3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
11 Some parts of the code in this file are derived from the ipw2200
12 driver Copyright(c) 2003 - 2004 Intel Corporation.
14 This program is free software; you can redistribute it and/or modify
15 it under the terms of the GNU General Public License as published by
16 the Free Software Foundation; either version 2 of the License, or
17 (at your option) any later version.
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 GNU General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; see the file COPYING. If not, write to
26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
27 Boston, MA 02110-1301, USA.
31 #include <linux/delay.h>
32 #include <linux/init.h>
33 #include <linux/moduleparam.h>
34 #include <linux/if_arp.h>
35 #include <linux/etherdevice.h>
36 #include <linux/version.h>
37 #include <linux/firmware.h>
38 #include <linux/wireless.h>
39 #include <linux/workqueue.h>
40 #include <linux/skbuff.h>
42 #include <linux/dma-mapping.h>
43 #include <asm/unaligned.h>
57 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
58 MODULE_AUTHOR("Martin Langer");
59 MODULE_AUTHOR("Stefano Brivio");
60 MODULE_AUTHOR("Michael Buesch");
61 MODULE_LICENSE("GPL");
63 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
66 static int modparam_bad_frames_preempt;
67 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
68 MODULE_PARM_DESC(bad_frames_preempt,
69 "enable(1) / disable(0) Bad Frames Preemption");
71 static char modparam_fwpostfix[16];
72 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
73 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
75 static int modparam_hwpctl;
76 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
77 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
79 static int modparam_nohwcrypt;
80 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
81 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
83 int b43_modparam_qos = 1;
84 module_param_named(qos, b43_modparam_qos, int, 0444);
85 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
88 static const struct ssb_device_id b43_ssb_tbl[] = {
89 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
90 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
91 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
92 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
99 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
101 /* Channel and ratetables are shared for all devices.
102 * They can't be const, because ieee80211 puts some precalculated
103 * data in there. This data is the same for all devices, so we don't
104 * get concurrency issues */
105 #define RATETAB_ENT(_rateid, _flags) \
107 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
108 .hw_value = (_rateid), \
113 * NOTE: When changing this, sync with xmit.c's
114 * b43_plcp_get_bitrate_idx_* functions!
116 static struct ieee80211_rate __b43_ratetable[] = {
117 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
118 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
119 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
120 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
121 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
122 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
123 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
124 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
125 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
126 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
127 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
128 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
131 #define b43_a_ratetable (__b43_ratetable + 4)
132 #define b43_a_ratetable_size 8
133 #define b43_b_ratetable (__b43_ratetable + 0)
134 #define b43_b_ratetable_size 4
135 #define b43_g_ratetable (__b43_ratetable + 0)
136 #define b43_g_ratetable_size 12
138 #define CHAN4G(_channel, _freq, _flags) { \
139 .band = IEEE80211_BAND_2GHZ, \
140 .center_freq = (_freq), \
141 .hw_value = (_channel), \
143 .max_antenna_gain = 0, \
146 static struct ieee80211_channel b43_2ghz_chantable[] = {
164 #define CHAN5G(_channel, _flags) { \
165 .band = IEEE80211_BAND_5GHZ, \
166 .center_freq = 5000 + (5 * (_channel)), \
167 .hw_value = (_channel), \
169 .max_antenna_gain = 0, \
172 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
173 CHAN5G(32, 0), CHAN5G(34, 0),
174 CHAN5G(36, 0), CHAN5G(38, 0),
175 CHAN5G(40, 0), CHAN5G(42, 0),
176 CHAN5G(44, 0), CHAN5G(46, 0),
177 CHAN5G(48, 0), CHAN5G(50, 0),
178 CHAN5G(52, 0), CHAN5G(54, 0),
179 CHAN5G(56, 0), CHAN5G(58, 0),
180 CHAN5G(60, 0), CHAN5G(62, 0),
181 CHAN5G(64, 0), CHAN5G(66, 0),
182 CHAN5G(68, 0), CHAN5G(70, 0),
183 CHAN5G(72, 0), CHAN5G(74, 0),
184 CHAN5G(76, 0), CHAN5G(78, 0),
185 CHAN5G(80, 0), CHAN5G(82, 0),
186 CHAN5G(84, 0), CHAN5G(86, 0),
187 CHAN5G(88, 0), CHAN5G(90, 0),
188 CHAN5G(92, 0), CHAN5G(94, 0),
189 CHAN5G(96, 0), CHAN5G(98, 0),
190 CHAN5G(100, 0), CHAN5G(102, 0),
191 CHAN5G(104, 0), CHAN5G(106, 0),
192 CHAN5G(108, 0), CHAN5G(110, 0),
193 CHAN5G(112, 0), CHAN5G(114, 0),
194 CHAN5G(116, 0), CHAN5G(118, 0),
195 CHAN5G(120, 0), CHAN5G(122, 0),
196 CHAN5G(124, 0), CHAN5G(126, 0),
197 CHAN5G(128, 0), CHAN5G(130, 0),
198 CHAN5G(132, 0), CHAN5G(134, 0),
199 CHAN5G(136, 0), CHAN5G(138, 0),
200 CHAN5G(140, 0), CHAN5G(142, 0),
201 CHAN5G(144, 0), CHAN5G(145, 0),
202 CHAN5G(146, 0), CHAN5G(147, 0),
203 CHAN5G(148, 0), CHAN5G(149, 0),
204 CHAN5G(150, 0), CHAN5G(151, 0),
205 CHAN5G(152, 0), CHAN5G(153, 0),
206 CHAN5G(154, 0), CHAN5G(155, 0),
207 CHAN5G(156, 0), CHAN5G(157, 0),
208 CHAN5G(158, 0), CHAN5G(159, 0),
209 CHAN5G(160, 0), CHAN5G(161, 0),
210 CHAN5G(162, 0), CHAN5G(163, 0),
211 CHAN5G(164, 0), CHAN5G(165, 0),
212 CHAN5G(166, 0), CHAN5G(168, 0),
213 CHAN5G(170, 0), CHAN5G(172, 0),
214 CHAN5G(174, 0), CHAN5G(176, 0),
215 CHAN5G(178, 0), CHAN5G(180, 0),
216 CHAN5G(182, 0), CHAN5G(184, 0),
217 CHAN5G(186, 0), CHAN5G(188, 0),
218 CHAN5G(190, 0), CHAN5G(192, 0),
219 CHAN5G(194, 0), CHAN5G(196, 0),
220 CHAN5G(198, 0), CHAN5G(200, 0),
221 CHAN5G(202, 0), CHAN5G(204, 0),
222 CHAN5G(206, 0), CHAN5G(208, 0),
223 CHAN5G(210, 0), CHAN5G(212, 0),
224 CHAN5G(214, 0), CHAN5G(216, 0),
225 CHAN5G(218, 0), CHAN5G(220, 0),
226 CHAN5G(222, 0), CHAN5G(224, 0),
227 CHAN5G(226, 0), CHAN5G(228, 0),
230 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
231 CHAN5G(34, 0), CHAN5G(36, 0),
232 CHAN5G(38, 0), CHAN5G(40, 0),
233 CHAN5G(42, 0), CHAN5G(44, 0),
234 CHAN5G(46, 0), CHAN5G(48, 0),
235 CHAN5G(52, 0), CHAN5G(56, 0),
236 CHAN5G(60, 0), CHAN5G(64, 0),
237 CHAN5G(100, 0), CHAN5G(104, 0),
238 CHAN5G(108, 0), CHAN5G(112, 0),
239 CHAN5G(116, 0), CHAN5G(120, 0),
240 CHAN5G(124, 0), CHAN5G(128, 0),
241 CHAN5G(132, 0), CHAN5G(136, 0),
242 CHAN5G(140, 0), CHAN5G(149, 0),
243 CHAN5G(153, 0), CHAN5G(157, 0),
244 CHAN5G(161, 0), CHAN5G(165, 0),
245 CHAN5G(184, 0), CHAN5G(188, 0),
246 CHAN5G(192, 0), CHAN5G(196, 0),
247 CHAN5G(200, 0), CHAN5G(204, 0),
248 CHAN5G(208, 0), CHAN5G(212, 0),
253 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
254 .band = IEEE80211_BAND_5GHZ,
255 .channels = b43_5ghz_nphy_chantable,
256 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
257 .bitrates = b43_a_ratetable,
258 .n_bitrates = b43_a_ratetable_size,
261 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
262 .band = IEEE80211_BAND_5GHZ,
263 .channels = b43_5ghz_aphy_chantable,
264 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
265 .bitrates = b43_a_ratetable,
266 .n_bitrates = b43_a_ratetable_size,
269 static struct ieee80211_supported_band b43_band_2GHz = {
270 .band = IEEE80211_BAND_2GHZ,
271 .channels = b43_2ghz_chantable,
272 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
273 .bitrates = b43_g_ratetable,
274 .n_bitrates = b43_g_ratetable_size,
277 static void b43_wireless_core_exit(struct b43_wldev *dev);
278 static int b43_wireless_core_init(struct b43_wldev *dev);
279 static void b43_wireless_core_stop(struct b43_wldev *dev);
280 static int b43_wireless_core_start(struct b43_wldev *dev);
282 static int b43_ratelimit(struct b43_wl *wl)
284 if (!wl || !wl->current_dev)
286 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
288 /* We are up and running.
289 * Ratelimit the messages to avoid DoS over the net. */
290 return net_ratelimit();
293 void b43info(struct b43_wl *wl, const char *fmt, ...)
297 if (!b43_ratelimit(wl))
300 printk(KERN_INFO "b43-%s: ",
301 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
306 void b43err(struct b43_wl *wl, const char *fmt, ...)
310 if (!b43_ratelimit(wl))
313 printk(KERN_ERR "b43-%s ERROR: ",
314 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
319 void b43warn(struct b43_wl *wl, const char *fmt, ...)
323 if (!b43_ratelimit(wl))
326 printk(KERN_WARNING "b43-%s warning: ",
327 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
333 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
338 printk(KERN_DEBUG "b43-%s debug: ",
339 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
345 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
349 B43_WARN_ON(offset % 4 != 0);
351 macctl = b43_read32(dev, B43_MMIO_MACCTL);
352 if (macctl & B43_MACCTL_BE)
355 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
357 b43_write32(dev, B43_MMIO_RAM_DATA, val);
360 static inline void b43_shm_control_word(struct b43_wldev *dev,
361 u16 routing, u16 offset)
365 /* "offset" is the WORD offset. */
369 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
372 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
374 struct b43_wl *wl = dev->wl;
378 spin_lock_irqsave(&wl->shm_lock, flags);
379 if (routing == B43_SHM_SHARED) {
380 B43_WARN_ON(offset & 0x0001);
381 if (offset & 0x0003) {
382 /* Unaligned access */
383 b43_shm_control_word(dev, routing, offset >> 2);
384 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
386 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
387 ret |= b43_read16(dev, B43_MMIO_SHM_DATA);
393 b43_shm_control_word(dev, routing, offset);
394 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
396 spin_unlock_irqrestore(&wl->shm_lock, flags);
401 u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset)
403 struct b43_wl *wl = dev->wl;
407 spin_lock_irqsave(&wl->shm_lock, flags);
408 if (routing == B43_SHM_SHARED) {
409 B43_WARN_ON(offset & 0x0001);
410 if (offset & 0x0003) {
411 /* Unaligned access */
412 b43_shm_control_word(dev, routing, offset >> 2);
413 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
419 b43_shm_control_word(dev, routing, offset);
420 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
422 spin_unlock_irqrestore(&wl->shm_lock, flags);
427 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
429 struct b43_wl *wl = dev->wl;
432 spin_lock_irqsave(&wl->shm_lock, flags);
433 if (routing == B43_SHM_SHARED) {
434 B43_WARN_ON(offset & 0x0001);
435 if (offset & 0x0003) {
436 /* Unaligned access */
437 b43_shm_control_word(dev, routing, offset >> 2);
438 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
439 (value >> 16) & 0xffff);
440 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
441 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff);
446 b43_shm_control_word(dev, routing, offset);
447 b43_write32(dev, B43_MMIO_SHM_DATA, value);
449 spin_unlock_irqrestore(&wl->shm_lock, flags);
452 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
454 struct b43_wl *wl = dev->wl;
457 spin_lock_irqsave(&wl->shm_lock, flags);
458 if (routing == B43_SHM_SHARED) {
459 B43_WARN_ON(offset & 0x0001);
460 if (offset & 0x0003) {
461 /* Unaligned access */
462 b43_shm_control_word(dev, routing, offset >> 2);
463 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
468 b43_shm_control_word(dev, routing, offset);
469 b43_write16(dev, B43_MMIO_SHM_DATA, value);
471 spin_unlock_irqrestore(&wl->shm_lock, flags);
475 u64 b43_hf_read(struct b43_wldev * dev)
479 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
481 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
483 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
488 /* Write HostFlags */
489 void b43_hf_write(struct b43_wldev *dev, u64 value)
493 lo = (value & 0x00000000FFFFULL);
494 mi = (value & 0x0000FFFF0000ULL) >> 16;
495 hi = (value & 0xFFFF00000000ULL) >> 32;
496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
497 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
498 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
501 void b43_tsf_read(struct b43_wldev *dev, u64 * tsf)
503 /* We need to be careful. As we read the TSF from multiple
504 * registers, we should take care of register overflows.
505 * In theory, the whole tsf read process should be atomic.
506 * We try to be atomic here, by restaring the read process,
507 * if any of the high registers changed (overflew).
509 if (dev->dev->id.revision >= 3) {
510 u32 low, high, high2;
513 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
514 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
515 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
516 } while (unlikely(high != high2));
524 u16 test1, test2, test3;
527 v3 = b43_read16(dev, B43_MMIO_TSF_3);
528 v2 = b43_read16(dev, B43_MMIO_TSF_2);
529 v1 = b43_read16(dev, B43_MMIO_TSF_1);
530 v0 = b43_read16(dev, B43_MMIO_TSF_0);
532 test3 = b43_read16(dev, B43_MMIO_TSF_3);
533 test2 = b43_read16(dev, B43_MMIO_TSF_2);
534 test1 = b43_read16(dev, B43_MMIO_TSF_1);
535 } while (v3 != test3 || v2 != test2 || v1 != test1);
549 static void b43_time_lock(struct b43_wldev *dev)
553 macctl = b43_read32(dev, B43_MMIO_MACCTL);
554 macctl |= B43_MACCTL_TBTTHOLD;
555 b43_write32(dev, B43_MMIO_MACCTL, macctl);
556 /* Commit the write */
557 b43_read32(dev, B43_MMIO_MACCTL);
560 static void b43_time_unlock(struct b43_wldev *dev)
564 macctl = b43_read32(dev, B43_MMIO_MACCTL);
565 macctl &= ~B43_MACCTL_TBTTHOLD;
566 b43_write32(dev, B43_MMIO_MACCTL, macctl);
567 /* Commit the write */
568 b43_read32(dev, B43_MMIO_MACCTL);
571 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
573 /* Be careful with the in-progress timer.
