Loading...
Note: File does not exist in v6.8.
1/*
2
3 Broadcom B43 wireless driver
4
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <m@bues.ch>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
10 Copyright (c) 2010-2011 Rafał Miłecki <zajec5@gmail.com>
11
12 SDIO support
13 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
14
15 Some parts of the code in this file are derived from the ipw2200
16 driver Copyright(c) 2003 - 2004 Intel Corporation.
17
18 This program is free software; you can redistribute it and/or modify
19 it under the terms of the GNU General Public License as published by
20 the Free Software Foundation; either version 2 of the License, or
21 (at your option) any later version.
22
23 This program is distributed in the hope that it will be useful,
24 but WITHOUT ANY WARRANTY; without even the implied warranty of
25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 GNU General Public License for more details.
27
28 You should have received a copy of the GNU General Public License
29 along with this program; see the file COPYING. If not, write to
30 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
31 Boston, MA 02110-1301, USA.
32
33*/
34
35#include <linux/delay.h>
36#include <linux/init.h>
37#include <linux/module.h>
38#include <linux/if_arp.h>
39#include <linux/etherdevice.h>
40#include <linux/firmware.h>
41#include <linux/workqueue.h>
42#include <linux/skbuff.h>
43#include <linux/io.h>
44#include <linux/dma-mapping.h>
45#include <linux/slab.h>
46#include <asm/unaligned.h>
47
48#include "b43.h"
49#include "main.h"
50#include "debugfs.h"
51#include "phy_common.h"
52#include "phy_g.h"
53#include "phy_n.h"
54#include "dma.h"
55#include "pio.h"
56#include "sysfs.h"
57#include "xmit.h"
58#include "lo.h"
59#include "pcmcia.h"
60#include "sdio.h"
61#include <linux/mmc/sdio_func.h>
62
63MODULE_DESCRIPTION("Broadcom B43 wireless driver");
64MODULE_AUTHOR("Martin Langer");
65MODULE_AUTHOR("Stefano Brivio");
66MODULE_AUTHOR("Michael Buesch");
67MODULE_AUTHOR("Gábor Stefanik");
68MODULE_AUTHOR("Rafał Miłecki");
69MODULE_LICENSE("GPL");
70
71MODULE_FIRMWARE("b43/ucode11.fw");
72MODULE_FIRMWARE("b43/ucode13.fw");
73MODULE_FIRMWARE("b43/ucode14.fw");
74MODULE_FIRMWARE("b43/ucode15.fw");
75MODULE_FIRMWARE("b43/ucode16_mimo.fw");
76MODULE_FIRMWARE("b43/ucode5.fw");
77MODULE_FIRMWARE("b43/ucode9.fw");
78
79static int modparam_bad_frames_preempt;
80module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
81MODULE_PARM_DESC(bad_frames_preempt,
82 "enable(1) / disable(0) Bad Frames Preemption");
83
84static char modparam_fwpostfix[16];
85module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
86MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
87
88static int modparam_hwpctl;
89module_param_named(hwpctl, modparam_hwpctl, int, 0444);
90MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
91
92static int modparam_nohwcrypt;
93module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
94MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
95
96static int modparam_hwtkip;
97module_param_named(hwtkip, modparam_hwtkip, int, 0444);
98MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
99
100static int modparam_qos = 1;
101module_param_named(qos, modparam_qos, int, 0444);
102MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
103
104static int modparam_btcoex = 1;
105module_param_named(btcoex, modparam_btcoex, int, 0444);
106MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
107
108int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
109module_param_named(verbose, b43_modparam_verbose, int, 0644);
110MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
111
112static int b43_modparam_pio = 0;
113module_param_named(pio, b43_modparam_pio, int, 0644);
114MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
115
116static int modparam_allhwsupport = !IS_ENABLED(CONFIG_BRCMSMAC);
117module_param_named(allhwsupport, modparam_allhwsupport, int, 0444);
118MODULE_PARM_DESC(allhwsupport, "Enable support for all hardware (even it if overlaps with the brcmsmac driver)");
119
120#ifdef CONFIG_B43_BCMA
121static const struct bcma_device_id b43_bcma_tbl[] = {
122 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x11, BCMA_ANY_CLASS),
123 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS),
124 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS),
125 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS),
126 BCMA_CORETABLE_END
127};
128MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl);
129#endif
130
131#ifdef CONFIG_B43_SSB
132static const struct ssb_device_id b43_ssb_tbl[] = {
133 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
134 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
135 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
136 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
137 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
138 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
139 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
140 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
141 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
142 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
143 SSB_DEVTABLE_END
144};
145MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
146#endif
147
148/* Channel and ratetables are shared for all devices.
149 * They can't be const, because ieee80211 puts some precalculated
150 * data in there. This data is the same for all devices, so we don't
151 * get concurrency issues */
152#define RATETAB_ENT(_rateid, _flags) \
153 { \
154 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
155 .hw_value = (_rateid), \
156 .flags = (_flags), \
157 }
158
159/*
160 * NOTE: When changing this, sync with xmit.c's
161 * b43_plcp_get_bitrate_idx_* functions!
162 */
163static struct ieee80211_rate __b43_ratetable[] = {
164 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
165 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
166 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
167 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
168 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
169 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
170 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
171 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
172 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
173 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
174 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
175 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
176};
177
178#define b43_a_ratetable (__b43_ratetable + 4)
179#define b43_a_ratetable_size 8
180#define b43_b_ratetable (__b43_ratetable + 0)
181#define b43_b_ratetable_size 4
182#define b43_g_ratetable (__b43_ratetable + 0)
183#define b43_g_ratetable_size 12
184
185#define CHAN4G(_channel, _freq, _flags) { \
186 .band = IEEE80211_BAND_2GHZ, \
187 .center_freq = (_freq), \
188 .hw_value = (_channel), \
189 .flags = (_flags), \
190 .max_antenna_gain = 0, \
191 .max_power = 30, \
192}
193static struct ieee80211_channel b43_2ghz_chantable[] = {
194 CHAN4G(1, 2412, 0),
195 CHAN4G(2, 2417, 0),
196 CHAN4G(3, 2422, 0),
197 CHAN4G(4, 2427, 0),
198 CHAN4G(5, 2432, 0),
199 CHAN4G(6, 2437, 0),
200 CHAN4G(7, 2442, 0),
201 CHAN4G(8, 2447, 0),
202 CHAN4G(9, 2452, 0),
203 CHAN4G(10, 2457, 0),
204 CHAN4G(11, 2462, 0),
205 CHAN4G(12, 2467, 0),
206 CHAN4G(13, 2472, 0),
207 CHAN4G(14, 2484, 0),
208};
209#undef CHAN4G
210
211#define CHAN5G(_channel, _flags) { \
212 .band = IEEE80211_BAND_5GHZ, \
213 .center_freq = 5000 + (5 * (_channel)), \
214 .hw_value = (_channel), \
215 .flags = (_flags), \
216 .max_antenna_gain = 0, \
217 .max_power = 30, \
218}
219static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
220 CHAN5G(32, 0), CHAN5G(34, 0),
221 CHAN5G(36, 0), CHAN5G(38, 0),
222 CHAN5G(40, 0), CHAN5G(42, 0),
223 CHAN5G(44, 0), CHAN5G(46, 0),
224 CHAN5G(48, 0), CHAN5G(50, 0),
225 CHAN5G(52, 0), CHAN5G(54, 0),
226 CHAN5G(56, 0), CHAN5G(58, 0),
227 CHAN5G(60, 0), CHAN5G(62, 0),
228 CHAN5G(64, 0), CHAN5G(66, 0),
229 CHAN5G(68, 0), CHAN5G(70, 0),
230 CHAN5G(72, 0), CHAN5G(74, 0),
231 CHAN5G(76, 0), CHAN5G(78, 0),
232 CHAN5G(80, 0), CHAN5G(82, 0),
233 CHAN5G(84, 0), CHAN5G(86, 0),
234 CHAN5G(88, 0), CHAN5G(90, 0),
235 CHAN5G(92, 0), CHAN5G(94, 0),
236 CHAN5G(96, 0), CHAN5G(98, 0),
237 CHAN5G(100, 0), CHAN5G(102, 0),
238 CHAN5G(104, 0), CHAN5G(106, 0),
239 CHAN5G(108, 0), CHAN5G(110, 0),
240 CHAN5G(112, 0), CHAN5G(114, 0),
241 CHAN5G(116, 0), CHAN5G(118, 0),
242 CHAN5G(120, 0), CHAN5G(122, 0),
243 CHAN5G(124, 0), CHAN5G(126, 0),
244 CHAN5G(128, 0), CHAN5G(130, 0),
245 CHAN5G(132, 0), CHAN5G(134, 0),
246 CHAN5G(136, 0), CHAN5G(138, 0),
247 CHAN5G(140, 0), CHAN5G(142, 0),
248 CHAN5G(144, 0), CHAN5G(145, 0),
249 CHAN5G(146, 0), CHAN5G(147, 0),
250 CHAN5G(148, 0), CHAN5G(149, 0),
251 CHAN5G(150, 0), CHAN5G(151, 0),
252 CHAN5G(152, 0), CHAN5G(153, 0),
253 CHAN5G(154, 0), CHAN5G(155, 0),
254 CHAN5G(156, 0), CHAN5G(157, 0),
255 CHAN5G(158, 0), CHAN5G(159, 0),
256 CHAN5G(160, 0), CHAN5G(161, 0),
257 CHAN5G(162, 0), CHAN5G(163, 0),
258 CHAN5G(164, 0), CHAN5G(165, 0),
259 CHAN5G(166, 0), CHAN5G(168, 0),
260 CHAN5G(170, 0), CHAN5G(172, 0),
261 CHAN5G(174, 0), CHAN5G(176, 0),
262 CHAN5G(178, 0), CHAN5G(180, 0),
263 CHAN5G(182, 0), CHAN5G(184, 0),
264 CHAN5G(186, 0), CHAN5G(188, 0),
265 CHAN5G(190, 0), CHAN5G(192, 0),
266 CHAN5G(194, 0), CHAN5G(196, 0),
267 CHAN5G(198, 0), CHAN5G(200, 0),
268 CHAN5G(202, 0), CHAN5G(204, 0),
269 CHAN5G(206, 0), CHAN5G(208, 0),
270 CHAN5G(210, 0), CHAN5G(212, 0),
271 CHAN5G(214, 0), CHAN5G(216, 0),
272 CHAN5G(218, 0), CHAN5G(220, 0),
273 CHAN5G(222, 0), CHAN5G(224, 0),
274 CHAN5G(226, 0), CHAN5G(228, 0),
275};
276
277static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
278 CHAN5G(34, 0), CHAN5G(36, 0),
279 CHAN5G(38, 0), CHAN5G(40, 0),
280 CHAN5G(42, 0), CHAN5G(44, 0),
281 CHAN5G(46, 0), CHAN5G(48, 0),
282 CHAN5G(52, 0), CHAN5G(56, 0),
283 CHAN5G(60, 0), CHAN5G(64, 0),
284 CHAN5G(100, 0), CHAN5G(104, 0),
285 CHAN5G(108, 0), CHAN5G(112, 0),
286 CHAN5G(116, 0), CHAN5G(120, 0),
287 CHAN5G(124, 0), CHAN5G(128, 0),
288 CHAN5G(132, 0), CHAN5G(136, 0),
289 CHAN5G(140, 0), CHAN5G(149, 0),
290 CHAN5G(153, 0), CHAN5G(157, 0),
291 CHAN5G(161, 0), CHAN5G(165, 0),
292 CHAN5G(184, 0), CHAN5G(188, 0),
293 CHAN5G(192, 0), CHAN5G(196, 0),
294 CHAN5G(200, 0), CHAN5G(204, 0),
295 CHAN5G(208, 0), CHAN5G(212, 0),
296 CHAN5G(216, 0),
297};
298#undef CHAN5G
299
300static struct ieee80211_supported_band b43_band_5GHz_nphy = {
301 .band = IEEE80211_BAND_5GHZ,
302 .channels = b43_5ghz_nphy_chantable,
303 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
304 .bitrates = b43_a_ratetable,
305 .n_bitrates = b43_a_ratetable_size,
306};
307
308static struct ieee80211_supported_band b43_band_5GHz_aphy = {
309 .band = IEEE80211_BAND_5GHZ,
310 .channels = b43_5ghz_aphy_chantable,
311 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
312 .bitrates = b43_a_ratetable,
313 .n_bitrates = b43_a_ratetable_size,
314};
315
316static struct ieee80211_supported_band b43_band_2GHz = {
317 .band = IEEE80211_BAND_2GHZ,
318 .channels = b43_2ghz_chantable,
319 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
320 .bitrates = b43_g_ratetable,
321 .n_bitrates = b43_g_ratetable_size,
322};
323
324static void b43_wireless_core_exit(struct b43_wldev *dev);
325static int b43_wireless_core_init(struct b43_wldev *dev);
326static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
327static int b43_wireless_core_start(struct b43_wldev *dev);
328static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
329 struct ieee80211_vif *vif,
330 struct ieee80211_bss_conf *conf,
331 u32 changed);
332
333static int b43_ratelimit(struct b43_wl *wl)
334{
335 if (!wl || !wl->current_dev)
336 return 1;
337 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
338 return 1;
339 /* We are up and running.
340 * Ratelimit the messages to avoid DoS over the net. */
341 return net_ratelimit();
342}
343
344void b43info(struct b43_wl *wl, const char *fmt, ...)
345{
346 struct va_format vaf;
347 va_list args;
348
349 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
350 return;
351 if (!b43_ratelimit(wl))
352 return;
353
354 va_start(args, fmt);
355
356 vaf.fmt = fmt;
357 vaf.va = &args;
358
359 printk(KERN_INFO "b43-%s: %pV",
360 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
361
362 va_end(args);
363}
364
365void b43err(struct b43_wl *wl, const char *fmt, ...)
366{
367 struct va_format vaf;
368 va_list args;
369
370 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
371 return;
372 if (!b43_ratelimit(wl))
373 return;
374
375 va_start(args, fmt);
376
377 vaf.fmt = fmt;
378 vaf.va = &args;
379
380 printk(KERN_ERR "b43-%s ERROR: %pV",
381 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
382
383 va_end(args);
384}
385
386void b43warn(struct b43_wl *wl, const char *fmt, ...)
387{
388 struct va_format vaf;
389 va_list args;
390
391 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
392 return;
393 if (!b43_ratelimit(wl))
394 return;
395
396 va_start(args, fmt);
397
398 vaf.fmt = fmt;
399 vaf.va = &args;
400
401 printk(KERN_WARNING "b43-%s warning: %pV",
402 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
403
404 va_end(args);
405}
406
407void b43dbg(struct b43_wl *wl, const char *fmt, ...)
408{
409 struct va_format vaf;
410 va_list args;
411
412 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
413 return;
414
415 va_start(args, fmt);
416
417 vaf.fmt = fmt;
418 vaf.va = &args;
419
420 printk(KERN_DEBUG "b43-%s debug: %pV",
421 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
422
423 va_end(args);
424}
425
426static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
427{
428 u32 macctl;
429
430 B43_WARN_ON(offset % 4 != 0);
431
432 macctl = b43_read32(dev, B43_MMIO_MACCTL);
433 if (macctl & B43_MACCTL_BE)
434 val = swab32(val);
435
436 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
437 mmiowb();
438 b43_write32(dev, B43_MMIO_RAM_DATA, val);
439}
440
441static inline void b43_shm_control_word(struct b43_wldev *dev,
442 u16 routing, u16 offset)
443{
444 u32 control;
445
446 /* "offset" is the WORD offset. */
447 control = routing;
448 control <<= 16;
449 control |= offset;
450 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
451}
452
453u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
454{
455 u32 ret;
456
457 if (routing == B43_SHM_SHARED) {
458 B43_WARN_ON(offset & 0x0001);
459 if (offset & 0x0003) {
460 /* Unaligned access */
461 b43_shm_control_word(dev, routing, offset >> 2);
462 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
463 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
464 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
465
466 goto out;
467 }
468 offset >>= 2;
469 }
470 b43_shm_control_word(dev, routing, offset);
471 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
472out:
473 return ret;
474}
475
476u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
477{
478 u16 ret;
479
480 if (routing == B43_SHM_SHARED) {
481 B43_WARN_ON(offset & 0x0001);
482 if (offset & 0x0003) {
483 /* Unaligned access */
484 b43_shm_control_word(dev, routing, offset >> 2);
485 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
486
487 goto out;
488 }
489 offset >>= 2;
490 }
491 b43_shm_control_word(dev, routing, offset);
492 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
493out:
494 return ret;
495}
496
497void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
498{
499 if (routing == B43_SHM_SHARED) {
500 B43_WARN_ON(offset & 0x0001);
501 if (offset & 0x0003) {
502 /* Unaligned access */
503 b43_shm_control_word(dev, routing, offset >> 2);
504 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
505 value & 0xFFFF);
506 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
507 b43_write16(dev, B43_MMIO_SHM_DATA,
508 (value >> 16) & 0xFFFF);
509 return;
510 }
511 offset >>= 2;
512 }
513 b43_shm_control_word(dev, routing, offset);
514 b43_write32(dev, B43_MMIO_SHM_DATA, value);
515}
516
517void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
518{
519 if (routing == B43_SHM_SHARED) {
520 B43_WARN_ON(offset & 0x0001);
521 if (offset & 0x0003) {
522 /* Unaligned access */
523 b43_shm_control_word(dev, routing, offset >> 2);
524 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
525 return;
526 }
527 offset >>= 2;
528 }
529 b43_shm_control_word(dev, routing, offset);
530 b43_write16(dev, B43_MMIO_SHM_DATA, value);
531}
532
533/* Read HostFlags */
534u64 b43_hf_read(struct b43_wldev *dev)
535{
536 u64 ret;
537
538 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF3);
539 ret <<= 16;
540 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF2);
541 ret <<= 16;
542 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF1);
543
544 return ret;
545}
546
547/* Write HostFlags */
548void b43_hf_write(struct b43_wldev *dev, u64 value)
549{
550 u16 lo, mi, hi;
551
552 lo = (value & 0x00000000FFFFULL);
553 mi = (value & 0x0000FFFF0000ULL) >> 16;
554 hi = (value & 0xFFFF00000000ULL) >> 32;
555 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF1, lo);
556 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF2, mi);
557 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF3, hi);
558}
559
560/* Read the firmware capabilities bitmask (Opensource firmware only) */
561static u16 b43_fwcapa_read(struct b43_wldev *dev)
562{
563 B43_WARN_ON(!dev->fw.opensource);
564 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
565}
566
567void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
568{
569 u32 low, high;
570
571 B43_WARN_ON(dev->dev->core_rev < 3);
572
573 /* The hardware guarantees us an atomic read, if we
574 * read the low register first. */
575 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
576 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
577
578 *tsf = high;
579 *tsf <<= 32;
580 *tsf |= low;
581}
582
583static void b43_time_lock(struct b43_wldev *dev)
584{
585 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_TBTTHOLD);
586 /* Commit the write */
587 b43_read32(dev, B43_MMIO_MACCTL);
588}
589
590static void b43_time_unlock(struct b43_wldev *dev)
591{
592 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_TBTTHOLD, 0);
593 /* Commit the write */
594 b43_read32(dev, B43_MMIO_MACCTL);
595}
596
597static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
598{
599 u32 low, high;
600
601 B43_WARN_ON(dev->dev->core_rev < 3);
602
603 low = tsf;
604 high = (tsf >> 32);
605 /* The hardware guarantees us an atomic write, if we
606 * write the low register first. */
607 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
608 mmiowb();
609 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
610 mmiowb();
611}
612
613void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
614{
615 b43_time_lock(dev);
616 b43_tsf_write_locked(dev, tsf);
617 b43_time_unlock(dev);
618}
619
620static
621void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
622{
623 static const u8 zero_addr[ETH_ALEN] = { 0 };
624 u16 data;
625
626 if (!mac)
627 mac = zero_addr;
628
629 offset |= 0x0020;
630 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
631
632 data = mac[0];
633 data |= mac[1] << 8;
634 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
635 data = mac[2];
636 data |= mac[3] << 8;
637 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
638 data = mac[4];
639 data |= mac[5] << 8;
640 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
641}
642
643static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
644{
645 const u8 *mac;
646 const u8 *bssid;
647 u8 mac_bssid[ETH_ALEN * 2];
648 int i;
649 u32 tmp;
650
651 bssid = dev->wl->bssid;
652 mac = dev->wl->mac_addr;
653
654 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
655
656 memcpy(mac_bssid, mac, ETH_ALEN);
657 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
658
659 /* Write our MAC address and BSSID to template ram */
660 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
661 tmp = (u32) (mac_bssid[i + 0]);
662 tmp |= (u32) (mac_bssid[i + 1]) << 8;
663 tmp |= (u32) (mac_bssid[i + 2]) << 16;
664 tmp |= (u32) (mac_bssid[i + 3]) << 24;
665 b43_ram_write(dev, 0x20 + i, tmp);
666 }
667}
668
669static void b43_upload_card_macaddress(struct b43_wldev *dev)
670{
671 b43_write_mac_bssid_templates(dev);
672 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
673}
674
675static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
676{
677 /* slot_time is in usec. */
678 /* This test used to exit for all but a G PHY. */
679 if (b43_current_band(dev->wl) == IEEE80211_BAND_5GHZ)
680 return;
681 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
682 /* Shared memory location 0x0010 is the slot time and should be
683 * set to slot_time; however, this register is initially 0 and changing
684 * the value adversely affects the transmit rate for BCM4311
685 * devices. Until this behavior is unterstood, delete this step
686 *
687 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
688 */
689}
690
691static void b43_short_slot_timing_enable(struct b43_wldev *dev)
692{
693 b43_set_slot_time(dev, 9);
694}
695
696static void b43_short_slot_timing_disable(struct b43_wldev *dev)
697{
698 b43_set_slot_time(dev, 20);
699}
700
701/* DummyTransmission function, as documented on
702 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
703 */
704void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
705{
706 struct b43_phy *phy = &dev->phy;
707 unsigned int i, max_loop;
708 u16 value;
709 u32 buffer[5] = {
710 0x00000000,
711 0x00D40000,
712 0x00000000,
713 0x01000000,
714 0x00000000,
715 };
716
717 if (ofdm) {
718 max_loop = 0x1E;
719 buffer[0] = 0x000201CC;
720 } else {
721 max_loop = 0xFA;
722 buffer[0] = 0x000B846E;
723 }
724
725 for (i = 0; i < 5; i++)
726 b43_ram_write(dev, i * 4, buffer[i]);
727
728 b43_write16(dev, B43_MMIO_XMTSEL, 0x0000);
729
730 if (dev->dev->core_rev < 11)
731 b43_write16(dev, B43_MMIO_WEPCTL, 0x0000);
732 else
733 b43_write16(dev, B43_MMIO_WEPCTL, 0x0100);
734
735 value = (ofdm ? 0x41 : 0x40);
736 b43_write16(dev, B43_MMIO_TXE0_PHYCTL, value);
737 if (phy->type == B43_PHYTYPE_N || phy->type == B43_PHYTYPE_LP ||
738 phy->type == B43_PHYTYPE_LCN)
739 b43_write16(dev, B43_MMIO_TXE0_PHYCTL1, 0x1A02);
740
741 b43_write16(dev, B43_MMIO_TXE0_WM_0, 0x0000);
742 b43_write16(dev, B43_MMIO_TXE0_WM_1, 0x0000);
743
744 b43_write16(dev, B43_MMIO_XMTTPLATETXPTR, 0x0000);
745 b43_write16(dev, B43_MMIO_XMTTXCNT, 0x0014);
746 b43_write16(dev, B43_MMIO_XMTSEL, 0x0826);
747 b43_write16(dev, B43_MMIO_TXE0_CTL, 0x0000);
748
749 if (!pa_on && phy->type == B43_PHYTYPE_N)
750 ; /*b43_nphy_pa_override(dev, false) */
751
752 switch (phy->type) {
753 case B43_PHYTYPE_N:
754 case B43_PHYTYPE_LCN:
755 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x00D0);
756 break;
757 case B43_PHYTYPE_LP:
758 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0050);
759 break;
760 default:
761 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0030);
762 }
763 b43_read16(dev, B43_MMIO_TXE0_AUX);
764
765 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
766 b43_radio_write16(dev, 0x0051, 0x0017);
767 for (i = 0x00; i < max_loop; i++) {
768 value = b43_read16(dev, B43_MMIO_TXE0_STATUS);
769 if (value & 0x0080)
770 break;
771 udelay(10);
772 }
773 for (i = 0x00; i < 0x0A; i++) {
774 value = b43_read16(dev, B43_MMIO_TXE0_STATUS);
775 if (value & 0x0400)
776 break;
777 udelay(10);
778 }
779 for (i = 0x00; i < 0x19; i++) {
780 value = b43_read16(dev, B43_MMIO_IFSSTAT);
781 if (!(value & 0x0100))
782 break;
783 udelay(10);
784 }
785 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
786 b43_radio_write16(dev, 0x0051, 0x0037);
787}
788
789static void key_write(struct b43_wldev *dev,
790 u8 index, u8 algorithm, const u8 *key)
791{
792 unsigned int i;
793 u32 offset;
794 u16 value;
795 u16 kidx;
796
797 /* Key index/algo block */
798 kidx = b43_kidx_to_fw(dev, index);
799 value = ((kidx << 4) | algorithm);
800 b43_shm_write16(dev, B43_SHM_SHARED,
801 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
802
803 /* Write the key to the Key Table Pointer offset */
804 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
805 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
806 value = key[i];
807 value |= (u16) (key[i + 1]) << 8;
808 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
809 }
810}
811
812static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
813{
814 u32 addrtmp[2] = { 0, 0, };
815 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
816
817 if (b43_new_kidx_api(dev))
818 pairwise_keys_start = B43_NR_GROUP_KEYS;
819
820 B43_WARN_ON(index < pairwise_keys_start);
821 /* We have four default TX keys and possibly four default RX keys.
