3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14 Some parts of the code in this file are derived from the ipw2200
15 driver Copyright(c) 2003 - 2004 Intel Corporation.
17 This program is free software; you can redistribute it and/or modify
18 it under the terms of the GNU General Public License as published by
19 the Free Software Foundation; either version 2 of the License, or
20 (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; see the file COPYING. If not, write to
29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
30 Boston, MA 02110-1301, USA.
34 #include <linux/delay.h>
35 #include <linux/init.h>
36 #include <linux/moduleparam.h>
37 #include <linux/if_arp.h>
38 #include <linux/etherdevice.h>
39 #include <linux/firmware.h>
40 #include <linux/wireless.h>
41 #include <linux/workqueue.h>
42 #include <linux/skbuff.h>
44 #include <linux/dma-mapping.h>
45 #include <linux/slab.h>
46 #include <asm/unaligned.h>
51 #include "phy_common.h"
61 #include <linux/mmc/sdio_func.h>
63 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64 MODULE_AUTHOR("Martin Langer");
65 MODULE_AUTHOR("Stefano Brivio");
66 MODULE_AUTHOR("Michael Buesch");
67 MODULE_AUTHOR("Gábor Stefanik");
68 MODULE_LICENSE("GPL");
70 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
71 MODULE_FIRMWARE("b43/ucode11.fw");
72 MODULE_FIRMWARE("b43/ucode13.fw");
73 MODULE_FIRMWARE("b43/ucode14.fw");
74 MODULE_FIRMWARE("b43/ucode15.fw");
75 MODULE_FIRMWARE("b43/ucode16_mimo.fw");
76 MODULE_FIRMWARE("b43/ucode5.fw");
77 MODULE_FIRMWARE("b43/ucode9.fw");
79 static int modparam_bad_frames_preempt;
80 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
81 MODULE_PARM_DESC(bad_frames_preempt,
82 "enable(1) / disable(0) Bad Frames Preemption");
84 static char modparam_fwpostfix[16];
85 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
86 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
88 static int modparam_hwpctl;
89 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
90 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
92 static int modparam_nohwcrypt;
93 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
94 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
96 static int modparam_hwtkip;
97 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
98 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
100 static int modparam_qos = 1;
101 module_param_named(qos, modparam_qos, int, 0444);
102 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
104 static int modparam_btcoex = 1;
105 module_param_named(btcoex, modparam_btcoex, int, 0444);
106 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
108 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
109 module_param_named(verbose, b43_modparam_verbose, int, 0644);
110 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
112 static int b43_modparam_pio = B43_PIO_DEFAULT;
113 module_param_named(pio, b43_modparam_pio, int, 0644);
114 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
116 static const struct ssb_device_id b43_ssb_tbl[] = {
117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
126 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
130 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
132 /* Channel and ratetables are shared for all devices.
133 * They can't be const, because ieee80211 puts some precalculated
134 * data in there. This data is the same for all devices, so we don't
135 * get concurrency issues */
136 #define RATETAB_ENT(_rateid, _flags) \
138 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
139 .hw_value = (_rateid), \
144 * NOTE: When changing this, sync with xmit.c's
145 * b43_plcp_get_bitrate_idx_* functions!
147 static struct ieee80211_rate __b43_ratetable[] = {
148 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
149 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
150 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
151 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
152 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
153 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
154 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
155 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
156 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
157 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
158 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
159 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
162 #define b43_a_ratetable (__b43_ratetable + 4)
163 #define b43_a_ratetable_size 8
164 #define b43_b_ratetable (__b43_ratetable + 0)
165 #define b43_b_ratetable_size 4
166 #define b43_g_ratetable (__b43_ratetable + 0)
167 #define b43_g_ratetable_size 12
169 #define CHAN4G(_channel, _freq, _flags) { \
170 .band = IEEE80211_BAND_2GHZ, \
171 .center_freq = (_freq), \
172 .hw_value = (_channel), \
174 .max_antenna_gain = 0, \
177 static struct ieee80211_channel b43_2ghz_chantable[] = {
195 #define CHAN5G(_channel, _flags) { \
196 .band = IEEE80211_BAND_5GHZ, \
197 .center_freq = 5000 + (5 * (_channel)), \
198 .hw_value = (_channel), \
200 .max_antenna_gain = 0, \
203 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
204 CHAN5G(32, 0), CHAN5G(34, 0),
205 CHAN5G(36, 0), CHAN5G(38, 0),
206 CHAN5G(40, 0), CHAN5G(42, 0),
207 CHAN5G(44, 0), CHAN5G(46, 0),
208 CHAN5G(48, 0), CHAN5G(50, 0),
209 CHAN5G(52, 0), CHAN5G(54, 0),
210 CHAN5G(56, 0), CHAN5G(58, 0),
211 CHAN5G(60, 0), CHAN5G(62, 0),
212 CHAN5G(64, 0), CHAN5G(66, 0),
213 CHAN5G(68, 0), CHAN5G(70, 0),
214 CHAN5G(72, 0), CHAN5G(74, 0),
215 CHAN5G(76, 0), CHAN5G(78, 0),
216 CHAN5G(80, 0), CHAN5G(82, 0),
217 CHAN5G(84, 0), CHAN5G(86, 0),
218 CHAN5G(88, 0), CHAN5G(90, 0),
219 CHAN5G(92, 0), CHAN5G(94, 0),
220 CHAN5G(96, 0), CHAN5G(98, 0),
221 CHAN5G(100, 0), CHAN5G(102, 0),
222 CHAN5G(104, 0), CHAN5G(106, 0),
223 CHAN5G(108, 0), CHAN5G(110, 0),
224 CHAN5G(112, 0), CHAN5G(114, 0),
225 CHAN5G(116, 0), CHAN5G(118, 0),
226 CHAN5G(120, 0), CHAN5G(122, 0),
227 CHAN5G(124, 0), CHAN5G(126, 0),
228 CHAN5G(128, 0), CHAN5G(130, 0),
229 CHAN5G(132, 0), CHAN5G(134, 0),
230 CHAN5G(136, 0), CHAN5G(138, 0),
231 CHAN5G(140, 0), CHAN5G(142, 0),
232 CHAN5G(144, 0), CHAN5G(145, 0),
233 CHAN5G(146, 0), CHAN5G(147, 0),
234 CHAN5G(148, 0), CHAN5G(149, 0),
235 CHAN5G(150, 0), CHAN5G(151, 0),
236 CHAN5G(152, 0), CHAN5G(153, 0),
237 CHAN5G(154, 0), CHAN5G(155, 0),
238 CHAN5G(156, 0), CHAN5G(157, 0),
239 CHAN5G(158, 0), CHAN5G(159, 0),
240 CHAN5G(160, 0), CHAN5G(161, 0),
241 CHAN5G(162, 0), CHAN5G(163, 0),
242 CHAN5G(164, 0), CHAN5G(165, 0),
243 CHAN5G(166, 0), CHAN5G(168, 0),
244 CHAN5G(170, 0), CHAN5G(172, 0),
245 CHAN5G(174, 0), CHAN5G(176, 0),
246 CHAN5G(178, 0), CHAN5G(180, 0),
247 CHAN5G(182, 0), CHAN5G(184, 0),
248 CHAN5G(186, 0), CHAN5G(188, 0),
249 CHAN5G(190, 0), CHAN5G(192, 0),
250 CHAN5G(194, 0), CHAN5G(196, 0),
251 CHAN5G(198, 0), CHAN5G(200, 0),
252 CHAN5G(202, 0), CHAN5G(204, 0),
253 CHAN5G(206, 0), CHAN5G(208, 0),
254 CHAN5G(210, 0), CHAN5G(212, 0),
255 CHAN5G(214, 0), CHAN5G(216, 0),
256 CHAN5G(218, 0), CHAN5G(220, 0),
257 CHAN5G(222, 0), CHAN5G(224, 0),
258 CHAN5G(226, 0), CHAN5G(228, 0),
261 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
262 CHAN5G(34, 0), CHAN5G(36, 0),
263 CHAN5G(38, 0), CHAN5G(40, 0),
264 CHAN5G(42, 0), CHAN5G(44, 0),
265 CHAN5G(46, 0), CHAN5G(48, 0),
266 CHAN5G(52, 0), CHAN5G(56, 0),
267 CHAN5G(60, 0), CHAN5G(64, 0),
268 CHAN5G(100, 0), CHAN5G(104, 0),
269 CHAN5G(108, 0), CHAN5G(112, 0),
270 CHAN5G(116, 0), CHAN5G(120, 0),
271 CHAN5G(124, 0), CHAN5G(128, 0),
272 CHAN5G(132, 0), CHAN5G(136, 0),
273 CHAN5G(140, 0), CHAN5G(149, 0),
274 CHAN5G(153, 0), CHAN5G(157, 0),
275 CHAN5G(161, 0), CHAN5G(165, 0),
276 CHAN5G(184, 0), CHAN5G(188, 0),
277 CHAN5G(192, 0), CHAN5G(196, 0),
278 CHAN5G(200, 0), CHAN5G(204, 0),
279 CHAN5G(208, 0), CHAN5G(212, 0),
284 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
285 .band = IEEE80211_BAND_5GHZ,
286 .channels = b43_5ghz_nphy_chantable,
287 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
288 .bitrates = b43_a_ratetable,
289 .n_bitrates = b43_a_ratetable_size,
292 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
293 .band = IEEE80211_BAND_5GHZ,
294 .channels = b43_5ghz_aphy_chantable,
295 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
296 .bitrates = b43_a_ratetable,
297 .n_bitrates = b43_a_ratetable_size,
300 static struct ieee80211_supported_band b43_band_2GHz = {
301 .band = IEEE80211_BAND_2GHZ,
302 .channels = b43_2ghz_chantable,
303 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
304 .bitrates = b43_g_ratetable,
305 .n_bitrates = b43_g_ratetable_size,
308 static void b43_wireless_core_exit(struct b43_wldev *dev);
309 static int b43_wireless_core_init(struct b43_wldev *dev);
310 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
311 static int b43_wireless_core_start(struct b43_wldev *dev);
313 static int b43_ratelimit(struct b43_wl *wl)
315 if (!wl || !wl->current_dev)
317 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
319 /* We are up and running.
320 * Ratelimit the messages to avoid DoS over the net. */
321 return net_ratelimit();
324 void b43info(struct b43_wl *wl, const char *fmt, ...)
326 struct va_format vaf;
329 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
331 if (!b43_ratelimit(wl))
339 printk(KERN_INFO "b43-%s: %pV",
340 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
345 void b43err(struct b43_wl *wl, const char *fmt, ...)
347 struct va_format vaf;
350 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
352 if (!b43_ratelimit(wl))
360 printk(KERN_ERR "b43-%s ERROR: %pV",
361 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
366 void b43warn(struct b43_wl *wl, const char *fmt, ...)
368 struct va_format vaf;
371 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
373 if (!b43_ratelimit(wl))
381 printk(KERN_WARNING "b43-%s warning: %pV",
382 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
387 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
389 struct va_format vaf;
392 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
400 printk(KERN_DEBUG "b43-%s debug: %pV",
401 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
406 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
410 B43_WARN_ON(offset % 4 != 0);
412 macctl = b43_read32(dev, B43_MMIO_MACCTL);
413 if (macctl & B43_MACCTL_BE)
416 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
418 b43_write32(dev, B43_MMIO_RAM_DATA, val);
421 static inline void b43_shm_control_word(struct b43_wldev *dev,
422 u16 routing, u16 offset)
426 /* "offset" is the WORD offset. */
430 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
433 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
437 if (routing == B43_SHM_SHARED) {
438 B43_WARN_ON(offset & 0x0001);
439 if (offset & 0x0003) {
440 /* Unaligned access */
441 b43_shm_control_word(dev, routing, offset >> 2);
442 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
443 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
444 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
450 b43_shm_control_word(dev, routing, offset);
451 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
456 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
460 if (routing == B43_SHM_SHARED) {
461 B43_WARN_ON(offset & 0x0001);
462 if (offset & 0x0003) {
463 /* Unaligned access */
464 b43_shm_control_word(dev, routing, offset >> 2);
465 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
471 b43_shm_control_word(dev, routing, offset);
472 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
477 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
479 if (routing == B43_SHM_SHARED) {
480 B43_WARN_ON(offset & 0x0001);
481 if (offset & 0x0003) {
482 /* Unaligned access */
483 b43_shm_control_word(dev, routing, offset >> 2);
484 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
486 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
487 b43_write16(dev, B43_MMIO_SHM_DATA,
488 (value >> 16) & 0xFFFF);
493 b43_shm_control_word(dev, routing, offset);
494 b43_write32(dev, B43_MMIO_SHM_DATA, value);
497 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
499 if (routing == B43_SHM_SHARED) {
500 B43_WARN_ON(offset & 0x0001);
501 if (offset & 0x0003) {
502 /* Unaligned access */
503 b43_shm_control_word(dev, routing, offset >> 2);
504 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
509 b43_shm_control_word(dev, routing, offset);
510 b43_write16(dev, B43_MMIO_SHM_DATA, value);
514 u64 b43_hf_read(struct b43_wldev *dev)
518 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
520 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
522 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
527 /* Write HostFlags */
528 void b43_hf_write(struct b43_wldev *dev, u64 value)
532 lo = (value & 0x00000000FFFFULL);
533 mi = (value & 0x0000FFFF0000ULL) >> 16;
534 hi = (value & 0xFFFF00000000ULL) >> 32;
535 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
536 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
537 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
540 /* Read the firmware capabilities bitmask (Opensource firmware only) */
541 static u16 b43_fwcapa_read(struct b43_wldev *dev)
543 B43_WARN_ON(!dev->fw.opensource);
544 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
547 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
551 B43_WARN_ON(dev->sdev->id.revision < 3);
553 /* The hardware guarantees us an atomic read, if we
554 * read the low register first. */
555 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
556 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
563 static void b43_time_lock(struct b43_wldev *dev)
567 macctl = b43_read32(dev, B43_MMIO_MACCTL);
568 macctl |= B43_MACCTL_TBTTHOLD;
569 b43_write32(dev, B43_MMIO_MACCTL, macctl);
570 /* Commit the write */
571 b43_read32(dev, B43_MMIO_MACCTL);
574 static void b43_time_unlock(struct b43_wldev *dev)
578 macctl = b43_read32(dev, B43_MMIO_MACCTL);
579 macctl &= ~B43_MACCTL_TBTTHOLD;
580 b43_write32(dev, B43_MMIO_MACCTL, macctl);
581 /* Commit the write */
582 b43_read32(dev, B43_MMIO_MACCTL);
585 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
589 B43_WARN_ON(dev->sdev->id.revision < 3);
593 /* The hardware guarantees us an atomic write, if we
594 * write the low register first. */
595 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
597 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
601 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
604 b43_tsf_write_locked(dev, tsf);
605 b43_time_unlock(dev);
609 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
611 static const u8 zero_addr[ETH_ALEN] = { 0 };
618 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
622 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
631 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
635 u8 mac_bssid[ETH_ALEN * 2];
639 bssid = dev->wl->bssid;
640 mac = dev->wl->mac_addr;
642 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
644 memcpy(mac_bssid, mac, ETH_ALEN);
645 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
647 /* Write our MAC address and BSSID to template ram */
648 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
649 tmp = (u32) (mac_bssid[i + 0]);
650 tmp |= (u32) (mac_bssid[i + 1]) << 8;
651 tmp |= (u32) (mac_bssid[i + 2]) << 16;
652 tmp |= (u32) (mac_bssid[i + 3]) << 24;
653 b43_ram_write(dev, 0x20 + i, tmp);
657 static void b43_upload_card_macaddress(struct b43_wldev *dev)
659 b43_write_mac_bssid_templates(dev);
660 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
663 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
665 /* slot_time is in usec. */
666 /* This test used to exit for all but a G PHY. */
667 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
669 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
670 /* Shared memory location 0x0010 is the slot time and should be
671 * set to slot_time; however, this register is initially 0 and changing
672 * the value adversely affects the transmit rate for BCM4311
673 * devices. Until this behavior is unterstood, delete this step
675 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
679 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
681 b43_set_slot_time(dev, 9);
684 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
686 b43_set_slot_time(dev, 20);
689 /* DummyTransmission function, as documented on
690 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
692 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
694 struct b43_phy *phy = &dev->phy;
695 unsigned int i, max_loop;
707 buffer[0] = 0x000201CC;
710 buffer[0] = 0x000B846E;
713 for (i = 0; i < 5; i++)
714 b43_ram_write(dev, i * 4, buffer[i]);
716 b43_write16(dev, 0x0568, 0x0000);
717 if (dev->sdev->id.revision < 11)
718 b43_write16(dev, 0x07C0, 0x0000);
720 b43_write16(dev, 0x07C0, 0x0100);
721 value = (ofdm ? 0x41 : 0x40);
722 b43_write16(dev, 0x050C, value);
723 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
724 b43_write16(dev, 0x0514, 0x1A02);
725 b43_write16(dev, 0x0508, 0x0000);
726 b43_write16(dev, 0x050A, 0x0000);
727 b43_write16(dev, 0x054C, 0x0000);
728 b43_write16(dev, 0x056A, 0x0014);
729 b43_write16(dev, 0x0568, 0x0826);
730 b43_write16(dev, 0x0500, 0x0000);
731 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
737 b43_write16(dev, 0x0502, 0x00D0);
740 b43_write16(dev, 0x0502, 0x0050);
743 b43_write16(dev, 0x0502, 0x0030);
746 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
747 b43_radio_write16(dev, 0x0051, 0x0017);
748 for (i = 0x00; i < max_loop; i++) {
749 value = b43_read16(dev, 0x050E);
754 for (i = 0x00; i < 0x0A; i++) {
755 value = b43_read16(dev, 0x050E);
760 for (i = 0x00; i < 0x19; i++) {
761 value = b43_read16(dev, 0x0690);
762 if (!(value & 0x0100))
766 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
767 b43_radio_write16(dev, 0x0051, 0x0037);
770 static void key_write(struct b43_wldev *dev,
771 u8 index, u8 algorithm, const u8 *key)
778 /* Key index/algo block */
779 kidx = b43_kidx_to_fw(dev, index);
780 value = ((kidx << 4) | algorithm);
781 b43_shm_write16(dev, B43_SHM_SHARED,
782 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
784 /* Write the key to the Key Table Pointer offset */
785 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
786 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
788 value |= (u16) (key[i + 1]) << 8;
789 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
793 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
795 u32 addrtmp[2] = { 0, 0, };
796 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
798 if (b43_new_kidx_api(dev))
799 pairwise_keys_start = B43_NR_GROUP_KEYS;
801 B43_WARN_ON(index < pairwise_keys_start);
802 /* We have four default TX keys and possibly four default RX keys.