574 * First zero out the low register, so we have a full
575 * register-overflow duration to complete the operation.
577 if (dev->dev->id.revision >= 3) {
578 u32 lo = (tsf & 0x00000000FFFFFFFFULL);
579 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32;
581 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0);
583 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi);
585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo);
587 u16 v0 = (tsf & 0x000000000000FFFFULL);
588 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16;
589 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32;
590 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48;
592 b43_write16(dev, B43_MMIO_TSF_0, 0);
594 b43_write16(dev, B43_MMIO_TSF_3, v3);
596 b43_write16(dev, B43_MMIO_TSF_2, v2);
598 b43_write16(dev, B43_MMIO_TSF_1, v1);
600 b43_write16(dev, B43_MMIO_TSF_0, v0);
604 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
607 b43_tsf_write_locked(dev, tsf);
608 b43_time_unlock(dev);
612 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac)
614 static const u8 zero_addr[ETH_ALEN] = { 0 };
621 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
631 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
634 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
638 u8 mac_bssid[ETH_ALEN * 2];
642 bssid = dev->wl->bssid;
643 mac = dev->wl->mac_addr;
645 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
647 memcpy(mac_bssid, mac, ETH_ALEN);
648 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
650 /* Write our MAC address and BSSID to template ram */
651 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
652 tmp = (u32) (mac_bssid[i + 0]);
653 tmp |= (u32) (mac_bssid[i + 1]) << 8;
654 tmp |= (u32) (mac_bssid[i + 2]) << 16;
655 tmp |= (u32) (mac_bssid[i + 3]) << 24;
656 b43_ram_write(dev, 0x20 + i, tmp);
660 static void b43_upload_card_macaddress(struct b43_wldev *dev)
662 b43_write_mac_bssid_templates(dev);
663 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
666 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
668 /* slot_time is in usec. */
669 if (dev->phy.type != B43_PHYTYPE_G)
671 b43_write16(dev, 0x684, 510 + slot_time);
672 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
675 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
677 b43_set_slot_time(dev, 9);
681 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
683 b43_set_slot_time(dev, 20);
687 /* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable.
688 * Returns the _previously_ enabled IRQ mask.
690 static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask)
694 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
695 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask);
700 /* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable.
701 * Returns the _previously_ enabled IRQ mask.
703 static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask)
707 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
708 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask);
713 /* Synchronize IRQ top- and bottom-half.
714 * IRQs must be masked before calling this.
715 * This must not be called with the irq_lock held.
717 static void b43_synchronize_irq(struct b43_wldev *dev)
719 synchronize_irq(dev->dev->irq);
720 tasklet_kill(&dev->isr_tasklet);
723 /* DummyTransmission function, as documented on
724 * http://bcm-specs.sipsolutions.net/DummyTransmission
726 void b43_dummy_transmission(struct b43_wldev *dev)
728 struct b43_phy *phy = &dev->phy;
729 unsigned int i, max_loop;
742 buffer[0] = 0x000201CC;
747 buffer[0] = 0x000B846E;
754 for (i = 0; i < 5; i++)
755 b43_ram_write(dev, i * 4, buffer[i]);
758 b43_read32(dev, B43_MMIO_MACCTL);
760 b43_write16(dev, 0x0568, 0x0000);
761 b43_write16(dev, 0x07C0, 0x0000);
762 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0);
763 b43_write16(dev, 0x050C, value);
764 b43_write16(dev, 0x0508, 0x0000);
765 b43_write16(dev, 0x050A, 0x0000);
766 b43_write16(dev, 0x054C, 0x0000);
767 b43_write16(dev, 0x056A, 0x0014);
768 b43_write16(dev, 0x0568, 0x0826);
769 b43_write16(dev, 0x0500, 0x0000);
770 b43_write16(dev, 0x0502, 0x0030);
772 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
773 b43_radio_write16(dev, 0x0051, 0x0017);
774 for (i = 0x00; i < max_loop; i++) {
775 value = b43_read16(dev, 0x050E);
780 for (i = 0x00; i < 0x0A; i++) {
781 value = b43_read16(dev, 0x050E);
786 for (i = 0x00; i < 0x0A; i++) {
787 value = b43_read16(dev, 0x0690);
788 if (!(value & 0x0100))
792 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
793 b43_radio_write16(dev, 0x0051, 0x0037);
796 static void key_write(struct b43_wldev *dev,
797 u8 index, u8 algorithm, const u8 * key)
804 /* Key index/algo block */
805 kidx = b43_kidx_to_fw(dev, index);
806 value = ((kidx << 4) | algorithm);
807 b43_shm_write16(dev, B43_SHM_SHARED,
808 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
810 /* Write the key to the Key Table Pointer offset */
811 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
812 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
814 value |= (u16) (key[i + 1]) << 8;
815 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
819 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr)
821 u32 addrtmp[2] = { 0, 0, };
822 u8 per_sta_keys_start = 8;
824 if (b43_new_kidx_api(dev))
825 per_sta_keys_start = 4;
827 B43_WARN_ON(index < per_sta_keys_start);
828 /* We have two default TX keys and possibly two default RX keys.
829 * Physical mac 0 is mapped to physical key 4 or 8, depending
830 * on the firmware version.
831 * So we must adjust the index here.
833 index -= per_sta_keys_start;
836 addrtmp[0] = addr[0];
837 addrtmp[0] |= ((u32) (addr[1]) << 8);
838 addrtmp[0] |= ((u32) (addr[2]) << 16);
839 addrtmp[0] |= ((u32) (addr[3]) << 24);
840 addrtmp[1] = addr[4];
841 addrtmp[1] |= ((u32) (addr[5]) << 8);
844 if (dev->dev->id.revision >= 5) {
845 /* Receive match transmitter address mechanism */
846 b43_shm_write32(dev, B43_SHM_RCMTA,
847 (index * 2) + 0, addrtmp[0]);
848 b43_shm_write16(dev, B43_SHM_RCMTA,
849 (index * 2) + 1, addrtmp[1]);
851 /* RXE (Receive Engine) and
852 * PSM (Programmable State Machine) mechanism
855 /* TODO write to RCM 16, 19, 22 and 25 */
857 b43_shm_write32(dev, B43_SHM_SHARED,
858 B43_SHM_SH_PSM + (index * 6) + 0,
860 b43_shm_write16(dev, B43_SHM_SHARED,
861 B43_SHM_SH_PSM + (index * 6) + 4,
867 static void do_key_write(struct b43_wldev *dev,
868 u8 index, u8 algorithm,
869 const u8 * key, size_t key_len, const u8 * mac_addr)
871 u8 buf[B43_SEC_KEYSIZE] = { 0, };
872 u8 per_sta_keys_start = 8;
874 if (b43_new_kidx_api(dev))
875 per_sta_keys_start = 4;
877 B43_WARN_ON(index >= dev->max_nr_keys);
878 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
880 if (index >= per_sta_keys_start)
881 keymac_write(dev, index, NULL); /* First zero out mac. */
883 memcpy(buf, key, key_len);
884 key_write(dev, index, algorithm, buf);
885 if (index >= per_sta_keys_start)
886 keymac_write(dev, index, mac_addr);
888 dev->key[index].algorithm = algorithm;
891 static int b43_key_write(struct b43_wldev *dev,
892 int index, u8 algorithm,
893 const u8 * key, size_t key_len,
895 struct ieee80211_key_conf *keyconf)
900 if (key_len > B43_SEC_KEYSIZE)
902 for (i = 0; i < dev->max_nr_keys; i++) {
903 /* Check that we don't already have this key. */
904 B43_WARN_ON(dev->key[i].keyconf == keyconf);
907 /* Either pairwise key or address is 00:00:00:00:00:00
908 * for transmit-only keys. Search the index. */
909 if (b43_new_kidx_api(dev))
913 for (i = sta_keys_start; i < dev->max_nr_keys; i++) {
914 if (!dev->key[i].keyconf) {
921 b43err(dev->wl, "Out of hardware key memory\n");
925 B43_WARN_ON(index > 3);
927 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
928 if ((index <= 3) && !b43_new_kidx_api(dev)) {
930 B43_WARN_ON(mac_addr);
931 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
933 keyconf->hw_key_idx = index;
934 dev->key[index].keyconf = keyconf;
939 static int b43_key_clear(struct b43_wldev *dev, int index)
941 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys)))
943 do_key_write(dev, index, B43_SEC_ALGO_NONE,
944 NULL, B43_SEC_KEYSIZE, NULL);
945 if ((index <= 3) && !b43_new_kidx_api(dev)) {
946 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
947 NULL, B43_SEC_KEYSIZE, NULL);
949 dev->key[index].keyconf = NULL;
954 static void b43_clear_keys(struct b43_wldev *dev)
958 for (i = 0; i < dev->max_nr_keys; i++)
959 b43_key_clear(dev, i);
962 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
970 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
971 (ps_flags & B43_PS_DISABLED));
972 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
974 if (ps_flags & B43_PS_ENABLED) {
976 } else if (ps_flags & B43_PS_DISABLED) {
979 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
980 // and thus is not an AP and we are associated, set bit 25
982 if (ps_flags & B43_PS_AWAKE) {
984 } else if (ps_flags & B43_PS_ASLEEP) {
987 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
988 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
989 // successful, set bit26
992 /* FIXME: For now we force awake-on and hwps-off */
996 macctl = b43_read32(dev, B43_MMIO_MACCTL);
998 macctl |= B43_MACCTL_HWPS;
1000 macctl &= ~B43_MACCTL_HWPS;
1002 macctl |= B43_MACCTL_AWAKE;
1004 macctl &= ~B43_MACCTL_AWAKE;
1005 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1007 b43_read32(dev, B43_MMIO_MACCTL);
1008 if (awake && dev->dev->id.revision >= 5) {
1009 /* Wait for the microcode to wake up. */
1010 for (i = 0; i < 100; i++) {
1011 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1012 B43_SHM_SH_UCODESTAT);
1013 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1020 /* Turn the Analog ON/OFF */
1021 static void b43_switch_analog(struct b43_wldev *dev, int on)
1023 switch (dev->phy.type) {
1026 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4);
1029 b43_phy_write(dev, B43_NPHY_AFECTL_OVER,
1037 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1042 flags |= B43_TMSLOW_PHYCLKEN;
1043 flags |= B43_TMSLOW_PHYRESET;
1044 ssb_device_enable(dev->dev, flags);
1045 msleep(2); /* Wait for the PLL to turn on. */
1047 /* Now take the PHY out of Reset again */
1048 tmslow = ssb_read32(dev->dev, SSB_TMSLOW);
1049 tmslow |= SSB_TMSLOW_FGC;
1050 tmslow &= ~B43_TMSLOW_PHYRESET;
1051 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1052 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1054 tmslow &= ~SSB_TMSLOW_FGC;
1055 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1056 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1059 /* Turn Analog ON */
1060 b43_switch_analog(dev, 1);
1062 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1063 macctl &= ~B43_MACCTL_GMODE;
1064 if (flags & B43_TMSLOW_GMODE)
1065 macctl |= B43_MACCTL_GMODE;
1066 macctl |= B43_MACCTL_IHR_ENABLED;
1067 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1070 static void handle_irq_transmit_status(struct b43_wldev *dev)
1074 struct b43_txstatus stat;
1077 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1078 if (!(v0 & 0x00000001))
1080 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1082 stat.cookie = (v0 >> 16);
1083 stat.seq = (v1 & 0x0000FFFF);
1084 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1085 tmp = (v0 & 0x0000FFFF);
1086 stat.frame_count = ((tmp & 0xF000) >> 12);
1087 stat.rts_count = ((tmp & 0x0F00) >> 8);
1088 stat.supp_reason = ((tmp & 0x001C) >> 2);
1089 stat.pm_indicated = !!(tmp & 0x0080);
1090 stat.intermediate = !!(tmp & 0x0040);
1091 stat.for_ampdu = !!(tmp & 0x0020);
1092 stat.acked = !!(tmp & 0x0002);
1094 b43_handle_txstatus(dev, &stat);
1098 static void drain_txstatus_queue(struct b43_wldev *dev)
1102 if (dev->dev->id.revision < 5)
1104 /* Read all entries from the microcode TXstatus FIFO
1105 * and throw them away.