822 * Physical mac 0 is mapped to physical key 4 or 8, depending
823 * on the firmware version.
824 * So we must adjust the index here.
825 */
826 index -= pairwise_keys_start;
827 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
828
829 if (addr) {
830 addrtmp[0] = addr[0];
831 addrtmp[0] |= ((u32) (addr[1]) << 8);
832 addrtmp[0] |= ((u32) (addr[2]) << 16);
833 addrtmp[0] |= ((u32) (addr[3]) << 24);
834 addrtmp[1] = addr[4];
835 addrtmp[1] |= ((u32) (addr[5]) << 8);
836 }
837
838 /* Receive match transmitter address (RCMTA) mechanism */
839 b43_shm_write32(dev, B43_SHM_RCMTA,
840 (index * 2) + 0, addrtmp[0]);
841 b43_shm_write16(dev, B43_SHM_RCMTA,
842 (index * 2) + 1, addrtmp[1]);
843}
844
845/* The ucode will use phase1 key with TEK key to decrypt rx packets.
846 * When a packet is received, the iv32 is checked.
847 * - if it doesn't the packet is returned without modification (and software
848 * decryption can be done). That's what happen when iv16 wrap.
849 * - if it does, the rc4 key is computed, and decryption is tried.
850 * Either it will success and B43_RX_MAC_DEC is returned,
851 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
852 * and the packet is not usable (it got modified by the ucode).
853 * So in order to never have B43_RX_MAC_DECERR, we should provide
854 * a iv32 and phase1key that match. Because we drop packets in case of
855 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
856 * packets will be lost without higher layer knowing (ie no resync possible
857 * until next wrap).
858 *
859 * NOTE : this should support 50 key like RCMTA because
860 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
861 */
862static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
863 u16 *phase1key)
864{
865 unsigned int i;
866 u32 offset;
867 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
868
869 if (!modparam_hwtkip)
870 return;
871
872 if (b43_new_kidx_api(dev))
873 pairwise_keys_start = B43_NR_GROUP_KEYS;
874
875 B43_WARN_ON(index < pairwise_keys_start);
876 /* We have four default TX keys and possibly four default RX keys.
877 * Physical mac 0 is mapped to physical key 4 or 8, depending
878 * on the firmware version.
879 * So we must adjust the index here.
880 */
881 index -= pairwise_keys_start;
882 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
883
884 if (b43_debug(dev, B43_DBG_KEYS)) {
885 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
886 index, iv32);
887 }
888 /* Write the key to the RX tkip shared mem */
889 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
890 for (i = 0; i < 10; i += 2) {
891 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
892 phase1key ? phase1key[i / 2] : 0);
893 }
894 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
895 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
896}
897
898static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
899 struct ieee80211_vif *vif,
900 struct ieee80211_key_conf *keyconf,
901 struct ieee80211_sta *sta,
902 u32 iv32, u16 *phase1key)
903{
904 struct b43_wl *wl = hw_to_b43_wl(hw);
905 struct b43_wldev *dev;
906 int index = keyconf->hw_key_idx;
907
908 if (B43_WARN_ON(!modparam_hwtkip))
909 return;
910
911 /* This is only called from the RX path through mac80211, where
912 * our mutex is already locked. */
913 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
914 dev = wl->current_dev;
915 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
916
917 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
918
919 rx_tkip_phase1_write(dev, index, iv32, phase1key);
920 /* only pairwise TKIP keys are supported right now */
921 if (WARN_ON(!sta))
922 return;
923 keymac_write(dev, index, sta->addr);
924}
925
926static void do_key_write(struct b43_wldev *dev,
927 u8 index, u8 algorithm,
928 const u8 *key, size_t key_len, const u8 *mac_addr)
929{
930 u8 buf[B43_SEC_KEYSIZE] = { 0, };
931 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
932
933 if (b43_new_kidx_api(dev))
934 pairwise_keys_start = B43_NR_GROUP_KEYS;
935
936 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
937 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
938
939 if (index >= pairwise_keys_start)
940 keymac_write(dev, index, NULL); /* First zero out mac. */
941 if (algorithm == B43_SEC_ALGO_TKIP) {
942 /*
943 * We should provide an initial iv32, phase1key pair.
944 * We could start with iv32=0 and compute the corresponding
945 * phase1key, but this means calling ieee80211_get_tkip_key
946 * with a fake skb (or export other tkip function).
947 * Because we are lazy we hope iv32 won't start with
948 * 0xffffffff and let's b43_op_update_tkip_key provide a
949 * correct pair.
950 */
951 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
952 } else if (index >= pairwise_keys_start) /* clear it */
953 rx_tkip_phase1_write(dev, index, 0, NULL);
954 if (key)
955 memcpy(buf, key, key_len);
956 key_write(dev, index, algorithm, buf);
957 if (index >= pairwise_keys_start)
958 keymac_write(dev, index, mac_addr);
959
960 dev->key[index].algorithm = algorithm;
961}
962
963static int b43_key_write(struct b43_wldev *dev,
964 int index, u8 algorithm,
965 const u8 *key, size_t key_len,
966 const u8 *mac_addr,
967 struct ieee80211_key_conf *keyconf)
968{
969 int i;
970 int pairwise_keys_start;
971
972 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
973 * - Temporal Encryption Key (128 bits)
974 * - Temporal Authenticator Tx MIC Key (64 bits)
975 * - Temporal Authenticator Rx MIC Key (64 bits)
976 *
977 * Hardware only store TEK
978 */
979 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
980 key_len = 16;
981 if (key_len > B43_SEC_KEYSIZE)
982 return -EINVAL;
983 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
984 /* Check that we don't already have this key. */
985 B43_WARN_ON(dev->key[i].keyconf == keyconf);
986 }
987 if (index < 0) {
988 /* Pairwise key. Get an empty slot for the key. */
989 if (b43_new_kidx_api(dev))
990 pairwise_keys_start = B43_NR_GROUP_KEYS;
991 else
992 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
993 for (i = pairwise_keys_start;
994 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
995 i++) {
996 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
997 if (!dev->key[i].keyconf) {
998 /* found empty */
999 index = i;
1000 break;
1001 }
1002 }
1003 if (index < 0) {
1004 b43warn(dev->wl, "Out of hardware key memory\n");
1005 return -ENOSPC;
1006 }
1007 } else
1008 B43_WARN_ON(index > 3);
1009
1010 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
1011 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1012 /* Default RX key */
1013 B43_WARN_ON(mac_addr);
1014 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
1015 }
1016 keyconf->hw_key_idx = index;
1017 dev->key[index].keyconf = keyconf;
1018
1019 return 0;
1020}
1021
1022static int b43_key_clear(struct b43_wldev *dev, int index)
1023{
1024 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1025 return -EINVAL;
1026 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1027 NULL, B43_SEC_KEYSIZE, NULL);
1028 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1029 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1030 NULL, B43_SEC_KEYSIZE, NULL);
1031 }
1032 dev->key[index].keyconf = NULL;
1033
1034 return 0;
1035}
1036
1037static void b43_clear_keys(struct b43_wldev *dev)
1038{
1039 int i, count;
1040
1041 if (b43_new_kidx_api(dev))
1042 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1043 else
1044 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1045 for (i = 0; i < count; i++)
1046 b43_key_clear(dev, i);
1047}
1048
1049static void b43_dump_keymemory(struct b43_wldev *dev)
1050{
1051 unsigned int i, index, count, offset, pairwise_keys_start;
1052 u8 mac[ETH_ALEN];
1053 u16 algo;
1054 u32 rcmta0;
1055 u16 rcmta1;
1056 u64 hf;
1057 struct b43_key *key;
1058
1059 if (!b43_debug(dev, B43_DBG_KEYS))
1060 return;
1061
1062 hf = b43_hf_read(dev);
1063 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1064 !!(hf & B43_HF_USEDEFKEYS));
1065 if (b43_new_kidx_api(dev)) {
1066 pairwise_keys_start = B43_NR_GROUP_KEYS;
1067 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1068 } else {
1069 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1070 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1071 }
1072 for (index = 0; index < count; index++) {
1073 key = &(dev->key[index]);
1074 printk(KERN_DEBUG "Key slot %02u: %s",
1075 index, (key->keyconf == NULL) ? " " : "*");
1076 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1077 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1078 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1079 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1080 }
1081
1082 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1083 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1084 printk(" Algo: %04X/%02X", algo, key->algorithm);
1085
1086 if (index >= pairwise_keys_start) {
1087 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1088 printk(" TKIP: ");
1089 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1090 for (i = 0; i < 14; i += 2) {
1091 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1092 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1093 }
1094 }
1095 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1096 ((index - pairwise_keys_start) * 2) + 0);
1097 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1098 ((index - pairwise_keys_start) * 2) + 1);
1099 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1100 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1101 printk(" MAC: %pM", mac);
1102 } else
1103 printk(" DEFAULT KEY");
1104 printk("\n");
1105 }
1106}
1107
1108void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1109{
1110 u32 macctl;
1111 u16 ucstat;
1112 bool hwps;
1113 bool awake;
1114 int i;
1115
1116 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1117 (ps_flags & B43_PS_DISABLED));
1118 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1119
1120 if (ps_flags & B43_PS_ENABLED) {
1121 hwps = true;
1122 } else if (ps_flags & B43_PS_DISABLED) {
1123 hwps = false;
1124 } else {
1125 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1126 // and thus is not an AP and we are associated, set bit 25
1127 }
1128 if (ps_flags & B43_PS_AWAKE) {
1129 awake = true;
1130 } else if (ps_flags & B43_PS_ASLEEP) {
1131 awake = false;
1132 } else {
1133 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1134 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1135 // successful, set bit26
1136 }
1137
1138/* FIXME: For now we force awake-on and hwps-off */
1139 hwps = false;
1140 awake = true;
1141
1142 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1143 if (hwps)
1144 macctl |= B43_MACCTL_HWPS;
1145 else
1146 macctl &= ~B43_MACCTL_HWPS;
1147 if (awake)
1148 macctl |= B43_MACCTL_AWAKE;
1149 else
1150 macctl &= ~B43_MACCTL_AWAKE;
1151 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1152 /* Commit write */
1153 b43_read32(dev, B43_MMIO_MACCTL);
1154 if (awake && dev->dev->core_rev >= 5) {
1155 /* Wait for the microcode to wake up. */
1156 for (i = 0; i < 100; i++) {
1157 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1158 B43_SHM_SH_UCODESTAT);
1159 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1160 break;
1161 udelay(10);
1162 }
1163 }
1164}
1165
1166#ifdef CONFIG_B43_BCMA
1167static void b43_bcma_phy_reset(struct b43_wldev *dev)
1168{
1169 u32 flags;
1170
1171 /* Put PHY into reset */
1172 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1173 flags |= B43_BCMA_IOCTL_PHY_RESET;
1174 flags |= B43_BCMA_IOCTL_PHY_BW_20MHZ; /* Make 20 MHz def */
1175 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags);
1176 udelay(2);
1177
1178 /* Take PHY out of reset */
1179 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1180 flags &= ~B43_BCMA_IOCTL_PHY_RESET;
1181 flags |= BCMA_IOCTL_FGC;
1182 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags);
1183 udelay(1);
1184
1185 /* Do not force clock anymore */
1186 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1187 flags &= ~BCMA_IOCTL_FGC;
1188 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags);
1189 udelay(1);
1190}
1191
1192static void b43_bcma_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1193{
1194 u32 req = B43_BCMA_CLKCTLST_80211_PLL_REQ |
1195 B43_BCMA_CLKCTLST_PHY_PLL_REQ;
1196 u32 status = B43_BCMA_CLKCTLST_80211_PLL_ST |
1197 B43_BCMA_CLKCTLST_PHY_PLL_ST;
1198
1199 b43_device_enable(dev, B43_BCMA_IOCTL_PHY_CLKEN);
1200 bcma_core_set_clockmode(dev->dev->bdev, BCMA_CLKMODE_FAST);
1201 b43_bcma_phy_reset(dev);
1202 bcma_core_pll_ctl(dev->dev->bdev, req, status, true);
1203}
1204#endif
1205
1206static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1207{
1208 struct ssb_device *sdev = dev->dev->sdev;
1209 u32 tmslow;
1210 u32 flags = 0;
1211
1212 if (gmode)
1213 flags |= B43_TMSLOW_GMODE;
1214 flags |= B43_TMSLOW_PHYCLKEN;
1215 flags |= B43_TMSLOW_PHYRESET;
1216 if (dev->phy.type == B43_PHYTYPE_N)
1217 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1218 b43_device_enable(dev, flags);
1219 msleep(2); /* Wait for the PLL to turn on. */
1220
1221 /* Now take the PHY out of Reset again */
1222 tmslow = ssb_read32(sdev, SSB_TMSLOW);
1223 tmslow |= SSB_TMSLOW_FGC;
1224 tmslow &= ~B43_TMSLOW_PHYRESET;
1225 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1226 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1227 msleep(1);
1228 tmslow &= ~SSB_TMSLOW_FGC;
1229 ssb_write32(sdev, SSB_TMSLOW, tmslow);
1230 ssb_read32(sdev, SSB_TMSLOW); /* flush */
1231 msleep(1);
1232}
1233
1234void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1235{
1236 u32 macctl;
1237
1238 switch (dev->dev->bus_type) {
1239#ifdef CONFIG_B43_BCMA
1240 case B43_BUS_BCMA:
1241 b43_bcma_wireless_core_reset(dev, gmode);
1242 break;
1243#endif
1244#ifdef CONFIG_B43_SSB
1245 case B43_BUS_SSB:
1246 b43_ssb_wireless_core_reset(dev, gmode);
1247 break;
1248#endif
1249 }
1250
1251 /* Turn Analog ON, but only if we already know the PHY-type.
1252 * This protects against very early setup where we don't know the
1253 * PHY-type, yet. wireless_core_reset will be called once again later,
1254 * when we know the PHY-type. */
1255 if (dev->phy.ops)
1256 dev->phy.ops->switch_analog(dev, 1);
1257
1258 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1259 macctl &= ~B43_MACCTL_GMODE;
1260 if (gmode)
1261 macctl |= B43_MACCTL_GMODE;
1262 macctl |= B43_MACCTL_IHR_ENABLED;
1263 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1264}
1265
1266static void handle_irq_transmit_status(struct b43_wldev *dev)
1267{
1268 u32 v0, v1;
1269 u16 tmp;
1270 struct b43_txstatus stat;
1271
1272 while (1) {
1273 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1274 if (!(v0 & 0x00000001))
1275 break;
1276 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1277
1278 stat.cookie = (v0 >> 16);
1279 stat.seq = (v1 & 0x0000FFFF);
1280 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1281 tmp = (v0 & 0x0000FFFF);
1282 stat.frame_count = ((tmp & 0xF000) >> 12);
1283 stat.rts_count = ((tmp & 0x0F00) >> 8);
1284 stat.supp_reason = ((tmp & 0x001C) >> 2);
1285 stat.pm_indicated = !!(tmp & 0x0080);
1286 stat.intermediate = !!(tmp & 0x0040);
1287 stat.for_ampdu = !!(tmp & 0x0020);
1288 stat.acked = !!(tmp & 0x0002);
1289
1290 b43_handle_txstatus(dev, &stat);
1291 }
1292}
1293
1294static void drain_txstatus_queue(struct b43_wldev *dev)
1295{
1296 u32 dummy;
1297
1298 if (dev->dev->core_rev < 5)
1299 return;
1300 /* Read all entries from the microcode TXstatus FIFO
1301 * and throw them away.
1302 */
1303 while (1) {
1304 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1305 if (!(dummy & 0x00000001))
1306 break;
1307 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1308 }
1309}
1310
1311static u32 b43_jssi_read(struct b43_wldev *dev)
1312{
1313 u32 val = 0;
1314
1315 val = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI1);
1316 val <<= 16;
1317 val |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI0);
1318
1319 return val;
1320}
1321
1322static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1323{
1324 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI0,
1325 (jssi & 0x0000FFFF));
1326 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI1,
1327 (jssi & 0xFFFF0000) >> 16);
1328}
1329
1330static void b43_generate_noise_sample(struct b43_wldev *dev)
1331{
1332 b43_jssi_write(dev, 0x7F7F7F7F);
1333 b43_write32(dev, B43_MMIO_MACCMD,
1334 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1335}
1336
1337static void b43_calculate_link_quality(struct b43_wldev *dev)
1338{
1339 /* Top half of Link Quality calculation. */
1340
1341 if (dev->phy.type != B43_PHYTYPE_G)
1342 return;
1343 if (dev->noisecalc.calculation_running)
1344 return;
1345 dev->noisecalc.calculation_running = true;
1346 dev->noisecalc.nr_samples = 0;
1347
1348 b43_generate_noise_sample(dev);
1349}
1350
1351static void handle_irq_noise(struct b43_wldev *dev)
1352{
1353 struct b43_phy_g *phy = dev->phy.g;
1354 u16 tmp;
1355 u8 noise[4];
1356 u8 i, j;
1357 s32 average;
1358
1359 /* Bottom half of Link Quality calculation. */
1360
1361 if (dev->phy.type != B43_PHYTYPE_G)
1362 return;
1363
1364 /* Possible race condition: It might be possible that the user
1365 * changed to a different channel in the meantime since we
1366 * started the calculation. We ignore that fact, since it's
1367 * not really that much of a problem. The background noise is
1368 * an estimation only anyway. Slightly wrong results will get damped
1369 * by the averaging of the 8 sample rounds. Additionally the
1370 * value is shortlived. So it will be replaced by the next noise
1371 * calculation round soon. */
1372
1373 B43_WARN_ON(!dev->noisecalc.calculation_running);
1374 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1375 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1376 noise[2] == 0x7F || noise[3] == 0x7F)
1377 goto generate_new;
1378
1379 /* Get the noise samples. */
1380 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1381 i = dev->noisecalc.nr_samples;
1382 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1383 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1384 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1385 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1386 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1387 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1388 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1389 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1390 dev->noisecalc.nr_samples++;
1391 if (dev->noisecalc.nr_samples == 8) {
1392 /* Calculate the Link Quality by the noise samples. */
1393 average = 0;
1394 for (i = 0; i < 8; i++) {
1395 for (j = 0; j < 4; j++)
1396 average += dev->noisecalc.samples[i][j];
1397 }
1398 average /= (8 * 4);
1399 average *= 125;
1400 average += 64;
1401 average /= 128;
1402 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1403 tmp = (tmp / 128) & 0x1F;
1404 if (tmp >= 8)
1405 average += 2;
1406 else
1407 average -= 25;
1408 if (tmp == 8)
1409 average -= 72;
1410 else
1411 average -= 48;
1412
1413 dev->stats.link_noise = average;
1414 dev->noisecalc.calculation_running = false;
1415 return;
1416 }
1417generate_new:
1418 b43_generate_noise_sample(dev);
1419}
1420
1421static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1422{
1423 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1424 ///TODO: PS TBTT
1425 } else {
1426 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1427 b43_power_saving_ctl_bits(dev, 0);
1428 }
1429 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1430 dev->dfq_valid = true;
1431}
1432
1433static void handle_irq_atim_end(struct b43_wldev *dev)
1434{
1435 if (dev->dfq_valid) {
1436 b43_write32(dev, B43_MMIO_MACCMD,
1437 b43_read32(dev, B43_MMIO_MACCMD)
1438 | B43_MACCMD_DFQ_VALID);
1439 dev->dfq_valid = false;
1440 }
1441}
1442
1443static void handle_irq_pmq(struct b43_wldev *dev)
1444{
1445 u32 tmp;
1446
1447 //TODO: AP mode.
