b43_fw_header))
2104 case B43_FW_TYPE_IV:
2113 fw->filename = name;
2114 fw->type = ctx->req_type;
2119 snprintf(ctx->errors[ctx->req_type],
2120 sizeof(ctx->errors[ctx->req_type]),
2121 "Firmware file \"%s\" format error.\n", ctx->fwname);
2122 release_firmware(blob);
2127 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2129 struct b43_wldev *dev = ctx->dev;
2130 struct b43_firmware *fw = &ctx->dev->fw;
2131 const u8 rev = ctx->dev->dev->core_rev;
2132 const char *filename;
2137 if ((rev >= 5) && (rev <= 10))
2138 filename = "ucode5";
2139 else if ((rev >= 11) && (rev <= 12))
2140 filename = "ucode11";
2142 filename = "ucode13";
2144 filename = "ucode14";
2146 filename = "ucode15";
2147 else if ((rev >= 16) && (rev <= 20))
2148 filename = "ucode16_mimo";
2151 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2156 if ((rev >= 5) && (rev <= 10))
2162 fw->pcm_request_failed = 0;
2163 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2164 if (err == -ENOENT) {
2165 /* We did not find a PCM file? Not fatal, but
2166 * core rev <= 10 must do without hwcrypto then. */
2167 fw->pcm_request_failed = 1;
2172 switch (dev->phy.type) {
2174 if ((rev >= 5) && (rev <= 10)) {
2175 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2176 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2177 filename = "a0g1initvals5";
2179 filename = "a0g0initvals5";
2181 goto err_no_initvals;
2184 if ((rev >= 5) && (rev <= 10))
2185 filename = "b0g0initvals5";
2187 filename = "b0g0initvals13";
2189 goto err_no_initvals;
2193 filename = "n0initvals16";
2194 else if ((rev >= 11) && (rev <= 12))
2195 filename = "n0initvals11";
2197 goto err_no_initvals;
2199 case B43_PHYTYPE_LP:
2201 filename = "lp0initvals13";
2203 filename = "lp0initvals14";
2205 filename = "lp0initvals15";
2207 goto err_no_initvals;
2210 goto err_no_initvals;
2212 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2216 /* Get bandswitch initvals */
2217 switch (dev->phy.type) {
2219 if ((rev >= 5) && (rev <= 10)) {
2220 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2221 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2222 filename = "a0g1bsinitvals5";
2224 filename = "a0g0bsinitvals5";
2225 } else if (rev >= 11)
2228 goto err_no_initvals;
2231 if ((rev >= 5) && (rev <= 10))
2232 filename = "b0g0bsinitvals5";
2236 goto err_no_initvals;
2240 filename = "n0bsinitvals16";
2241 else if ((rev >= 11) && (rev <= 12))
2242 filename = "n0bsinitvals11";
2244 goto err_no_initvals;
2246 case B43_PHYTYPE_LP:
2248 filename = "lp0bsinitvals13";
2250 filename = "lp0bsinitvals14";
2252 filename = "lp0bsinitvals15";
2254 goto err_no_initvals;
2257 goto err_no_initvals;
2259 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2266 err = ctx->fatal_failure = -EOPNOTSUPP;
2267 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2268 "is required for your device (wl-core rev %u)\n", rev);
2272 err = ctx->fatal_failure = -EOPNOTSUPP;
2273 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2274 "is required for your device (wl-core rev %u)\n", rev);
2278 err = ctx->fatal_failure = -EOPNOTSUPP;
2279 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2280 "is required for your device (wl-core rev %u)\n", rev);
2284 /* We failed to load this firmware image. The error message
2285 * already is in ctx->errors. Return and let our caller decide
2290 b43_release_firmware(dev);
2294 static int b43_request_firmware(struct b43_wldev *dev)
2296 struct b43_request_fw_context *ctx;
2301 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2306 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2307 err = b43_try_request_fw(ctx);
2309 goto out; /* Successfully loaded it. */
2310 err = ctx->fatal_failure;
2314 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2315 err = b43_try_request_fw(ctx);
2317 goto out; /* Successfully loaded it. */
2318 err = ctx->fatal_failure;
2322 /* Could not find a usable firmware. Print the errors. */
2323 for (i = 0; i < B43_NR_FWTYPES; i++) {
2324 errmsg = ctx->errors[i];
2326 b43err(dev->wl, errmsg);
2328 b43_print_fw_helptext(dev->wl, 1);
2336 static int b43_upload_microcode(struct b43_wldev *dev)
2338 struct wiphy *wiphy = dev->wl->hw->wiphy;
2339 const size_t hdr_len = sizeof(struct b43_fw_header);
2341 unsigned int i, len;
2342 u16 fwrev, fwpatch, fwdate, fwtime;
2346 /* Jump the microcode PSM to offset 0 */
2347 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2348 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2349 macctl |= B43_MACCTL_PSM_JMP0;
2350 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2351 /* Zero out all microcode PSM registers and shared memory. */
2352 for (i = 0; i < 64; i++)
2353 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2354 for (i = 0; i < 4096; i += 2)
2355 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2357 /* Upload Microcode. */
2358 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2359 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2360 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2361 for (i = 0; i < len; i++) {
2362 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2366 if (dev->fw.pcm.data) {
2367 /* Upload PCM data. */
2368 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2369 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2370 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2371 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2372 /* No need for autoinc bit in SHM_HW */
2373 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2374 for (i = 0; i < len; i++) {
2375 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2380 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2382 /* Start the microcode PSM */
2383 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2384 macctl &= ~B43_MACCTL_PSM_JMP0;
2385 macctl |= B43_MACCTL_PSM_RUN;
2386 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2388 /* Wait for the microcode to load and respond */
2391 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2392 if (tmp == B43_IRQ_MAC_SUSPENDED)
2396 b43err(dev->wl, "Microcode not responding\n");
2397 b43_print_fw_helptext(dev->wl, 1);
2403 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2405 /* Get and check the revisions. */
2406 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2407 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2408 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2409 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2411 if (fwrev <= 0x128) {
2412 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2413 "binary drivers older than version 4.x is unsupported. "
2414 "You must upgrade your firmware files.\n");
2415 b43_print_fw_helptext(dev->wl, 1);
2419 dev->fw.rev = fwrev;
2420 dev->fw.patch = fwpatch;
2421 dev->fw.opensource = (fwdate == 0xFFFF);
2423 /* Default to use-all-queues. */
2424 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2425 dev->qos_enabled = !!modparam_qos;
2426 /* Default to firmware/hardware crypto acceleration. */
2427 dev->hwcrypto_enabled = 1;
2429 if (dev->fw.opensource) {
2432 /* Patchlevel info is encoded in the "time" field. */
2433 dev->fw.patch = fwtime;
2434 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2435 dev->fw.rev, dev->fw.patch);
2437 fwcapa = b43_fwcapa_read(dev);
2438 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2439 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2440 /* Disable hardware crypto and fall back to software crypto. */
2441 dev->hwcrypto_enabled = 0;
2443 if (!(fwcapa & B43_FWCAPA_QOS)) {
2444 b43info(dev->wl, "QoS not supported by firmware\n");
2445 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2446 * ieee80211_unregister to make sure the networking core can
2447 * properly free possible resources. */
2448 dev->wl->hw->queues = 1;
2449 dev->qos_enabled = 0;
2452 b43info(dev->wl, "Loading firmware version %u.%u "
