3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
12 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14 Some parts of the code in this file are derived from the ipw2200
15 driver Copyright(c) 2003 - 2004 Intel Corporation.
17 This program is free software; you can redistribute it and/or modify
18 it under the terms of the GNU General Public License as published by
19 the Free Software Foundation; either version 2 of the License, or
20 (at your option) any later version.
22 This program is distributed in the hope that it will be useful,
23 but WITHOUT ANY WARRANTY; without even the implied warranty of
24 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 GNU General Public License for more details.
27 You should have received a copy of the GNU General Public License
28 along with this program; see the file COPYING. If not, write to
29 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
30 Boston, MA 02110-1301, USA.
34 #include <linux/delay.h>
35 #include <linux/init.h>
36 #include <linux/moduleparam.h>
37 #include <linux/if_arp.h>
38 #include <linux/etherdevice.h>
39 #include <linux/firmware.h>
40 #include <linux/wireless.h>
41 #include <linux/workqueue.h>
42 #include <linux/skbuff.h>
44 #include <linux/dma-mapping.h>
45 #include <linux/slab.h>
46 #include <asm/unaligned.h>
51 #include "phy_common.h"
61 #include <linux/mmc/sdio_func.h>
63 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64 MODULE_AUTHOR("Martin Langer");
65 MODULE_AUTHOR("Stefano Brivio");
66 MODULE_AUTHOR("Michael Buesch");
67 MODULE_AUTHOR("Gábor Stefanik");
68 MODULE_LICENSE("GPL");
70 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
71 MODULE_FIRMWARE("b43/ucode11.fw");
72 MODULE_FIRMWARE("b43/ucode13.fw");
73 MODULE_FIRMWARE("b43/ucode14.fw");
74 MODULE_FIRMWARE("b43/ucode15.fw");
75 MODULE_FIRMWARE("b43/ucode16_mimo.fw");
76 MODULE_FIRMWARE("b43/ucode5.fw");
77 MODULE_FIRMWARE("b43/ucode9.fw");
79 static int modparam_bad_frames_preempt;
80 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
81 MODULE_PARM_DESC(bad_frames_preempt,
82 "enable(1) / disable(0) Bad Frames Preemption");
84 static char modparam_fwpostfix[16];
85 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
86 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
88 static int modparam_hwpctl;
89 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
90 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
92 static int modparam_nohwcrypt;
93 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
94 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
96 static int modparam_hwtkip;
97 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
98 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
100 static int modparam_qos = 1;
101 module_param_named(qos, modparam_qos, int, 0444);
102 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
104 static int modparam_btcoex = 1;
105 module_param_named(btcoex, modparam_btcoex, int, 0444);
106 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
108 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
109 module_param_named(verbose, b43_modparam_verbose, int, 0644);
110 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
112 static int b43_modparam_pio = B43_PIO_DEFAULT;
113 module_param_named(pio, b43_modparam_pio, int, 0644);
114 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
116 static const struct ssb_device_id b43_ssb_tbl[] = {
117 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
126 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
130 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
132 /* Channel and ratetables are shared for all devices.
133 * They can't be const, because ieee80211 puts some precalculated
134 * data in there. This data is the same for all devices, so we don't
135 * get concurrency issues */
136 #define RATETAB_ENT(_rateid, _flags) \
138 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
139 .hw_value = (_rateid), \
144 * NOTE: When changing this, sync with xmit.c's
145 * b43_plcp_get_bitrate_idx_* functions!
147 static struct ieee80211_rate __b43_ratetable[] = {
148 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
149 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
150 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
151 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
152 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
153 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
154 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
155 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
156 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
157 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
158 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
159 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
162 #define b43_a_ratetable (__b43_ratetable + 4)
163 #define b43_a_ratetable_size 8
164 #define b43_b_ratetable (__b43_ratetable + 0)
165 #define b43_b_ratetable_size 4
166 #define b43_g_ratetable (__b43_ratetable + 0)
167 #define b43_g_ratetable_size 12
169 #define CHAN4G(_channel, _freq, _flags) { \
170 .band = IEEE80211_BAND_2GHZ, \
171 .center_freq = (_freq), \
172 .hw_value = (_channel), \
174 .max_antenna_gain = 0, \
177 static struct ieee80211_channel b43_2ghz_chantable[] = {
195 #define CHAN5G(_channel, _flags) { \
196 .band = IEEE80211_BAND_5GHZ, \
197 .center_freq = 5000 + (5 * (_channel)), \
198 .hw_value = (_channel), \
200 .max_antenna_gain = 0, \
203 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
204 CHAN5G(32, 0), CHAN5G(34, 0),
205 CHAN5G(36, 0), CHAN5G(38, 0),
206 CHAN5G(40, 0), CHAN5G(42, 0),
207 CHAN5G(44, 0), CHAN5G(46, 0),
208 CHAN5G(48, 0), CHAN5G(50, 0),
209 CHAN5G(52, 0), CHAN5G(54, 0),
210 CHAN5G(56, 0), CHAN5G(58, 0),
211 CHAN5G(60, 0), CHAN5G(62, 0),
212 CHAN5G(64, 0), CHAN5G(66, 0),
213 CHAN5G(68, 0), CHAN5G(70, 0),
214 CHAN5G(72, 0), CHAN5G(74, 0),
215 CHAN5G(76, 0), CHAN5G(78, 0),
216 CHAN5G(80, 0), CHAN5G(82, 0),
217 CHAN5G(84, 0), CHAN5G(86, 0),
218 CHAN5G(88, 0), CHAN5G(90, 0),
219 CHAN5G(92, 0), CHAN5G(94, 0),
220 CHAN5G(96, 0), CHAN5G(98, 0),
221 CHAN5G(100, 0), CHAN5G(102, 0),
222 CHAN5G(104, 0), CHAN5G(106, 0),
223 CHAN5G(108, 0), CHAN5G(110, 0),
224 CHAN5G(112, 0), CHAN5G(114, 0),
225 CHAN5G(116, 0), CHAN5G(118, 0),
226 CHAN5G(120, 0), CHAN5G(122, 0),
227 CHAN5G(124, 0), CHAN5G(126, 0),
228 CHAN5G(128, 0), CHAN5G(130, 0),
229 CHAN5G(132, 0), CHAN5G(134, 0),
230 CHAN5G(136, 0), CHAN5G(138, 0),
231 CHAN5G(140, 0), CHAN5G(142, 0),
232 CHAN5G(144, 0), CHAN5G(145, 0),
233 CHAN5G(146, 0), CHAN5G(147, 0),
234 CHAN5G(148, 0), CHAN5G(149, 0),
235 CHAN5G(150, 0), CHAN5G(151, 0),
236 CHAN5G(152, 0), CHAN5G(153, 0),
237 CHAN5G(154, 0), CHAN5G(155, 0),
238 CHAN5G(156, 0), CHAN5G(157, 0),
239 CHAN5G(158, 0), CHAN5G(159, 0),
240 CHAN5G(160, 0), CHAN5G(161, 0),
241 CHAN5G(162, 0), CHAN5G(163, 0),
242 CHAN5G(164, 0), CHAN5G(165, 0),
243 CHAN5G(166, 0), CHAN5G(168, 0),
244 CHAN5G(170, 0), CHAN5G(172, 0),
245 CHAN5G(174, 0), CHAN5G(176, 0),
246 CHAN5G(178, 0), CHAN5G(180, 0),
247 CHAN5G(182, 0), CHAN5G(184, 0),
248 CHAN5G(186, 0), CHAN5G(188, 0),
249 CHAN5G(190, 0), CHAN5G(192, 0),
250 CHAN5G(194, 0), CHAN5G(196, 0),
251 CHAN5G(198, 0), CHAN5G(200, 0),
252 CHAN5G(202, 0), CHAN5G(204, 0),
253 CHAN5G(206, 0), CHAN5G(208, 0),
254 CHAN5G(210, 0), CHAN5G(212, 0),
255 CHAN5G(214, 0), CHAN5G(216, 0),
256 CHAN5G(218, 0), CHAN5G(220, 0),
257 CHAN5G(222, 0), CHAN5G(224, 0),
258 CHAN5G(226, 0), CHAN5G(228, 0),
261 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
262 CHAN5G(34, 0), CHAN5G(36, 0),
263 CHAN5G(38, 0), CHAN5G(40, 0),
264 CHAN5G(42, 0), CHAN5G(44, 0),
265 CHAN5G(46, 0), CHAN5G(48, 0),
266 CHAN5G(52, 0), CHAN5G(56, 0),
267 CHAN5G(60, 0), CHAN5G(64, 0),
268 CHAN5G(100, 0), CHAN5G(104, 0),
269 CHAN5G(108, 0), CHAN5G(112, 0),
270 CHAN5G(116, 0), CHAN5G(120, 0),
271 CHAN5G(124, 0), CHAN5G(128, 0),
272 CHAN5G(132, 0), CHAN5G(136, 0),
273 CHAN5G(140, 0), CHAN5G(149, 0),
274 CHAN5G(153, 0), CHAN5G(157, 0),
275 CHAN5G(161, 0), CHAN5G(165, 0),
276 CHAN5G(184, 0), CHAN5G(188, 0),
277 CHAN5G(192, 0), CHAN5G(196, 0),
278 CHAN5G(200, 0), CHAN5G(204, 0),
279 CHAN5G(208, 0), CHAN5G(212, 0),
284 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
285 .band = IEEE80211_BAND_5GHZ,
286 .channels = b43_5ghz_nphy_chantable,
287 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
288 .bitrates = b43_a_ratetable,
289 .n_bitrates = b43_a_ratetable_size,
292 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
293 .band = IEEE80211_BAND_5GHZ,
294 .channels = b43_5ghz_aphy_chantable,
295 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
296 .bitrates = b43_a_ratetable,
297 .n_bitrates = b43_a_ratetable_size,
300 static struct ieee80211_supported_band b43_band_2GHz = {
301 .band = IEEE80211_BAND_2GHZ,
302 .channels = b43_2ghz_chantable,
303 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
304 .bitrates = b43_g_ratetable,
305 .n_bitrates = b43_g_ratetable_size,
308 static void b43_wireless_core_exit(struct b43_wldev *dev);
309 static int b43_wireless_core_init(struct b43_wldev *dev);
310 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
311 static int b43_wireless_core_start(struct b43_wldev *dev);
313 static int b43_ratelimit(struct b43_wl *wl)
315 if (!wl || !wl->current_dev)
317 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
319 /* We are up and running.
320 * Ratelimit the messages to avoid DoS over the net. */
321 return net_ratelimit();
324 void b43info(struct b43_wl *wl, const char *fmt, ...)
326 struct va_format vaf;
329 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
331 if (!b43_ratelimit(wl))
339 printk(KERN_INFO "b43-%s: %pV",
340 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
345 void b43err(struct b43_wl *wl, const char *fmt, ...)
347 struct va_format vaf;
350 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
352 if (!b43_ratelimit(wl))
360 printk(KERN_ERR "b43-%s ERROR: %pV",
361 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
366 void b43warn(struct b43_wl *wl, const char *fmt, ...)