1448
1449 while (1) {
1450 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1451 if (!(tmp & 0x00000008))
1452 break;
1453 }
1454 /* 16bit write is odd, but correct. */
1455 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1456}
1457
1458static void b43_write_template_common(struct b43_wldev *dev,
1459 const u8 *data, u16 size,
1460 u16 ram_offset,
1461 u16 shm_size_offset, u8 rate)
1462{
1463 u32 i, tmp;
1464 struct b43_plcp_hdr4 plcp;
1465
1466 plcp.data = 0;
1467 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1468 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1469 ram_offset += sizeof(u32);
1470 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1471 * So leave the first two bytes of the next write blank.
1472 */
1473 tmp = (u32) (data[0]) << 16;
1474 tmp |= (u32) (data[1]) << 24;
1475 b43_ram_write(dev, ram_offset, tmp);
1476 ram_offset += sizeof(u32);
1477 for (i = 2; i < size; i += sizeof(u32)) {
1478 tmp = (u32) (data[i + 0]);
1479 if (i + 1 < size)
1480 tmp |= (u32) (data[i + 1]) << 8;
1481 if (i + 2 < size)
1482 tmp |= (u32) (data[i + 2]) << 16;
1483 if (i + 3 < size)
1484 tmp |= (u32) (data[i + 3]) << 24;
1485 b43_ram_write(dev, ram_offset + i - 2, tmp);
1486 }
1487 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1488 size + sizeof(struct b43_plcp_hdr6));
1489}
1490
1491/* Check if the use of the antenna that ieee80211 told us to
1492 * use is possible. This will fall back to DEFAULT.
1493 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1494u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1495 u8 antenna_nr)
1496{
1497 u8 antenna_mask;
1498
1499 if (antenna_nr == 0) {
1500 /* Zero means "use default antenna". That's always OK. */
1501 return 0;
1502 }
1503
1504 /* Get the mask of available antennas. */
1505 if (dev->phy.gmode)
1506 antenna_mask = dev->dev->bus_sprom->ant_available_bg;
1507 else
1508 antenna_mask = dev->dev->bus_sprom->ant_available_a;
1509
1510 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1511 /* This antenna is not available. Fall back to default. */
1512 return 0;
1513 }
1514
1515 return antenna_nr;
1516}
1517
1518/* Convert a b43 antenna number value to the PHY TX control value. */
1519static u16 b43_antenna_to_phyctl(int antenna)
1520{
1521 switch (antenna) {
1522 case B43_ANTENNA0:
1523 return B43_TXH_PHY_ANT0;
1524 case B43_ANTENNA1:
1525 return B43_TXH_PHY_ANT1;
1526 case B43_ANTENNA2:
1527 return B43_TXH_PHY_ANT2;
1528 case B43_ANTENNA3:
1529 return B43_TXH_PHY_ANT3;
1530 case B43_ANTENNA_AUTO0:
1531 case B43_ANTENNA_AUTO1:
1532 return B43_TXH_PHY_ANT01AUTO;
1533 }
1534 B43_WARN_ON(1);
1535 return 0;
1536}
1537
1538static void b43_write_beacon_template(struct b43_wldev *dev,
1539 u16 ram_offset,
1540 u16 shm_size_offset)
1541{
1542 unsigned int i, len, variable_len;
1543 const struct ieee80211_mgmt *bcn;
1544 const u8 *ie;
1545 bool tim_found = false;
1546 unsigned int rate;
1547 u16 ctl;
1548 int antenna;
1549 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1550
1551 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1552 len = min_t(size_t, dev->wl->current_beacon->len,
1553 0x200 - sizeof(struct b43_plcp_hdr6));
1554 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1555
1556 b43_write_template_common(dev, (const u8 *)bcn,
1557 len, ram_offset, shm_size_offset, rate);
1558
1559 /* Write the PHY TX control parameters. */
1560 antenna = B43_ANTENNA_DEFAULT;
1561 antenna = b43_antenna_to_phyctl(antenna);
1562 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1563 /* We can't send beacons with short preamble. Would get PHY errors. */
1564 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1565 ctl &= ~B43_TXH_PHY_ANT;
1566 ctl &= ~B43_TXH_PHY_ENC;
1567 ctl |= antenna;
1568 if (b43_is_cck_rate(rate))
1569 ctl |= B43_TXH_PHY_ENC_CCK;
1570 else
1571 ctl |= B43_TXH_PHY_ENC_OFDM;
1572 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1573
1574 /* Find the position of the TIM and the DTIM_period value
1575 * and write them to SHM. */
1576 ie = bcn->u.beacon.variable;
1577 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1578 for (i = 0; i < variable_len - 2; ) {
1579 uint8_t ie_id, ie_len;
1580
1581 ie_id = ie[i];
1582 ie_len = ie[i + 1];
1583 if (ie_id == 5) {
1584 u16 tim_position;
1585 u16 dtim_period;
1586 /* This is the TIM Information Element */
1587
1588 /* Check whether the ie_len is in the beacon data range. */
1589 if (variable_len < ie_len + 2 + i)
1590 break;
1591 /* A valid TIM is at least 4 bytes long. */
1592 if (ie_len < 4)
1593 break;
1594 tim_found = true;
1595
1596 tim_position = sizeof(struct b43_plcp_hdr6);
1597 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1598 tim_position += i;
1599
1600 dtim_period = ie[i + 3];
1601
1602 b43_shm_write16(dev, B43_SHM_SHARED,
1603 B43_SHM_SH_TIMBPOS, tim_position);
1604 b43_shm_write16(dev, B43_SHM_SHARED,
1605 B43_SHM_SH_DTIMPER, dtim_period);
1606 break;
1607 }
1608 i += ie_len + 2;
1609 }
1610 if (!tim_found) {
1611 /*
1612 * If ucode wants to modify TIM do it behind the beacon, this
1613 * will happen, for example, when doing mesh networking.
1614 */
1615 b43_shm_write16(dev, B43_SHM_SHARED,
1616 B43_SHM_SH_TIMBPOS,
1617 len + sizeof(struct b43_plcp_hdr6));
1618 b43_shm_write16(dev, B43_SHM_SHARED,
1619 B43_SHM_SH_DTIMPER, 0);
1620 }
1621 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1622}
1623
1624static void b43_upload_beacon0(struct b43_wldev *dev)
1625{
1626 struct b43_wl *wl = dev->wl;
1627
1628 if (wl->beacon0_uploaded)
1629 return;
1630 b43_write_beacon_template(dev, B43_SHM_SH_BT_BASE0, B43_SHM_SH_BTL0);
1631 wl->beacon0_uploaded = true;
1632}
1633
1634static void b43_upload_beacon1(struct b43_wldev *dev)
1635{
1636 struct b43_wl *wl = dev->wl;
1637
1638 if (wl->beacon1_uploaded)
1639 return;
1640 b43_write_beacon_template(dev, B43_SHM_SH_BT_BASE1, B43_SHM_SH_BTL1);
1641 wl->beacon1_uploaded = true;
1642}
1643
1644static void handle_irq_beacon(struct b43_wldev *dev)
1645{
1646 struct b43_wl *wl = dev->wl;
1647 u32 cmd, beacon0_valid, beacon1_valid;
1648
1649 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1650 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) &&
1651 !b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
1652 return;
1653
1654 /* This is the bottom half of the asynchronous beacon update. */
1655
1656 /* Ignore interrupt in the future. */
1657 dev->irq_mask &= ~B43_IRQ_BEACON;
1658
1659 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1660 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1661 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1662
1663 /* Schedule interrupt manually, if busy. */
1664 if (beacon0_valid && beacon1_valid) {
1665 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1666 dev->irq_mask |= B43_IRQ_BEACON;
1667 return;
1668 }
1669
1670 if (unlikely(wl->beacon_templates_virgin)) {
1671 /* We never uploaded a beacon before.
1672 * Upload both templates now, but only mark one valid. */
1673 wl->beacon_templates_virgin = false;
1674 b43_upload_beacon0(dev);
1675 b43_upload_beacon1(dev);
1676 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1677 cmd |= B43_MACCMD_BEACON0_VALID;
1678 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1679 } else {
1680 if (!beacon0_valid) {
1681 b43_upload_beacon0(dev);
1682 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1683 cmd |= B43_MACCMD_BEACON0_VALID;
1684 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1685 } else if (!beacon1_valid) {
1686 b43_upload_beacon1(dev);
1687 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1688 cmd |= B43_MACCMD_BEACON1_VALID;
1689 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1690 }
1691 }
1692}
1693
1694static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1695{
1696 u32 old_irq_mask = dev->irq_mask;
1697
1698 /* update beacon right away or defer to irq */
1699 handle_irq_beacon(dev);
1700 if (old_irq_mask != dev->irq_mask) {
1701 /* The handler updated the IRQ mask. */
1702 B43_WARN_ON(!dev->irq_mask);
1703 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1704 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1705 } else {
1706 /* Device interrupts are currently disabled. That means
1707 * we just ran the hardirq handler and scheduled the
1708 * IRQ thread. The thread will write the IRQ mask when
1709 * it finished, so there's nothing to do here. Writing
1710 * the mask _here_ would incorrectly re-enable IRQs. */
1711 }
1712 }
1713}
1714
1715static void b43_beacon_update_trigger_work(struct work_struct *work)
1716{
1717 struct b43_wl *wl = container_of(work, struct b43_wl,
1718 beacon_update_trigger);
1719 struct b43_wldev *dev;
1720
1721 mutex_lock(&wl->mutex);
1722 dev = wl->current_dev;
1723 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1724 if (b43_bus_host_is_sdio(dev->dev)) {
1725 /* wl->mutex is enough. */
1726 b43_do_beacon_update_trigger_work(dev);
1727 mmiowb();
1728 } else {
1729 spin_lock_irq(&wl->hardirq_lock);
1730 b43_do_beacon_update_trigger_work(dev);
1731 mmiowb();
1732 spin_unlock_irq(&wl->hardirq_lock);
1733 }
1734 }
1735 mutex_unlock(&wl->mutex);
1736}
1737
1738/* Asynchronously update the packet templates in template RAM.
1739 * Locking: Requires wl->mutex to be locked. */
1740static void b43_update_templates(struct b43_wl *wl)
1741{
1742 struct sk_buff *beacon;
1743
1744 /* This is the top half of the ansynchronous beacon update.
1745 * The bottom half is the beacon IRQ.
1746 * Beacon update must be asynchronous to avoid sending an
1747 * invalid beacon. This can happen for example, if the firmware
1748 * transmits a beacon while we are updating it. */
1749
1750 /* We could modify the existing beacon and set the aid bit in
1751 * the TIM field, but that would probably require resizing and
1752 * moving of data within the beacon template.
1753 * Simply request a new beacon and let mac80211 do the hard work. */
1754 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1755 if (unlikely(!beacon))
1756 return;
1757
1758 if (wl->current_beacon)
1759 dev_kfree_skb_any(wl->current_beacon);
1760 wl->current_beacon = beacon;
1761 wl->beacon0_uploaded = false;
1762 wl->beacon1_uploaded = false;
1763 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1764}
1765
1766static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1767{
1768 b43_time_lock(dev);
1769 if (dev->dev->core_rev >= 3) {
1770 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1771 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1772 } else {
1773 b43_write16(dev, 0x606, (beacon_int >> 6));
1774 b43_write16(dev, 0x610, beacon_int);
1775 }
1776 b43_time_unlock(dev);
1777 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1778}
1779
1780static void b43_handle_firmware_panic(struct b43_wldev *dev)
1781{
1782 u16 reason;
1783
1784 /* Read the register that contains the reason code for the panic. */
1785 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1786 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1787
1788 switch (reason) {
1789 default:
1790 b43dbg(dev->wl, "The panic reason is unknown.\n");
1791 /* fallthrough */
1792 case B43_FWPANIC_DIE:
1793 /* Do not restart the controller or firmware.
1794 * The device is nonfunctional from now on.
1795 * Restarting would result in this panic to trigger again,
1796 * so we avoid that recursion. */
1797 break;
1798 case B43_FWPANIC_RESTART:
1799 b43_controller_restart(dev, "Microcode panic");
1800 break;
1801 }
1802}
1803
1804static void handle_irq_ucode_debug(struct b43_wldev *dev)
1805{
1806 unsigned int i, cnt;
1807 u16 reason, marker_id, marker_line;
1808 __le16 *buf;
1809
1810 /* The proprietary firmware doesn't have this IRQ. */
1811 if (!dev->fw.opensource)
1812 return;
1813
1814 /* Read the register that contains the reason code for this IRQ. */
1815 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1816
1817 switch (reason) {
1818 case B43_DEBUGIRQ_PANIC:
1819 b43_handle_firmware_panic(dev);
1820 break;
1821 case B43_DEBUGIRQ_DUMP_SHM:
1822 if (!B43_DEBUG)
1823 break; /* Only with driver debugging enabled. */
1824 buf = kmalloc(4096, GFP_ATOMIC);
1825 if (!buf) {
1826 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1827 goto out;
1828 }
1829 for (i = 0; i < 4096; i += 2) {
1830 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1831 buf[i / 2] = cpu_to_le16(tmp);
1832 }
1833 b43info(dev->wl, "Shared memory dump:\n");
1834 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1835 16, 2, buf, 4096, 1);
1836 kfree(buf);
1837 break;
1838 case B43_DEBUGIRQ_DUMP_REGS:
1839 if (!B43_DEBUG)
1840 break; /* Only with driver debugging enabled. */
1841 b43info(dev->wl, "Microcode register dump:\n");
1842 for (i = 0, cnt = 0; i < 64; i++) {
1843 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1844 if (cnt == 0)
1845 printk(KERN_INFO);
1846 printk("r%02u: 0x%04X ", i, tmp);
1847 cnt++;
1848 if (cnt == 6) {
1849 printk("\n");
1850 cnt = 0;
1851 }
1852 }
1853 printk("\n");
1854 break;
1855 case B43_DEBUGIRQ_MARKER:
1856 if (!B43_DEBUG)
1857 break; /* Only with driver debugging enabled. */
1858 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1859 B43_MARKER_ID_REG);
1860 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1861 B43_MARKER_LINE_REG);
1862 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1863 "at line number %u\n",
1864 marker_id, marker_line);
1865 break;
1866 default:
1867 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1868 reason);
1869 }
1870out:
1871 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1872 b43_shm_write16(dev, B43_SHM_SCRATCH,
1873 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1874}
1875
1876static void b43_do_interrupt_thread(struct b43_wldev *dev)
1877{
1878 u32 reason;
1879 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1880 u32 merged_dma_reason = 0;
1881 int i;
1882
1883 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1884 return;
1885
1886 reason = dev->irq_reason;
1887 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1888 dma_reason[i] = dev->dma_reason[i];
1889 merged_dma_reason |= dma_reason[i];
1890 }
1891
1892 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1893 b43err(dev->wl, "MAC transmission error\n");
1894
1895 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1896 b43err(dev->wl, "PHY transmission error\n");
1897 rmb();
1898 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1899 atomic_set(&dev->phy.txerr_cnt,
1900 B43_PHY_TX_BADNESS_LIMIT);
1901 b43err(dev->wl, "Too many PHY TX errors, "
1902 "restarting the controller\n");
1903 b43_controller_restart(dev, "PHY TX errors");
1904 }
1905 }
1906
1907 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK))) {
1908 b43err(dev->wl,
1909 "Fatal DMA error: 0x%08X, 0x%08X, 0x%08X, 0x%08X, 0x%08X, 0x%08X\n",
1910 dma_reason[0], dma_reason[1],
1911 dma_reason[2], dma_reason[3],
1912 dma_reason[4], dma_reason[5]);
1913 b43err(dev->wl, "This device does not support DMA "
1914 "on your system. It will now be switched to PIO.\n");
1915 /* Fall back to PIO transfers if we get fatal DMA errors! */
1916 dev->use_pio = true;
1917 b43_controller_restart(dev, "DMA error");
1918 return;
1919 }
1920
1921 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1922 handle_irq_ucode_debug(dev);
1923 if (reason & B43_IRQ_TBTT_INDI)
1924 handle_irq_tbtt_indication(dev);
1925 if (reason & B43_IRQ_ATIM_END)
1926 handle_irq_atim_end(dev);
1927 if (reason & B43_IRQ_BEACON)
1928 handle_irq_beacon(dev);
1929 if (reason & B43_IRQ_PMQ)
1930 handle_irq_pmq(dev);
1931 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1932 ;/* TODO */
1933 if (reason & B43_IRQ_NOISESAMPLE_OK)
1934 handle_irq_noise(dev);
1935
1936 /* Check the DMA reason registers for received data. */
1937 if (dma_reason[0] & B43_DMAIRQ_RDESC_UFLOW) {
1938 if (B43_DEBUG)
1939 b43warn(dev->wl, "RX descriptor underrun\n");
1940 b43_dma_handle_rx_overflow(dev->dma.rx_ring);
1941 }
1942 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1943 if (b43_using_pio_transfers(dev))
1944 b43_pio_rx(dev->pio.rx_queue);
1945 else
1946 b43_dma_rx(dev->dma.rx_ring);
1947 }
1948 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1949 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1950 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1951 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1952 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1953
1954 if (reason & B43_IRQ_TX_OK)
1955 handle_irq_transmit_status(dev);
1956
1957 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1958 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1959
1960#if B43_DEBUG
1961 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
1962 dev->irq_count++;
1963 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
1964 if (reason & (1 << i))
1965 dev->irq_bit_count[i]++;
1966 }
1967 }
1968#endif
1969}
1970
1971/* Interrupt thread handler. Handles device interrupts in thread context. */
1972static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1973{
1974 struct b43_wldev *dev = dev_id;
1975
1976 mutex_lock(&dev->wl->mutex);
1977 b43_do_interrupt_thread(dev);
1978 mmiowb();
1979 mutex_unlock(&dev->wl->mutex);
1980
1981 return IRQ_HANDLED;
1982}
1983
1984static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1985{
1986 u32 reason;
1987
1988 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1989 * On SDIO, this runs under wl->mutex. */
1990
1991 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1992 if (reason == 0xffffffff) /* shared IRQ */
1993 return IRQ_NONE;
1994 reason &= dev->irq_mask;
1995 if (!reason)
1996 return IRQ_NONE;
1997
1998 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1999 & 0x0001FC00;
2000 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
2001 & 0x0000DC00;
2002 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
2003 & 0x0000DC00;
2004 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
2005 & 0x0001DC00;
2006 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
2007 & 0x0000DC00;
2008/* Unused ring
2009 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
2010 & 0x0000DC00;
2011*/
2012
2013 /* ACK the interrupt. */
2014 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
2015 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
2016 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
2017 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
2018 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
2019 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
2020/* Unused ring
2021 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
2022*/
2023
2024 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
2025 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
2026 /* Save the reason bitmasks for the IRQ thread handler. */
2027 dev->irq_reason = reason;
2028
2029 return IRQ_WAKE_THREAD;
2030}
2031
2032/* Interrupt handler top-half. This runs with interrupts disabled. */
2033static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
2034{
2035 struct b43_wldev *dev = dev_id;
2036 irqreturn_t ret;
2037
2038 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
2039 return IRQ_NONE;
2040
2041 spin_lock(&dev->wl->hardirq_lock);
2042 ret = b43_do_interrupt(dev);
2043 mmiowb();
2044 spin_unlock(&dev->wl->hardirq_lock);
2045
2046 return ret;
2047}
2048
2049/* SDIO interrupt handler. This runs in process context. */
2050static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
2051{
2052 struct b43_wl *wl = dev->wl;
2053 irqreturn_t ret;
2054
2055 mutex_lock(&wl->mutex);
2056
2057 ret = b43_do_interrupt(dev);
2058 if (ret == IRQ_WAKE_THREAD)
2059 b43_do_interrupt_thread(dev);
2060
2061 mutex_unlock(&wl->mutex);
2062}
2063
2064void b43_do_release_fw(struct b43_firmware_file *fw)
2065{
2066 release_firmware(fw->data);
2067 fw->data = NULL;
2068 fw->filename = NULL;
2069}
2070
2071static void b43_release_firmware(struct b43_wldev *dev)
2072{
2073 complete(&dev->fw_load_complete);
2074 b43_do_release_fw(&dev->fw.ucode);
2075 b43_do_release_fw(&dev->fw.pcm);
2076 b43_do_release_fw(&dev->fw.initvals);
2077 b43_do_release_fw(&dev->fw.initvals_band);
2078}
2079
2080static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2081{
2082 const char text[] =
2083 "You must go to " \
2084 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
2085 "and download the correct firmware for this driver version. " \
2086 "Please carefully read all instructions on this website.\n";
2087
2088 if (error)
2089 b43err(wl, text);
2090 else
2091 b43warn(wl, text);
2092}
2093
2094static void b43_fw_cb(const struct firmware *firmware, void *context)
2095{
2096 struct b43_request_fw_context *ctx = context;
2097
2098 ctx->blob = firmware;
2099 complete(&ctx->dev->fw_load_complete);
2100}
2101
2102int b43_do_request_fw(struct b43_request_fw_context *ctx,
2103 const char *name,
2104 struct b43_firmware_file *fw, bool async)
2105{
2106 struct b43_fw_header *hdr;
2107 u32 size;
2108 int err;
2109
2110 if (!name) {
2111 /* Don't fetch anything. Free possibly cached firmware. */
2112 /* FIXME: We should probably keep it anyway, to save some headache
2113 * on suspend/resume with multiband devices. */
2114 b43_do_release_fw(fw);
2115 return 0;
2116 }
2117 if (fw->filename) {
2118 if ((fw->type == ctx->req_type) &&
2119 (strcmp(fw->filename, name) == 0))
2120 return 0; /* Already have this fw. */
2121 /* Free the cached firmware first. */
2122 /* FIXME: We should probably do this later after we successfully
2123 * got the new fw. This could reduce headache with multiband devices.