2453 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2455 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2456 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2457 if (dev->fw.pcm_request_failed) {
2458 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2459 "Hardware accelerated cryptography is disabled.\n");
2460 b43_print_fw_helptext(dev->wl, 0);
2464 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2465 dev->fw.rev, dev->fw.patch);
2466 wiphy->hw_version = dev->dev->core_id;
2468 if (b43_is_old_txhdr_format(dev)) {
2469 /* We're over the deadline, but we keep support for old fw
2470 * until it turns out to be in major conflict with something new. */
2471 b43warn(dev->wl, "You are using an old firmware image. "
2472 "Support for old firmware will be removed soon "
2473 "(official deadline was July 2008).\n");
2474 b43_print_fw_helptext(dev->wl, 0);
2480 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2481 macctl &= ~B43_MACCTL_PSM_RUN;
2482 macctl |= B43_MACCTL_PSM_JMP0;
2483 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2488 static int b43_write_initvals(struct b43_wldev *dev,
2489 const struct b43_iv *ivals,
2493 const struct b43_iv *iv;
2498 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2500 for (i = 0; i < count; i++) {
2501 if (array_size < sizeof(iv->offset_size))
2503 array_size -= sizeof(iv->offset_size);
2504 offset = be16_to_cpu(iv->offset_size);
2505 bit32 = !!(offset & B43_IV_32BIT);
2506 offset &= B43_IV_OFFSET_MASK;
2507 if (offset >= 0x1000)
2512 if (array_size < sizeof(iv->data.d32))
2514 array_size -= sizeof(iv->data.d32);
2516 value = get_unaligned_be32(&iv->data.d32);
2517 b43_write32(dev, offset, value);
2519 iv = (const struct b43_iv *)((const uint8_t *)iv +
2525 if (array_size < sizeof(iv->data.d16))
2527 array_size -= sizeof(iv->data.d16);
2529 value = be16_to_cpu(iv->data.d16);
2530 b43_write16(dev, offset, value);
2532 iv = (const struct b43_iv *)((const uint8_t *)iv +
2543 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2544 b43_print_fw_helptext(dev->wl, 1);
2549 static int b43_upload_initvals(struct b43_wldev *dev)
2551 const size_t hdr_len = sizeof(struct b43_fw_header);
2552 const struct b43_fw_header *hdr;
2553 struct b43_firmware *fw = &dev->fw;
2554 const struct b43_iv *ivals;
2558 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2559 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2560 count = be32_to_cpu(hdr->size);
2561 err = b43_write_initvals(dev, ivals, count,
2562 fw->initvals.data->size - hdr_len);
2565 if (fw->initvals_band.data) {
2566 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2567 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2568 count = be32_to_cpu(hdr->size);
2569 err = b43_write_initvals(dev, ivals, count,
2570 fw->initvals_band.data->size - hdr_len);
2579 /* Initialize the GPIOs
2580 * http://bcm-specs.sipsolutions.net/GPIO
2582 static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2584 struct ssb_bus *bus = dev->dev->sdev->bus;
2586 #ifdef CONFIG_SSB_DRIVER_PCICORE
2587 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2589 return bus->chipco.dev;
2593 static int b43_gpio_init(struct b43_wldev *dev)
2595 struct ssb_device *gpiodev;
2598 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2599 & ~B43_MACCTL_GPOUTSMSK);
2601 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2606 if (dev->dev->chip_id == 0x4301) {
2610 if (0 /* FIXME: conditional unknown */ ) {
2611 b43_write16(dev, B43_MMIO_GPIO_MASK,
2612 b43_read16(dev, B43_MMIO_GPIO_MASK)
2617 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) {
2618 b43_write16(dev, B43_MMIO_GPIO_MASK,
2619 b43_read16(dev, B43_MMIO_GPIO_MASK)
2624 if (dev->dev->core_rev >= 2)
2625 mask |= 0x0010; /* FIXME: This is redundant. */
2627 gpiodev = b43_ssb_gpio_dev(dev);
2629 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2630 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2636 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2637 static void b43_gpio_cleanup(struct b43_wldev *dev)
2639 struct ssb_device *gpiodev;
2641 gpiodev = b43_ssb_gpio_dev(dev);
2643 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2646 /* http://bcm-specs.sipsolutions.net/EnableMac */
2647 void b43_mac_enable(struct b43_wldev *dev)
2649 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2652 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2653 B43_SHM_SH_UCODESTAT);
2654 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2655 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2656 b43err(dev->wl, "b43_mac_enable(): The firmware "
2657 "should be suspended, but current state is %u\n",
2662 dev->mac_suspended--;
2663 B43_WARN_ON(dev->mac_suspended < 0);
2664 if (dev->mac_suspended == 0) {
2665 b43_write32(dev, B43_MMIO_MACCTL,
2666 b43_read32(dev, B43_MMIO_MACCTL)
2667 | B43_MACCTL_ENABLED);
2668 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2669 B43_IRQ_MAC_SUSPENDED);
2671 b43_read32(dev, B43_MMIO_MACCTL);
2672 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2673 b43_power_saving_ctl_bits(dev, 0);
2677 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2678 void b43_mac_suspend(struct b43_wldev *dev)
2684 B43_WARN_ON(dev->mac_suspended < 0);
2686 if (dev->mac_suspended == 0) {
2687 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2688 b43_write32(dev, B43_MMIO_MACCTL,
2689 b43_read32(dev, B43_MMIO_MACCTL)
2690 & ~B43_MACCTL_ENABLED);
2691 /* force pci to flush the write */
2692 b43_read32(dev, B43_MMIO_MACCTL);
2693 for (i = 35; i; i--) {
2694 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2695 if (tmp & B43_IRQ_MAC_SUSPENDED)
2699 /* Hm, it seems this will take some time. Use msleep(). */
2700 for (i = 40; i; i--) {
2701 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2702 if (tmp & B43_IRQ_MAC_SUSPENDED)
2706 b43err(dev->wl, "MAC suspend failed\n");
2709 dev->mac_suspended++;
2712 /* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2713 void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
2715 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
2717 tmslow |= B43_TMSLOW_MACPHYCLKEN;
2719 tmslow &= ~B43_TMSLOW_MACPHYCLKEN;
2720 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
2723 static void b43_adjust_opmode(struct b43_wldev *dev)
2725 struct b43_wl *wl = dev->wl;
2729 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2730 /* Reset status to STA infrastructure mode. */
2731 ctl &= ~B43_MACCTL_AP;
2732 ctl &= ~B43_MACCTL_KEEP_CTL;
2733 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2734 ctl &= ~B43_MACCTL_KEEP_BAD;
2735 ctl &= ~B43_MACCTL_PROMISC;
2736 ctl &= ~B43_MACCTL_BEACPROMISC;
2737 ctl |= B43_MACCTL_INFRA;
2739 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2740 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2741 ctl |= B43_MACCTL_AP;
2742 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2743 ctl &= ~B43_MACCTL_INFRA;
2745 if (wl->filter_flags & FIF_CONTROL)
2746 ctl |= B43_MACCTL_KEEP_CTL;
2747 if (wl->filter_flags & FIF_FCSFAIL)
2748 ctl |= B43_MACCTL_KEEP_BAD;
2749 if (wl->filter_flags & FIF_PLCPFAIL)
2750 ctl |= B43_MACCTL_KEEP_BADPLCP;
2751 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2752 ctl |= B43_MACCTL_PROMISC;
2753 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2754 ctl |= B43_MACCTL_BEACPROMISC;
2756 /* Workaround: On old hardware the HW-MAC-address-filter
2757 * doesn't work properly, so always run promisc in filter
2758 * it in software. */
2759 if (dev->dev->core_rev <= 4)
2760 ctl |= B43_MACCTL_PROMISC;
2762 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2765 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2766 if (dev->dev->chip_id == 0x4306 &&
2767 dev->dev->chip_rev == 3)
2772 b43_write16(dev, 0x612, cfp_pretbtt);
2774 /* FIXME: We don't currently implement the PMQ mechanism,
2775 * so always disable it. If we want to implement PMQ,
2776 * we need to enable it here (clear DISCPMQ) in AP mode.