1108 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1109 if (!(dummy & 0x00000001))
1111 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1115 static u32 b43_jssi_read(struct b43_wldev *dev)
1119 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1121 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1126 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1128 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1129 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1132 static void b43_generate_noise_sample(struct b43_wldev *dev)
1134 b43_jssi_write(dev, 0x7F7F7F7F);
1135 b43_write32(dev, B43_MMIO_MACCMD,
1136 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1137 B43_WARN_ON(dev->noisecalc.channel_at_start != dev->phy.channel);
1140 static void b43_calculate_link_quality(struct b43_wldev *dev)
1142 /* Top half of Link Quality calculation. */
1144 if (dev->noisecalc.calculation_running)
1146 dev->noisecalc.channel_at_start = dev->phy.channel;
1147 dev->noisecalc.calculation_running = 1;
1148 dev->noisecalc.nr_samples = 0;
1150 b43_generate_noise_sample(dev);
1153 static void handle_irq_noise(struct b43_wldev *dev)
1155 struct b43_phy *phy = &dev->phy;
1161 /* Bottom half of Link Quality calculation. */
1163 B43_WARN_ON(!dev->noisecalc.calculation_running);
1164 if (dev->noisecalc.channel_at_start != phy->channel)
1165 goto drop_calculation;
1166 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1167 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1168 noise[2] == 0x7F || noise[3] == 0x7F)
1171 /* Get the noise samples. */
1172 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1173 i = dev->noisecalc.nr_samples;
1174 noise[0] = limit_value(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1175 noise[1] = limit_value(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1176 noise[2] = limit_value(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1177 noise[3] = limit_value(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1178 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1179 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1180 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1181 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1182 dev->noisecalc.nr_samples++;
1183 if (dev->noisecalc.nr_samples == 8) {
1184 /* Calculate the Link Quality by the noise samples. */
1186 for (i = 0; i < 8; i++) {
1187 for (j = 0; j < 4; j++)
1188 average += dev->noisecalc.samples[i][j];
1194 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1195 tmp = (tmp / 128) & 0x1F;
1205 dev->stats.link_noise = average;
1207 dev->noisecalc.calculation_running = 0;
1211 b43_generate_noise_sample(dev);
1214 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1216 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) {
1219 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1220 b43_power_saving_ctl_bits(dev, 0);
1222 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS))
1226 static void handle_irq_atim_end(struct b43_wldev *dev)
1228 if (dev->dfq_valid) {
1229 b43_write32(dev, B43_MMIO_MACCMD,
1230 b43_read32(dev, B43_MMIO_MACCMD)
1231 | B43_MACCMD_DFQ_VALID);
1236 static void handle_irq_pmq(struct b43_wldev *dev)
1243 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1244 if (!(tmp & 0x00000008))
1247 /* 16bit write is odd, but correct. */
1248 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1251 static void b43_write_template_common(struct b43_wldev *dev,
1252 const u8 * data, u16 size,
1254 u16 shm_size_offset, u8 rate)
1257 struct b43_plcp_hdr4 plcp;
1260 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1261 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1262 ram_offset += sizeof(u32);
1263 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1264 * So leave the first two bytes of the next write blank.
1266 tmp = (u32) (data[0]) << 16;
1267 tmp |= (u32) (data[1]) << 24;
1268 b43_ram_write(dev, ram_offset, tmp);
1269 ram_offset += sizeof(u32);
1270 for (i = 2; i < size; i += sizeof(u32)) {
1271 tmp = (u32) (data[i + 0]);
1273 tmp |= (u32) (data[i + 1]) << 8;
1275 tmp |= (u32) (data[i + 2]) << 16;
1277 tmp |= (u32) (data[i + 3]) << 24;
1278 b43_ram_write(dev, ram_offset + i - 2, tmp);
1280 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1281 size + sizeof(struct b43_plcp_hdr6));
1284 /* Check if the use of the antenna that ieee80211 told us to
1285 * use is possible. This will fall back to DEFAULT.
1286 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1287 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1292 if (antenna_nr == 0) {
1293 /* Zero means "use default antenna". That's always OK. */
1297 /* Get the mask of available antennas. */
1299 antenna_mask = dev->dev->bus->sprom.ant_available_bg;
1301 antenna_mask = dev->dev->bus->sprom.ant_available_a;
1303 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1304 /* This antenna is not available. Fall back to default. */
1311 static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna)
1313 antenna = b43_ieee80211_antenna_sanitize(dev, antenna);
1315 case 0: /* default/diversity */
1316 return B43_ANTENNA_DEFAULT;
1317 case 1: /* Antenna 0 */
1318 return B43_ANTENNA0;
1319 case 2: /* Antenna 1 */
1320 return B43_ANTENNA1;
1321 case 3: /* Antenna 2 */
1322 return B43_ANTENNA2;
1323 case 4: /* Antenna 3 */
1324 return B43_ANTENNA3;
1326 return B43_ANTENNA_DEFAULT;
1330 /* Convert a b43 antenna number value to the PHY TX control value. */
1331 static u16 b43_antenna_to_phyctl(int antenna)
1335 return B43_TXH_PHY_ANT0;
1337 return B43_TXH_PHY_ANT1;
1339 return B43_TXH_PHY_ANT2;
1341 return B43_TXH_PHY_ANT3;
1342 case B43_ANTENNA_AUTO:
1343 return B43_TXH_PHY_ANT01AUTO;
1349 static void b43_write_beacon_template(struct b43_wldev *dev,
1351 u16 shm_size_offset)
1353 unsigned int i, len, variable_len;
1354 const struct ieee80211_mgmt *bcn;
1361 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1362 len = min((size_t) dev->wl->current_beacon->len,
1363 0x200 - sizeof(struct b43_plcp_hdr6));
1364 rate = dev->wl->beacon_txctl.tx_rate->hw_value;
1366 b43_write_template_common(dev, (const u8 *)bcn,
1367 len, ram_offset, shm_size_offset, rate);
1369 /* Write the PHY TX control parameters. */
1370 antenna = b43_antenna_from_ieee80211(dev,
1371 dev->wl->beacon_txctl.antenna_sel_tx);
1372 antenna = b43_antenna_to_phyctl(antenna);
1373 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1374 /* We can't send beacons with short preamble. Would get PHY errors. */
1375 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1376 ctl &= ~B43_TXH_PHY_ANT;
1377 ctl &= ~B43_TXH_PHY_ENC;
1379 if (b43_is_cck_rate(rate))
1380 ctl |= B43_TXH_PHY_ENC_CCK;
1382 ctl |= B43_TXH_PHY_ENC_OFDM;
1383 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1385 /* Find the position of the TIM and the DTIM_period value
1386 * and write them to SHM. */
1387 ie = bcn->u.beacon.variable;
1388 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1389 for (i = 0; i < variable_len - 2; ) {
1390 uint8_t ie_id, ie_len;
1397 /* This is the TIM Information Element */
1399 /* Check whether the ie_len is in the beacon data range. */
1400 if (variable_len < ie_len + 2 + i)
1402 /* A valid TIM is at least 4 bytes long. */
1407 tim_position = sizeof(struct b43_plcp_hdr6);
1408 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1411 dtim_period = ie[i + 3];
1413 b43_shm_write16(dev, B43_SHM_SHARED,
1414 B43_SHM_SH_TIMBPOS, tim_position);
1415 b43_shm_write16(dev, B43_SHM_SHARED,
1416 B43_SHM_SH_DTIMPER, dtim_period);
1422 b43warn(dev->wl, "Did not find a valid TIM IE in "
1423 "the beacon template packet. AP or IBSS operation "
1424 "may be broken.\n");
1426 b43dbg(dev->wl, "Updated beacon template\n");
1429 static void b43_write_probe_resp_plcp(struct b43_wldev *dev,
1430 u16 shm_offset, u16 size,
1431 struct ieee80211_rate *rate)
1433 struct b43_plcp_hdr4 plcp;
1438 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value);
1439 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1442 /* Write PLCP in two parts and timing for packet transfer */
1443 tmp = le32_to_cpu(plcp.data);
1444 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF);
1445 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16);
1446 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur));
1449 /* Instead of using custom probe response template, this function
1450 * just patches custom beacon template by:
1451 * 1) Changing packet type
1452 * 2) Patching duration field
1455 static const u8 * b43_generate_probe_resp(struct b43_wldev *dev,
1457 struct ieee80211_rate *rate)
1461 u16 src_size, elem_size, src_pos, dest_pos;
1463 struct ieee80211_hdr *hdr;
1466 src_size = dev->wl->current_beacon->len;
1467 src_data = (const u8 *)dev->wl->current_beacon->data;
1469 /* Get the start offset of the variable IEs in the packet. */
1470 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
1471 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable));
1473 if (B43_WARN_ON(src_size < ie_start))
1476 dest_data = kmalloc(src_size, GFP_ATOMIC);
1477 if (unlikely(!dest_data))
1480 /* Copy the static data and all Information Elements, except the TIM. */
1481 memcpy(dest_data, src_data, ie_start);
1483 dest_pos = ie_start;
1484 for ( ; src_pos < src_size - 2; src_pos += elem_size) {
1485 elem_size = src_data[src_pos + 1] + 2;
1486 if (src_data[src_pos] == 5) {
1487 /* This is the TIM. */
1490 memcpy(dest_data + dest_pos, src_data + src_pos,
1492 dest_pos += elem_size;
1494 *dest_size = dest_pos;
1495 hdr = (struct ieee80211_hdr *)dest_data;
1497 /* Set the frame control. */
1498 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1499 IEEE80211_STYPE_PROBE_RESP);
1500 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1501 dev->wl->vif, *dest_size,
1503 hdr->duration_id = dur;
1508 static void b43_write_probe_resp_template(struct b43_wldev *dev,
1510 u16 shm_size_offset,
1511 struct ieee80211_rate *rate)
1513 const u8 *probe_resp_data;
1516 size = dev->wl->current_beacon->len;
1517 probe_resp_data = b43_generate_probe_resp(dev, &size, rate);
1518 if (unlikely(!probe_resp_data))
1521 /* Looks like PLCP headers plus packet timings are stored for
1522 * all possible basic rates
1524 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]);
1525 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]);
1526 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]);
1527 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]);
1529 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6));
1530 b43_write_template_common(dev, probe_resp_data,
1531 size, ram_offset, shm_size_offset,
1533 kfree(probe_resp_data);
1536 static void handle_irq_beacon(struct b43_wldev *dev)
1538 struct b43_wl *wl = dev->wl;
1539 u32 cmd, beacon0_valid, beacon1_valid;
1541 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
1544 /* This is the bottom half of the asynchronous beacon update. */
1546 /* Ignore interrupt in the future. */
1547 dev->irq_savedstate &= ~B43_IRQ_BEACON;
1549 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1550 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1551 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1553 /* Schedule interrupt manually, if busy. */
1554 if (beacon0_valid && beacon1_valid) {
1555 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1556 dev->irq_savedstate |= B43_IRQ_BEACON;
1560 if (!beacon0_valid) {
1561 if (!wl->beacon0_uploaded) {
1562 b43_write_beacon_template(dev, 0x68, 0x18);
1563 b43_write_probe_resp_template(dev, 0x268, 0x4A,
1564 &__b43_ratetable[3]);
1565 wl->beacon0_uploaded = 1;
1567 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1568 cmd |= B43_MACCMD_BEACON0_VALID;
1569 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1570 } else if (!beacon1_valid) {
1571 if (!wl->beacon1_uploaded) {
1572 b43_write_beacon_template(dev, 0x468, 0x1A);
1573 wl->beacon1_uploaded = 1;
1575 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1576 cmd |= B43_MACCMD_BEACON1_VALID;
1577 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1581 static void b43_beacon_update_trigger_work(struct work_struct *work)
1583 struct b43_wl *wl = container_of(work, struct b43_wl,
1584 beacon_update_trigger);
1585 struct b43_wldev *dev;
1587 mutex_lock(&wl->mutex);
1588 dev = wl->current_dev;
1589 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1590 spin_lock_irq(&wl->irq_lock);
1591 /* update beacon right away or defer to irq */
1592 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1593 handle_irq_beacon(dev);
1594 /* The handler might have updated the IRQ mask. */
1595 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK,
1596 dev->irq_savedstate);
1598 spin_unlock_irq(&wl->irq_lock);
1600 mutex_unlock(&wl->mutex);
1603 /* Asynchronously update the packet templates in template RAM.
1604 * Locking: Requires wl->irq_lock to be locked. */
1605 static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon,
1606 const struct ieee80211_tx_control *txctl)
1608 /* This is the top half of the ansynchronous beacon update.
1609 * The bottom half is the beacon IRQ.