803 * Physical mac 0 is mapped to physical key 4 or 8, depending
804 * on the firmware version.
805 * So we must adjust the index here.
807 index -= pairwise_keys_start;
808 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
811 addrtmp[0] = addr[0];
812 addrtmp[0] |= ((u32) (addr[1]) << 8);
813 addrtmp[0] |= ((u32) (addr[2]) << 16);
814 addrtmp[0] |= ((u32) (addr[3]) << 24);
815 addrtmp[1] = addr[4];
816 addrtmp[1] |= ((u32) (addr[5]) << 8);
819 /* Receive match transmitter address (RCMTA) mechanism */
820 b43_shm_write32(dev, B43_SHM_RCMTA,
821 (index * 2) + 0, addrtmp[0]);
822 b43_shm_write16(dev, B43_SHM_RCMTA,
823 (index * 2) + 1, addrtmp[1]);
826 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
827 * When a packet is received, the iv32 is checked.
828 * - if it doesn't the packet is returned without modification (and software
829 * decryption can be done). That's what happen when iv16 wrap.
830 * - if it does, the rc4 key is computed, and decryption is tried.
831 * Either it will success and B43_RX_MAC_DEC is returned,
832 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
833 * and the packet is not usable (it got modified by the ucode).
834 * So in order to never have B43_RX_MAC_DECERR, we should provide
835 * a iv32 and phase1key that match. Because we drop packets in case of
836 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
837 * packets will be lost without higher layer knowing (ie no resync possible
840 * NOTE : this should support 50 key like RCMTA because
841 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
843 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
848 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
850 if (!modparam_hwtkip)
853 if (b43_new_kidx_api(dev))
854 pairwise_keys_start = B43_NR_GROUP_KEYS;
856 B43_WARN_ON(index < pairwise_keys_start);
857 /* We have four default TX keys and possibly four default RX keys.
858 * Physical mac 0 is mapped to physical key 4 or 8, depending
859 * on the firmware version.
860 * So we must adjust the index here.
862 index -= pairwise_keys_start;
863 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
865 if (b43_debug(dev, B43_DBG_KEYS)) {
866 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
869 /* Write the key to the RX tkip shared mem */
870 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
871 for (i = 0; i < 10; i += 2) {
872 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
873 phase1key ? phase1key[i / 2] : 0);
875 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
876 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
879 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
880 struct ieee80211_vif *vif,
881 struct ieee80211_key_conf *keyconf,
882 struct ieee80211_sta *sta,
883 u32 iv32, u16 *phase1key)
885 struct b43_wl *wl = hw_to_b43_wl(hw);
886 struct b43_wldev *dev;
887 int index = keyconf->hw_key_idx;
889 if (B43_WARN_ON(!modparam_hwtkip))
892 /* This is only called from the RX path through mac80211, where
893 * our mutex is already locked. */
894 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
895 dev = wl->current_dev;
896 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
898 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
900 rx_tkip_phase1_write(dev, index, iv32, phase1key);
901 /* only pairwise TKIP keys are supported right now */
904 keymac_write(dev, index, sta->addr);
907 static void do_key_write(struct b43_wldev *dev,
908 u8 index, u8 algorithm,
909 const u8 *key, size_t key_len, const u8 *mac_addr)
911 u8 buf[B43_SEC_KEYSIZE] = { 0, };
912 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
914 if (b43_new_kidx_api(dev))
915 pairwise_keys_start = B43_NR_GROUP_KEYS;
917 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
918 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
920 if (index >= pairwise_keys_start)
921 keymac_write(dev, index, NULL); /* First zero out mac. */
922 if (algorithm == B43_SEC_ALGO_TKIP) {
924 * We should provide an initial iv32, phase1key pair.
925 * We could start with iv32=0 and compute the corresponding
926 * phase1key, but this means calling ieee80211_get_tkip_key
927 * with a fake skb (or export other tkip function).
928 * Because we are lazy we hope iv32 won't start with
929 * 0xffffffff and let's b43_op_update_tkip_key provide a
932 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
933 } else if (index >= pairwise_keys_start) /* clear it */
934 rx_tkip_phase1_write(dev, index, 0, NULL);
936 memcpy(buf, key, key_len);
937 key_write(dev, index, algorithm, buf);
938 if (index >= pairwise_keys_start)
939 keymac_write(dev, index, mac_addr);
941 dev->key[index].algorithm = algorithm;
944 static int b43_key_write(struct b43_wldev *dev,
945 int index, u8 algorithm,
946 const u8 *key, size_t key_len,
948 struct ieee80211_key_conf *keyconf)
951 int pairwise_keys_start;
953 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
954 * - Temporal Encryption Key (128 bits)
955 * - Temporal Authenticator Tx MIC Key (64 bits)
956 * - Temporal Authenticator Rx MIC Key (64 bits)
958 * Hardware only store TEK
960 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
962 if (key_len > B43_SEC_KEYSIZE)
964 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
965 /* Check that we don't already have this key. */
966 B43_WARN_ON(dev->key[i].keyconf == keyconf);
969 /* Pairwise key. Get an empty slot for the key. */
970 if (b43_new_kidx_api(dev))
971 pairwise_keys_start = B43_NR_GROUP_KEYS;
973 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
974 for (i = pairwise_keys_start;
975 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
977 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
978 if (!dev->key[i].keyconf) {
985 b43warn(dev->wl, "Out of hardware key memory\n");
989 B43_WARN_ON(index > 3);
991 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
992 if ((index <= 3) && !b43_new_kidx_api(dev)) {
994 B43_WARN_ON(mac_addr);
995 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
997 keyconf->hw_key_idx = index;
998 dev->key[index].keyconf = keyconf;
1003 static int b43_key_clear(struct b43_wldev *dev, int index)
1005 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1007 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1008 NULL, B43_SEC_KEYSIZE, NULL);
1009 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1010 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1011 NULL, B43_SEC_KEYSIZE, NULL);
1013 dev->key[index].keyconf = NULL;
1018 static void b43_clear_keys(struct b43_wldev *dev)
1022 if (b43_new_kidx_api(dev))
1023 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1025 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1026 for (i = 0; i < count; i++)
1027 b43_key_clear(dev, i);
1030 static void b43_dump_keymemory(struct b43_wldev *dev)
1032 unsigned int i, index, count, offset, pairwise_keys_start;
1038 struct b43_key *key;
1040 if (!b43_debug(dev, B43_DBG_KEYS))
1043 hf = b43_hf_read(dev);
1044 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1045 !!(hf & B43_HF_USEDEFKEYS));
1046 if (b43_new_kidx_api(dev)) {
1047 pairwise_keys_start = B43_NR_GROUP_KEYS;
1048 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1050 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1051 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1053 for (index = 0; index < count; index++) {
1054 key = &(dev->key[index]);
1055 printk(KERN_DEBUG "Key slot %02u: %s",
1056 index, (key->keyconf == NULL) ? " " : "*");
1057 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1058 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1059 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1060 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1063 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1064 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1065 printk(" Algo: %04X/%02X", algo, key->algorithm);
1067 if (index >= pairwise_keys_start) {
1068 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1070 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1071 for (i = 0; i < 14; i += 2) {
1072 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1073 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1076 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1077 ((index - pairwise_keys_start) * 2) + 0);
1078 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1079 ((index - pairwise_keys_start) * 2) + 1);
1080 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1081 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1082 printk(" MAC: %pM", mac);
1084 printk(" DEFAULT KEY");
1089 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1097 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1098 (ps_flags & B43_PS_DISABLED));
1099 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1101 if (ps_flags & B43_PS_ENABLED) {
1103 } else if (ps_flags & B43_PS_DISABLED) {
1106 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1107 // and thus is not an AP and we are associated, set bit 25
1109 if (ps_flags & B43_PS_AWAKE) {
1111 } else if (ps_flags & B43_PS_ASLEEP) {
1114 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1115 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1116 // successful, set bit26
1119 /* FIXME: For now we force awake-on and hwps-off */
1123 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1125 macctl |= B43_MACCTL_HWPS;
1127 macctl &= ~B43_MACCTL_HWPS;
1129 macctl |= B43_MACCTL_AWAKE;
1131 macctl &= ~B43_MACCTL_AWAKE;
1132 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1134 b43_read32(dev, B43_MMIO_MACCTL);
1135 if (awake && dev->sdev->id.revision >= 5) {
1136 /* Wait for the microcode to wake up. */
1137 for (i = 0; i < 100; i++) {
1138 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1139 B43_SHM_SH_UCODESTAT);
1140 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1147 static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1151 flags |= B43_TMSLOW_PHYCLKEN;
1152 flags |= B43_TMSLOW_PHYRESET;
1153 if (dev->phy.type == B43_PHYTYPE_N)
1154 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1155 ssb_device_enable(dev->sdev, flags);
1156 msleep(2); /* Wait for the PLL to turn on. */
1158 /* Now take the PHY out of Reset again */
1159 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
1160 tmslow |= SSB_TMSLOW_FGC;
1161 tmslow &= ~B43_TMSLOW_PHYRESET;
1162 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
1163 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */
1165 tmslow &= ~SSB_TMSLOW_FGC;
1166 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
1167 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */
1171 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1175 b43_ssb_wireless_core_reset(dev, flags);
1177 /* Turn Analog ON, but only if we already know the PHY-type.
1178 * This protects against very early setup where we don't know the
1179 * PHY-type, yet. wireless_core_reset will be called once again later,
1180 * when we know the PHY-type. */
1182 dev->phy.ops->switch_analog(dev, 1);
1184 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1185 macctl &= ~B43_MACCTL_GMODE;
1186 if (flags & B43_TMSLOW_GMODE)
1187 macctl |= B43_MACCTL_GMODE;
1188 macctl |= B43_MACCTL_IHR_ENABLED;
1189 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1192 static void handle_irq_transmit_status(struct b43_wldev *dev)
1196 struct b43_txstatus stat;
1199 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1200 if (!(v0 & 0x00000001))
1202 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1204 stat.cookie = (v0 >> 16);
1205 stat.seq = (v1 & 0x0000FFFF);
1206 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1207 tmp = (v0 & 0x0000FFFF);
1208 stat.frame_count = ((tmp & 0xF000) >> 12);
1209 stat.rts_count = ((tmp & 0x0F00) >> 8);
1210 stat.supp_reason = ((tmp & 0x001C) >> 2);
1211 stat.pm_indicated = !!(tmp & 0x0080);
1212 stat.intermediate = !!(tmp & 0x0040);
1213 stat.for_ampdu = !!(tmp & 0x0020);
1214 stat.acked = !!(tmp & 0x0002);
1216 b43_handle_txstatus(dev, &stat);
1220 static void drain_txstatus_queue(struct b43_wldev *dev)
1224 if (dev->sdev->id.revision < 5)
1226 /* Read all entries from the microcode TXstatus FIFO
1227 * and throw them away.