2778 if (0 /* ctl & B43_MACCTL_AP */) {
2779 b43_write32(dev, B43_MMIO_MACCTL,
2780 b43_read32(dev, B43_MMIO_MACCTL)
2781 & ~B43_MACCTL_DISCPMQ);
2783 b43_write32(dev, B43_MMIO_MACCTL,
2784 b43_read32(dev, B43_MMIO_MACCTL)
2785 | B43_MACCTL_DISCPMQ);
2789 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2795 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2798 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2800 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2801 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2804 static void b43_rate_memory_init(struct b43_wldev *dev)
2806 switch (dev->phy.type) {
2810 case B43_PHYTYPE_LP:
2811 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2812 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2813 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2814 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2815 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2816 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2817 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2818 if (dev->phy.type == B43_PHYTYPE_A)
2822 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2823 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2824 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2825 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2832 /* Set the default values for the PHY TX Control Words. */
2833 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2837 ctl |= B43_TXH_PHY_ENC_CCK;
2838 ctl |= B43_TXH_PHY_ANT01AUTO;
2839 ctl |= B43_TXH_PHY_TXPWR;
2841 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2842 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2843 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2846 /* Set the TX-Antenna for management frames sent by firmware. */
2847 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2852 ant = b43_antenna_to_phyctl(antenna);
2855 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2856 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2857 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2858 /* For Probe Resposes */
2859 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2860 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2861 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2864 /* This is the opposite of b43_chip_init() */
2865 static void b43_chip_exit(struct b43_wldev *dev)
2868 b43_gpio_cleanup(dev);
2869 /* firmware is released later */
2872 /* Initialize the chip
2873 * http://bcm-specs.sipsolutions.net/ChipInit
2875 static int b43_chip_init(struct b43_wldev *dev)
2877 struct b43_phy *phy = &dev->phy;
2882 /* Initialize the MAC control */
2883 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2885 macctl |= B43_MACCTL_GMODE;
2886 macctl |= B43_MACCTL_INFRA;
2887 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2889 err = b43_request_firmware(dev);
2892 err = b43_upload_microcode(dev);
2894 goto out; /* firmware is released later */
2896 err = b43_gpio_init(dev);
2898 goto out; /* firmware is released later */
2900 err = b43_upload_initvals(dev);
2902 goto err_gpio_clean;
2904 /* Turn the Analog on and initialize the PHY. */
2905 phy->ops->switch_analog(dev, 1);
2906 err = b43_phy_init(dev);
2908 goto err_gpio_clean;
2910 /* Disable Interference Mitigation. */
2911 if (phy->ops->interf_mitigation)
2912 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2914 /* Select the antennae */
2915 if (phy->ops->set_rx_antenna)
2916 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2917 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2919 if (phy->type == B43_PHYTYPE_B) {
2920 value16 = b43_read16(dev, 0x005E);
2922 b43_write16(dev, 0x005E, value16);
2924 b43_write32(dev, 0x0100, 0x01000000);
2925 if (dev->dev->core_rev < 5)
2926 b43_write32(dev, 0x010C, 0x01000000);
2928 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2929 & ~B43_MACCTL_INFRA);
2930 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2931 | B43_MACCTL_INFRA);
2933 /* Probe Response Timeout value */
2934 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2935 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2937 /* Initially set the wireless operation mode. */
2938 b43_adjust_opmode(dev);
2940 if (dev->dev->core_rev < 3) {
2941 b43_write16(dev, 0x060E, 0x0000);
2942 b43_write16(dev, 0x0610, 0x8000);
2943 b43_write16(dev, 0x0604, 0x0000);
2944 b43_write16(dev, 0x0606, 0x0200);
2946 b43_write32(dev, 0x0188, 0x80000000);
2947 b43_write32(dev, 0x018C, 0x02000000);
2949 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2950 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2951 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2952 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2953 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2954 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2955 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2957 b43_mac_phy_clock_set(dev, true);
2959 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2960 dev->sdev->bus->chipco.fast_pwrup_delay);
2963 b43dbg(dev->wl, "Chip initialized\n");
2968 b43_gpio_cleanup(dev);
2972 static void b43_periodic_every60sec(struct b43_wldev *dev)
2974 const struct b43_phy_operations *ops = dev->phy.ops;
2976 if (ops->pwork_60sec)
2977 ops->pwork_60sec(dev);
2979 /* Force check the TX power emission now. */
2980 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2983 static void b43_periodic_every30sec(struct b43_wldev *dev)
2985 /* Update device statistics. */
2986 b43_calculate_link_quality(dev);
2989 static void b43_periodic_every15sec(struct b43_wldev *dev)
2991 struct b43_phy *phy = &dev->phy;
2994 if (dev->fw.opensource) {
2995 /* Check if the firmware is still alive.
2996 * It will reset the watchdog counter to 0 in its idle loop. */
2997 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2998 if (unlikely(wdr)) {
2999 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
3000 b43_controller_restart(dev, "Firmware watchdog");
3003 b43_shm_write16(dev, B43_SHM_SCRATCH,
3004 B43_WATCHDOG_REG, 1);
3008 if (phy->ops->pwork_15sec)
3009 phy->ops->pwork_15sec(dev);
3011 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3015 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3018 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3019 dev->irq_count / 15,
3021 dev->rx_count / 15);
3025 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3026 if (dev->irq_bit_count[i]) {
3027 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3028 dev->irq_bit_count[i] / 15, i, (1 << i));
3029 dev->irq_bit_count[i] = 0;
3036 static void do_periodic_work(struct b43_wldev *dev)
3040 state = dev->periodic_state;
3042 b43_periodic_every60sec(dev);
3044 b43_periodic_every30sec(dev);
3045 b43_periodic_every15sec(dev);
3048 /* Periodic work locking policy:
3049 * The whole periodic work handler is protected by
3050 * wl->mutex. If another lock is needed somewhere in the
3051 * pwork callchain, it's acquired in-place, where it's needed.
3053 static void b43_periodic_work_handler(struct work_struct *work)
3055 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3056 periodic_work.work);
3057 struct b43_wl *wl = dev->wl;
3058 unsigned long delay;
3060 mutex_lock(&wl->mutex);
3062 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3064 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3067 do_periodic_work(dev);
3069 dev->periodic_state++;
3071 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3072 delay = msecs_to_jiffies(50);
3074 delay = round_jiffies_relative(HZ * 15);
3075 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3077 mutex_unlock(&wl->mutex);
3080 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3082 struct delayed_work *work = &dev->periodic_work;
3084 dev->periodic_state = 0;
3085 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3086 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3089 /* Check if communication with the device works correctly. */
3090 static int b43_validate_chipaccess(struct b43_wldev *dev)
3092 u32 v, backup0, backup4;
3094 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3095 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3097 /* Check for read/write and endianness problems. */
3098 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3099 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3101 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3102 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3105 /* Check if unaligned 32bit SHM_SHARED access works properly.
3106 * However, don't bail out on failure, because it's noncritical. */
3107 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3108 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3109 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3110 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3111 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3112 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3113 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3114 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3115 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3116 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3117 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3118 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3120 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3121 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3123 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) {
3124 /* The 32bit register shadows the two 16bit registers
3125 * with update sideeffects. Validate this. */
3126 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3127 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3128 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3130 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3133 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3135 v = b43_read32(dev, B43_MMIO_MACCTL);
3136 v |= B43_MACCTL_GMODE;
3137 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3142 b43err(dev->wl, "Failed to validate the chipaccess\n");
3146 static void b43_security_init(struct b43_wldev *dev)
3148 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3149 /* KTP is a word address, but we address SHM bytewise.
3150 * So multiply by two.
3153 /* Number of RCMTA address slots */
3154 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3155 /* Clear the key memory. */
3156 b43_clear_keys(dev);
3159 #ifdef CONFIG_B43_HWRNG
3160 static int b43_rng_read(struct hwrng *rng, u32 *data)
3162 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3163 struct b43_wldev *dev;
3164 int count = -ENODEV;
3166 mutex_lock(&wl->mutex);
3167 dev = wl->current_dev;