1610 * Beacon update must be asynchronous to avoid sending an
1611 * invalid beacon. This can happen for example, if the firmware
1612 * transmits a beacon while we are updating it. */
1614 if (wl->current_beacon)
1615 dev_kfree_skb_any(wl->current_beacon);
1616 wl->current_beacon = beacon;
1617 memcpy(&wl->beacon_txctl, txctl, sizeof(wl->beacon_txctl));
1618 wl->beacon0_uploaded = 0;
1619 wl->beacon1_uploaded = 0;
1620 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger);
1623 static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len)
1628 len = min((u16) ssid_len, (u16) 0x100);
1629 for (i = 0; i < len; i += sizeof(u32)) {
1630 tmp = (u32) (ssid[i + 0]);
1632 tmp |= (u32) (ssid[i + 1]) << 8;
1634 tmp |= (u32) (ssid[i + 2]) << 16;
1636 tmp |= (u32) (ssid[i + 3]) << 24;
1637 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp);
1639 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len);
1642 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1645 if (dev->dev->id.revision >= 3) {
1646 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1647 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1649 b43_write16(dev, 0x606, (beacon_int >> 6));
1650 b43_write16(dev, 0x610, beacon_int);
1652 b43_time_unlock(dev);
1653 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1656 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1661 /* Interrupt handler bottom-half */
1662 static void b43_interrupt_tasklet(struct b43_wldev *dev)
1665 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1666 u32 merged_dma_reason = 0;
1668 unsigned long flags;
1670 spin_lock_irqsave(&dev->wl->irq_lock, flags);
1672 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED);
1674 reason = dev->irq_reason;
1675 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1676 dma_reason[i] = dev->dma_reason[i];
1677 merged_dma_reason |= dma_reason[i];
1680 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1681 b43err(dev->wl, "MAC transmission error\n");
1683 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1684 b43err(dev->wl, "PHY transmission error\n");
1686 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1687 atomic_set(&dev->phy.txerr_cnt,
1688 B43_PHY_TX_BADNESS_LIMIT);
1689 b43err(dev->wl, "Too many PHY TX errors, "
1690 "restarting the controller\n");
1691 b43_controller_restart(dev, "PHY TX errors");
1695 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1696 B43_DMAIRQ_NONFATALMASK))) {
1697 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1698 b43err(dev->wl, "Fatal DMA error: "
1699 "0x%08X, 0x%08X, 0x%08X, "
1700 "0x%08X, 0x%08X, 0x%08X\n",
1701 dma_reason[0], dma_reason[1],
1702 dma_reason[2], dma_reason[3],
1703 dma_reason[4], dma_reason[5]);
1704 b43_controller_restart(dev, "DMA error");
1706 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1709 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1710 b43err(dev->wl, "DMA error: "
1711 "0x%08X, 0x%08X, 0x%08X, "
1712 "0x%08X, 0x%08X, 0x%08X\n",
1713 dma_reason[0], dma_reason[1],
1714 dma_reason[2], dma_reason[3],
1715 dma_reason[4], dma_reason[5]);
1719 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1720 handle_irq_ucode_debug(dev);
1721 if (reason & B43_IRQ_TBTT_INDI)
1722 handle_irq_tbtt_indication(dev);
1723 if (reason & B43_IRQ_ATIM_END)
1724 handle_irq_atim_end(dev);
1725 if (reason & B43_IRQ_BEACON)
1726 handle_irq_beacon(dev);
1727 if (reason & B43_IRQ_PMQ)
1728 handle_irq_pmq(dev);
1729 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1731 if (reason & B43_IRQ_NOISESAMPLE_OK)
1732 handle_irq_noise(dev);
1734 /* Check the DMA reason registers for received data. */
1735 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1736 if (b43_using_pio_transfers(dev))
1737 b43_pio_rx(dev->pio.rx_queue);
1739 b43_dma_rx(dev->dma.rx_ring);
1741 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1742 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1743 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1744 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1745 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1747 if (reason & B43_IRQ_TX_OK)
1748 handle_irq_transmit_status(dev);
1750 b43_interrupt_enable(dev, dev->irq_savedstate);
1752 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1755 static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason)
1757 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1759 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1760 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1761 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1762 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1763 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1764 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1767 /* Interrupt handler top-half */
1768 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1770 irqreturn_t ret = IRQ_NONE;
1771 struct b43_wldev *dev = dev_id;
1777 spin_lock(&dev->wl->irq_lock);
1779 if (b43_status(dev) < B43_STAT_STARTED)
1781 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1782 if (reason == 0xffffffff) /* shared IRQ */
1785 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1789 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1791 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1793 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1795 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1797 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1799 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1802 b43_interrupt_ack(dev, reason);
1803 /* disable all IRQs. They are enabled again in the bottom half. */
1804 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
1805 /* save the reason code and call our bottom half. */
1806 dev->irq_reason = reason;
1807 tasklet_schedule(&dev->isr_tasklet);
1810 spin_unlock(&dev->wl->irq_lock);
1815 static void do_release_fw(struct b43_firmware_file *fw)
1817 release_firmware(fw->data);
1819 fw->filename = NULL;
1822 static void b43_release_firmware(struct b43_wldev *dev)
1824 do_release_fw(&dev->fw.ucode);
1825 do_release_fw(&dev->fw.pcm);
1826 do_release_fw(&dev->fw.initvals);
1827 do_release_fw(&dev->fw.initvals_band);
1830 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
1834 text = "You must go to "
1835 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware "
1836 "and download the latest firmware (version 4).\n";
1843 static int do_request_fw(struct b43_wldev *dev,
1845 struct b43_firmware_file *fw)
1847 char path[sizeof(modparam_fwpostfix) + 32];
1848 const struct firmware *blob;
1849 struct b43_fw_header *hdr;
1854 /* Don't fetch anything. Free possibly cached firmware. */
1859 if (strcmp(fw->filename, name) == 0)
1860 return 0; /* Already have this fw. */
1861 /* Free the cached firmware first. */
1865 snprintf(path, ARRAY_SIZE(path),
1867 modparam_fwpostfix, name);
1868 err = request_firmware(&blob, path, dev->dev->dev);
1870 b43err(dev->wl, "Firmware file \"%s\" not found "
1871 "or load failed.\n", path);
1874 if (blob->size < sizeof(struct b43_fw_header))
1876 hdr = (struct b43_fw_header *)(blob->data);
1877 switch (hdr->type) {
1878 case B43_FW_TYPE_UCODE:
1879 case B43_FW_TYPE_PCM:
1880 size = be32_to_cpu(hdr->size);
1881 if (size != blob->size - sizeof(struct b43_fw_header))
1884 case B43_FW_TYPE_IV:
1893 fw->filename = name;
1898 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path);
1899 release_firmware(blob);
1904 static int b43_request_firmware(struct b43_wldev *dev)
1906 struct b43_firmware *fw = &dev->fw;
1907 const u8 rev = dev->dev->id.revision;
1908 const char *filename;
1913 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
1914 if ((rev >= 5) && (rev <= 10))
1915 filename = "ucode5";
1916 else if ((rev >= 11) && (rev <= 12))
1917 filename = "ucode11";
1919 filename = "ucode13";
1922 err = do_request_fw(dev, filename, &fw->ucode);
1927 if ((rev >= 5) && (rev <= 10))
1933 err = do_request_fw(dev, filename, &fw->pcm);
1938 switch (dev->phy.type) {
1940 if ((rev >= 5) && (rev <= 10)) {
1941 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
1942 filename = "a0g1initvals5";
1944 filename = "a0g0initvals5";
1946 goto err_no_initvals;
1949 if ((rev >= 5) && (rev <= 10))
1950 filename = "b0g0initvals5";
1952 filename = "lp0initvals13";
1954 goto err_no_initvals;
1957 if ((rev >= 11) && (rev <= 12))
1958 filename = "n0initvals11";
1960 goto err_no_initvals;
1963 goto err_no_initvals;
1965 err = do_request_fw(dev, filename, &fw->initvals);
1969 /* Get bandswitch initvals */
1970 switch (dev->phy.type) {
1972 if ((rev >= 5) && (rev <= 10)) {
1973 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
1974 filename = "a0g1bsinitvals5";
1976 filename = "a0g0bsinitvals5";
1977 } else if (rev >= 11)
1980 goto err_no_initvals;
1983 if ((rev >= 5) && (rev <= 10))
1984 filename = "b0g0bsinitvals5";
1988 goto err_no_initvals;
1991 if ((rev >= 11) && (rev <= 12))
1992 filename = "n0bsinitvals11";
1994 goto err_no_initvals;
1997 goto err_no_initvals;
1999 err = do_request_fw(dev, filename, &fw->initvals_band);
2006 b43_print_fw_helptext(dev->wl, 1);
2011 b43err(dev->wl, "No microcode available for core rev %u\n", rev);
2016 b43err(dev->wl, "No PCM available for core rev %u\n", rev);
2021 b43err(dev->wl, "No Initial Values firmware file for PHY %u, "
2022 "core rev %u\n", dev->phy.type, rev);
2026 b43_release_firmware(dev);
2030 static int b43_upload_microcode(struct b43_wldev *dev)
2032 const size_t hdr_len = sizeof(struct b43_fw_header);
2034 unsigned int i, len;
2035 u16 fwrev, fwpatch, fwdate, fwtime;
2039 /* Jump the microcode PSM to offset 0 */
2040 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2041 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2042 macctl |= B43_MACCTL_PSM_JMP0;
2043 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2044 /* Zero out all microcode PSM registers and shared memory. */
2045 for (i = 0; i < 64; i++)
2046 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2047 for (i = 0; i < 4096; i += 2)
2048 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2050 /* Upload Microcode. */
2051 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2052 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2053 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2054 for (i = 0; i < len; i++) {
2055 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2059 if (dev->fw.pcm.data) {
2060 /* Upload PCM data. */
2061 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2062 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2063 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2064 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2065 /* No need for autoinc bit in SHM_HW */
2066 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2067 for (i = 0; i < len; i++) {
2068 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2073 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2075 /* Start the microcode PSM */
2076 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2077 macctl &= ~B43_MACCTL_PSM_JMP0;
2078 macctl |= B43_MACCTL_PSM_RUN;
2079 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2081 /* Wait for the microcode to load and respond */
2084 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2085 if (tmp == B43_IRQ_MAC_SUSPENDED)
2089 b43err(dev->wl, "Microcode not responding\n");
2090 b43_print_fw_helptext(dev->wl, 1);
2094 msleep_interruptible(50);
2095 if (signal_pending(current)) {
2100 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2102 /* Get and check the revisions. */
2103 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2104 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2105 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2106 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2108 if (fwrev <= 0x128) {
2109 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2110 "binary drivers older than version 4.x is unsupported. "
2111 "You must upgrade your firmware files.\n");
2112 b43_print_fw_helptext(dev->wl, 1);
2116 b43info(dev->wl, "Loading firmware version %u.%u "
2117 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2119 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2120 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2122 dev->fw.rev = fwrev;
2123 dev->fw.patch = fwpatch;
2125 if (b43_is_old_txhdr_format(dev)) {
2126 b43warn(dev->wl, "You are using an old firmware image. "
2127 "Support for old firmware will be removed in July 2008.\n");
2128 b43_print_fw_helptext(dev->wl, 0);
2134 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2135 macctl &= ~B43_MACCTL_PSM_RUN;
2136 macctl |= B43_MACCTL_PSM_JMP0;
2137 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2142 static int b43_write_initvals(struct b43_wldev *dev,
2143 const struct b43_iv *ivals,
2147 const struct b43_iv *iv;
2152 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2154 for (i = 0; i < count; i++) {
2155 if (array_size < sizeof(iv->offset_size))
2157 array_size -= sizeof(iv->offset_size);
2158 offset = be16_to_cpu(iv->offset_size);
2159 bit32 = !!(offset & B43_IV_32BIT);
2160 offset &= B43_IV_OFFSET_MASK;
2161 if (offset >= 0x1000)
2166 if (array_size < sizeof(iv->data.d32))
2168 array_size -= sizeof(iv->data.d32);
2170 value = be32_to_cpu(get_unaligned(&iv->data.d32));
2171 b43_write32(dev, offset, value);
2173 iv = (const struct b43_iv *)((const uint8_t *)iv +
2179 if (array_size < sizeof(iv->data.d16))
2181 array_size -= sizeof(iv->data.d16);
2183 value = be16_to_cpu(iv->data.d16);
2184 b43_write16(dev, offset, value);
2186 iv = (const struct b43_iv *)((const uint8_t *)iv +
2197 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2198 b43_print_fw_helptext(dev->wl, 1);
2203 static int b43_upload_initvals(struct b43_wldev *dev)
2205 const size_t hdr_len = sizeof(struct b43_fw_header);
2206 const struct b43_fw_header *hdr;
2207 struct b43_firmware *fw = &dev->fw;
2208 const struct b43_iv *ivals;
2212 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2213 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2214 count = be32_to_cpu(hdr->size);
2215 err = b43_write_initvals(dev, ivals, count,
2216 fw->initvals.data->size - hdr_len);
2219 if (fw->initvals_band.data) {
2220 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2221 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2222 count = be32_to_cpu(hdr->size);
2223 err = b43_write_initvals(dev, ivals, count,
2224 fw->initvals_band.data->size - hdr_len);
2233 /* Initialize the GPIOs
2234 * http://bcm-specs.sipsolutions.net/GPIO
2236 static int b43_gpio_init(struct b43_wldev *dev)
2238 struct ssb_bus *bus = dev->dev->bus;
2239 struct ssb_device *gpiodev, *pcidev = NULL;
2242 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2243 & ~B43_MACCTL_GPOUTSMSK);
2245 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2250 if (dev->dev->bus->chip_id == 0x4301) {
2254 if (0 /* FIXME: conditional unknown */ ) {
2255 b43_write16(dev, B43_MMIO_GPIO_MASK,
2256 b43_read16(dev, B43_MMIO_GPIO_MASK)
2261 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2262 b43_write16(dev, B43_MMIO_GPIO_MASK,
2263 b43_read16(dev, B43_MMIO_GPIO_MASK)
2268 if (dev->dev->id.revision >= 2)