1230 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1231 if (!(dummy & 0x00000001))
1233 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1237 static u32 b43_jssi_read(struct b43_wldev *dev)
1241 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1243 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1248 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1250 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1251 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1254 static void b43_generate_noise_sample(struct b43_wldev *dev)
1256 b43_jssi_write(dev, 0x7F7F7F7F);
1257 b43_write32(dev, B43_MMIO_MACCMD,
1258 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1261 static void b43_calculate_link_quality(struct b43_wldev *dev)
1263 /* Top half of Link Quality calculation. */
1265 if (dev->phy.type != B43_PHYTYPE_G)
1267 if (dev->noisecalc.calculation_running)
1269 dev->noisecalc.calculation_running = 1;
1270 dev->noisecalc.nr_samples = 0;
1272 b43_generate_noise_sample(dev);
1275 static void handle_irq_noise(struct b43_wldev *dev)
1277 struct b43_phy_g *phy = dev->phy.g;
1283 /* Bottom half of Link Quality calculation. */
1285 if (dev->phy.type != B43_PHYTYPE_G)
1288 /* Possible race condition: It might be possible that the user
1289 * changed to a different channel in the meantime since we
1290 * started the calculation. We ignore that fact, since it's
1291 * not really that much of a problem. The background noise is
1292 * an estimation only anyway. Slightly wrong results will get damped
1293 * by the averaging of the 8 sample rounds. Additionally the
1294 * value is shortlived. So it will be replaced by the next noise
1295 * calculation round soon. */
1297 B43_WARN_ON(!dev->noisecalc.calculation_running);
1298 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1299 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1300 noise[2] == 0x7F || noise[3] == 0x7F)
1303 /* Get the noise samples. */
1304 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1305 i = dev->noisecalc.nr_samples;
1306 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1307 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1308 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1309 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1310 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1311 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1312 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1313 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1314 dev->noisecalc.nr_samples++;
1315 if (dev->noisecalc.nr_samples == 8) {
1316 /* Calculate the Link Quality by the noise samples. */
1318 for (i = 0; i < 8; i++) {
1319 for (j = 0; j < 4; j++)
1320 average += dev->noisecalc.samples[i][j];
1326 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1327 tmp = (tmp / 128) & 0x1F;
1337 dev->stats.link_noise = average;
1338 dev->noisecalc.calculation_running = 0;
1342 b43_generate_noise_sample(dev);
1345 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1347 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1350 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1351 b43_power_saving_ctl_bits(dev, 0);
1353 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1357 static void handle_irq_atim_end(struct b43_wldev *dev)
1359 if (dev->dfq_valid) {
1360 b43_write32(dev, B43_MMIO_MACCMD,
1361 b43_read32(dev, B43_MMIO_MACCMD)
1362 | B43_MACCMD_DFQ_VALID);
1367 static void handle_irq_pmq(struct b43_wldev *dev)
1374 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1375 if (!(tmp & 0x00000008))
1378 /* 16bit write is odd, but correct. */
1379 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1382 static void b43_write_template_common(struct b43_wldev *dev,
1383 const u8 *data, u16 size,
1385 u16 shm_size_offset, u8 rate)
1388 struct b43_plcp_hdr4 plcp;
1391 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1392 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1393 ram_offset += sizeof(u32);
1394 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1395 * So leave the first two bytes of the next write blank.
1397 tmp = (u32) (data[0]) << 16;
1398 tmp |= (u32) (data[1]) << 24;
1399 b43_ram_write(dev, ram_offset, tmp);
1400 ram_offset += sizeof(u32);
1401 for (i = 2; i < size; i += sizeof(u32)) {
1402 tmp = (u32) (data[i + 0]);
1404 tmp |= (u32) (data[i + 1]) << 8;
1406 tmp |= (u32) (data[i + 2]) << 16;
1408 tmp |= (u32) (data[i + 3]) << 24;
1409 b43_ram_write(dev, ram_offset + i - 2, tmp);
1411 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1412 size + sizeof(struct b43_plcp_hdr6));
1415 /* Check if the use of the antenna that ieee80211 told us to
1416 * use is possible. This will fall back to DEFAULT.
1417 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1418 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1423 if (antenna_nr == 0) {
1424 /* Zero means "use default antenna". That's always OK. */
1428 /* Get the mask of available antennas. */
1430 antenna_mask = dev->sdev->bus->sprom.ant_available_bg;
1432 antenna_mask = dev->sdev->bus->sprom.ant_available_a;
1434 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1435 /* This antenna is not available. Fall back to default. */
1442 /* Convert a b43 antenna number value to the PHY TX control value. */
1443 static u16 b43_antenna_to_phyctl(int antenna)
1447 return B43_TXH_PHY_ANT0;
1449 return B43_TXH_PHY_ANT1;
1451 return B43_TXH_PHY_ANT2;
1453 return B43_TXH_PHY_ANT3;
1454 case B43_ANTENNA_AUTO0:
1455 case B43_ANTENNA_AUTO1:
1456 return B43_TXH_PHY_ANT01AUTO;
1462 static void b43_write_beacon_template(struct b43_wldev *dev,
1464 u16 shm_size_offset)
1466 unsigned int i, len, variable_len;
1467 const struct ieee80211_mgmt *bcn;
1473 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1475 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1476 len = min((size_t) dev->wl->current_beacon->len,
1477 0x200 - sizeof(struct b43_plcp_hdr6));
1478 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1480 b43_write_template_common(dev, (const u8 *)bcn,
1481 len, ram_offset, shm_size_offset, rate);
1483 /* Write the PHY TX control parameters. */
1484 antenna = B43_ANTENNA_DEFAULT;
1485 antenna = b43_antenna_to_phyctl(antenna);
1486 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1487 /* We can't send beacons with short preamble. Would get PHY errors. */
1488 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1489 ctl &= ~B43_TXH_PHY_ANT;
1490 ctl &= ~B43_TXH_PHY_ENC;
1492 if (b43_is_cck_rate(rate))
1493 ctl |= B43_TXH_PHY_ENC_CCK;
1495 ctl |= B43_TXH_PHY_ENC_OFDM;
1496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1498 /* Find the position of the TIM and the DTIM_period value
1499 * and write them to SHM. */
1500 ie = bcn->u.beacon.variable;
1501 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1502 for (i = 0; i < variable_len - 2; ) {
1503 uint8_t ie_id, ie_len;
1510 /* This is the TIM Information Element */
1512 /* Check whether the ie_len is in the beacon data range. */
1513 if (variable_len < ie_len + 2 + i)
1515 /* A valid TIM is at least 4 bytes long. */
1520 tim_position = sizeof(struct b43_plcp_hdr6);
1521 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1524 dtim_period = ie[i + 3];
1526 b43_shm_write16(dev, B43_SHM_SHARED,
1527 B43_SHM_SH_TIMBPOS, tim_position);
1528 b43_shm_write16(dev, B43_SHM_SHARED,
1529 B43_SHM_SH_DTIMPER, dtim_period);
1536 * If ucode wants to modify TIM do it behind the beacon, this
1537 * will happen, for example, when doing mesh networking.
1539 b43_shm_write16(dev, B43_SHM_SHARED,
1541 len + sizeof(struct b43_plcp_hdr6));
1542 b43_shm_write16(dev, B43_SHM_SHARED,
1543 B43_SHM_SH_DTIMPER, 0);
1545 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1548 static void b43_upload_beacon0(struct b43_wldev *dev)
1550 struct b43_wl *wl = dev->wl;
1552 if (wl->beacon0_uploaded)
1554 b43_write_beacon_template(dev, 0x68, 0x18);
1555 wl->beacon0_uploaded = 1;
1558 static void b43_upload_beacon1(struct b43_wldev *dev)
1560 struct b43_wl *wl = dev->wl;
1562 if (wl->beacon1_uploaded)
1564 b43_write_beacon_template(dev, 0x468, 0x1A);
1565 wl->beacon1_uploaded = 1;
1568 static void handle_irq_beacon(struct b43_wldev *dev)
1570 struct b43_wl *wl = dev->wl;
1571 u32 cmd, beacon0_valid, beacon1_valid;
1573 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1574 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1577 /* This is the bottom half of the asynchronous beacon update. */
1579 /* Ignore interrupt in the future. */
1580 dev->irq_mask &= ~B43_IRQ_BEACON;
1582 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1583 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1584 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1586 /* Schedule interrupt manually, if busy. */
1587 if (beacon0_valid && beacon1_valid) {
1588 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1589 dev->irq_mask |= B43_IRQ_BEACON;
1593 if (unlikely(wl->beacon_templates_virgin)) {
1594 /* We never uploaded a beacon before.
1595 * Upload both templates now, but only mark one valid. */
1596 wl->beacon_templates_virgin = 0;
1597 b43_upload_beacon0(dev);
1598 b43_upload_beacon1(dev);
1599 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1600 cmd |= B43_MACCMD_BEACON0_VALID;
1601 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1603 if (!beacon0_valid) {
1604 b43_upload_beacon0(dev);
1605 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1606 cmd |= B43_MACCMD_BEACON0_VALID;
1607 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1608 } else if (!beacon1_valid) {
1609 b43_upload_beacon1(dev);
1610 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1611 cmd |= B43_MACCMD_BEACON1_VALID;
1612 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1617 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1619 u32 old_irq_mask = dev->irq_mask;
1621 /* update beacon right away or defer to irq */
1622 handle_irq_beacon(dev);
1623 if (old_irq_mask != dev->irq_mask) {
1624 /* The handler updated the IRQ mask. */
1625 B43_WARN_ON(!dev->irq_mask);
1626 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1627 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1629 /* Device interrupts are currently disabled. That means
1630 * we just ran the hardirq handler and scheduled the
1631 * IRQ thread. The thread will write the IRQ mask when
1632 * it finished, so there's nothing to do here. Writing
1633 * the mask _here_ would incorrectly re-enable IRQs. */
1638 static void b43_beacon_update_trigger_work(struct work_struct *work)
1640 struct b43_wl *wl = container_of(work, struct b43_wl,
1641 beacon_update_trigger);
1642 struct b43_wldev *dev;
1644 mutex_lock(&wl->mutex);
1645 dev = wl->current_dev;
1646 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1647 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
1648 /* wl->mutex is enough. */
1649 b43_do_beacon_update_trigger_work(dev);
1652 spin_lock_irq(&wl->hardirq_lock);
1653 b43_do_beacon_update_trigger_work(dev);
1655 spin_unlock_irq(&wl->hardirq_lock);
1658 mutex_unlock(&wl->mutex);
1661 /* Asynchronously update the packet templates in template RAM.
1662 * Locking: Requires wl->mutex to be locked. */
1663 static void b43_update_templates(struct b43_wl *wl)
1665 struct sk_buff *beacon;
1667 /* This is the top half of the ansynchronous beacon update.
1668 * The bottom half is the beacon IRQ.
1669 * Beacon update must be asynchronous to avoid sending an
1670 * invalid beacon. This can happen for example, if the firmware
1671 * transmits a beacon while we are updating it. */
1673 /* We could modify the existing beacon and set the aid bit in
1674 * the TIM field, but that would probably require resizing and
1675 * moving of data within the beacon template.
1676 * Simply request a new beacon and let mac80211 do the hard work. */
1677 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1678 if (unlikely(!beacon))
1681 if (wl->current_beacon)
1682 dev_kfree_skb_any(wl->current_beacon);
1683 wl->current_beacon = beacon;
1684 wl->beacon0_uploaded = 0;
1685 wl->beacon1_uploaded = 0;
1686 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1689 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1692 if (dev->sdev->id.revision >= 3) {
1693 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1694 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1696 b43_write16(dev, 0x606, (beacon_int >> 6));
1697 b43_write16(dev, 0x610, beacon_int);
1699 b43_time_unlock(dev);
1700 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1703 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1707 /* Read the register that contains the reason code for the panic. */
1708 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1709 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1713 b43dbg(dev->wl, "The panic reason is unknown.\n");
1715 case B43_FWPANIC_DIE:
1716 /* Do not restart the controller or firmware.
1717 * The device is nonfunctional from now on.