3168 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3169 *data = b43_read16(dev, B43_MMIO_RNG);
3170 count = sizeof(u16);
3172 mutex_unlock(&wl->mutex);
3176 #endif /* CONFIG_B43_HWRNG */
3178 static void b43_rng_exit(struct b43_wl *wl)
3180 #ifdef CONFIG_B43_HWRNG
3181 if (wl->rng_initialized)
3182 hwrng_unregister(&wl->rng);
3183 #endif /* CONFIG_B43_HWRNG */
3186 static int b43_rng_init(struct b43_wl *wl)
3190 #ifdef CONFIG_B43_HWRNG
3191 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3192 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3193 wl->rng.name = wl->rng_name;
3194 wl->rng.data_read = b43_rng_read;
3195 wl->rng.priv = (unsigned long)wl;
3196 wl->rng_initialized = 1;
3197 err = hwrng_register(&wl->rng);
3199 wl->rng_initialized = 0;
3200 b43err(wl, "Failed to register the random "
3201 "number generator (%d)\n", err);
3203 #endif /* CONFIG_B43_HWRNG */
3208 static void b43_tx_work(struct work_struct *work)
3210 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3211 struct b43_wldev *dev;
3212 struct sk_buff *skb;
3215 mutex_lock(&wl->mutex);
3216 dev = wl->current_dev;
3217 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3218 mutex_unlock(&wl->mutex);
3222 while (skb_queue_len(&wl->tx_queue)) {
3223 skb = skb_dequeue(&wl->tx_queue);
3225 if (b43_using_pio_transfers(dev))
3226 err = b43_pio_tx(dev, skb);
3228 err = b43_dma_tx(dev, skb);
3230 dev_kfree_skb(skb); /* Drop it */
3236 mutex_unlock(&wl->mutex);
3239 static void b43_op_tx(struct ieee80211_hw *hw,
3240 struct sk_buff *skb)
3242 struct b43_wl *wl = hw_to_b43_wl(hw);
3244 if (unlikely(skb->len < 2 + 2 + 6)) {
3245 /* Too short, this can't be a valid frame. */
3246 dev_kfree_skb_any(skb);
3249 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3251 skb_queue_tail(&wl->tx_queue, skb);
3252 ieee80211_queue_work(wl->hw, &wl->tx_work);
3255 static void b43_qos_params_upload(struct b43_wldev *dev,
3256 const struct ieee80211_tx_queue_params *p,
3259 u16 params[B43_NR_QOSPARAMS];
3263 if (!dev->qos_enabled)
3266 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3268 memset(¶ms, 0, sizeof(params));
3270 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3271 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3272 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3273 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3274 params[B43_QOSPARAM_AIFS] = p->aifs;
3275 params[B43_QOSPARAM_BSLOTS] = bslots;
3276 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3278 for (i = 0; i < ARRAY_SIZE(params); i++) {
3279 if (i == B43_QOSPARAM_STATUS) {
3280 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3281 shm_offset + (i * 2));
3282 /* Mark the parameters as updated. */
3284 b43_shm_write16(dev, B43_SHM_SHARED,
3285 shm_offset + (i * 2),
3288 b43_shm_write16(dev, B43_SHM_SHARED,
3289 shm_offset + (i * 2),
3295 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3296 static const u16 b43_qos_shm_offsets[] = {
3297 /* [mac80211-queue-nr] = SHM_OFFSET, */
3298 [0] = B43_QOS_VOICE,
3299 [1] = B43_QOS_VIDEO,
3300 [2] = B43_QOS_BESTEFFORT,
3301 [3] = B43_QOS_BACKGROUND,
3304 /* Update all QOS parameters in hardware. */
3305 static void b43_qos_upload_all(struct b43_wldev *dev)
3307 struct b43_wl *wl = dev->wl;
3308 struct b43_qos_params *params;
3311 if (!dev->qos_enabled)
3314 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3315 ARRAY_SIZE(wl->qos_params));
3317 b43_mac_suspend(dev);
3318 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3319 params = &(wl->qos_params[i]);
3320 b43_qos_params_upload(dev, &(params->p),
3321 b43_qos_shm_offsets[i]);
3323 b43_mac_enable(dev);
3326 static void b43_qos_clear(struct b43_wl *wl)
3328 struct b43_qos_params *params;
3331 /* Initialize QoS parameters to sane defaults. */
3333 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3334 ARRAY_SIZE(wl->qos_params));
3336 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3337 params = &(wl->qos_params[i]);
3339 switch (b43_qos_shm_offsets[i]) {
3343 params->p.cw_min = 0x0001;
3344 params->p.cw_max = 0x0001;
3349 params->p.cw_min = 0x0001;
3350 params->p.cw_max = 0x0001;
3352 case B43_QOS_BESTEFFORT:
3355 params->p.cw_min = 0x0001;
3356 params->p.cw_max = 0x03FF;
3358 case B43_QOS_BACKGROUND:
3361 params->p.cw_min = 0x0001;
3362 params->p.cw_max = 0x03FF;
3370 /* Initialize the core's QOS capabilities */
3371 static void b43_qos_init(struct b43_wldev *dev)
3373 if (!dev->qos_enabled) {
3374 /* Disable QOS support. */
3375 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3376 b43_write16(dev, B43_MMIO_IFSCTL,
3377 b43_read16(dev, B43_MMIO_IFSCTL)
3378 & ~B43_MMIO_IFSCTL_USE_EDCF);
3379 b43dbg(dev->wl, "QoS disabled\n");
3383 /* Upload the current QOS parameters. */
3384 b43_qos_upload_all(dev);
3386 /* Enable QOS support. */
3387 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3388 b43_write16(dev, B43_MMIO_IFSCTL,
3389 b43_read16(dev, B43_MMIO_IFSCTL)
3390 | B43_MMIO_IFSCTL_USE_EDCF);
3391 b43dbg(dev->wl, "QoS enabled\n");
3394 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3395 const struct ieee80211_tx_queue_params *params)
3397 struct b43_wl *wl = hw_to_b43_wl(hw);
3398 struct b43_wldev *dev;
3399 unsigned int queue = (unsigned int)_queue;
3402 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3403 /* Queue not available or don't support setting
3404 * params on this queue. Return success to not
3405 * confuse mac80211. */
3408 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3409 ARRAY_SIZE(wl->qos_params));
3411 mutex_lock(&wl->mutex);
3412 dev = wl->current_dev;
3413 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3416 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3417 b43_mac_suspend(dev);
3418 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3419 b43_qos_shm_offsets[queue]);
3420 b43_mac_enable(dev);
3424 mutex_unlock(&wl->mutex);
3429 static int b43_op_get_stats(struct ieee80211_hw *hw,
3430 struct ieee80211_low_level_stats *stats)
3432 struct b43_wl *wl = hw_to_b43_wl(hw);
3434 mutex_lock(&wl->mutex);
3435 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3436 mutex_unlock(&wl->mutex);
3441 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3443 struct b43_wl *wl = hw_to_b43_wl(hw);
3444 struct b43_wldev *dev;
3447 mutex_lock(&wl->mutex);
3448 dev = wl->current_dev;
3450 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3451 b43_tsf_read(dev, &tsf);
3455 mutex_unlock(&wl->mutex);
3460 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3462 struct b43_wl *wl = hw_to_b43_wl(hw);
3463 struct b43_wldev *dev;
3465 mutex_lock(&wl->mutex);
3466 dev = wl->current_dev;
3468 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3469 b43_tsf_write(dev, tsf);
3471 mutex_unlock(&wl->mutex);
3474 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3476 struct ssb_device *sdev = dev->sdev;
3479 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3480 tmslow &= ~B43_TMSLOW_GMODE;
3481 tmslow |= B43_TMSLOW_PHYRESET;
3482 tmslow |= SSB_TMSLOW_FGC;
3483 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3486 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3487 tmslow &= ~SSB_TMSLOW_FGC;
3488 tmslow |= B43_TMSLOW_PHYRESET;
3489 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3493 static const char *band_to_string(enum ieee80211_band band)
3496 case IEEE80211_BAND_5GHZ:
3498 case IEEE80211_BAND_2GHZ:
3507 /* Expects wl->mutex locked */
3508 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3510 struct b43_wldev *up_dev = NULL;
3511 struct b43_wldev *down_dev;
3512 struct b43_wldev *d;
3514 bool uninitialized_var(gmode);
3517 /* Find a device and PHY which supports the band. */
3518 list_for_each_entry(d, &wl->devlist, list) {
3519 switch (chan->band) {
3520 case IEEE80211_BAND_5GHZ:
3521 if (d->phy.supports_5ghz) {
3526 case IEEE80211_BAND_2GHZ:
3527 if (d->phy.supports_2ghz) {
3540 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3541 band_to_string(chan->band));
3544 if ((up_dev == wl->current_dev) &&
3545 (!!wl->current_dev->phy.gmode == !!gmode)) {
3546 /* This device is already running. */
3549 b43dbg(wl, "Switching to %s-GHz band\n",
3550 band_to_string(chan->band));
3551 down_dev = wl->current_dev;
3553 prev_status = b43_status(down_dev);
3554 /* Shutdown the currently running core. */
3555 if (prev_status >= B43_STAT_STARTED)
3556 down_dev = b43_wireless_core_stop(down_dev);
3557 if (prev_status >= B43_STAT_INITIALIZED)
3558 b43_wireless_core_exit(down_dev);
3560 if (down_dev != up_dev) {
3561 /* We switch to a different core, so we put PHY into
3562 * RESET on the old core. */
3563 b43_put_phy_into_reset(down_dev);
3566 /* Now start the new core. */
3567 up_dev->phy.gmode = gmode;
3568 if (prev_status >= B43_STAT_INITIALIZED) {
3569 err = b43_wireless_core_init(up_dev);
3571 b43err(wl, "Fatal: Could not initialize device for "
3572 "selected %s-GHz band\n",
3573 band_to_string(chan->band));
3577 if (prev_status >= B43_STAT_STARTED) {
3578 err = b43_wireless_core_start(up_dev);
3580 b43err(wl, "Fatal: Coult not start device for "
3581 "selected %s-GHz band\n",
3582 band_to_string(chan->band));
3583 b43_wireless_core_exit(up_dev);
3587 B43_WARN_ON(b43_status(up_dev) != prev_status);
3589 wl->current_dev = up_dev;
3593 /* Whoops, failed to init the new core. No core is operating now. */
3594 wl->current_dev = NULL;
3598 /* Write the short and long frame retry limit values. */
3599 static void b43_set_retry_limits(struct b43_wldev *dev,
3600 unsigned int short_retry,
3601 unsigned int long_retry)
3603 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3604 * the chip-internal counter. */
3605 short_retry = min(short_retry, (unsigned int)0xF);
3606 long_retry = min(long_retry, (unsigned int)0xF);
3608 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3610 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3614 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3616 struct b43_wl *wl = hw_to_b43_wl(hw);
3617 struct b43_wldev *dev;
3618 struct b43_phy *phy;
3619 struct ieee80211_conf *conf = &hw->conf;
3623 mutex_lock(&wl->mutex);
3625 /* Switch the band (if necessary). This might change the active core. */
3626 err = b43_switch_band(wl, conf->channel);
3628 goto out_unlock_mutex;
3629 dev = wl->current_dev;
3632 if (conf_is_ht(conf))
3634 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3636 phy->is_40mhz = false;
3638 b43_mac_suspend(dev);
3640 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3641 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3642 conf->long_frame_max_tx_count);
3643 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3645 goto out_mac_enable;
3647 /* Switch to the requested channel.