2124 * We could also redesign this to cache the firmware for all possible
2125 * bands all the time. */
2126 b43_do_release_fw(fw);
2127 }
2128
2129 switch (ctx->req_type) {
2130 case B43_FWTYPE_PROPRIETARY:
2131 snprintf(ctx->fwname, sizeof(ctx->fwname),
2132 "b43%s/%s.fw",
2133 modparam_fwpostfix, name);
2134 break;
2135 case B43_FWTYPE_OPENSOURCE:
2136 snprintf(ctx->fwname, sizeof(ctx->fwname),
2137 "b43-open%s/%s.fw",
2138 modparam_fwpostfix, name);
2139 break;
2140 default:
2141 B43_WARN_ON(1);
2142 return -ENOSYS;
2143 }
2144 if (async) {
2145 /* do this part asynchronously */
2146 init_completion(&ctx->dev->fw_load_complete);
2147 err = request_firmware_nowait(THIS_MODULE, 1, ctx->fwname,
2148 ctx->dev->dev->dev, GFP_KERNEL,
2149 ctx, b43_fw_cb);
2150 if (err < 0) {
2151 pr_err("Unable to load firmware\n");
2152 return err;
2153 }
2154 wait_for_completion(&ctx->dev->fw_load_complete);
2155 if (ctx->blob)
2156 goto fw_ready;
2157 /* On some ARM systems, the async request will fail, but the next sync
2158 * request works. For this reason, we fall through here
2159 */
2160 }
2161 err = request_firmware(&ctx->blob, ctx->fwname,
2162 ctx->dev->dev->dev);
2163 if (err == -ENOENT) {
2164 snprintf(ctx->errors[ctx->req_type],
2165 sizeof(ctx->errors[ctx->req_type]),
2166 "Firmware file \"%s\" not found\n",
2167 ctx->fwname);
2168 return err;
2169 } else if (err) {
2170 snprintf(ctx->errors[ctx->req_type],
2171 sizeof(ctx->errors[ctx->req_type]),
2172 "Firmware file \"%s\" request failed (err=%d)\n",
2173 ctx->fwname, err);
2174 return err;
2175 }
2176fw_ready:
2177 if (ctx->blob->size < sizeof(struct b43_fw_header))
2178 goto err_format;
2179 hdr = (struct b43_fw_header *)(ctx->blob->data);
2180 switch (hdr->type) {
2181 case B43_FW_TYPE_UCODE:
2182 case B43_FW_TYPE_PCM:
2183 size = be32_to_cpu(hdr->size);
2184 if (size != ctx->blob->size - sizeof(struct b43_fw_header))
2185 goto err_format;
2186 /* fallthrough */
2187 case B43_FW_TYPE_IV:
2188 if (hdr->ver != 1)
2189 goto err_format;
2190 break;
2191 default:
2192 goto err_format;
2193 }
2194
2195 fw->data = ctx->blob;
2196 fw->filename = name;
2197 fw->type = ctx->req_type;
2198
2199 return 0;
2200
2201err_format:
2202 snprintf(ctx->errors[ctx->req_type],
2203 sizeof(ctx->errors[ctx->req_type]),
2204 "Firmware file \"%s\" format error.\n", ctx->fwname);
2205 release_firmware(ctx->blob);
2206
2207 return -EPROTO;
2208}
2209
2210static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2211{
2212 struct b43_wldev *dev = ctx->dev;
2213 struct b43_firmware *fw = &ctx->dev->fw;
2214 const u8 rev = ctx->dev->dev->core_rev;
2215 const char *filename;
2216 u32 tmshigh;
2217 int err;
2218
2219 /* Files for HT and LCN were found by trying one by one */
2220
2221 /* Get microcode */
2222 if ((rev >= 5) && (rev <= 10)) {
2223 filename = "ucode5";
2224 } else if ((rev >= 11) && (rev <= 12)) {
2225 filename = "ucode11";
2226 } else if (rev == 13) {
2227 filename = "ucode13";
2228 } else if (rev == 14) {
2229 filename = "ucode14";
2230 } else if (rev == 15) {
2231 filename = "ucode15";
2232 } else {
2233 switch (dev->phy.type) {
2234 case B43_PHYTYPE_N:
2235 if (rev >= 16)
2236 filename = "ucode16_mimo";
2237 else
2238 goto err_no_ucode;
2239 break;
2240 case B43_PHYTYPE_HT:
2241 if (rev == 29)
2242 filename = "ucode29_mimo";
2243 else
2244 goto err_no_ucode;
2245 break;
2246 case B43_PHYTYPE_LCN:
2247 if (rev == 24)
2248 filename = "ucode24_mimo";
2249 else
2250 goto err_no_ucode;
2251 break;
2252 default:
2253 goto err_no_ucode;
2254 }
2255 }
2256 err = b43_do_request_fw(ctx, filename, &fw->ucode, true);
2257 if (err)
2258 goto err_load;
2259
2260 /* Get PCM code */
2261 if ((rev >= 5) && (rev <= 10))
2262 filename = "pcm5";
2263 else if (rev >= 11)
2264 filename = NULL;
2265 else
2266 goto err_no_pcm;
2267 fw->pcm_request_failed = false;
2268 err = b43_do_request_fw(ctx, filename, &fw->pcm, false);
2269 if (err == -ENOENT) {
2270 /* We did not find a PCM file? Not fatal, but
2271 * core rev <= 10 must do without hwcrypto then. */
2272 fw->pcm_request_failed = true;
2273 } else if (err)
2274 goto err_load;
2275
2276 /* Get initvals */
2277 switch (dev->phy.type) {
2278 case B43_PHYTYPE_A:
2279 if ((rev >= 5) && (rev <= 10)) {
2280 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2281 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2282 filename = "a0g1initvals5";
2283 else
2284 filename = "a0g0initvals5";
2285 } else
2286 goto err_no_initvals;
2287 break;
2288 case B43_PHYTYPE_G:
2289 if ((rev >= 5) && (rev <= 10))
2290 filename = "b0g0initvals5";
2291 else if (rev >= 13)
2292 filename = "b0g0initvals13";
2293 else
2294 goto err_no_initvals;
2295 break;
2296 case B43_PHYTYPE_N:
2297 if (rev >= 16)
2298 filename = "n0initvals16";
2299 else if ((rev >= 11) && (rev <= 12))
2300 filename = "n0initvals11";
2301 else
2302 goto err_no_initvals;
2303 break;
2304 case B43_PHYTYPE_LP:
2305 if (rev == 13)
2306 filename = "lp0initvals13";
2307 else if (rev == 14)
2308 filename = "lp0initvals14";
2309 else if (rev >= 15)
2310 filename = "lp0initvals15";
2311 else
2312 goto err_no_initvals;
2313 break;
2314 case B43_PHYTYPE_HT:
2315 if (rev == 29)
2316 filename = "ht0initvals29";
2317 else
2318 goto err_no_initvals;
2319 break;
2320 case B43_PHYTYPE_LCN:
2321 if (rev == 24)
2322 filename = "lcn0initvals24";
2323 else
2324 goto err_no_initvals;
2325 break;
2326 default:
2327 goto err_no_initvals;
2328 }
2329 err = b43_do_request_fw(ctx, filename, &fw->initvals, false);
2330 if (err)
2331 goto err_load;
2332
2333 /* Get bandswitch initvals */
2334 switch (dev->phy.type) {
2335 case B43_PHYTYPE_A:
2336 if ((rev >= 5) && (rev <= 10)) {
2337 tmshigh = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
2338 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2339 filename = "a0g1bsinitvals5";
2340 else
2341 filename = "a0g0bsinitvals5";
2342 } else if (rev >= 11)
2343 filename = NULL;
2344 else
2345 goto err_no_initvals;
2346 break;
2347 case B43_PHYTYPE_G:
2348 if ((rev >= 5) && (rev <= 10))
2349 filename = "b0g0bsinitvals5";
2350 else if (rev >= 11)
2351 filename = NULL;
2352 else
2353 goto err_no_initvals;
2354 break;
2355 case B43_PHYTYPE_N:
2356 if (rev >= 16)
2357 filename = "n0bsinitvals16";
2358 else if ((rev >= 11) && (rev <= 12))
2359 filename = "n0bsinitvals11";
2360 else
2361 goto err_no_initvals;
2362 break;
2363 case B43_PHYTYPE_LP:
2364 if (rev == 13)
2365 filename = "lp0bsinitvals13";
2366 else if (rev == 14)
2367 filename = "lp0bsinitvals14";
2368 else if (rev >= 15)
2369 filename = "lp0bsinitvals15";
2370 else
2371 goto err_no_initvals;
2372 break;
2373 case B43_PHYTYPE_HT:
2374 if (rev == 29)
2375 filename = "ht0bsinitvals29";
2376 else
2377 goto err_no_initvals;
2378 break;
2379 case B43_PHYTYPE_LCN:
2380 if (rev == 24)
2381 filename = "lcn0bsinitvals24";
2382 else
2383 goto err_no_initvals;
2384 break;
2385 default:
2386 goto err_no_initvals;
2387 }
2388 err = b43_do_request_fw(ctx, filename, &fw->initvals_band, false);
2389 if (err)
2390 goto err_load;
2391
2392 fw->opensource = (ctx->req_type == B43_FWTYPE_OPENSOURCE);
2393
2394 return 0;
2395
2396err_no_ucode:
2397 err = ctx->fatal_failure = -EOPNOTSUPP;
2398 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2399 "is required for your device (wl-core rev %u)\n", rev);
2400 goto error;
2401
2402err_no_pcm:
2403 err = ctx->fatal_failure = -EOPNOTSUPP;
2404 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2405 "is required for your device (wl-core rev %u)\n", rev);
2406 goto error;
2407
2408err_no_initvals:
2409 err = ctx->fatal_failure = -EOPNOTSUPP;
2410 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2411 "is required for your device (wl-core rev %u)\n", rev);
2412 goto error;
2413
2414err_load:
2415 /* We failed to load this firmware image. The error message
2416 * already is in ctx->errors. Return and let our caller decide
2417 * what to do. */
2418 goto error;
2419
2420error:
2421 b43_release_firmware(dev);
2422 return err;
2423}
2424
2425static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl);
2426static void b43_one_core_detach(struct b43_bus_dev *dev);
2427static int b43_rng_init(struct b43_wl *wl);
2428
2429static void b43_request_firmware(struct work_struct *work)
2430{
2431 struct b43_wl *wl = container_of(work,
2432 struct b43_wl, firmware_load);
2433 struct b43_wldev *dev = wl->current_dev;
2434 struct b43_request_fw_context *ctx;
2435 unsigned int i;
2436 int err;
2437 const char *errmsg;
2438
2439 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2440 if (!ctx)
2441 return;
2442 ctx->dev = dev;
2443
2444 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2445 err = b43_try_request_fw(ctx);
2446 if (!err)
2447 goto start_ieee80211; /* Successfully loaded it. */
2448 /* Was fw version known? */
2449 if (ctx->fatal_failure)
2450 goto out;
2451
2452 /* proprietary fw not found, try open source */
2453 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2454 err = b43_try_request_fw(ctx);
2455 if (!err)
2456 goto start_ieee80211; /* Successfully loaded it. */
2457 if(ctx->fatal_failure)
2458 goto out;
2459
2460 /* Could not find a usable firmware. Print the errors. */
2461 for (i = 0; i < B43_NR_FWTYPES; i++) {
2462 errmsg = ctx->errors[i];
2463 if (strlen(errmsg))
2464 b43err(dev->wl, "%s", errmsg);
2465 }
2466 b43_print_fw_helptext(dev->wl, 1);
2467 goto out;
2468
2469start_ieee80211:
2470 wl->hw->queues = B43_QOS_QUEUE_NUM;
2471 if (!modparam_qos || dev->fw.opensource)
2472 wl->hw->queues = 1;
2473
2474 err = ieee80211_register_hw(wl->hw);
2475 if (err)
2476 goto err_one_core_detach;
2477 wl->hw_registred = true;
2478 b43_leds_register(wl->current_dev);
2479
2480 /* Register HW RNG driver */
2481 b43_rng_init(wl);
2482
2483 goto out;
2484
2485err_one_core_detach:
2486 b43_one_core_detach(dev->dev);
2487
2488out:
2489 kfree(ctx);
2490}
2491
2492static int b43_upload_microcode(struct b43_wldev *dev)
2493{
2494 struct wiphy *wiphy = dev->wl->hw->wiphy;
2495 const size_t hdr_len = sizeof(struct b43_fw_header);
2496 const __be32 *data;
2497 unsigned int i, len;
2498 u16 fwrev, fwpatch, fwdate, fwtime;
2499 u32 tmp, macctl;
2500 int err = 0;
2501
2502 /* Jump the microcode PSM to offset 0 */
2503 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2504 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2505 macctl |= B43_MACCTL_PSM_JMP0;
2506 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2507 /* Zero out all microcode PSM registers and shared memory. */
2508 for (i = 0; i < 64; i++)
2509 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2510 for (i = 0; i < 4096; i += 2)
2511 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2512
2513 /* Upload Microcode. */
2514 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2515 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2516 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2517 for (i = 0; i < len; i++) {
2518 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2519 udelay(10);
2520 }
2521
2522 if (dev->fw.pcm.data) {
2523 /* Upload PCM data. */
2524 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2525 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2526 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2527 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2528 /* No need for autoinc bit in SHM_HW */
2529 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2530 for (i = 0; i < len; i++) {
2531 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2532 udelay(10);
2533 }
2534 }
2535
2536 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2537
2538 /* Start the microcode PSM */
2539 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_JMP0,
2540 B43_MACCTL_PSM_RUN);
2541
2542 /* Wait for the microcode to load and respond */
2543 i = 0;
2544 while (1) {
2545 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2546 if (tmp == B43_IRQ_MAC_SUSPENDED)
2547 break;
2548 i++;
2549 if (i >= 20) {
2550 b43err(dev->wl, "Microcode not responding\n");
2551 b43_print_fw_helptext(dev->wl, 1);
2552 err = -ENODEV;
2553 goto error;
2554 }
2555 msleep(50);
2556 }
2557 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2558
2559 /* Get and check the revisions. */
2560 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2561 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2562 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2563 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2564
2565 if (fwrev <= 0x128) {
2566 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2567 "binary drivers older than version 4.x is unsupported. "
2568 "You must upgrade your firmware files.\n");
2569 b43_print_fw_helptext(dev->wl, 1);
2570 err = -EOPNOTSUPP;
2571 goto error;
2572 }
2573 dev->fw.rev = fwrev;
2574 dev->fw.patch = fwpatch;
2575 if (dev->fw.rev >= 598)
2576 dev->fw.hdr_format = B43_FW_HDR_598;
2577 else if (dev->fw.rev >= 410)
2578 dev->fw.hdr_format = B43_FW_HDR_410;
2579 else
2580 dev->fw.hdr_format = B43_FW_HDR_351;
2581 WARN_ON(dev->fw.opensource != (fwdate == 0xFFFF));
2582
2583 dev->qos_enabled = dev->wl->hw->queues > 1;
2584 /* Default to firmware/hardware crypto acceleration. */
2585 dev->hwcrypto_enabled = true;
2586
2587 if (dev->fw.opensource) {
2588 u16 fwcapa;
2589
2590 /* Patchlevel info is encoded in the "time" field. */
2591 dev->fw.patch = fwtime;
2592 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2593 dev->fw.rev, dev->fw.patch);
2594
2595 fwcapa = b43_fwcapa_read(dev);
2596 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2597 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2598 /* Disable hardware crypto and fall back to software crypto. */
2599 dev->hwcrypto_enabled = false;
2600 }
2601 /* adding QoS support should use an offline discovery mechanism */
2602 WARN(fwcapa & B43_FWCAPA_QOS, "QoS in OpenFW not supported\n");
2603 } else {
2604 b43info(dev->wl, "Loading firmware version %u.%u "
2605 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2606 fwrev, fwpatch,
2607 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2608 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2609 if (dev->fw.pcm_request_failed) {
2610 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2611 "Hardware accelerated cryptography is disabled.\n");
2612 b43_print_fw_helptext(dev->wl, 0);
2613 }
2614 }
2615
2616 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2617 dev->fw.rev, dev->fw.patch);
2618 wiphy->hw_version = dev->dev->core_id;
2619
2620 if (dev->fw.hdr_format == B43_FW_HDR_351) {
2621 /* We're over the deadline, but we keep support for old fw
2622 * until it turns out to be in major conflict with something new. */
2623 b43warn(dev->wl, "You are using an old firmware image. "
2624 "Support for old firmware will be removed soon "
2625 "(official deadline was July 2008).\n");
2626 b43_print_fw_helptext(dev->wl, 0);
2627 }
2628
2629 return 0;
2630
2631error:
2632 /* Stop the microcode PSM. */
2633 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN,
2634 B43_MACCTL_PSM_JMP0);
2635
2636 return err;
2637}
2638
2639static int b43_write_initvals(struct b43_wldev *dev,
2640 const struct b43_iv *ivals,
2641 size_t count,
2642 size_t array_size)
2643{
2644 const struct b43_iv *iv;
2645 u16 offset;
2646 size_t i;
2647 bool bit32;
2648
2649 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2650 iv = ivals;
2651 for (i = 0; i < count; i++) {
2652 if (array_size < sizeof(iv->offset_size))
2653 goto err_format;
2654 array_size -= sizeof(iv->offset_size);
2655 offset = be16_to_cpu(iv->offset_size);
2656 bit32 = !!(offset & B43_IV_32BIT);
2657 offset &= B43_IV_OFFSET_MASK;
2658 if (offset >= 0x1000)
2659 goto err_format;
2660 if (bit32) {
2661 u32 value;
2662
2663 if (array_size < sizeof(iv->data.d32))
2664 goto err_format;
2665 array_size -= sizeof(iv->data.d32);
2666
2667 value = get_unaligned_be32(&iv->data.d32);
2668 b43_write32(dev, offset, value);
2669
2670 iv = (const struct b43_iv *)((const uint8_t *)iv +
2671 sizeof(__be16) +
2672 sizeof(__be32));
2673 } else {
2674 u16 value;
2675
2676 if (array_size < sizeof(iv->data.d16))
2677 goto err_format;
2678 array_size -= sizeof(iv->data.d16);
2679
2680 value = be16_to_cpu(iv->data.d16);
2681 b43_write16(dev, offset, value);
2682
2683 iv = (const struct b43_iv *)((const uint8_t *)iv +
2684 sizeof(__be16) +
2685 sizeof(__be16));
2686 }
2687 }
2688 if (array_size)
2689 goto err_format;
2690
2691 return 0;
2692
2693err_format:
2694 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2695 b43_print_fw_helptext(dev->wl, 1);
2696
2697 return -EPROTO;
2698}
2699
2700static int b43_upload_initvals(struct b43_wldev *dev)
2701{
2702 const size_t hdr_len = sizeof(struct b43_fw_header);
2703 const struct b43_fw_header *hdr;
2704 struct b43_firmware *fw = &dev->fw;
2705 const struct b43_iv *ivals;
2706 size_t count;
2707 int err;
2708
2709 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2710 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2711 count = be32_to_cpu(hdr->size);
2712 err = b43_write_initvals(dev, ivals, count,
2713 fw->initvals.data->size - hdr_len);
2714 if (err)
2715 goto out;
2716 if (fw->initvals_band.data) {
2717 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2718 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2719 count = be32_to_cpu(hdr->size);
2720 err = b43_write_initvals(dev, ivals, count,
2721 fw->initvals_band.data->size - hdr_len);
2722 if (err)
2723 goto out;
2724 }
2725out:
2726
2727 return err;
2728}
2729
2730/* Initialize the GPIOs
2731 * http://bcm-specs.sipsolutions.net/GPIO
2732 */
2733static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2734{
2735 struct ssb_bus *bus = dev->dev->sdev->bus;
2736
2737#ifdef CONFIG_SSB_DRIVER_PCICORE
2738 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2739#else
2740 return bus->chipco.dev;
2741#endif
2742}
2743
2744static int b43_gpio_init(struct b43_wldev *dev)
2745{
2746 struct ssb_device *gpiodev;
2747 u32 mask, set;
2748
2749 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_GPOUTSMSK, 0);
2750 b43_maskset16(dev, B43_MMIO_GPIO_MASK, ~0, 0xF);
2751
2752 mask = 0x0000001F;
2753 set = 0x0000000F;
2754 if (dev->dev->chip_id == 0x4301) {
2755 mask |= 0x0060;
2756 set |= 0x0060;
2757 } else if (dev->dev->chip_id == 0x5354) {
2758 /* Don't allow overtaking buttons GPIOs */
2759 set &= 0x2; /* 0x2 is LED GPIO on BCM5354 */
2760 }
2761
2762 if (0 /* FIXME: conditional unknown */ ) {
2763 b43_write16(dev, B43_MMIO_GPIO_MASK,
2764 b43_read16(dev, B43_MMIO_GPIO_MASK)
2765 | 0x0100);
2766 /* BT Coexistance Input */
2767 mask |= 0x0080;
2768 set |= 0x0080;
2769 /* BT Coexistance Out */
2770 mask |= 0x0100;
2771 set |= 0x0100;
2772 }
2773 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) {
2774 /* PA is controlled by gpio 9, let ucode handle it */
2775 b43_write16(dev, B43_MMIO_GPIO_MASK,
2776 b43_read16(dev, B43_MMIO_GPIO_MASK)
2777 | 0x0200);
2778 mask |= 0x0200;
2779 set |= 0x0200;
2780 }
2781
2782 switch (dev->dev->bus_type) {
2783#ifdef CONFIG_B43_BCMA
2784 case B43_BUS_BCMA:
2785 bcma_chipco_gpio_control(&dev->dev->bdev->bus->drv_cc, mask, set);
2786 break;
2787#endif
2788#ifdef CONFIG_B43_SSB
2789 case B43_BUS_SSB:
2790 gpiodev = b43_ssb_gpio_dev(dev);
2791 if (gpiodev)
2792 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2793 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2794 & ~mask) | set);
2795 break;
2796#endif
2797 }
2798
2799 return 0;
2800}
2801
2802/* Turn off all GPIO stuff. Call this on module unload, for example. */
2803static void b43_gpio_cleanup(struct b43_wldev *dev)
2804{
2805 struct ssb_device *gpiodev;
2806
2807 switch (dev->dev->bus_type) {
2808#ifdef CONFIG_B43_BCMA
2809 case B43_BUS_BCMA:
2810 bcma_chipco_gpio_control(&dev->dev->bdev->bus->drv_cc, ~0, 0);
2811 break;
2812#endif
2813#ifdef CONFIG_B43_SSB
2814 case B43_BUS_SSB:
2815 gpiodev = b43_ssb_gpio_dev(dev);
2816 if (gpiodev)
2817 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2818 break;
2819#endif
2820 }
2821}
2822
2823/* http://bcm-specs.sipsolutions.net/EnableMac */
2824void b43_mac_enable(struct b43_wldev *dev)
2825{
2826 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2827 u16 fwstate;
2828
2829 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2830 B43_SHM_SH_UCODESTAT);
2831 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2832 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2833 b43err(dev->wl, "b43_mac_enable(): The firmware "
2834 "should be suspended, but current state is %u\n",
2835 fwstate);
2836 }
2837 }
2838
2839 dev->mac_suspended--;
2840 B43_WARN_ON(dev->mac_suspended < 0);
2841 if (dev->mac_suspended == 0) {
2842 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_ENABLED);
2843 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2844 B43_IRQ_MAC_SUSPENDED);
2845 /* Commit writes */
2846 b43_read32(dev, B43_MMIO_MACCTL);
2847 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2848 b43_power_saving_ctl_bits(dev, 0);
2849 }
2850}
2851
2852/* http://bcm-specs.sipsolutions.net/SuspendMAC */
2853void b43_mac_suspend(struct b43_wldev *dev)
2854{
2855 int i;
2856 u32 tmp;
2857
2858 might_sleep();
2859 B43_WARN_ON(dev->mac_suspended < 0);
2860
2861 if (dev->mac_suspended == 0) {
2862 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2863 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_ENABLED, 0);
2864 /* force pci to flush the write */
2865 b43_read32(dev, B43_MMIO_MACCTL);
2866 for (i = 35; i; i--) {
2867 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2868 if (tmp & B43_IRQ_MAC_SUSPENDED)
2869 goto out;
2870 udelay(10);
2871 }
2872 /* Hm, it seems this will take some time. Use msleep(). */
2873 for (i = 40; i; i--) {
2874 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2875 if (tmp & B43_IRQ_MAC_SUSPENDED)
2876 goto out;
2877 msleep(1);
2878 }
2879 b43err(dev->wl, "MAC suspend failed\n");
2880 }
2881out:
2882 dev->mac_suspended++;
2883}
2884
2885/* http://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2886void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
2887{
2888 u32 tmp;
2889
2890 switch (dev->dev->bus_type) {
2891#ifdef CONFIG_B43_BCMA
2892 case B43_BUS_BCMA:
2893 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
2894 if (on)
2895 tmp |= B43_BCMA_IOCTL_MACPHYCLKEN;
2896 else
2897 tmp &= ~B43_BCMA_IOCTL_MACPHYCLKEN;
2898 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
2899 break;
2900#endif
2901#ifdef CONFIG_B43_SSB
2902 case B43_BUS_SSB:
2903 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW);
2904 if (on)
2905 tmp |= B43_TMSLOW_MACPHYCLKEN;
2906 else
2907 tmp &= ~B43_TMSLOW_MACPHYCLKEN;
2908 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp);
2909 break;
2910#endif
2911 }
2912}
2913
2914static void b43_adjust_opmode(struct b43_wldev *dev)
2915{
2916 struct b43_wl *wl = dev->wl;
2917 u32 ctl;
2918 u16 cfp_pretbtt;
2919
2920 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2921 /* Reset status to STA infrastructure mode. */
2922 ctl &= ~B43_MACCTL_AP;
2923 ctl &= ~B43_MACCTL_KEEP_CTL;
2924 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2925 ctl &= ~B43_MACCTL_KEEP_BAD;
2926 ctl &= ~B43_MACCTL_PROMISC;
2927 ctl &= ~B43_MACCTL_BEACPROMISC;
2928 ctl |= B43_MACCTL_INFRA;
2929
2930 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2931 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2932 ctl |= B43_MACCTL_AP;
2933 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2934 ctl &= ~B43_MACCTL_INFRA;
2935
2936 if (wl->filter_flags & FIF_CONTROL)
2937 ctl |= B43_MACCTL_KEEP_CTL;
2938 if (wl->filter_flags & FIF_FCSFAIL)
2939 ctl |= B43_MACCTL_KEEP_BAD;
2940 if (wl->filter_flags & FIF_PLCPFAIL)
2941 ctl |= B43_MACCTL_KEEP_BADPLCP;
2942 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2943 ctl |= B43_MACCTL_PROMISC;
2944 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2945 ctl |= B43_MACCTL_BEACPROMISC;
2946
2947 /* Workaround: On old hardware the HW-MAC-address-filter
2948 * doesn't work properly, so always run promisc in filter
2949 * it in software. */
2950 if (dev->dev->core_rev <= 4)
2951 ctl |= B43_MACCTL_PROMISC;
2952
2953 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2954
2955 cfp_pretbtt = 2;
2956 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2957 if (dev->dev->chip_id == 0x4306 &&
2958 dev->dev->chip_rev == 3)
2959 cfp_pretbtt = 100;
2960 else
2961 cfp_pretbtt = 50;
2962 }
2963 b43_write16(dev, 0x612, cfp_pretbtt);
2964
2965 /* FIXME: We don't currently implement the PMQ mechanism,
2966 * so always disable it. If we want to implement PMQ,
2967 * we need to enable it here (clear DISCPMQ) in AP mode.
2968 */
2969 if (0 /* ctl & B43_MACCTL_AP */)
2970 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_DISCPMQ, 0);
2971 else
2972 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_DISCPMQ);
2973}
2974
2975static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2976{
2977 u16 offset;
2978
2979 if (is_ofdm) {
2980 offset = 0x480;
2981 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2982 } else {
2983 offset = 0x4C0;
2984 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2985 }
2986 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2987 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2988}
2989
2990static void b43_rate_memory_init(struct b43_wldev *dev)
2991{
2992 switch (dev->phy.type) {
2993 case B43_PHYTYPE_A:
2994 case B43_PHYTYPE_G:
2995 case B43_PHYTYPE_N:
2996 case B43_PHYTYPE_LP:
2997 case B43_PHYTYPE_HT:
2998 case B43_PHYTYPE_LCN:
2999 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
3000 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
3001 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
3002 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
3003 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
3004 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
3005 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
3006 if (dev->phy.type == B43_PHYTYPE_A)
3007 break;
3008 /* fallthrough */
3009 case B43_PHYTYPE_B:
3010 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
3011 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
3012 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
3013 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
3014 break;
3015 default:
3016 B43_WARN_ON(1);
3017 }
3018}
3019
3020/* Set the default values for the PHY TX Control Words. */
3021static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
3022{
3023 u16 ctl = 0;
3024
3025 ctl |= B43_TXH_PHY_ENC_CCK;
3026 ctl |= B43_TXH_PHY_ANT01AUTO;
3027 ctl |= B43_TXH_PHY_TXPWR;
3028
3029 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
3030 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
3031 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
3032}
3033
3034/* Set the TX-Antenna for management frames sent by firmware. */
3035static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
3036{
3037 u16 ant;
3038 u16 tmp;
3039
3040 ant = b43_antenna_to_phyctl(antenna);
3041
3042 /* For ACK/CTS */
3043 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
3044 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
3045 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
3046 /* For Probe Resposes */
3047 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
3048 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
3049 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
3050}
3051
3052/* This is the opposite of b43_chip_init() */
3053static void b43_chip_exit(struct b43_wldev *dev)
3054{
3055 b43_phy_exit(dev);
3056 b43_gpio_cleanup(dev);
3057 /* firmware is released later */
3058}
3059
3060/* Initialize the chip
3061 * http://bcm-specs.sipsolutions.net/ChipInit
3062 */
3063static int b43_chip_init(struct b43_wldev *dev)
3064{
3065 struct b43_phy *phy = &dev->phy;
3066 int err;
3067 u32 macctl;
3068 u16 value16;
3069
3070 /* Initialize the MAC control */
3071 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
3072 if (dev->phy.gmode)
3073 macctl |= B43_MACCTL_GMODE;
3074 macctl |= B43_MACCTL_INFRA;
3075 b43_write32(dev, B43_MMIO_MACCTL, macctl);
3076
3077 err = b43_upload_microcode(dev);
3078 if (err)
3079 goto out; /* firmware is released later */
3080
3081 err = b43_gpio_init(dev);
3082 if (err)
3083 goto out; /* firmware is released later */
3084
3085 err = b43_upload_initvals(dev);
3086 if (err)
3087 goto err_gpio_clean;
3088
3089 /* Turn the Analog on and initialize the PHY. */
3090 phy->ops->switch_analog(dev, 1);
3091 err = b43_phy_init(dev);
3092 if (err)
3093 goto err_gpio_clean;
3094
3095 /* Disable Interference Mitigation. */
3096 if (phy->ops->interf_mitigation)
3097 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
3098
3099 /* Select the antennae */
3100 if (phy->ops->set_rx_antenna)
3101 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
3102 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
3103
3104 if (phy->type == B43_PHYTYPE_B) {
3105 value16 = b43_read16(dev, 0x005E);
3106 value16 |= 0x0004;
3107 b43_write16(dev, 0x005E, value16);
3108 }
3109 b43_write32(dev, 0x0100, 0x01000000);
3110 if (dev->dev->core_rev < 5)
3111 b43_write32(dev, 0x010C, 0x01000000);
3112
3113 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_INFRA, 0);
3114 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_INFRA);
3115
3116 /* Probe Response Timeout value */
3117 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
3118 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 0);
3119
3120 /* Initially set the wireless operation mode. */
3121 b43_adjust_opmode(dev);
3122
3123 if (dev->dev->core_rev < 3) {
3124 b43_write16(dev, 0x060E, 0x0000);
3125 b43_write16(dev, 0x0610, 0x8000);
3126 b43_write16(dev, 0x0604, 0x0000);
3127 b43_write16(dev, 0x0606, 0x0200);
3128 } else {
3129 b43_write32(dev, 0x0188, 0x80000000);
3130 b43_write32(dev, 0x018C, 0x02000000);
3131 }
3132 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
3133 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001FC00);
3134 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
3135 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
3136 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
3137 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
3138 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
3139
3140 b43_mac_phy_clock_set(dev, true);
3141
3142 switch (dev->dev->bus_type) {
3143#ifdef CONFIG_B43_BCMA
3144 case B43_BUS_BCMA:
3145 /* FIXME: 0xE74 is quite common, but should be read from CC */
3146 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 0xE74);
3147 break;
3148#endif
3149#ifdef CONFIG_B43_SSB
3150 case B43_BUS_SSB:
3151 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
3152 dev->dev->sdev->bus->chipco.fast_pwrup_delay);
3153 break;
3154#endif
3155 }
3156
3157 err = 0;
3158 b43dbg(dev->wl, "Chip initialized\n");
3159out:
3160 return err;
3161
3162err_gpio_clean:
3163 b43_gpio_cleanup(dev);
3164 return err;
3165}
3166
3167static void b43_periodic_every60sec(struct b43_wldev *dev)
3168{
3169 const struct b43_phy_operations *ops = dev->phy.ops;
3170
3171 if (ops->pwork_60sec)
3172 ops->pwork_60sec(dev);
3173
3174 /* Force check the TX power emission now. */
3175 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
3176}
3177
3178static void b43_periodic_every30sec(struct b43_wldev *dev)
3179{
3180 /* Update device statistics. */
3181 b43_calculate_link_quality(dev);
3182}
3183
3184static void b43_periodic_every15sec(struct b43_wldev *dev)
3185{
3186 struct b43_phy *phy = &dev->phy;
3187 u16 wdr;
3188
3189 if (dev->fw.opensource) {
3190 /* Check if the firmware is still alive.
3191 * It will reset the watchdog counter to 0 in its idle loop. */
3192 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
3193 if (unlikely(wdr)) {
3194 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
3195 b43_controller_restart(dev, "Firmware watchdog");
3196 return;
3197 } else {
3198 b43_shm_write16(dev, B43_SHM_SCRATCH,
3199 B43_WATCHDOG_REG, 1);
3200 }
3201 }
3202
3203 if (phy->ops->pwork_15sec)
3204 phy->ops->pwork_15sec(dev);
3205
3206 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3207 wmb();
3208
3209#if B43_DEBUG
3210 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3211 unsigned int i;
3212
3213 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3214 dev->irq_count / 15,
3215 dev->tx_count / 15,
3216 dev->rx_count / 15);
3217 dev->irq_count = 0;
3218 dev->tx_count = 0;
3219 dev->rx_count = 0;
3220 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3221 if (dev->irq_bit_count[i]) {
3222 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3223 dev->irq_bit_count[i] / 15, i, (1 << i));
3224 dev->irq_bit_count[i] = 0;
3225 }
3226 }
3227 }
3228#endif
3229}
3230
3231static void do_periodic_work(struct b43_wldev *dev)
3232{
3233 unsigned int state;
3234
3235 state = dev->periodic_state;
3236 if (state % 4 == 0)
3237 b43_periodic_every60sec(dev);
3238 if (state % 2 == 0)
3239 b43_periodic_every30sec(dev);
3240 b43_periodic_every15sec(dev);
3241}
3242
3243/* Periodic work locking policy:
3244 * The whole periodic work handler is protected by
3245 * wl->mutex. If another lock is needed somewhere in the
3246 * pwork callchain, it's acquired in-place, where it's needed.
3247 */
3248static void b43_periodic_work_handler(struct work_struct *work)
3249{
3250 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3251 periodic_work.work);
3252 struct b43_wl *wl = dev->wl;
3253 unsigned long delay;
3254
3255 mutex_lock(&wl->mutex);
3256
3257 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3258 goto out;
3259 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3260 goto out_requeue;
3261
3262 do_periodic_work(dev);
3263
3264 dev->periodic_state++;
3265out_requeue:
3266 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3267 delay = msecs_to_jiffies(50);
3268 else
3269 delay = round_jiffies_relative(HZ * 15);
3270 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3271out:
3272 mutex_unlock(&wl->mutex);
3273}
3274
3275static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3276{
3277 struct delayed_work *work = &dev->periodic_work;
3278
3279 dev->periodic_state = 0;
3280 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3281 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3282}
3283
3284/* Check if communication with the device works correctly. */
3285static int b43_validate_chipaccess(struct b43_wldev *dev)
3286{
3287 u32 v, backup0, backup4;
3288
3289 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3290 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3291
3292 /* Check for read/write and endianness problems. */
3293 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3294 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3295 goto error;
3296 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3297 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3298 goto error;
3299
3300 /* Check if unaligned 32bit SHM_SHARED access works properly.
3301 * However, don't bail out on failure, because it's noncritical. */
3302 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3303 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3304 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3305 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3306 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3307 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3308 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3309 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3310 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3311 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3312 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3313 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3314
3315 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3316 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3317
3318 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) {
3319 /* The 32bit register shadows the two 16bit registers
3320 * with update sideeffects. Validate this. */
3321 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3322 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3323 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3324 goto error;
3325 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3326 goto error;
3327 }
3328 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3329
3330 v = b43_read32(dev, B43_MMIO_MACCTL);
3331 v |= B43_MACCTL_GMODE;
3332 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3333 goto error;
3334
3335 return 0;
3336error:
3337 b43err(dev->wl, "Failed to validate the chipaccess\n");
3338 return -ENODEV;
3339}
3340
3341static void b43_security_init(struct b43_wldev *dev)
3342{
3343 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3344 /* KTP is a word address, but we address SHM bytewise.
3345 * So multiply by two.
3346 */
3347 dev->ktp *= 2;
3348 /* Number of RCMTA address slots */
3349 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3350 /* Clear the key memory. */
3351 b43_clear_keys(dev);
3352}
3353
3354#ifdef CONFIG_B43_HWRNG
3355static int b43_rng_read(struct hwrng *rng, u32 *data)
3356{
3357 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3358 struct b43_wldev *dev;
3359 int count = -ENODEV;
3360
3361 mutex_lock(&wl->mutex);
3362 dev = wl->current_dev;
3363 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3364 *data = b43_read16(dev, B43_MMIO_RNG);
3365 count = sizeof(u16);
3366 }
3367 mutex_unlock(&wl->mutex);
3368
3369 return count;
3370}
3371#endif /* CONFIG_B43_HWRNG */
3372
3373static void b43_rng_exit(struct b43_wl *wl)
3374{
3375#ifdef CONFIG_B43_HWRNG
3376 if (wl->rng_initialized)
3377 hwrng_unregister(&wl->rng);
3378#endif /* CONFIG_B43_HWRNG */
3379}
3380
3381static int b43_rng_init(struct b43_wl *wl)
3382{
3383 int err = 0;
3384
3385#ifdef CONFIG_B43_HWRNG
3386 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3387 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3388 wl->rng.name = wl->rng_name;
3389 wl->rng.data_read = b43_rng_read;
3390 wl->rng.priv = (unsigned long)wl;
3391 wl->rng_initialized = true;
3392 err = hwrng_register(&wl->rng);
3393 if (err) {
3394 wl->rng_initialized = false;
3395 b43err(wl, "Failed to register the random "
3396 "number generator (%d)\n", err);
3397 }
3398#endif /* CONFIG_B43_HWRNG */
3399
3400 return err;
3401}
3402
3403static void b43_tx_work(struct work_struct *work)
3404{
3405 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3406 struct b43_wldev *dev;
3407 struct sk_buff *skb;
3408 int queue_num;
3409 int err = 0;
3410
3411 mutex_lock(&wl->mutex);
3412 dev = wl->current_dev;
3413 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3414 mutex_unlock(&wl->mutex);
3415 return;
3416 }
3417
3418 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
3419 while (skb_queue_len(&wl->tx_queue[queue_num])) {
3420 skb = skb_dequeue(&wl->tx_queue[queue_num]);
3421 if (b43_using_pio_transfers(dev))
3422 err = b43_pio_tx(dev, skb);
3423 else
3424 err = b43_dma_tx(dev, skb);
3425 if (err == -ENOSPC) {
3426 wl->tx_queue_stopped[queue_num] = 1;
3427 ieee80211_stop_queue(wl->hw, queue_num);
3428 skb_queue_head(&wl->tx_queue[queue_num], skb);
3429 break;
3430 }
3431 if (unlikely(err))
3432 ieee80211_free_txskb(wl->hw, skb);
3433 err = 0;
3434 }
3435
3436 if (!err)
3437 wl->tx_queue_stopped[queue_num] = 0;
3438 }
3439
3440#if B43_DEBUG
3441 dev->tx_count++;
3442#endif
3443 mutex_unlock(&wl->mutex);
3444}
3445
3446static void b43_op_tx(struct ieee80211_hw *hw,
3447 struct ieee80211_tx_control *control,
3448 struct sk_buff *skb)
3449{
3450 struct b43_wl *wl = hw_to_b43_wl(hw);
3451
3452 if (unlikely(skb->len < 2 + 2 + 6)) {
3453 /* Too short, this can't be a valid frame. */
3454 ieee80211_free_txskb(hw, skb);
3455 return;
3456 }
3457 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3458
3459 skb_queue_tail(&wl->tx_queue[skb->queue_mapping], skb);
3460 if (!wl->tx_queue_stopped[skb->queue_mapping]) {
3461 ieee80211_queue_work(wl->hw, &wl->tx_work);
3462 } else {
3463 ieee80211_stop_queue(wl->hw, skb->queue_mapping);
3464 }
3465}
3466
3467static void b43_qos_params_upload(struct b43_wldev *dev,
3468 const struct ieee80211_tx_queue_params *p,
3469 u16 shm_offset)
3470{
3471 u16 params[B43_NR_QOSPARAMS];
3472 int bslots, tmp;
3473 unsigned int i;
3474
3475 if (!dev->qos_enabled)
3476 return;
3477
3478 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3479
3480 memset(¶ms, 0, sizeof(params));
3481
3482 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3483 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3484 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3485 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3486 params[B43_QOSPARAM_AIFS] = p->aifs;
3487 params[B43_QOSPARAM_BSLOTS] = bslots;
3488 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3489
3490 for (i = 0; i < ARRAY_SIZE(params); i++) {
3491 if (i == B43_QOSPARAM_STATUS) {
3492 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3493 shm_offset + (i * 2));