2269 mask |= 0x0010; /* FIXME: This is redundant. */
2271 #ifdef CONFIG_SSB_DRIVER_PCICORE
2272 pcidev = bus->pcicore.dev;
2274 gpiodev = bus->chipco.dev ? : pcidev;
2277 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2278 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2284 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2285 static void b43_gpio_cleanup(struct b43_wldev *dev)
2287 struct ssb_bus *bus = dev->dev->bus;
2288 struct ssb_device *gpiodev, *pcidev = NULL;
2290 #ifdef CONFIG_SSB_DRIVER_PCICORE
2291 pcidev = bus->pcicore.dev;
2293 gpiodev = bus->chipco.dev ? : pcidev;
2296 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2299 /* http://bcm-specs.sipsolutions.net/EnableMac */
2300 static void b43_mac_enable(struct b43_wldev *dev)
2302 dev->mac_suspended--;
2303 B43_WARN_ON(dev->mac_suspended < 0);
2304 if (dev->mac_suspended == 0) {
2305 b43_write32(dev, B43_MMIO_MACCTL,
2306 b43_read32(dev, B43_MMIO_MACCTL)
2307 | B43_MACCTL_ENABLED);
2308 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2309 B43_IRQ_MAC_SUSPENDED);
2311 b43_read32(dev, B43_MMIO_MACCTL);
2312 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2313 b43_power_saving_ctl_bits(dev, 0);
2315 /* Re-enable IRQs. */
2316 spin_lock_irq(&dev->wl->irq_lock);
2317 b43_interrupt_enable(dev, dev->irq_savedstate);
2318 spin_unlock_irq(&dev->wl->irq_lock);
2322 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2323 static void b43_mac_suspend(struct b43_wldev *dev)
2329 B43_WARN_ON(dev->mac_suspended < 0);
2331 if (dev->mac_suspended == 0) {
2332 /* Mask IRQs before suspending MAC. Otherwise
2333 * the MAC stays busy and won't suspend. */
2334 spin_lock_irq(&dev->wl->irq_lock);
2335 tmp = b43_interrupt_disable(dev, B43_IRQ_ALL);
2336 spin_unlock_irq(&dev->wl->irq_lock);
2337 b43_synchronize_irq(dev);
2338 dev->irq_savedstate = tmp;
2340 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2341 b43_write32(dev, B43_MMIO_MACCTL,
2342 b43_read32(dev, B43_MMIO_MACCTL)
2343 & ~B43_MACCTL_ENABLED);
2344 /* force pci to flush the write */
2345 b43_read32(dev, B43_MMIO_MACCTL);
2346 for (i = 40; i; i--) {
2347 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2348 if (tmp & B43_IRQ_MAC_SUSPENDED)
2352 b43err(dev->wl, "MAC suspend failed\n");
2355 dev->mac_suspended++;
2358 static void b43_adjust_opmode(struct b43_wldev *dev)
2360 struct b43_wl *wl = dev->wl;
2364 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2365 /* Reset status to STA infrastructure mode. */
2366 ctl &= ~B43_MACCTL_AP;
2367 ctl &= ~B43_MACCTL_KEEP_CTL;
2368 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2369 ctl &= ~B43_MACCTL_KEEP_BAD;
2370 ctl &= ~B43_MACCTL_PROMISC;
2371 ctl &= ~B43_MACCTL_BEACPROMISC;
2372 ctl |= B43_MACCTL_INFRA;
2374 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
2375 ctl |= B43_MACCTL_AP;
2376 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS))
2377 ctl &= ~B43_MACCTL_INFRA;
2379 if (wl->filter_flags & FIF_CONTROL)
2380 ctl |= B43_MACCTL_KEEP_CTL;
2381 if (wl->filter_flags & FIF_FCSFAIL)
2382 ctl |= B43_MACCTL_KEEP_BAD;
2383 if (wl->filter_flags & FIF_PLCPFAIL)
2384 ctl |= B43_MACCTL_KEEP_BADPLCP;
2385 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2386 ctl |= B43_MACCTL_PROMISC;
2387 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2388 ctl |= B43_MACCTL_BEACPROMISC;
2390 /* Workaround: On old hardware the HW-MAC-address-filter
2391 * doesn't work properly, so always run promisc in filter
2392 * it in software. */
2393 if (dev->dev->id.revision <= 4)
2394 ctl |= B43_MACCTL_PROMISC;
2396 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2399 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2400 if (dev->dev->bus->chip_id == 0x4306 &&
2401 dev->dev->bus->chip_rev == 3)
2406 b43_write16(dev, 0x612, cfp_pretbtt);
2409 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2415 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2418 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2420 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2421 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2424 static void b43_rate_memory_init(struct b43_wldev *dev)
2426 switch (dev->phy.type) {
2430 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2431 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2432 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2433 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2434 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2435 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2436 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2437 if (dev->phy.type == B43_PHYTYPE_A)
2441 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2442 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2443 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2444 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2451 /* Set the default values for the PHY TX Control Words. */
2452 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2456 ctl |= B43_TXH_PHY_ENC_CCK;
2457 ctl |= B43_TXH_PHY_ANT01AUTO;
2458 ctl |= B43_TXH_PHY_TXPWR;
2460 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2461 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2462 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2465 /* Set the TX-Antenna for management frames sent by firmware. */
2466 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2471 ant = b43_antenna_to_phyctl(antenna);
2474 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2475 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2476 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2477 /* For Probe Resposes */
2478 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2479 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2480 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2483 /* This is the opposite of b43_chip_init() */
2484 static void b43_chip_exit(struct b43_wldev *dev)
2486 b43_radio_turn_off(dev, 1);
2487 b43_gpio_cleanup(dev);
2488 /* firmware is released later */
2491 /* Initialize the chip
2492 * http://bcm-specs.sipsolutions.net/ChipInit
2494 static int b43_chip_init(struct b43_wldev *dev)
2496 struct b43_phy *phy = &dev->phy;
2498 u32 value32, macctl;
2501 /* Initialize the MAC control */
2502 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2504 macctl |= B43_MACCTL_GMODE;
2505 macctl |= B43_MACCTL_INFRA;
2506 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2508 err = b43_request_firmware(dev);
2511 err = b43_upload_microcode(dev);
2513 goto out; /* firmware is released later */
2515 err = b43_gpio_init(dev);
2517 goto out; /* firmware is released later */
2519 err = b43_upload_initvals(dev);
2521 goto err_gpio_clean;
2522 b43_radio_turn_on(dev);
2524 b43_write16(dev, 0x03E6, 0x0000);
2525 err = b43_phy_init(dev);
2529 /* Select initial Interference Mitigation. */
2530 tmp = phy->interfmode;
2531 phy->interfmode = B43_INTERFMODE_NONE;
2532 b43_radio_set_interference_mitigation(dev, tmp);
2534 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2535 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2537 if (phy->type == B43_PHYTYPE_B) {
2538 value16 = b43_read16(dev, 0x005E);
2540 b43_write16(dev, 0x005E, value16);
2542 b43_write32(dev, 0x0100, 0x01000000);
2543 if (dev->dev->id.revision < 5)
2544 b43_write32(dev, 0x010C, 0x01000000);
2546 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2547 & ~B43_MACCTL_INFRA);
2548 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2549 | B43_MACCTL_INFRA);
2551 /* Probe Response Timeout value */
2552 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2553 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2555 /* Initially set the wireless operation mode. */
2556 b43_adjust_opmode(dev);
2558 if (dev->dev->id.revision < 3) {
2559 b43_write16(dev, 0x060E, 0x0000);
2560 b43_write16(dev, 0x0610, 0x8000);
2561 b43_write16(dev, 0x0604, 0x0000);
2562 b43_write16(dev, 0x0606, 0x0200);
2564 b43_write32(dev, 0x0188, 0x80000000);
2565 b43_write32(dev, 0x018C, 0x02000000);
2567 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2568 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2569 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2570 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2571 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2572 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2573 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2575 value32 = ssb_read32(dev->dev, SSB_TMSLOW);
2576 value32 |= 0x00100000;
2577 ssb_write32(dev->dev, SSB_TMSLOW, value32);
2579 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2580 dev->dev->bus->chipco.fast_pwrup_delay);
2583 b43dbg(dev->wl, "Chip initialized\n");
2588 b43_radio_turn_off(dev, 1);
2590 b43_gpio_cleanup(dev);
2594 static void b43_periodic_every120sec(struct b43_wldev *dev)
2596 struct b43_phy *phy = &dev->phy;
2598 if (phy->type != B43_PHYTYPE_G || phy->rev < 2)
2601 b43_mac_suspend(dev);
2602 b43_lo_g_measure(dev);
2603 b43_mac_enable(dev);
2604 if (b43_has_hardware_pctl(phy))
2605 b43_lo_g_ctl_mark_all_unused(dev);
2608 static void b43_periodic_every60sec(struct b43_wldev *dev)
2610 struct b43_phy *phy = &dev->phy;
2612 if (phy->type != B43_PHYTYPE_G)
2614 if (!b43_has_hardware_pctl(phy))
2615 b43_lo_g_ctl_mark_all_unused(dev);
2616 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) {
2617 b43_mac_suspend(dev);
2618 b43_calc_nrssi_slope(dev);
2619 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) {
2620 u8 old_chan = phy->channel;
2622 /* VCO Calibration */
2624 b43_radio_selectchannel(dev, 1, 0);
2626 b43_radio_selectchannel(dev, 13, 0);
2627 b43_radio_selectchannel(dev, old_chan, 0);
2629 b43_mac_enable(dev);
2633 static void b43_periodic_every30sec(struct b43_wldev *dev)
2635 /* Update device statistics. */
2636 b43_calculate_link_quality(dev);
2639 static void b43_periodic_every15sec(struct b43_wldev *dev)
2641 struct b43_phy *phy = &dev->phy;
2643 if (phy->type == B43_PHYTYPE_G) {
2644 //TODO: update_aci_moving_average
2645 if (phy->aci_enable && phy->aci_wlan_automatic) {
2646 b43_mac_suspend(dev);
2647 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) {
2648 if (0 /*TODO: bunch of conditions */ ) {
2649 b43_radio_set_interference_mitigation
2650 (dev, B43_INTERFMODE_MANUALWLAN);
2652 } else if (1 /*TODO*/) {
2654 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) {
2655 b43_radio_set_interference_mitigation(dev,
2656 B43_INTERFMODE_NONE);
2660 b43_mac_enable(dev);
2661 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN &&
2663 //TODO: implement rev1 workaround
2666 b43_phy_xmitpower(dev); //FIXME: unless scanning?
2667 //TODO for APHY (temperature?)
2669 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
2673 static void do_periodic_work(struct b43_wldev *dev)
2677 state = dev->periodic_state;
2679 b43_periodic_every120sec(dev);
2681 b43_periodic_every60sec(dev);
2683 b43_periodic_every30sec(dev);
2684 b43_periodic_every15sec(dev);
2687 /* Periodic work locking policy:
2688 * The whole periodic work handler is protected by
2689 * wl->mutex. If another lock is needed somewhere in the
2690 * pwork callchain, it's aquired in-place, where it's needed.
2692 static void b43_periodic_work_handler(struct work_struct *work)
2694 struct b43_wldev *dev = container_of(work, struct b43_wldev,
2695 periodic_work.work);
2696 struct b43_wl *wl = dev->wl;
2697 unsigned long delay;
2699 mutex_lock(&wl->mutex);
2701 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
2703 if (b43_debug(dev, B43_DBG_PWORK_STOP))
2706 do_periodic_work(dev);
2708 dev->periodic_state++;
2710 if (b43_debug(dev, B43_DBG_PWORK_FAST))
2711 delay = msecs_to_jiffies(50);
2713 delay = round_jiffies_relative(HZ * 15);
2714 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay);
2716 mutex_unlock(&wl->mutex);
2719 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
2721 struct delayed_work *work = &dev->periodic_work;
2723 dev->periodic_state = 0;
2724 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
2725 queue_delayed_work(dev->wl->hw->workqueue, work, 0);
2728 /* Check if communication with the device works correctly. */
2729 static int b43_validate_chipaccess(struct b43_wldev *dev)
2733 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0);
2735 /* Check for read/write and endianness problems. */
2736 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
2737 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
2739 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
2740 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
2743 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup);
2745 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) {
2746 /* The 32bit register shadows the two 16bit registers
2747 * with update sideeffects. Validate this. */
2748 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
2749 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
2750 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
2752 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
2755 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
2757 v = b43_read32(dev, B43_MMIO_MACCTL);
2758 v |= B43_MACCTL_GMODE;
2759 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
2764 b43err(dev->wl, "Failed to validate the chipaccess\n");
2768 static void b43_security_init(struct b43_wldev *dev)
2770 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20;
2771 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key));
2772 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
2773 /* KTP is a word address, but we address SHM bytewise.
2774 * So multiply by two.
2777 if (dev->dev->id.revision >= 5) {
2778 /* Number of RCMTA address slots */
2779 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8);
2781 b43_clear_keys(dev);
2784 static int b43_rng_read(struct hwrng *rng, u32 * data)
2786 struct b43_wl *wl = (struct b43_wl *)rng->priv;
2787 unsigned long flags;
2789 /* Don't take wl->mutex here, as it could deadlock with
2790 * hwrng internal locking. It's not needed to take
2791 * wl->mutex here, anyway. */
2793 spin_lock_irqsave(&wl->irq_lock, flags);
2794 *data = b43_read16(wl->current_dev, B43_MMIO_RNG);
2795 spin_unlock_irqrestore(&wl->irq_lock, flags);
2797 return (sizeof(u16));
2800 static void b43_rng_exit(struct b43_wl *wl, bool suspended)
2802 if (wl->rng_initialized)
2803 __hwrng_unregister(&wl->rng, suspended);
2806 static int b43_rng_init(struct b43_wl *wl)
2810 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
2811 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
2812 wl->rng.name = wl->rng_name;
2813 wl->rng.data_read = b43_rng_read;
2814 wl->rng.priv = (unsigned long)wl;
2815 wl->rng_initialized = 1;
2816 err = hwrng_register(&wl->rng);
2818 wl->rng_initialized = 0;
2819 b43err(wl, "Failed to register the random "
2820 "number generator (%d)\n", err);
2826 static int b43_op_tx(struct ieee80211_hw *hw,
2827 struct sk_buff *skb,
2828 struct ieee80211_tx_control *ctl)
2830 struct b43_wl *wl = hw_to_b43_wl(hw);
2831 struct b43_wldev *dev = wl->current_dev;
2834 if (unlikely(skb->len < 2 + 2 + 6)) {
2835 /* Too short, this can't be a valid frame. */