368 struct va_format vaf;
371 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
373 if (!b43_ratelimit(wl))
381 printk(KERN_WARNING "b43-%s warning: %pV",
382 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
387 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
389 struct va_format vaf;
392 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
400 printk(KERN_DEBUG "b43-%s debug: %pV",
401 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
406 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
410 B43_WARN_ON(offset % 4 != 0);
412 macctl = b43_read32(dev, B43_MMIO_MACCTL);
413 if (macctl & B43_MACCTL_BE)
416 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
418 b43_write32(dev, B43_MMIO_RAM_DATA, val);
421 static inline void b43_shm_control_word(struct b43_wldev *dev,
422 u16 routing, u16 offset)
426 /* "offset" is the WORD offset. */
430 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
433 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
437 if (routing == B43_SHM_SHARED) {
438 B43_WARN_ON(offset & 0x0001);
439 if (offset & 0x0003) {
440 /* Unaligned access */
441 b43_shm_control_word(dev, routing, offset >> 2);
442 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
443 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
444 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
450 b43_shm_control_word(dev, routing, offset);
451 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
456 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
460 if (routing == B43_SHM_SHARED) {
461 B43_WARN_ON(offset & 0x0001);
462 if (offset & 0x0003) {
463 /* Unaligned access */
464 b43_shm_control_word(dev, routing, offset >> 2);
465 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
471 b43_shm_control_word(dev, routing, offset);
472 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
477 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
479 if (routing == B43_SHM_SHARED) {
480 B43_WARN_ON(offset & 0x0001);
481 if (offset & 0x0003) {
482 /* Unaligned access */
483 b43_shm_control_word(dev, routing, offset >> 2);
484 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
486 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
487 b43_write16(dev, B43_MMIO_SHM_DATA,
488 (value >> 16) & 0xFFFF);
493 b43_shm_control_word(dev, routing, offset);
494 b43_write32(dev, B43_MMIO_SHM_DATA, value);
497 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
499 if (routing == B43_SHM_SHARED) {
500 B43_WARN_ON(offset & 0x0001);
501 if (offset & 0x0003) {
502 /* Unaligned access */
503 b43_shm_control_word(dev, routing, offset >> 2);
504 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
509 b43_shm_control_word(dev, routing, offset);
510 b43_write16(dev, B43_MMIO_SHM_DATA, value);
514 u64 b43_hf_read(struct b43_wldev *dev)
518 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
520 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
522 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
527 /* Write HostFlags */
528 void b43_hf_write(struct b43_wldev *dev, u64 value)
532 lo = (value & 0x00000000FFFFULL);
533 mi = (value & 0x0000FFFF0000ULL) >> 16;
534 hi = (value & 0xFFFF00000000ULL) >> 32;
535 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
536 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
537 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
540 /* Read the firmware capabilities bitmask (Opensource firmware only) */
541 static u16 b43_fwcapa_read(struct b43_wldev *dev)
543 B43_WARN_ON(!dev->fw.opensource);
544 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
547 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
551 B43_WARN_ON(dev->sdev->id.revision < 3);
553 /* The hardware guarantees us an atomic read, if we
554 * read the low register first. */
555 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
556 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
563 static void b43_time_lock(struct b43_wldev *dev)
567 macctl = b43_read32(dev, B43_MMIO_MACCTL);
568 macctl |= B43_MACCTL_TBTTHOLD;
569 b43_write32(dev, B43_MMIO_MACCTL, macctl);
570 /* Commit the write */
571 b43_read32(dev, B43_MMIO_MACCTL);
574 static void b43_time_unlock(struct b43_wldev *dev)
578 macctl = b43_read32(dev, B43_MMIO_MACCTL);
579 macctl &= ~B43_MACCTL_TBTTHOLD;
580 b43_write32(dev, B43_MMIO_MACCTL, macctl);
581 /* Commit the write */
582 b43_read32(dev, B43_MMIO_MACCTL);
585 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
589 B43_WARN_ON(dev->sdev->id.revision < 3);
593 /* The hardware guarantees us an atomic write, if we
594 * write the low register first. */
595 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
597 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
601 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
604 b43_tsf_write_locked(dev, tsf);
605 b43_time_unlock(dev);
609 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
611 static const u8 zero_addr[ETH_ALEN] = { 0 };
618 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
622 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
631 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
635 u8 mac_bssid[ETH_ALEN * 2];
639 bssid = dev->wl->bssid;
640 mac = dev->wl->mac_addr;
642 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
644 memcpy(mac_bssid, mac, ETH_ALEN);
645 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
647 /* Write our MAC address and BSSID to template ram */
648 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
649 tmp = (u32) (mac_bssid[i + 0]);
650 tmp |= (u32) (mac_bssid[i + 1]) << 8;
651 tmp |= (u32) (mac_bssid[i + 2]) << 16;
652 tmp |= (u32) (mac_bssid[i + 3]) << 24;
653 b43_ram_write(dev, 0x20 + i, tmp);
657 static void b43_upload_card_macaddress(struct b43_wldev *dev)
659 b43_write_mac_bssid_templates(dev);
660 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
663 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
665 /* slot_time is in usec. */
666 /* This test used to exit for all but a G PHY. */
667 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
669 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
670 /* Shared memory location 0x0010 is the slot time and should be
671 * set to slot_time; however, this register is initially 0 and changing
672 * the value adversely affects the transmit rate for BCM4311
673 * devices. Until this behavior is unterstood, delete this step
675 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
679 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
681 b43_set_slot_time(dev, 9);
684 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
686 b43_set_slot_time(dev, 20);
689 /* DummyTransmission function, as documented on
690 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
692 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
694 struct b43_phy *phy = &dev->phy;
695 unsigned int i, max_loop;
707 buffer[0] = 0x000201CC;
710 buffer[0] = 0x000B846E;
713 for (i = 0; i < 5; i++)
714 b43_ram_write(dev, i * 4, buffer[i]);
716 b43_write16(dev, 0x0568, 0x0000);
717 if (dev->sdev->id.revision < 11)
718 b43_write16(dev, 0x07C0, 0x0000);
720 b43_write16(dev, 0x07C0, 0x0100);
721 value = (ofdm ? 0x41 : 0x40);
722 b43_write16(dev, 0x050C, value);
723 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
724 b43_write16(dev, 0x0514, 0x1A02);
725 b43_write16(dev, 0x0508, 0x0000);
726 b43_write16(dev, 0x050A, 0x0000);
727 b43_write16(dev, 0x054C, 0x0000);
728 b43_write16(dev, 0x056A, 0x0014);
729 b43_write16(dev, 0x0568, 0x0826);
730 b43_write16(dev, 0x0500, 0x0000);
731 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
737 b43_write16(dev, 0x0502, 0x00D0);
740 b43_write16(dev, 0x0502, 0x0050);
743 b43_write16(dev, 0x0502, 0x0030);
746 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
747 b43_radio_write16(dev, 0x0051, 0x0017);
748 for (i = 0x00; i < max_loop; i++) {
749 value = b43_read16(dev, 0x050E);
754 for (i = 0x00; i < 0x0A; i++) {
755 value = b43_read16(dev, 0x050E);
760 for (i = 0x00; i < 0x19; i++) {
761 value = b43_read16(dev, 0x0690);
762 if (!(value & 0x0100))
766 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
767 b43_radio_write16(dev, 0x0051, 0x0037);
770 static void key_write(struct b43_wldev *dev,
771 u8 index, u8 algorithm, const u8 *key)
778 /* Key index/algo block */
779 kidx = b43_kidx_to_fw(dev, index);
780 value = ((kidx << 4) | algorithm);
781 b43_shm_write16(dev, B43_SHM_SHARED,
782 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
784 /* Write the key to the Key Table Pointer offset */
785 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
786 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
788 value |= (u16) (key[i + 1]) << 8;
789 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
793 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
795 u32 addrtmp[2] = { 0, 0, };
796 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
798 if (b43_new_kidx_api(dev))
799 pairwise_keys_start = B43_NR_GROUP_KEYS;
801 B43_WARN_ON(index < pairwise_keys_start);
802 /* We have four default TX keys and possibly four default RX keys.
803 * Physical mac 0 is mapped to physical key 4 or 8, depending
804 * on the firmware version.
805 * So we must adjust the index here.
807 index -= pairwise_keys_start;
808 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
811 addrtmp[0] = addr[0];
812 addrtmp[0] |= ((u32) (addr[1]) << 8);
813 addrtmp[0] |= ((u32) (addr[2]) << 16);
814 addrtmp[0] |= ((u32) (addr[3]) << 24);
815 addrtmp[1] = addr[4];
816 addrtmp[1] |= ((u32) (addr[5]) << 8);
819 /* Receive match transmitter address (RCMTA) mechanism */
820 b43_shm_write32(dev, B43_SHM_RCMTA,
821 (index * 2) + 0, addrtmp[0]);
822 b43_shm_write16(dev, B43_SHM_RCMTA,
823 (index * 2) + 1, addrtmp[1]);
826 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
827 * When a packet is received, the iv32 is checked.
828 * - if it doesn't the packet is returned without modification (and software
829 * decryption can be done). That's what happen when iv16 wrap.
830 * - if it does, the rc4 key is computed, and decryption is tried.
831 * Either it will success and B43_RX_MAC_DEC is returned,
832 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
833 * and the packet is not usable (it got modified by the ucode).
834 * So in order to never have B43_RX_MAC_DECERR, we should provide
835 * a iv32 and phase1key that match. Because we drop packets in case of
836 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
837 * packets will be lost without higher layer knowing (ie no resync possible
840 * NOTE : this should support 50 key like RCMTA because
841 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
843 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
848 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
850 if (!modparam_hwtkip)
853 if (b43_new_kidx_api(dev))
854 pairwise_keys_start = B43_NR_GROUP_KEYS;
856 B43_WARN_ON(index < pairwise_keys_start);
857 /* We have four default TX keys and possibly four default RX keys.
858 * Physical mac 0 is mapped to physical key 4 or 8, depending
859 * on the firmware version.
860 * So we must adjust the index here.
862 index -= pairwise_keys_start;
863 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
865 if (b43_debug(dev, B43_DBG_KEYS)) {
866 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
869 /* Write the key to the RX tkip shared mem */
870 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
871 for (i = 0; i < 10; i += 2) {
872 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
873 phase1key ? phase1key[i / 2] : 0);
875 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
876 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
879 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
880 struct ieee80211_vif *vif,
881 struct ieee80211_key_conf *keyconf,
882 struct ieee80211_sta *sta,
883 u32 iv32, u16 *phase1key)
885 struct b43_wl *wl = hw_to_b43_wl(hw);
886 struct b43_wldev *dev;
887 int index = keyconf->hw_key_idx;
889 if (B43_WARN_ON(!modparam_hwtkip))
892 /* This is only called from the RX path through mac80211, where
893 * our mutex is already locked. */
894 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
895 dev = wl->current_dev;
896 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
898 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
900 rx_tkip_phase1_write(dev, index, iv32, phase1key);
901 /* only pairwise TKIP keys are supported right now */
904 keymac_write(dev, index, sta->addr);
907 static void do_key_write(struct b43_wldev *dev,
908 u8 index, u8 algorithm,
909 const u8 *key, size_t key_len, const u8 *mac_addr)
911 u8 buf[B43_SEC_KEYSIZE] = { 0, };
912 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
914 if (b43_new_kidx_api(dev))
915 pairwise_keys_start = B43_NR_GROUP_KEYS;
917 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
918 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
920 if (index >= pairwise_keys_start)
921 keymac_write(dev, index, NULL); /* First zero out mac. */
922 if (algorithm == B43_SEC_ALGO_TKIP) {
924 * We should provide an initial iv32, phase1key pair.
925 * We could start with iv32=0 and compute the corresponding
926 * phase1key, but this means calling ieee80211_get_tkip_key
927 * with a fake skb (or export other tkip function).
928 * Because we are lazy we hope iv32 won't start with
929 * 0xffffffff and let's b43_op_update_tkip_key provide a
932 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
933 } else if (index >= pairwise_keys_start) /* clear it */
934 rx_tkip_phase1_write(dev, index, 0, NULL);
936 memcpy(buf, key, key_len);
937 key_write(dev, index, algorithm, buf);
938 if (index >= pairwise_keys_start)
939 keymac_write(dev, index, mac_addr);
941 dev->key[index].algorithm = algorithm;
944 static int b43_key_write(struct b43_wldev *dev,
945 int index, u8 algorithm,
946 const u8 *key, size_t key_len,
948 struct ieee80211_key_conf *keyconf)
951 int pairwise_keys_start;
953 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
954 * - Temporal Encryption Key (128 bits)
955 * - Temporal Authenticator Tx MIC Key (64 bits)
956 * - Temporal Authenticator Rx MIC Key (64 bits)
958 * Hardware only store TEK
960 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
962 if (key_len > B43_SEC_KEYSIZE)
964 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
965 /* Check that we don't already have this key. */
966 B43_WARN_ON(dev->key[i].keyconf == keyconf);
969 /* Pairwise key. Get an empty slot for the key. */
970 if (b43_new_kidx_api(dev))
971 pairwise_keys_start = B43_NR_GROUP_KEYS;
973 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
974 for (i = pairwise_keys_start;
975 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
977 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
978 if (!dev->key[i].keyconf) {
985 b43warn(dev->wl, "Out of hardware key memory\n");
989 B43_WARN_ON(index > 3);
991 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
992 if ((index <= 3) && !b43_new_kidx_api(dev)) {
994 B43_WARN_ON(mac_addr);
995 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
997 keyconf->hw_key_idx = index;
998 dev->key[index].keyconf = keyconf;
1003 static int b43_key_clear(struct b43_wldev *dev, int index)
1005 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1007 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1008 NULL, B43_SEC_KEYSIZE, NULL);
1009 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1010 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1011 NULL, B43_SEC_KEYSIZE, NULL);
1013 dev->key[index].keyconf = NULL;
1018 static void b43_clear_keys(struct b43_wldev *dev)
1022 if (b43_new_kidx_api(dev))
1023 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1025 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1026 for (i = 0; i < count; i++)
1027 b43_key_clear(dev, i);
1030 static void b43_dump_keymemory(struct b43_wldev *dev)
1032 unsigned int i, index, count, offset, pairwise_keys_start;
1038 struct b43_key *key;
1040 if (!b43_debug(dev, B43_DBG_KEYS))
1043 hf = b43_hf_read(dev);
1044 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1045 !!(hf & B43_HF_USEDEFKEYS));
1046 if (b43_new_kidx_api(dev)) {
1047 pairwise_keys_start = B43_NR_GROUP_KEYS;
1048 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1050 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1051 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1053 for (index = 0; index < count; index++) {
1054 key = &(dev->key[index]);
1055 printk(KERN_DEBUG "Key slot %02u: %s",
1056 index, (key->keyconf == NULL) ? " " : "*");
1057 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1058 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1059 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1060 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1063 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1064 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1065 printk(" Algo: %04X/%02X", algo, key->algorithm);
1067 if (index >= pairwise_keys_start) {
1068 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1070 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1071 for (i = 0; i < 14; i += 2) {
1072 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1073 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1076 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1077 ((index - pairwise_keys_start) * 2) + 0);
1078 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1079 ((index - pairwise_keys_start) * 2) + 1);
1080 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1081 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1082 printk(" MAC: %pM", mac);
1084 printk(" DEFAULT KEY");
1089 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1097 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1098 (ps_flags & B43_PS_DISABLED));
1099 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1101 if (ps_flags & B43_PS_ENABLED) {
1103 } else if (ps_flags & B43_PS_DISABLED) {
1106 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1107 // and thus is not an AP and we are associated, set bit 25
1109 if (ps_flags & B43_PS_AWAKE) {
1111 } else if (ps_flags & B43_PS_ASLEEP) {
1114 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1115 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1116 // successful, set bit26
1119 /* FIXME: For now we force awake-on and hwps-off */
1123 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1125 macctl |= B43_MACCTL_HWPS;
1127 macctl &= ~B43_MACCTL_HWPS;
1129 macctl |= B43_MACCTL_AWAKE;
1131 macctl &= ~B43_MACCTL_AWAKE;
1132 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1134 b43_read32(dev, B43_MMIO_MACCTL);
1135 if (awake && dev->sdev->id.revision >= 5) {
1136 /* Wait for the microcode to wake up. */
1137 for (i = 0; i < 100; i++) {
1138 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1139 B43_SHM_SH_UCODESTAT);
1140 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1147 static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1151 flags |= B43_TMSLOW_PHYCLKEN;
1152 flags |= B43_TMSLOW_PHYRESET;
1153 if (dev->phy.type == B43_PHYTYPE_N)
1154 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1155 ssb_device_enable(dev->sdev, flags);
1156 msleep(2); /* Wait for the PLL to turn on. */
1158 /* Now take the PHY out of Reset again */
1159 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
1160 tmslow |= SSB_TMSLOW_FGC;
1161 tmslow &= ~B43_TMSLOW_PHYRESET;
1162 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
1163 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */
1165 tmslow &= ~SSB_TMSLOW_FGC;
1166 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
1167 ssb_read32(dev->sdev, SSB_TMSLOW); /* flush */
1171 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1175 b43_ssb_wireless_core_reset(dev, flags);
1177 /* Turn Analog ON, but only if we already know the PHY-type.
1178 * This protects against very early setup where we don't know the
1179 * PHY-type, yet. wireless_core_reset will be called once again later,
1180 * when we know the PHY-type. */
1182 dev->phy.ops->switch_analog(dev, 1);
1184 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1185 macctl &= ~B43_MACCTL_GMODE;
1186 if (flags & B43_TMSLOW_GMODE)
1187 macctl |= B43_MACCTL_GMODE;
1188 macctl |= B43_MACCTL_IHR_ENABLED;
1189 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1192 static void handle_irq_transmit_status(struct b43_wldev *dev)
1196 struct b43_txstatus stat;
1199 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1200 if (!(v0 & 0x00000001))
1202 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1204 stat.cookie = (v0 >> 16);
1205 stat.seq = (v1 & 0x0000FFFF);
1206 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1207 tmp = (v0 & 0x0000FFFF);
1208 stat.frame_count = ((tmp & 0xF000) >> 12);
1209 stat.rts_count = ((tmp & 0x0F00) >> 8);
1210 stat.supp_reason = ((tmp & 0x001C) >> 2);
1211 stat.pm_indicated = !!(tmp & 0x0080);
1212 stat.intermediate = !!(tmp & 0x0040);
1213 stat.for_ampdu = !!(tmp & 0x0020);
1214 stat.acked = !!(tmp & 0x0002);
1216 b43_handle_txstatus(dev, &stat);
1220 static void drain_txstatus_queue(struct b43_wldev *dev)
1224 if (dev->sdev->id.revision < 5)
1226 /* Read all entries from the microcode TXstatus FIFO
1227 * and throw them away.
1230 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1231 if (!(dummy & 0x00000001))
1233 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1237 static u32 b43_jssi_read(struct b43_wldev *dev)
1241 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1243 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1248 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1250 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1251 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1254 static void b43_generate_noise_sample(struct b43_wldev *dev)
1256 b43_jssi_write(dev, 0x7F7F7F7F);
1257 b43_write32(dev, B43_MMIO_MACCMD,
1258 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1261 static void b43_calculate_link_quality(struct b43_wldev *dev)
1263 /* Top half of Link Quality calculation. */
1265 if (dev->phy.type != B43_PHYTYPE_G)
1267 if (dev->noisecalc.calculation_running)
1269 dev->noisecalc.calculation_running = 1;
1270 dev->noisecalc.nr_samples = 0;
1272 b43_generate_noise_sample(dev);
1275 static void handle_irq_noise(struct b43_wldev *dev)
1277 struct b43_phy_g *phy = dev->phy.g;
1283 /* Bottom half of Link Quality calculation. */
1285 if (dev->phy.type != B43_PHYTYPE_G)
1288 /* Possible race condition: It might be possible that the user
1289 * changed to a different channel in the meantime since we
1290 * started the calculation. We ignore that fact, since it's
1291 * not really that much of a problem. The background noise is
1292 * an estimation only anyway. Slightly wrong results will get damped
1293 * by the averaging of the 8 sample rounds. Additionally the
1294 * value is shortlived. So it will be replaced by the next noise
1295 * calculation round soon. */
1297 B43_WARN_ON(!dev->noisecalc.calculation_running);
1298 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1299 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1300 noise[2] == 0x7F || noise[3] == 0x7F)
1303 /* Get the noise samples. */
1304 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1305 i = dev->noisecalc.nr_samples;
1306 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1307 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1308 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1309 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1310 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1311 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1312 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1313 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1314 dev->noisecalc.nr_samples++;
1315 if (dev->noisecalc.nr_samples == 8) {
1316 /* Calculate the Link Quality by the noise samples. */
1318 for (i = 0; i < 8; i++) {
1319 for (j = 0; j < 4; j++)
1320 average += dev->noisecalc.samples[i][j];
1326 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1327 tmp = (tmp / 128) & 0x1F;
1337 dev->stats.link_noise = average;
1338 dev->noisecalc.calculation_running = 0;
1342 b43_generate_noise_sample(dev);
1345 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1347 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1350 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1351 b43_power_saving_ctl_bits(dev, 0);
1353 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1357 static void handle_irq_atim_end(struct b43_wldev *dev)
1359 if (dev->dfq_valid) {
1360 b43_write32(dev, B43_MMIO_MACCMD,
1361 b43_read32(dev, B43_MMIO_MACCMD)
1362 | B43_MACCMD_DFQ_VALID);
1367 static void handle_irq_pmq(struct b43_wldev *dev)
1374 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1375 if (!(tmp & 0x00000008))
1378 /* 16bit write is odd, but correct. */
1379 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1382 static void b43_write_template_common(struct b43_wldev *dev,
1383 const u8 *data, u16 size,
1385 u16 shm_size_offset, u8 rate)
1388 struct b43_plcp_hdr4 plcp;
1391 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1392 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1393 ram_offset += sizeof(u32);
1394 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1395 * So leave the first two bytes of the next write blank.
1397 tmp = (u32) (data[0]) << 16;
1398 tmp |= (u32) (data[1]) << 24;
1399 b43_ram_write(dev, ram_offset, tmp);
1400 ram_offset += sizeof(u32);
1401 for (i = 2; i < size; i += sizeof(u32)) {
1402 tmp = (u32) (data[i + 0]);
1404 tmp |= (u32) (data[i + 1]) << 8;
1406 tmp |= (u32) (data[i + 2]) << 16;
1408 tmp |= (u32) (data[i + 3]) << 24;
1409 b43_ram_write(dev, ram_offset + i - 2, tmp);
1411 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1412 size + sizeof(struct b43_plcp_hdr6));
1415 /* Check if the use of the antenna that ieee80211 told us to
1416 * use is possible. This will fall back to DEFAULT.
1417 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1418 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1423 if (antenna_nr == 0) {
1424 /* Zero means "use default antenna". That's always OK. */
1428 /* Get the mask of available antennas. */
1430 antenna_mask = dev->sdev->bus->sprom.ant_available_bg;
1432 antenna_mask = dev->sdev->bus->sprom.ant_available_a;
1434 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1435 /* This antenna is not available. Fall back to default. */
1442 /* Convert a b43 antenna number value to the PHY TX control value. */
1443 static u16 b43_antenna_to_phyctl(int antenna)
1447 return B43_TXH_PHY_ANT0;
1449 return B43_TXH_PHY_ANT1;
1451 return B43_TXH_PHY_ANT2;
1453 return B43_TXH_PHY_ANT3;
1454 case B43_ANTENNA_AUTO0:
1455 case B43_ANTENNA_AUTO1:
1456 return B43_TXH_PHY_ANT01AUTO;
1462 static void b43_write_beacon_template(struct b43_wldev *dev,
1464 u16 shm_size_offset)
1466 unsigned int i, len, variable_len;
1467 const struct ieee80211_mgmt *bcn;
1473 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1475 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1476 len = min((size_t) dev->wl->current_beacon->len,
1477 0x200 - sizeof(struct b43_plcp_hdr6));
1478 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1480 b43_write_template_common(dev, (const u8 *)bcn,
1481 len, ram_offset, shm_size_offset, rate);
1483 /* Write the PHY TX control parameters. */
1484 antenna = B43_ANTENNA_DEFAULT;
1485 antenna = b43_antenna_to_phyctl(antenna);
1486 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1487 /* We can't send beacons with short preamble. Would get PHY errors. */
1488 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1489 ctl &= ~B43_TXH_PHY_ANT;
1490 ctl &= ~B43_TXH_PHY_ENC;
1492 if (b43_is_cck_rate(rate))
1493 ctl |= B43_TXH_PHY_ENC_CCK;
1495 ctl |= B43_TXH_PHY_ENC_OFDM;
1496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1498 /* Find the position of the TIM and the DTIM_period value
1499 * and write them to SHM. */
1500 ie = bcn->u.beacon.variable;
1501 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1502 for (i = 0; i < variable_len - 2; ) {
1503 uint8_t ie_id, ie_len;
1510 /* This is the TIM Information Element */
1512 /* Check whether the ie_len is in the beacon data range. */
1513 if (variable_len < ie_len + 2 + i)
1515 /* A valid TIM is at least 4 bytes long. */
1520 tim_position = sizeof(struct b43_plcp_hdr6);
1521 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1524 dtim_period = ie[i + 3];
1526 b43_shm_write16(dev, B43_SHM_SHARED,
1527 B43_SHM_SH_TIMBPOS, tim_position);
1528 b43_shm_write16(dev, B43_SHM_SHARED,
1529 B43_SHM_SH_DTIMPER, dtim_period);
1536 * If ucode wants to modify TIM do it behind the beacon, this
1537 * will happen, for example, when doing mesh networking.
1539 b43_shm_write16(dev, B43_SHM_SHARED,
1541 len + sizeof(struct b43_plcp_hdr6));
1542 b43_shm_write16(dev, B43_SHM_SHARED,
1543 B43_SHM_SH_DTIMPER, 0);
1545 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1548 static void b43_upload_beacon0(struct b43_wldev *dev)
1550 struct b43_wl *wl = dev->wl;
1552 if (wl->beacon0_uploaded)
1554 b43_write_beacon_template(dev, 0x68, 0x18);
1555 wl->beacon0_uploaded = 1;
1558 static void b43_upload_beacon1(struct b43_wldev *dev)
1560 struct b43_wl *wl = dev->wl;
1562 if (wl->beacon1_uploaded)
1564 b43_write_beacon_template(dev, 0x468, 0x1A);
1565 wl->beacon1_uploaded = 1;
1568 static void handle_irq_beacon(struct b43_wldev *dev)
1570 struct b43_wl *wl = dev->wl;
1571 u32 cmd, beacon0_valid, beacon1_valid;
1573 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1574 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) &&
1575 !b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
1578 /* This is the bottom half of the asynchronous beacon update. */
1580 /* Ignore interrupt in the future. */
1581 dev->irq_mask &= ~B43_IRQ_BEACON;
1583 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1584 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1585 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1587 /* Schedule interrupt manually, if busy. */
1588 if (beacon0_valid && beacon1_valid) {
1589 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1590 dev->irq_mask |= B43_IRQ_BEACON;
1594 if (unlikely(wl->beacon_templates_virgin)) {
1595 /* We never uploaded a beacon before.
1596 * Upload both templates now, but only mark one valid. */
1597 wl->beacon_templates_virgin = 0;
1598 b43_upload_beacon0(dev);
1599 b43_upload_beacon1(dev);
1600 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1601 cmd |= B43_MACCMD_BEACON0_VALID;
1602 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1604 if (!beacon0_valid) {
1605 b43_upload_beacon0(dev);
1606 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1607 cmd |= B43_MACCMD_BEACON0_VALID;
1608 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1609 } else if (!beacon1_valid) {
1610 b43_upload_beacon1(dev);
1611 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1612 cmd |= B43_MACCMD_BEACON1_VALID;
1613 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1618 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1620 u32 old_irq_mask = dev->irq_mask;
1622 /* update beacon right away or defer to irq */
1623 handle_irq_beacon(dev);
1624 if (old_irq_mask != dev->irq_mask) {
1625 /* The handler updated the IRQ mask. */
1626 B43_WARN_ON(!dev->irq_mask);
1627 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1628 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1630 /* Device interrupts are currently disabled. That means
1631 * we just ran the hardirq handler and scheduled the
1632 * IRQ thread. The thread will write the IRQ mask when
1633 * it finished, so there's nothing to do here. Writing
1634 * the mask _here_ would incorrectly re-enable IRQs. */
1639 static void b43_beacon_update_trigger_work(struct work_struct *work)
1641 struct b43_wl *wl = container_of(work, struct b43_wl,
1642 beacon_update_trigger);
1643 struct b43_wldev *dev;
1645 mutex_lock(&wl->mutex);
1646 dev = wl->current_dev;
1647 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1648 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
1649 /* wl->mutex is enough. */
1650 b43_do_beacon_update_trigger_work(dev);
1653 spin_lock_irq(&wl->hardirq_lock);
1654 b43_do_beacon_update_trigger_work(dev);
1656 spin_unlock_irq(&wl->hardirq_lock);
1659 mutex_unlock(&wl->mutex);
1662 /* Asynchronously update the packet templates in template RAM.
1663 * Locking: Requires wl->mutex to be locked. */
1664 static void b43_update_templates(struct b43_wl *wl)
1666 struct sk_buff *beacon;
1668 /* This is the top half of the ansynchronous beacon update.
1669 * The bottom half is the beacon IRQ.
1670 * Beacon update must be asynchronous to avoid sending an
1671 * invalid beacon. This can happen for example, if the firmware
1672 * transmits a beacon while we are updating it. */
1674 /* We could modify the existing beacon and set the aid bit in
1675 * the TIM field, but that would probably require resizing and
1676 * moving of data within the beacon template.
1677 * Simply request a new beacon and let mac80211 do the hard work. */
1678 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1679 if (unlikely(!beacon))
1682 if (wl->current_beacon)
1683 dev_kfree_skb_any(wl->current_beacon);
1684 wl->current_beacon = beacon;
1685 wl->beacon0_uploaded = 0;
1686 wl->beacon1_uploaded = 0;
1687 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1690 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1693 if (dev->sdev->id.revision >= 3) {
1694 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1695 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1697 b43_write16(dev, 0x606, (beacon_int >> 6));
1698 b43_write16(dev, 0x610, beacon_int);
1700 b43_time_unlock(dev);
1701 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1704 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1708 /* Read the register that contains the reason code for the panic. */
1709 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1710 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1714 b43dbg(dev->wl, "The panic reason is unknown.\n");
1716 case B43_FWPANIC_DIE:
1717 /* Do not restart the controller or firmware.
1718 * The device is nonfunctional from now on.
1719 * Restarting would result in this panic to trigger again,
1720 * so we avoid that recursion. */
1722 case B43_FWPANIC_RESTART:
1723 b43_controller_restart(dev, "Microcode panic");
1728 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1730 unsigned int i, cnt;
1731 u16 reason, marker_id, marker_line;
1734 /* The proprietary firmware doesn't have this IRQ. */
1735 if (!dev->fw.opensource)
1738 /* Read the register that contains the reason code for this IRQ. */
1739 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1742 case B43_DEBUGIRQ_PANIC:
1743 b43_handle_firmware_panic(dev);
1745 case B43_DEBUGIRQ_DUMP_SHM:
1747 break; /* Only with driver debugging enabled. */
1748 buf = kmalloc(4096, GFP_ATOMIC);
1750 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1753 for (i = 0; i < 4096; i += 2) {
1754 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1755 buf[i / 2] = cpu_to_le16(tmp);
1757 b43info(dev->wl, "Shared memory dump:\n");
1758 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1759 16, 2, buf, 4096, 1);
1762 case B43_DEBUGIRQ_DUMP_REGS:
1764 break; /* Only with driver debugging enabled. */
1765 b43info(dev->wl, "Microcode register dump:\n");
1766 for (i = 0, cnt = 0; i < 64; i++) {
1767 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1770 printk("r%02u: 0x%04X ", i, tmp);
1779 case B43_DEBUGIRQ_MARKER:
1781 break; /* Only with driver debugging enabled. */
1782 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1784 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1785 B43_MARKER_LINE_REG);
1786 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1787 "at line number %u\n",
1788 marker_id, marker_line);
1791 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1795 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1796 b43_shm_write16(dev, B43_SHM_SCRATCH,
1797 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1800 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1803 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1804 u32 merged_dma_reason = 0;
1807 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1810 reason = dev->irq_reason;
1811 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1812 dma_reason[i] = dev->dma_reason[i];
1813 merged_dma_reason |= dma_reason[i];
1816 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1817 b43err(dev->wl, "MAC transmission error\n");
1819 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1820 b43err(dev->wl, "PHY transmission error\n");
1822 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1823 atomic_set(&dev->phy.txerr_cnt,
1824 B43_PHY_TX_BADNESS_LIMIT);
1825 b43err(dev->wl, "Too many PHY TX errors, "
1826 "restarting the controller\n");
1827 b43_controller_restart(dev, "PHY TX errors");
1831 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1832 B43_DMAIRQ_NONFATALMASK))) {
1833 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1834 b43err(dev->wl, "Fatal DMA error: "
1835 "0x%08X, 0x%08X, 0x%08X, "
1836 "0x%08X, 0x%08X, 0x%08X\n",
1837 dma_reason[0], dma_reason[1],
1838 dma_reason[2], dma_reason[3],
1839 dma_reason[4], dma_reason[5]);
1840 b43err(dev->wl, "This device does not support DMA "
1841 "on your system. It will now be switched to PIO.\n");
1842 /* Fall back to PIO transfers if we get fatal DMA errors! */
1844 b43_controller_restart(dev, "DMA error");
1847 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1848 b43err(dev->wl, "DMA error: "
1849 "0x%08X, 0x%08X, 0x%08X, "
1850 "0x%08X, 0x%08X, 0x%08X\n",
1851 dma_reason[0], dma_reason[1],
1852 dma_reason[2], dma_reason[3],
1853 dma_reason[4], dma_reason[5]);
1857 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1858 handle_irq_ucode_debug(dev);
1859 if (reason & B43_IRQ_TBTT_INDI)
1860 handle_irq_tbtt_indication(dev);
1861 if (reason & B43_IRQ_ATIM_END)
1862 handle_irq_atim_end(dev);
1863 if (reason & B43_IRQ_BEACON)
1864 handle_irq_beacon(dev);
1865 if (reason & B43_IRQ_PMQ)
1866 handle_irq_pmq(dev);
1867 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1869 if (reason & B43_IRQ_NOISESAMPLE_OK)
1870 handle_irq_noise(dev);
1872 /* Check the DMA reason registers for received data. */
1873 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1874 if (b43_using_pio_transfers(dev))
1875 b43_pio_rx(dev->pio.rx_queue);
1877 b43_dma_rx(dev->dma.rx_ring);
1879 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1880 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1881 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1882 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1883 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1885 if (reason & B43_IRQ_TX_OK)
1886 handle_irq_transmit_status(dev);
1888 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1889 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1892 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1894 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1895 if (reason & (1 << i))
1896 dev->irq_bit_count[i]++;
1902 /* Interrupt thread handler. Handles device interrupts in thread context. */
1903 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1905 struct b43_wldev *dev = dev_id;
1907 mutex_lock(&dev->wl->mutex);
1908 b43_do_interrupt_thread(dev);
1910 mutex_unlock(&dev->wl->mutex);
1915 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1919 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1920 * On SDIO, this runs under wl->mutex. */
1922 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1923 if (reason == 0xffffffff) /* shared IRQ */
1925 reason &= dev->irq_mask;
1929 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1931 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1933 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1935 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1937 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1940 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1944 /* ACK the interrupt. */
1945 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1946 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1947 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1948 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1949 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1950 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1952 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1955 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1956 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1957 /* Save the reason bitmasks for the IRQ thread handler. */
1958 dev->irq_reason = reason;
1960 return IRQ_WAKE_THREAD;
1963 /* Interrupt handler top-half. This runs with interrupts disabled. */
1964 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1966 struct b43_wldev *dev = dev_id;
1969 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1972 spin_lock(&dev->wl->hardirq_lock);
1973 ret = b43_do_interrupt(dev);
1975 spin_unlock(&dev->wl->hardirq_lock);
1980 /* SDIO interrupt handler. This runs in process context. */
1981 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
1983 struct b43_wl *wl = dev->wl;
1986 mutex_lock(&wl->mutex);
1988 ret = b43_do_interrupt(dev);
1989 if (ret == IRQ_WAKE_THREAD)
1990 b43_do_interrupt_thread(dev);
1992 mutex_unlock(&wl->mutex);
1995 void b43_do_release_fw(struct b43_firmware_file *fw)
1997 release_firmware(fw->data);
1999 fw->filename = NULL;
2002 static void b43_release_firmware(struct b43_wldev *dev)
2004 b43_do_release_fw(&dev->fw.ucode);
2005 b43_do_release_fw(&dev->fw.pcm);
2006 b43_do_release_fw(&dev->fw.initvals);
2007 b43_do_release_fw(&dev->fw.initvals_band);
2010 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2014 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
2015 "and download the correct firmware for this driver version. " \
2016 "Please carefully read all instructions on this website.\n";
2024 int b43_do_request_fw(struct b43_request_fw_context *ctx,
2026 struct b43_firmware_file *fw)
2028 const struct firmware *blob;
2029 struct b43_fw_header *hdr;
2034 /* Don't fetch anything. Free possibly cached firmware. */
2035 /* FIXME: We should probably keep it anyway, to save some headache
2036 * on suspend/resume with multiband devices. */
2037 b43_do_release_fw(fw);
2041 if ((fw->type == ctx->req_type) &&
2042 (strcmp(fw->filename, name) == 0))
2043 return 0; /* Already have this fw. */
2044 /* Free the cached firmware first. */
2045 /* FIXME: We should probably do this later after we successfully
2046 * got the new fw. This could reduce headache with multiband devices.
2047 * We could also redesign this to cache the firmware for all possible
2048 * bands all the time. */
2049 b43_do_release_fw(fw);
2052 switch (ctx->req_type) {
2053 case B43_FWTYPE_PROPRIETARY:
2054 snprintf(ctx->fwname, sizeof(ctx->fwname),
2056 modparam_fwpostfix, name);
2058 case B43_FWTYPE_OPENSOURCE:
2059 snprintf(ctx->fwname, sizeof(ctx->fwname),
2061 modparam_fwpostfix, name);
2067 err = request_firmware(&blob, ctx->fwname, ctx->dev->sdev->dev);
2068 if (err == -ENOENT) {
2069 snprintf(ctx->errors[ctx->req_type],
2070 sizeof(ctx->errors[ctx->req_type]),
2071 "Firmware file \"%s\" not found\n", ctx->fwname);
2074 snprintf(ctx->errors[ctx->req_type],
2075 sizeof(ctx->errors[ctx->req_type]),
2076 "Firmware file \"%s\" request failed (err=%d)\n",
2080 if (blob->size < sizeof(struct b43_fw_header))
2082 hdr = (struct b43_fw_header *)(blob->data);
2083 switch (hdr->type) {
2084 case B43_FW_TYPE_UCODE:
2085 case B43_FW_TYPE_PCM:
2086 size = be32_to_cpu(hdr->size);
2087 if (size != blob->size - sizeof(struct b43_fw_header))
2090 case B43_FW_TYPE_IV:
2099 fw->filename = name;
2100 fw->type = ctx->req_type;
2105 snprintf(ctx->errors[ctx->req_type],
2106 sizeof(ctx->errors[ctx->req_type]),
2107 "Firmware file \"%s\" format error.\n", ctx->fwname);
2108 release_firmware(blob);
2113 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2115 struct b43_wldev *dev = ctx->dev;
2116 struct b43_firmware *fw = &ctx->dev->fw;
2117 const u8 rev = ctx->dev->sdev->id.revision;
2118 const char *filename;
2123 if ((rev >= 5) && (rev <= 10))
2124 filename = "ucode5";
2125 else if ((rev >= 11) && (rev <= 12))
2126 filename = "ucode11";
2128 filename = "ucode13";
2130 filename = "ucode14";
2132 filename = "ucode15";
2133 else if ((rev >= 16) && (rev <= 20))
2134 filename = "ucode16_mimo";
2137 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2142 if ((rev >= 5) && (rev <= 10))
2148 fw->pcm_request_failed = 0;
2149 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2150 if (err == -ENOENT) {
2151 /* We did not find a PCM file? Not fatal, but
2152 * core rev <= 10 must do without hwcrypto then. */
2153 fw->pcm_request_failed = 1;
2158 switch (dev->phy.type) {
2160 if ((rev >= 5) && (rev <= 10)) {
2161 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
2162 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2163 filename = "a0g1initvals5";
2165 filename = "a0g0initvals5";
2167 goto err_no_initvals;
2170 if ((rev >= 5) && (rev <= 10))
2171 filename = "b0g0initvals5";
2173 filename = "b0g0initvals13";
2175 goto err_no_initvals;
2179 filename = "n0initvals16";
2180 else if ((rev >= 11) && (rev <= 12))
2181 filename = "n0initvals11";
2183 goto err_no_initvals;
2185 case B43_PHYTYPE_LP:
2187 filename = "lp0initvals13";
2189 filename = "lp0initvals14";
2191 filename = "lp0initvals15";
2193 goto err_no_initvals;
2196 goto err_no_initvals;
2198 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2202 /* Get bandswitch initvals */
2203 switch (dev->phy.type) {
2205 if ((rev >= 5) && (rev <= 10)) {
2206 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
2207 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2208 filename = "a0g1bsinitvals5";
2210 filename = "a0g0bsinitvals5";
2211 } else if (rev >= 11)
2214 goto err_no_initvals;
2217 if ((rev >= 5) && (rev <= 10))
2218 filename = "b0g0bsinitvals5";
2222 goto err_no_initvals;
2226 filename = "n0bsinitvals16";
2227 else if ((rev >= 11) && (rev <= 12))
2228 filename = "n0bsinitvals11";
2230 goto err_no_initvals;
2232 case B43_PHYTYPE_LP:
2234 filename = "lp0bsinitvals13";
2236 filename = "lp0bsinitvals14";
2238 filename = "lp0bsinitvals15";
2240 goto err_no_initvals;
2243 goto err_no_initvals;
2245 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2252 err = ctx->fatal_failure = -EOPNOTSUPP;
2253 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2254 "is required for your device (wl-core rev %u)\n", rev);
2258 err = ctx->fatal_failure = -EOPNOTSUPP;
2259 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2260 "is required for your device (wl-core rev %u)\n", rev);
2264 err = ctx->fatal_failure = -EOPNOTSUPP;
2265 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2266 "is required for your device (wl-core rev %u)\n", rev);
2270 /* We failed to load this firmware image. The error message
2271 * already is in ctx->errors. Return and let our caller decide
2276 b43_release_firmware(dev);
2280 static int b43_request_firmware(struct b43_wldev *dev)
2282 struct b43_request_fw_context *ctx;
2287 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2292 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2293 err = b43_try_request_fw(ctx);
2295 goto out; /* Successfully loaded it. */
2296 err = ctx->fatal_failure;
2300 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2301 err = b43_try_request_fw(ctx);
2303 goto out; /* Successfully loaded it. */
2304 err = ctx->fatal_failure;
2308 /* Could not find a usable firmware. Print the errors. */
2309 for (i = 0; i < B43_NR_FWTYPES; i++) {
2310 errmsg = ctx->errors[i];
2312 b43err(dev->wl, errmsg);
2314 b43_print_fw_helptext(dev->wl, 1);
2322 static int b43_upload_microcode(struct b43_wldev *dev)
2324 struct wiphy *wiphy = dev->wl->hw->wiphy;
2325 const size_t hdr_len = sizeof(struct b43_fw_header);
2327 unsigned int i, len;
2328 u16 fwrev, fwpatch, fwdate, fwtime;
2332 /* Jump the microcode PSM to offset 0 */
2333 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2334 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2335 macctl |= B43_MACCTL_PSM_JMP0;
2336 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2337 /* Zero out all microcode PSM registers and shared memory. */
2338 for (i = 0; i < 64; i++)
2339 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2340 for (i = 0; i < 4096; i += 2)
2341 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2343 /* Upload Microcode. */
2344 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2345 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2346 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2347 for (i = 0; i < len; i++) {
2348 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2352 if (dev->fw.pcm.data) {
2353 /* Upload PCM data. */
2354 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2355 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2356 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2357 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2358 /* No need for autoinc bit in SHM_HW */
2359 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2360 for (i = 0; i < len; i++) {
2361 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2366 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2368 /* Start the microcode PSM */
2369 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2370 macctl &= ~B43_MACCTL_PSM_JMP0;
2371 macctl |= B43_MACCTL_PSM_RUN;
2372 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2374 /* Wait for the microcode to load and respond */
2377 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2378 if (tmp == B43_IRQ_MAC_SUSPENDED)
2382 b43err(dev->wl, "Microcode not responding\n");
2383 b43_print_fw_helptext(dev->wl, 1);
2389 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2391 /* Get and check the revisions. */
2392 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2393 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2394 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2395 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2397 if (fwrev <= 0x128) {
2398 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2399 "binary drivers older than version 4.x is unsupported. "
2400 "You must upgrade your firmware files.\n");
2401 b43_print_fw_helptext(dev->wl, 1);
2404 } else if (fwrev >= 598) {
2405 b43err(dev->wl, "YOUR FIRMWARE IS TOO NEW. Support for "
2406 "firmware 598 and up requires kernel 3.2 or newer. You "
2407 "have to install older firmware or upgrade kernel.\n");
2408 b43_print_fw_helptext(dev->wl, 1);
2412 dev->fw.rev = fwrev;
2413 dev->fw.patch = fwpatch;
2414 dev->fw.opensource = (fwdate == 0xFFFF);
2416 /* Default to use-all-queues. */
2417 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2418 dev->qos_enabled = !!modparam_qos;
2419 /* Default to firmware/hardware crypto acceleration. */
2420 dev->hwcrypto_enabled = 1;
2422 if (dev->fw.opensource) {
2425 /* Patchlevel info is encoded in the "time" field. */
2426 dev->fw.patch = fwtime;
2427 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2428 dev->fw.rev, dev->fw.patch);
2430 fwcapa = b43_fwcapa_read(dev);
2431 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2432 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2433 /* Disable hardware crypto and fall back to software crypto. */
2434 dev->hwcrypto_enabled = 0;
2436 if (!(fwcapa & B43_FWCAPA_QOS)) {
2437 b43info(dev->wl, "QoS not supported by firmware\n");
2438 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2439 * ieee80211_unregister to make sure the networking core can
2440 * properly free possible resources. */
2441 dev->wl->hw->queues = 1;
2442 dev->qos_enabled = 0;
2445 b43info(dev->wl, "Loading firmware version %u.%u "
2446 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2448 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2449 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2450 if (dev->fw.pcm_request_failed) {
2451 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2452 "Hardware accelerated cryptography is disabled.\n");
2453 b43_print_fw_helptext(dev->wl, 0);
2457 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2458 dev->fw.rev, dev->fw.patch);
2459 wiphy->hw_version = dev->sdev->id.coreid;
2461 if (b43_is_old_txhdr_format(dev)) {
2462 /* We're over the deadline, but we keep support for old fw
2463 * until it turns out to be in major conflict with something new. */
2464 b43warn(dev->wl, "You are using an old firmware image. "
2465 "Support for old firmware will be removed soon "
2466 "(official deadline was July 2008).\n");
2467 b43_print_fw_helptext(dev->wl, 0);
2473 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2474 macctl &= ~B43_MACCTL_PSM_RUN;
2475 macctl |= B43_MACCTL_PSM_JMP0;
2476 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2481 static int b43_write_initvals(struct b43_wldev *dev,
2482 const struct b43_iv *ivals,
2486 const struct b43_iv *iv;
2491 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2493 for (i = 0; i < count; i++) {
2494 if (array_size < sizeof(iv->offset_size))
2496 array_size -= sizeof(iv->offset_size);
2497 offset = be16_to_cpu(iv->offset_size);
2498 bit32 = !!(offset & B43_IV_32BIT);
2499 offset &= B43_IV_OFFSET_MASK;
2500 if (offset >= 0x1000)
2505 if (array_size < sizeof(iv->data.d32))
2507 array_size -= sizeof(iv->data.d32);
2509 value = get_unaligned_be32(&iv->data.d32);
2510 b43_write32(dev, offset, value);
2512 iv = (const struct b43_iv *)((const uint8_t *)iv +
2518 if (array_size < sizeof(iv->data.d16))
2520 array_size -= sizeof(iv->data.d16);
2522 value = be16_to_cpu(iv->data.d16);
2523 b43_write16(dev, offset, value);
2525 iv = (const struct b43_iv *)((const uint8_t *)iv +
2536 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2537 b43_print_fw_helptext(dev->wl, 1);
2542 static int b43_upload_initvals(struct b43_wldev *dev)
2544 const size_t hdr_len = sizeof(struct b43_fw_header);
2545 const struct b43_fw_header *hdr;
2546 struct b43_firmware *fw = &dev->fw;
2547 const struct b43_iv *ivals;
2551 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2552 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2553 count = be32_to_cpu(hdr->size);
2554 err = b43_write_initvals(dev, ivals, count,
2555 fw->initvals.data->size - hdr_len);
2558 if (fw->initvals_band.data) {
2559 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2560 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2561 count = be32_to_cpu(hdr->size);
2562 err = b43_write_initvals(dev, ivals, count,
2563 fw->initvals_band.data->size - hdr_len);
2572 /* Initialize the GPIOs
2573 * http://bcm-specs.sipsolutions.net/GPIO
2575 static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2577 struct ssb_bus *bus = dev->sdev->bus;
2579 #ifdef CONFIG_SSB_DRIVER_PCICORE
2580 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2582 return bus->chipco.dev;
2586 static int b43_gpio_init(struct b43_wldev *dev)
2588 struct ssb_device *gpiodev;
2591 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2592 & ~B43_MACCTL_GPOUTSMSK);
2594 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2599 if (dev->sdev->bus->chip_id == 0x4301) {
2603 if (0 /* FIXME: conditional unknown */ ) {
2604 b43_write16(dev, B43_MMIO_GPIO_MASK,
2605 b43_read16(dev, B43_MMIO_GPIO_MASK)
2610 if (dev->sdev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2611 b43_write16(dev, B43_MMIO_GPIO_MASK,
2612 b43_read16(dev, B43_MMIO_GPIO_MASK)
2617 if (dev->sdev->id.revision >= 2)
2618 mask |= 0x0010; /* FIXME: This is redundant. */
2620 gpiodev = b43_ssb_gpio_dev(dev);
2622 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2623 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2629 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2630 static void b43_gpio_cleanup(struct b43_wldev *dev)
2632 struct ssb_device *gpiodev;
2634 gpiodev = b43_ssb_gpio_dev(dev);
2636 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2639 /* http://bcm-specs.sipsolutions.net/EnableMac */
2640 void b43_mac_enable(struct b43_wldev *dev)
2642 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2645 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2646 B43_SHM_SH_UCODESTAT);
2647 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2648 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2649 b43err(dev->wl, "b43_mac_enable(): The firmware "
2650 "should be suspended, but current state is %u\n",
2655 dev->mac_suspended--;
2656 B43_WARN_ON(dev->mac_suspended < 0);
2657 if (dev->mac_suspended == 0) {
2658 b43_write32(dev, B43_MMIO_MACCTL,
2659 b43_read32(dev, B43_MMIO_MACCTL)
2660 | B43_MACCTL_ENABLED);
2661 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2662 B43_IRQ_MAC_SUSPENDED);
2664 b43_read32(dev, B43_MMIO_MACCTL);
2665 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2666 b43_power_saving_ctl_bits(dev, 0);
2670 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2671 void b43_mac_suspend(struct b43_wldev *dev)
2677 B43_WARN_ON(dev->mac_suspended < 0);
2679 if (dev->mac_suspended == 0) {
2680 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2681 b43_write32(dev, B43_MMIO_MACCTL,
2682 b43_read32(dev, B43_MMIO_MACCTL)
2683 & ~B43_MACCTL_ENABLED);
2684 /* force pci to flush the write */
2685 b43_read32(dev, B43_MMIO_MACCTL);
2686 for (i = 35; i; i--) {
2687 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2688 if (tmp & B43_IRQ_MAC_SUSPENDED)
2692 /* Hm, it seems this will take some time. Use msleep(). */
2693 for (i = 40; i; i--) {
2694 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2695 if (tmp & B43_IRQ_MAC_SUSPENDED)
2699 b43err(dev->wl, "MAC suspend failed\n");
2702 dev->mac_suspended++;
2705 /* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2706 void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
2708 u32 tmslow = ssb_read32(dev->sdev, SSB_TMSLOW);
2710 tmslow |= B43_TMSLOW_MACPHYCLKEN;
2712 tmslow &= ~B43_TMSLOW_MACPHYCLKEN;
2713 ssb_write32(dev->sdev, SSB_TMSLOW, tmslow);
2716 static void b43_adjust_opmode(struct b43_wldev *dev)
2718 struct b43_wl *wl = dev->wl;
2722 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2723 /* Reset status to STA infrastructure mode. */
2724 ctl &= ~B43_MACCTL_AP;
2725 ctl &= ~B43_MACCTL_KEEP_CTL;
2726 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2727 ctl &= ~B43_MACCTL_KEEP_BAD;
2728 ctl &= ~B43_MACCTL_PROMISC;
2729 ctl &= ~B43_MACCTL_BEACPROMISC;
2730 ctl |= B43_MACCTL_INFRA;
2732 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2733 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2734 ctl |= B43_MACCTL_AP;
2735 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2736 ctl &= ~B43_MACCTL_INFRA;
2738 if (wl->filter_flags & FIF_CONTROL)
2739 ctl |= B43_MACCTL_KEEP_CTL;
2740 if (wl->filter_flags & FIF_FCSFAIL)
2741 ctl |= B43_MACCTL_KEEP_BAD;
2742 if (wl->filter_flags & FIF_PLCPFAIL)
2743 ctl |= B43_MACCTL_KEEP_BADPLCP;
2744 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2745 ctl |= B43_MACCTL_PROMISC;
2746 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2747 ctl |= B43_MACCTL_BEACPROMISC;
2749 /* Workaround: On old hardware the HW-MAC-address-filter
2750 * doesn't work properly, so always run promisc in filter
2751 * it in software. */
2752 if (dev->sdev->id.revision <= 4)
2753 ctl |= B43_MACCTL_PROMISC;
2755 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2758 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2759 if (dev->sdev->bus->chip_id == 0x4306 &&
2760 dev->sdev->bus->chip_rev == 3)
2765 b43_write16(dev, 0x612, cfp_pretbtt);
2767 /* FIXME: We don't currently implement the PMQ mechanism,
2768 * so always disable it. If we want to implement PMQ,
2769 * we need to enable it here (clear DISCPMQ) in AP mode.
2771 if (0 /* ctl & B43_MACCTL_AP */) {
2772 b43_write32(dev, B43_MMIO_MACCTL,
2773 b43_read32(dev, B43_MMIO_MACCTL)
2774 & ~B43_MACCTL_DISCPMQ);
2776 b43_write32(dev, B43_MMIO_MACCTL,
2777 b43_read32(dev, B43_MMIO_MACCTL)
2778 | B43_MACCTL_DISCPMQ);
2782 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2788 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2791 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2793 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2794 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2797 static void b43_rate_memory_init(struct b43_wldev *dev)
2799 switch (dev->phy.type) {
2803 case B43_PHYTYPE_LP:
2804 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2805 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2806 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2807 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2808 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2809 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2810 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2811 if (dev->phy.type == B43_PHYTYPE_A)
2815 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2816 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2817 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2818 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2825 /* Set the default values for the PHY TX Control Words. */
2826 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2830 ctl |= B43_TXH_PHY_ENC_CCK;
2831 ctl |= B43_TXH_PHY_ANT01AUTO;
2832 ctl |= B43_TXH_PHY_TXPWR;
2834 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2835 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2836 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2839 /* Set the TX-Antenna for management frames sent by firmware. */
2840 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2845 ant = b43_antenna_to_phyctl(antenna);
2848 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2849 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2850 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2851 /* For Probe Resposes */
2852 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2853 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2854 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2857 /* This is the opposite of b43_chip_init() */
2858 static void b43_chip_exit(struct b43_wldev *dev)
2861 b43_gpio_cleanup(dev);
2862 /* firmware is released later */
2865 /* Initialize the chip
2866 * http://bcm-specs.sipsolutions.net/ChipInit
2868 static int b43_chip_init(struct b43_wldev *dev)
2870 struct b43_phy *phy = &dev->phy;
2875 /* Initialize the MAC control */
2876 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2878 macctl |= B43_MACCTL_GMODE;
2879 macctl |= B43_MACCTL_INFRA;
2880 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2882 err = b43_request_firmware(dev);
2885 err = b43_upload_microcode(dev);
2887 goto out; /* firmware is released later */
2889 err = b43_gpio_init(dev);
2891 goto out; /* firmware is released later */
2893 err = b43_upload_initvals(dev);
2895 goto err_gpio_clean;
2897 /* Turn the Analog on and initialize the PHY. */
2898 phy->ops->switch_analog(dev, 1);
2899 err = b43_phy_init(dev);
2901 goto err_gpio_clean;
2903 /* Disable Interference Mitigation. */
2904 if (phy->ops->interf_mitigation)
2905 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2907 /* Select the antennae */
2908 if (phy->ops->set_rx_antenna)
2909 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2910 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2912 if (phy->type == B43_PHYTYPE_B) {
2913 value16 = b43_read16(dev, 0x005E);
2915 b43_write16(dev, 0x005E, value16);
2917 b43_write32(dev, 0x0100, 0x01000000);
2918 if (dev->sdev->id.revision < 5)
2919 b43_write32(dev, 0x010C, 0x01000000);
2921 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2922 & ~B43_MACCTL_INFRA);
2923 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2924 | B43_MACCTL_INFRA);
2926 /* Probe Response Timeout value */
2927 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2928 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2930 /* Initially set the wireless operation mode. */
2931 b43_adjust_opmode(dev);
2933 if (dev->sdev->id.revision < 3) {
2934 b43_write16(dev, 0x060E, 0x0000);
2935 b43_write16(dev, 0x0610, 0x8000);
2936 b43_write16(dev, 0x0604, 0x0000);
2937 b43_write16(dev, 0x0606, 0x0200);
2939 b43_write32(dev, 0x0188, 0x80000000);
2940 b43_write32(dev, 0x018C, 0x02000000);
2942 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2943 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2944 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2945 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2946 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2947 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2948 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2950 b43_mac_phy_clock_set(dev, true);
2952 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2953 dev->sdev->bus->chipco.fast_pwrup_delay);
2956 b43dbg(dev->wl, "Chip initialized\n");
2961 b43_gpio_cleanup(dev);
2965 static void b43_periodic_every60sec(struct b43_wldev *dev)
2967 const struct b43_phy_operations *ops = dev->phy.ops;
2969 if (ops->pwork_60sec)
2970 ops->pwork_60sec(dev);
2972 /* Force check the TX power emission now. */
2973 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2976 static void b43_periodic_every30sec(struct b43_wldev *dev)
2978 /* Update device statistics. */
2979 b43_calculate_link_quality(dev);
2982 static void b43_periodic_every15sec(struct b43_wldev *dev)
2984 struct b43_phy *phy = &dev->phy;
2987 if (dev->fw.opensource) {
2988 /* Check if the firmware is still alive.
2989 * It will reset the watchdog counter to 0 in its idle loop. */
2990 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2991 if (unlikely(wdr)) {
2992 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2993 b43_controller_restart(dev, "Firmware watchdog");
2996 b43_shm_write16(dev, B43_SHM_SCRATCH,
2997 B43_WATCHDOG_REG, 1);
3001 if (phy->ops->pwork_15sec)
3002 phy->ops->pwork_15sec(dev);
3004 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3008 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3011 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3012 dev->irq_count / 15,
3014 dev->rx_count / 15);
3018 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3019 if (dev->irq_bit_count[i]) {
3020 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3021 dev->irq_bit_count[i] / 15, i, (1 << i));
3022 dev->irq_bit_count[i] = 0;
3029 static void do_periodic_work(struct b43_wldev *dev)
3033 state = dev->periodic_state;
3035 b43_periodic_every60sec(dev);
3037 b43_periodic_every30sec(dev);
3038 b43_periodic_every15sec(dev);
3041 /* Periodic work locking policy:
3042 * The whole periodic work handler is protected by
3043 * wl->mutex. If another lock is needed somewhere in the
3044 * pwork callchain, it's acquired in-place, where it's needed.
3046 static void b43_periodic_work_handler(struct work_struct *work)
3048 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3049 periodic_work.work);
3050 struct b43_wl *wl = dev->wl;
3051 unsigned long delay;
3053 mutex_lock(&wl->mutex);
3055 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3057 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3060 do_periodic_work(dev);
3062 dev->periodic_state++;
3064 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3065 delay = msecs_to_jiffies(50);
3067 delay = round_jiffies_relative(HZ * 15);
3068 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3070 mutex_unlock(&wl->mutex);
3073 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3075 struct delayed_work *work = &dev->periodic_work;
3077 dev->periodic_state = 0;
3078 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3079 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3082 /* Check if communication with the device works correctly. */
3083 static int b43_validate_chipaccess(struct b43_wldev *dev)
3085 u32 v, backup0, backup4;
3087 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3088 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3090 /* Check for read/write and endianness problems. */
3091 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3092 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3094 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3095 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3098 /* Check if unaligned 32bit SHM_SHARED access works properly.
3099 * However, don't bail out on failure, because it's noncritical. */
3100 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3101 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3102 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3103 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3104 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3105 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3106 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3107 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3108 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3109 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3110 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3111 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3113 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3114 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3116 if ((dev->sdev->id.revision >= 3) && (dev->sdev->id.revision <= 10)) {
3117 /* The 32bit register shadows the two 16bit registers
3118 * with update sideeffects. Validate this. */
3119 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3120 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3121 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3123 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3126 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3128 v = b43_read32(dev, B43_MMIO_MACCTL);
3129 v |= B43_MACCTL_GMODE;
3130 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3135 b43err(dev->wl, "Failed to validate the chipaccess\n");
3139 static void b43_security_init(struct b43_wldev *dev)
3141 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3142 /* KTP is a word address, but we address SHM bytewise.
3143 * So multiply by two.
3146 /* Number of RCMTA address slots */
3147 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3148 /* Clear the key memory. */
3149 b43_clear_keys(dev);
3152 #ifdef CONFIG_B43_HWRNG
3153 static int b43_rng_read(struct hwrng *rng, u32 *data)
3155 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3156 struct b43_wldev *dev;
3157 int count = -ENODEV;
3159 mutex_lock(&wl->mutex);
3160 dev = wl->current_dev;
3161 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3162 *data = b43_read16(dev, B43_MMIO_RNG);
3163 count = sizeof(u16);
3165 mutex_unlock(&wl->mutex);
3169 #endif /* CONFIG_B43_HWRNG */
3171 static void b43_rng_exit(struct b43_wl *wl)
3173 #ifdef CONFIG_B43_HWRNG
3174 if (wl->rng_initialized)
3175 hwrng_unregister(&wl->rng);
3176 #endif /* CONFIG_B43_HWRNG */
3179 static int b43_rng_init(struct b43_wl *wl)
3183 #ifdef CONFIG_B43_HWRNG
3184 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3185 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3186 wl->rng.name = wl->rng_name;
3187 wl->rng.data_read = b43_rng_read;
3188 wl->rng.priv = (unsigned long)wl;
3189 wl->rng_initialized = 1;
3190 err = hwrng_register(&wl->rng);
3192 wl->rng_initialized = 0;
3193 b43err(wl, "Failed to register the random "
3194 "number generator (%d)\n", err);
3196 #endif /* CONFIG_B43_HWRNG */
3201 static void b43_tx_work(struct work_struct *work)
3203 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3204 struct b43_wldev *dev;
3205 struct sk_buff *skb;
3208 mutex_lock(&wl->mutex);
3209 dev = wl->current_dev;
3210 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3211 mutex_unlock(&wl->mutex);
3215 while (skb_queue_len(&wl->tx_queue)) {
3216 skb = skb_dequeue(&wl->tx_queue);
3218 if (b43_using_pio_transfers(dev))
3219 err = b43_pio_tx(dev, skb);
3221 err = b43_dma_tx(dev, skb);
3223 dev_kfree_skb(skb); /* Drop it */
3229 mutex_unlock(&wl->mutex);
3232 static void b43_op_tx(struct ieee80211_hw *hw,
3233 struct sk_buff *skb)
3235 struct b43_wl *wl = hw_to_b43_wl(hw);
3237 if (unlikely(skb->len < 2 + 2 + 6)) {
3238 /* Too short, this can't be a valid frame. */
3239 dev_kfree_skb_any(skb);
3242 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3244 skb_queue_tail(&wl->tx_queue, skb);
3245 ieee80211_queue_work(wl->hw, &wl->tx_work);
3248 static void b43_qos_params_upload(struct b43_wldev *dev,
3249 const struct ieee80211_tx_queue_params *p,
3252 u16 params[B43_NR_QOSPARAMS];
3256 if (!dev->qos_enabled)
3259 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3261 memset(¶ms, 0, sizeof(params));
3263 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3264 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3265 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3266 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3267 params[B43_QOSPARAM_AIFS] = p->aifs;
3268 params[B43_QOSPARAM_BSLOTS] = bslots;
3269 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3271 for (i = 0; i < ARRAY_SIZE(params); i++) {
3272 if (i == B43_QOSPARAM_STATUS) {
3273 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3274 shm_offset + (i * 2));
3275 /* Mark the parameters as updated. */
3277 b43_shm_write16(dev, B43_SHM_SHARED,
3278 shm_offset + (i * 2),
3281 b43_shm_write16(dev, B43_SHM_SHARED,
3282 shm_offset + (i * 2),
3288 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3289 static const u16 b43_qos_shm_offsets[] = {
3290 /* [mac80211-queue-nr] = SHM_OFFSET, */
3291 [0] = B43_QOS_VOICE,
3292 [1] = B43_QOS_VIDEO,
3293 [2] = B43_QOS_BESTEFFORT,
3294 [3] = B43_QOS_BACKGROUND,
3297 /* Update all QOS parameters in hardware. */
3298 static void b43_qos_upload_all(struct b43_wldev *dev)
3300 struct b43_wl *wl = dev->wl;
3301 struct b43_qos_params *params;
3304 if (!dev->qos_enabled)
3307 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3308 ARRAY_SIZE(wl->qos_params));
3310 b43_mac_suspend(dev);
3311 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3312 params = &(wl->qos_params[i]);
3313 b43_qos_params_upload(dev, &(params->p),
3314 b43_qos_shm_offsets[i]);
3316 b43_mac_enable(dev);
3319 static void b43_qos_clear(struct b43_wl *wl)
3321 struct b43_qos_params *params;
3324 /* Initialize QoS parameters to sane defaults. */
3326 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3327 ARRAY_SIZE(wl->qos_params));
3329 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3330 params = &(wl->qos_params[i]);
3332 switch (b43_qos_shm_offsets[i]) {
3336 params->p.cw_min = 0x0001;
3337 params->p.cw_max = 0x0001;
3342 params->p.cw_min = 0x0001;
3343 params->p.cw_max = 0x0001;
3345 case B43_QOS_BESTEFFORT:
3348 params->p.cw_min = 0x0001;
3349 params->p.cw_max = 0x03FF;
3351 case B43_QOS_BACKGROUND:
3354 params->p.cw_min = 0x0001;
3355 params->p.cw_max = 0x03FF;
3363 /* Initialize the core's QOS capabilities */
3364 static void b43_qos_init(struct b43_wldev *dev)
3366 if (!dev->qos_enabled) {
3367 /* Disable QOS support. */
3368 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3369 b43_write16(dev, B43_MMIO_IFSCTL,
3370 b43_read16(dev, B43_MMIO_IFSCTL)
3371 & ~B43_MMIO_IFSCTL_USE_EDCF);
3372 b43dbg(dev->wl, "QoS disabled\n");
3376 /* Upload the current QOS parameters. */
3377 b43_qos_upload_all(dev);
3379 /* Enable QOS support. */
3380 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3381 b43_write16(dev, B43_MMIO_IFSCTL,
3382 b43_read16(dev, B43_MMIO_IFSCTL)
3383 | B43_MMIO_IFSCTL_USE_EDCF);
3384 b43dbg(dev->wl, "QoS enabled\n");
3387 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3388 const struct ieee80211_tx_queue_params *params)
3390 struct b43_wl *wl = hw_to_b43_wl(hw);
3391 struct b43_wldev *dev;
3392 unsigned int queue = (unsigned int)_queue;
3395 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3396 /* Queue not available or don't support setting
3397 * params on this queue. Return success to not
3398 * confuse mac80211. */
3401 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3402 ARRAY_SIZE(wl->qos_params));
3404 mutex_lock(&wl->mutex);
3405 dev = wl->current_dev;
3406 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3409 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3410 b43_mac_suspend(dev);
3411 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3412 b43_qos_shm_offsets[queue]);
3413 b43_mac_enable(dev);
3417 mutex_unlock(&wl->mutex);
3422 static int b43_op_get_stats(struct ieee80211_hw *hw,
3423 struct ieee80211_low_level_stats *stats)
3425 struct b43_wl *wl = hw_to_b43_wl(hw);
3427 mutex_lock(&wl->mutex);
3428 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3429 mutex_unlock(&wl->mutex);
3434 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3436 struct b43_wl *wl = hw_to_b43_wl(hw);
3437 struct b43_wldev *dev;
3440 mutex_lock(&wl->mutex);
3441 dev = wl->current_dev;
3443 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3444 b43_tsf_read(dev, &tsf);
3448 mutex_unlock(&wl->mutex);
3453 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3455 struct b43_wl *wl = hw_to_b43_wl(hw);
3456 struct b43_wldev *dev;
3458 mutex_lock(&wl->mutex);
3459 dev = wl->current_dev;
3461 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3462 b43_tsf_write(dev, tsf);
3464 mutex_unlock(&wl->mutex);
3467 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3469 struct ssb_device *sdev = dev->sdev;
3472 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3473 tmslow &= ~B43_TMSLOW_GMODE;
3474 tmslow |= B43_TMSLOW_PHYRESET;
3475 tmslow |= SSB_TMSLOW_FGC;
3476 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3479 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3480 tmslow &= ~SSB_TMSLOW_FGC;
3481 tmslow |= B43_TMSLOW_PHYRESET;
3482 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3486 static const char *band_to_string(enum ieee80211_band band)
3489 case IEEE80211_BAND_5GHZ:
3491 case IEEE80211_BAND_2GHZ:
3500 /* Expects wl->mutex locked */
3501 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3503 struct b43_wldev *up_dev = NULL;
3504 struct b43_wldev *down_dev;
3505 struct b43_wldev *d;
3507 bool uninitialized_var(gmode);
3510 /* Find a device and PHY which supports the band. */
3511 list_for_each_entry(d, &wl->devlist, list) {
3512 switch (chan->band) {
3513 case IEEE80211_BAND_5GHZ:
3514 if (d->phy.supports_5ghz) {
3519 case IEEE80211_BAND_2GHZ:
3520 if (d->phy.supports_2ghz) {
3533 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3534 band_to_string(chan->band));
3537 if ((up_dev == wl->current_dev) &&
3538 (!!wl->current_dev->phy.gmode == !!gmode)) {
3539 /* This device is already running. */
3542 b43dbg(wl, "Switching to %s-GHz band\n",
3543 band_to_string(chan->band));
3544 down_dev = wl->current_dev;
3546 prev_status = b43_status(down_dev);
3547 /* Shutdown the currently running core. */
3548 if (prev_status >= B43_STAT_STARTED)
3549 down_dev = b43_wireless_core_stop(down_dev);
3550 if (prev_status >= B43_STAT_INITIALIZED)
3551 b43_wireless_core_exit(down_dev);
3553 if (down_dev != up_dev) {
3554 /* We switch to a different core, so we put PHY into
3555 * RESET on the old core. */
3556 b43_put_phy_into_reset(down_dev);
3559 /* Now start the new core. */
3560 up_dev->phy.gmode = gmode;
3561 if (prev_status >= B43_STAT_INITIALIZED) {
3562 err = b43_wireless_core_init(up_dev);
3564 b43err(wl, "Fatal: Could not initialize device for "
3565 "selected %s-GHz band\n",
3566 band_to_string(chan->band));
3570 if (prev_status >= B43_STAT_STARTED) {
3571 err = b43_wireless_core_start(up_dev);
3573 b43err(wl, "Fatal: Coult not start device for "
3574 "selected %s-GHz band\n",
3575 band_to_string(chan->band));
3576 b43_wireless_core_exit(up_dev);
3580 B43_WARN_ON(b43_status(up_dev) != prev_status);
3582 wl->current_dev = up_dev;
3586 /* Whoops, failed to init the new core. No core is operating now. */
3587 wl->current_dev = NULL;
3591 /* Write the short and long frame retry limit values. */
3592 static void b43_set_retry_limits(struct b43_wldev *dev,
3593 unsigned int short_retry,
3594 unsigned int long_retry)
3596 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3597 * the chip-internal counter. */
3598 short_retry = min(short_retry, (unsigned int)0xF);
3599 long_retry = min(long_retry, (unsigned int)0xF);
3601 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3603 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3607 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3609 struct b43_wl *wl = hw_to_b43_wl(hw);
3610 struct b43_wldev *dev;
3611 struct b43_phy *phy;
3612 struct ieee80211_conf *conf = &hw->conf;
3616 mutex_lock(&wl->mutex);
3618 /* Switch the band (if necessary). This might change the active core. */
3619 err = b43_switch_band(wl, conf->channel);
3621 goto out_unlock_mutex;
3622 dev = wl->current_dev;
3625 if (conf_is_ht(conf))
3627 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3629 phy->is_40mhz = false;
3631 b43_mac_suspend(dev);
3633 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3634 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3635 conf->long_frame_max_tx_count);
3636 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3638 goto out_mac_enable;
3640 /* Switch to the requested channel.
3641 * The firmware takes care of races with the TX handler. */
3642 if (conf->channel->hw_value != phy->channel)
3643 b43_switch_channel(dev, conf->channel->hw_value);
3645 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3647 /* Adjust the desired TX power level. */
3648 if (conf->power_level != 0) {
3649 if (conf->power_level != phy->desired_txpower) {
3650 phy->desired_txpower = conf->power_level;
3651 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3652 B43_TXPWR_IGNORE_TSSI);
3656 /* Antennas for RX and management frame TX. */
3657 antenna = B43_ANTENNA_DEFAULT;
3658 b43_mgmtframe_txantenna(dev, antenna);
3659 antenna = B43_ANTENNA_DEFAULT;
3660 if (phy->ops->set_rx_antenna)
3661 phy->ops->set_rx_antenna(dev, antenna);
3663 if (wl->radio_enabled != phy->radio_on) {
3664 if (wl->radio_enabled) {
3665 b43_software_rfkill(dev, false);
3666 b43info(dev->wl, "Radio turned on by software\n");
3667 if (!dev->radio_hw_enable) {
3668 b43info(dev->wl, "The hardware RF-kill button "
3669 "still turns the radio physically off. "
3670 "Press the button to turn it on.\n");
3673 b43_software_rfkill(dev, true);
3674 b43info(dev->wl, "Radio turned off by software\n");
3679 b43_mac_enable(dev);
3681 mutex_unlock(&wl->mutex);
3686 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3688 struct ieee80211_supported_band *sband =
3689 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3690 struct ieee80211_rate *rate;
3692 u16 basic, direct, offset, basic_offset, rateptr;
3694 for (i = 0; i < sband->n_bitrates; i++) {
3695 rate = &sband->bitrates[i];
3697 if (b43_is_cck_rate(rate->hw_value)) {
3698 direct = B43_SHM_SH_CCKDIRECT;
3699 basic = B43_SHM_SH_CCKBASIC;
3700 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3703 direct = B43_SHM_SH_OFDMDIRECT;
3704 basic = B43_SHM_SH_OFDMBASIC;
3705 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3709 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3711 if (b43_is_cck_rate(rate->hw_value)) {
3712 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3713 basic_offset &= 0xF;
3715 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3716 basic_offset &= 0xF;
3720 * Get the pointer that we need to point to
3721 * from the direct map
3723 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3724 direct + 2 * basic_offset);
3725 /* and write it to the basic map */
3726 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3731 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3732 struct ieee80211_vif *vif,
3733 struct ieee80211_bss_conf *conf,
3736 struct b43_wl *wl = hw_to_b43_wl(hw);
3737 struct b43_wldev *dev;
3739 mutex_lock(&wl->mutex);
3741 dev = wl->current_dev;
3742 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3743 goto out_unlock_mutex;
3745 B43_WARN_ON(wl->vif != vif);
3747 if (changed & BSS_CHANGED_BSSID) {
3749 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3751 memset(wl->bssid, 0, ETH_ALEN);
3754 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3755 if (changed & BSS_CHANGED_BEACON &&
3756 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3757 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3758 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3759 b43_update_templates(wl);
3761 if (changed & BSS_CHANGED_BSSID)
3762 b43_write_mac_bssid_templates(dev);
3765 b43_mac_suspend(dev);
3767 /* Update templates for AP/mesh mode. */
3768 if (changed & BSS_CHANGED_BEACON_INT &&
3769 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3770 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3771 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3772 b43_set_beacon_int(dev, conf->beacon_int);
3774 if (changed & BSS_CHANGED_BASIC_RATES)
3775 b43_update_basic_rates(dev, conf->basic_rates);
3777 if (changed & BSS_CHANGED_ERP_SLOT) {
3778 if (conf->use_short_slot)
3779 b43_short_slot_timing_enable(dev);
3781 b43_short_slot_timing_disable(dev);
3784 b43_mac_enable(dev);
3786 mutex_unlock(&wl->mutex);
3789 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3790 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3791 struct ieee80211_key_conf *key)
3793 struct b43_wl *wl = hw_to_b43_wl(hw);
3794 struct b43_wldev *dev;
3798 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3800 if (modparam_nohwcrypt)
3801 return -ENOSPC; /* User disabled HW-crypto */
3803 mutex_lock(&wl->mutex);
3805 dev = wl->current_dev;
3807 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3810 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3811 /* We don't have firmware for the crypto engine.
3812 * Must use software-crypto. */
3818 switch (key->cipher) {
3819 case WLAN_CIPHER_SUITE_WEP40:
3820 algorithm = B43_SEC_ALGO_WEP40;
3822 case WLAN_CIPHER_SUITE_WEP104:
3823 algorithm = B43_SEC_ALGO_WEP104;
3825 case WLAN_CIPHER_SUITE_TKIP:
3826 algorithm = B43_SEC_ALGO_TKIP;
3828 case WLAN_CIPHER_SUITE_CCMP:
3829 algorithm = B43_SEC_ALGO_AES;
3835 index = (u8) (key->keyidx);
3841 if (algorithm == B43_SEC_ALGO_TKIP &&
3842 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3843 !modparam_hwtkip)) {
3844 /* We support only pairwise key */
3849 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3850 if (WARN_ON(!sta)) {
3854 /* Pairwise key with an assigned MAC address. */
3855 err = b43_key_write(dev, -1, algorithm,
3856 key->key, key->keylen,
3860 err = b43_key_write(dev, index, algorithm,
3861 key->key, key->keylen, NULL, key);
3866 if (algorithm == B43_SEC_ALGO_WEP40 ||
3867 algorithm == B43_SEC_ALGO_WEP104) {
3868 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3871 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3873 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3874 if (algorithm == B43_SEC_ALGO_TKIP)
3875 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3878 err = b43_key_clear(dev, key->hw_key_idx);
3889 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3891 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3892 sta ? sta->addr : bcast_addr);
3893 b43_dump_keymemory(dev);
3895 mutex_unlock(&wl->mutex);
3900 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3901 unsigned int changed, unsigned int *fflags,
3904 struct b43_wl *wl = hw_to_b43_wl(hw);
3905 struct b43_wldev *dev;
3907 mutex_lock(&wl->mutex);
3908 dev = wl->current_dev;
3914 *fflags &= FIF_PROMISC_IN_BSS |
3920 FIF_BCN_PRBRESP_PROMISC;
3922 changed &= FIF_PROMISC_IN_BSS |
3928 FIF_BCN_PRBRESP_PROMISC;
3930 wl->filter_flags = *fflags;
3932 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3933 b43_adjust_opmode(dev);
3936 mutex_unlock(&wl->mutex);
3939 /* Locking: wl->mutex
3940 * Returns the current dev. This might be different from the passed in dev,
3941 * because the core might be gone away while we unlocked the mutex. */
3942 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3944 struct b43_wl *wl = dev->wl;
3945 struct b43_wldev *orig_dev;
3949 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3952 /* Cancel work. Unlock to avoid deadlocks. */
3953 mutex_unlock(&wl->mutex);
3954 cancel_delayed_work_sync(&dev->periodic_work);
3955 cancel_work_sync(&wl->tx_work);
3956 mutex_lock(&wl->mutex);
3957 dev = wl->current_dev;
3958 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3959 /* Whoops, aliens ate up the device while we were unlocked. */
3963 /* Disable interrupts on the device. */
3964 b43_set_status(dev, B43_STAT_INITIALIZED);
3965 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
3966 /* wl->mutex is locked. That is enough. */
3967 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3968 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3970 spin_lock_irq(&wl->hardirq_lock);
3971 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3972 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3973 spin_unlock_irq(&wl->hardirq_lock);
3975 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
3977 mutex_unlock(&wl->mutex);
3978 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
3979 b43_sdio_free_irq(dev);
3981 synchronize_irq(dev->sdev->irq);
3982 free_irq(dev->sdev->irq, dev);
3984 mutex_lock(&wl->mutex);
3985 dev = wl->current_dev;
3988 if (dev != orig_dev) {
3989 if (b43_status(dev) >= B43_STAT_STARTED)
3993 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
3994 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
3996 /* Drain the TX queue */
3997 while (skb_queue_len(&wl->tx_queue))
3998 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
4000 b43_mac_suspend(dev);
4002 b43dbg(wl, "Wireless interface stopped\n");
4007 /* Locking: wl->mutex */
4008 static int b43_wireless_core_start(struct b43_wldev *dev)
4012 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4014 drain_txstatus_queue(dev);
4015 if (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) {
4016 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4018 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4022 err = request_threaded_irq(dev->sdev->irq, b43_interrupt_handler,
4023 b43_interrupt_thread_handler,
4024 IRQF_SHARED, KBUILD_MODNAME, dev);
4026 b43err(dev->wl, "Cannot request IRQ-%d\n",
4032 /* We are ready to run. */
4033 ieee80211_wake_queues(dev->wl->hw);
4034 b43_set_status(dev, B43_STAT_STARTED);
4036 /* Start data flow (TX/RX). */
4037 b43_mac_enable(dev);
4038 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4040 /* Start maintenance work */
4041 b43_periodic_tasks_setup(dev);
4045 b43dbg(dev->wl, "Wireless interface started\n");
4050 /* Get PHY and RADIO versioning numbers */
4051 static int b43_phy_versioning(struct b43_wldev *dev)
4053 struct b43_phy *phy = &dev->phy;
4061 int unsupported = 0;
4063 /* Get PHY versioning */
4064 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4065 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4066 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4067 phy_rev = (tmp & B43_PHYVER_VERSION);
4074 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4082 #ifdef CONFIG_B43_PHY_N
4088 #ifdef CONFIG_B43_PHY_LP
4089 case B43_PHYTYPE_LP:
4098 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
4099 "(Analog %u, Type %u, Revision %u)\n",
4100 analog_type, phy_type, phy_rev);
4103 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
4104 analog_type, phy_type, phy_rev);
4106 /* Get RADIO versioning */
4107 if (dev->sdev->bus->chip_id == 0x4317) {
4108 if (dev->sdev->bus->chip_rev == 0)
4110 else if (dev->sdev->bus->chip_rev == 1)
4115 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4116 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4117 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
4118 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4120 radio_manuf = (tmp & 0x00000FFF);
4121 radio_ver = (tmp & 0x0FFFF000) >> 12;
4122 radio_rev = (tmp & 0xF0000000) >> 28;
4123 if (radio_manuf != 0x17F /* Broadcom */)
4127 if (radio_ver != 0x2060)
4131 if (radio_manuf != 0x17F)
4135 if ((radio_ver & 0xFFF0) != 0x2050)
4139 if (radio_ver != 0x2050)
4143 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4146 case B43_PHYTYPE_LP:
4147 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4154 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4155 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4156 radio_manuf, radio_ver, radio_rev);
4159 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4160 radio_manuf, radio_ver, radio_rev);
4162 phy->radio_manuf = radio_manuf;
4163 phy->radio_ver = radio_ver;
4164 phy->radio_rev = radio_rev;
4166 phy->analog = analog_type;
4167 phy->type = phy_type;
4173 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4174 struct b43_phy *phy)
4176 phy->hardware_power_control = !!modparam_hwpctl;
4177 phy->next_txpwr_check_time = jiffies;
4178 /* PHY TX errors counter. */
4179 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4182 phy->phy_locked = 0;
4183 phy->radio_locked = 0;
4187 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4191 /* Assume the radio is enabled. If it's not enabled, the state will
4192 * immediately get fixed on the first periodic work run. */
4193 dev->radio_hw_enable = 1;
4196 memset(&dev->stats, 0, sizeof(dev->stats));
4198 setup_struct_phy_for_init(dev, &dev->phy);
4200 /* IRQ related flags */
4201 dev->irq_reason = 0;
4202 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4203 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4204 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4205 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4207 dev->mac_suspended = 1;
4209 /* Noise calculation context */
4210 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4213 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4215 struct ssb_sprom *sprom = &dev->sdev->bus->sprom;
4218 if (!modparam_btcoex)
4220 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4222 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4225 hf = b43_hf_read(dev);
4226 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4227 hf |= B43_HF_BTCOEXALT;
4229 hf |= B43_HF_BTCOEX;
4230 b43_hf_write(dev, hf);
4233 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4235 if (!modparam_btcoex)
4240 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4242 struct ssb_bus *bus = dev->sdev->bus;
4245 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4246 (bus->chip_id == 0x4312)) {
4247 tmp = ssb_read32(dev->sdev, SSB_IMCFGLO);
4248 tmp &= ~SSB_IMCFGLO_REQTO;
4249 tmp &= ~SSB_IMCFGLO_SERTO;
4251 ssb_write32(dev->sdev, SSB_IMCFGLO, tmp);
4252 ssb_commit_settings(bus);
4256 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4260 /* The time value is in microseconds. */
4261 if (dev->phy.type == B43_PHYTYPE_A)
4265 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4267 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4268 pu_delay = max(pu_delay, (u16)2400);
4270 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4273 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4274 static void b43_set_pretbtt(struct b43_wldev *dev)
4278 /* The time value is in microseconds. */
4279 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4282 if (dev->phy.type == B43_PHYTYPE_A)
4287 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4288 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4291 /* Shutdown a wireless core */
4292 /* Locking: wl->mutex */
4293 static void b43_wireless_core_exit(struct b43_wldev *dev)
4297 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4298 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4301 /* Unregister HW RNG driver */
4302 b43_rng_exit(dev->wl);
4304 b43_set_status(dev, B43_STAT_UNINIT);
4306 /* Stop the microcode PSM. */
4307 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4308 macctl &= ~B43_MACCTL_PSM_RUN;
4309 macctl |= B43_MACCTL_PSM_JMP0;
4310 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4315 dev->phy.ops->switch_analog(dev, 0);
4316 if (dev->wl->current_beacon) {
4317 dev_kfree_skb_any(dev->wl->current_beacon);
4318 dev->wl->current_beacon = NULL;
4321 ssb_device_disable(dev->sdev, 0);
4322 ssb_bus_may_powerdown(dev->sdev->bus);
4325 /* Initialize a wireless core */
4326 static int b43_wireless_core_init(struct b43_wldev *dev)
4328 struct ssb_bus *bus = dev->sdev->bus;
4329 struct ssb_sprom *sprom = &bus->sprom;
4330 struct b43_phy *phy = &dev->phy;
4335 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4337 err = ssb_bus_powerup(bus, 0);
4340 if (!ssb_device_is_enabled(dev->sdev)) {
4341 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
4342 b43_wireless_core_reset(dev, tmp);
4345 /* Reset all data structures. */
4346 setup_struct_wldev_for_init(dev);
4347 phy->ops->prepare_structs(dev);
4349 /* Enable IRQ routing to this device. */
4350 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->sdev);
4352 b43_imcfglo_timeouts_workaround(dev);
4353 b43_bluetooth_coext_disable(dev);
4354 if (phy->ops->prepare_hardware) {
4355 err = phy->ops->prepare_hardware(dev);
4359 err = b43_chip_init(dev);
4362 b43_shm_write16(dev, B43_SHM_SHARED,
4363 B43_SHM_SH_WLCOREREV, dev->sdev->id.revision);
4364 hf = b43_hf_read(dev);
4365 if (phy->type == B43_PHYTYPE_G) {
4369 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4370 hf |= B43_HF_OFDMPABOOST;
4372 if (phy->radio_ver == 0x2050) {
4373 if (phy->radio_rev == 6)
4374 hf |= B43_HF_4318TSSI;
4375 if (phy->radio_rev < 6)
4376 hf |= B43_HF_VCORECALC;
4378 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4379 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4380 #ifdef CONFIG_SSB_DRIVER_PCICORE
4381 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4382 (bus->pcicore.dev->id.revision <= 10))
4383 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4385 hf &= ~B43_HF_SKCFPUP;
4386 b43_hf_write(dev, hf);
4388 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4389 B43_DEFAULT_LONG_RETRY_LIMIT);
4390 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4391 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4393 /* Disable sending probe responses from firmware.
4394 * Setting the MaxTime to one usec will always trigger
4395 * a timeout, so we never send any probe resp.
4396 * A timeout of zero is infinite. */
4397 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4399 b43_rate_memory_init(dev);
4400 b43_set_phytxctl_defaults(dev);
4402 /* Minimum Contention Window */
4403 if (phy->type == B43_PHYTYPE_B)
4404 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4406 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4407 /* Maximum Contention Window */
4408 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4410 if ((dev->sdev->bus->bustype == SSB_BUSTYPE_PCMCIA) ||
4411 (dev->sdev->bus->bustype == SSB_BUSTYPE_SDIO) ||
4413 dev->__using_pio_transfers = 1;
4414 err = b43_pio_init(dev);
4416 dev->__using_pio_transfers = 0;
4417 err = b43_dma_init(dev);
4422 b43_set_synth_pu_delay(dev, 1);
4423 b43_bluetooth_coext_enable(dev);
4425 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4426 b43_upload_card_macaddress(dev);
4427 b43_security_init(dev);
4429 ieee80211_wake_queues(dev->wl->hw);
4431 b43_set_status(dev, B43_STAT_INITIALIZED);
4433 /* Register HW RNG driver */
4434 b43_rng_init(dev->wl);
4442 ssb_bus_may_powerdown(bus);
4443 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4447 static int b43_op_add_interface(struct ieee80211_hw *hw,
4448 struct ieee80211_vif *vif)
4450 struct b43_wl *wl = hw_to_b43_wl(hw);
4451 struct b43_wldev *dev;
4452 int err = -EOPNOTSUPP;
4454 /* TODO: allow WDS/AP devices to coexist */
4456 if (vif->type != NL80211_IFTYPE_AP &&
4457 vif->type != NL80211_IFTYPE_MESH_POINT &&
4458 vif->type != NL80211_IFTYPE_STATION &&
4459 vif->type != NL80211_IFTYPE_WDS &&
4460 vif->type != NL80211_IFTYPE_ADHOC)
4463 mutex_lock(&wl->mutex);
4465 goto out_mutex_unlock;
4467 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4469 dev = wl->current_dev;
4472 wl->if_type = vif->type;
4473 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4475 b43_adjust_opmode(dev);
4476 b43_set_pretbtt(dev);
4477 b43_set_synth_pu_delay(dev, 0);
4478 b43_upload_card_macaddress(dev);
4482 mutex_unlock(&wl->mutex);
4487 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4488 struct ieee80211_vif *vif)
4490 struct b43_wl *wl = hw_to_b43_wl(hw);
4491 struct b43_wldev *dev = wl->current_dev;
4493 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4495 mutex_lock(&wl->mutex);
4497 B43_WARN_ON(!wl->operating);
4498 B43_WARN_ON(wl->vif != vif);
4503 b43_adjust_opmode(dev);
4504 memset(wl->mac_addr, 0, ETH_ALEN);
4505 b43_upload_card_macaddress(dev);
4507 mutex_unlock(&wl->mutex);
4510 static int b43_op_start(struct ieee80211_hw *hw)
4512 struct b43_wl *wl = hw_to_b43_wl(hw);
4513 struct b43_wldev *dev = wl->current_dev;
4517 /* Kill all old instance specific information to make sure
4518 * the card won't use it in the short timeframe between start
4519 * and mac80211 reconfiguring it. */
4520 memset(wl->bssid, 0, ETH_ALEN);
4521 memset(wl->mac_addr, 0, ETH_ALEN);
4522 wl->filter_flags = 0;
4523 wl->radiotap_enabled = 0;
4525 wl->beacon0_uploaded = 0;
4526 wl->beacon1_uploaded = 0;
4527 wl->beacon_templates_virgin = 1;
4528 wl->radio_enabled = 1;
4530 mutex_lock(&wl->mutex);
4532 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4533 err = b43_wireless_core_init(dev);
4535 goto out_mutex_unlock;
4539 if (b43_status(dev) < B43_STAT_STARTED) {
4540 err = b43_wireless_core_start(dev);
4543 b43_wireless_core_exit(dev);
4544 goto out_mutex_unlock;
4548 /* XXX: only do if device doesn't support rfkill irq */
4549 wiphy_rfkill_start_polling(hw->wiphy);
4552 mutex_unlock(&wl->mutex);
4557 static void b43_op_stop(struct ieee80211_hw *hw)
4559 struct b43_wl *wl = hw_to_b43_wl(hw);
4560 struct b43_wldev *dev = wl->current_dev;
4562 cancel_work_sync(&(wl->beacon_update_trigger));
4564 mutex_lock(&wl->mutex);
4565 if (b43_status(dev) >= B43_STAT_STARTED) {
4566 dev = b43_wireless_core_stop(dev);
4570 b43_wireless_core_exit(dev);
4571 wl->radio_enabled = 0;
4574 mutex_unlock(&wl->mutex);
4576 cancel_work_sync(&(wl->txpower_adjust_work));
4579 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4580 struct ieee80211_sta *sta, bool set)
4582 struct b43_wl *wl = hw_to_b43_wl(hw);
4584 /* FIXME: add locking */
4585 b43_update_templates(wl);
4590 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4591 struct ieee80211_vif *vif,
4592 enum sta_notify_cmd notify_cmd,
4593 struct ieee80211_sta *sta)
4595 struct b43_wl *wl = hw_to_b43_wl(hw);
4597 B43_WARN_ON(!vif || wl->vif != vif);
4600 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4602 struct b43_wl *wl = hw_to_b43_wl(hw);
4603 struct b43_wldev *dev;
4605 mutex_lock(&wl->mutex);
4606 dev = wl->current_dev;
4607 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4608 /* Disable CFP update during scan on other channels. */
4609 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4611 mutex_unlock(&wl->mutex);
4614 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4616 struct b43_wl *wl = hw_to_b43_wl(hw);
4617 struct b43_wldev *dev;
4619 mutex_lock(&wl->mutex);
4620 dev = wl->current_dev;
4621 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4622 /* Re-enable CFP update. */
4623 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4625 mutex_unlock(&wl->mutex);
4628 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
4629 struct survey_info *survey)
4631 struct b43_wl *wl = hw_to_b43_wl(hw);
4632 struct b43_wldev *dev = wl->current_dev;
4633 struct ieee80211_conf *conf = &hw->conf;
4638 survey->channel = conf->channel;
4639 survey->filled = SURVEY_INFO_NOISE_DBM;
4640 survey->noise = dev->stats.link_noise;
4645 static const struct ieee80211_ops b43_hw_ops = {
4647 .conf_tx = b43_op_conf_tx,
4648 .add_interface = b43_op_add_interface,
4649 .remove_interface = b43_op_remove_interface,
4650 .config = b43_op_config,
4651 .bss_info_changed = b43_op_bss_info_changed,
4652 .configure_filter = b43_op_configure_filter,
4653 .set_key = b43_op_set_key,
4654 .update_tkip_key = b43_op_update_tkip_key,
4655 .get_stats = b43_op_get_stats,
4656 .get_tsf = b43_op_get_tsf,
4657 .set_tsf = b43_op_set_tsf,
4658 .start = b43_op_start,
4659 .stop = b43_op_stop,
4660 .set_tim = b43_op_beacon_set_tim,
4661 .sta_notify = b43_op_sta_notify,
4662 .sw_scan_start = b43_op_sw_scan_start_notifier,
4663 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4664 .get_survey = b43_op_get_survey,
4665 .rfkill_poll = b43_rfkill_poll,
4668 /* Hard-reset the chip. Do not call this directly.
4669 * Use b43_controller_restart()
4671 static void b43_chip_reset(struct work_struct *work)
4673 struct b43_wldev *dev =
4674 container_of(work, struct b43_wldev, restart_work);
4675 struct b43_wl *wl = dev->wl;
4679 mutex_lock(&wl->mutex);
4681 prev_status = b43_status(dev);
4682 /* Bring the device down... */
4683 if (prev_status >= B43_STAT_STARTED) {
4684 dev = b43_wireless_core_stop(dev);
4690 if (prev_status >= B43_STAT_INITIALIZED)
4691 b43_wireless_core_exit(dev);
4693 /* ...and up again. */
4694 if (prev_status >= B43_STAT_INITIALIZED) {
4695 err = b43_wireless_core_init(dev);
4699 if (prev_status >= B43_STAT_STARTED) {
4700 err = b43_wireless_core_start(dev);
4702 b43_wireless_core_exit(dev);
4708 wl->current_dev = NULL; /* Failed to init the dev. */
4709 mutex_unlock(&wl->mutex);
4711 b43err(wl, "Controller restart FAILED\n");
4713 b43info(wl, "Controller restarted\n");
4716 static int b43_setup_bands(struct b43_wldev *dev,
4717 bool have_2ghz_phy, bool have_5ghz_phy)
4719 struct ieee80211_hw *hw = dev->wl->hw;
4722 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4723 if (dev->phy.type == B43_PHYTYPE_N) {
4725 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4728 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4731 dev->phy.supports_2ghz = have_2ghz_phy;
4732 dev->phy.supports_5ghz = have_5ghz_phy;
4737 static void b43_wireless_core_detach(struct b43_wldev *dev)
4739 /* We release firmware that late to not be required to re-request
4740 * is all the time when we reinit the core. */
4741 b43_release_firmware(dev);
4745 static int b43_wireless_core_attach(struct b43_wldev *dev)
4747 struct b43_wl *wl = dev->wl;
4748 struct ssb_bus *bus = dev->sdev->bus;
4749 struct pci_dev *pdev = (bus->bustype == SSB_BUSTYPE_PCI) ? bus->host_pci : NULL;
4751 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4754 /* Do NOT do any device initialization here.
4755 * Do it in wireless_core_init() instead.
4756 * This function is for gathering basic information about the HW, only.
4757 * Also some structs may be set up here. But most likely you want to have
4758 * that in core_init(), too.
4761 err = ssb_bus_powerup(bus, 0);
4763 b43err(wl, "Bus powerup failed\n");
4766 /* Get the PHY type. */
4767 if (dev->sdev->id.revision >= 5) {
4770 tmshigh = ssb_read32(dev->sdev, SSB_TMSHIGH);
4771 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4772 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4776 dev->phy.gmode = have_2ghz_phy;
4777 dev->phy.radio_on = 1;
4778 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4779 b43_wireless_core_reset(dev, tmp);
4781 err = b43_phy_versioning(dev);
4784 /* Check if this device supports multiband. */
4786 (pdev->device != 0x4312 &&
4787 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4788 /* No multiband support. */
4791 switch (dev->phy.type) {
4795 case B43_PHYTYPE_LP: //FIXME not always!
4796 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4807 if (dev->phy.type == B43_PHYTYPE_A) {
4809 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4813 if (1 /* disable A-PHY */) {
4814 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4815 if (dev->phy.type != B43_PHYTYPE_N &&
4816 dev->phy.type != B43_PHYTYPE_LP) {
4822 err = b43_phy_allocate(dev);
4826 dev->phy.gmode = have_2ghz_phy;
4827 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4828 b43_wireless_core_reset(dev, tmp);
4830 err = b43_validate_chipaccess(dev);
4833 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4837 /* Now set some default "current_dev" */
4838 if (!wl->current_dev)
4839 wl->current_dev = dev;
4840 INIT_WORK(&dev->restart_work, b43_chip_reset);
4842 dev->phy.ops->switch_analog(dev, 0);
4843 ssb_device_disable(dev->sdev, 0);
4844 ssb_bus_may_powerdown(bus);
4852 ssb_bus_may_powerdown(bus);
4856 static void b43_one_core_detach(struct ssb_device *dev)
4858 struct b43_wldev *wldev;
4861 /* Do not cancel ieee80211-workqueue based work here.
4862 * See comment in b43_remove(). */
4864 wldev = ssb_get_drvdata(dev);
4866 b43_debugfs_remove_device(wldev);
4867 b43_wireless_core_detach(wldev);
4868 list_del(&wldev->list);
4870 ssb_set_drvdata(dev, NULL);
4874 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4876 struct b43_wldev *wldev;
4879 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4883 wldev->use_pio = b43_modparam_pio;
4886 b43_set_status(wldev, B43_STAT_UNINIT);
4887 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4888 INIT_LIST_HEAD(&wldev->list);
4890 err = b43_wireless_core_attach(wldev);
4892 goto err_kfree_wldev;
4894 list_add(&wldev->list, &wl->devlist);
4896 ssb_set_drvdata(dev, wldev);
4897 b43_debugfs_add_device(wldev);
4907 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4908 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4909 (pdev->device == _device) && \
4910 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4911 (pdev->subsystem_device == _subdevice) )
4913 static void b43_sprom_fixup(struct ssb_bus *bus)
4915 struct pci_dev *pdev;
4917 /* boardflags workarounds */
4918 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4919 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4920 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4921 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4922 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4923 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4924 if (bus->bustype == SSB_BUSTYPE_PCI) {
4925 pdev = bus->host_pci;
4926 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4927 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4928 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4929 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4930 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4931 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4932 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4933 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4937 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4939 struct ieee80211_hw *hw = wl->hw;
4941 ssb_set_devtypedata(dev, NULL);
4942 ieee80211_free_hw(hw);
4945 static struct b43_wl *b43_wireless_init(struct ssb_device *dev)
4947 struct ssb_sprom *sprom = &dev->bus->sprom;
4948 struct ieee80211_hw *hw;
4951 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4953 b43err(NULL, "Could not allocate ieee80211 device\n");
4954 return ERR_PTR(-ENOMEM);
4956 wl = hw_to_b43_wl(hw);
4959 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4960 IEEE80211_HW_SIGNAL_DBM;
4962 hw->wiphy->interface_modes =
4963 BIT(NL80211_IFTYPE_AP) |
4964 BIT(NL80211_IFTYPE_MESH_POINT) |
4965 BIT(NL80211_IFTYPE_STATION) |
4966 BIT(NL80211_IFTYPE_WDS) |
4967 BIT(NL80211_IFTYPE_ADHOC);
4969 hw->queues = modparam_qos ? 4 : 1;
4970 wl->mac80211_initially_registered_queues = hw->queues;
4972 SET_IEEE80211_DEV(hw, dev->dev);
4973 if (is_valid_ether_addr(sprom->et1mac))
4974 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4976 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4978 /* Initialize struct b43_wl */
4980 mutex_init(&wl->mutex);
4981 spin_lock_init(&wl->hardirq_lock);
4982 INIT_LIST_HEAD(&wl->devlist);
4983 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4984 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4985 INIT_WORK(&wl->tx_work, b43_tx_work);
4986 skb_queue_head_init(&wl->tx_queue);
4988 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
4989 dev->bus->chip_id, dev->id.revision);
4993 static int b43_ssb_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4999 wl = ssb_get_devtypedata(dev);
5001 /* Probing the first core. Must setup common struct b43_wl */
5003 b43_sprom_fixup(dev->bus);
5004 wl = b43_wireless_init(dev);
5009 ssb_set_devtypedata(dev, wl);
5010 B43_WARN_ON(ssb_get_devtypedata(dev) != wl);
5012 err = b43_one_core_attach(dev, wl);
5014 goto err_wireless_exit;
5017 err = ieee80211_register_hw(wl->hw);
5019 goto err_one_core_detach;
5020 b43_leds_register(wl->current_dev);
5026 err_one_core_detach:
5027 b43_one_core_detach(dev);
5030 b43_wireless_exit(dev, wl);
5034 static void b43_ssb_remove(struct ssb_device *dev)
5036 struct b43_wl *wl = ssb_get_devtypedata(dev);
5037 struct b43_wldev *wldev = ssb_get_drvdata(dev);
5039 /* We must cancel any work here before unregistering from ieee80211,
5040 * as the ieee80211 unreg will destroy the workqueue. */
5041 cancel_work_sync(&wldev->restart_work);
5044 if (wl->current_dev == wldev) {
5045 /* Restore the queues count before unregistering, because firmware detect
5046 * might have modified it. Restoring is important, so the networking
5047 * stack can properly free resources. */
5048 wl->hw->queues = wl->mac80211_initially_registered_queues;
5049 b43_leds_stop(wldev);
5050 ieee80211_unregister_hw(wl->hw);
5053 b43_one_core_detach(dev);
5055 if (list_empty(&wl->devlist)) {
5056 b43_leds_unregister(wl);
5057 /* Last core on the chip unregistered.
5058 * We can destroy common struct b43_wl.
5060 b43_wireless_exit(dev, wl);
5064 /* Perform a hardware reset. This can be called from any context. */
5065 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5067 /* Must avoid requeueing, if we are in shutdown. */
5068 if (b43_status(dev) < B43_STAT_INITIALIZED)
5070 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5071 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5074 static struct ssb_driver b43_ssb_driver = {
5075 .name = KBUILD_MODNAME,
5076 .id_table = b43_ssb_tbl,
5077 .probe = b43_ssb_probe,
5078 .remove = b43_ssb_remove,
5081 static void b43_print_driverinfo(void)
5083 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5084 *feat_leds = "", *feat_sdio = "";
5086 #ifdef CONFIG_B43_PCI_AUTOSELECT
5089 #ifdef CONFIG_B43_PCMCIA
5092 #ifdef CONFIG_B43_PHY_N
5095 #ifdef CONFIG_B43_LEDS
5098 #ifdef CONFIG_B43_SDIO
5101 printk(KERN_INFO "Broadcom 43xx driver loaded "
5102 "[ Features: %s%s%s%s%s, Firmware-ID: "
5103 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5104 feat_pci, feat_pcmcia, feat_nphy,
5105 feat_leds, feat_sdio);
5108 static int __init b43_init(void)
5113 err = b43_pcmcia_init();
5116 err = b43_sdio_init();
5118 goto err_pcmcia_exit;
5119 err = ssb_driver_register(&b43_ssb_driver);
5122 b43_print_driverinfo();
5135 static void __exit b43_exit(void)
5137 ssb_driver_unregister(&b43_ssb_driver);
5143 module_init(b43_init)
5144 module_exit(b43_exit)
projects / kernel / linux-3.0.git / blob