1718 * Restarting would result in this panic to trigger again,
1719 * so we avoid that recursion. */
1721 case B43_FWPANIC_RESTART:
1722 b43_controller_restart(dev, "Microcode panic");
1727 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1729 unsigned int i, cnt;
1730 u16 reason, marker_id, marker_line;
1733 /* The proprietary firmware doesn't have this IRQ. */
1734 if (!dev->fw.opensource)
1737 /* Read the register that contains the reason code for this IRQ. */
1738 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1741 case B43_DEBUGIRQ_PANIC:
1742 b43_handle_firmware_panic(dev);
1744 case B43_DEBUGIRQ_DUMP_SHM:
1746 break; /* Only with driver debugging enabled. */
1747 buf = kmalloc(4096, GFP_ATOMIC);
1749 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1752 for (i = 0; i < 4096; i += 2) {
1753 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1754 buf[i / 2] = cpu_to_le16(tmp);
1756 b43info(dev->wl, "Shared memory dump:\n");
1757 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1758 16, 2, buf, 4096, 1);
1761 case B43_DEBUGIRQ_DUMP_REGS:
1763 break; /* Only with driver debugging enabled. */
1764 b43info(dev->wl, "Microcode register dump:\n");
1765 for (i = 0, cnt = 0; i < 64; i++) {
1766 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1769 printk("r%02u: 0x%04X ", i, tmp);
1778 case B43_DEBUGIRQ_MARKER:
1780 break; /* Only with driver debugging enabled. */
1781 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1783 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1784 B43_MARKER_LINE_REG);
1785 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1786 "at line number %u\n",
1787 marker_id, marker_line);
1790 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1794 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1795 b43_shm_write16(dev, B43_SHM_SCRATCH,
1796 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1799 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1802 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1803 u32 merged_dma_reason = 0;
1806 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1809 reason = dev->irq_reason;
1810 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1811 dma_reason[i] = dev->dma_reason[i];
1812 merged_dma_reason |= dma_reason[i];
1815 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1816 b43err(dev->wl, "MAC transmission error\n");
1818 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1819 b43err(dev->wl, "PHY transmission error\n");
1821 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1822 atomic_set(&dev->phy.txerr_cnt,
1823 B43_PHY_TX_BADNESS_LIMIT);
1824 b43err(dev->wl, "Too many PHY TX errors, "
1825 "restarting the controller\n");
1826 b43_controller_restart(dev, "PHY TX errors");
1830 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1831 B43_DMAIRQ_NONFATALMASK))) {
1832 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1833 b43err(dev->wl, "Fatal DMA error: "
1834 "0x%08X, 0x%08X, 0x%08X, "
1835 "0x%08X, 0x%08X, 0x%08X\n",
1836 dma_reason[0], dma_reason[1],
1837 dma_reason[2], dma_reason[3],
1838 dma_reason[4], dma_reason[5]);
1839 b43err(dev->wl, "This device does not support DMA "
1840 "on your system. It will now be switched to PIO.\n");
1841 /* Fall back to PIO transfers if we get fatal DMA errors! */
1843 b43_controller_restart(dev, "DMA error");
1846 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1847 b43err(dev->wl, "DMA error: "
1848 "0x%08X, 0x%08X, 0x%08X, "
1849 "0x%08X, 0x%08X, 0x%08X\n",
1850 dma_reason[0], dma_reason[1],
1851 dma_reason[2], dma_reason[3],
1852 dma_reason[4], dma_reason[5]);
1856 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1857 handle_irq_ucode_debug(dev);
1858 if (reason & B43_IRQ_TBTT_INDI)
1859 handle_irq_tbtt_indication(dev);
1860 if (reason & B43_IRQ_ATIM_END)
1861 handle_irq_atim_end(dev);
1862 if (reason & B43_IRQ_BEACON)
1863 handle_irq_beacon(dev);
1864 if (reason & B43_IRQ_PMQ)
1865 handle_irq_pmq(dev);
1866 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1868 if (reason & B43_IRQ_NOISESAMPLE_OK)
1869 handle_irq_noise(dev);
1871 /* Check the DMA reason registers for received data. */
1872 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1873 if (b43_using_pio_transfers(dev))
1874 b43_pio_rx(dev->pio.rx_queue);
1876 b43_dma_rx(dev->dma.rx_ring);
1878 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1879 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1880 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1881 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1882 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1884 if (reason & B43_IRQ_TX_OK)
1885 handle_irq_transmit_status(dev);
1887 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1888 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1891 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1893 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1894 if (reason & (1 << i))
1895 dev->irq_bit_count[i]++;
1901 /* Interrupt thread handler. Handles device interrupts in thread context. */
1902 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1904 struct b43_wldev *dev = dev_id;
1906 mutex_lock(&dev->wl->mutex);
1907 b43_do_interrupt_thread(dev);
1909 mutex_unlock(&dev->wl->mutex);
1914 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1918 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1919 * On SDIO, this runs under wl->mutex. */
1921 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1922 if (reason == 0xffffffff) /* shared IRQ */
1924 reason &= dev->irq_mask;
1928 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1930 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1932 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1934 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1936 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1939 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1943 /* ACK the interrupt. */
1944 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1945 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1946 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1947 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1948 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1949 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1951 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1954 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1955 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1956 /* Save the reason bitmasks for the IRQ thread handler. */
1957 dev->irq_reason = reason;
1959 return IRQ_WAKE_THREAD;
1962 /* Interrupt handler top-half. This runs with interrupts disabled. */
1963 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1965 struct b43_wldev *dev = dev_id;
1968 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1971 spin_lock(&dev->wl->hardirq_lock);
1972 ret = b43_do_interrupt(dev);
1974 spin_unlock(&dev->wl->hardirq_lock);
1979 /* SDIO interrupt handler. This runs in process context. */
1980 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
1982 struct b43_wl *wl = dev->wl;
1985 mutex_lock(&wl->mutex);
1987 ret = b43_do_interrupt(dev);
1988 if (ret == IRQ_WAKE_THREAD)
1989 b43_do_interrupt_thread(dev);
1991 mutex_unlock(&wl->mutex);
1994 void b43_do_release_fw(struct b43_firmware_file *fw)
1996 release_firmware(fw->data);
1998 fw->filename = NULL;
2001 static void b43_release_firmware(struct b43_wldev *dev)
2003 b43_do_release_fw(&dev->fw.ucode);
2004 b43_do_release_fw(&dev->fw.pcm);
2005 b43_do_release_fw(&dev->fw.initvals);
2006 b43_do_release_fw(&dev->fw.initvals_band);
2009 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2013 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
2014 "and download the correct firmware for this driver version. " \
2015 "Please carefully read all instructions on this website.\n";
2023 int b43_do_request_fw(struct b43_request_fw_context *ctx,
2025 struct b43_firmware_file *fw)
2027 const struct firmware *blob;
2028 struct b43_fw_header *hdr;
2033 /* Don't fetch anything. Free possibly cached firmware. */
2034 /* FIXME: We should probably keep it anyway, to save some headache
2035 * on suspend/resume with multiband devices. */
2036 b43_do_release_fw(fw);
2040 if ((fw->type == ctx->req_type) &&
2041 (strcmp(fw->filename, name) == 0))
2042 return 0; /* Already have this fw. */
2043 /* Free the cached firmware first. */
2044 /* FIXME: We should probably do this later after we successfully
2045 * got the new fw. This could reduce headache with multiband devices.
2046 * We could also redesign this to cache the firmware for all possible
2047 * bands all the time. */
2048 b43_do_release_fw(fw);
2051 switch (ctx->req_type) {
2052 case B43_FWTYPE_PROPRIETARY:
2053 snprintf(ctx->fwname, sizeof(ctx->fwname),
2055 modparam_fwpostfix, name);
2057 case B43_FWTYPE_OPENSOURCE:
2058 snprintf(ctx->fwname, sizeof(ctx->fwname),
2060 modparam_fwpostfix, name);
2066 err = request_firmware(&blob, ctx->fwname, ctx->dev->sdev->dev);
2067 if (err == -ENOENT) {
2068 snprintf(ctx->errors[ctx->req_type],
2069 sizeof(ctx->errors[ctx->req_type]),
2070 "Firmware file \"%s\" not found\n", ctx->fwname);
2073 snprintf(ctx->errors[ctx->req_type],
2074 sizeof(ctx->errors[ctx->req_type]),
2075 "Firmware file \"%s\" request failed (err=%d)\n",
2079 if (blob->size < sizeof(struct b43_fw_header))
2081 hdr = (struct b43_fw_header *)(blob->data);
2082 switch (hdr->type) {
2083 case B43_FW_TYPE_UCODE:
2084 case B43_FW_TYPE_PCM:
2085 size = be32_to_cpu(hdr->size);
2086 if (size != blob->size - sizeof(struct b43_fw_header))
2089 case B43_FW_TYPE_IV:
2098 fw->filename = name;
2099 fw->type = ctx->req_type;
2104 snprintf(ctx->errors[ctx->req_type],
2105 sizeof(ctx->errors[ctx->req_type]),
2106 "Firmware file \"%s\" format error.\n", ctx->fwname);
2107 release_firmware(blob);
2112 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2114 struct b43_wldev *dev = ctx->dev;
2115 struct b43_firmware *fw = &ctx->dev->fw;
2116 const u8 rev = ctx->dev->sdev->id.revision;
2117 const char *filename;
2122 if ((rev >= 5) && (rev <= 10))
2123 filename = "ucode5";
2124 else if ((rev >= 11) && (rev <= 12))
2125 filename = "ucode11";
2127 filename = "ucode13";
2129 filename = "ucode14";
2131 filename = "ucode15";
2132 else if ((rev >= 16) && (rev <= 20))
2133 filename = "ucode16_mimo";
2136 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2141 if ((rev >= 5) && (rev <= 10))
2147 fw->pcm_request_failed = 0;
2148 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2149 if (err == -ENOENT) {
2150 /* We did not find a PCM file? Not fatal, but
2151 * core rev <= 10 must do without hwcrypto then. */
2152 fw->pcm_request_failed = 1;
2157 switch (dev->phy.type) {
2159 if ((rev >= 5) && (rev <= 10)) {
2160 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
2161 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2162 filename = "a0g1initvals5";
2164 filename = "a0g0initvals5";
2166 goto err_no_initvals;
2169 if ((rev >= 5) && (rev <= 10))
2170 filename = "b0g0initvals5";
2172 filename = "b0g0initvals13";
2174 goto err_no_initvals;
2178 filename = "n0initvals16";
2179 else if ((rev >= 11) && (rev <= 12))
2180 filename = "n0initvals11";
2182 goto err_no_initvals;
2184 case B43_PHYTYPE_LP:
2186 filename = "lp0initvals13";
2188 filename = "lp0initvals14";
2190 filename = "lp0initvals15";
2192 goto err_no_initvals;
2195 goto err_no_initvals;
2197 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2201 /* Get bandswitch initvals */
2202 switch (dev->phy.type) {
2204 if ((rev >= 5) && (rev <= 10)) {
2205 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
2206 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2207 filename = "a0g1bsinitvals5";
2209 filename = "a0g0bsinitvals5";
2210 } else if (rev >= 11)
2213 goto err_no_initvals;
2216 if ((rev >= 5) && (rev <= 10))
2217 filename = "b0g0bsinitvals5";
2221 goto err_no_initvals;
2225 filename = "n0bsinitvals16";
2226 else if ((rev >= 11) && (rev <= 12))
2227 filename = "n0bsinitvals11";
2229 goto err_no_initvals;
2231 case B43_PHYTYPE_LP:
2233 filename = "lp0bsinitvals13";
2235 filename = "lp0bsinitvals14";
2237 filename = "lp0bsinitvals15";
2239 goto err_no_initvals;
2242 goto err_no_initvals;
2244 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2251 err = ctx->fatal_failure = -EOPNOTSUPP;
2252 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2253 "is required for your device (wl-core rev %u)\n", rev);
2257 err = ctx->fatal_failure = -EOPNOTSUPP;
2258 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2259 "is required for your device (wl-core rev %u)\n", rev);
2263 err = ctx->fatal_failure = -EOPNOTSUPP;
2264 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2265 "is required for your device (wl-core rev %u)\n", rev);
2269 /* We failed to load this firmware image. The error message
2270 * already is in ctx->errors. Return and let our caller decide
2275 b43_release_firmware(dev);
2279 static int b43_request_firmware(struct b43_wldev *dev)
2281 struct b43_request_fw_context *ctx;
2286 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2291 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2292 err = b43_try_request_fw(ctx);
2294 goto out; /* Successfully loaded it. */
2295 err = ctx->fatal_failure;
2299 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2300 err = b43_try_request_fw(ctx);
2302 goto out; /* Successfully loaded it. */
2303 err = ctx->fatal_failure;
2307 /* Could not find a usable firmware. Print the errors. */
2308 for (i = 0; i < B43_NR_FWTYPES; i++) {
2309 errmsg = ctx->errors[i];
2311 b43err(dev->wl, errmsg);
2313 b43_print_fw_helptext(dev->wl, 1);
2321 static int b43_upload_microcode(struct b43_wldev *dev)
2323 struct wiphy *wiphy = dev->wl->hw->wiphy;
2324 const size_t hdr_len = sizeof(struct b43_fw_header);
2326 unsigned int i, len;
2327 u16 fwrev, fwpatch, fwdate, fwtime;
2331 /* Jump the microcode PSM to offset 0 */
2332 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2333 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2334 macctl |= B43_MACCTL_PSM_JMP0;
2335 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2336 /* Zero out all microcode PSM registers and shared memory. */
2337 for (i = 0; i < 64; i++)
2338 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2339 for (i = 0; i < 4096; i += 2)
2340 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2342 /* Upload Microcode. */
2343 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2344 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2345 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2346 for (i = 0; i < len; i++) {
2347 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2351 if (dev->fw.pcm.data) {
2352 /* Upload PCM data. */
2353 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2354 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2355 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2356 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2357 /* No need for autoinc bit in SHM_HW */
2358 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2359 for (i = 0; i < len; i++) {
2360 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2365 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2367 /* Start the microcode PSM */
2368 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2369 macctl &= ~B43_MACCTL_PSM_JMP0;
2370 macctl |= B43_MACCTL_PSM_RUN;
2371 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2373 /* Wait for the microcode to load and respond */
2376 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2377 if (tmp == B43_IRQ_MAC_SUSPENDED)
2381 b43err(dev->wl, "Microcode not responding\n");
2382 b43_print_fw_helptext(dev->wl, 1);
2388 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2390 /* Get and check the revisions. */
2391 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2392 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2393 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2394 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2396 if (fwrev <= 0x128) {
2397 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2398 "binary drivers older than version 4.x is unsupported. "
2399 "You must upgrade your firmware files.\n");
2400 b43_print_fw_helptext(dev->wl, 1);
2404 dev->fw.rev = fwrev;
2405 dev->fw.patch = fwpatch;
2406 dev->fw.opensource = (fwdate == 0xFFFF);
2408 /* Default to use-all-queues. */
2409 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2410 dev->qos_enabled = !!modparam_qos;
2411 /* Default to firmware/hardware crypto acceleration. */
2412 dev->hwcrypto_enabled = 1;
2414 if (dev->fw.opensource) {
2417 /* Patchlevel info is encoded in the "time" field. */
2418 dev->fw.patch = fwtime;
2419 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2420 dev->fw.rev, dev->fw.patch);
2422 fwcapa = b43_fwcapa_read(dev);
2423 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2424 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2425 /* Disable hardware crypto and fall back to software crypto. */
2426 dev->hwcrypto_enabled = 0;
2428 if (!(fwcapa & B43_FWCAPA_QOS)) {
2429 b43info(dev->wl, "QoS not supported by firmware\n");
2430 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2431 * ieee80211_unregister to make sure the networking core can
2432 * properly free possible resources. */
2433 dev->wl->hw->queues = 1;
2434 dev->qos_enabled = 0;
2437 b43info(dev->wl, "Loading firmware version %u.%u "
2438 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2440 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2441 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2442 if (dev->fw.pcm_request_failed) {
2443 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2444 "Hardware accelerated cryptography is disabled.\n");
2445 b43_print_fw_helptext(dev->wl, 0);
2449 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2450 dev->fw.rev, dev->fw.patch);