2838 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
2842 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
2844 /* TX is done without a global lock. */
2845 if (b43_using_pio_transfers(dev))
2846 err = b43_pio_tx(dev, skb, ctl);
2848 err = b43_dma_tx(dev, skb, ctl);
2851 return NETDEV_TX_BUSY;
2852 return NETDEV_TX_OK;
2855 /* Locking: wl->irq_lock */
2856 static void b43_qos_params_upload(struct b43_wldev *dev,
2857 const struct ieee80211_tx_queue_params *p,
2860 u16 params[B43_NR_QOSPARAMS];
2861 int cw_min, cw_max, aifs, bslots, tmp;
2864 const u16 aCWmin = 0x0001;
2865 const u16 aCWmax = 0x03FF;
2867 /* Calculate the default values for the parameters, if needed. */
2868 switch (shm_offset) {
2870 aifs = (p->aifs == -1) ? 2 : p->aifs;
2871 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min;
2872 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max;
2875 aifs = (p->aifs == -1) ? 2 : p->aifs;
2876 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min;
2877 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max;
2879 case B43_QOS_BESTEFFORT:
2880 aifs = (p->aifs == -1) ? 3 : p->aifs;
2881 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min;
2882 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max;
2884 case B43_QOS_BACKGROUND:
2885 aifs = (p->aifs == -1) ? 7 : p->aifs;
2886 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min;
2887 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max;
2897 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min;
2899 memset(¶ms, 0, sizeof(params));
2901 params[B43_QOSPARAM_TXOP] = p->txop * 32;
2902 params[B43_QOSPARAM_CWMIN] = cw_min;
2903 params[B43_QOSPARAM_CWMAX] = cw_max;
2904 params[B43_QOSPARAM_CWCUR] = cw_min;
2905 params[B43_QOSPARAM_AIFS] = aifs;
2906 params[B43_QOSPARAM_BSLOTS] = bslots;
2907 params[B43_QOSPARAM_REGGAP] = bslots + aifs;
2909 for (i = 0; i < ARRAY_SIZE(params); i++) {
2910 if (i == B43_QOSPARAM_STATUS) {
2911 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
2912 shm_offset + (i * 2));
2913 /* Mark the parameters as updated. */
2915 b43_shm_write16(dev, B43_SHM_SHARED,
2916 shm_offset + (i * 2),
2919 b43_shm_write16(dev, B43_SHM_SHARED,
2920 shm_offset + (i * 2),
2926 /* Update the QOS parameters in hardware. */
2927 static void b43_qos_update(struct b43_wldev *dev)
2929 struct b43_wl *wl = dev->wl;
2930 struct b43_qos_params *params;
2931 unsigned long flags;
2934 /* Mapping of mac80211 queues to b43 SHM offsets. */
2935 static const u16 qos_shm_offsets[] = {
2936 [0] = B43_QOS_VOICE,
2937 [1] = B43_QOS_VIDEO,
2938 [2] = B43_QOS_BESTEFFORT,
2939 [3] = B43_QOS_BACKGROUND,
2941 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params));
2943 b43_mac_suspend(dev);
2944 spin_lock_irqsave(&wl->irq_lock, flags);
2946 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
2947 params = &(wl->qos_params[i]);
2948 if (params->need_hw_update) {
2949 b43_qos_params_upload(dev, &(params->p),
2950 qos_shm_offsets[i]);
2951 params->need_hw_update = 0;
2955 spin_unlock_irqrestore(&wl->irq_lock, flags);
2956 b43_mac_enable(dev);
2959 static void b43_qos_clear(struct b43_wl *wl)
2961 struct b43_qos_params *params;
2964 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
2965 params = &(wl->qos_params[i]);
2967 memset(&(params->p), 0, sizeof(params->p));
2968 params->p.aifs = -1;
2969 params->need_hw_update = 1;
2973 /* Initialize the core's QOS capabilities */
2974 static void b43_qos_init(struct b43_wldev *dev)
2976 struct b43_wl *wl = dev->wl;
2979 /* Upload the current QOS parameters. */
2980 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++)
2981 wl->qos_params[i].need_hw_update = 1;
2982 b43_qos_update(dev);
2984 /* Enable QOS support. */
2985 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
2986 b43_write16(dev, B43_MMIO_IFSCTL,
2987 b43_read16(dev, B43_MMIO_IFSCTL)
2988 | B43_MMIO_IFSCTL_USE_EDCF);
2991 static void b43_qos_update_work(struct work_struct *work)
2993 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work);
2994 struct b43_wldev *dev;
2996 mutex_lock(&wl->mutex);
2997 dev = wl->current_dev;
2998 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED)))
2999 b43_qos_update(dev);
3000 mutex_unlock(&wl->mutex);
3003 static int b43_op_conf_tx(struct ieee80211_hw *hw,
3005 const struct ieee80211_tx_queue_params *params)
3007 struct b43_wl *wl = hw_to_b43_wl(hw);
3008 unsigned long flags;
3009 unsigned int queue = (unsigned int)_queue;
3010 struct b43_qos_params *p;
3012 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3013 /* Queue not available or don't support setting
3014 * params on this queue. Return success to not
3015 * confuse mac80211. */
3019 spin_lock_irqsave(&wl->irq_lock, flags);
3020 p = &(wl->qos_params[queue]);
3021 memcpy(&(p->p), params, sizeof(p->p));
3022 p->need_hw_update = 1;
3023 spin_unlock_irqrestore(&wl->irq_lock, flags);
3025 queue_work(hw->workqueue, &wl->qos_update_work);
3030 static int b43_op_get_tx_stats(struct ieee80211_hw *hw,
3031 struct ieee80211_tx_queue_stats *stats)
3033 struct b43_wl *wl = hw_to_b43_wl(hw);
3034 struct b43_wldev *dev = wl->current_dev;
3035 unsigned long flags;
3040 spin_lock_irqsave(&wl->irq_lock, flags);
3041 if (likely(b43_status(dev) >= B43_STAT_STARTED)) {
3042 if (b43_using_pio_transfers(dev))
3043 b43_pio_get_tx_stats(dev, stats);
3045 b43_dma_get_tx_stats(dev, stats);
3048 spin_unlock_irqrestore(&wl->irq_lock, flags);
3053 static int b43_op_get_stats(struct ieee80211_hw *hw,
3054 struct ieee80211_low_level_stats *stats)
3056 struct b43_wl *wl = hw_to_b43_wl(hw);
3057 unsigned long flags;
3059 spin_lock_irqsave(&wl->irq_lock, flags);
3060 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3061 spin_unlock_irqrestore(&wl->irq_lock, flags);
3066 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3068 struct ssb_device *sdev = dev->dev;
3071 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3072 tmslow &= ~B43_TMSLOW_GMODE;
3073 tmslow |= B43_TMSLOW_PHYRESET;
3074 tmslow |= SSB_TMSLOW_FGC;
3075 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3078 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3079 tmslow &= ~SSB_TMSLOW_FGC;
3080 tmslow |= B43_TMSLOW_PHYRESET;
3081 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3085 static const char * band_to_string(enum ieee80211_band band)
3088 case IEEE80211_BAND_5GHZ:
3090 case IEEE80211_BAND_2GHZ:
3099 /* Expects wl->mutex locked */
3100 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3102 struct b43_wldev *up_dev = NULL;
3103 struct b43_wldev *down_dev;
3104 struct b43_wldev *d;
3109 /* Find a device and PHY which supports the band. */
3110 list_for_each_entry(d, &wl->devlist, list) {
3111 switch (chan->band) {
3112 case IEEE80211_BAND_5GHZ:
3113 if (d->phy.supports_5ghz) {
3118 case IEEE80211_BAND_2GHZ:
3119 if (d->phy.supports_2ghz) {
3132 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3133 band_to_string(chan->band));
3136 if ((up_dev == wl->current_dev) &&
3137 (!!wl->current_dev->phy.gmode == !!gmode)) {
3138 /* This device is already running. */
3141 b43dbg(wl, "Switching to %s-GHz band\n",
3142 band_to_string(chan->band));
3143 down_dev = wl->current_dev;
3145 prev_status = b43_status(down_dev);
3146 /* Shutdown the currently running core. */
3147 if (prev_status >= B43_STAT_STARTED)
3148 b43_wireless_core_stop(down_dev);
3149 if (prev_status >= B43_STAT_INITIALIZED)
3150 b43_wireless_core_exit(down_dev);
3152 if (down_dev != up_dev) {
3153 /* We switch to a different core, so we put PHY into
3154 * RESET on the old core. */
3155 b43_put_phy_into_reset(down_dev);
3158 /* Now start the new core. */
3159 up_dev->phy.gmode = gmode;
3160 if (prev_status >= B43_STAT_INITIALIZED) {
3161 err = b43_wireless_core_init(up_dev);
3163 b43err(wl, "Fatal: Could not initialize device for "
3164 "selected %s-GHz band\n",
3165 band_to_string(chan->band));
3169 if (prev_status >= B43_STAT_STARTED) {
3170 err = b43_wireless_core_start(up_dev);
3172 b43err(wl, "Fatal: Coult not start device for "
3173 "selected %s-GHz band\n",
3174 band_to_string(chan->band));
3175 b43_wireless_core_exit(up_dev);
3179 B43_WARN_ON(b43_status(up_dev) != prev_status);
3181 wl->current_dev = up_dev;
3185 /* Whoops, failed to init the new core. No core is operating now. */
3186 wl->current_dev = NULL;
3190 static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf)
3192 struct b43_wl *wl = hw_to_b43_wl(hw);
3193 struct b43_wldev *dev;
3194 struct b43_phy *phy;
3195 unsigned long flags;
3200 mutex_lock(&wl->mutex);
3202 /* Switch the band (if necessary). This might change the active core. */
3203 err = b43_switch_band(wl, conf->channel);
3205 goto out_unlock_mutex;
3206 dev = wl->current_dev;
3209 /* Disable IRQs while reconfiguring the device.
3210 * This makes it possible to drop the spinlock throughout
3211 * the reconfiguration process. */
3212 spin_lock_irqsave(&wl->irq_lock, flags);
3213 if (b43_status(dev) < B43_STAT_STARTED) {
3214 spin_unlock_irqrestore(&wl->irq_lock, flags);
3215 goto out_unlock_mutex;
3217 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL);
3218 spin_unlock_irqrestore(&wl->irq_lock, flags);
3219 b43_synchronize_irq(dev);
3221 /* Switch to the requested channel.
3222 * The firmware takes care of races with the TX handler. */
3223 if (conf->channel->hw_value != phy->channel)
3224 b43_radio_selectchannel(dev, conf->channel->hw_value, 0);
3226 /* Enable/Disable ShortSlot timing. */
3227 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) !=
3229 B43_WARN_ON(phy->type != B43_PHYTYPE_G);
3230 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)
3231 b43_short_slot_timing_enable(dev);
3233 b43_short_slot_timing_disable(dev);
3236 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
3238 /* Adjust the desired TX power level. */
3239 if (conf->power_level != 0) {
3240 if (conf->power_level != phy->power_level) {
3241 phy->power_level = conf->power_level;
3242 b43_phy_xmitpower(dev);
3246 /* Antennas for RX and management frame TX. */
3247 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx);
3248 b43_mgmtframe_txantenna(dev, antenna);
3249 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx);
3250 b43_set_rx_antenna(dev, antenna);
3252 /* Update templates for AP mode. */
3253 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
3254 b43_set_beacon_int(dev, conf->beacon_int);
3256 if (!!conf->radio_enabled != phy->radio_on) {
3257 if (conf->radio_enabled) {
3258 b43_radio_turn_on(dev);
3259 b43info(dev->wl, "Radio turned on by software\n");
3260 if (!dev->radio_hw_enable) {
3261 b43info(dev->wl, "The hardware RF-kill button "
3262 "still turns the radio physically off. "
3263 "Press the button to turn it on.\n");
3266 b43_radio_turn_off(dev, 0);
3267 b43info(dev->wl, "Radio turned off by software\n");
3271 spin_lock_irqsave(&wl->irq_lock, flags);
3272 b43_interrupt_enable(dev, savedirqs);
3274 spin_unlock_irqrestore(&wl->irq_lock, flags);
3276 mutex_unlock(&wl->mutex);
3281 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3282 const u8 *local_addr, const u8 *addr,
3283 struct ieee80211_key_conf *key)
3285 struct b43_wl *wl = hw_to_b43_wl(hw);
3286 struct b43_wldev *dev;
3287 unsigned long flags;
3291 DECLARE_MAC_BUF(mac);
3293 if (modparam_nohwcrypt)
3294 return -ENOSPC; /* User disabled HW-crypto */
3296 mutex_lock(&wl->mutex);
3297 spin_lock_irqsave(&wl->irq_lock, flags);
3299 dev = wl->current_dev;
3301 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3307 if (key->keylen == 5)
3308 algorithm = B43_SEC_ALGO_WEP40;
3310 algorithm = B43_SEC_ALGO_WEP104;
3313 algorithm = B43_SEC_ALGO_TKIP;
3316 algorithm = B43_SEC_ALGO_AES;
3322 index = (u8) (key->keyidx);
3328 if (algorithm == B43_SEC_ALGO_TKIP) {
3329 /* FIXME: No TKIP hardware encryption for now. */
3334 if (is_broadcast_ether_addr(addr)) {
3335 /* addr is FF:FF:FF:FF:FF:FF for default keys */
3336 err = b43_key_write(dev, index, algorithm,
3337 key->key, key->keylen, NULL, key);
3340 * either pairwise key or address is 00:00:00:00:00:00
3341 * for transmit-only keys
3343 err = b43_key_write(dev, -1, algorithm,
3344 key->key, key->keylen, addr, key);
3349 if (algorithm == B43_SEC_ALGO_WEP40 ||
3350 algorithm == B43_SEC_ALGO_WEP104) {
3351 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3354 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3356 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3359 err = b43_key_clear(dev, key->hw_key_idx);
3368 spin_unlock_irqrestore(&wl->irq_lock, flags);
3369 mutex_unlock(&wl->mutex);
3371 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3373 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3374 print_mac(mac, addr));
3379 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3380 unsigned int changed, unsigned int *fflags,
3381 int mc_count, struct dev_addr_list *mc_list)
3383 struct b43_wl *wl = hw_to_b43_wl(hw);
3384 struct b43_wldev *dev = wl->current_dev;
3385 unsigned long flags;
3392 spin_lock_irqsave(&wl->irq_lock, flags);
3393 *fflags &= FIF_PROMISC_IN_BSS |
3399 FIF_BCN_PRBRESP_PROMISC;
3401 changed &= FIF_PROMISC_IN_BSS |
3407 FIF_BCN_PRBRESP_PROMISC;
3409 wl->filter_flags = *fflags;
3411 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3412 b43_adjust_opmode(dev);
3413 spin_unlock_irqrestore(&wl->irq_lock, flags);
3416 static int b43_op_config_interface(struct ieee80211_hw *hw,
3417 struct ieee80211_vif *vif,
3418 struct ieee80211_if_conf *conf)
3420 struct b43_wl *wl = hw_to_b43_wl(hw);
3421 struct b43_wldev *dev = wl->current_dev;
3422 unsigned long flags;
3426 mutex_lock(&wl->mutex);
3427 spin_lock_irqsave(&wl->irq_lock, flags);
3428 B43_WARN_ON(wl->vif != vif);
3430 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3432 memset(wl->bssid, 0, ETH_ALEN);
3433 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3434 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) {
3435 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP);
3436 b43_set_ssid(dev, conf->ssid, conf->ssid_len);
3438 b43_update_templates(wl, conf->beacon,
3439 conf->beacon_control);
3442 b43_write_mac_bssid_templates(dev);
3444 spin_unlock_irqrestore(&wl->irq_lock, flags);
3445 mutex_unlock(&wl->mutex);
3450 /* Locking: wl->mutex */
3451 static void b43_wireless_core_stop(struct b43_wldev *dev)
3453 struct b43_wl *wl = dev->wl;
3454 unsigned long flags;
3456 if (b43_status(dev) < B43_STAT_STARTED)
3459 /* Disable and sync interrupts. We must do this before than
3460 * setting the status to INITIALIZED, as the interrupt handler
3461 * won't care about IRQs then. */
3462 spin_lock_irqsave(&wl->irq_lock, flags);
3463 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
3464 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */
3465 spin_unlock_irqrestore(&wl->irq_lock, flags);
3466 b43_synchronize_irq(dev);
3468 b43_set_status(dev, B43_STAT_INITIALIZED);
3471 mutex_unlock(&wl->mutex);
3472 /* Must unlock as it would otherwise deadlock. No races here.
3473 * Cancel the possibly running self-rearming periodic work. */
3474 cancel_delayed_work_sync(&dev->periodic_work);
3475 mutex_lock(&wl->mutex);
3477 ieee80211_stop_queues(wl->hw); //FIXME this could cause a deadlock, as mac80211 seems buggy.