3648 * The firmware takes care of races with the TX handler. */
3649 if (conf->channel->hw_value != phy->channel)
3650 b43_switch_channel(dev, conf->channel->hw_value);
3652 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3654 /* Adjust the desired TX power level. */
3655 if (conf->power_level != 0) {
3656 if (conf->power_level != phy->desired_txpower) {
3657 phy->desired_txpower = conf->power_level;
3658 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3659 B43_TXPWR_IGNORE_TSSI);
3663 /* Antennas for RX and management frame TX. */
3664 antenna = B43_ANTENNA_DEFAULT;
3665 b43_mgmtframe_txantenna(dev, antenna);
3666 antenna = B43_ANTENNA_DEFAULT;
3667 if (phy->ops->set_rx_antenna)
3668 phy->ops->set_rx_antenna(dev, antenna);
3670 if (wl->radio_enabled != phy->radio_on) {
3671 if (wl->radio_enabled) {
3672 b43_software_rfkill(dev, false);
3673 b43info(dev->wl, "Radio turned on by software\n");
3674 if (!dev->radio_hw_enable) {
3675 b43info(dev->wl, "The hardware RF-kill button "
3676 "still turns the radio physically off. "
3677 "Press the button to turn it on.\n");
3680 b43_software_rfkill(dev, true);
3681 b43info(dev->wl, "Radio turned off by software\n");
3686 b43_mac_enable(dev);
3688 mutex_unlock(&wl->mutex);
3693 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3695 struct ieee80211_supported_band *sband =
3696 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3697 struct ieee80211_rate *rate;
3699 u16 basic, direct, offset, basic_offset, rateptr;
3701 for (i = 0; i < sband->n_bitrates; i++) {
3702 rate = &sband->bitrates[i];
3704 if (b43_is_cck_rate(rate->hw_value)) {
3705 direct = B43_SHM_SH_CCKDIRECT;
3706 basic = B43_SHM_SH_CCKBASIC;
3707 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3710 direct = B43_SHM_SH_OFDMDIRECT;
3711 basic = B43_SHM_SH_OFDMBASIC;
3712 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3716 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3718 if (b43_is_cck_rate(rate->hw_value)) {
3719 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3720 basic_offset &= 0xF;
3722 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3723 basic_offset &= 0xF;
3727 * Get the pointer that we need to point to
3728 * from the direct map
3730 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3731 direct + 2 * basic_offset);
3732 /* and write it to the basic map */
3733 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3738 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3739 struct ieee80211_vif *vif,
3740 struct ieee80211_bss_conf *conf,
3743 struct b43_wl *wl = hw_to_b43_wl(hw);
3744 struct b43_wldev *dev;
3746 mutex_lock(&wl->mutex);
3748 dev = wl->current_dev;
3749 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3750 goto out_unlock_mutex;
3752 B43_WARN_ON(wl->vif != vif);
3754 if (changed & BSS_CHANGED_BSSID) {
3756 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3758 memset(wl->bssid, 0, ETH_ALEN);
3761 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3762 if (changed & BSS_CHANGED_BEACON &&
3763 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3764 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3765 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3766 b43_update_templates(wl);
3768 if (changed & BSS_CHANGED_BSSID)
3769 b43_write_mac_bssid_templates(dev);
3772 b43_mac_suspend(dev);
3774 /* Update templates for AP/mesh mode. */
3775 if (changed & BSS_CHANGED_BEACON_INT &&
3776 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3777 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3778 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3779 b43_set_beacon_int(dev, conf->beacon_int);
3781 if (changed & BSS_CHANGED_BASIC_RATES)
3782 b43_update_basic_rates(dev, conf->basic_rates);
3784 if (changed & BSS_CHANGED_ERP_SLOT) {
3785 if (conf->use_short_slot)
3786 b43_short_slot_timing_enable(dev);
3788 b43_short_slot_timing_disable(dev);
3791 b43_mac_enable(dev);
3793 mutex_unlock(&wl->mutex);
3796 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3797 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3798 struct ieee80211_key_conf *key)
3800 struct b43_wl *wl = hw_to_b43_wl(hw);
3801 struct b43_wldev *dev;
3805 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3807 if (modparam_nohwcrypt)
3808 return -ENOSPC; /* User disabled HW-crypto */
3810 mutex_lock(&wl->mutex);
3812 dev = wl->current_dev;
3814 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3817 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3818 /* We don't have firmware for the crypto engine.
3819 * Must use software-crypto. */
3825 switch (key->cipher) {
3826 case WLAN_CIPHER_SUITE_WEP40:
3827 algorithm = B43_SEC_ALGO_WEP40;
3829 case WLAN_CIPHER_SUITE_WEP104:
3830 algorithm = B43_SEC_ALGO_WEP104;
3832 case WLAN_CIPHER_SUITE_TKIP:
3833 algorithm = B43_SEC_ALGO_TKIP;
3835 case WLAN_CIPHER_SUITE_CCMP:
3836 algorithm = B43_SEC_ALGO_AES;
3842 index = (u8) (key->keyidx);
3848 if (algorithm == B43_SEC_ALGO_TKIP &&
3849 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3850 !modparam_hwtkip)) {
3851 /* We support only pairwise key */
3856 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3857 if (WARN_ON(!sta)) {
3861 /* Pairwise key with an assigned MAC address. */
3862 err = b43_key_write(dev, -1, algorithm,
3863 key->key, key->keylen,
3867 err = b43_key_write(dev, index, algorithm,
3868 key->key, key->keylen, NULL, key);
3873 if (algorithm == B43_SEC_ALGO_WEP40 ||
3874 algorithm == B43_SEC_ALGO_WEP104) {
3875 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3878 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3880 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3881 if (algorithm == B43_SEC_ALGO_TKIP)
3882 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3885 err = b43_key_clear(dev, key->hw_key_idx);
3896 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3898 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3899 sta ? sta->addr : bcast_addr);
3900 b43_dump_keymemory(dev);
3902 mutex_unlock(&wl->mutex);
3907 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3908 unsigned int changed, unsigned int *fflags,
3911 struct b43_wl *wl = hw_to_b43_wl(hw);
3912 struct b43_wldev *dev;
3914 mutex_lock(&wl->mutex);
3915 dev = wl->current_dev;
3921 *fflags &= FIF_PROMISC_IN_BSS |
3927 FIF_BCN_PRBRESP_PROMISC;
3929 changed &= FIF_PROMISC_IN_BSS |
3935 FIF_BCN_PRBRESP_PROMISC;
3937 wl->filter_flags = *fflags;
3939 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3940 b43_adjust_opmode(dev);
3943 mutex_unlock(&wl->mutex);
3946 /* Locking: wl->mutex
3947 * Returns the current dev. This might be different from the passed in dev,
3948 * because the core might be gone away while we unlocked the mutex. */
3949 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3951 struct b43_wl *wl = dev->wl;
3952 struct b43_wldev *orig_dev;
3956 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3959 /* Cancel work. Unlock to avoid deadlocks. */
3960 mutex_unlock(&wl->mutex);
3961 cancel_delayed_work_sync(&dev->periodic_work);
3962 cancel_work_sync(&wl->tx_work);
3963 mutex_lock(&wl->mutex);
3964 dev = wl->current_dev;
3965 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3966 /* Whoops, aliens ate up the device while we were unlocked. */
3970 /* Disable interrupts on the device. */
3971 b43_set_status(dev, B43_STAT_INITIALIZED);
3972 if (b43_bus_host_is_sdio(dev->dev)) {
3973 /* wl->mutex is locked. That is enough. */
3974 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3975 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3977 spin_lock_irq(&wl->hardirq_lock);
3978 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3979 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3980 spin_unlock_irq(&wl->hardirq_lock);
3982 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
3984 mutex_unlock(&wl->mutex);
3985 if (b43_bus_host_is_sdio(dev->dev)) {
3986 b43_sdio_free_irq(dev);
3988 synchronize_irq(dev->dev->irq);
3989 free_irq(dev->dev->irq, dev);
3991 mutex_lock(&wl->mutex);
3992 dev = wl->current_dev;
3995 if (dev != orig_dev) {
3996 if (b43_status(dev) >= B43_STAT_STARTED)
4000 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
4001 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
4003 /* Drain the TX queue */
4004 while (skb_queue_len(&wl->tx_queue))
4005 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
4007 b43_mac_suspend(dev);
4009 b43dbg(wl, "Wireless interface stopped\n");
4014 /* Locking: wl->mutex */
4015 static int b43_wireless_core_start(struct b43_wldev *dev)
4019 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4021 drain_txstatus_queue(dev);
4022 if (b43_bus_host_is_sdio(dev->dev)) {
4023 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4025 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4029 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
4030 b43_interrupt_thread_handler,
4031 IRQF_SHARED, KBUILD_MODNAME, dev);
4033 b43err(dev->wl, "Cannot request IRQ-%d\n",
4039 /* We are ready to run. */
4040 ieee80211_wake_queues(dev->wl->hw);
4041 b43_set_status(dev, B43_STAT_STARTED);
4043 /* Start data flow (TX/RX). */
4044 b43_mac_enable(dev);
4045 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4047 /* Start maintenance work */
4048 b43_periodic_tasks_setup(dev);
4052 b43dbg(dev->wl, "Wireless interface started\n");
4057 /* Get PHY and RADIO versioning numbers */
4058 static int b43_phy_versioning(struct b43_wldev *dev)
4060 struct b43_phy *phy = &dev->phy;
4068 int unsupported = 0;
4070 /* Get PHY versioning */
4071 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4072 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4073 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4074 phy_rev = (tmp & B43_PHYVER_VERSION);
4081 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4089 #ifdef CONFIG_B43_PHY_N
4095 #ifdef CONFIG_B43_PHY_LP
4096 case B43_PHYTYPE_LP:
4101 #ifdef CONFIG_B43_PHY_HT
4102 case B43_PHYTYPE_HT:
4111 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
4112 "(Analog %u, Type %u, Revision %u)\n",
4113 analog_type, phy_type, phy_rev);
4116 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
4117 analog_type, phy_type, phy_rev);
4119 /* Get RADIO versioning */
4120 if (dev->dev->chip_id == 0x4317) {
4121 if (dev->dev->chip_rev == 0)
4123 else if (dev->dev->chip_rev == 1)
4128 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4129 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4130 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4131 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4133 radio_manuf = (tmp & 0x00000FFF);
4134 radio_ver = (tmp & 0x0FFFF000) >> 12;
4135 radio_rev = (tmp & 0xF0000000) >> 28;
4136 if (radio_manuf != 0x17F /* Broadcom */)
4140 if (radio_ver != 0x2060)
4144 if (radio_manuf != 0x17F)
4148 if ((radio_ver & 0xFFF0) != 0x2050)
4152 if (radio_ver != 0x2050)
4156 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4159 case B43_PHYTYPE_LP:
4160 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4163 case B43_PHYTYPE_HT:
4164 if (radio_ver != 0x2059)
4171 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4172 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4173 radio_manuf, radio_ver, radio_rev);
4176 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4177 radio_manuf, radio_ver, radio_rev);
4179 phy->radio_manuf = radio_manuf;
4180 phy->radio_ver = radio_ver;
4181 phy->radio_rev = radio_rev;
4183 phy->analog = analog_type;
4184 phy->type = phy_type;
4190 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4191 struct b43_phy *phy)
4193 phy->hardware_power_control = !!modparam_hwpctl;
4194 phy->next_txpwr_check_time = jiffies;
4195 /* PHY TX errors counter. */
4196 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4199 phy->phy_locked = 0;
4200 phy->radio_locked = 0;
4204 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4208 /* Assume the radio is enabled. If it's not enabled, the state will
4209 * immediately get fixed on the first periodic work run. */
4210 dev->radio_hw_enable = 1;
4213 memset(&dev->stats, 0, sizeof(dev->stats));
4215 setup_struct_phy_for_init(dev, &dev->phy);
4217 /* IRQ related flags */
4218 dev->irq_reason = 0;
4219 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4220 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4221 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4222 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4224 dev->mac_suspended = 1;
4226 /* Noise calculation context */
4227 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4230 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4232 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4235 if (!modparam_btcoex)
4237 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4239 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4242 hf = b43_hf_read(dev);
4243 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4244 hf |= B43_HF_BTCOEXALT;
4246 hf |= B43_HF_BTCOEX;
4247 b43_hf_write(dev, hf);
4250 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4252 if (!modparam_btcoex)
4257 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4259 struct ssb_bus *bus;
4262 if (dev->dev->bus_type != B43_BUS_SSB)
4265 bus = dev->dev->sdev->bus;
4267 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4268 (bus->chip_id == 0x4312)) {
4269 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO);
4270 tmp &= ~SSB_IMCFGLO_REQTO;
4271 tmp &= ~SSB_IMCFGLO_SERTO;
4273 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp);
4274 ssb_commit_settings(bus);
4278 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4282 /* The time value is in microseconds. */
4283 if (dev->phy.type == B43_PHYTYPE_A)
4287 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4289 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4290 pu_delay = max(pu_delay, (u16)2400);
4292 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4295 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4296 static void b43_set_pretbtt(struct b43_wldev *dev)
4300 /* The time value is in microseconds. */
4301 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4304 if (dev->phy.type == B43_PHYTYPE_A)
4309 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4310 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4313 /* Shutdown a wireless core */
4314 /* Locking: wl->mutex */
4315 static void b43_wireless_core_exit(struct b43_wldev *dev)
4319 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4320 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4323 /* Unregister HW RNG driver */
4324 b43_rng_exit(dev->wl);
4326 b43_set_status(dev, B43_STAT_UNINIT);
4328 /* Stop the microcode PSM. */
4329 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4330 macctl &= ~B43_MACCTL_PSM_RUN;
4331 macctl |= B43_MACCTL_PSM_JMP0;
4332 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4337 dev->phy.ops->switch_analog(dev, 0);
4338 if (dev->wl->current_beacon) {
4339 dev_kfree_skb_any(dev->wl->current_beacon);
4340 dev->wl->current_beacon = NULL;
4343 b43_device_disable(dev, 0);
4344 b43_bus_may_powerdown(dev);
4347 /* Initialize a wireless core */
4348 static int b43_wireless_core_init(struct b43_wldev *dev)
4350 struct ssb_bus *bus = dev->sdev->bus;
4351 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4352 struct b43_phy *phy = &dev->phy;
4356 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4358 err = b43_bus_powerup(dev, 0);
4361 if (!b43_device_is_enabled(dev))
4362 b43_wireless_core_reset(dev, phy->gmode);
4364 /* Reset all data structures. */
4365 setup_struct_wldev_for_init(dev);
4366 phy->ops->prepare_structs(dev);
4368 /* Enable IRQ routing to this device. */
4369 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev);
4371 b43_imcfglo_timeouts_workaround(dev);
4372 b43_bluetooth_coext_disable(dev);
4373 if (phy->ops->prepare_hardware) {
4374 err = phy->ops->prepare_hardware(dev);
4378 err = b43_chip_init(dev);
4381 b43_shm_write16(dev, B43_SHM_SHARED,
4382 B43_SHM_SH_WLCOREREV, dev->dev->core_rev);
4383 hf = b43_hf_read(dev);
4384 if (phy->type == B43_PHYTYPE_G) {
4388 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4389 hf |= B43_HF_OFDMPABOOST;
4391 if (phy->radio_ver == 0x2050) {
4392 if (phy->radio_rev == 6)
4393 hf |= B43_HF_4318TSSI;
4394 if (phy->radio_rev < 6)
4395 hf |= B43_HF_VCORECALC;
4397 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4398 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4399 #ifdef CONFIG_SSB_DRIVER_PCICORE
4400 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4401 (bus->pcicore.dev->id.revision <= 10))
4402 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4404 hf &= ~B43_HF_SKCFPUP;
4405 b43_hf_write(dev, hf);
4407 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4408 B43_DEFAULT_LONG_RETRY_LIMIT);
4409 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4410 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4412 /* Disable sending probe responses from firmware.
4413 * Setting the MaxTime to one usec will always trigger
4414 * a timeout, so we never send any probe resp.
4415 * A timeout of zero is infinite. */
4416 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4418 b43_rate_memory_init(dev);
4419 b43_set_phytxctl_defaults(dev);
4421 /* Minimum Contention Window */
4422 if (phy->type == B43_PHYTYPE_B)
4423 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4425 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4426 /* Maximum Contention Window */
4427 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4429 if (b43_bus_host_is_pcmcia(dev->dev) ||
4430 b43_bus_host_is_sdio(dev->dev) ||
4432 dev->__using_pio_transfers = 1;
4433 err = b43_pio_init(dev);
4435 dev->__using_pio_transfers = 0;
4436 err = b43_dma_init(dev);
4441 b43_set_synth_pu_delay(dev, 1);
4442 b43_bluetooth_coext_enable(dev);
4444 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4445 b43_upload_card_macaddress(dev);
4446 b43_security_init(dev);
4448 ieee80211_wake_queues(dev->wl->hw);
4450 b43_set_status(dev, B43_STAT_INITIALIZED);
4452 /* Register HW RNG driver */
4453 b43_rng_init(dev->wl);
4461 b43_bus_may_powerdown(dev);
4462 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4466 static int b43_op_add_interface(struct ieee80211_hw *hw,
4467 struct ieee80211_vif *vif)
4469 struct b43_wl *wl = hw_to_b43_wl(hw);
4470 struct b43_wldev *dev;
4471 int err = -EOPNOTSUPP;
4473 /* TODO: allow WDS/AP devices to coexist */
4475 if (vif->type != NL80211_IFTYPE_AP &&
4476 vif->type != NL80211_IFTYPE_MESH_POINT &&
4477 vif->type != NL80211_IFTYPE_STATION &&
4478 vif->type != NL80211_IFTYPE_WDS &&
4479 vif->type != NL80211_IFTYPE_ADHOC)
4482 mutex_lock(&wl->mutex);
4484 goto out_mutex_unlock;
4486 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4488 dev = wl->current_dev;
4491 wl->if_type = vif->type;
4492 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4494 b43_adjust_opmode(dev);
4495 b43_set_pretbtt(dev);
4496 b43_set_synth_pu_delay(dev, 0);
4497 b43_upload_card_macaddress(dev);
4501 mutex_unlock(&wl->mutex);
4506 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4507 struct ieee80211_vif *vif)
4509 struct b43_wl *wl = hw_to_b43_wl(hw);
4510 struct b43_wldev *dev = wl->current_dev;
4512 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4514 mutex_lock(&wl->mutex);
4516 B43_WARN_ON(!wl->operating);
4517 B43_WARN_ON(wl->vif != vif);
4522 b43_adjust_opmode(dev);
4523 memset(wl->mac_addr, 0, ETH_ALEN);
4524 b43_upload_card_macaddress(dev);
4526 mutex_unlock(&wl->mutex);
4529 static int b43_op_start(struct ieee80211_hw *hw)
4531 struct b43_wl *wl = hw_to_b43_wl(hw);
4532 struct b43_wldev *dev = wl->current_dev;
4536 /* Kill all old instance specific information to make sure
4537 * the card won't use it in the short timeframe between start
4538 * and mac80211 reconfiguring it. */
4539 memset(wl->bssid, 0, ETH_ALEN);
4540 memset(wl->mac_addr, 0, ETH_ALEN);
4541 wl->filter_flags = 0;
4542 wl->radiotap_enabled = 0;
4544 wl->beacon0_uploaded = 0;
4545 wl->beacon1_uploaded = 0;
4546 wl->beacon_templates_virgin = 1;
4547 wl->radio_enabled = 1;
4549 mutex_lock(&wl->mutex);
4551 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4552 err = b43_wireless_core_init(dev);
4554 goto out_mutex_unlock;
4558 if (b43_status(dev) < B43_STAT_STARTED) {
4559 err = b43_wireless_core_start(dev);
4562 b43_wireless_core_exit(dev);
4563 goto out_mutex_unlock;
4567 /* XXX: only do if device doesn't support rfkill irq */
4568 wiphy_rfkill_start_polling(hw->wiphy);
4571 mutex_unlock(&wl->mutex);
4576 static void b43_op_stop(struct ieee80211_hw *hw)
4578 struct b43_wl *wl = hw_to_b43_wl(hw);
4579 struct b43_wldev *dev = wl->current_dev;
4581 cancel_work_sync(&(wl->beacon_update_trigger));
4583 mutex_lock(&wl->mutex);
4584 if (b43_status(dev) >= B43_STAT_STARTED) {
4585 dev = b43_wireless_core_stop(dev);
4589 b43_wireless_core_exit(dev);
4590 wl->radio_enabled = 0;
4593 mutex_unlock(&wl->mutex);
4595 cancel_work_sync(&(wl->txpower_adjust_work));
4598 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4599 struct ieee80211_sta *sta, bool set)
4601 struct b43_wl *wl = hw_to_b43_wl(hw);
4603 /* FIXME: add locking */
4604 b43_update_templates(wl);
4609 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4610 struct ieee80211_vif *vif,
4611 enum sta_notify_cmd notify_cmd,
4612 struct ieee80211_sta *sta)
4614 struct b43_wl *wl = hw_to_b43_wl(hw);
4616 B43_WARN_ON(!vif || wl->vif != vif);
4619 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4621 struct b43_wl *wl = hw_to_b43_wl(hw);
4622 struct b43_wldev *dev;
4624 mutex_lock(&wl->mutex);
4625 dev = wl->current_dev;
4626 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4627 /* Disable CFP update during scan on other channels. */
4628 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4630 mutex_unlock(&wl->mutex);
4633 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4635 struct b43_wl *wl = hw_to_b43_wl(hw);
4636 struct b43_wldev *dev;
4638 mutex_lock(&wl->mutex);
4639 dev = wl->current_dev;
4640 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4641 /* Re-enable CFP update. */
4642 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4644 mutex_unlock(&wl->mutex);
4647 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
4648 struct survey_info *survey)
4650 struct b43_wl *wl = hw_to_b43_wl(hw);
4651 struct b43_wldev *dev = wl->current_dev;
4652 struct ieee80211_conf *conf = &hw->conf;
4657 survey->channel = conf->channel;
4658 survey->filled = SURVEY_INFO_NOISE_DBM;
4659 survey->noise = dev->stats.link_noise;
4664 static const struct ieee80211_ops b43_hw_ops = {
4666 .conf_tx = b43_op_conf_tx,
4667 .add_interface = b43_op_add_interface,
4668 .remove_interface = b43_op_remove_interface,
4669 .config = b43_op_config,
4670 .bss_info_changed = b43_op_bss_info_changed,
4671 .configure_filter = b43_op_configure_filter,
4672 .set_key = b43_op_set_key,
4673 .update_tkip_key = b43_op_update_tkip_key,
4674 .get_stats = b43_op_get_stats,
4675 .get_tsf = b43_op_get_tsf,
4676 .set_tsf = b43_op_set_tsf,
4677 .start = b43_op_start,
4678 .stop = b43_op_stop,
4679 .set_tim = b43_op_beacon_set_tim,
4680 .sta_notify = b43_op_sta_notify,
4681 .sw_scan_start = b43_op_sw_scan_start_notifier,
4682 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4683 .get_survey = b43_op_get_survey,
4684 .rfkill_poll = b43_rfkill_poll,
4687 /* Hard-reset the chip. Do not call this directly.
4688 * Use b43_controller_restart()
4690 static void b43_chip_reset(struct work_struct *work)
4692 struct b43_wldev *dev =
4693 container_of(work, struct b43_wldev, restart_work);
4694 struct b43_wl *wl = dev->wl;
4698 mutex_lock(&wl->mutex);
4700 prev_status = b43_status(dev);
4701 /* Bring the device down... */
4702 if (prev_status >= B43_STAT_STARTED) {
4703 dev = b43_wireless_core_stop(dev);
4709 if (prev_status >= B43_STAT_INITIALIZED)
4710 b43_wireless_core_exit(dev);
4712 /* ...and up again. */
4713 if (prev_status >= B43_STAT_INITIALIZED) {
4714 err = b43_wireless_core_init(dev);
4718 if (prev_status >= B43_STAT_STARTED) {
4719 err = b43_wireless_core_start(dev);
4721 b43_wireless_core_exit(dev);
4727 wl->current_dev = NULL; /* Failed to init the dev. */
4728 mutex_unlock(&wl->mutex);
4730 b43err(wl, "Controller restart FAILED\n");
4732 b43info(wl, "Controller restarted\n");
4735 static int b43_setup_bands(struct b43_wldev *dev,
4736 bool have_2ghz_phy, bool have_5ghz_phy)
4738 struct ieee80211_hw *hw = dev->wl->hw;
4741 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4742 if (dev->phy.type == B43_PHYTYPE_N) {
4744 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4747 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4750 dev->phy.supports_2ghz = have_2ghz_phy;
4751 dev->phy.supports_5ghz = have_5ghz_phy;
4756 static void b43_wireless_core_detach(struct b43_wldev *dev)
4758 /* We release firmware that late to not be required to re-request
4759 * is all the time when we reinit the core. */
4760 b43_release_firmware(dev);
4764 static int b43_wireless_core_attach(struct b43_wldev *dev)
4766 struct b43_wl *wl = dev->wl;
4767 struct ssb_bus *bus = dev->sdev->bus;
4768 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL;
4770 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4772 /* Do NOT do any device initialization here.
4773 * Do it in wireless_core_init() instead.
4774 * This function is for gathering basic information about the HW, only.
4775 * Also some structs may be set up here. But most likely you want to have
4776 * that in core_init(), too.
4779 err = b43_bus_powerup(dev, 0);
4781 b43err(wl, "Bus powerup failed\n");
4784 /* Get the PHY type. */
4785 if (dev->dev->core_rev >= 5) {
4788 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
4789 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4790 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4794 dev->phy.gmode = have_2ghz_phy;
4795 dev->phy.radio_on = 1;
4796 b43_wireless_core_reset(dev, dev->phy.gmode);
4798 err = b43_phy_versioning(dev);
4801 /* Check if this device supports multiband. */
4803 (pdev->device != 0x4312 &&
4804 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4805 /* No multiband support. */
4808 switch (dev->phy.type) {
4812 case B43_PHYTYPE_LP: //FIXME not always!
4813 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4824 if (dev->phy.type == B43_PHYTYPE_A) {
4826 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4830 if (1 /* disable A-PHY */) {
4831 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4832 if (dev->phy.type != B43_PHYTYPE_N &&
4833 dev->phy.type != B43_PHYTYPE_LP) {
4839 err = b43_phy_allocate(dev);
4843 dev->phy.gmode = have_2ghz_phy;
4844 b43_wireless_core_reset(dev, dev->phy.gmode);
4846 err = b43_validate_chipaccess(dev);
4849 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4853 /* Now set some default "current_dev" */
4854 if (!wl->current_dev)
4855 wl->current_dev = dev;
4856 INIT_WORK(&dev->restart_work, b43_chip_reset);
4858 dev->phy.ops->switch_analog(dev, 0);
4859 b43_device_disable(dev, 0);
4860 b43_bus_may_powerdown(dev);
4868 b43_bus_may_powerdown(dev);
4872 static void b43_one_core_detach(struct b43_bus_dev *dev)
4874 struct b43_wldev *wldev;
4877 /* Do not cancel ieee80211-workqueue based work here.
4878 * See comment in b43_remove(). */
4880 wldev = ssb_get_drvdata(dev->sdev);
4882 b43_debugfs_remove_device(wldev);
4883 b43_wireless_core_detach(wldev);
4884 list_del(&wldev->list);
4886 ssb_set_drvdata(dev->sdev, NULL);
4890 static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl)
4892 struct b43_wldev *wldev;
4895 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4899 wldev->use_pio = b43_modparam_pio;
4901 wldev->sdev = dev->sdev; /* TODO: Remove when not needed */
4903 b43_set_status(wldev, B43_STAT_UNINIT);
4904 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4905 INIT_LIST_HEAD(&wldev->list);
4907 err = b43_wireless_core_attach(wldev);
4909 goto err_kfree_wldev;
4911 list_add(&wldev->list, &wl->devlist);
4913 ssb_set_drvdata(dev->sdev, wldev);
4914 b43_debugfs_add_device(wldev);
4924 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4925 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4926 (pdev->device == _device) && \
4927 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4928 (pdev->subsystem_device == _subdevice) )
4930 static void b43_sprom_fixup(struct ssb_bus *bus)
4932 struct pci_dev *pdev;
4934 /* boardflags workarounds */
4935 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4936 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4937 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4938 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4939 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4940 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4941 if (bus->bustype == SSB_BUSTYPE_PCI) {
4942 pdev = bus->host_pci;
4943 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4944 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4945 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4946 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4947 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4948 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4949 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4950 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4954 static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl)
4956 struct ieee80211_hw *hw = wl->hw;
4958 ssb_set_devtypedata(dev->sdev, NULL);
4959 ieee80211_free_hw(hw);
4962 static struct b43_wl *b43_wireless_init(struct ssb_device *dev)
4964 struct ssb_sprom *sprom = &dev->bus->sprom;
4965 struct ieee80211_hw *hw;
4968 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4970 b43err(NULL, "Could not allocate ieee80211 device\n");
4971 return ERR_PTR(-ENOMEM);
4973 wl = hw_to_b43_wl(hw);
4976 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4977 IEEE80211_HW_SIGNAL_DBM;
4979 hw->wiphy->interface_modes =
4980 BIT(NL80211_IFTYPE_AP) |
4981 BIT(NL80211_IFTYPE_MESH_POINT) |
4982 BIT(NL80211_IFTYPE_STATION) |
4983 BIT(NL80211_IFTYPE_WDS) |
4984 BIT(NL80211_IFTYPE_ADHOC);
4986 hw->queues = modparam_qos ? 4 : 1;
4987 wl->mac80211_initially_registered_queues = hw->queues;
4989 SET_IEEE80211_DEV(hw, dev->dev);
4990 if (is_valid_ether_addr(sprom->et1mac))
4991 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4993 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4995 /* Initialize struct b43_wl */
4997 mutex_init(&wl->mutex);
4998 spin_lock_init(&wl->hardirq_lock);
4999 INIT_LIST_HEAD(&wl->devlist);
5000 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
5001 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
5002 INIT_WORK(&wl->tx_work, b43_tx_work);
5003 skb_queue_head_init(&wl->tx_queue);
5005 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
5006 dev->bus->chip_id, dev->id.revision);
5010 #ifdef CONFIG_B43_BCMA
5011 static int b43_bcma_probe(struct bcma_device *core)
5013 b43err(NULL, "BCMA is not supported yet!");
5017 static void b43_bcma_remove(struct bcma_device *core)
5022 static struct bcma_driver b43_bcma_driver = {
5023 .name = KBUILD_MODNAME,
5024 .id_table = b43_bcma_tbl,
5025 .probe = b43_bcma_probe,
5026 .remove = b43_bcma_remove,
5030 #ifdef CONFIG_B43_SSB
5032 int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id)
5034 struct b43_bus_dev *dev;
5039 dev = b43_bus_dev_ssb_init(sdev);
5043 wl = ssb_get_devtypedata(sdev);
5045 /* Probing the first core. Must setup common struct b43_wl */
5047 b43_sprom_fixup(sdev->bus);
5048 wl = b43_wireless_init(sdev);
5053 ssb_set_devtypedata(sdev, wl);
5054 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl);
5056 err = b43_one_core_attach(dev, wl);
5058 goto err_wireless_exit;
5061 err = ieee80211_register_hw(wl->hw);
5063 goto err_one_core_detach;
5064 b43_leds_register(wl->current_dev);
5070 err_one_core_detach:
5071 b43_one_core_detach(dev);
5074 b43_wireless_exit(dev, wl);
5078 static void b43_ssb_remove(struct ssb_device *sdev)
5080 struct b43_wl *wl = ssb_get_devtypedata(sdev);
5081 struct b43_wldev *wldev = ssb_get_drvdata(sdev);
5083 /* We must cancel any work here before unregistering from ieee80211,
5084 * as the ieee80211 unreg will destroy the workqueue. */
5085 cancel_work_sync(&wldev->restart_work);
5088 if (wl->current_dev == wldev) {
5089 /* Restore the queues count before unregistering, because firmware detect
5090 * might have modified it. Restoring is important, so the networking
5091 * stack can properly free resources. */
5092 wl->hw->queues = wl->mac80211_initially_registered_queues;
5093 b43_leds_stop(wldev);
5094 ieee80211_unregister_hw(wl->hw);
5097 b43_one_core_detach(wldev->dev);
5099 if (list_empty(&wl->devlist)) {
5100 b43_leds_unregister(wl);
5101 /* Last core on the chip unregistered.
5102 * We can destroy common struct b43_wl.
5104 b43_wireless_exit(wldev->dev, wl);
5108 static struct ssb_driver b43_ssb_driver = {
5109 .name = KBUILD_MODNAME,
5110 .id_table = b43_ssb_tbl,
5111 .probe = b43_ssb_probe,
5112 .remove = b43_ssb_remove,
5114 #endif /* CONFIG_B43_SSB */
5116 /* Perform a hardware reset. This can be called from any context. */
5117 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5119 /* Must avoid requeueing, if we are in shutdown. */
5120 if (b43_status(dev) < B43_STAT_INITIALIZED)
5122 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5123 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5126 static void b43_print_driverinfo(void)
5128 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5129 *feat_leds = "", *feat_sdio = "";
5131 #ifdef CONFIG_B43_PCI_AUTOSELECT
5134 #ifdef CONFIG_B43_PCMCIA
5137 #ifdef CONFIG_B43_PHY_N
5140 #ifdef CONFIG_B43_LEDS
5143 #ifdef CONFIG_B43_SDIO
5146 printk(KERN_INFO "Broadcom 43xx driver loaded "
5147 "[ Features: %s%s%s%s%s, Firmware-ID: "
5148 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5149 feat_pci, feat_pcmcia, feat_nphy,
5150 feat_leds, feat_sdio);
5153 static int __init b43_init(void)
5158 err = b43_pcmcia_init();
5161 err = b43_sdio_init();
5163 goto err_pcmcia_exit;
5164 #ifdef CONFIG_B43_BCMA
5165 err = bcma_driver_register(&b43_bcma_driver);
5169 #ifdef CONFIG_B43_SSB
5170 err = ssb_driver_register(&b43_ssb_driver);
5172 goto err_bcma_driver_exit;
5174 b43_print_driverinfo();
5178 #ifdef CONFIG_B43_SSB
5179 err_bcma_driver_exit:
5181 #ifdef CONFIG_B43_BCMA
5182 bcma_driver_unregister(&b43_bcma_driver);
5193 static void __exit b43_exit(void)
5195 #ifdef CONFIG_B43_SSB
5196 ssb_driver_unregister(&b43_ssb_driver);
5198 #ifdef CONFIG_B43_BCMA
5199 bcma_driver_unregister(&b43_bcma_driver);
5206 module_init(b43_init)
5207 module_exit(b43_exit)
git.openpandora.org / pandora-kernel.git / blob