3494 /* Mark the parameters as updated. */
3495 tmp |= 0x100;
3496 b43_shm_write16(dev, B43_SHM_SHARED,
3497 shm_offset + (i * 2),
3498 tmp);
3499 } else {
3500 b43_shm_write16(dev, B43_SHM_SHARED,
3501 shm_offset + (i * 2),
3502 params[i]);
3503 }
3504 }
3505}
3506
3507/* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3508static const u16 b43_qos_shm_offsets[] = {
3509 /* [mac80211-queue-nr] = SHM_OFFSET, */
3510 [0] = B43_QOS_VOICE,
3511 [1] = B43_QOS_VIDEO,
3512 [2] = B43_QOS_BESTEFFORT,
3513 [3] = B43_QOS_BACKGROUND,
3514};
3515
3516/* Update all QOS parameters in hardware. */
3517static void b43_qos_upload_all(struct b43_wldev *dev)
3518{
3519 struct b43_wl *wl = dev->wl;
3520 struct b43_qos_params *params;
3521 unsigned int i;
3522
3523 if (!dev->qos_enabled)
3524 return;
3525
3526 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3527 ARRAY_SIZE(wl->qos_params));
3528
3529 b43_mac_suspend(dev);
3530 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3531 params = &(wl->qos_params[i]);
3532 b43_qos_params_upload(dev, &(params->p),
3533 b43_qos_shm_offsets[i]);
3534 }
3535 b43_mac_enable(dev);
3536}
3537
3538static void b43_qos_clear(struct b43_wl *wl)
3539{
3540 struct b43_qos_params *params;
3541 unsigned int i;
3542
3543 /* Initialize QoS parameters to sane defaults. */
3544
3545 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3546 ARRAY_SIZE(wl->qos_params));
3547
3548 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3549 params = &(wl->qos_params[i]);
3550
3551 switch (b43_qos_shm_offsets[i]) {
3552 case B43_QOS_VOICE:
3553 params->p.txop = 0;
3554 params->p.aifs = 2;
3555 params->p.cw_min = 0x0001;
3556 params->p.cw_max = 0x0001;
3557 break;
3558 case B43_QOS_VIDEO:
3559 params->p.txop = 0;
3560 params->p.aifs = 2;
3561 params->p.cw_min = 0x0001;
3562 params->p.cw_max = 0x0001;
3563 break;
3564 case B43_QOS_BESTEFFORT:
3565 params->p.txop = 0;
3566 params->p.aifs = 3;
3567 params->p.cw_min = 0x0001;
3568 params->p.cw_max = 0x03FF;
3569 break;
3570 case B43_QOS_BACKGROUND:
3571 params->p.txop = 0;
3572 params->p.aifs = 7;
3573 params->p.cw_min = 0x0001;
3574 params->p.cw_max = 0x03FF;
3575 break;
3576 default:
3577 B43_WARN_ON(1);
3578 }
3579 }
3580}
3581
3582/* Initialize the core's QOS capabilities */
3583static void b43_qos_init(struct b43_wldev *dev)
3584{
3585 if (!dev->qos_enabled) {
3586 /* Disable QOS support. */
3587 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3588 b43_write16(dev, B43_MMIO_IFSCTL,
3589 b43_read16(dev, B43_MMIO_IFSCTL)
3590 & ~B43_MMIO_IFSCTL_USE_EDCF);
3591 b43dbg(dev->wl, "QoS disabled\n");
3592 return;
3593 }
3594
3595 /* Upload the current QOS parameters. */
3596 b43_qos_upload_all(dev);
3597
3598 /* Enable QOS support. */
3599 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3600 b43_write16(dev, B43_MMIO_IFSCTL,
3601 b43_read16(dev, B43_MMIO_IFSCTL)
3602 | B43_MMIO_IFSCTL_USE_EDCF);
3603 b43dbg(dev->wl, "QoS enabled\n");
3604}
3605
3606static int b43_op_conf_tx(struct ieee80211_hw *hw,
3607 struct ieee80211_vif *vif, u16 _queue,
3608 const struct ieee80211_tx_queue_params *params)
3609{
3610 struct b43_wl *wl = hw_to_b43_wl(hw);
3611 struct b43_wldev *dev;
3612 unsigned int queue = (unsigned int)_queue;
3613 int err = -ENODEV;
3614
3615 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3616 /* Queue not available or don't support setting
3617 * params on this queue. Return success to not
3618 * confuse mac80211. */
3619 return 0;
3620 }
3621 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3622 ARRAY_SIZE(wl->qos_params));
3623
3624 mutex_lock(&wl->mutex);
3625 dev = wl->current_dev;
3626 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3627 goto out_unlock;
3628
3629 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3630 b43_mac_suspend(dev);
3631 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3632 b43_qos_shm_offsets[queue]);
3633 b43_mac_enable(dev);
3634 err = 0;
3635
3636out_unlock:
3637 mutex_unlock(&wl->mutex);
3638
3639 return err;
3640}
3641
3642static int b43_op_get_stats(struct ieee80211_hw *hw,
3643 struct ieee80211_low_level_stats *stats)
3644{
3645 struct b43_wl *wl = hw_to_b43_wl(hw);
3646
3647 mutex_lock(&wl->mutex);
3648 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3649 mutex_unlock(&wl->mutex);
3650
3651 return 0;
3652}
3653
3654static u64 b43_op_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
3655{
3656 struct b43_wl *wl = hw_to_b43_wl(hw);
3657 struct b43_wldev *dev;
3658 u64 tsf;
3659
3660 mutex_lock(&wl->mutex);
3661 dev = wl->current_dev;
3662
3663 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3664 b43_tsf_read(dev, &tsf);
3665 else
3666 tsf = 0;
3667
3668 mutex_unlock(&wl->mutex);
3669
3670 return tsf;
3671}
3672
3673static void b43_op_set_tsf(struct ieee80211_hw *hw,
3674 struct ieee80211_vif *vif, u64 tsf)
3675{
3676 struct b43_wl *wl = hw_to_b43_wl(hw);
3677 struct b43_wldev *dev;
3678
3679 mutex_lock(&wl->mutex);
3680 dev = wl->current_dev;
3681
3682 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3683 b43_tsf_write(dev, tsf);
3684
3685 mutex_unlock(&wl->mutex);
3686}
3687
3688static void b43_put_phy_into_reset(struct b43_wldev *dev)
3689{
3690 u32 tmp;
3691
3692 switch (dev->dev->bus_type) {
3693#ifdef CONFIG_B43_BCMA
3694 case B43_BUS_BCMA:
3695 b43err(dev->wl,
3696 "Putting PHY into reset not supported on BCMA\n");
3697 break;
3698#endif
3699#ifdef CONFIG_B43_SSB
3700 case B43_BUS_SSB:
3701 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW);
3702 tmp &= ~B43_TMSLOW_GMODE;
3703 tmp |= B43_TMSLOW_PHYRESET;
3704 tmp |= SSB_TMSLOW_FGC;
3705 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp);
3706 msleep(1);
3707
3708 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW);
3709 tmp &= ~SSB_TMSLOW_FGC;
3710 tmp |= B43_TMSLOW_PHYRESET;
3711 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp);
3712 msleep(1);
3713
3714 break;
3715#endif
3716 }
3717}
3718
3719static const char *band_to_string(enum ieee80211_band band)
3720{
3721 switch (band) {
3722 case IEEE80211_BAND_5GHZ:
3723 return "5";
3724 case IEEE80211_BAND_2GHZ:
3725 return "2.4";
3726 default:
3727 break;
3728 }
3729 B43_WARN_ON(1);
3730 return "";
3731}
3732
3733/* Expects wl->mutex locked */
3734static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3735{
3736 struct b43_wldev *up_dev = NULL;
3737 struct b43_wldev *down_dev;
3738 struct b43_wldev *d;
3739 int err;
3740 bool uninitialized_var(gmode);
3741 int prev_status;
3742
3743 /* Find a device and PHY which supports the band. */
3744 list_for_each_entry(d, &wl->devlist, list) {
3745 switch (chan->band) {
3746 case IEEE80211_BAND_5GHZ:
3747 if (d->phy.supports_5ghz) {
3748 up_dev = d;
3749 gmode = false;
3750 }
3751 break;
3752 case IEEE80211_BAND_2GHZ:
3753 if (d->phy.supports_2ghz) {
3754 up_dev = d;
3755 gmode = true;
3756 }
3757 break;
3758 default:
3759 B43_WARN_ON(1);
3760 return -EINVAL;
3761 }
3762 if (up_dev)
3763 break;
3764 }
3765 if (!up_dev) {
3766 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3767 band_to_string(chan->band));
3768 return -ENODEV;
3769 }
3770 if ((up_dev == wl->current_dev) &&
3771 (!!wl->current_dev->phy.gmode == !!gmode)) {
3772 /* This device is already running. */
3773 return 0;
3774 }
3775 b43dbg(wl, "Switching to %s-GHz band\n",
3776 band_to_string(chan->band));
3777 down_dev = wl->current_dev;
3778
3779 prev_status = b43_status(down_dev);
3780 /* Shutdown the currently running core. */
3781 if (prev_status >= B43_STAT_STARTED)
3782 down_dev = b43_wireless_core_stop(down_dev);
3783 if (prev_status >= B43_STAT_INITIALIZED)
3784 b43_wireless_core_exit(down_dev);
3785
3786 if (down_dev != up_dev) {
3787 /* We switch to a different core, so we put PHY into
3788 * RESET on the old core. */
3789 b43_put_phy_into_reset(down_dev);
3790 }
3791
3792 /* Now start the new core. */
3793 up_dev->phy.gmode = gmode;
3794 if (prev_status >= B43_STAT_INITIALIZED) {
3795 err = b43_wireless_core_init(up_dev);
3796 if (err) {
3797 b43err(wl, "Fatal: Could not initialize device for "
3798 "selected %s-GHz band\n",
3799 band_to_string(chan->band));
3800 goto init_failure;
3801 }
3802 }
3803 if (prev_status >= B43_STAT_STARTED) {
3804 err = b43_wireless_core_start(up_dev);
3805 if (err) {
3806 b43err(wl, "Fatal: Could not start device for "
3807 "selected %s-GHz band\n",
3808 band_to_string(chan->band));
3809 b43_wireless_core_exit(up_dev);
3810 goto init_failure;
3811 }
3812 }
3813 B43_WARN_ON(b43_status(up_dev) != prev_status);
3814
3815 wl->current_dev = up_dev;
3816
3817 return 0;
3818init_failure:
3819 /* Whoops, failed to init the new core. No core is operating now. */
3820 wl->current_dev = NULL;
3821 return err;
3822}
3823
3824/* Write the short and long frame retry limit values. */
3825static void b43_set_retry_limits(struct b43_wldev *dev,
3826 unsigned int short_retry,
3827 unsigned int long_retry)
3828{
3829 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3830 * the chip-internal counter. */
3831 short_retry = min(short_retry, (unsigned int)0xF);
3832 long_retry = min(long_retry, (unsigned int)0xF);
3833
3834 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3835 short_retry);
3836 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3837 long_retry);
3838}
3839
3840static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3841{
3842 struct b43_wl *wl = hw_to_b43_wl(hw);
3843 struct b43_wldev *dev;
3844 struct b43_phy *phy;
3845 struct ieee80211_conf *conf = &hw->conf;
3846 int antenna;
3847 int err = 0;
3848 bool reload_bss = false;
3849
3850 mutex_lock(&wl->mutex);
3851
3852 dev = wl->current_dev;
3853
3854 /* Switch the band (if necessary). This might change the active core. */
3855 err = b43_switch_band(wl, conf->chandef.chan);
3856 if (err)
3857 goto out_unlock_mutex;
3858
3859 /* Need to reload all settings if the core changed */
3860 if (dev != wl->current_dev) {
3861 dev = wl->current_dev;
3862 changed = ~0;
3863 reload_bss = true;
3864 }
3865
3866 phy = &dev->phy;
3867
3868 if (conf_is_ht(conf))
3869 phy->is_40mhz =
3870 (conf_is_ht40_minus(conf) || conf_is_ht40_plus(conf));
3871 else
3872 phy->is_40mhz = false;
3873
3874 b43_mac_suspend(dev);
3875
3876 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3877 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3878 conf->long_frame_max_tx_count);
3879 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3880 if (!changed)
3881 goto out_mac_enable;
3882
3883 /* Switch to the requested channel.
3884 * The firmware takes care of races with the TX handler. */
3885 if (conf->chandef.chan->hw_value != phy->channel)
3886 b43_switch_channel(dev, conf->chandef.chan->hw_value);
3887
3888 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
3889
3890 /* Adjust the desired TX power level. */
3891 if (conf->power_level != 0) {
3892 if (conf->power_level != phy->desired_txpower) {
3893 phy->desired_txpower = conf->power_level;
3894 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3895 B43_TXPWR_IGNORE_TSSI);
3896 }
3897 }
3898
3899 /* Antennas for RX and management frame TX. */
3900 antenna = B43_ANTENNA_DEFAULT;
3901 b43_mgmtframe_txantenna(dev, antenna);
3902 antenna = B43_ANTENNA_DEFAULT;
3903 if (phy->ops->set_rx_antenna)
3904 phy->ops->set_rx_antenna(dev, antenna);
3905
3906 if (wl->radio_enabled != phy->radio_on) {
3907 if (wl->radio_enabled) {
3908 b43_software_rfkill(dev, false);
3909 b43info(dev->wl, "Radio turned on by software\n");
3910 if (!dev->radio_hw_enable) {
3911 b43info(dev->wl, "The hardware RF-kill button "
3912 "still turns the radio physically off. "
3913 "Press the button to turn it on.\n");
3914 }
3915 } else {
3916 b43_software_rfkill(dev, true);
3917 b43info(dev->wl, "Radio turned off by software\n");
3918 }
3919 }
3920
3921out_mac_enable:
3922 b43_mac_enable(dev);
3923out_unlock_mutex:
3924 mutex_unlock(&wl->mutex);
3925
3926 if (wl->vif && reload_bss)
3927 b43_op_bss_info_changed(hw, wl->vif, &wl->vif->bss_conf, ~0);
3928
3929 return err;
3930}
3931
3932static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3933{
3934 struct ieee80211_supported_band *sband =
3935 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3936 struct ieee80211_rate *rate;
3937 int i;
3938 u16 basic, direct, offset, basic_offset, rateptr;
3939
3940 for (i = 0; i < sband->n_bitrates; i++) {
3941 rate = &sband->bitrates[i];
3942
3943 if (b43_is_cck_rate(rate->hw_value)) {
3944 direct = B43_SHM_SH_CCKDIRECT;
3945 basic = B43_SHM_SH_CCKBASIC;
3946 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3947 offset &= 0xF;
3948 } else {
3949 direct = B43_SHM_SH_OFDMDIRECT;
3950 basic = B43_SHM_SH_OFDMBASIC;
3951 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3952 offset &= 0xF;
3953 }
3954
3955 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3956
3957 if (b43_is_cck_rate(rate->hw_value)) {
3958 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3959 basic_offset &= 0xF;
3960 } else {
3961 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3962 basic_offset &= 0xF;
3963 }
3964
3965 /*
3966 * Get the pointer that we need to point to
3967 * from the direct map
3968 */
3969 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3970 direct + 2 * basic_offset);
3971 /* and write it to the basic map */
3972 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3973 rateptr);
3974 }
3975}
3976
3977static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3978 struct ieee80211_vif *vif,
3979 struct ieee80211_bss_conf *conf,
3980 u32 changed)
3981{
3982 struct b43_wl *wl = hw_to_b43_wl(hw);
3983 struct b43_wldev *dev;
3984
3985 mutex_lock(&wl->mutex);
3986
3987 dev = wl->current_dev;
3988 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3989 goto out_unlock_mutex;
3990
3991 B43_WARN_ON(wl->vif != vif);
3992
3993 if (changed & BSS_CHANGED_BSSID) {
3994 if (conf->bssid)
3995 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3996 else
3997 memset(wl->bssid, 0, ETH_ALEN);
3998 }
3999
4000 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
4001 if (changed & BSS_CHANGED_BEACON &&
4002 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
4003 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
4004 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
4005 b43_update_templates(wl);
4006
4007 if (changed & BSS_CHANGED_BSSID)
4008 b43_write_mac_bssid_templates(dev);
4009 }
4010
4011 b43_mac_suspend(dev);
4012
4013 /* Update templates for AP/mesh mode. */
4014 if (changed & BSS_CHANGED_BEACON_INT &&
4015 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
4016 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
4017 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) &&
4018 conf->beacon_int)
4019 b43_set_beacon_int(dev, conf->beacon_int);
4020
4021 if (changed & BSS_CHANGED_BASIC_RATES)
4022 b43_update_basic_rates(dev, conf->basic_rates);
4023
4024 if (changed & BSS_CHANGED_ERP_SLOT) {
4025 if (conf->use_short_slot)
4026 b43_short_slot_timing_enable(dev);
4027 else
4028 b43_short_slot_timing_disable(dev);
4029 }
4030
4031 b43_mac_enable(dev);
4032out_unlock_mutex:
4033 mutex_unlock(&wl->mutex);
4034}
4035
4036static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
4037 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
4038 struct ieee80211_key_conf *key)
4039{
4040 struct b43_wl *wl = hw_to_b43_wl(hw);
4041 struct b43_wldev *dev;
4042 u8 algorithm;
4043 u8 index;
4044 int err;
4045 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
4046
4047 if (modparam_nohwcrypt)
4048 return -ENOSPC; /* User disabled HW-crypto */
4049
4050 if ((vif->type == NL80211_IFTYPE_ADHOC ||
4051 vif->type == NL80211_IFTYPE_MESH_POINT) &&
4052 (key->cipher == WLAN_CIPHER_SUITE_TKIP ||
4053 key->cipher == WLAN_CIPHER_SUITE_CCMP) &&
4054 !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
4055 /*
4056 * For now, disable hw crypto for the RSN IBSS group keys. This
4057 * could be optimized in the future, but until that gets
4058 * implemented, use of software crypto for group addressed
4059 * frames is a acceptable to allow RSN IBSS to be used.
4060 */
4061 return -EOPNOTSUPP;
4062 }
4063
4064 mutex_lock(&wl->mutex);
4065
4066 dev = wl->current_dev;
4067 err = -ENODEV;
4068 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
4069 goto out_unlock;
4070
4071 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
4072 /* We don't have firmware for the crypto engine.
4073 * Must use software-crypto. */
4074 err = -EOPNOTSUPP;
4075 goto out_unlock;
4076 }
4077
4078 err = -EINVAL;
4079 switch (key->cipher) {
4080 case WLAN_CIPHER_SUITE_WEP40:
4081 algorithm = B43_SEC_ALGO_WEP40;
4082 break;
4083 case WLAN_CIPHER_SUITE_WEP104:
4084 algorithm = B43_SEC_ALGO_WEP104;
4085 break;
4086 case WLAN_CIPHER_SUITE_TKIP:
4087 algorithm = B43_SEC_ALGO_TKIP;
4088 break;
4089 case WLAN_CIPHER_SUITE_CCMP:
4090 algorithm = B43_SEC_ALGO_AES;
4091 break;
4092 default:
4093 B43_WARN_ON(1);
4094 goto out_unlock;
4095 }
4096 index = (u8) (key->keyidx);
4097 if (index > 3)
4098 goto out_unlock;
4099
4100 switch (cmd) {
4101 case SET_KEY:
4102 if (algorithm == B43_SEC_ALGO_TKIP &&
4103 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
4104 !modparam_hwtkip)) {
4105 /* We support only pairwise key */
4106 err = -EOPNOTSUPP;
4107 goto out_unlock;
4108 }
4109
4110 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
4111 if (WARN_ON(!sta)) {
4112 err = -EOPNOTSUPP;
4113 goto out_unlock;
4114 }
4115 /* Pairwise key with an assigned MAC address. */
4116 err = b43_key_write(dev, -1, algorithm,
4117 key->key, key->keylen,
4118 sta->addr, key);
4119 } else {
4120 /* Group key */
4121 err = b43_key_write(dev, index, algorithm,
4122 key->key, key->keylen, NULL, key);
4123 }
4124 if (err)
4125 goto out_unlock;
4126
4127 if (algorithm == B43_SEC_ALGO_WEP40 ||
4128 algorithm == B43_SEC_ALGO_WEP104) {
4129 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
4130 } else {
4131 b43_hf_write(dev,
4132 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
4133 }
4134 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
4135 if (algorithm == B43_SEC_ALGO_TKIP)
4136 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
4137 break;
4138 case DISABLE_KEY: {
4139 err = b43_key_clear(dev, key->hw_key_idx);
4140 if (err)
4141 goto out_unlock;
4142 break;
4143 }
4144 default:
4145 B43_WARN_ON(1);
4146 }
4147
4148out_unlock:
4149 if (!err) {
4150 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
4151 "mac: %pM\n",
4152 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
4153 sta ? sta->addr : bcast_addr);
4154 b43_dump_keymemory(dev);
4155 }
4156 mutex_unlock(&wl->mutex);
4157
4158 return err;
4159}
4160
4161static void b43_op_configure_filter(struct ieee80211_hw *hw,
4162 unsigned int changed, unsigned int *fflags,
4163 u64 multicast)
4164{
4165 struct b43_wl *wl = hw_to_b43_wl(hw);
4166 struct b43_wldev *dev;
4167
4168 mutex_lock(&wl->mutex);
4169 dev = wl->current_dev;
4170 if (!dev) {
4171 *fflags = 0;
4172 goto out_unlock;
4173 }
4174
4175 *fflags &= FIF_PROMISC_IN_BSS |
4176 FIF_ALLMULTI |
4177 FIF_FCSFAIL |
4178 FIF_PLCPFAIL |
4179 FIF_CONTROL |
4180 FIF_OTHER_BSS |
4181 FIF_BCN_PRBRESP_PROMISC;
4182
4183 changed &= FIF_PROMISC_IN_BSS |
4184 FIF_ALLMULTI |
4185 FIF_FCSFAIL |
4186 FIF_PLCPFAIL |
4187 FIF_CONTROL |
4188 FIF_OTHER_BSS |
4189 FIF_BCN_PRBRESP_PROMISC;
4190
4191 wl->filter_flags = *fflags;
4192
4193 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
4194 b43_adjust_opmode(dev);
4195
4196out_unlock:
4197 mutex_unlock(&wl->mutex);
4198}
4199
4200/* Locking: wl->mutex
4201 * Returns the current dev. This might be different from the passed in dev,
4202 * because the core might be gone away while we unlocked the mutex. */
4203static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
4204{
4205 struct b43_wl *wl;
4206 struct b43_wldev *orig_dev;
4207 u32 mask;
4208 int queue_num;
4209
4210 if (!dev)
4211 return NULL;
4212 wl = dev->wl;
4213redo:
4214 if (!dev || b43_status(dev) < B43_STAT_STARTED)
4215 return dev;
4216
4217 /* Cancel work. Unlock to avoid deadlocks. */
4218 mutex_unlock(&wl->mutex);
4219 cancel_delayed_work_sync(&dev->periodic_work);
4220 cancel_work_sync(&wl->tx_work);
4221 mutex_lock(&wl->mutex);
4222 dev = wl->current_dev;
4223 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
4224 /* Whoops, aliens ate up the device while we were unlocked. */
4225 return dev;
4226 }
4227
4228 /* Disable interrupts on the device. */
4229 b43_set_status(dev, B43_STAT_INITIALIZED);
4230 if (b43_bus_host_is_sdio(dev->dev)) {
4231 /* wl->mutex is locked. That is enough. */
4232 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
4233 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
4234 } else {
4235 spin_lock_irq(&wl->hardirq_lock);
4236 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
4237 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
4238 spin_unlock_irq(&wl->hardirq_lock);
4239 }
4240 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
4241 orig_dev = dev;
4242 mutex_unlock(&wl->mutex);
4243 if (b43_bus_host_is_sdio(dev->dev)) {
4244 b43_sdio_free_irq(dev);
4245 } else {
4246 synchronize_irq(dev->dev->irq);
4247 free_irq(dev->dev->irq, dev);
4248 }
4249 mutex_lock(&wl->mutex);
4250 dev = wl->current_dev;
4251 if (!dev)
4252 return dev;
4253 if (dev != orig_dev) {
4254 if (b43_status(dev) >= B43_STAT_STARTED)
4255 goto redo;
4256 return dev;
4257 }
4258 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
4259 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
4260
4261 /* Drain all TX queues. */
4262 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
4263 while (skb_queue_len(&wl->tx_queue[queue_num])) {
4264 struct sk_buff *skb;
4265
4266 skb = skb_dequeue(&wl->tx_queue[queue_num]);
4267 ieee80211_free_txskb(wl->hw, skb);
4268 }
4269 }
4270
4271 b43_mac_suspend(dev);
4272 b43_leds_exit(dev);
4273 b43dbg(wl, "Wireless interface stopped\n");
4274
4275 return dev;
4276}
4277
4278/* Locking: wl->mutex */
4279static int b43_wireless_core_start(struct b43_wldev *dev)
4280{
4281 int err;
4282
4283 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4284
4285 drain_txstatus_queue(dev);
4286 if (b43_bus_host_is_sdio(dev->dev)) {
4287 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4288 if (err) {
4289 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4290 goto out;
4291 }
4292 } else {
4293 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
4294 b43_interrupt_thread_handler,
4295 IRQF_SHARED, KBUILD_MODNAME, dev);
4296 if (err) {
4297 b43err(dev->wl, "Cannot request IRQ-%d\n",
4298 dev->dev->irq);
4299 goto out;
4300 }
4301 }
4302
4303 /* We are ready to run. */
4304 ieee80211_wake_queues(dev->wl->hw);
4305 b43_set_status(dev, B43_STAT_STARTED);
4306
4307 /* Start data flow (TX/RX). */
4308 b43_mac_enable(dev);
4309 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4310
4311 /* Start maintenance work */
4312 b43_periodic_tasks_setup(dev);
4313
4314 b43_leds_init(dev);
4315
4316 b43dbg(dev->wl, "Wireless interface started\n");
4317out:
4318 return err;
4319}
4320
4321static char *b43_phy_name(struct b43_wldev *dev, u8 phy_type)
4322{
4323 switch (phy_type) {
4324 case B43_PHYTYPE_A:
4325 return "A";
4326 case B43_PHYTYPE_B:
4327 return "B";
4328 case B43_PHYTYPE_G:
4329 return "G";
4330 case B43_PHYTYPE_N:
4331 return "N";
4332 case B43_PHYTYPE_LP:
4333 return "LP";
4334 case B43_PHYTYPE_SSLPN:
4335 return "SSLPN";
4336 case B43_PHYTYPE_HT:
4337 return "HT";
4338 case B43_PHYTYPE_LCN:
4339 return "LCN";
4340 case B43_PHYTYPE_LCNXN:
4341 return "LCNXN";
4342 case B43_PHYTYPE_LCN40:
4343 return "LCN40";
4344 case B43_PHYTYPE_AC:
4345 return "AC";
4346 }
4347 return "UNKNOWN";
4348}
4349
4350/* Get PHY and RADIO versioning numbers */
4351static int b43_phy_versioning(struct b43_wldev *dev)
4352{
4353 struct b43_phy *phy = &dev->phy;
4354 u32 tmp;
4355 u8 analog_type;
4356 u8 phy_type;
4357 u8 phy_rev;
4358 u16 radio_manuf;
4359 u16 radio_ver;
4360 u16 radio_rev;
4361 int unsupported = 0;
4362
4363 /* Get PHY versioning */
4364 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4365 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4366 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4367 phy_rev = (tmp & B43_PHYVER_VERSION);
4368 switch (phy_type) {
4369 case B43_PHYTYPE_A:
4370 if (phy_rev >= 4)
4371 unsupported = 1;
4372 break;
4373 case B43_PHYTYPE_B:
4374 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
4375 && phy_rev != 7)
4376 unsupported = 1;
4377 break;
4378 case B43_PHYTYPE_G:
4379 if (phy_rev > 9)
4380 unsupported = 1;
4381 break;
4382#ifdef CONFIG_B43_PHY_N
4383 case B43_PHYTYPE_N:
4384 if (phy_rev > 9)
4385 unsupported = 1;
4386 break;
4387#endif
4388#ifdef CONFIG_B43_PHY_LP
4389 case B43_PHYTYPE_LP:
4390 if (phy_rev > 2)
4391 unsupported = 1;
4392 break;
4393#endif
4394#ifdef CONFIG_B43_PHY_HT
4395 case B43_PHYTYPE_HT:
4396 if (phy_rev > 1)
4397 unsupported = 1;
4398 break;
4399#endif
4400#ifdef CONFIG_B43_PHY_LCN
4401 case B43_PHYTYPE_LCN:
4402 if (phy_rev > 1)
4403 unsupported = 1;
4404 break;
4405#endif
4406 default:
4407 unsupported = 1;
4408 }
4409 if (unsupported) {
4410 b43err(dev->wl, "FOUND UNSUPPORTED PHY (Analog %u, Type %d (%s), Revision %u)\n",
4411 analog_type, phy_type, b43_phy_name(dev, phy_type),
4412 phy_rev);
4413 return -EOPNOTSUPP;
4414 }
4415 b43info(dev->wl, "Found PHY: Analog %u, Type %d (%s), Revision %u\n",
4416 analog_type, phy_type, b43_phy_name(dev, phy_type), phy_rev);
4417
4418 /* Get RADIO versioning */
4419 if (dev->dev->core_rev >= 24) {
4420 u16 radio24[3];
4421
4422 for (tmp = 0; tmp < 3; tmp++) {
4423 b43_write16(dev, B43_MMIO_RADIO24_CONTROL, tmp);
4424 radio24[tmp] = b43_read16(dev, B43_MMIO_RADIO24_DATA);
4425 }
4426
4427 /* Broadcom uses "id" for our "ver" and has separated "ver" */
4428 /* radio_ver = (radio24[0] & 0xF0) >> 4; */
4429
4430 radio_manuf = 0x17F;
4431 radio_ver = (radio24[2] << 8) | radio24[1];
4432 radio_rev = (radio24[0] & 0xF);
4433 } else {
4434 if (dev->dev->chip_id == 0x4317) {
4435 if (dev->dev->chip_rev == 0)
4436 tmp = 0x3205017F;
4437 else if (dev->dev->chip_rev == 1)
4438 tmp = 0x4205017F;
4439 else
4440 tmp = 0x5205017F;
4441 } else {
4442 b43_write16(dev, B43_MMIO_RADIO_CONTROL,
4443 B43_RADIOCTL_ID);
4444 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4445 b43_write16(dev, B43_MMIO_RADIO_CONTROL,
4446 B43_RADIOCTL_ID);
4447 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH)
4448 << 16;
4449 }
4450 radio_manuf = (tmp & 0x00000FFF);
4451 radio_ver = (tmp & 0x0FFFF000) >> 12;
4452 radio_rev = (tmp & 0xF0000000) >> 28;
4453 }
4454
4455 if (radio_manuf != 0x17F /* Broadcom */)
4456 unsupported = 1;
4457 switch (phy_type) {
4458 case B43_PHYTYPE_A:
4459 if (radio_ver != 0x2060)
4460 unsupported = 1;
4461 if (radio_rev != 1)
4462 unsupported = 1;
4463 if (radio_manuf != 0x17F)
4464 unsupported = 1;
4465 break;
4466 case B43_PHYTYPE_B:
4467 if ((radio_ver & 0xFFF0) != 0x2050)
4468 unsupported = 1;
4469 break;
4470 case B43_PHYTYPE_G:
4471 if (radio_ver != 0x2050)
4472 unsupported = 1;
4473 break;
4474 case B43_PHYTYPE_N:
4475 if (radio_ver != 0x2055 && radio_ver != 0x2056)
4476 unsupported = 1;
4477 break;
4478 case B43_PHYTYPE_LP:
4479 if (radio_ver != 0x2062 && radio_ver != 0x2063)
4480 unsupported = 1;
4481 break;
4482 case B43_PHYTYPE_HT:
4483 if (radio_ver != 0x2059)
4484 unsupported = 1;
4485 break;
4486 case B43_PHYTYPE_LCN:
4487 if (radio_ver != 0x2064)
4488 unsupported = 1;
4489 break;
4490 default:
4491 B43_WARN_ON(1);
4492 }
4493 if (unsupported) {
4494 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
4495 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
4496 radio_manuf, radio_ver, radio_rev);
4497 return -EOPNOTSUPP;
4498 }
4499 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4500 radio_manuf, radio_ver, radio_rev);
4501
4502 phy->radio_manuf = radio_manuf;
4503 phy->radio_ver = radio_ver;
4504 phy->radio_rev = radio_rev;
4505
4506 phy->analog = analog_type;
4507 phy->type = phy_type;
4508 phy->rev = phy_rev;
4509
4510 return 0;
4511}
4512
4513static void setup_struct_phy_for_init(struct b43_wldev *dev,
4514 struct b43_phy *phy)
4515{
4516 phy->hardware_power_control = !!modparam_hwpctl;
4517 phy->next_txpwr_check_time = jiffies;
4518 /* PHY TX errors counter. */
4519 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4520
4521#if B43_DEBUG
4522 phy->phy_locked = false;
4523 phy->radio_locked = false;
4524#endif
4525}
4526
4527static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4528{
4529 dev->dfq_valid = false;
4530
4531 /* Assume the radio is enabled. If it's not enabled, the state will
4532 * immediately get fixed on the first periodic work run. */
4533 dev->radio_hw_enable = true;
4534
4535 /* Stats */
4536 memset(&dev->stats, 0, sizeof(dev->stats));
4537
4538 setup_struct_phy_for_init(dev, &dev->phy);
4539
4540 /* IRQ related flags */
4541 dev->irq_reason = 0;
4542 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4543 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4544 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4545 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4546
4547 dev->mac_suspended = 1;
4548
4549 /* Noise calculation context */
4550 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4551}
4552
4553static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4554{
4555 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4556 u64 hf;
4557
4558 if (!modparam_btcoex)
4559 return;
4560 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4561 return;
4562 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4563 return;
4564
4565 hf = b43_hf_read(dev);
4566 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4567 hf |= B43_HF_BTCOEXALT;
4568 else
4569 hf |= B43_HF_BTCOEX;
4570 b43_hf_write(dev, hf);
4571}
4572
4573static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4574{
4575 if (!modparam_btcoex)
4576 return;
4577 //TODO
4578}
4579
4580static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4581{
4582 struct ssb_bus *bus;
4583 u32 tmp;
4584
4585 if (dev->dev->bus_type != B43_BUS_SSB)
4586 return;
4587
4588 bus = dev->dev->sdev->bus;
4589
4590 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4591 (bus->chip_id == 0x4312)) {
4592 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO);
4593 tmp &= ~SSB_IMCFGLO_REQTO;
4594 tmp &= ~SSB_IMCFGLO_SERTO;
4595 tmp |= 0x3;
4596 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp);
4597 ssb_commit_settings(bus);
4598 }
4599}
4600
4601static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4602{
4603 u16 pu_delay;
4604
4605 /* The time value is in microseconds. */
4606 if (dev->phy.type == B43_PHYTYPE_A)
4607 pu_delay = 3700;
4608 else
4609 pu_delay = 1050;
4610 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4611 pu_delay = 500;
4612 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4613 pu_delay = max(pu_delay, (u16)2400);
4614
4615 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4616}
4617
4618/* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4619static void b43_set_pretbtt(struct b43_wldev *dev)
4620{
4621 u16 pretbtt;
4622
4623 /* The time value is in microseconds. */
4624 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4625 pretbtt = 2;
4626 } else {
4627 if (dev->phy.type == B43_PHYTYPE_A)
4628 pretbtt = 120;
4629 else
4630 pretbtt = 250;
4631 }
4632 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4633 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4634}
4635
4636/* Shutdown a wireless core */
4637/* Locking: wl->mutex */
4638static void b43_wireless_core_exit(struct b43_wldev *dev)
4639{
4640 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4641 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4642 return;
4643
4644 b43_set_status(dev, B43_STAT_UNINIT);
4645
4646 /* Stop the microcode PSM. */
4647 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN,
4648 B43_MACCTL_PSM_JMP0);
4649
4650 switch (dev->dev->bus_type) {
4651#ifdef CONFIG_B43_BCMA
4652 case B43_BUS_BCMA:
4653 bcma_core_pci_down(dev->dev->bdev->bus);
4654 break;
4655#endif
4656#ifdef CONFIG_B43_SSB
4657 case B43_BUS_SSB:
4658 /* TODO */
4659 break;
4660#endif
4661 }
4662
4663 b43_dma_free(dev);
4664 b43_pio_free(dev);
4665 b43_chip_exit(dev);
4666 dev->phy.ops->switch_analog(dev, 0);
4667 if (dev->wl->current_beacon) {
4668 dev_kfree_skb_any(dev->wl->current_beacon);
4669 dev->wl->current_beacon = NULL;
4670 }
4671
4672 b43_device_disable(dev, 0);
4673 b43_bus_may_powerdown(dev);
4674}
4675
4676/* Initialize a wireless core */
4677static int b43_wireless_core_init(struct b43_wldev *dev)
4678{
4679 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4680 struct b43_phy *phy = &dev->phy;
4681 int err;
4682 u64 hf;
4683
4684 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4685
4686 err = b43_bus_powerup(dev, 0);
4687 if (err)
4688 goto out;
4689 if (!b43_device_is_enabled(dev))
4690 b43_wireless_core_reset(dev, phy->gmode);
4691
4692 /* Reset all data structures. */
4693 setup_struct_wldev_for_init(dev);
4694 phy->ops->prepare_structs(dev);
4695
4696 /* Enable IRQ routing to this device. */
4697 switch (dev->dev->bus_type) {
4698#ifdef CONFIG_B43_BCMA
4699 case B43_BUS_BCMA:
4700 bcma_core_pci_irq_ctl(&dev->dev->bdev->bus->drv_pci[0],
4701 dev->dev->bdev, true);
4702 bcma_core_pci_up(dev->dev->bdev->bus);
4703 break;
4704#endif
4705#ifdef CONFIG_B43_SSB
4706 case B43_BUS_SSB:
4707 ssb_pcicore_dev_irqvecs_enable(&dev->dev->sdev->bus->pcicore,
4708 dev->dev->sdev);
4709 break;
4710#endif
4711 }
4712
4713 b43_imcfglo_timeouts_workaround(dev);
4714 b43_bluetooth_coext_disable(dev);
4715 if (phy->ops->prepare_hardware) {
4716 err = phy->ops->prepare_hardware(dev);
4717 if (err)
4718 goto err_busdown;
4719 }
4720 err = b43_chip_init(dev);
4721 if (err)
4722 goto err_busdown;
4723 b43_shm_write16(dev, B43_SHM_SHARED,
4724 B43_SHM_SH_WLCOREREV, dev->dev->core_rev);
4725 hf = b43_hf_read(dev);
4726 if (phy->type == B43_PHYTYPE_G) {
4727 hf |= B43_HF_SYMW;
4728 if (phy->rev == 1)
4729 hf |= B43_HF_GDCW;
4730 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4731 hf |= B43_HF_OFDMPABOOST;
4732 }
4733 if (phy->radio_ver == 0x2050) {
4734 if (phy->radio_rev == 6)
4735 hf |= B43_HF_4318TSSI;
4736 if (phy->radio_rev < 6)
4737 hf |= B43_HF_VCORECALC;
4738 }
4739 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4740 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4741#ifdef CONFIG_SSB_DRIVER_PCICORE
4742 if (dev->dev->bus_type == B43_BUS_SSB &&
4743 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI &&
4744 dev->dev->sdev->bus->pcicore.dev->id.revision <= 10)
4745 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4746#endif
4747 hf &= ~B43_HF_SKCFPUP;
4748 b43_hf_write(dev, hf);
4749
4750 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4751 B43_DEFAULT_LONG_RETRY_LIMIT);
4752 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4753 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4754
4755 /* Disable sending probe responses from firmware.
4756 * Setting the MaxTime to one usec will always trigger
4757 * a timeout, so we never send any probe resp.
4758 * A timeout of zero is infinite. */
4759 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4760
4761 b43_rate_memory_init(dev);
4762 b43_set_phytxctl_defaults(dev);
4763
4764 /* Minimum Contention Window */
4765 if (phy->type == B43_PHYTYPE_B)
4766 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4767 else
4768 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4769 /* Maximum Contention Window */
4770 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4771
4772 if (b43_bus_host_is_pcmcia(dev->dev) ||
4773 b43_bus_host_is_sdio(dev->dev)) {
4774 dev->__using_pio_transfers = true;
4775 err = b43_pio_init(dev);
4776 } else if (dev->use_pio) {
4777 b43warn(dev->wl, "Forced PIO by use_pio module parameter. "
4778 "This should not be needed and will result in lower "
4779 "performance.\n");
4780 dev->__using_pio_transfers = true;
4781 err = b43_pio_init(dev);
4782 } else {
4783 dev->__using_pio_transfers = false;
4784 err = b43_dma_init(dev);
4785 }
4786 if (err)
4787 goto err_chip_exit;
4788 b43_qos_init(dev);
4789 b43_set_synth_pu_delay(dev, 1);
4790 b43_bluetooth_coext_enable(dev);
4791
4792 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4793 b43_upload_card_macaddress(dev);
4794 b43_security_init(dev);
4795
4796 ieee80211_wake_queues(dev->wl->hw);
4797
4798 b43_set_status(dev, B43_STAT_INITIALIZED);
4799
4800out:
4801 return err;
4802
4803err_chip_exit:
4804 b43_chip_exit(dev);
4805err_busdown:
4806 b43_bus_may_powerdown(dev);
4807 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4808 return err;
4809}
4810
4811static int b43_op_add_interface(struct ieee80211_hw *hw,
4812 struct ieee80211_vif *vif)
4813{
4814 struct b43_wl *wl = hw_to_b43_wl(hw);
4815 struct b43_wldev *dev;
4816 int err = -EOPNOTSUPP;
4817
4818 /* TODO: allow WDS/AP devices to coexist */
4819
4820 if (vif->type != NL80211_IFTYPE_AP &&
4821 vif->type != NL80211_IFTYPE_MESH_POINT &&
4822 vif->type != NL80211_IFTYPE_STATION &&
4823 vif->type != NL80211_IFTYPE_WDS &&
4824 vif->type != NL80211_IFTYPE_ADHOC)
4825 return -EOPNOTSUPP;
4826
4827 mutex_lock(&wl->mutex);
4828 if (wl->operating)
4829 goto out_mutex_unlock;
4830
4831 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4832
4833 dev = wl->current_dev;
4834 wl->operating = true;
4835 wl->vif = vif;
4836 wl->if_type = vif->type;
4837 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4838
4839 b43_adjust_opmode(dev);
4840 b43_set_pretbtt(dev);
4841 b43_set_synth_pu_delay(dev, 0);
4842 b43_upload_card_macaddress(dev);
4843
4844 err = 0;
4845 out_mutex_unlock:
4846 mutex_unlock(&wl->mutex);
4847
4848 if (err == 0)
4849 b43_op_bss_info_changed(hw, vif, &vif->bss_conf, ~0);
4850
4851 return err;
4852}
4853
4854static void b43_op_remove_interface(struct ieee80211_hw *hw,
4855 struct ieee80211_vif *vif)
4856{
4857 struct b43_wl *wl = hw_to_b43_wl(hw);
4858 struct b43_wldev *dev = wl->current_dev;
4859
4860 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4861
4862 mutex_lock(&wl->mutex);
4863
4864 B43_WARN_ON(!wl->operating);
4865 B43_WARN_ON(wl->vif != vif);
4866 wl->vif = NULL;
4867
4868 wl->operating = false;
4869
4870 b43_adjust_opmode(dev);
4871 memset(wl->mac_addr, 0, ETH_ALEN);
4872 b43_upload_card_macaddress(dev);
4873
4874 mutex_unlock(&wl->mutex);
4875}
4876
4877static int b43_op_start(struct ieee80211_hw *hw)
4878{
4879 struct b43_wl *wl = hw_to_b43_wl(hw);
4880 struct b43_wldev *dev = wl->current_dev;
4881 int did_init = 0;
4882 int err = 0;
4883
4884 /* Kill all old instance specific information to make sure
4885 * the card won't use it in the short timeframe between start
4886 * and mac80211 reconfiguring it. */
4887 memset(wl->bssid, 0, ETH_ALEN);
4888 memset(wl->mac_addr, 0, ETH_ALEN);
4889 wl->filter_flags = 0;
4890 wl->radiotap_enabled = false;
4891 b43_qos_clear(wl);
4892 wl->beacon0_uploaded = false;
4893 wl->beacon1_uploaded = false;
4894 wl->beacon_templates_virgin = true;
4895 wl->radio_enabled = true;
4896
4897 mutex_lock(&wl->mutex);
4898
4899 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4900 err = b43_wireless_core_init(dev);
4901 if (err)
4902 goto out_mutex_unlock;
4903 did_init = 1;
4904 }
4905
4906 if (b43_status(dev) < B43_STAT_STARTED) {
4907 err = b43_wireless_core_start(dev);
4908 if (err) {
4909 if (did_init)
4910 b43_wireless_core_exit(dev);
4911 goto out_mutex_unlock;
4912 }
4913 }
4914
4915 /* XXX: only do if device doesn't support rfkill irq */
4916 wiphy_rfkill_start_polling(hw->wiphy);
4917
4918 out_mutex_unlock:
4919 mutex_unlock(&wl->mutex);
4920
4921 /*
4922 * Configuration may have been overwritten during initialization.
4923 * Reload the configuration, but only if initialization was
4924 * successful. Reloading the configuration after a failed init
4925 * may hang the system.
4926 */
4927 if (!err)
4928 b43_op_config(hw, ~0);
4929
4930 return err;
4931}
4932
4933static void b43_op_stop(struct ieee80211_hw *hw)
4934{
4935 struct b43_wl *wl = hw_to_b43_wl(hw);
4936 struct b43_wldev *dev = wl->current_dev;
4937
4938 cancel_work_sync(&(wl->beacon_update_trigger));
4939
4940 if (!dev)
4941 goto out;
4942
4943 mutex_lock(&wl->mutex);
4944 if (b43_status(dev) >= B43_STAT_STARTED) {
4945 dev = b43_wireless_core_stop(dev);
4946 if (!dev)
4947 goto out_unlock;
4948 }
4949 b43_wireless_core_exit(dev);
4950 wl->radio_enabled = false;
4951
4952out_unlock:
4953 mutex_unlock(&wl->mutex);
4954out:
4955 cancel_work_sync(&(wl->txpower_adjust_work));
4956}
4957
4958static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4959 struct ieee80211_sta *sta, bool set)
4960{
4961 struct b43_wl *wl = hw_to_b43_wl(hw);
4962
4963 /* FIXME: add locking */
4964 b43_update_templates(wl);
4965
4966 return 0;
4967}
4968
4969static void b43_op_sta_notify(struct ieee80211_hw *hw,
4970 struct ieee80211_vif *vif,
4971 enum sta_notify_cmd notify_cmd,
4972 struct ieee80211_sta *sta)
4973{
4974 struct b43_wl *wl = hw_to_b43_wl(hw);
4975
4976 B43_WARN_ON(!vif || wl->vif != vif);
4977}
4978
4979static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4980{
4981 struct b43_wl *wl = hw_to_b43_wl(hw);
4982 struct b43_wldev *dev;
4983
4984 mutex_lock(&wl->mutex);
4985 dev = wl->current_dev;
4986 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4987 /* Disable CFP update during scan on other channels. */
4988 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4989 }
4990 mutex_unlock(&wl->mutex);
4991}
4992
4993static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4994{
4995 struct b43_wl *wl = hw_to_b43_wl(hw);
4996 struct b43_wldev *dev;
4997
4998 mutex_lock(&wl->mutex);
4999 dev = wl->current_dev;
5000 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
5001 /* Re-enable CFP update. */
5002 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
5003 }
5004 mutex_unlock(&wl->mutex);
5005}
5006
5007static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
5008 struct survey_info *survey)
5009{
5010 struct b43_wl *wl = hw_to_b43_wl(hw);
5011 struct b43_wldev *dev = wl->current_dev;
5012 struct ieee80211_conf *conf = &hw->conf;
5013
5014 if (idx != 0)
5015 return -ENOENT;
5016
5017 survey->channel = conf->chandef.chan;
5018 survey->filled = SURVEY_INFO_NOISE_DBM;
5019 survey->noise = dev->stats.link_noise;
5020
5021 return 0;
5022}
5023
5024static const struct ieee80211_ops b43_hw_ops = {
5025 .tx = b43_op_tx,
5026 .conf_tx = b43_op_conf_tx,
5027 .add_interface = b43_op_add_interface,
5028 .remove_interface = b43_op_remove_interface,
5029 .config = b43_op_config,
5030 .bss_info_changed = b43_op_bss_info_changed,
5031 .configure_filter = b43_op_configure_filter,
5032 .set_key = b43_op_set_key,
5033 .update_tkip_key = b43_op_update_tkip_key,
5034 .get_stats = b43_op_get_stats,
5035 .get_tsf = b43_op_get_tsf,
5036 .set_tsf = b43_op_set_tsf,
5037 .start = b43_op_start,
5038 .stop = b43_op_stop,
5039 .set_tim = b43_op_beacon_set_tim,
5040 .sta_notify = b43_op_sta_notify,
5041 .sw_scan_start = b43_op_sw_scan_start_notifier,
5042 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
5043 .get_survey = b43_op_get_survey,
5044 .rfkill_poll = b43_rfkill_poll,
5045};
5046
5047/* Hard-reset the chip. Do not call this directly.
5048 * Use b43_controller_restart()
5049 */
5050static void b43_chip_reset(struct work_struct *work)
5051{
5052 struct b43_wldev *dev =
5053 container_of(work, struct b43_wldev, restart_work);
5054 struct b43_wl *wl = dev->wl;
5055 int err = 0;
5056 int prev_status;
5057
5058 mutex_lock(&wl->mutex);
5059
5060 prev_status = b43_status(dev);
5061 /* Bring the device down... */
5062 if (prev_status >= B43_STAT_STARTED) {
5063 dev = b43_wireless_core_stop(dev);
5064 if (!dev) {
5065 err = -ENODEV;
5066 goto out;
5067 }
5068 }
5069 if (prev_status >= B43_STAT_INITIALIZED)
5070 b43_wireless_core_exit(dev);
5071
5072 /* ...and up again. */
5073 if (prev_status >= B43_STAT_INITIALIZED) {
5074 err = b43_wireless_core_init(dev);
5075 if (err)
5076 goto out;
5077 }
5078 if (prev_status >= B43_STAT_STARTED) {
5079 err = b43_wireless_core_start(dev);
5080 if (err) {
5081 b43_wireless_core_exit(dev);
5082 goto out;
5083 }
5084 }
5085out:
5086 if (err)
5087 wl->current_dev = NULL; /* Failed to init the dev. */
5088 mutex_unlock(&wl->mutex);
5089
5090 if (err) {
5091 b43err(wl, "Controller restart FAILED\n");
5092 return;
5093 }
5094
5095 /* reload configuration */
5096 b43_op_config(wl->hw, ~0);
5097 if (wl->vif)
5098 b43_op_bss_info_changed(wl->hw, wl->vif, &wl->vif->bss_conf, ~0);
5099
5100 b43info(wl, "Controller restarted\n");
5101}
5102
5103static int b43_setup_bands(struct b43_wldev *dev,
5104 bool have_2ghz_phy, bool have_5ghz_phy)
5105{
5106 struct ieee80211_hw *hw = dev->wl->hw;
5107
5108 if (have_2ghz_phy)
5109 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
5110 if (dev->phy.type == B43_PHYTYPE_N) {
5111 if (have_5ghz_phy)
5112 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
5113 } else {
5114 if (have_5ghz_phy)
5115 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
5116 }
5117
5118 dev->phy.supports_2ghz = have_2ghz_phy;
5119 dev->phy.supports_5ghz = have_5ghz_phy;
5120
5121 return 0;
5122}
5123
5124static void b43_wireless_core_detach(struct b43_wldev *dev)
5125{
5126 /* We release firmware that late to not be required to re-request
5127 * is all the time when we reinit the core. */
5128 b43_release_firmware(dev);
5129 b43_phy_free(dev);
5130}
5131
5132static int b43_wireless_core_attach(struct b43_wldev *dev)
5133{
5134 struct b43_wl *wl = dev->wl;
5135 struct pci_dev *pdev = NULL;
5136 int err;
5137 u32 tmp;
5138 bool have_2ghz_phy = false, have_5ghz_phy = false;
5139
5140 /* Do NOT do any device initialization here.
5141 * Do it in wireless_core_init() instead.
5142 * This function is for gathering basic information about the HW, only.
5143 * Also some structs may be set up here. But most likely you want to have
5144 * that in core_init(), too.
5145 */
5146
5147#ifdef CONFIG_B43_SSB
5148 if (dev->dev->bus_type == B43_BUS_SSB &&
5149 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI)
5150 pdev = dev->dev->sdev->bus->host_pci;
5151#endif
5152
5153 err = b43_bus_powerup(dev, 0);
5154 if (err) {
5155 b43err(wl, "Bus powerup failed\n");
5156 goto out;
5157 }
5158
5159 /* Get the PHY type. */
5160 switch (dev->dev->bus_type) {
5161#ifdef CONFIG_B43_BCMA
5162 case B43_BUS_BCMA:
5163 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOST);
5164 have_2ghz_phy = !!(tmp & B43_BCMA_IOST_2G_PHY);
5165 have_5ghz_phy = !!(tmp & B43_BCMA_IOST_5G_PHY);
5166 break;
5167#endif
5168#ifdef CONFIG_B43_SSB
5169 case B43_BUS_SSB:
5170 if (dev->dev->core_rev >= 5) {
5171 tmp = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
5172 have_2ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_2GHZ_PHY);
5173 have_5ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_5GHZ_PHY);
5174 } else
5175 B43_WARN_ON(1);
5176 break;
5177#endif
5178 }
5179
5180 dev->phy.gmode = have_2ghz_phy;
5181 dev->phy.radio_on = true;
5182 b43_wireless_core_reset(dev, dev->phy.gmode);
5183
5184 err = b43_phy_versioning(dev);
5185 if (err)
5186 goto err_powerdown;
5187 /* Check if this device supports multiband. */
5188 if (!pdev ||
5189 (pdev->device != 0x4312 &&
5190 pdev->device != 0x4319 && pdev->device != 0x4324)) {
5191 /* No multiband support. */
5192 have_2ghz_phy = false;
5193 have_5ghz_phy = false;
5194 switch (dev->phy.type) {
5195 case B43_PHYTYPE_A:
5196 have_5ghz_phy = true;
5197 break;
5198 case B43_PHYTYPE_LP: //FIXME not always!
5199#if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
5200 have_5ghz_phy = 1;
5201#endif
5202 case B43_PHYTYPE_G:
5203 case B43_PHYTYPE_N:
5204 case B43_PHYTYPE_HT:
5205 case B43_PHYTYPE_LCN:
5206 have_2ghz_phy = true;
5207 break;
5208 default:
5209 B43_WARN_ON(1);
5210 }
5211 }
5212 if (dev->phy.type == B43_PHYTYPE_A) {
5213 /* FIXME */
5214 b43err(wl, "IEEE 802.11a devices are unsupported\n");
5215 err = -EOPNOTSUPP;
5216 goto err_powerdown;
5217 }
5218 if (1 /* disable A-PHY */) {
5219 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
5220 if (dev->phy.type != B43_PHYTYPE_N &&
5221 dev->phy.type != B43_PHYTYPE_LP) {
5222 have_2ghz_phy = true;
5223 have_5ghz_phy = false;
5224 }
5225 }
5226
5227 err = b43_phy_allocate(dev);
5228 if (err)
5229 goto err_powerdown;
5230
5231 dev->phy.gmode = have_2ghz_phy;
5232 b43_wireless_core_reset(dev, dev->phy.gmode);
5233
5234 err = b43_validate_chipaccess(dev);
5235 if (err)
5236 goto err_phy_free;
5237 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
5238 if (err)
5239 goto err_phy_free;
5240
5241 /* Now set some default "current_dev" */
5242 if (!wl->current_dev)
5243 wl->current_dev = dev;
5244 INIT_WORK(&dev->restart_work, b43_chip_reset);
5245
5246 dev->phy.ops->switch_analog(dev, 0);
5247 b43_device_disable(dev, 0);
5248 b43_bus_may_powerdown(dev);
5249
5250out:
5251 return err;
5252
5253err_phy_free:
5254 b43_phy_free(dev);
5255err_powerdown:
5256 b43_bus_may_powerdown(dev);
5257 return err;
5258}
5259
5260static void b43_one_core_detach(struct b43_bus_dev *dev)
5261{
5262 struct b43_wldev *wldev;
5263 struct b43_wl *wl;
5264
5265 /* Do not cancel ieee80211-workqueue based work here.
5266 * See comment in b43_remove(). */
5267
5268 wldev = b43_bus_get_wldev(dev);
5269 wl = wldev->wl;
5270 b43_debugfs_remove_device(wldev);
5271 b43_wireless_core_detach(wldev);
5272 list_del(&wldev->list);
5273 wl->nr_devs--;
5274 b43_bus_set_wldev(dev, NULL);
5275 kfree(wldev);
5276}
5277
5278static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl)
5279{
5280 struct b43_wldev *wldev;
5281 int err = -ENOMEM;
5282
5283 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
5284 if (!wldev)
5285 goto out;
5286
5287 wldev->use_pio = b43_modparam_pio;
5288 wldev->dev = dev;
5289 wldev->wl = wl;
5290 b43_set_status(wldev, B43_STAT_UNINIT);
5291 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
5292 INIT_LIST_HEAD(&wldev->list);
5293
5294 err = b43_wireless_core_attach(wldev);
5295 if (err)
5296 goto err_kfree_wldev;
5297
5298 list_add(&wldev->list, &wl->devlist);
5299 wl->nr_devs++;
5300 b43_bus_set_wldev(dev, wldev);
5301 b43_debugfs_add_device(wldev);
5302
5303 out:
5304 return err;
5305
5306 err_kfree_wldev:
5307 kfree(wldev);
5308 return err;
5309}
5310
5311#define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
5312 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
5313 (pdev->device == _device) && \
5314 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
5315 (pdev->subsystem_device == _subdevice) )
5316
5317static void b43_sprom_fixup(struct ssb_bus *bus)
5318{
5319 struct pci_dev *pdev;
5320
5321 /* boardflags workarounds */
5322 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
5323 bus->chip_id == 0x4301 && bus->sprom.board_rev == 0x74)
5324 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
5325 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
5326 bus->boardinfo.type == 0x4E && bus->sprom.board_rev > 0x40)
5327 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
5328 if (bus->bustype == SSB_BUSTYPE_PCI) {
5329 pdev = bus->host_pci;
5330 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
5331 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
5332 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
5333 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
5334 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
5335 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
5336 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
5337 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
5338 }
5339}
5340
5341static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl)
5342{
5343 struct ieee80211_hw *hw = wl->hw;
5344
5345 ssb_set_devtypedata(dev->sdev, NULL);
5346 ieee80211_free_hw(hw);
5347}
5348
5349static struct b43_wl *b43_wireless_init(struct b43_bus_dev *dev)
5350{
5351 struct ssb_sprom *sprom = dev->bus_sprom;
5352 struct ieee80211_hw *hw;
5353 struct b43_wl *wl;
5354 char chip_name[6];
5355 int queue_num;
5356
5357 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
5358 if (!hw) {
5359 b43err(NULL, "Could not allocate ieee80211 device\n");
5360 return ERR_PTR(-ENOMEM);
5361 }
5362 wl = hw_to_b43_wl(hw);
5363
5364 /* fill hw info */
5365 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
5366 IEEE80211_HW_SIGNAL_DBM;
5367
5368 hw->wiphy->interface_modes =
5369 BIT(NL80211_IFTYPE_AP) |
5370 BIT(NL80211_IFTYPE_MESH_POINT) |
5371 BIT(NL80211_IFTYPE_STATION) |
5372 BIT(NL80211_IFTYPE_WDS) |
5373 BIT(NL80211_IFTYPE_ADHOC);
5374
5375 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
5376
5377 wl->hw_registred = false;
5378 hw->max_rates = 2;
5379 SET_IEEE80211_DEV(hw, dev->dev);
5380 if (is_valid_ether_addr(sprom->et1mac))
5381 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
5382 else
5383 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
5384
5385 /* Initialize struct b43_wl */
5386 wl->hw = hw;
5387 mutex_init(&wl->mutex);
5388 spin_lock_init(&wl->hardirq_lock);
5389 INIT_LIST_HEAD(&wl->devlist);
5390 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
5391 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
5392 INIT_WORK(&wl->tx_work, b43_tx_work);
5393
5394 /* Initialize queues and flags. */
5395 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
5396 skb_queue_head_init(&wl->tx_queue[queue_num]);
5397 wl->tx_queue_stopped[queue_num] = 0;
5398 }
5399
5400 snprintf(chip_name, ARRAY_SIZE(chip_name),
5401 (dev->chip_id > 0x9999) ? "%d" : "%04X", dev->chip_id);
5402 b43info(wl, "Broadcom %s WLAN found (core revision %u)\n", chip_name,
5403 dev->core_rev);
5404 return wl;
5405}
5406
5407#ifdef CONFIG_B43_BCMA
5408static int b43_bcma_probe(struct bcma_device *core)
5409{
5410 struct b43_bus_dev *dev;
5411 struct b43_wl *wl;
5412 int err;
5413
5414 if (!modparam_allhwsupport &&
5415 (core->id.rev == 0x17 || core->id.rev == 0x18)) {
5416 pr_err("Support for cores revisions 0x17 and 0x18 disabled by module param allhwsupport=0. Try b43.allhwsupport=1\n");
5417 return -ENOTSUPP;
5418 }
5419
5420 dev = b43_bus_dev_bcma_init(core);
5421 if (!dev)
5422 return -ENODEV;
5423
5424 wl = b43_wireless_init(dev);
5425 if (IS_ERR(wl)) {
5426 err = PTR_ERR(wl);
5427 goto bcma_out;
5428 }
5429
5430 err = b43_one_core_attach(dev, wl);
5431 if (err)
5432 goto bcma_err_wireless_exit;
5433
5434 /* setup and start work to load firmware */
5435 INIT_WORK(&wl->firmware_load, b43_request_firmware);
5436 schedule_work(&wl->firmware_load);
5437
5438bcma_out:
5439 return err;
5440
5441bcma_err_wireless_exit:
5442 ieee80211_free_hw(wl->hw);
5443 return err;
5444}
5445
5446static void b43_bcma_remove(struct bcma_device *core)
5447{
5448 struct b43_wldev *wldev = bcma_get_drvdata(core);
5449 struct b43_wl *wl = wldev->wl;
5450
5451 /* We must cancel any work here before unregistering from ieee80211,
5452 * as the ieee80211 unreg will destroy the workqueue. */
5453 cancel_work_sync(&wldev->restart_work);
5454 cancel_work_sync(&wl->firmware_load);
5455
5456 B43_WARN_ON(!wl);
5457 if (!wldev->fw.ucode.data)
5458 return; /* NULL if firmware never loaded */
5459 if (wl->current_dev == wldev && wl->hw_registred) {
5460 b43_leds_stop(wldev);
5461 ieee80211_unregister_hw(wl->hw);
5462 }
5463
5464 b43_one_core_detach(wldev->dev);
5465
5466 /* Unregister HW RNG driver */
5467 b43_rng_exit(wl);
5468
5469 b43_leds_unregister(wl);
5470
5471 ieee80211_free_hw(wl->hw);
5472}
5473
5474static struct bcma_driver b43_bcma_driver = {
5475 .name = KBUILD_MODNAME,
5476 .id_table = b43_bcma_tbl,
5477 .probe = b43_bcma_probe,
5478 .remove = b43_bcma_remove,
5479};
5480#endif
5481
5482#ifdef CONFIG_B43_SSB
5483static
5484int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id)
5485{
5486 struct b43_bus_dev *dev;
5487 struct b43_wl *wl;
5488 int err;
5489 int first = 0;
5490
5491 dev = b43_bus_dev_ssb_init(sdev);
5492 if (!dev)
5493 return -ENOMEM;
5494
5495 wl = ssb_get_devtypedata(sdev);
5496 if (!wl) {
5497 /* Probing the first core. Must setup common struct b43_wl */
5498 first = 1;
5499 b43_sprom_fixup(sdev->bus);
5500 wl = b43_wireless_init(dev);
5501 if (IS_ERR(wl)) {
5502 err = PTR_ERR(wl);
5503 goto out;
5504 }
5505 ssb_set_devtypedata(sdev, wl);
5506 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl);
5507 }
5508 err = b43_one_core_attach(dev, wl);
5509 if (err)
5510 goto err_wireless_exit;
5511
5512 /* setup and start work to load firmware */
5513 INIT_WORK(&wl->firmware_load, b43_request_firmware);
5514 schedule_work(&wl->firmware_load);
5515
5516 out:
5517 return err;
5518
5519 err_wireless_exit:
5520 if (first)
5521 b43_wireless_exit(dev, wl);
5522 return err;
5523}
5524
5525static void b43_ssb_remove(struct ssb_device *sdev)
5526{
5527 struct b43_wl *wl = ssb_get_devtypedata(sdev);
5528 struct b43_wldev *wldev = ssb_get_drvdata(sdev);
5529 struct b43_bus_dev *dev = wldev->dev;
5530
5531 /* We must cancel any work here before unregistering from ieee80211,
5532 * as the ieee80211 unreg will destroy the workqueue. */
5533 cancel_work_sync(&wldev->restart_work);
5534 cancel_work_sync(&wl->firmware_load);
5535
5536 B43_WARN_ON(!wl);
5537 if (!wldev->fw.ucode.data)
5538 return; /* NULL if firmware never loaded */
5539 if (wl->current_dev == wldev && wl->hw_registred) {
5540 b43_leds_stop(wldev);
5541 ieee80211_unregister_hw(wl->hw);
5542 }
5543
5544 b43_one_core_detach(dev);
5545
5546 /* Unregister HW RNG driver */
5547 b43_rng_exit(wl);
5548
5549 if (list_empty(&wl->devlist)) {
5550 b43_leds_unregister(wl);
5551 /* Last core on the chip unregistered.
5552 * We can destroy common struct b43_wl.
5553 */
5554 b43_wireless_exit(dev, wl);
5555 }
5556}
5557
5558static struct ssb_driver b43_ssb_driver = {
5559 .name = KBUILD_MODNAME,
5560 .id_table = b43_ssb_tbl,
5561 .probe = b43_ssb_probe,
5562 .remove = b43_ssb_remove,
5563};
5564#endif /* CONFIG_B43_SSB */
5565
5566/* Perform a hardware reset. This can be called from any context. */
5567void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5568{
5569 /* Must avoid requeueing, if we are in shutdown. */
5570 if (b43_status(dev) < B43_STAT_INITIALIZED)
5571 return;
5572 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5573 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5574}
5575
5576static void b43_print_driverinfo(void)
5577{
5578 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5579 *feat_leds = "", *feat_sdio = "";
5580
5581#ifdef CONFIG_B43_PCI_AUTOSELECT
5582 feat_pci = "P";
5583#endif
5584#ifdef CONFIG_B43_PCMCIA
5585 feat_pcmcia = "M";
5586#endif
5587#ifdef CONFIG_B43_PHY_N
5588 feat_nphy = "N";
5589#endif
5590#ifdef CONFIG_B43_LEDS
5591 feat_leds = "L";
5592#endif
5593#ifdef CONFIG_B43_SDIO
5594 feat_sdio = "S";
5595#endif
5596 printk(KERN_INFO "Broadcom 43xx driver loaded "
5597 "[ Features: %s%s%s%s%s ]\n",
5598 feat_pci, feat_pcmcia, feat_nphy,
5599 feat_leds, feat_sdio);
5600}
5601
5602static int __init b43_init(void)
5603{
5604 int err;
5605
5606 b43_debugfs_init();
5607 err = b43_pcmcia_init();
5608 if (err)
5609 goto err_dfs_exit;
5610 err = b43_sdio_init();
5611 if (err)
5612 goto err_pcmcia_exit;
5613#ifdef CONFIG_B43_BCMA
5614 err = bcma_driver_register(&b43_bcma_driver);
5615 if (err)
5616 goto err_sdio_exit;
5617#endif
5618#ifdef CONFIG_B43_SSB
5619 err = ssb_driver_register(&b43_ssb_driver);
5620 if (err)
5621 goto err_bcma_driver_exit;
5622#endif
5623 b43_print_driverinfo();
5624
5625 return err;
5626
5627#ifdef CONFIG_B43_SSB
5628err_bcma_driver_exit:
5629#endif
5630#ifdef CONFIG_B43_BCMA
5631 bcma_driver_unregister(&b43_bcma_driver);
5632err_sdio_exit:
5633#endif
5634 b43_sdio_exit();
5635err_pcmcia_exit:
5636 b43_pcmcia_exit();
5637err_dfs_exit:
5638 b43_debugfs_exit();
5639 return err;
5640}
5641
5642static void __exit b43_exit(void)
5643{
5644#ifdef CONFIG_B43_SSB
5645 ssb_driver_unregister(&b43_ssb_driver);
5646#endif
5647#ifdef CONFIG_B43_BCMA
5648 bcma_driver_unregister(&b43_bcma_driver);
5649#endif
5650 b43_sdio_exit();
5651 b43_pcmcia_exit();
5652 b43_debugfs_exit();
5653}
5654
5655module_init(b43_init)
5656module_exit(b43_exit)