3479 b43_mac_suspend(dev);
3480 free_irq(dev->dev->irq, dev);
3481 b43dbg(wl, "Wireless interface stopped\n");
3484 /* Locking: wl->mutex */
3485 static int b43_wireless_core_start(struct b43_wldev *dev)
3489 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
3491 drain_txstatus_queue(dev);
3492 err = request_irq(dev->dev->irq, b43_interrupt_handler,
3493 IRQF_SHARED, KBUILD_MODNAME, dev);
3495 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq);
3499 /* We are ready to run. */
3500 b43_set_status(dev, B43_STAT_STARTED);
3502 /* Start data flow (TX/RX). */
3503 b43_mac_enable(dev);
3504 b43_interrupt_enable(dev, dev->irq_savedstate);
3505 ieee80211_start_queues(dev->wl->hw);
3507 /* Start maintainance work */
3508 b43_periodic_tasks_setup(dev);
3510 b43dbg(dev->wl, "Wireless interface started\n");
3515 /* Get PHY and RADIO versioning numbers */
3516 static int b43_phy_versioning(struct b43_wldev *dev)
3518 struct b43_phy *phy = &dev->phy;
3526 int unsupported = 0;
3528 /* Get PHY versioning */
3529 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
3530 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
3531 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
3532 phy_rev = (tmp & B43_PHYVER_VERSION);
3539 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
3547 #ifdef CONFIG_B43_NPHY
3557 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
3558 "(Analog %u, Type %u, Revision %u)\n",
3559 analog_type, phy_type, phy_rev);
3562 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
3563 analog_type, phy_type, phy_rev);
3565 /* Get RADIO versioning */
3566 if (dev->dev->bus->chip_id == 0x4317) {
3567 if (dev->dev->bus->chip_rev == 0)
3569 else if (dev->dev->bus->chip_rev == 1)
3574 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3575 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
3576 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3577 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
3579 radio_manuf = (tmp & 0x00000FFF);
3580 radio_ver = (tmp & 0x0FFFF000) >> 12;
3581 radio_rev = (tmp & 0xF0000000) >> 28;
3582 if (radio_manuf != 0x17F /* Broadcom */)
3586 if (radio_ver != 0x2060)
3590 if (radio_manuf != 0x17F)
3594 if ((radio_ver & 0xFFF0) != 0x2050)
3598 if (radio_ver != 0x2050)
3602 if (radio_ver != 0x2055)
3609 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
3610 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
3611 radio_manuf, radio_ver, radio_rev);
3614 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
3615 radio_manuf, radio_ver, radio_rev);
3617 phy->radio_manuf = radio_manuf;
3618 phy->radio_ver = radio_ver;
3619 phy->radio_rev = radio_rev;
3621 phy->analog = analog_type;
3622 phy->type = phy_type;
3628 static void setup_struct_phy_for_init(struct b43_wldev *dev,
3629 struct b43_phy *phy)
3631 struct b43_txpower_lo_control *lo;
3634 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig));
3635 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos));
3637 phy->aci_enable = 0;
3638 phy->aci_wlan_automatic = 0;
3639 phy->aci_hw_rssi = 0;
3641 phy->radio_off_context.valid = 0;
3643 lo = phy->lo_control;
3645 memset(lo, 0, sizeof(*(phy->lo_control)));
3649 phy->max_lb_gain = 0;
3650 phy->trsw_rx_gain = 0;
3651 phy->txpwr_offset = 0;
3654 phy->nrssislope = 0;
3655 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++)
3656 phy->nrssi[i] = -1000;
3657 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++)
3658 phy->nrssi_lt[i] = i;
3660 phy->lofcal = 0xFFFF;
3661 phy->initval = 0xFFFF;
3663 phy->interfmode = B43_INTERFMODE_NONE;
3664 phy->channel = 0xFF;
3666 phy->hardware_power_control = !!modparam_hwpctl;
3668 /* PHY TX errors counter. */
3669 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3671 /* OFDM-table address caching. */
3672 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN;
3675 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
3679 /* Assume the radio is enabled. If it's not enabled, the state will
3680 * immediately get fixed on the first periodic work run. */
3681 dev->radio_hw_enable = 1;
3684 memset(&dev->stats, 0, sizeof(dev->stats));
3686 setup_struct_phy_for_init(dev, &dev->phy);
3688 /* IRQ related flags */
3689 dev->irq_reason = 0;
3690 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
3691 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE;
3693 dev->mac_suspended = 1;
3695 /* Noise calculation context */
3696 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
3699 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
3701 struct ssb_sprom *sprom = &dev->dev->bus->sprom;
3704 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
3706 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
3709 hf = b43_hf_read(dev);
3710 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
3711 hf |= B43_HF_BTCOEXALT;
3713 hf |= B43_HF_BTCOEX;
3714 b43_hf_write(dev, hf);
3718 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
3722 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
3724 #ifdef CONFIG_SSB_DRIVER_PCICORE
3725 struct ssb_bus *bus = dev->dev->bus;
3728 if (bus->pcicore.dev &&
3729 bus->pcicore.dev->id.coreid == SSB_DEV_PCI &&
3730 bus->pcicore.dev->id.revision <= 5) {
3731 /* IMCFGLO timeouts workaround. */
3732 tmp = ssb_read32(dev->dev, SSB_IMCFGLO);
3733 tmp &= ~SSB_IMCFGLO_REQTO;
3734 tmp &= ~SSB_IMCFGLO_SERTO;
3735 switch (bus->bustype) {
3736 case SSB_BUSTYPE_PCI:
3737 case SSB_BUSTYPE_PCMCIA:
3740 case SSB_BUSTYPE_SSB:
3744 ssb_write32(dev->dev, SSB_IMCFGLO, tmp);
3746 #endif /* CONFIG_SSB_DRIVER_PCICORE */
3749 /* Write the short and long frame retry limit values. */
3750 static void b43_set_retry_limits(struct b43_wldev *dev,
3751 unsigned int short_retry,
3752 unsigned int long_retry)
3754 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3755 * the chip-internal counter. */
3756 short_retry = min(short_retry, (unsigned int)0xF);
3757 long_retry = min(long_retry, (unsigned int)0xF);
3759 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3761 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3765 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
3769 /* The time value is in microseconds. */
3770 if (dev->phy.type == B43_PHYTYPE_A)
3774 if ((dev->wl->if_type == IEEE80211_IF_TYPE_IBSS) || idle)
3776 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
3777 pu_delay = max(pu_delay, (u16)2400);
3779 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
3782 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
3783 static void b43_set_pretbtt(struct b43_wldev *dev)
3787 /* The time value is in microseconds. */
3788 if (dev->wl->if_type == IEEE80211_IF_TYPE_IBSS) {
3791 if (dev->phy.type == B43_PHYTYPE_A)
3796 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
3797 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
3800 /* Shutdown a wireless core */
3801 /* Locking: wl->mutex */
3802 static void b43_wireless_core_exit(struct b43_wldev *dev)
3804 struct b43_phy *phy = &dev->phy;
3807 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED);
3808 if (b43_status(dev) != B43_STAT_INITIALIZED)
3810 b43_set_status(dev, B43_STAT_UNINIT);
3812 /* Stop the microcode PSM. */
3813 macctl = b43_read32(dev, B43_MMIO_MACCTL);
3814 macctl &= ~B43_MACCTL_PSM_RUN;
3815 macctl |= B43_MACCTL_PSM_JMP0;
3816 b43_write32(dev, B43_MMIO_MACCTL, macctl);
3818 if (!dev->suspend_in_progress) {
3820 b43_rng_exit(dev->wl, false);
3825 b43_radio_turn_off(dev, 1);
3826 b43_switch_analog(dev, 0);
3827 if (phy->dyn_tssi_tbl)
3828 kfree(phy->tssi2dbm);
3829 kfree(phy->lo_control);
3830 phy->lo_control = NULL;
3831 if (dev->wl->current_beacon) {
3832 dev_kfree_skb_any(dev->wl->current_beacon);
3833 dev->wl->current_beacon = NULL;
3836 ssb_device_disable(dev->dev, 0);
3837 ssb_bus_may_powerdown(dev->dev->bus);
3840 /* Initialize a wireless core */
3841 static int b43_wireless_core_init(struct b43_wldev *dev)
3843 struct b43_wl *wl = dev->wl;
3844 struct ssb_bus *bus = dev->dev->bus;
3845 struct ssb_sprom *sprom = &bus->sprom;
3846 struct b43_phy *phy = &dev->phy;
3850 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
3852 err = ssb_bus_powerup(bus, 0);
3855 if (!ssb_device_is_enabled(dev->dev)) {
3856 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
3857 b43_wireless_core_reset(dev, tmp);
3860 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) {
3862 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL);
3863 if (!phy->lo_control) {
3868 setup_struct_wldev_for_init(dev);
3870 err = b43_phy_init_tssi2dbm_table(dev);
3872 goto err_kfree_lo_control;
3874 /* Enable IRQ routing to this device. */
3875 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev);
3877 b43_imcfglo_timeouts_workaround(dev);
3878 b43_bluetooth_coext_disable(dev);
3879 b43_phy_early_init(dev);
3880 err = b43_chip_init(dev);
3882 goto err_kfree_tssitbl;
3883 b43_shm_write16(dev, B43_SHM_SHARED,
3884 B43_SHM_SH_WLCOREREV, dev->dev->id.revision);
3885 hf = b43_hf_read(dev);
3886 if (phy->type == B43_PHYTYPE_G) {
3890 if (sprom->boardflags_lo & B43_BFL_PACTRL)
3891 hf |= B43_HF_OFDMPABOOST;
3892 } else if (phy->type == B43_PHYTYPE_B) {
3894 if (phy->rev >= 2 && phy->radio_ver == 0x2050)
3897 b43_hf_write(dev, hf);
3899 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
3900 B43_DEFAULT_LONG_RETRY_LIMIT);
3901 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
3902 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
3904 /* Disable sending probe responses from firmware.
3905 * Setting the MaxTime to one usec will always trigger
3906 * a timeout, so we never send any probe resp.
3907 * A timeout of zero is infinite. */
3908 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
3910 b43_rate_memory_init(dev);
3911 b43_set_phytxctl_defaults(dev);
3913 /* Minimum Contention Window */
3914 if (phy->type == B43_PHYTYPE_B) {
3915 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
3917 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
3919 /* Maximum Contention Window */
3920 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
3922 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) {
3923 dev->__using_pio_transfers = 1;
3924 err = b43_pio_init(dev);
3926 dev->__using_pio_transfers = 0;
3927 err = b43_dma_init(dev);
3932 b43_set_synth_pu_delay(dev, 1);
3933 b43_bluetooth_coext_enable(dev);
3935 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */
3936 b43_upload_card_macaddress(dev);
3937 b43_security_init(dev);
3938 if (!dev->suspend_in_progress)
3941 b43_set_status(dev, B43_STAT_INITIALIZED);
3943 if (!dev->suspend_in_progress)
3951 if (phy->dyn_tssi_tbl)
3952 kfree(phy->tssi2dbm);
3953 err_kfree_lo_control:
3954 kfree(phy->lo_control);
3955 phy->lo_control = NULL;
3957 ssb_bus_may_powerdown(bus);
3958 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
3962 static int b43_op_add_interface(struct ieee80211_hw *hw,
3963 struct ieee80211_if_init_conf *conf)
3965 struct b43_wl *wl = hw_to_b43_wl(hw);
3966 struct b43_wldev *dev;
3967 unsigned long flags;
3968 int err = -EOPNOTSUPP;
3970 /* TODO: allow WDS/AP devices to coexist */
3972 if (conf->type != IEEE80211_IF_TYPE_AP &&
3973 conf->type != IEEE80211_IF_TYPE_STA &&
3974 conf->type != IEEE80211_IF_TYPE_WDS &&
3975 conf->type != IEEE80211_IF_TYPE_IBSS)
3978 mutex_lock(&wl->mutex);
3980 goto out_mutex_unlock;
3982 b43dbg(wl, "Adding Interface type %d\n", conf->type);
3984 dev = wl->current_dev;
3986 wl->vif = conf->vif;
3987 wl->if_type = conf->type;
3988 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN);
3990 spin_lock_irqsave(&wl->irq_lock, flags);
3991 b43_adjust_opmode(dev);
3992 b43_set_pretbtt(dev);
3993 b43_set_synth_pu_delay(dev, 0);
3994 b43_upload_card_macaddress(dev);
3995 spin_unlock_irqrestore(&wl->irq_lock, flags);
3999 mutex_unlock(&wl->mutex);
4004 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4005 struct ieee80211_if_init_conf *conf)
4007 struct b43_wl *wl = hw_to_b43_wl(hw);
4008 struct b43_wldev *dev = wl->current_dev;
4009 unsigned long flags;
4011 b43dbg(wl, "Removing Interface type %d\n", conf->type);
4013 mutex_lock(&wl->mutex);
4015 B43_WARN_ON(!wl->operating);
4016 B43_WARN_ON(wl->vif != conf->vif);
4021 spin_lock_irqsave(&wl->irq_lock, flags);
4022 b43_adjust_opmode(dev);
4023 memset(wl->mac_addr, 0, ETH_ALEN);
4024 b43_upload_card_macaddress(dev);
4025 spin_unlock_irqrestore(&wl->irq_lock, flags);
4027 mutex_unlock(&wl->mutex);
4030 static int b43_op_start(struct ieee80211_hw *hw)
4032 struct b43_wl *wl = hw_to_b43_wl(hw);
4033 struct b43_wldev *dev = wl->current_dev;
4036 bool do_rfkill_exit = 0;
4038 /* Kill all old instance specific information to make sure
4039 * the card won't use it in the short timeframe between start
4040 * and mac80211 reconfiguring it. */
4041 memset(wl->bssid, 0, ETH_ALEN);
4042 memset(wl->mac_addr, 0, ETH_ALEN);
4043 wl->filter_flags = 0;
4044 wl->radiotap_enabled = 0;
4047 /* First register RFkill.