2451 wiphy->hw_version = dev->sdev->id.coreid;
2453 if (b43_is_old_txhdr_format(dev)) {
2454 /* We're over the deadline, but we keep support for old fw
2455 * until it turns out to be in major conflict with something new. */
2456 b43warn(dev->wl, "You are using an old firmware image. "
2457 "Support for old firmware will be removed soon "
2458 "(official deadline was July 2008).\n");
2459 b43_print_fw_helptext(dev->wl, 0);
2465 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2466 macctl &= ~B43_MACCTL_PSM_RUN;
2467 macctl |= B43_MACCTL_PSM_JMP0;
2468 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2473 static int b43_write_initvals(struct b43_wldev *dev,
2474 const struct b43_iv *ivals,
2478 const struct b43_iv *iv;
2483 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2485 for (i = 0; i < count; i++) {
2486 if (array_size < sizeof(iv->offset_size))
2488 array_size -= sizeof(iv->offset_size);
2489 offset = be16_to_cpu(iv->offset_size);
2490 bit32 = !!(offset & B43_IV_32BIT);
2491 offset &= B43_IV_OFFSET_MASK;
2492 if (offset >= 0x1000)
2497 if (array_size < sizeof(iv->data.d32))
2499 array_size -= sizeof(iv->data.d32);
2501 value = get_unaligned_be32(&iv->data.d32);
2502 b43_write32(dev, offset, value);
2504 iv = (const struct b43_iv *)((const uint8_t *)iv +
2510 if (array_size < sizeof(iv->data.d16))
2512 array_size -= sizeof(iv->data.d16);
2514 value = be16_to_cpu(iv->data.d16);
2515 b43_write16(dev, offset, value);
2517 iv = (const struct b43_iv *)((const uint8_t *)iv +
2528 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2529 b43_print_fw_helptext(dev->wl, 1);
2534 static int b43_upload_initvals(struct b43_wldev *dev)
2536 const size_t hdr_len = sizeof(struct b43_fw_header);
2537 const struct b43_fw_header *hdr;
2538 struct b43_firmware *fw = &dev->fw;
2539 const struct b43_iv *ivals;
2543 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2544 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2545 count = be32_to_cpu(hdr->size);
2546 err = b43_write_initvals(dev, ivals, count,
2547 fw->initvals.data->size - hdr_len);
2550 if (fw->initvals_band.data) {
2551 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2552 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2553 count = be32_to_cpu(hdr->size);
2554 err = b43_write_initvals(dev, ivals, count,
2555 fw->initvals_band.data->size - hdr_len);
2564 /* Initialize the GPIOs
2565 * http://bcm-specs.sipsolutions.net/GPIO
2567 static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2569 struct ssb_bus *bus = dev->sdev->bus;
2571 #ifdef CONFIG_SSB_DRIVER_PCICORE
2572 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2574 return bus->chipco.dev;
2578 static int b43_gpio_init(struct b43_wldev *dev)
2580 struct ssb_device *gpiodev;
2583 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2584 & ~B43_MACCTL_GPOUTSMSK);
2586 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2591 if (dev->sdev->bus->chip_id == 0x4301) {
2595 if (0 /* FIXME: conditional unknown */ ) {
2596 b43_write16(dev, B43_MMIO_GPIO_MASK,
2597 b43_read16(dev, B43_MMIO_GPIO_MASK)
2602 if (dev->sdev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2603 b43_write16(dev, B43_MMIO_GPIO_MASK,
2604 b43_read16(dev, B43_MMIO_GPIO_MASK)
2609 if (dev->sdev->id.revision >= 2)
2610 mask |= 0x0010; /* FIXME: This is redundant. */
2612 gpiodev = b43_ssb_gpio_dev(dev);
2614 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2615 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2621 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2622 static void b43_gpio_cleanup(struct b43_wldev *dev)
2624 struct ssb_device *gpiodev;
2626 gpiodev = b43_ssb_gpio_dev(dev);
2628 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2631 /* http://bcm-specs.sipsolutions.net/EnableMac */
2632 void b43_mac_enable(struct b43_wldev *dev)
2634 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2637 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2638 B43_SHM_SH_UCODESTAT);
2639 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2640 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2641 b43err(dev->wl, "b43_mac_enable(): The firmware "
2642 "should be suspended, but current state is %u\n",
2647 dev->mac_suspended--;
2648 B43_WARN_ON(dev->mac_suspended < 0);
2649 if (dev->mac_suspended == 0) {
2650 b43_write32(dev, B43_MMIO_MACCTL,
2651 b43_read32(dev, B43_MMIO_MACCTL)
2652 | B43_MACCTL_ENABLED);
2653 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2654 B43_IRQ_MAC_SUSPENDED);
2656 b43_read32(dev, B43_MMIO_MACCTL);
2657 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2658 b43_power_saving_ctl_bits(dev, 0);
2662 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2663 void b43_mac_suspend(struct b43_wldev *dev)
2669 B43_WARN_ON(dev->mac_suspended < 0);
2671 if (dev->mac_suspended == 0) {
2672 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2673 b43_write32(dev, B43_MMIO_MACCTL,
2674 b43_read32(dev, B43_MMIO_MACCTL)
2675 & ~B43_MACCTL_ENABLED);
2676 /* force pci to flush the write */
2677 b43_read32(dev, B43_MMIO_MACCTL);
2678 for (i = 35; i; i--) {
2679 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2680 if (tmp & B43_IRQ_MAC_SUSPENDED)
2684 /* Hm, it seems this will take some time. Use msleep(). */
2685 for (i = 40; i; i--) {
2686 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2687 if (tmp & B43_IRQ_MAC_SUSPENDED)
2691 b43err(dev->wl, "MAC suspend failed\n");
2694 dev->mac_suspended++;
2697 /* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2698 void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
2700 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
2702 tmslow |= B43_TMSLOW_MACPHYCLKEN;
2704 tmslow &= ~B43_TMSLOW_MACPHYCLKEN;
2705 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
2708 static void b43_adjust_opmode(struct b43_wldev *dev)
2710 struct b43_wl *wl = dev->wl;
2714 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2715 /* Reset status to STA infrastructure mode. */
2716 ctl &= ~B43_MACCTL_AP;
2717 ctl &= ~B43_MACCTL_KEEP_CTL;
2718 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2719 ctl &= ~B43_MACCTL_KEEP_BAD;
2720 ctl &= ~B43_MACCTL_PROMISC;
2721 ctl &= ~B43_MACCTL_BEACPROMISC;
2722 ctl |= B43_MACCTL_INFRA;
2724 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2725 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2726 ctl |= B43_MACCTL_AP;
2727 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2728 ctl &= ~B43_MACCTL_INFRA;
2730 if (wl->filter_flags & FIF_CONTROL)
2731 ctl |= B43_MACCTL_KEEP_CTL;
2732 if (wl->filter_flags & FIF_FCSFAIL)
2733 ctl |= B43_MACCTL_KEEP_BAD;
2734 if (wl->filter_flags & FIF_PLCPFAIL)
2735 ctl |= B43_MACCTL_KEEP_BADPLCP;
2736 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2737 ctl |= B43_MACCTL_PROMISC;
2738 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2739 ctl |= B43_MACCTL_BEACPROMISC;
2741 /* Workaround: On old hardware the HW-MAC-address-filter
2742 * doesn't work properly, so always run promisc in filter
2743 * it in software. */
2744 if (dev->sdev->id.revision <= 4)
2745 ctl |= B43_MACCTL_PROMISC;
2747 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2750 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2751 if (dev->sdev->bus->chip_id == 0x4306 &&
2752 dev->sdev->bus->chip_rev == 3)
2757 b43_write16(dev, 0x612, cfp_pretbtt);
2759 /* FIXME: We don't currently implement the PMQ mechanism,
2760 * so always disable it. If we want to implement PMQ,
2761 * we need to enable it here (clear DISCPMQ) in AP mode.
2763 if (0 /* ctl & B43_MACCTL_AP */) {
2764 b43_write32(dev, B43_MMIO_MACCTL,
2765 b43_read32(dev, B43_MMIO_MACCTL)
2766 & ~B43_MACCTL_DISCPMQ);
2768 b43_write32(dev, B43_MMIO_MACCTL,
2769 b43_read32(dev, B43_MMIO_MACCTL)
2770 | B43_MACCTL_DISCPMQ);
2774 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2780 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2783 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2785 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2786 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2789 static void b43_rate_memory_init(struct b43_wldev *dev)
2791 switch (dev->phy.type) {
2795 case B43_PHYTYPE_LP:
2796 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2797 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2798 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2799 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2800 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2801 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2802 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2803 if (dev->phy.type == B43_PHYTYPE_A)
2807 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2808 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2809 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2810 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2817 /* Set the default values for the PHY TX Control Words. */
2818 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2822 ctl |= B43_TXH_PHY_ENC_CCK;
2823 ctl |= B43_TXH_PHY_ANT01AUTO;
2824 ctl |= B43_TXH_PHY_TXPWR;
2826 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2827 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2828 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2831 /* Set the TX-Antenna for management frames sent by firmware. */
2832 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2837 ant = b43_antenna_to_phyctl(antenna);
2840 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2841 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2842 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2843 /* For Probe Resposes */
2844 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2845 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2846 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2849 /* This is the opposite of b43_chip_init() */
2850 static void b43_chip_exit(struct b43_wldev *dev)
2853 b43_gpio_cleanup(dev);
2854 /* firmware is released later */
2857 /* Initialize the chip
2858 * http://bcm-specs.sipsolutions.net/ChipInit
2860 static int b43_chip_init(struct b43_wldev *dev)
2862 struct b43_phy *phy = &dev->phy;
2867 /* Initialize the MAC control */
2868 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2870 macctl |= B43_MACCTL_GMODE;
2871 macctl |= B43_MACCTL_INFRA;
2872 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2874 err = b43_request_firmware(dev);
2877 err = b43_upload_microcode(dev);
2879 goto out; /* firmware is released later */
2881 err = b43_gpio_init(dev);
2883 goto out; /* firmware is released later */
2885 err = b43_upload_initvals(dev);
2887 goto err_gpio_clean;
2889 /* Turn the Analog on and initialize the PHY. */
2890 phy->ops->switch_analog(dev, 1);
2891 err = b43_phy_init(dev);
2893 goto err_gpio_clean;
2895 /* Disable Interference Mitigation. */
2896 if (phy->ops->interf_mitigation)
2897 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2899 /* Select the antennae */
2900 if (phy->ops->set_rx_antenna)
2901 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2902 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2904 if (phy->type == B43_PHYTYPE_B) {
2905 value16 = b43_read16(dev, 0x005E);
2907 b43_write16(dev, 0x005E, value16);
2909 b43_write32(dev, 0x0100, 0x01000000);
2910 if (dev->sdev->id.revision < 5)
2911 b43_write32(dev, 0x010C, 0x01000000);
2913 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2914 & ~B43_MACCTL_INFRA);
2915 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2916 | B43_MACCTL_INFRA);
2918 /* Probe Response Timeout value */
2919 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2920 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2922 /* Initially set the wireless operation mode. */
2923 b43_adjust_opmode(dev);
2925 if (dev->sdev->id.revision < 3) {
2926 b43_write16(dev, 0x060E, 0x0000);
2927 b43_write16(dev, 0x0610, 0x8000);
2928 b43_write16(dev, 0x0604, 0x0000);
2929 b43_write16(dev, 0x0606, 0x0200);
2931 b43_write32(dev, 0x0188, 0x80000000);
2932 b43_write32(dev, 0x018C, 0x02000000);
2934 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2935 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2936 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2937 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2938 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2939 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2940 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2942 b43_mac_phy_clock_set(dev, true);
2944 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2945 dev->sdev->bus->chipco.fast_pwrup_delay);
2948 b43dbg(dev->wl, "Chip initialized\n");
2953 b43_gpio_cleanup(dev);
2957 static void b43_periodic_every60sec(struct b43_wldev *dev)
2959 const struct b43_phy_operations *ops = dev->phy.ops;
2961 if (ops->pwork_60sec)
2962 ops->pwork_60sec(dev);
2964 /* Force check the TX power emission now. */
2965 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2968 static void b43_periodic_every30sec(struct b43_wldev *dev)
2970 /* Update device statistics. */
2971 b43_calculate_link_quality(dev);
2974 static void b43_periodic_every15sec(struct b43_wldev *dev)
2976 struct b43_phy *phy = &dev->phy;
2979 if (dev->fw.opensource) {
2980 /* Check if the firmware is still alive.
2981 * It will reset the watchdog counter to 0 in its idle loop. */
2982 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2983 if (unlikely(wdr)) {
2984 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2985 b43_controller_restart(dev, "Firmware watchdog");
2988 b43_shm_write16(dev, B43_SHM_SCRATCH,
2989 B43_WATCHDOG_REG, 1);
2993 if (phy->ops->pwork_15sec)
2994 phy->ops->pwork_15sec(dev);
2996 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3000 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3003 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3004 dev->irq_count / 15,
3006 dev->rx_count / 15);
3010 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3011 if (dev->irq_bit_count[i]) {
3012 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3013 dev->irq_bit_count[i] / 15, i, (1 << i));
3014 dev->irq_bit_count[i] = 0;
3021 static void do_periodic_work(struct b43_wldev *dev)
3025 state = dev->periodic_state;
3027 b43_periodic_every60sec(dev);
3029 b43_periodic_every30sec(dev);
3030 b43_periodic_every15sec(dev);
3033 /* Periodic work locking policy:
3034 * The whole periodic work handler is protected by
3035 * wl->mutex. If another lock is needed somewhere in the
3036 * pwork callchain, it's acquired in-place, where it's needed.
3038 static void b43_periodic_work_handler(struct work_struct *work)
3040 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3041 periodic_work.work);
3042 struct b43_wl *wl = dev->wl;
3043 unsigned long delay;
3045 mutex_lock(&wl->mutex);
3047 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3049 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3052 do_periodic_work(dev);
3054 dev->periodic_state++;
3056 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3057 delay = msecs_to_jiffies(50);
3059 delay = round_jiffies_relative(HZ * 15);
3060 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3062 mutex_unlock(&wl->mutex);
3065 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3067 struct delayed_work *work = &dev->periodic_work;
3069 dev->periodic_state = 0;
3070 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3071 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3074 /* Check if communication with the device works correctly. */
3075 static int b43_validate_chipaccess(struct b43_wldev *dev)
3077 u32 v, backup0, backup4;
3079 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3080 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3082 /* Check for read/write and endianness problems. */
3083 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3084 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3086 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3087 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3090 /* Check if unaligned 32bit SHM_SHARED access works properly.
3091 * However, don't bail out on failure, because it's noncritical. */
3092 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3093 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3094 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3095 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3096 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3097 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3098 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3099 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3100 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3101 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3102 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3103 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3105 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3106 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3108 if ((dev->sdev->id.revision >= 3) && (dev->sdev->id.revision <= 10)) {
3109 /* The 32bit register shadows the two 16bit registers
3110 * with update sideeffects. Validate this. */
3111 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3112 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3113 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3115 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3118 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3120 v = b43_read32(dev, B43_MMIO_MACCTL);
3121 v |= B43_MACCTL_GMODE;
3122 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3127 b43err(dev->wl, "Failed to validate the chipaccess\n");
3131 static void b43_security_init(struct b43_wldev *dev)
3133 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3134 /* KTP is a word address, but we address SHM bytewise.
3135 * So multiply by two.
3138 /* Number of RCMTA address slots */
3139 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3140 /* Clear the key memory. */
3141 b43_clear_keys(dev);
3144 #ifdef CONFIG_B43_HWRNG
3145 static int b43_rng_read(struct hwrng *rng, u32 *data)
3147 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3148 struct b43_wldev *dev;
3149 int count = -ENODEV;
3151 mutex_lock(&wl->mutex);
3152 dev = wl->current_dev;
3153 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3154 *data = b43_read16(dev, B43_MMIO_RNG);
3155 count = sizeof(u16);
3157 mutex_unlock(&wl->mutex);
3161 #endif /* CONFIG_B43_HWRNG */
3163 static void b43_rng_exit(struct b43_wl *wl)
3165 #ifdef CONFIG_B43_HWRNG
3166 if (wl->rng_initialized)
3167 hwrng_unregister(&wl->rng);
3168 #endif /* CONFIG_B43_HWRNG */
3171 static int b43_rng_init(struct b43_wl *wl)
3175 #ifdef CONFIG_B43_HWRNG
3176 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3177 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3178 wl->rng.name = wl->rng_name;
3179 wl->rng.data_read = b43_rng_read;
3180 wl->rng.priv = (unsigned long)wl;
3181 wl->rng_initialized = 1;
3182 err = hwrng_register(&wl->rng);
3184 wl->rng_initialized = 0;
3185 b43err(wl, "Failed to register the random "
3186 "number generator (%d)\n", err);
3188 #endif /* CONFIG_B43_HWRNG */
3193 static void b43_tx_work(struct work_struct *work)
3195 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3196 struct b43_wldev *dev;
3197 struct sk_buff *skb;
3200 mutex_lock(&wl->mutex);
3201 dev = wl->current_dev;
3202 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3203 mutex_unlock(&wl->mutex);
3207 while (skb_queue_len(&wl->tx_queue)) {
3208 skb = skb_dequeue(&wl->tx_queue);
3210 if (b43_using_pio_transfers(dev))
3211 err = b43_pio_tx(dev, skb);
3213 err = b43_dma_tx(dev, skb);
3215 dev_kfree_skb(skb); /* Drop it */
3221 mutex_unlock(&wl->mutex);
3224 static void b43_op_tx(struct ieee80211_hw *hw,
3225 struct sk_buff *skb)
3227 struct b43_wl *wl = hw_to_b43_wl(hw);
3229 if (unlikely(skb->len < 2 + 2 + 6)) {
3230 /* Too short, this can't be a valid frame. */
3231 dev_kfree_skb_any(skb);
3234 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3236 skb_queue_tail(&wl->tx_queue, skb);
3237 ieee80211_queue_work(wl->hw, &wl->tx_work);
3240 static void b43_qos_params_upload(struct b43_wldev *dev,
3241 const struct ieee80211_tx_queue_params *p,
3244 u16 params[B43_NR_QOSPARAMS];
3248 if (!dev->qos_enabled)
3251 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3253 memset(¶ms, 0, sizeof(params));
3255 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3256 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3257 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3258 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3259 params[B43_QOSPARAM_AIFS] = p->aifs;
3260 params[B43_QOSPARAM_BSLOTS] = bslots;
3261 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3263 for (i = 0; i < ARRAY_SIZE(params); i++) {
3264 if (i == B43_QOSPARAM_STATUS) {
3265 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3266 shm_offset + (i * 2));
3267 /* Mark the parameters as updated. */
3269 b43_shm_write16(dev, B43_SHM_SHARED,
3270 shm_offset + (i * 2),
3273 b43_shm_write16(dev, B43_SHM_SHARED,
3274 shm_offset + (i * 2),
3280 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3281 static const u16 b43_qos_shm_offsets[] = {
3282 /* [mac80211-queue-nr] = SHM_OFFSET, */
3283 [0] = B43_QOS_VOICE,
3284 [1] = B43_QOS_VIDEO,
3285 [2] = B43_QOS_BESTEFFORT,
3286 [3] = B43_QOS_BACKGROUND,
3289 /* Update all QOS parameters in hardware. */
3290 static void b43_qos_upload_all(struct b43_wldev *dev)
3292 struct b43_wl *wl = dev->wl;
3293 struct b43_qos_params *params;
3296 if (!dev->qos_enabled)
3299 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3300 ARRAY_SIZE(wl->qos_params));
3302 b43_mac_suspend(dev);
3303 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3304 params = &(wl->qos_params[i]);
3305 b43_qos_params_upload(dev, &(params->p),
3306 b43_qos_shm_offsets[i]);
3308 b43_mac_enable(dev);
3311 static void b43_qos_clear(struct b43_wl *wl)
3313 struct b43_qos_params *params;
3316 /* Initialize QoS parameters to sane defaults. */
3318 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3319 ARRAY_SIZE(wl->qos_params));
3321 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3322 params = &(wl->qos_params[i]);
3324 switch (b43_qos_shm_offsets[i]) {
3328 params->p.cw_min = 0x0001;
3329 params->p.cw_max = 0x0001;
3334 params->p.cw_min = 0x0001;
3335 params->p.cw_max = 0x0001;
3337 case B43_QOS_BESTEFFORT:
3340 params->p.cw_min = 0x0001;
3341 params->p.cw_max = 0x03FF;
3343 case B43_QOS_BACKGROUND:
3346 params->p.cw_min = 0x0001;
3347 params->p.cw_max = 0x03FF;
3355 /* Initialize the core's QOS capabilities */
3356 static void b43_qos_init(struct b43_wldev *dev)
3358 if (!dev->qos_enabled) {
3359 /* Disable QOS support. */
3360 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3361 b43_write16(dev, B43_MMIO_IFSCTL,
3362 b43_read16(dev, B43_MMIO_IFSCTL)
3363 & ~B43_MMIO_IFSCTL_USE_EDCF);
3364 b43dbg(dev->wl, "QoS disabled\n");
3368 /* Upload the current QOS parameters. */
3369 b43_qos_upload_all(dev);
3371 /* Enable QOS support. */
3372 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3373 b43_write16(dev, B43_MMIO_IFSCTL,
3374 b43_read16(dev, B43_MMIO_IFSCTL)
3375 | B43_MMIO_IFSCTL_USE_EDCF);
3376 b43dbg(dev->wl, "QoS enabled\n");
3379 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3380 const struct ieee80211_tx_queue_params *params)
3382 struct b43_wl *wl = hw_to_b43_wl(hw);
3383 struct b43_wldev *dev;
3384 unsigned int queue = (unsigned int)_queue;
3387 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3388 /* Queue not available or don't support setting
3389 * params on this queue. Return success to not
3390 * confuse mac80211. */
3393 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3394 ARRAY_SIZE(wl->qos_params));
3396 mutex_lock(&wl->mutex);
3397 dev = wl->current_dev;
3398 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3401 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3402 b43_mac_suspend(dev);
3403 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3404 b43_qos_shm_offsets[queue]);
3405 b43_mac_enable(dev);
3409 mutex_unlock(&wl->mutex);
3414 static int b43_op_get_stats(struct ieee80211_hw *hw,
3415 struct ieee80211_low_level_stats *stats)
3417 struct b43_wl *wl = hw_to_b43_wl(hw);
3419 mutex_lock(&wl->mutex);
3420 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3421 mutex_unlock(&wl->mutex);
3426 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3428 struct b43_wl *wl = hw_to_b43_wl(hw);
3429 struct b43_wldev *dev;
3432 mutex_lock(&wl->mutex);
3433 dev = wl->current_dev;
3435 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3436 b43_tsf_read(dev, &tsf);
3440 mutex_unlock(&wl->mutex);
3445 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3447 struct b43_wl *wl = hw_to_b43_wl(hw);
3448 struct b43_wldev *dev;
3450 mutex_lock(&wl->mutex);
3451 dev = wl->current_dev;
3453 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3454 b43_tsf_write(dev, tsf);
3456 mutex_unlock(&wl->mutex);
3459 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3461 struct ssb_device *sdev = dev->sdev;
3464 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3465 tmslow &= ~B43_TMSLOW_GMODE;
3466 tmslow |= B43_TMSLOW_PHYRESET;
3467 tmslow |= SSB_TMSLOW_FGC;
3468 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3471 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3472 tmslow &= ~SSB_TMSLOW_FGC;
3473 tmslow |= B43_TMSLOW_PHYRESET;
3474 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3478 static const char *band_to_string(enum ieee80211_band band)
3481 case IEEE80211_BAND_5GHZ:
3483 case IEEE80211_BAND_2GHZ:
3492 /* Expects wl->mutex locked */
3493 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3495 struct b43_wldev *up_dev = NULL;
3496 struct b43_wldev *down_dev;
3497 struct b43_wldev *d;
3499 bool uninitialized_var(gmode);
3502 /* Find a device and PHY which supports the band. */
3503 list_for_each_entry(d, &wl->devlist, list) {
3504 switch (chan->band) {
3505 case IEEE80211_BAND_5GHZ:
3506 if (d->phy.supports_5ghz) {
3511 case IEEE80211_BAND_2GHZ:
3512 if (d->phy.supports_2ghz) {
3525 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3526 band_to_string(chan->band));
3529 if ((up_dev == wl->current_dev) &&
3530 (!!wl->current_dev->phy.gmode == !!gmode)) {
3531 /* This device is already running. */
3534 b43dbg(wl, "Switching to %s-GHz band\n",
3535 band_to_string(chan->band));
3536 down_dev = wl->current_dev;
3538 prev_status = b43_status(down_dev);
3539 /* Shutdown the currently running core. */
3540 if (prev_status >= B43_STAT_STARTED)
3541 down_dev = b43_wireless_core_stop(down_dev);
3542 if (prev_status >= B43_STAT_INITIALIZED)
3543 b43_wireless_core_exit(down_dev);
3545 if (down_dev != up_dev) {
3546 /* We switch to a different core, so we put PHY into
3547 * RESET on the old core. */
3548 b43_put_phy_into_reset(down_dev);
3551 /* Now start the new core. */
3552 up_dev->phy.gmode = gmode;
3553 if (prev_status >= B43_STAT_INITIALIZED) {
3554 err = b43_wireless_core_init(up_dev);
3556 b43err(wl, "Fatal: Could not initialize device for "
3557 "selected %s-GHz band\n",
3558 band_to_string(chan->band));
3562 if (prev_status >= B43_STAT_STARTED) {
3563 err = b43_wireless_core_start(up_dev);
3565 b43err(wl, "Fatal: Coult not start device for "
3566 "selected %s-GHz band\n",
3567 band_to_string(chan->band));
3568 b43_wireless_core_exit(up_dev);
3572 B43_WARN_ON(b43_status(up_dev) != prev_status);
3574 wl->current_dev = up_dev;
3578 /* Whoops, failed to init the new core. No core is operating now. */
3579 wl->current_dev = NULL;
3583 /* Write the short and long frame retry limit values. */
3584 static void b43_set_retry_limits(struct b43_wldev *dev,
3585 unsigned int short_retry,
3586 unsigned int long_retry)
3588 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3589 * the chip-internal counter. */
3590 short_retry = min(short_retry, (unsigned int)0xF);
3591 long_retry = min(long_retry, (unsigned int)0xF);
3593 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3595 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3599 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3601 struct b43_wl *wl = hw_to_b43_wl(hw);
3602 struct b43_wldev *dev;
3603 struct b43_phy *phy;
3604 struct ieee80211_conf *conf = &hw->conf;
3608 mutex_lock(&wl->mutex);
3610 /* Switch the band (if necessary). This might change the active core. */
3611 err = b43_switch_band(wl, conf->channel);
3613 goto out_unlock_mutex;
3614 dev = wl->current_dev;
3617 if (conf_is_ht(conf))
3619 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3621 phy->is_40mhz = false;
3623 b43_mac_suspend(dev);
3625 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3626 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3627 conf->long_frame_max_tx_count);
3628 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3630 goto out_mac_enable;
3632 /* Switch to the requested channel.
3633 * The firmware takes care of races with the TX handler. */
3634 if (conf->channel->hw_value != phy->channel)
3635 b43_switch_channel(dev, conf->channel->hw_value);
3637 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3639 /* Adjust the desired TX power level. */
3640 if (conf->power_level != 0) {
3641 if (conf->power_level != phy->desired_txpower) {
3642 phy->desired_txpower = conf->power_level;
3643 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3644 B43_TXPWR_IGNORE_TSSI);
3648 /* Antennas for RX and management frame TX. */
3649 antenna = B43_ANTENNA_DEFAULT;
3650 b43_mgmtframe_txantenna(dev, antenna);
3651 antenna = B43_ANTENNA_DEFAULT;
3652 if (phy->ops->set_rx_antenna)
3653 phy->ops->set_rx_antenna(dev, antenna);
3655 if (wl->radio_enabled != phy->radio_on) {
3656 if (wl->radio_enabled) {
3657 b43_software_rfkill(dev, false);
3658 b43info(dev->wl, "Radio turned on by software\n");
3659 if (!dev->radio_hw_enable) {
3660 b43info(dev->wl, "The hardware RF-kill button "
3661 "still turns the radio physically off. "
3662 "Press the button to turn it on.\n");
3665 b43_software_rfkill(dev, true);
3666 b43info(dev->wl, "Radio turned off by software\n");
3671 b43_mac_enable(dev);
3673 mutex_unlock(&wl->mutex);
3678 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3680 struct ieee80211_supported_band *sband =
3681 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3682 struct ieee80211_rate *rate;
3684 u16 basic, direct, offset, basic_offset, rateptr;
3686 for (i = 0; i < sband->n_bitrates; i++) {
3687 rate = &sband->bitrates[i];
3689 if (b43_is_cck_rate(rate->hw_value)) {
3690 direct = B43_SHM_SH_CCKDIRECT;
3691 basic = B43_SHM_SH_CCKBASIC;
3692 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3695 direct = B43_SHM_SH_OFDMDIRECT;
3696 basic = B43_SHM_SH_OFDMBASIC;
3697 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3701 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3703 if (b43_is_cck_rate(rate->hw_value)) {
3704 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3705 basic_offset &= 0xF;
3707 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3708 basic_offset &= 0xF;
3712 * Get the pointer that we need to point to
3713 * from the direct map
3715 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3716 direct + 2 * basic_offset);
3717 /* and write it to the basic map */
3718 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3723 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3724 struct ieee80211_vif *vif,
3725 struct ieee80211_bss_conf *conf,
3728 struct b43_wl *wl = hw_to_b43_wl(hw);
3729 struct b43_wldev *dev;
3731 mutex_lock(&wl->mutex);
3733 dev = wl->current_dev;
3734 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3735 goto out_unlock_mutex;
3737 B43_WARN_ON(wl->vif != vif);
3739 if (changed & BSS_CHANGED_BSSID) {
3741 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3743 memset(wl->bssid, 0, ETH_ALEN);
3746 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3747 if (changed & BSS_CHANGED_BEACON &&
3748 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3749 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3750 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3751 b43_update_templates(wl);
3753 if (changed & BSS_CHANGED_BSSID)
3754 b43_write_mac_bssid_templates(dev);
3757 b43_mac_suspend(dev);
3759 /* Update templates for AP/mesh mode. */
3760 if (changed & BSS_CHANGED_BEACON_INT &&
3761 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3762 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3763 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3764 b43_set_beacon_int(dev, conf->beacon_int);
3766 if (changed & BSS_CHANGED_BASIC_RATES)
3767 b43_update_basic_rates(dev, conf->basic_rates);
3769 if (changed & BSS_CHANGED_ERP_SLOT) {
3770 if (conf->use_short_slot)
3771 b43_short_slot_timing_enable(dev);
3773 b43_short_slot_timing_disable(dev);
3776 b43_mac_enable(dev);
3778 mutex_unlock(&wl->mutex);
3781 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3782 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3783 struct ieee80211_key_conf *key)
3785 struct b43_wl *wl = hw_to_b43_wl(hw);
3786 struct b43_wldev *dev;
3790 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3792 if (modparam_nohwcrypt)
3793 return -ENOSPC; /* User disabled HW-crypto */
3795 mutex_lock(&wl->mutex);
3797 dev = wl->current_dev;
3799 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3802 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3803 /* We don't have firmware for the crypto engine.
3804 * Must use software-crypto. */
3810 switch (key->cipher) {
3811 case WLAN_CIPHER_SUITE_WEP40:
3812 algorithm = B43_SEC_ALGO_WEP40;
3814 case WLAN_CIPHER_SUITE_WEP104:
3815 algorithm = B43_SEC_ALGO_WEP104;
3817 case WLAN_CIPHER_SUITE_TKIP:
3818 algorithm = B43_SEC_ALGO_TKIP;
3820 case WLAN_CIPHER_SUITE_CCMP:
3821 algorithm = B43_SEC_ALGO_AES;
3827 index = (u8) (key->keyidx);
3833 if (algorithm == B43_SEC_ALGO_TKIP &&
3834 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3835 !modparam_hwtkip)) {
3836 /* We support only pairwise key */
3841 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3842 if (WARN_ON(!sta)) {
3846 /* Pairwise key with an assigned MAC address. */
3847 err = b43_key_write(dev, -1, algorithm,
3848 key->key, key->keylen,
3852 err = b43_key_write(dev, index, algorithm,
3853 key->key, key->keylen, NULL, key);
3858 if (algorithm == B43_SEC_ALGO_WEP40 ||
3859 algorithm == B43_SEC_ALGO_WEP104) {
3860 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3863 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3865 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3866 if (algorithm == B43_SEC_ALGO_TKIP)
3867 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3870 err = b43_key_clear(dev, key->hw_key_idx);
3881 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3883 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3884 sta ? sta->addr : bcast_addr);
3885 b43_dump_keymemory(dev);
3887 mutex_unlock(&wl->mutex);
3892 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3893 unsigned int changed, unsigned int *fflags,
3896 struct b43_wl *wl = hw_to_b43_wl(hw);
3897 struct b43_wldev *dev;
3899 mutex_lock(&wl->mutex);
3900 dev = wl->current_dev;
3906 *fflags &= FIF_PROMISC_IN_BSS |
3912 FIF_BCN_PRBRESP_PROMISC;
3914 changed &= FIF_PROMISC_IN_BSS |
3920 FIF_BCN_PRBRESP_PROMISC;
3922 wl->filter_flags = *fflags;
3924 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3925 b43_adjust_opmode(dev);
3928 mutex_unlock(&wl->mutex);
3931 /* Locking: wl->mutex
3932 * Returns the current dev. This might be different from the passed in dev,
3933 * because the core might be gone away while we unlocked the mutex. */
3934 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3936 struct b43_wl *wl = dev->wl;
3937 struct b43_wldev *orig_dev;
3941 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3944 /* Cancel work. Unlock to avoid deadlocks. */
3945 mutex_unlock(&wl->mutex);
3946 cancel_delayed_work_sync(&dev->periodic_work);
3947 cancel_work_sync(&wl->tx_work);
3948 mutex_lock(&wl->mutex);
3949 dev = wl->current_dev;
3950 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3951 /* Whoops, aliens ate up the device while we were unlocked. */
3955 /* Disable interrupts on the device. */
3956 b43_set_status(dev, B43_STAT_INITIALIZED);
3957 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
3958 /* wl->mutex is locked. That is enough. */
3959 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3960 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3962 spin_lock_irq(&wl->hardirq_lock);
3963 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3964 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3965 spin_unlock_irq(&wl->hardirq_lock);
3967 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
3969 mutex_unlock(&wl->mutex);
3970 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
3971 b43_sdio_free_irq(dev);
3973 synchronize_irq(dev->sdev->irq);
3974 free_irq(dev->sdev->irq, dev);
3976 mutex_lock(&wl->mutex);
3977 dev = wl->current_dev;
3980 if (dev != orig_dev) {
3981 if (b43_status(dev) >= B43_STAT_STARTED)
3985 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
3986 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
3988 /* Drain the TX queue */
3989 while (skb_queue_len(&wl->tx_queue))
3990 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
3992 b43_mac_suspend(dev);
3994 b43dbg(wl, "Wireless interface stopped\n");
3999 /* Locking: wl->mutex */
4000 static int b43_wireless_core_start(struct b43_wldev *dev)
4004 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4006 drain_txstatus_queue(dev);
4007 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
4008 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4010 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4014 err = request_threaded_irq(dev->sdev->irq, b43_interrupt_handler,
4015 b43_interrupt_thread_handler,
4016 IRQF_SHARED, KBUILD_MODNAME, dev);
4018 b43err(dev->wl, "Cannot request IRQ-%d\n",
4024 /* We are ready to run. */
4025 ieee80211_wake_queues(dev->wl->hw);
4026 b43_set_status(dev, B43_STAT_STARTED);
4028 /* Start data flow (TX/RX). */
4029 b43_mac_enable(dev);
4030 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4032 /* Start maintenance work */
4033 b43_periodic_tasks_setup(dev);
4037 b43dbg(dev->wl, "Wireless interface started\n");
4042 /* Get PHY and RADIO versioning numbers */
4043 static int b43_phy_versioning(struct b43_wldev *dev)
4045 struct b43_phy *phy = &dev->phy;
4053 int unsupported = 0;
4055 /* Get PHY versioning */
4056 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4057 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4058 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4059 phy_rev = (tmp & B43_PHYVER_VERSION);
4066 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4074 #ifdef CONFIG_B43_PHY_N
4080 #ifdef CONFIG_B43_PHY_LP
4081 case B43_PHYTYPE_LP:
4090 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
4091 "(Analog %u, Type %u, Revision %u)\n",
4092 analog_type, phy_type, phy_rev);
4095 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
4096 analog_type, phy_type, phy_rev);
4098 /* Get RADIO versioning */
4099 if (dev->sdev->bus->chip_id == 0x4317) {
4100 if (dev->sdev->bus->chip_rev == 0)
4102 else if (dev->sdev->bus->chip_rev == 1)
4107 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4108 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4109 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4110 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4112 radio_manuf = (tmp & 0x00000FFF);
4113 radio_ver = (tmp & 0x0FFFF000) >> 12;
4114 radio_rev = (tmp & 0xF0000000) >> 28;
4115 if (radio_manuf != 0x17F /* Broadcom */)
4119 if (radio_ver != 0x2060)
4123 if (radio_manuf != 0x17F)
4127 if ((radio_ver & 0xFFF0) != 0x2050)
4131 if (radio_ver != 0x2050)
4135 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4138 case B43_PHYTYPE_LP:
4139 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4146 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4147 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4148 radio_manuf, radio_ver, radio_rev);
4151 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4152 radio_manuf, radio_ver, radio_rev);
4154 phy->radio_manuf = radio_manuf;
4155 phy->radio_ver = radio_ver;
4156 phy->radio_rev = radio_rev;
4158 phy->analog = analog_type;
4159 phy->type = phy_type;
4165 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4166 struct b43_phy *phy)
4168 phy->hardware_power_control = !!modparam_hwpctl;
4169 phy->next_txpwr_check_time = jiffies;
4170 /* PHY TX errors counter. */
4171 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4174 phy->phy_locked = 0;
4175 phy->radio_locked = 0;
4179 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4183 /* Assume the radio is enabled. If it's not enabled, the state will
4184 * immediately get fixed on the first periodic work run. */
4185 dev->radio_hw_enable = 1;
4188 memset(&dev->stats, 0, sizeof(dev->stats));
4190 setup_struct_phy_for_init(dev, &dev->phy);
4192 /* IRQ related flags */
4193 dev->irq_reason = 0;
4194 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4195 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4196 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4197 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4199 dev->mac_suspended = 1;
4201 /* Noise calculation context */
4202 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4205 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4207 struct ssb_sprom *sprom = &dev->sdev->bus->sprom;
4210 if (!modparam_btcoex)
4212 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4214 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4217 hf = b43_hf_read(dev);
4218 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4219 hf |= B43_HF_BTCOEXALT;
4221 hf |= B43_HF_BTCOEX;
4222 b43_hf_write(dev, hf);
4225 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4227 if (!modparam_btcoex)
4232 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4234 struct ssb_bus *bus = dev->sdev->bus;
4237 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4238 (bus->chip_id == 0x4312)) {
4239 tmp = ssb_read32(dev->sdev, SSB_IMCFGLO);
4240 tmp &= ~SSB_IMCFGLO_REQTO;
4241 tmp &= ~SSB_IMCFGLO_SERTO;
4243 ssb_write32(dev->sdev, SSB_IMCFGLO, tmp);
4244 ssb_commit_settings(bus);
4248 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4252 /* The time value is in microseconds. */
4253 if (dev->phy.type == B43_PHYTYPE_A)
4257 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4259 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4260 pu_delay = max(pu_delay, (u16)2400);
4262 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4265 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4266 static void b43_set_pretbtt(struct b43_wldev *dev)
4270 /* The time value is in microseconds. */
4271 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4274 if (dev->phy.type == B43_PHYTYPE_A)
4279 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4280 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4283 /* Shutdown a wireless core */
4284 /* Locking: wl->mutex */
4285 static void b43_wireless_core_exit(struct b43_wldev *dev)
4289 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4290 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4293 /* Unregister HW RNG driver */
4294 b43_rng_exit(dev->wl);
4296 b43_set_status(dev, B43_STAT_UNINIT);
4298 /* Stop the microcode PSM. */
4299 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4300 macctl &= ~B43_MACCTL_PSM_RUN;
4301 macctl |= B43_MACCTL_PSM_JMP0;
4302 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4307 dev->phy.ops->switch_analog(dev, 0);
4308 if (dev->wl->current_beacon) {
4309 dev_kfree_skb_any(dev->wl->current_beacon);
4310 dev->wl->current_beacon = NULL;
4313 ssb_device_disable(dev->sdev, 0);
4314 ssb_bus_may_powerdown(dev->sdev->bus);
4317 /* Initialize a wireless core */
4318 static int b43_wireless_core_init(struct b43_wldev *dev)
4320 struct ssb_bus *bus = dev->sdev->bus;
4321 struct ssb_sprom *sprom = &bus->sprom;
4322 struct b43_phy *phy = &dev->phy;
4327 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4329 err = ssb_bus_powerup(bus, 0);
4332 if (!ssb_device_is_enabled(dev->sdev)) {
4333 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
4334 b43_wireless_core_reset(dev, tmp);
4337 /* Reset all data structures. */
4338 setup_struct_wldev_for_init(dev);
4339 phy->ops->prepare_structs(dev);
4341 /* Enable IRQ routing to this device. */
4342 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev);
4344 b43_imcfglo_timeouts_workaround(dev);
4345 b43_bluetooth_coext_disable(dev);
4346 if (phy->ops->prepare_hardware) {
4347 err = phy->ops->prepare_hardware(dev);
4351 err = b43_chip_init(dev);
4354 b43_shm_write16(dev, B43_SHM_SHARED,
4355 B43_SHM_SH_WLCOREREV, dev->sdev->id.revision);
4356 hf = b43_hf_read(dev);
4357 if (phy->type == B43_PHYTYPE_G) {
4361 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4362 hf |= B43_HF_OFDMPABOOST;
4364 if (phy->radio_ver == 0x2050) {
4365 if (phy->radio_rev == 6)
4366 hf |= B43_HF_4318TSSI;
4367 if (phy->radio_rev < 6)
4368 hf |= B43_HF_VCORECALC;
4370 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4371 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4372 #ifdef CONFIG_SSB_DRIVER_PCICORE
4373 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4374 (bus->pcicore.dev->id.revision <= 10))
4375 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4377 hf &= ~B43_HF_SKCFPUP;
4378 b43_hf_write(dev, hf);
4380 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4381 B43_DEFAULT_LONG_RETRY_LIMIT);
4382 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4383 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4385 /* Disable sending probe responses from firmware.
4386 * Setting the MaxTime to one usec will always trigger
4387 * a timeout, so we never send any probe resp.
4388 * A timeout of zero is infinite. */
4389 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4391 b43_rate_memory_init(dev);
4392 b43_set_phytxctl_defaults(dev);
4394 /* Minimum Contention Window */
4395 if (phy->type == B43_PHYTYPE_B)
4396 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4398 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4399 /* Maximum Contention Window */
4400 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4402 if ((dev->sdev->bus->bustype == SSB_BUSTYPE_PCMCIA) ||
4403 (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) ||
4405 dev->__using_pio_transfers = 1;
4406 err = b43_pio_init(dev);
4408 dev->__using_pio_transfers = 0;
4409 err = b43_dma_init(dev);
4414 b43_set_synth_pu_delay(dev, 1);
4415 b43_bluetooth_coext_enable(dev);
4417 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4418 b43_upload_card_macaddress(dev);
4419 b43_security_init(dev);
4421 ieee80211_wake_queues(dev->wl->hw);
4423 b43_set_status(dev, B43_STAT_INITIALIZED);
4425 /* Register HW RNG driver */
4426 b43_rng_init(dev->wl);
4434 ssb_bus_may_powerdown(bus);
4435 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4439 static int b43_op_add_interface(struct ieee80211_hw *hw,
4440 struct ieee80211_vif *vif)
4442 struct b43_wl *wl = hw_to_b43_wl(hw);
4443 struct b43_wldev *dev;
4444 int err = -EOPNOTSUPP;
4446 /* TODO: allow WDS/AP devices to coexist */
4448 if (vif->type != NL80211_IFTYPE_AP &&
4449 vif->type != NL80211_IFTYPE_MESH_POINT &&
4450 vif->type != NL80211_IFTYPE_STATION &&
4451 vif->type != NL80211_IFTYPE_WDS &&
4452 vif->type != NL80211_IFTYPE_ADHOC)
4455 mutex_lock(&wl->mutex);
4457 goto out_mutex_unlock;
4459 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4461 dev = wl->current_dev;
4464 wl->if_type = vif->type;
4465 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4467 b43_adjust_opmode(dev);
4468 b43_set_pretbtt(dev);
4469 b43_set_synth_pu_delay(dev, 0);
4470 b43_upload_card_macaddress(dev);
4474 mutex_unlock(&wl->mutex);
4479 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4480 struct ieee80211_vif *vif)
4482 struct b43_wl *wl = hw_to_b43_wl(hw);
4483 struct b43_wldev *dev = wl->current_dev;
4485 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4487 mutex_lock(&wl->mutex);
4489 B43_WARN_ON(!wl->operating);
4490 B43_WARN_ON(wl->vif != vif);
4495 b43_adjust_opmode(dev);
4496 memset(wl->mac_addr, 0, ETH_ALEN);
4497 b43_upload_card_macaddress(dev);
4499 mutex_unlock(&wl->mutex);
4502 static int b43_op_start(struct ieee80211_hw *hw)
4504 struct b43_wl *wl = hw_to_b43_wl(hw);
4505 struct b43_wldev *dev = wl->current_dev;
4509 /* Kill all old instance specific information to make sure
4510 * the card won't use it in the short timeframe between start
4511 * and mac80211 reconfiguring it. */
4512 memset(wl->bssid, 0, ETH_ALEN);
4513 memset(wl->mac_addr, 0, ETH_ALEN);
4514 wl->filter_flags = 0;
4515 wl->radiotap_enabled = 0;
4517 wl->beacon0_uploaded = 0;
4518 wl->beacon1_uploaded = 0;
4519 wl->beacon_templates_virgin = 1;
4520 wl->radio_enabled = 1;
4522 mutex_lock(&wl->mutex);
4524 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4525 err = b43_wireless_core_init(dev);
4527 goto out_mutex_unlock;
4531 if (b43_status(dev) < B43_STAT_STARTED) {
4532 err = b43_wireless_core_start(dev);
4535 b43_wireless_core_exit(dev);
4536 goto out_mutex_unlock;
4540 /* XXX: only do if device doesn't support rfkill irq */
4541 wiphy_rfkill_start_polling(hw->wiphy);
4544 mutex_unlock(&wl->mutex);
4549 static void b43_op_stop(struct ieee80211_hw *hw)
4551 struct b43_wl *wl = hw_to_b43_wl(hw);
4552 struct b43_wldev *dev = wl->current_dev;
4554 cancel_work_sync(&(wl->beacon_update_trigger));
4556 mutex_lock(&wl->mutex);
4557 if (b43_status(dev) >= B43_STAT_STARTED) {
4558 dev = b43_wireless_core_stop(dev);
4562 b43_wireless_core_exit(dev);
4563 wl->radio_enabled = 0;
4566 mutex_unlock(&wl->mutex);
4568 cancel_work_sync(&(wl->txpower_adjust_work));
4571 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4572 struct ieee80211_sta *sta, bool set)
4574 struct b43_wl *wl = hw_to_b43_wl(hw);
4576 /* FIXME: add locking */
4577 b43_update_templates(wl);
4582 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4583 struct ieee80211_vif *vif,
4584 enum sta_notify_cmd notify_cmd,
4585 struct ieee80211_sta *sta)
4587 struct b43_wl *wl = hw_to_b43_wl(hw);
4589 B43_WARN_ON(!vif || wl->vif != vif);
4592 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4594 struct b43_wl *wl = hw_to_b43_wl(hw);
4595 struct b43_wldev *dev;
4597 mutex_lock(&wl->mutex);
4598 dev = wl->current_dev;
4599 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4600 /* Disable CFP update during scan on other channels. */
4601 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4603 mutex_unlock(&wl->mutex);
4606 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4608 struct b43_wl *wl = hw_to_b43_wl(hw);
4609 struct b43_wldev *dev;
4611 mutex_lock(&wl->mutex);
4612 dev = wl->current_dev;
4613 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4614 /* Re-enable CFP update. */
4615 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4617 mutex_unlock(&wl->mutex);
4620 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
4621 struct survey_info *survey)
4623 struct b43_wl *wl = hw_to_b43_wl(hw);
4624 struct b43_wldev *dev = wl->current_dev;
4625 struct ieee80211_conf *conf = &hw->conf;
4630 survey->channel = conf->channel;
4631 survey->filled = SURVEY_INFO_NOISE_DBM;
4632 survey->noise = dev->stats.link_noise;
4637 static const struct ieee80211_ops b43_hw_ops = {
4639 .conf_tx = b43_op_conf_tx,
4640 .add_interface = b43_op_add_interface,
4641 .remove_interface = b43_op_remove_interface,
4642 .config = b43_op_config,
4643 .bss_info_changed = b43_op_bss_info_changed,
4644 .configure_filter = b43_op_configure_filter,
4645 .set_key = b43_op_set_key,
4646 .update_tkip_key = b43_op_update_tkip_key,
4647 .get_stats = b43_op_get_stats,
4648 .get_tsf = b43_op_get_tsf,
4649 .set_tsf = b43_op_set_tsf,
4650 .start = b43_op_start,
4651 .stop = b43_op_stop,
4652 .set_tim = b43_op_beacon_set_tim,
4653 .sta_notify = b43_op_sta_notify,
4654 .sw_scan_start = b43_op_sw_scan_start_notifier,
4655 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4656 .get_survey = b43_op_get_survey,
4657 .rfkill_poll = b43_rfkill_poll,
4660 /* Hard-reset the chip. Do not call this directly.
4661 * Use b43_controller_restart()
4663 static void b43_chip_reset(struct work_struct *work)
4665 struct b43_wldev *dev =
4666 container_of(work, struct b43_wldev, restart_work);
4667 struct b43_wl *wl = dev->wl;
4671 mutex_lock(&wl->mutex);
4673 prev_status = b43_status(dev);
4674 /* Bring the device down... */
4675 if (prev_status >= B43_STAT_STARTED) {
4676 dev = b43_wireless_core_stop(dev);
4682 if (prev_status >= B43_STAT_INITIALIZED)
4683 b43_wireless_core_exit(dev);
4685 /* ...and up again. */
4686 if (prev_status >= B43_STAT_INITIALIZED) {
4687 err = b43_wireless_core_init(dev);
4691 if (prev_status >= B43_STAT_STARTED) {
4692 err = b43_wireless_core_start(dev);
4694 b43_wireless_core_exit(dev);
4700 wl->current_dev = NULL; /* Failed to init the dev. */
4701 mutex_unlock(&wl->mutex);
4703 b43err(wl, "Controller restart FAILED\n");
4705 b43info(wl, "Controller restarted\n");
4708 static int b43_setup_bands(struct b43_wldev *dev,
4709 bool have_2ghz_phy, bool have_5ghz_phy)
4711 struct ieee80211_hw *hw = dev->wl->hw;
4714 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4715 if (dev->phy.type == B43_PHYTYPE_N) {
4717 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4720 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4723 dev->phy.supports_2ghz = have_2ghz_phy;
4724 dev->phy.supports_5ghz = have_5ghz_phy;
4729 static void b43_wireless_core_detach(struct b43_wldev *dev)
4731 /* We release firmware that late to not be required to re-request
4732 * is all the time when we reinit the core. */
4733 b43_release_firmware(dev);
4737 static int b43_wireless_core_attach(struct b43_wldev *dev)
4739 struct b43_wl *wl = dev->wl;
4740 struct ssb_bus *bus = dev->sdev->bus;
4741 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL;
4743 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4746 /* Do NOT do any device initialization here.
4747 * Do it in wireless_core_init() instead.
4748 * This function is for gathering basic information about the HW, only.
4749 * Also some structs may be set up here. But most likely you want to have
4750 * that in core_init(), too.
4753 err = ssb_bus_powerup(bus, 0);
4755 b43err(wl, "Bus powerup failed\n");
4758 /* Get the PHY type. */
4759 if (dev->sdev->id.revision >= 5) {
4762 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
4763 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4764 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4768 dev->phy.gmode = have_2ghz_phy;
4769 dev->phy.radio_on = 1;
4770 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4771 b43_wireless_core_reset(dev, tmp);
4773 err = b43_phy_versioning(dev);
4776 /* Check if this device supports multiband. */
4778 (pdev->device != 0x4312 &&
4779 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4780 /* No multiband support. */
4783 switch (dev->phy.type) {
4787 case B43_PHYTYPE_LP: //FIXME not always!
4788 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4799 if (dev->phy.type == B43_PHYTYPE_A) {
4801 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4805 if (1 /* disable A-PHY */) {
4806 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4807 if (dev->phy.type != B43_PHYTYPE_N &&
4808 dev->phy.type != B43_PHYTYPE_LP) {
4814 err = b43_phy_allocate(dev);
4818 dev->phy.gmode = have_2ghz_phy;
4819 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4820 b43_wireless_core_reset(dev, tmp);
4822 err = b43_validate_chipaccess(dev);
4825 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4829 /* Now set some default "current_dev" */
4830 if (!wl->current_dev)
4831 wl->current_dev = dev;
4832 INIT_WORK(&dev->restart_work, b43_chip_reset);
4834 dev->phy.ops->switch_analog(dev, 0);
4835 ssb_device_disable(dev->sdev, 0);
4836 ssb_bus_may_powerdown(bus);
4844 ssb_bus_may_powerdown(bus);
4848 static void b43_one_core_detach(struct ssb_device *dev)
4850 struct b43_wldev *wldev;
4853 /* Do not cancel ieee80211-workqueue based work here.
4854 * See comment in b43_remove(). */
4856 wldev = ssb_get_drvdata(dev);
4858 b43_debugfs_remove_device(wldev);
4859 b43_wireless_core_detach(wldev);
4860 list_del(&wldev->list);
4862 ssb_set_drvdata(dev, NULL);
4866 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4868 struct b43_wldev *wldev;
4871 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4875 wldev->use_pio = b43_modparam_pio;
4878 b43_set_status(wldev, B43_STAT_UNINIT);
4879 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4880 INIT_LIST_HEAD(&wldev->list);
4882 err = b43_wireless_core_attach(wldev);
4884 goto err_kfree_wldev;
4886 list_add(&wldev->list, &wl->devlist);
4888 ssb_set_drvdata(dev, wldev);
4889 b43_debugfs_add_device(wldev);
4899 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4900 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4901 (pdev->device == _device) && \
4902 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4903 (pdev->subsystem_device == _subdevice) )
4905 static void b43_sprom_fixup(struct ssb_bus *bus)
4907 struct pci_dev *pdev;
4909 /* boardflags workarounds */
4910 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4911 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4912 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4913 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4914 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4915 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4916 if (bus->bustype == SSB_BUSTYPE_PCI) {
4917 pdev = bus->host_pci;
4918 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4919 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4920 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4921 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4922 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4923 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4924 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4925 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4929 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4931 struct ieee80211_hw *hw = wl->hw;
4933 ssb_set_devtypedata(dev, NULL);
4934 ieee80211_free_hw(hw);
4937 static struct b43_wl *b43_wireless_init(struct ssb_device *dev)
4939 struct ssb_sprom *sprom = &dev->bus->sprom;
4940 struct ieee80211_hw *hw;
4943 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4945 b43err(NULL, "Could not allocate ieee80211 device\n");
4946 return ERR_PTR(-ENOMEM);
4948 wl = hw_to_b43_wl(hw);
4951 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4952 IEEE80211_HW_SIGNAL_DBM;
4954 hw->wiphy->interface_modes =
4955 BIT(NL80211_IFTYPE_AP) |
4956 BIT(NL80211_IFTYPE_MESH_POINT) |
4957 BIT(NL80211_IFTYPE_STATION) |
4958 BIT(NL80211_IFTYPE_WDS) |
4959 BIT(NL80211_IFTYPE_ADHOC);
4961 hw->queues = modparam_qos ? 4 : 1;
4962 wl->mac80211_initially_registered_queues = hw->queues;
4964 SET_IEEE80211_DEV(hw, dev->dev);
4965 if (is_valid_ether_addr(sprom->et1mac))
4966 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4968 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4970 /* Initialize struct b43_wl */
4972 mutex_init(&wl->mutex);
4973 spin_lock_init(&wl->hardirq_lock);
4974 INIT_LIST_HEAD(&wl->devlist);
4975 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4976 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4977 INIT_WORK(&wl->tx_work, b43_tx_work);
4978 skb_queue_head_init(&wl->tx_queue);
4980 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
4981 dev->bus->chip_id, dev->id.revision);
4985 static int b43_ssb_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4991 wl = ssb_get_devtypedata(dev);
4993 /* Probing the first core. Must setup common struct b43_wl */
4995 b43_sprom_fixup(dev->bus);
4996 wl = b43_wireless_init(dev);
5001 ssb_set_devtypedata(dev, wl);
5002 B43_WARN_ON(ssb_get_devtypedata(dev) != wl);
5004 err = b43_one_core_attach(dev, wl);
5006 goto err_wireless_exit;
5009 err = ieee80211_register_hw(wl->hw);
5011 goto err_one_core_detach;
5012 b43_leds_register(wl->current_dev);
5018 err_one_core_detach:
5019 b43_one_core_detach(dev);
5022 b43_wireless_exit(dev, wl);
5026 static void b43_ssb_remove(struct ssb_device *dev)
5028 struct b43_wl *wl = ssb_get_devtypedata(dev);
5029 struct b43_wldev *wldev = ssb_get_drvdata(dev);
5031 /* We must cancel any work here before unregistering from ieee80211,
5032 * as the ieee80211 unreg will destroy the workqueue. */
5033 cancel_work_sync(&wldev->restart_work);
5036 if (wl->current_dev == wldev) {
5037 /* Restore the queues count before unregistering, because firmware detect
5038 * might have modified it. Restoring is important, so the networking
5039 * stack can properly free resources. */
5040 wl->hw->queues = wl->mac80211_initially_registered_queues;
5041 b43_leds_stop(wldev);
5042 ieee80211_unregister_hw(wl->hw);
5045 b43_one_core_detach(dev);
5047 if (list_empty(&wl->devlist)) {
5048 b43_leds_unregister(wl);
5049 /* Last core on the chip unregistered.
5050 * We can destroy common struct b43_wl.
5052 b43_wireless_exit(dev, wl);
5056 /* Perform a hardware reset. This can be called from any context. */
5057 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5059 /* Must avoid requeueing, if we are in shutdown. */
5060 if (b43_status(dev) < B43_STAT_INITIALIZED)
5062 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5063 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5066 static struct ssb_driver b43_ssb_driver = {
5067 .name = KBUILD_MODNAME,
5068 .id_table = b43_ssb_tbl,
5069 .probe = b43_ssb_probe,
5070 .remove = b43_ssb_remove,
5073 static void b43_print_driverinfo(void)
5075 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5076 *feat_leds = "", *feat_sdio = "";
5078 #ifdef CONFIG_B43_PCI_AUTOSELECT
5081 #ifdef CONFIG_B43_PCMCIA
5084 #ifdef CONFIG_B43_PHY_N
5087 #ifdef CONFIG_B43_LEDS
5090 #ifdef CONFIG_B43_SDIO
5093 printk(KERN_INFO "Broadcom 43xx driver loaded "
5094 "[ Features: %s%s%s%s%s, Firmware-ID: "
5095 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5096 feat_pci, feat_pcmcia, feat_nphy,
5097 feat_leds, feat_sdio);
5100 static int __init b43_init(void)
5105 err = b43_pcmcia_init();
5108 err = b43_sdio_init();
5110 goto err_pcmcia_exit;
5111 err = ssb_driver_register(&b43_ssb_driver);
5114 b43_print_driverinfo();
5127 static void __exit b43_exit(void)
5129 ssb_driver_unregister(&b43_ssb_driver);
5135 module_init(b43_init)
5136 module_exit(b43_exit)
git.openpandora.org / pandora-kernel.git / blob