4048 * LEDs that are registered later depend on it. */
4049 b43_rfkill_init(dev);
4051 mutex_lock(&wl->mutex);
4053 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4054 err = b43_wireless_core_init(dev);
4057 goto out_mutex_unlock;
4062 if (b43_status(dev) < B43_STAT_STARTED) {
4063 err = b43_wireless_core_start(dev);
4066 b43_wireless_core_exit(dev);
4068 goto out_mutex_unlock;
4073 mutex_unlock(&wl->mutex);
4076 b43_rfkill_exit(dev);
4081 static void b43_op_stop(struct ieee80211_hw *hw)
4083 struct b43_wl *wl = hw_to_b43_wl(hw);
4084 struct b43_wldev *dev = wl->current_dev;
4086 b43_rfkill_exit(dev);
4087 cancel_work_sync(&(wl->qos_update_work));
4088 cancel_work_sync(&(wl->beacon_update_trigger));
4090 mutex_lock(&wl->mutex);
4091 if (b43_status(dev) >= B43_STAT_STARTED)
4092 b43_wireless_core_stop(dev);
4093 b43_wireless_core_exit(dev);
4094 mutex_unlock(&wl->mutex);
4097 static int b43_op_set_retry_limit(struct ieee80211_hw *hw,
4098 u32 short_retry_limit, u32 long_retry_limit)
4100 struct b43_wl *wl = hw_to_b43_wl(hw);
4101 struct b43_wldev *dev;
4104 mutex_lock(&wl->mutex);
4105 dev = wl->current_dev;
4106 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) {
4110 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit);
4112 mutex_unlock(&wl->mutex);
4117 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set)
4119 struct b43_wl *wl = hw_to_b43_wl(hw);
4120 struct sk_buff *beacon;
4121 unsigned long flags;
4122 struct ieee80211_tx_control txctl;
4124 /* We could modify the existing beacon and set the aid bit in
4125 * the TIM field, but that would probably require resizing and
4126 * moving of data within the beacon template.
4127 * Simply request a new beacon and let mac80211 do the hard work. */
4128 beacon = ieee80211_beacon_get(hw, wl->vif, &txctl);
4129 if (unlikely(!beacon))
4131 spin_lock_irqsave(&wl->irq_lock, flags);
4132 b43_update_templates(wl, beacon, &txctl);
4133 spin_unlock_irqrestore(&wl->irq_lock, flags);
4138 static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw,
4139 struct sk_buff *beacon,
4140 struct ieee80211_tx_control *ctl)
4142 struct b43_wl *wl = hw_to_b43_wl(hw);
4143 unsigned long flags;
4145 spin_lock_irqsave(&wl->irq_lock, flags);
4146 b43_update_templates(wl, beacon, ctl);
4147 spin_unlock_irqrestore(&wl->irq_lock, flags);
4152 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4153 struct ieee80211_vif *vif,
4154 enum sta_notify_cmd notify_cmd,
4157 struct b43_wl *wl = hw_to_b43_wl(hw);
4159 B43_WARN_ON(!vif || wl->vif != vif);
4162 static const struct ieee80211_ops b43_hw_ops = {
4164 .conf_tx = b43_op_conf_tx,
4165 .add_interface = b43_op_add_interface,
4166 .remove_interface = b43_op_remove_interface,
4167 .config = b43_op_config,
4168 .config_interface = b43_op_config_interface,
4169 .configure_filter = b43_op_configure_filter,
4170 .set_key = b43_op_set_key,
4171 .get_stats = b43_op_get_stats,
4172 .get_tx_stats = b43_op_get_tx_stats,
4173 .start = b43_op_start,
4174 .stop = b43_op_stop,
4175 .set_retry_limit = b43_op_set_retry_limit,
4176 .set_tim = b43_op_beacon_set_tim,
4177 .beacon_update = b43_op_ibss_beacon_update,
4178 .sta_notify = b43_op_sta_notify,
4181 /* Hard-reset the chip. Do not call this directly.
4182 * Use b43_controller_restart()
4184 static void b43_chip_reset(struct work_struct *work)
4186 struct b43_wldev *dev =
4187 container_of(work, struct b43_wldev, restart_work);
4188 struct b43_wl *wl = dev->wl;
4192 mutex_lock(&wl->mutex);
4194 prev_status = b43_status(dev);
4195 /* Bring the device down... */
4196 if (prev_status >= B43_STAT_STARTED)
4197 b43_wireless_core_stop(dev);
4198 if (prev_status >= B43_STAT_INITIALIZED)
4199 b43_wireless_core_exit(dev);
4201 /* ...and up again. */
4202 if (prev_status >= B43_STAT_INITIALIZED) {
4203 err = b43_wireless_core_init(dev);
4207 if (prev_status >= B43_STAT_STARTED) {
4208 err = b43_wireless_core_start(dev);
4210 b43_wireless_core_exit(dev);
4215 mutex_unlock(&wl->mutex);
4217 b43err(wl, "Controller restart FAILED\n");
4219 b43info(wl, "Controller restarted\n");
4222 static int b43_setup_bands(struct b43_wldev *dev,
4223 bool have_2ghz_phy, bool have_5ghz_phy)
4225 struct ieee80211_hw *hw = dev->wl->hw;
4228 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4229 if (dev->phy.type == B43_PHYTYPE_N) {
4231 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4234 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4237 dev->phy.supports_2ghz = have_2ghz_phy;
4238 dev->phy.supports_5ghz = have_5ghz_phy;
4243 static void b43_wireless_core_detach(struct b43_wldev *dev)
4245 /* We release firmware that late to not be required to re-request
4246 * is all the time when we reinit the core. */
4247 b43_release_firmware(dev);
4250 static int b43_wireless_core_attach(struct b43_wldev *dev)
4252 struct b43_wl *wl = dev->wl;
4253 struct ssb_bus *bus = dev->dev->bus;
4254 struct pci_dev *pdev = bus->host_pci;
4256 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4259 /* Do NOT do any device initialization here.
4260 * Do it in wireless_core_init() instead.
4261 * This function is for gathering basic information about the HW, only.
4262 * Also some structs may be set up here. But most likely you want to have
4263 * that in core_init(), too.
4266 err = ssb_bus_powerup(bus, 0);
4268 b43err(wl, "Bus powerup failed\n");
4271 /* Get the PHY type. */
4272 if (dev->dev->id.revision >= 5) {
4275 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
4276 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4277 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4281 dev->phy.gmode = have_2ghz_phy;
4282 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4283 b43_wireless_core_reset(dev, tmp);
4285 err = b43_phy_versioning(dev);
4288 /* Check if this device supports multiband. */
4290 (pdev->device != 0x4312 &&
4291 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4292 /* No multiband support. */
4295 switch (dev->phy.type) {
4307 if (dev->phy.type == B43_PHYTYPE_A) {
4309 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4313 dev->phy.gmode = have_2ghz_phy;
4314 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4315 b43_wireless_core_reset(dev, tmp);
4317 err = b43_validate_chipaccess(dev);
4320 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4324 /* Now set some default "current_dev" */
4325 if (!wl->current_dev)
4326 wl->current_dev = dev;
4327 INIT_WORK(&dev->restart_work, b43_chip_reset);
4329 b43_radio_turn_off(dev, 1);
4330 b43_switch_analog(dev, 0);
4331 ssb_device_disable(dev->dev, 0);
4332 ssb_bus_may_powerdown(bus);
4338 ssb_bus_may_powerdown(bus);
4342 static void b43_one_core_detach(struct ssb_device *dev)
4344 struct b43_wldev *wldev;
4347 wldev = ssb_get_drvdata(dev);
4349 cancel_work_sync(&wldev->restart_work);
4350 b43_debugfs_remove_device(wldev);
4351 b43_wireless_core_detach(wldev);
4352 list_del(&wldev->list);
4354 ssb_set_drvdata(dev, NULL);
4358 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4360 struct b43_wldev *wldev;
4361 struct pci_dev *pdev;
4364 if (!list_empty(&wl->devlist)) {
4365 /* We are not the first core on this chip. */
4366 pdev = dev->bus->host_pci;
4367 /* Only special chips support more than one wireless
4368 * core, although some of the other chips have more than
4369 * one wireless core as well. Check for this and
4373 ((pdev->device != 0x4321) &&
4374 (pdev->device != 0x4313) && (pdev->device != 0x431A))) {
4375 b43dbg(wl, "Ignoring unconnected 802.11 core\n");
4380 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4386 b43_set_status(wldev, B43_STAT_UNINIT);
4387 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4388 tasklet_init(&wldev->isr_tasklet,
4389 (void (*)(unsigned long))b43_interrupt_tasklet,
4390 (unsigned long)wldev);
4391 INIT_LIST_HEAD(&wldev->list);
4393 err = b43_wireless_core_attach(wldev);
4395 goto err_kfree_wldev;
4397 list_add(&wldev->list, &wl->devlist);
4399 ssb_set_drvdata(dev, wldev);
4400 b43_debugfs_add_device(wldev);
4410 static void b43_sprom_fixup(struct ssb_bus *bus)
4412 /* boardflags workarounds */
4413 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4414 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4415 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4416 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4417 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4418 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4421 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4423 struct ieee80211_hw *hw = wl->hw;
4425 ssb_set_devtypedata(dev, NULL);
4426 ieee80211_free_hw(hw);
4429 static int b43_wireless_init(struct ssb_device *dev)
4431 struct ssb_sprom *sprom = &dev->bus->sprom;
4432 struct ieee80211_hw *hw;
4436 b43_sprom_fixup(dev->bus);
4438 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4440 b43err(NULL, "Could not allocate ieee80211 device\n");
4445 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE |
4446 IEEE80211_HW_RX_INCLUDES_FCS;
4447 hw->max_signal = 100;
4448 hw->max_rssi = -110;
4449 hw->max_noise = -110;
4450 hw->queues = b43_modparam_qos ? 4 : 1;
4451 SET_IEEE80211_DEV(hw, dev->dev);
4452 if (is_valid_ether_addr(sprom->et1mac))
4453 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4455 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4457 /* Get and initialize struct b43_wl */
4458 wl = hw_to_b43_wl(hw);
4459 memset(wl, 0, sizeof(*wl));
4461 spin_lock_init(&wl->irq_lock);
4462 spin_lock_init(&wl->leds_lock);
4463 spin_lock_init(&wl->shm_lock);
4464 mutex_init(&wl->mutex);
4465 INIT_LIST_HEAD(&wl->devlist);
4466 INIT_WORK(&wl->qos_update_work, b43_qos_update_work);
4467 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4469 ssb_set_devtypedata(dev, wl);
4470 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id);
4476 static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4482 wl = ssb_get_devtypedata(dev);
4484 /* Probing the first core. Must setup common struct b43_wl */
4486 err = b43_wireless_init(dev);
4489 wl = ssb_get_devtypedata(dev);
4492 err = b43_one_core_attach(dev, wl);
4494 goto err_wireless_exit;
4497 err = ieee80211_register_hw(wl->hw);
4499 goto err_one_core_detach;
4505 err_one_core_detach:
4506 b43_one_core_detach(dev);
4509 b43_wireless_exit(dev, wl);
4513 static void b43_remove(struct ssb_device *dev)
4515 struct b43_wl *wl = ssb_get_devtypedata(dev);
4516 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4519 if (wl->current_dev == wldev)
4520 ieee80211_unregister_hw(wl->hw);
4522 b43_one_core_detach(dev);
4524 if (list_empty(&wl->devlist)) {
4525 /* Last core on the chip unregistered.
4526 * We can destroy common struct b43_wl.
4528 b43_wireless_exit(dev, wl);
4532 /* Perform a hardware reset. This can be called from any context. */
4533 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
4535 /* Must avoid requeueing, if we are in shutdown. */
4536 if (b43_status(dev) < B43_STAT_INITIALIZED)
4538 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
4539 queue_work(dev->wl->hw->workqueue, &dev->restart_work);
4544 static int b43_suspend(struct ssb_device *dev, pm_message_t state)
4546 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4547 struct b43_wl *wl = wldev->wl;
4549 b43dbg(wl, "Suspending...\n");
4551 mutex_lock(&wl->mutex);
4552 wldev->suspend_in_progress = true;
4553 wldev->suspend_init_status = b43_status(wldev);
4554 if (wldev->suspend_init_status >= B43_STAT_STARTED)
4555 b43_wireless_core_stop(wldev);
4556 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED)
4557 b43_wireless_core_exit(wldev);
4558 mutex_unlock(&wl->mutex);
4560 b43dbg(wl, "Device suspended.\n");
4565 static int b43_resume(struct ssb_device *dev)
4567 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4568 struct b43_wl *wl = wldev->wl;
4571 b43dbg(wl, "Resuming...\n");
4573 mutex_lock(&wl->mutex);
4574 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) {
4575 err = b43_wireless_core_init(wldev);
4577 b43err(wl, "Resume failed at core init\n");
4581 if (wldev->suspend_init_status >= B43_STAT_STARTED) {
4582 err = b43_wireless_core_start(wldev);
4584 b43_leds_exit(wldev);
4585 b43_rng_exit(wldev->wl, true);
4586 b43_wireless_core_exit(wldev);
4587 b43err(wl, "Resume failed at core start\n");
4591 b43dbg(wl, "Device resumed.\n");
4593 wldev->suspend_in_progress = false;
4594 mutex_unlock(&wl->mutex);
4598 #else /* CONFIG_PM */
4599 # define b43_suspend NULL
4600 # define b43_resume NULL
4601 #endif /* CONFIG_PM */
4603 static struct ssb_driver b43_ssb_driver = {
4604 .name = KBUILD_MODNAME,
4605 .id_table = b43_ssb_tbl,
4607 .remove = b43_remove,
4608 .suspend = b43_suspend,
4609 .resume = b43_resume,
4612 static void b43_print_driverinfo(void)
4614 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
4615 *feat_leds = "", *feat_rfkill = "";
4617 #ifdef CONFIG_B43_PCI_AUTOSELECT
4620 #ifdef CONFIG_B43_PCMCIA
4623 #ifdef CONFIG_B43_NPHY
4626 #ifdef CONFIG_B43_LEDS
4629 #ifdef CONFIG_B43_RFKILL
4632 printk(KERN_INFO "Broadcom 43xx driver loaded "
4633 "[ Features: %s%s%s%s%s, Firmware-ID: "
4634 B43_SUPPORTED_FIRMWARE_ID " ]\n",
4635 feat_pci, feat_pcmcia, feat_nphy,
4636 feat_leds, feat_rfkill);
4639 static int __init b43_init(void)
4644 err = b43_pcmcia_init();
4647 err = ssb_driver_register(&b43_ssb_driver);
4649 goto err_pcmcia_exit;
4650 b43_print_driverinfo();
4661 static void __exit b43_exit(void)
4663 ssb_driver_unregister(&b43_ssb_driver);
4668 module_init(b43_init)
4669 module_exit(b43_exit)
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob