1 // SPDX-License-Identifier: GPL-2.0-or-later
4 Broadcom B43 wireless driver
6 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
7 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
8 Copyright (c) 2005-2009 Michael Buesch <m@bues.ch>
9 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
10 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
11 Copyright (c) 2010-2011 Rafał Miłecki <zajec5@gmail.com>
14 Copyright (c) 2009 Albert Herranz <albert_herranz@yahoo.es>
16 Some parts of the code in this file are derived from the ipw2200
17 driver Copyright(c) 2003 - 2004 Intel Corporation.
22 #include <linux/delay.h>
23 #include <linux/init.h>
24 #include <linux/module.h>
25 #include <linux/if_arp.h>
26 #include <linux/etherdevice.h>
27 #include <linux/firmware.h>
28 #include <linux/workqueue.h>
29 #include <linux/skbuff.h>
31 #include <linux/dma-mapping.h>
32 #include <linux/slab.h>
33 #include <asm/unaligned.h>
38 #include "phy_common.h"
47 #include <linux/mmc/sdio_func.h>
49 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
50 MODULE_AUTHOR("Martin Langer");
51 MODULE_AUTHOR("Stefano Brivio");
52 MODULE_AUTHOR("Michael Buesch");
53 MODULE_AUTHOR("Gábor Stefanik");
54 MODULE_AUTHOR("Rafał Miłecki");
55 MODULE_LICENSE("GPL");
59 static int modparam_bad_frames_preempt;
60 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
61 MODULE_PARM_DESC(bad_frames_preempt,
62 "enable(1) / disable(0) Bad Frames Preemption");
64 static char modparam_fwpostfix[16];
65 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
66 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
68 static int modparam_hwpctl;
69 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
70 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
72 static int modparam_nohwcrypt;
73 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
74 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
76 static int modparam_hwtkip;
77 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
78 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
80 static int modparam_qos = 1;
81 module_param_named(qos, modparam_qos, int, 0444);
82 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
84 static int modparam_btcoex = 1;
85 module_param_named(btcoex, modparam_btcoex, int, 0444);
86 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
88 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
89 module_param_named(verbose, b43_modparam_verbose, int, 0644);
90 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
92 static int b43_modparam_pio = 0;
93 module_param_named(pio, b43_modparam_pio, int, 0644);
94 MODULE_PARM_DESC(pio, "Use PIO accesses by default: 0=DMA, 1=PIO");
96 static int modparam_allhwsupport = !IS_ENABLED(CONFIG_BRCMSMAC);
97 module_param_named(allhwsupport, modparam_allhwsupport, int, 0444);
98 MODULE_PARM_DESC(allhwsupport, "Enable support for all hardware (even it if overlaps with the brcmsmac driver)");
100 #ifdef CONFIG_B43_BCMA
101 static const struct bcma_device_id b43_bcma_tbl[] = {
102 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x11, BCMA_ANY_CLASS),
103 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x15, BCMA_ANY_CLASS),
104 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x17, BCMA_ANY_CLASS),
105 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x18, BCMA_ANY_CLASS),
106 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1C, BCMA_ANY_CLASS),
107 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1D, BCMA_ANY_CLASS),
108 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x1E, BCMA_ANY_CLASS),
109 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x28, BCMA_ANY_CLASS),
110 BCMA_CORE(BCMA_MANUF_BCM, BCMA_CORE_80211, 0x2A, BCMA_ANY_CLASS),
113 MODULE_DEVICE_TABLE(bcma, b43_bcma_tbl);
116 #ifdef CONFIG_B43_SSB
117 static const struct ssb_device_id b43_ssb_tbl[] = {
118 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
119 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
120 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
121 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
122 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
123 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
124 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 12),
125 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
126 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
127 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
130 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
133 /* Channel and ratetables are shared for all devices.
134 * They can't be const, because ieee80211 puts some precalculated
135 * data in there. This data is the same for all devices, so we don't
136 * get concurrency issues */
137 #define RATETAB_ENT(_rateid, _flags) \
139 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
140 .hw_value = (_rateid), \
145 * NOTE: When changing this, sync with xmit.c's
146 * b43_plcp_get_bitrate_idx_* functions!
148 static struct ieee80211_rate __b43_ratetable[] = {
149 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
150 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
151 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
152 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
153 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
154 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
155 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
156 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
157 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
158 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
159 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
160 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
163 #define b43_a_ratetable (__b43_ratetable + 4)
164 #define b43_a_ratetable_size 8
165 #define b43_b_ratetable (__b43_ratetable + 0)
166 #define b43_b_ratetable_size 4
167 #define b43_g_ratetable (__b43_ratetable + 0)
168 #define b43_g_ratetable_size 12
170 #define CHAN2G(_channel, _freq, _flags) { \
171 .band = NL80211_BAND_2GHZ, \
172 .center_freq = (_freq), \
173 .hw_value = (_channel), \
175 .max_antenna_gain = 0, \
178 static struct ieee80211_channel b43_2ghz_chantable[] = {
195 /* No support for the last 3 channels (12, 13, 14) */
196 #define b43_2ghz_chantable_limited_size 11
199 #define CHAN4G(_channel, _flags) { \
200 .band = NL80211_BAND_5GHZ, \
201 .center_freq = 4000 + (5 * (_channel)), \
202 .hw_value = (_channel), \
204 .max_antenna_gain = 0, \
207 #define CHAN5G(_channel, _flags) { \
208 .band = NL80211_BAND_5GHZ, \
209 .center_freq = 5000 + (5 * (_channel)), \
210 .hw_value = (_channel), \
212 .max_antenna_gain = 0, \
215 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
216 CHAN4G(184, 0), CHAN4G(186, 0),
217 CHAN4G(188, 0), CHAN4G(190, 0),
218 CHAN4G(192, 0), CHAN4G(194, 0),
219 CHAN4G(196, 0), CHAN4G(198, 0),
220 CHAN4G(200, 0), CHAN4G(202, 0),
221 CHAN4G(204, 0), CHAN4G(206, 0),
222 CHAN4G(208, 0), CHAN4G(210, 0),
223 CHAN4G(212, 0), CHAN4G(214, 0),
224 CHAN4G(216, 0), CHAN4G(218, 0),
225 CHAN4G(220, 0), CHAN4G(222, 0),
226 CHAN4G(224, 0), CHAN4G(226, 0),
228 CHAN5G(32, 0), CHAN5G(34, 0),
229 CHAN5G(36, 0), CHAN5G(38, 0),
230 CHAN5G(40, 0), CHAN5G(42, 0),
231 CHAN5G(44, 0), CHAN5G(46, 0),
232 CHAN5G(48, 0), CHAN5G(50, 0),
233 CHAN5G(52, 0), CHAN5G(54, 0),
234 CHAN5G(56, 0), CHAN5G(58, 0),
235 CHAN5G(60, 0), CHAN5G(62, 0),
236 CHAN5G(64, 0), CHAN5G(66, 0),
237 CHAN5G(68, 0), CHAN5G(70, 0),
238 CHAN5G(72, 0), CHAN5G(74, 0),
239 CHAN5G(76, 0), CHAN5G(78, 0),
240 CHAN5G(80, 0), CHAN5G(82, 0),
241 CHAN5G(84, 0), CHAN5G(86, 0),
242 CHAN5G(88, 0), CHAN5G(90, 0),
243 CHAN5G(92, 0), CHAN5G(94, 0),
244 CHAN5G(96, 0), CHAN5G(98, 0),
245 CHAN5G(100, 0), CHAN5G(102, 0),
246 CHAN5G(104, 0), CHAN5G(106, 0),
247 CHAN5G(108, 0), CHAN5G(110, 0),
248 CHAN5G(112, 0), CHAN5G(114, 0),
249 CHAN5G(116, 0), CHAN5G(118, 0),
250 CHAN5G(120, 0), CHAN5G(122, 0),
251 CHAN5G(124, 0), CHAN5G(126, 0),
252 CHAN5G(128, 0), CHAN5G(130, 0),
253 CHAN5G(132, 0), CHAN5G(134, 0),
254 CHAN5G(136, 0), CHAN5G(138, 0),
255 CHAN5G(140, 0), CHAN5G(142, 0),
256 CHAN5G(144, 0), CHAN5G(145, 0),
257 CHAN5G(146, 0), CHAN5G(147, 0),
258 CHAN5G(148, 0), CHAN5G(149, 0),
259 CHAN5G(150, 0), CHAN5G(151, 0),
260 CHAN5G(152, 0), CHAN5G(153, 0),
261 CHAN5G(154, 0), CHAN5G(155, 0),
262 CHAN5G(156, 0), CHAN5G(157, 0),
263 CHAN5G(158, 0), CHAN5G(159, 0),
264 CHAN5G(160, 0), CHAN5G(161, 0),
265 CHAN5G(162, 0), CHAN5G(163, 0),
266 CHAN5G(164, 0), CHAN5G(165, 0),
267 CHAN5G(166, 0), CHAN5G(168, 0),
268 CHAN5G(170, 0), CHAN5G(172, 0),
269 CHAN5G(174, 0), CHAN5G(176, 0),
270 CHAN5G(178, 0), CHAN5G(180, 0),
274 static struct ieee80211_channel b43_5ghz_nphy_chantable_limited[] = {
275 CHAN5G(36, 0), CHAN5G(40, 0),
276 CHAN5G(44, 0), CHAN5G(48, 0),
277 CHAN5G(149, 0), CHAN5G(153, 0),
278 CHAN5G(157, 0), CHAN5G(161, 0),
282 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
283 CHAN5G(34, 0), CHAN5G(36, 0),
284 CHAN5G(38, 0), CHAN5G(40, 0),
285 CHAN5G(42, 0), CHAN5G(44, 0),
286 CHAN5G(46, 0), CHAN5G(48, 0),
287 CHAN5G(52, 0), CHAN5G(56, 0),
288 CHAN5G(60, 0), CHAN5G(64, 0),
289 CHAN5G(100, 0), CHAN5G(104, 0),
290 CHAN5G(108, 0), CHAN5G(112, 0),
291 CHAN5G(116, 0), CHAN5G(120, 0),
292 CHAN5G(124, 0), CHAN5G(128, 0),
293 CHAN5G(132, 0), CHAN5G(136, 0),
294 CHAN5G(140, 0), CHAN5G(149, 0),
295 CHAN5G(153, 0), CHAN5G(157, 0),
296 CHAN5G(161, 0), CHAN5G(165, 0),
297 CHAN5G(184, 0), CHAN5G(188, 0),
298 CHAN5G(192, 0), CHAN5G(196, 0),
299 CHAN5G(200, 0), CHAN5G(204, 0),
300 CHAN5G(208, 0), CHAN5G(212, 0),
306 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
307 .band = NL80211_BAND_5GHZ,
308 .channels = b43_5ghz_nphy_chantable,
309 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
310 .bitrates = b43_a_ratetable,
311 .n_bitrates = b43_a_ratetable_size,
314 static struct ieee80211_supported_band b43_band_5GHz_nphy_limited = {
315 .band = NL80211_BAND_5GHZ,
316 .channels = b43_5ghz_nphy_chantable_limited,
317 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable_limited),
318 .bitrates = b43_a_ratetable,
319 .n_bitrates = b43_a_ratetable_size,
322 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
323 .band = NL80211_BAND_5GHZ,
324 .channels = b43_5ghz_aphy_chantable,
325 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
326 .bitrates = b43_a_ratetable,
327 .n_bitrates = b43_a_ratetable_size,
330 static struct ieee80211_supported_band b43_band_2GHz = {
331 .band = NL80211_BAND_2GHZ,
332 .channels = b43_2ghz_chantable,
333 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
334 .bitrates = b43_g_ratetable,
335 .n_bitrates = b43_g_ratetable_size,
338 static struct ieee80211_supported_band b43_band_2ghz_limited = {
339 .band = NL80211_BAND_2GHZ,
340 .channels = b43_2ghz_chantable,
341 .n_channels = b43_2ghz_chantable_limited_size,
342 .bitrates = b43_g_ratetable,
343 .n_bitrates = b43_g_ratetable_size,
346 static void b43_wireless_core_exit(struct b43_wldev *dev);
347 static int b43_wireless_core_init(struct b43_wldev *dev);
348 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
349 static int b43_wireless_core_start(struct b43_wldev *dev);
350 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
351 struct ieee80211_vif *vif,
352 struct ieee80211_bss_conf *conf,
355 static int b43_ratelimit(struct b43_wl *wl)
357 if (!wl || !wl->current_dev)
359 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
361 /* We are up and running.
362 * Ratelimit the messages to avoid DoS over the net. */
363 return net_ratelimit();
366 void b43info(struct b43_wl *wl, const char *fmt, ...)
368 struct va_format vaf;
371 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
373 if (!b43_ratelimit(wl))
381 printk(KERN_INFO "b43-%s: %pV",
382 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
387 void b43err(struct b43_wl *wl, const char *fmt, ...)
389 struct va_format vaf;
392 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
394 if (!b43_ratelimit(wl))
402 printk(KERN_ERR "b43-%s ERROR: %pV",
403 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
408 void b43warn(struct b43_wl *wl, const char *fmt, ...)
410 struct va_format vaf;
413 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
415 if (!b43_ratelimit(wl))
423 printk(KERN_WARNING "b43-%s warning: %pV",
424 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
429 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
431 struct va_format vaf;
434 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
442 printk(KERN_DEBUG "b43-%s debug: %pV",
443 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan", &vaf);
448 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
452 B43_WARN_ON(offset % 4 != 0);
454 macctl = b43_read32(dev, B43_MMIO_MACCTL);
455 if (macctl & B43_MACCTL_BE)
458 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
459 b43_write32(dev, B43_MMIO_RAM_DATA, val);
462 static inline void b43_shm_control_word(struct b43_wldev *dev,
463 u16 routing, u16 offset)
467 /* "offset" is the WORD offset. */
471 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
474 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
478 if (routing == B43_SHM_SHARED) {
479 B43_WARN_ON(offset & 0x0001);
480 if (offset & 0x0003) {
481 /* Unaligned access */
482 b43_shm_control_word(dev, routing, offset >> 2);
483 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
484 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
485 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
491 b43_shm_control_word(dev, routing, offset);
492 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
497 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
501 if (routing == B43_SHM_SHARED) {
502 B43_WARN_ON(offset & 0x0001);
503 if (offset & 0x0003) {
504 /* Unaligned access */
505 b43_shm_control_word(dev, routing, offset >> 2);
506 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
512 b43_shm_control_word(dev, routing, offset);
513 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
518 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
520 if (routing == B43_SHM_SHARED) {
521 B43_WARN_ON(offset & 0x0001);
522 if (offset & 0x0003) {
523 /* Unaligned access */
524 b43_shm_control_word(dev, routing, offset >> 2);
525 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
527 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
528 b43_write16(dev, B43_MMIO_SHM_DATA,
529 (value >> 16) & 0xFFFF);
534 b43_shm_control_word(dev, routing, offset);
535 b43_write32(dev, B43_MMIO_SHM_DATA, value);
538 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
540 if (routing == B43_SHM_SHARED) {
541 B43_WARN_ON(offset & 0x0001);
542 if (offset & 0x0003) {
543 /* Unaligned access */
544 b43_shm_control_word(dev, routing, offset >> 2);
545 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
550 b43_shm_control_word(dev, routing, offset);
551 b43_write16(dev, B43_MMIO_SHM_DATA, value);
555 u64 b43_hf_read(struct b43_wldev *dev)
559 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF3);
561 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF2);
563 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF1);
568 /* Write HostFlags */
569 void b43_hf_write(struct b43_wldev *dev, u64 value)
573 lo = (value & 0x00000000FFFFULL);
574 mi = (value & 0x0000FFFF0000ULL) >> 16;
575 hi = (value & 0xFFFF00000000ULL) >> 32;
576 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF1, lo);
577 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF2, mi);
578 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTF3, hi);
581 /* Read the firmware capabilities bitmask (Opensource firmware only) */
582 static u16 b43_fwcapa_read(struct b43_wldev *dev)
584 B43_WARN_ON(!dev->fw.opensource);
585 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
588 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
592 B43_WARN_ON(dev->dev->core_rev < 3);
594 /* The hardware guarantees us an atomic read, if we
595 * read the low register first. */
596 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
597 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
604 static void b43_time_lock(struct b43_wldev *dev)
606 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_TBTTHOLD);
607 /* Commit the write */
608 b43_read32(dev, B43_MMIO_MACCTL);
611 static void b43_time_unlock(struct b43_wldev *dev)
613 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_TBTTHOLD, 0);
614 /* Commit the write */
615 b43_read32(dev, B43_MMIO_MACCTL);
618 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
622 B43_WARN_ON(dev->dev->core_rev < 3);
626 /* The hardware guarantees us an atomic write, if we
627 * write the low register first. */
628 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
629 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
632 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
635 b43_tsf_write_locked(dev, tsf);
636 b43_time_unlock(dev);
640 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
642 static const u8 zero_addr[ETH_ALEN] = { 0 };
649 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
653 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
656 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
659 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
662 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
666 u8 mac_bssid[ETH_ALEN * 2];
670 bssid = dev->wl->bssid;
671 mac = dev->wl->mac_addr;
673 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
675 memcpy(mac_bssid, mac, ETH_ALEN);
676 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
678 /* Write our MAC address and BSSID to template ram */
679 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
680 tmp = (u32) (mac_bssid[i + 0]);
681 tmp |= (u32) (mac_bssid[i + 1]) << 8;
682 tmp |= (u32) (mac_bssid[i + 2]) << 16;
683 tmp |= (u32) (mac_bssid[i + 3]) << 24;
684 b43_ram_write(dev, 0x20 + i, tmp);
688 static void b43_upload_card_macaddress(struct b43_wldev *dev)
690 b43_write_mac_bssid_templates(dev);
691 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
694 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
696 /* slot_time is in usec. */
697 /* This test used to exit for all but a G PHY. */
698 if (b43_current_band(dev->wl) == NL80211_BAND_5GHZ)
700 b43_write16(dev, B43_MMIO_IFSSLOT, 510 + slot_time);
701 /* Shared memory location 0x0010 is the slot time and should be
702 * set to slot_time; however, this register is initially 0 and changing
703 * the value adversely affects the transmit rate for BCM4311
704 * devices. Until this behavior is unterstood, delete this step
706 * b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
710 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
712 b43_set_slot_time(dev, 9);
715 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
717 b43_set_slot_time(dev, 20);
720 /* DummyTransmission function, as documented on
721 * https://bcm-v4.sipsolutions.net/802.11/DummyTransmission
723 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
725 struct b43_phy *phy = &dev->phy;
726 unsigned int i, max_loop;
738 buffer[0] = 0x000201CC;
741 buffer[0] = 0x000B846E;
744 for (i = 0; i < 5; i++)
745 b43_ram_write(dev, i * 4, buffer[i]);
747 b43_write16(dev, B43_MMIO_XMTSEL, 0x0000);
749 if (dev->dev->core_rev < 11)
750 b43_write16(dev, B43_MMIO_WEPCTL, 0x0000);
752 b43_write16(dev, B43_MMIO_WEPCTL, 0x0100);
754 value = (ofdm ? 0x41 : 0x40);
755 b43_write16(dev, B43_MMIO_TXE0_PHYCTL, value);
756 if (phy->type == B43_PHYTYPE_N || phy->type == B43_PHYTYPE_LP ||
757 phy->type == B43_PHYTYPE_LCN)
758 b43_write16(dev, B43_MMIO_TXE0_PHYCTL1, 0x1A02);
760 b43_write16(dev, B43_MMIO_TXE0_WM_0, 0x0000);
761 b43_write16(dev, B43_MMIO_TXE0_WM_1, 0x0000);
763 b43_write16(dev, B43_MMIO_XMTTPLATETXPTR, 0x0000);
764 b43_write16(dev, B43_MMIO_XMTTXCNT, 0x0014);
765 b43_write16(dev, B43_MMIO_XMTSEL, 0x0826);
766 b43_write16(dev, B43_MMIO_TXE0_CTL, 0x0000);
768 if (!pa_on && phy->type == B43_PHYTYPE_N) {
769 ; /*b43_nphy_pa_override(dev, false) */
774 case B43_PHYTYPE_LCN:
775 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x00D0);
778 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0050);
781 b43_write16(dev, B43_MMIO_TXE0_AUX, 0x0030);
783 b43_read16(dev, B43_MMIO_TXE0_AUX);
785 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
786 b43_radio_write16(dev, 0x0051, 0x0017);
787 for (i = 0x00; i < max_loop; i++) {
788 value = b43_read16(dev, B43_MMIO_TXE0_STATUS);
793 for (i = 0x00; i < 0x0A; i++) {
794 value = b43_read16(dev, B43_MMIO_TXE0_STATUS);
799 for (i = 0x00; i < 0x19; i++) {
800 value = b43_read16(dev, B43_MMIO_IFSSTAT);
801 if (!(value & 0x0100))
805 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
806 b43_radio_write16(dev, 0x0051, 0x0037);
809 static void key_write(struct b43_wldev *dev,
810 u8 index, u8 algorithm, const u8 *key)
817 /* Key index/algo block */
818 kidx = b43_kidx_to_fw(dev, index);
819 value = ((kidx << 4) | algorithm);
820 b43_shm_write16(dev, B43_SHM_SHARED,
821 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
823 /* Write the key to the Key Table Pointer offset */
824 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
825 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
827 value |= (u16) (key[i + 1]) << 8;
828 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
832 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
834 u32 addrtmp[2] = { 0, 0, };
835 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
837 if (b43_new_kidx_api(dev))
838 pairwise_keys_start = B43_NR_GROUP_KEYS;
840 B43_WARN_ON(index < pairwise_keys_start);
841 /* We have four default TX keys and possibly four default RX keys.
842 * Physical mac 0 is mapped to physical key 4 or 8, depending
843 * on the firmware version.
844 * So we must adjust the index here.
846 index -= pairwise_keys_start;
847 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
850 addrtmp[0] = addr[0];
851 addrtmp[0] |= ((u32) (addr[1]) << 8);
852 addrtmp[0] |= ((u32) (addr[2]) << 16);
853 addrtmp[0] |= ((u32) (addr[3]) << 24);
854 addrtmp[1] = addr[4];
855 addrtmp[1] |= ((u32) (addr[5]) << 8);
858 /* Receive match transmitter address (RCMTA) mechanism */
859 b43_shm_write32(dev, B43_SHM_RCMTA,
860 (index * 2) + 0, addrtmp[0]);
861 b43_shm_write16(dev, B43_SHM_RCMTA,
862 (index * 2) + 1, addrtmp[1]);
865 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
866 * When a packet is received, the iv32 is checked.
867 * - if it doesn't the packet is returned without modification (and software
868 * decryption can be done). That's what happen when iv16 wrap.
869 * - if it does, the rc4 key is computed, and decryption is tried.
870 * Either it will success and B43_RX_MAC_DEC is returned,
871 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
872 * and the packet is not usable (it got modified by the ucode).
873 * So in order to never have B43_RX_MAC_DECERR, we should provide
874 * a iv32 and phase1key that match. Because we drop packets in case of
875 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
876 * packets will be lost without higher layer knowing (ie no resync possible
879 * NOTE : this should support 50 key like RCMTA because
880 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
882 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
887 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
889 if (!modparam_hwtkip)
892 if (b43_new_kidx_api(dev))
893 pairwise_keys_start = B43_NR_GROUP_KEYS;
895 B43_WARN_ON(index < pairwise_keys_start);
896 /* We have four default TX keys and possibly four default RX keys.
897 * Physical mac 0 is mapped to physical key 4 or 8, depending
898 * on the firmware version.
899 * So we must adjust the index here.
901 index -= pairwise_keys_start;
902 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
904 if (b43_debug(dev, B43_DBG_KEYS)) {
905 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
908 /* Write the key to the RX tkip shared mem */
909 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
910 for (i = 0; i < 10; i += 2) {
911 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
912 phase1key ? phase1key[i / 2] : 0);
914 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
915 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
918 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
919 struct ieee80211_vif *vif,
920 struct ieee80211_key_conf *keyconf,
921 struct ieee80211_sta *sta,
922 u32 iv32, u16 *phase1key)
924 struct b43_wl *wl = hw_to_b43_wl(hw);
925 struct b43_wldev *dev;
926 int index = keyconf->hw_key_idx;
928 if (B43_WARN_ON(!modparam_hwtkip))
931 /* This is only called from the RX path through mac80211, where
932 * our mutex is already locked. */
933 B43_WARN_ON(!mutex_is_locked(&wl->mutex));
934 dev = wl->current_dev;
935 B43_WARN_ON(!dev || b43_status(dev) < B43_STAT_INITIALIZED);
937 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
939 rx_tkip_phase1_write(dev, index, iv32, phase1key);
940 /* only pairwise TKIP keys are supported right now */
943 keymac_write(dev, index, sta->addr);
946 static void do_key_write(struct b43_wldev *dev,
947 u8 index, u8 algorithm,
948 const u8 *key, size_t key_len, const u8 *mac_addr)
950 u8 buf[B43_SEC_KEYSIZE] = { 0, };
951 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
953 if (b43_new_kidx_api(dev))
954 pairwise_keys_start = B43_NR_GROUP_KEYS;
956 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
957 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
959 if (index >= pairwise_keys_start)
960 keymac_write(dev, index, NULL); /* First zero out mac. */
961 if (algorithm == B43_SEC_ALGO_TKIP) {
963 * We should provide an initial iv32, phase1key pair.
964 * We could start with iv32=0 and compute the corresponding
965 * phase1key, but this means calling ieee80211_get_tkip_key
966 * with a fake skb (or export other tkip function).
967 * Because we are lazy we hope iv32 won't start with
968 * 0xffffffff and let's b43_op_update_tkip_key provide a
971 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
972 } else if (index >= pairwise_keys_start) /* clear it */
973 rx_tkip_phase1_write(dev, index, 0, NULL);
975 memcpy(buf, key, key_len);
976 key_write(dev, index, algorithm, buf);
977 if (index >= pairwise_keys_start)
978 keymac_write(dev, index, mac_addr);
980 dev->key[index].algorithm = algorithm;
983 static int b43_key_write(struct b43_wldev *dev,
984 int index, u8 algorithm,
985 const u8 *key, size_t key_len,
987 struct ieee80211_key_conf *keyconf)
990 int pairwise_keys_start;
992 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
993 * - Temporal Encryption Key (128 bits)
994 * - Temporal Authenticator Tx MIC Key (64 bits)
995 * - Temporal Authenticator Rx MIC Key (64 bits)
997 * Hardware only store TEK
999 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
1001 if (key_len > B43_SEC_KEYSIZE)
1003 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
1004 /* Check that we don't already have this key. */
1005 B43_WARN_ON(dev->key[i].keyconf == keyconf);
1008 /* Pairwise key. Get an empty slot for the key. */
1009 if (b43_new_kidx_api(dev))
1010 pairwise_keys_start = B43_NR_GROUP_KEYS;
1012 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1013 for (i = pairwise_keys_start;
1014 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
1016 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
1017 if (!dev->key[i].keyconf) {
1024 b43warn(dev->wl, "Out of hardware key memory\n");
1028 B43_WARN_ON(index > 3);
1030 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
1031 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1032 /* Default RX key */
1033 B43_WARN_ON(mac_addr);
1034 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
1036 keyconf->hw_key_idx = index;
1037 dev->key[index].keyconf = keyconf;
1042 static int b43_key_clear(struct b43_wldev *dev, int index)
1044 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
1046 do_key_write(dev, index, B43_SEC_ALGO_NONE,
1047 NULL, B43_SEC_KEYSIZE, NULL);
1048 if ((index <= 3) && !b43_new_kidx_api(dev)) {
1049 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
1050 NULL, B43_SEC_KEYSIZE, NULL);
1052 dev->key[index].keyconf = NULL;
1057 static void b43_clear_keys(struct b43_wldev *dev)
1061 if (b43_new_kidx_api(dev))
1062 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1064 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1065 for (i = 0; i < count; i++)
1066 b43_key_clear(dev, i);
1069 static void b43_dump_keymemory(struct b43_wldev *dev)
1071 unsigned int i, index, count, offset, pairwise_keys_start;
1077 struct b43_key *key;
1079 if (!b43_debug(dev, B43_DBG_KEYS))
1082 hf = b43_hf_read(dev);
1083 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
1084 !!(hf & B43_HF_USEDEFKEYS));
1085 if (b43_new_kidx_api(dev)) {
1086 pairwise_keys_start = B43_NR_GROUP_KEYS;
1087 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1089 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1090 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1092 for (index = 0; index < count; index++) {
1093 key = &(dev->key[index]);
1094 printk(KERN_DEBUG "Key slot %02u: %s",
1095 index, (key->keyconf == NULL) ? " " : "*");
1096 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1097 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1098 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1099 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1102 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1103 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1104 printk(" Algo: %04X/%02X", algo, key->algorithm);
1106 if (index >= pairwise_keys_start) {
1107 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1109 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1110 for (i = 0; i < 14; i += 2) {
1111 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1112 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1115 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1116 ((index - pairwise_keys_start) * 2) + 0);
1117 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1118 ((index - pairwise_keys_start) * 2) + 1);
1119 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1120 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1121 printk(" MAC: %pM", mac);
1123 printk(" DEFAULT KEY");
1128 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1136 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1137 (ps_flags & B43_PS_DISABLED));
1138 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1140 if (ps_flags & B43_PS_ENABLED) {
1142 } else if (ps_flags & B43_PS_DISABLED) {
1145 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1146 // and thus is not an AP and we are associated, set bit 25
1148 if (ps_flags & B43_PS_AWAKE) {
1150 } else if (ps_flags & B43_PS_ASLEEP) {
1153 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1154 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1155 // successful, set bit26
1158 /* FIXME: For now we force awake-on and hwps-off */
1162 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1164 macctl |= B43_MACCTL_HWPS;
1166 macctl &= ~B43_MACCTL_HWPS;
1168 macctl |= B43_MACCTL_AWAKE;
1170 macctl &= ~B43_MACCTL_AWAKE;
1171 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1173 b43_read32(dev, B43_MMIO_MACCTL);
1174 if (awake && dev->dev->core_rev >= 5) {
1175 /* Wait for the microcode to wake up. */
1176 for (i = 0; i < 100; i++) {
1177 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1178 B43_SHM_SH_UCODESTAT);
1179 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1186 /* https://bcm-v4.sipsolutions.net/802.11/PHY/BmacCorePllReset */
1187 void b43_wireless_core_phy_pll_reset(struct b43_wldev *dev)
1189 struct bcma_drv_cc *bcma_cc __maybe_unused;
1190 struct ssb_chipcommon *ssb_cc __maybe_unused;
1192 switch (dev->dev->bus_type) {
1193 #ifdef CONFIG_B43_BCMA
1195 bcma_cc = &dev->dev->bdev->bus->drv_cc;
1197 bcma_cc_write32(bcma_cc, BCMA_CC_PMU_CHIPCTL_ADDR, 0);
1198 bcma_cc_mask32(bcma_cc, BCMA_CC_PMU_CHIPCTL_DATA, ~0x4);
1199 bcma_cc_set32(bcma_cc, BCMA_CC_PMU_CHIPCTL_DATA, 0x4);
1200 bcma_cc_mask32(bcma_cc, BCMA_CC_PMU_CHIPCTL_DATA, ~0x4);
1203 #ifdef CONFIG_B43_SSB
1205 ssb_cc = &dev->dev->sdev->bus->chipco;
1207 chipco_write32(ssb_cc, SSB_CHIPCO_CHIPCTL_ADDR, 0);
1208 chipco_mask32(ssb_cc, SSB_CHIPCO_CHIPCTL_DATA, ~0x4);
1209 chipco_set32(ssb_cc, SSB_CHIPCO_CHIPCTL_DATA, 0x4);
1210 chipco_mask32(ssb_cc, SSB_CHIPCO_CHIPCTL_DATA, ~0x4);
1216 #ifdef CONFIG_B43_BCMA
1217 static void b43_bcma_phy_reset(struct b43_wldev *dev)
1221 /* Put PHY into reset */
1222 flags = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1223 flags |= B43_BCMA_IOCTL_PHY_RESET;
1224 flags |= B43_BCMA_IOCTL_PHY_BW_20MHZ; /* Make 20 MHz def */
1225 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, flags);
1228 b43_phy_take_out_of_reset(dev);
1231 static void b43_bcma_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1233 u32 req = B43_BCMA_CLKCTLST_80211_PLL_REQ |
1234 B43_BCMA_CLKCTLST_PHY_PLL_REQ;
1235 u32 status = B43_BCMA_CLKCTLST_80211_PLL_ST |
1236 B43_BCMA_CLKCTLST_PHY_PLL_ST;
1239 flags = B43_BCMA_IOCTL_PHY_CLKEN;
1241 flags |= B43_BCMA_IOCTL_GMODE;
1242 b43_device_enable(dev, flags);
1244 if (dev->phy.type == B43_PHYTYPE_AC) {
1247 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1248 tmp &= ~B43_BCMA_IOCTL_DAC;
1250 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
1252 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1253 tmp &= ~B43_BCMA_IOCTL_PHY_CLKEN;
1254 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
1256 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
1257 tmp |= B43_BCMA_IOCTL_PHY_CLKEN;
1258 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
1261 bcma_core_set_clockmode(dev->dev->bdev, BCMA_CLKMODE_FAST);
1262 b43_bcma_phy_reset(dev);
1263 bcma_core_pll_ctl(dev->dev->bdev, req, status, true);
1267 #ifdef CONFIG_B43_SSB
1268 static void b43_ssb_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1273 flags |= B43_TMSLOW_GMODE;
1274 flags |= B43_TMSLOW_PHYCLKEN;
1275 flags |= B43_TMSLOW_PHYRESET;
1276 if (dev->phy.type == B43_PHYTYPE_N)
1277 flags |= B43_TMSLOW_PHY_BANDWIDTH_20MHZ; /* Make 20 MHz def */
1278 b43_device_enable(dev, flags);
1279 msleep(2); /* Wait for the PLL to turn on. */
1281 b43_phy_take_out_of_reset(dev);
1285 void b43_wireless_core_reset(struct b43_wldev *dev, bool gmode)
1289 switch (dev->dev->bus_type) {
1290 #ifdef CONFIG_B43_BCMA
1292 b43_bcma_wireless_core_reset(dev, gmode);
1295 #ifdef CONFIG_B43_SSB
1297 b43_ssb_wireless_core_reset(dev, gmode);
1302 /* Turn Analog ON, but only if we already know the PHY-type.
1303 * This protects against very early setup where we don't know the
1304 * PHY-type, yet. wireless_core_reset will be called once again later,
1305 * when we know the PHY-type. */
1307 dev->phy.ops->switch_analog(dev, 1);
1309 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1310 macctl &= ~B43_MACCTL_GMODE;
1312 macctl |= B43_MACCTL_GMODE;
1313 macctl |= B43_MACCTL_IHR_ENABLED;
1314 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1317 static void handle_irq_transmit_status(struct b43_wldev *dev)
1321 struct b43_txstatus stat;
1324 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1325 if (!(v0 & 0x00000001))
1327 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1329 stat.cookie = (v0 >> 16);
1330 stat.seq = (v1 & 0x0000FFFF);
1331 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1332 tmp = (v0 & 0x0000FFFF);
1333 stat.frame_count = ((tmp & 0xF000) >> 12);
1334 stat.rts_count = ((tmp & 0x0F00) >> 8);
1335 stat.supp_reason = ((tmp & 0x001C) >> 2);
1336 stat.pm_indicated = !!(tmp & 0x0080);
1337 stat.intermediate = !!(tmp & 0x0040);
1338 stat.for_ampdu = !!(tmp & 0x0020);
1339 stat.acked = !!(tmp & 0x0002);
1341 b43_handle_txstatus(dev, &stat);
1345 static void drain_txstatus_queue(struct b43_wldev *dev)
1349 if (dev->dev->core_rev < 5)
1351 /* Read all entries from the microcode TXstatus FIFO
1352 * and throw them away.
1355 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1356 if (!(dummy & 0x00000001))
1358 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1362 static u32 b43_jssi_read(struct b43_wldev *dev)
1366 val = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI1);
1368 val |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI0);
1373 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1375 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI0,
1376 (jssi & 0x0000FFFF));
1377 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_JSSI1,
1378 (jssi & 0xFFFF0000) >> 16);
1381 static void b43_generate_noise_sample(struct b43_wldev *dev)
1383 b43_jssi_write(dev, 0x7F7F7F7F);
1384 b43_write32(dev, B43_MMIO_MACCMD,
1385 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1388 static void b43_calculate_link_quality(struct b43_wldev *dev)
1390 /* Top half of Link Quality calculation. */
1392 if (dev->phy.type != B43_PHYTYPE_G)
1394 if (dev->noisecalc.calculation_running)
1396 dev->noisecalc.calculation_running = true;
1397 dev->noisecalc.nr_samples = 0;
1399 b43_generate_noise_sample(dev);
1402 static void handle_irq_noise(struct b43_wldev *dev)
1404 struct b43_phy_g *phy = dev->phy.g;
1410 /* Bottom half of Link Quality calculation. */
1412 if (dev->phy.type != B43_PHYTYPE_G)
1415 /* Possible race condition: It might be possible that the user
1416 * changed to a different channel in the meantime since we
1417 * started the calculation. We ignore that fact, since it's
1418 * not really that much of a problem. The background noise is
1419 * an estimation only anyway. Slightly wrong results will get damped
1420 * by the averaging of the 8 sample rounds. Additionally the
1421 * value is shortlived. So it will be replaced by the next noise
1422 * calculation round soon. */
1424 B43_WARN_ON(!dev->noisecalc.calculation_running);
1425 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1426 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1427 noise[2] == 0x7F || noise[3] == 0x7F)
1430 /* Get the noise samples. */
1431 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1432 i = dev->noisecalc.nr_samples;
1433 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1434 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1435 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1436 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1437 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1438 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1439 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1440 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1441 dev->noisecalc.nr_samples++;
1442 if (dev->noisecalc.nr_samples == 8) {
1443 /* Calculate the Link Quality by the noise samples. */
1445 for (i = 0; i < 8; i++) {
1446 for (j = 0; j < 4; j++)
1447 average += dev->noisecalc.samples[i][j];
1453 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1454 tmp = (tmp / 128) & 0x1F;
1464 dev->stats.link_noise = average;
1465 dev->noisecalc.calculation_running = false;
1469 b43_generate_noise_sample(dev);
1472 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1474 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1477 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1478 b43_power_saving_ctl_bits(dev, 0);
1480 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1481 dev->dfq_valid = true;
1484 static void handle_irq_atim_end(struct b43_wldev *dev)
1486 if (dev->dfq_valid) {
1487 b43_write32(dev, B43_MMIO_MACCMD,
1488 b43_read32(dev, B43_MMIO_MACCMD)
1489 | B43_MACCMD_DFQ_VALID);
1490 dev->dfq_valid = false;
1494 static void handle_irq_pmq(struct b43_wldev *dev)
1501 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1502 if (!(tmp & 0x00000008))
1505 /* 16bit write is odd, but correct. */
1506 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1509 static void b43_write_template_common(struct b43_wldev *dev,
1510 const u8 *data, u16 size,
1512 u16 shm_size_offset, u8 rate)
1515 struct b43_plcp_hdr4 plcp;
1518 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1519 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1520 ram_offset += sizeof(u32);
1521 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1522 * So leave the first two bytes of the next write blank.
1524 tmp = (u32) (data[0]) << 16;
1525 tmp |= (u32) (data[1]) << 24;
1526 b43_ram_write(dev, ram_offset, tmp);
1527 ram_offset += sizeof(u32);
1528 for (i = 2; i < size; i += sizeof(u32)) {
1529 tmp = (u32) (data[i + 0]);
1531 tmp |= (u32) (data[i + 1]) << 8;
1533 tmp |= (u32) (data[i + 2]) << 16;
1535 tmp |= (u32) (data[i + 3]) << 24;
1536 b43_ram_write(dev, ram_offset + i - 2, tmp);
1538 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1539 size + sizeof(struct b43_plcp_hdr6));
1542 /* Check if the use of the antenna that ieee80211 told us to
1543 * use is possible. This will fall back to DEFAULT.
1544 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1545 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1550 if (antenna_nr == 0) {
1551 /* Zero means "use default antenna". That's always OK. */
1555 /* Get the mask of available antennas. */
1557 antenna_mask = dev->dev->bus_sprom->ant_available_bg;
1559 antenna_mask = dev->dev->bus_sprom->ant_available_a;
1561 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1562 /* This antenna is not available. Fall back to default. */
1569 /* Convert a b43 antenna number value to the PHY TX control value. */
1570 static u16 b43_antenna_to_phyctl(int antenna)
1574 return B43_TXH_PHY_ANT0;
1576 return B43_TXH_PHY_ANT1;
1578 return B43_TXH_PHY_ANT2;
1580 return B43_TXH_PHY_ANT3;
1581 case B43_ANTENNA_AUTO0:
1582 case B43_ANTENNA_AUTO1:
1583 return B43_TXH_PHY_ANT01AUTO;
1589 static void b43_write_beacon_template(struct b43_wldev *dev,
1591 u16 shm_size_offset)
1593 unsigned int i, len, variable_len;
1594 const struct ieee80211_mgmt *bcn;
1596 bool tim_found = false;
1600 struct ieee80211_tx_info *info;
1601 unsigned long flags;
1602 struct sk_buff *beacon_skb;
1604 spin_lock_irqsave(&dev->wl->beacon_lock, flags);
1605 info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1606 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1607 /* Clone the beacon, so it cannot go away, while we write it to hw. */
1608 beacon_skb = skb_clone(dev->wl->current_beacon, GFP_ATOMIC);
1609 spin_unlock_irqrestore(&dev->wl->beacon_lock, flags);
1612 b43dbg(dev->wl, "Could not upload beacon. "
1613 "Failed to clone beacon skb.");
1617 bcn = (const struct ieee80211_mgmt *)(beacon_skb->data);
1618 len = min_t(size_t, beacon_skb->len,
1619 0x200 - sizeof(struct b43_plcp_hdr6));
1621 b43_write_template_common(dev, (const u8 *)bcn,
1622 len, ram_offset, shm_size_offset, rate);
1624 /* Write the PHY TX control parameters. */
1625 antenna = B43_ANTENNA_DEFAULT;
1626 antenna = b43_antenna_to_phyctl(antenna);
1627 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1628 /* We can't send beacons with short preamble. Would get PHY errors. */
1629 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1630 ctl &= ~B43_TXH_PHY_ANT;
1631 ctl &= ~B43_TXH_PHY_ENC;
1633 if (b43_is_cck_rate(rate))
1634 ctl |= B43_TXH_PHY_ENC_CCK;
1636 ctl |= B43_TXH_PHY_ENC_OFDM;
1637 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1639 /* Find the position of the TIM and the DTIM_period value
1640 * and write them to SHM. */
1641 ie = bcn->u.beacon.variable;
1642 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1643 for (i = 0; i < variable_len - 2; ) {
1644 uint8_t ie_id, ie_len;
1651 /* This is the TIM Information Element */
1653 /* Check whether the ie_len is in the beacon data range. */
1654 if (variable_len < ie_len + 2 + i)
1656 /* A valid TIM is at least 4 bytes long. */
1661 tim_position = sizeof(struct b43_plcp_hdr6);
1662 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1665 dtim_period = ie[i + 3];
1667 b43_shm_write16(dev, B43_SHM_SHARED,
1668 B43_SHM_SH_TIMBPOS, tim_position);
1669 b43_shm_write16(dev, B43_SHM_SHARED,
1670 B43_SHM_SH_DTIMPER, dtim_period);
1677 * If ucode wants to modify TIM do it behind the beacon, this
1678 * will happen, for example, when doing mesh networking.
1680 b43_shm_write16(dev, B43_SHM_SHARED,
1682 len + sizeof(struct b43_plcp_hdr6));
1683 b43_shm_write16(dev, B43_SHM_SHARED,
1684 B43_SHM_SH_DTIMPER, 0);
1686 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1688 dev_kfree_skb_any(beacon_skb);
1691 static void b43_upload_beacon0(struct b43_wldev *dev)
1693 struct b43_wl *wl = dev->wl;
1695 if (wl->beacon0_uploaded)
1697 b43_write_beacon_template(dev, B43_SHM_SH_BT_BASE0, B43_SHM_SH_BTL0);
1698 wl->beacon0_uploaded = true;
1701 static void b43_upload_beacon1(struct b43_wldev *dev)
1703 struct b43_wl *wl = dev->wl;
1705 if (wl->beacon1_uploaded)
1707 b43_write_beacon_template(dev, B43_SHM_SH_BT_BASE1, B43_SHM_SH_BTL1);
1708 wl->beacon1_uploaded = true;
1711 static void handle_irq_beacon(struct b43_wldev *dev)
1713 struct b43_wl *wl = dev->wl;
1714 u32 cmd, beacon0_valid, beacon1_valid;
1716 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1717 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) &&
1718 !b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
1721 /* This is the bottom half of the asynchronous beacon update. */
1723 /* Ignore interrupt in the future. */
1724 dev->irq_mask &= ~B43_IRQ_BEACON;
1726 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1727 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1728 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1730 /* Schedule interrupt manually, if busy. */
1731 if (beacon0_valid && beacon1_valid) {
1732 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1733 dev->irq_mask |= B43_IRQ_BEACON;
1737 if (unlikely(wl->beacon_templates_virgin)) {
1738 /* We never uploaded a beacon before.
1739 * Upload both templates now, but only mark one valid. */
1740 wl->beacon_templates_virgin = false;
1741 b43_upload_beacon0(dev);
1742 b43_upload_beacon1(dev);
1743 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1744 cmd |= B43_MACCMD_BEACON0_VALID;
1745 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1747 if (!beacon0_valid) {
1748 b43_upload_beacon0(dev);
1749 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1750 cmd |= B43_MACCMD_BEACON0_VALID;
1751 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1752 } else if (!beacon1_valid) {
1753 b43_upload_beacon1(dev);
1754 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1755 cmd |= B43_MACCMD_BEACON1_VALID;
1756 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1761 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1763 u32 old_irq_mask = dev->irq_mask;
1765 /* update beacon right away or defer to irq */
1766 handle_irq_beacon(dev);
1767 if (old_irq_mask != dev->irq_mask) {
1768 /* The handler updated the IRQ mask. */
1769 B43_WARN_ON(!dev->irq_mask);
1770 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1771 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1773 /* Device interrupts are currently disabled. That means
1774 * we just ran the hardirq handler and scheduled the
1775 * IRQ thread. The thread will write the IRQ mask when
1776 * it finished, so there's nothing to do here. Writing
1777 * the mask _here_ would incorrectly re-enable IRQs. */
1782 static void b43_beacon_update_trigger_work(struct work_struct *work)
1784 struct b43_wl *wl = container_of(work, struct b43_wl,
1785 beacon_update_trigger);
1786 struct b43_wldev *dev;
1788 mutex_lock(&wl->mutex);
1789 dev = wl->current_dev;
1790 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1791 if (b43_bus_host_is_sdio(dev->dev)) {
1792 /* wl->mutex is enough. */
1793 b43_do_beacon_update_trigger_work(dev);
1795 spin_lock_irq(&wl->hardirq_lock);
1796 b43_do_beacon_update_trigger_work(dev);
1797 spin_unlock_irq(&wl->hardirq_lock);
1800 mutex_unlock(&wl->mutex);
1803 /* Asynchronously update the packet templates in template RAM. */
1804 static void b43_update_templates(struct b43_wl *wl)
1806 struct sk_buff *beacon, *old_beacon;
1807 unsigned long flags;
1809 /* This is the top half of the asynchronous beacon update.
1810 * The bottom half is the beacon IRQ.
1811 * Beacon update must be asynchronous to avoid sending an
1812 * invalid beacon. This can happen for example, if the firmware
1813 * transmits a beacon while we are updating it. */
1815 /* We could modify the existing beacon and set the aid bit in
1816 * the TIM field, but that would probably require resizing and
1817 * moving of data within the beacon template.
1818 * Simply request a new beacon and let mac80211 do the hard work. */
1819 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1820 if (unlikely(!beacon))
1823 spin_lock_irqsave(&wl->beacon_lock, flags);
1824 old_beacon = wl->current_beacon;
1825 wl->current_beacon = beacon;
1826 wl->beacon0_uploaded = false;
1827 wl->beacon1_uploaded = false;
1828 spin_unlock_irqrestore(&wl->beacon_lock, flags);
1830 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1833 dev_kfree_skb_any(old_beacon);
1836 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1839 if (dev->dev->core_rev >= 3) {
1840 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1841 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1843 b43_write16(dev, 0x606, (beacon_int >> 6));
1844 b43_write16(dev, 0x610, beacon_int);
1846 b43_time_unlock(dev);
1847 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1850 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1854 /* Read the register that contains the reason code for the panic. */
1855 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1856 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1860 b43dbg(dev->wl, "The panic reason is unknown.\n");
1862 case B43_FWPANIC_DIE:
1863 /* Do not restart the controller or firmware.
1864 * The device is nonfunctional from now on.
1865 * Restarting would result in this panic to trigger again,
1866 * so we avoid that recursion. */
1868 case B43_FWPANIC_RESTART:
1869 b43_controller_restart(dev, "Microcode panic");
1874 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1876 unsigned int i, cnt;
1877 u16 reason, marker_id, marker_line;
1880 /* The proprietary firmware doesn't have this IRQ. */
1881 if (!dev->fw.opensource)
1884 /* Read the register that contains the reason code for this IRQ. */
1885 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1888 case B43_DEBUGIRQ_PANIC:
1889 b43_handle_firmware_panic(dev);
1891 case B43_DEBUGIRQ_DUMP_SHM:
1893 break; /* Only with driver debugging enabled. */
1894 buf = kmalloc(4096, GFP_ATOMIC);
1896 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1899 for (i = 0; i < 4096; i += 2) {
1900 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1901 buf[i / 2] = cpu_to_le16(tmp);
1903 b43info(dev->wl, "Shared memory dump:\n");
1904 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1905 16, 2, buf, 4096, 1);
1908 case B43_DEBUGIRQ_DUMP_REGS:
1910 break; /* Only with driver debugging enabled. */
1911 b43info(dev->wl, "Microcode register dump:\n");
1912 for (i = 0, cnt = 0; i < 64; i++) {
1913 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1916 printk("r%02u: 0x%04X ", i, tmp);
1925 case B43_DEBUGIRQ_MARKER:
1927 break; /* Only with driver debugging enabled. */
1928 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1930 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1931 B43_MARKER_LINE_REG);
1932 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1933 "at line number %u\n",
1934 marker_id, marker_line);
1937 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1941 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1942 b43_shm_write16(dev, B43_SHM_SCRATCH,
1943 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1946 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1949 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1950 u32 merged_dma_reason = 0;
1953 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1956 reason = dev->irq_reason;
1957 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1958 dma_reason[i] = dev->dma_reason[i];
1959 merged_dma_reason |= dma_reason[i];
1962 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1963 b43err(dev->wl, "MAC transmission error\n");
1965 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1966 b43err(dev->wl, "PHY transmission error\n");
1968 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1969 atomic_set(&dev->phy.txerr_cnt,
1970 B43_PHY_TX_BADNESS_LIMIT);
1971 b43err(dev->wl, "Too many PHY TX errors, "
1972 "restarting the controller\n");
1973 b43_controller_restart(dev, "PHY TX errors");
1977 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK))) {
1979 "Fatal DMA error: 0x%08X, 0x%08X, 0x%08X, 0x%08X, 0x%08X, 0x%08X\n",
1980 dma_reason[0], dma_reason[1],
1981 dma_reason[2], dma_reason[3],
1982 dma_reason[4], dma_reason[5]);
1983 b43err(dev->wl, "This device does not support DMA "
1984 "on your system. It will now be switched to PIO.\n");
1985 /* Fall back to PIO transfers if we get fatal DMA errors! */
1986 dev->use_pio = true;
1987 b43_controller_restart(dev, "DMA error");
1991 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1992 handle_irq_ucode_debug(dev);
1993 if (reason & B43_IRQ_TBTT_INDI)
1994 handle_irq_tbtt_indication(dev);
1995 if (reason & B43_IRQ_ATIM_END)
1996 handle_irq_atim_end(dev);
1997 if (reason & B43_IRQ_BEACON)
1998 handle_irq_beacon(dev);
1999 if (reason & B43_IRQ_PMQ)
2000 handle_irq_pmq(dev);
2001 if (reason & B43_IRQ_TXFIFO_FLUSH_OK) {
2004 if (reason & B43_IRQ_NOISESAMPLE_OK)
2005 handle_irq_noise(dev);
2007 /* Check the DMA reason registers for received data. */
2008 if (dma_reason[0] & B43_DMAIRQ_RDESC_UFLOW) {
2010 b43warn(dev->wl, "RX descriptor underrun\n");
2011 b43_dma_handle_rx_overflow(dev->dma.rx_ring);
2013 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
2014 if (b43_using_pio_transfers(dev))
2015 b43_pio_rx(dev->pio.rx_queue);
2017 b43_dma_rx(dev->dma.rx_ring);
2019 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
2020 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
2021 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
2022 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
2023 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
2025 if (reason & B43_IRQ_TX_OK)
2026 handle_irq_transmit_status(dev);
2028 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
2029 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
2032 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
2034 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
2035 if (reason & (1 << i))
2036 dev->irq_bit_count[i]++;
2042 /* Interrupt thread handler. Handles device interrupts in thread context. */
2043 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
2045 struct b43_wldev *dev = dev_id;
2047 mutex_lock(&dev->wl->mutex);
2048 b43_do_interrupt_thread(dev);
2049 mutex_unlock(&dev->wl->mutex);
2054 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
2058 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
2059 * On SDIO, this runs under wl->mutex. */
2061 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2062 if (reason == 0xffffffff) /* shared IRQ */
2064 reason &= dev->irq_mask;
2068 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
2070 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
2072 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
2074 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
2076 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
2079 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
2083 /* ACK the interrupt. */
2084 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
2085 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
2086 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
2087 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
2088 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
2089 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
2091 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
2094 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
2095 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
2096 /* Save the reason bitmasks for the IRQ thread handler. */
2097 dev->irq_reason = reason;
2099 return IRQ_WAKE_THREAD;
2102 /* Interrupt handler top-half. This runs with interrupts disabled. */
2103 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
2105 struct b43_wldev *dev = dev_id;
2108 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
2111 spin_lock(&dev->wl->hardirq_lock);
2112 ret = b43_do_interrupt(dev);
2113 spin_unlock(&dev->wl->hardirq_lock);
2118 /* SDIO interrupt handler. This runs in process context. */
2119 static void b43_sdio_interrupt_handler(struct b43_wldev *dev)
2121 struct b43_wl *wl = dev->wl;
2124 mutex_lock(&wl->mutex);
2126 ret = b43_do_interrupt(dev);
2127 if (ret == IRQ_WAKE_THREAD)
2128 b43_do_interrupt_thread(dev);
2130 mutex_unlock(&wl->mutex);
2133 void b43_do_release_fw(struct b43_firmware_file *fw)
2135 release_firmware(fw->data);
2137 fw->filename = NULL;
2140 static void b43_release_firmware(struct b43_wldev *dev)
2142 complete(&dev->fw_load_complete);
2143 b43_do_release_fw(&dev->fw.ucode);
2144 b43_do_release_fw(&dev->fw.pcm);
2145 b43_do_release_fw(&dev->fw.initvals);
2146 b43_do_release_fw(&dev->fw.initvals_band);
2149 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
2160 static void b43_fw_cb(const struct firmware *firmware, void *context)
2162 struct b43_request_fw_context *ctx = context;
2164 ctx->blob = firmware;
2165 complete(&ctx->dev->fw_load_complete);
2168 int b43_do_request_fw(struct b43_request_fw_context *ctx,
2170 struct b43_firmware_file *fw, bool async)
2172 struct b43_fw_header *hdr;
2177 /* Don't fetch anything. Free possibly cached firmware. */
2178 /* FIXME: We should probably keep it anyway, to save some headache
2179 * on suspend/resume with multiband devices. */
2180 b43_do_release_fw(fw);
2184 if ((fw->type == ctx->req_type) &&
2185 (strcmp(fw->filename, name) == 0))
2186 return 0; /* Already have this fw. */
2187 /* Free the cached firmware first. */
2188 /* FIXME: We should probably do this later after we successfully
2189 * got the new fw. This could reduce headache with multiband devices.
2190 * We could also redesign this to cache the firmware for all possible
2191 * bands all the time. */
2192 b43_do_release_fw(fw);
2195 switch (ctx->req_type) {
2196 case B43_FWTYPE_PROPRIETARY:
2197 snprintf(ctx->fwname, sizeof(ctx->fwname),
2199 modparam_fwpostfix, name);
2201 case B43_FWTYPE_OPENSOURCE:
2202 snprintf(ctx->fwname, sizeof(ctx->fwname),
2204 modparam_fwpostfix, name);
2211 /* do this part asynchronously */
2212 init_completion(&ctx->dev->fw_load_complete);
2213 err = maybe_reject_firmware_nowait(THIS_MODULE, 1, ctx->fwname,
2214 ctx->dev->dev->dev, GFP_KERNEL,
2217 pr_err("Unable to load firmware\n");
2220 wait_for_completion(&ctx->dev->fw_load_complete);
2223 /* On some ARM systems, the async request will fail, but the next sync
2224 * request works. For this reason, we fall through here
2227 err = maybe_reject_firmware(&ctx->blob, ctx->fwname,
2228 ctx->dev->dev->dev);
2229 if (err == -ENOENT) {
2230 snprintf(ctx->errors[ctx->req_type],
2231 sizeof(ctx->errors[ctx->req_type]),
2232 "Firmware file \"%s\" not found\n",
2236 snprintf(ctx->errors[ctx->req_type],
2237 sizeof(ctx->errors[ctx->req_type]),
2238 "Firmware file \"%s\" request failed (err=%d)\n",
2243 if (ctx->blob->size < sizeof(struct b43_fw_header))
2245 hdr = (struct b43_fw_header *)(ctx->blob->data);
2246 switch (hdr->type) {
2247 case B43_FW_TYPE_UCODE:
2248 case B43_FW_TYPE_PCM:
2249 size = be32_to_cpu(hdr->size);
2250 if (size != ctx->blob->size - sizeof(struct b43_fw_header))
2253 case B43_FW_TYPE_IV:
2261 fw->data = ctx->blob;
2262 fw->filename = name;
2263 fw->type = ctx->req_type;
2268 snprintf(ctx->errors[ctx->req_type],
2269 sizeof(ctx->errors[ctx->req_type]),
2270 "Firmware file \"%s\" format error.\n", ctx->fwname);
2271 release_firmware(ctx->blob);
2276 /* https://bcm-v4.sipsolutions.net/802.11/Init/Firmware */
2277 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2279 struct b43_wldev *dev = ctx->dev;
2280 struct b43_firmware *fw = &ctx->dev->fw;
2281 struct b43_phy *phy = &dev->phy;
2282 const u8 rev = ctx->dev->dev->core_rev;
2283 const char *filename;
2290 if (phy->type == B43_PHYTYPE_AC)
2291 filename = "/*(DEBLOBBED)*/";
2294 if (phy->type == B43_PHYTYPE_AC)
2295 filename = "/*(DEBLOBBED)*/";
2298 if (phy->type == B43_PHYTYPE_LCN40)
2299 filename = "/*(DEBLOBBED)*/";
2302 if (phy->type == B43_PHYTYPE_N)
2303 filename = "/*(DEBLOBBED)*/";
2306 if (phy->type == B43_PHYTYPE_HT)
2307 filename = "/*(DEBLOBBED)*/";
2310 if (phy->type == B43_PHYTYPE_HT)
2311 filename = "/*(DEBLOBBED)*/";
2315 if (phy->type == B43_PHYTYPE_N)
2316 filename = "/*(DEBLOBBED)*/";
2317 else if (phy->type == B43_PHYTYPE_LCN)
2318 filename = "/*(DEBLOBBED)*/";
2321 if (phy->type == B43_PHYTYPE_LCN)
2322 filename = "/*(DEBLOBBED)*/";
2325 if (phy->type == B43_PHYTYPE_N)
2326 filename = "/*(DEBLOBBED)*/";
2329 if (phy->type == B43_PHYTYPE_N)
2330 filename = "/*(DEBLOBBED)*/";
2331 else if (phy->type == B43_PHYTYPE_LP)
2332 filename = "/*(DEBLOBBED)*/";
2335 filename = "/*(DEBLOBBED)*/";
2338 filename = "/*(DEBLOBBED)*/";
2341 filename = "/*(DEBLOBBED)*/";
2344 filename = "/*(DEBLOBBED)*/";
2347 filename = "ucode5";
2352 err = b43_do_request_fw(ctx, filename, &fw->ucode, true);
2357 if ((rev >= 5) && (rev <= 10))
2358 filename = "/*(DEBLOBBED)*/";
2363 fw->pcm_request_failed = false;
2364 err = b43_do_request_fw(ctx, filename, &fw->pcm, false);
2365 if (err == -ENOENT) {
2366 /* We did not find a PCM file? Not fatal, but
2367 * core rev <= 10 must do without hwcrypto then. */
2368 fw->pcm_request_failed = true;
2374 switch (dev->phy.type) {
2377 filename = "/*(DEBLOBBED)*/";
2378 else if (rev >= 5 && rev <= 10)
2379 filename = "b0g0initvals5";
2383 filename = "/*(DEBLOBBED)*/";
2384 else if (rev == 28 || rev == 25)
2385 filename = "/*(DEBLOBBED)*/";
2387 filename = "/*(DEBLOBBED)*/";
2389 filename = "/*(DEBLOBBED)*/"; /*(DEBLOBBED)*/
2390 else if (rev >= 16 && rev <= 18)
2391 filename = "/*(DEBLOBBED)*/";
2392 else if (rev >= 11 && rev <= 12)
2393 filename = "/*(DEBLOBBED)*/";
2395 case B43_PHYTYPE_LP:
2396 if (rev >= 16 && rev <= 18)
2397 filename = "/*(DEBLOBBED)*/";
2399 filename = "/*(DEBLOBBED)*/";
2401 filename = "/*(DEBLOBBED)*/";
2403 filename = "/*(DEBLOBBED)*/";
2405 case B43_PHYTYPE_HT:
2407 filename = "/*(DEBLOBBED)*/";
2409 filename = "/*(DEBLOBBED)*/";
2411 case B43_PHYTYPE_LCN:
2413 filename = "/*(DEBLOBBED)*/";
2415 case B43_PHYTYPE_LCN40:
2417 filename = "/*(DEBLOBBED)*/";
2419 case B43_PHYTYPE_AC:
2421 filename = "/*(DEBLOBBED)*/";
2423 filename = "/*(DEBLOBBED)*/";
2427 goto err_no_initvals;
2428 err = b43_do_request_fw(ctx, filename, &fw->initvals, false);
2432 /* Get bandswitch initvals */
2434 switch (dev->phy.type) {
2437 filename = "/*(DEBLOBBED)*/";
2438 else if (rev >= 5 && rev <= 10)
2439 filename = "b0g0bsinitvals5";
2443 filename = "/*(DEBLOBBED)*/";
2444 else if (rev == 28 || rev == 25)
2445 filename = "/*(DEBLOBBED)*/";
2447 filename = "/*(DEBLOBBED)*/";
2449 filename = "/*(DEBLOBBED)*/"; /*(DEBLOBBED)*/
2450 else if (rev >= 16 && rev <= 18)
2451 filename = "/*(DEBLOBBED)*/";
2452 else if (rev >= 11 && rev <= 12)
2453 filename = "/*(DEBLOBBED)*/";
2455 case B43_PHYTYPE_LP:
2456 if (rev >= 16 && rev <= 18)
2457 filename = "/*(DEBLOBBED)*/";
2459 filename = "/*(DEBLOBBED)*/";
2461 filename = "/*(DEBLOBBED)*/";
2463 filename = "/*(DEBLOBBED)*/";
2465 case B43_PHYTYPE_HT:
2467 filename = "/*(DEBLOBBED)*/";
2469 filename = "/*(DEBLOBBED)*/";
2471 case B43_PHYTYPE_LCN:
2473 filename = "/*(DEBLOBBED)*/";
2475 case B43_PHYTYPE_LCN40:
2477 filename = "/*(DEBLOBBED)*/";
2479 case B43_PHYTYPE_AC:
2481 filename = "/*(DEBLOBBED)*/";
2483 filename = "/*(DEBLOBBED)*/";
2487 goto err_no_initvals;
2488 err = b43_do_request_fw(ctx, filename, &fw->initvals_band, false);
2492 fw->opensource = (ctx->req_type == B43_FWTYPE_OPENSOURCE);
2497 err = ctx->fatal_failure = -EOPNOTSUPP;
2498 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2499 "is required for your device (wl-core rev %u)\n", rev);
2503 err = ctx->fatal_failure = -EOPNOTSUPP;
2504 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2505 "is required for your device (wl-core rev %u)\n", rev);
2509 err = ctx->fatal_failure = -EOPNOTSUPP;
2510 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2511 "is required for your device (wl-core rev %u)\n", rev);
2515 /* We failed to load this firmware image. The error message
2516 * already is in ctx->errors. Return and let our caller decide
2521 b43_release_firmware(dev);
2525 static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl);
2526 static void b43_one_core_detach(struct b43_bus_dev *dev);
2527 static int b43_rng_init(struct b43_wl *wl);
2529 static void b43_request_firmware(struct work_struct *work)
2531 struct b43_wl *wl = container_of(work,
2532 struct b43_wl, firmware_load);
2533 struct b43_wldev *dev = wl->current_dev;
2534 struct b43_request_fw_context *ctx;
2539 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2544 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2545 err = b43_try_request_fw(ctx);
2547 goto start_ieee80211; /* Successfully loaded it. */
2548 /* Was fw version known? */
2549 if (ctx->fatal_failure)
2552 /* proprietary fw not found, try open source */
2553 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2554 err = b43_try_request_fw(ctx);
2556 goto start_ieee80211; /* Successfully loaded it. */
2557 if(ctx->fatal_failure)
2560 /* Could not find a usable firmware. Print the errors. */
2561 for (i = 0; i < B43_NR_FWTYPES; i++) {
2562 errmsg = ctx->errors[i];
2564 b43err(dev->wl, "%s", errmsg);
2566 b43_print_fw_helptext(dev->wl, 1);
2570 wl->hw->queues = B43_QOS_QUEUE_NUM;
2571 if (!modparam_qos || dev->fw.opensource)
2574 err = ieee80211_register_hw(wl->hw);
2577 wl->hw_registered = true;
2578 b43_leds_register(wl->current_dev);
2580 /* Register HW RNG driver */
2587 static int b43_upload_microcode(struct b43_wldev *dev)
2589 struct wiphy *wiphy = dev->wl->hw->wiphy;
2590 const size_t hdr_len = sizeof(struct b43_fw_header);
2592 unsigned int i, len;
2593 u16 fwrev, fwpatch, fwdate, fwtime;
2597 /* Jump the microcode PSM to offset 0 */
2598 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2599 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2600 macctl |= B43_MACCTL_PSM_JMP0;
2601 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2602 /* Zero out all microcode PSM registers and shared memory. */
2603 for (i = 0; i < 64; i++)
2604 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2605 for (i = 0; i < 4096; i += 2)
2606 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2608 /* Upload Microcode. */
2609 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2610 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2611 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2612 for (i = 0; i < len; i++) {
2613 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2617 if (dev->fw.pcm.data) {
2618 /* Upload PCM data. */
2619 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2620 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2621 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2622 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2623 /* No need for autoinc bit in SHM_HW */
2624 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2625 for (i = 0; i < len; i++) {
2626 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2631 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2633 /* Start the microcode PSM */
2634 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_JMP0,
2635 B43_MACCTL_PSM_RUN);
2637 /* Wait for the microcode to load and respond */
2640 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2641 if (tmp == B43_IRQ_MAC_SUSPENDED)
2645 b43err(dev->wl, "Microcode not responding\n");
2646 b43_print_fw_helptext(dev->wl, 1);
2652 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2654 /* Get and check the revisions. */
2655 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2656 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2657 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2658 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2660 if (fwrev <= 0x128) {
2661 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2662 "binary drivers older than version 4.x is unsupported. "
2663 "You must upgrade your firmware files.\n");
2664 b43_print_fw_helptext(dev->wl, 1);
2668 dev->fw.rev = fwrev;
2669 dev->fw.patch = fwpatch;
2670 if (dev->fw.rev >= 598)
2671 dev->fw.hdr_format = B43_FW_HDR_598;
2672 else if (dev->fw.rev >= 410)
2673 dev->fw.hdr_format = B43_FW_HDR_410;
2675 dev->fw.hdr_format = B43_FW_HDR_351;
2676 WARN_ON(dev->fw.opensource != (fwdate == 0xFFFF));
2678 dev->qos_enabled = dev->wl->hw->queues > 1;
2679 /* Default to firmware/hardware crypto acceleration. */
2680 dev->hwcrypto_enabled = true;
2682 if (!dev->fw.opensource) {
2683 b43err(dev->wl, "Rejected non-Free firmware\n");
2687 if (dev->fw.opensource) {
2690 /* Patchlevel info is encoded in the "time" field. */
2691 dev->fw.patch = fwtime;
2692 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2693 dev->fw.rev, dev->fw.patch);
2695 fwcapa = b43_fwcapa_read(dev);
2696 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2697 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2698 /* Disable hardware crypto and fall back to software crypto. */
2699 dev->hwcrypto_enabled = false;
2701 /* adding QoS support should use an offline discovery mechanism */
2702 WARN(fwcapa & B43_FWCAPA_QOS, "QoS in OpenFW not supported\n");
2704 b43info(dev->wl, "Loading firmware version %u.%u "
2705 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2707 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2708 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2709 if (dev->fw.pcm_request_failed) {
2710 b43warn(dev->wl, "No \"/*(DEBLOBBED)*/\" firmware file found. "
2711 "Hardware accelerated cryptography is disabled.\n");
2712 b43_print_fw_helptext(dev->wl, 0);
2716 snprintf(wiphy->fw_version, sizeof(wiphy->fw_version), "%u.%u",
2717 dev->fw.rev, dev->fw.patch);
2718 wiphy->hw_version = dev->dev->core_id;
2720 if (dev->fw.hdr_format == B43_FW_HDR_351) {
2721 /* We're over the deadline, but we keep support for old fw
2722 * until it turns out to be in major conflict with something new. */
2723 b43warn(dev->wl, "You are using an old firmware image. "
2724 "Support for old firmware will be removed soon "
2725 "(official deadline was July 2008).\n");
2726 b43_print_fw_helptext(dev->wl, 0);
2732 /* Stop the microcode PSM. */
2733 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN,
2734 B43_MACCTL_PSM_JMP0);
2739 static int b43_write_initvals(struct b43_wldev *dev,
2740 const struct b43_iv *ivals,
2744 const struct b43_iv *iv;
2749 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2751 for (i = 0; i < count; i++) {
2752 if (array_size < sizeof(iv->offset_size))
2754 array_size -= sizeof(iv->offset_size);
2755 offset = be16_to_cpu(iv->offset_size);
2756 bit32 = !!(offset & B43_IV_32BIT);
2757 offset &= B43_IV_OFFSET_MASK;
2758 if (offset >= 0x1000)
2763 if (array_size < sizeof(iv->data.d32))
2765 array_size -= sizeof(iv->data.d32);
2767 value = get_unaligned_be32(&iv->data.d32);
2768 b43_write32(dev, offset, value);
2770 iv = (const struct b43_iv *)((const uint8_t *)iv +
2776 if (array_size < sizeof(iv->data.d16))
2778 array_size -= sizeof(iv->data.d16);
2780 value = be16_to_cpu(iv->data.d16);
2781 b43_write16(dev, offset, value);
2783 iv = (const struct b43_iv *)((const uint8_t *)iv +
2794 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2795 b43_print_fw_helptext(dev->wl, 1);
2800 static int b43_upload_initvals(struct b43_wldev *dev)
2802 const size_t hdr_len = sizeof(struct b43_fw_header);
2803 const struct b43_fw_header *hdr;
2804 struct b43_firmware *fw = &dev->fw;
2805 const struct b43_iv *ivals;
2808 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2809 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2810 count = be32_to_cpu(hdr->size);
2811 return b43_write_initvals(dev, ivals, count,
2812 fw->initvals.data->size - hdr_len);
2815 static int b43_upload_initvals_band(struct b43_wldev *dev)
2817 const size_t hdr_len = sizeof(struct b43_fw_header);
2818 const struct b43_fw_header *hdr;
2819 struct b43_firmware *fw = &dev->fw;
2820 const struct b43_iv *ivals;
2823 if (!fw->initvals_band.data)
2826 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2827 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2828 count = be32_to_cpu(hdr->size);
2829 return b43_write_initvals(dev, ivals, count,
2830 fw->initvals_band.data->size - hdr_len);
2833 /* Initialize the GPIOs
2834 * https://bcm-specs.sipsolutions.net/GPIO
2837 #ifdef CONFIG_B43_SSB
2838 static struct ssb_device *b43_ssb_gpio_dev(struct b43_wldev *dev)
2840 struct ssb_bus *bus = dev->dev->sdev->bus;
2842 #ifdef CONFIG_SSB_DRIVER_PCICORE
2843 return (bus->chipco.dev ? bus->chipco.dev : bus->pcicore.dev);
2845 return bus->chipco.dev;
2850 static int b43_gpio_init(struct b43_wldev *dev)
2852 #ifdef CONFIG_B43_SSB
2853 struct ssb_device *gpiodev;
2857 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_GPOUTSMSK, 0);
2858 b43_maskset16(dev, B43_MMIO_GPIO_MASK, ~0, 0xF);
2862 if (dev->dev->chip_id == 0x4301) {
2865 } else if (dev->dev->chip_id == 0x5354) {
2866 /* Don't allow overtaking buttons GPIOs */
2867 set &= 0x2; /* 0x2 is LED GPIO on BCM5354 */
2870 if (0 /* FIXME: conditional unknown */ ) {
2871 b43_write16(dev, B43_MMIO_GPIO_MASK,
2872 b43_read16(dev, B43_MMIO_GPIO_MASK)
2874 /* BT Coexistance Input */
2877 /* BT Coexistance Out */
2881 if (dev->dev->bus_sprom->boardflags_lo & B43_BFL_PACTRL) {
2882 /* PA is controlled by gpio 9, let ucode handle it */
2883 b43_write16(dev, B43_MMIO_GPIO_MASK,
2884 b43_read16(dev, B43_MMIO_GPIO_MASK)
2890 switch (dev->dev->bus_type) {
2891 #ifdef CONFIG_B43_BCMA
2893 bcma_chipco_gpio_control(&dev->dev->bdev->bus->drv_cc, mask, set);
2896 #ifdef CONFIG_B43_SSB
2898 gpiodev = b43_ssb_gpio_dev(dev);
2900 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2901 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2910 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2911 static void b43_gpio_cleanup(struct b43_wldev *dev)
2913 #ifdef CONFIG_B43_SSB
2914 struct ssb_device *gpiodev;
2917 switch (dev->dev->bus_type) {
2918 #ifdef CONFIG_B43_BCMA
2920 bcma_chipco_gpio_control(&dev->dev->bdev->bus->drv_cc, ~0, 0);
2923 #ifdef CONFIG_B43_SSB
2925 gpiodev = b43_ssb_gpio_dev(dev);
2927 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2933 /* http://bcm-specs.sipsolutions.net/EnableMac */
2934 void b43_mac_enable(struct b43_wldev *dev)
2936 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2939 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2940 B43_SHM_SH_UCODESTAT);
2941 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2942 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2943 b43err(dev->wl, "b43_mac_enable(): The firmware "
2944 "should be suspended, but current state is %u\n",
2949 dev->mac_suspended--;
2950 B43_WARN_ON(dev->mac_suspended < 0);
2951 if (dev->mac_suspended == 0) {
2952 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_ENABLED);
2953 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2954 B43_IRQ_MAC_SUSPENDED);
2956 b43_read32(dev, B43_MMIO_MACCTL);
2957 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2958 b43_power_saving_ctl_bits(dev, 0);
2962 /* https://bcm-specs.sipsolutions.net/SuspendMAC */
2963 void b43_mac_suspend(struct b43_wldev *dev)
2969 B43_WARN_ON(dev->mac_suspended < 0);
2971 if (dev->mac_suspended == 0) {
2972 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2973 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_ENABLED, 0);
2974 /* force pci to flush the write */
2975 b43_read32(dev, B43_MMIO_MACCTL);
2976 for (i = 35; i; i--) {
2977 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2978 if (tmp & B43_IRQ_MAC_SUSPENDED)
2982 /* Hm, it seems this will take some time. Use msleep(). */
2983 for (i = 40; i; i--) {
2984 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2985 if (tmp & B43_IRQ_MAC_SUSPENDED)
2989 b43err(dev->wl, "MAC suspend failed\n");
2992 dev->mac_suspended++;
2995 /* https://bcm-v4.sipsolutions.net/802.11/PHY/N/MacPhyClkSet */
2996 void b43_mac_phy_clock_set(struct b43_wldev *dev, bool on)
3000 switch (dev->dev->bus_type) {
3001 #ifdef CONFIG_B43_BCMA
3003 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
3005 tmp |= B43_BCMA_IOCTL_MACPHYCLKEN;
3007 tmp &= ~B43_BCMA_IOCTL_MACPHYCLKEN;
3008 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
3011 #ifdef CONFIG_B43_SSB
3013 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW);
3015 tmp |= B43_TMSLOW_MACPHYCLKEN;
3017 tmp &= ~B43_TMSLOW_MACPHYCLKEN;
3018 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp);
3024 /* brcms_b_switch_macfreq */
3025 void b43_mac_switch_freq(struct b43_wldev *dev, u8 spurmode)
3027 u16 chip_id = dev->dev->chip_id;
3029 if (chip_id == BCMA_CHIP_ID_BCM4331) {
3031 case 2: /* 168 Mhz: 2^26/168 = 0x61862 */
3032 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x1862);
3033 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x6);
3035 case 1: /* 164 Mhz: 2^26/164 = 0x63e70 */
3036 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x3e70);
3037 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x6);
3039 default: /* 160 Mhz: 2^26/160 = 0x66666 */
3040 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x6666);
3041 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x6);
3044 } else if (chip_id == BCMA_CHIP_ID_BCM43131 ||
3045 chip_id == BCMA_CHIP_ID_BCM43217 ||
3046 chip_id == BCMA_CHIP_ID_BCM43222 ||
3047 chip_id == BCMA_CHIP_ID_BCM43224 ||
3048 chip_id == BCMA_CHIP_ID_BCM43225 ||
3049 chip_id == BCMA_CHIP_ID_BCM43227 ||
3050 chip_id == BCMA_CHIP_ID_BCM43228) {
3052 case 2: /* 126 Mhz */
3053 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x2082);
3054 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x8);
3056 case 1: /* 123 Mhz */
3057 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x5341);
3058 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x8);
3060 default: /* 120 Mhz */
3061 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x8889);
3062 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0x8);
3065 } else if (dev->phy.type == B43_PHYTYPE_LCN) {
3067 case 1: /* 82 Mhz */
3068 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0x7CE0);
3069 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0xC);
3071 default: /* 80 Mhz */
3072 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_LOW, 0xCCCD);
3073 b43_write16(dev, B43_MMIO_TSF_CLK_FRAC_HIGH, 0xC);
3079 static void b43_adjust_opmode(struct b43_wldev *dev)
3081 struct b43_wl *wl = dev->wl;
3085 ctl = b43_read32(dev, B43_MMIO_MACCTL);
3086 /* Reset status to STA infrastructure mode. */
3087 ctl &= ~B43_MACCTL_AP;
3088 ctl &= ~B43_MACCTL_KEEP_CTL;
3089 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
3090 ctl &= ~B43_MACCTL_KEEP_BAD;
3091 ctl &= ~B43_MACCTL_PROMISC;
3092 ctl &= ~B43_MACCTL_BEACPROMISC;
3093 ctl |= B43_MACCTL_INFRA;
3095 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3096 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
3097 ctl |= B43_MACCTL_AP;
3098 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
3099 ctl &= ~B43_MACCTL_INFRA;
3101 if (wl->filter_flags & FIF_CONTROL)
3102 ctl |= B43_MACCTL_KEEP_CTL;
3103 if (wl->filter_flags & FIF_FCSFAIL)
3104 ctl |= B43_MACCTL_KEEP_BAD;
3105 if (wl->filter_flags & FIF_PLCPFAIL)
3106 ctl |= B43_MACCTL_KEEP_BADPLCP;
3107 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
3108 ctl |= B43_MACCTL_BEACPROMISC;
3110 /* Workaround: On old hardware the HW-MAC-address-filter
3111 * doesn't work properly, so always run promisc in filter
3112 * it in software. */
3113 if (dev->dev->core_rev <= 4)
3114 ctl |= B43_MACCTL_PROMISC;
3116 b43_write32(dev, B43_MMIO_MACCTL, ctl);
3119 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
3120 if (dev->dev->chip_id == 0x4306 &&
3121 dev->dev->chip_rev == 3)
3126 b43_write16(dev, 0x612, cfp_pretbtt);
3128 /* FIXME: We don't currently implement the PMQ mechanism,
3129 * so always disable it. If we want to implement PMQ,
3130 * we need to enable it here (clear DISCPMQ) in AP mode.
3132 if (0 /* ctl & B43_MACCTL_AP */)
3133 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_DISCPMQ, 0);
3135 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_DISCPMQ);
3138 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
3144 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
3147 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
3149 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
3150 b43_shm_read16(dev, B43_SHM_SHARED, offset));
3153 static void b43_rate_memory_init(struct b43_wldev *dev)
3155 switch (dev->phy.type) {
3158 case B43_PHYTYPE_LP:
3159 case B43_PHYTYPE_HT:
3160 case B43_PHYTYPE_LCN:
3161 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
3162 b43_rate_memory_write(dev, B43_OFDM_RATE_9MB, 1);
3163 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
3164 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
3165 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
3166 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
3167 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
3168 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
3171 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
3172 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
3173 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
3174 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
3181 /* Set the default values for the PHY TX Control Words. */
3182 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
3186 ctl |= B43_TXH_PHY_ENC_CCK;
3187 ctl |= B43_TXH_PHY_ANT01AUTO;
3188 ctl |= B43_TXH_PHY_TXPWR;
3190 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
3191 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
3192 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
3195 /* Set the TX-Antenna for management frames sent by firmware. */
3196 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
3201 ant = b43_antenna_to_phyctl(antenna);
3204 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
3205 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
3206 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
3207 /* For Probe Resposes */
3208 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
3209 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
3210 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
3213 /* This is the opposite of b43_chip_init() */
3214 static void b43_chip_exit(struct b43_wldev *dev)
3217 b43_gpio_cleanup(dev);
3218 /* firmware is released later */
3221 /* Initialize the chip
3222 * https://bcm-specs.sipsolutions.net/ChipInit
3224 static int b43_chip_init(struct b43_wldev *dev)
3226 struct b43_phy *phy = &dev->phy;
3231 /* Initialize the MAC control */
3232 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
3234 macctl |= B43_MACCTL_GMODE;
3235 macctl |= B43_MACCTL_INFRA;
3236 b43_write32(dev, B43_MMIO_MACCTL, macctl);
3238 err = b43_upload_microcode(dev);
3240 goto out; /* firmware is released later */
3242 err = b43_gpio_init(dev);
3244 goto out; /* firmware is released later */
3246 err = b43_upload_initvals(dev);
3248 goto err_gpio_clean;
3250 err = b43_upload_initvals_band(dev);
3252 goto err_gpio_clean;
3254 /* Turn the Analog on and initialize the PHY. */
3255 phy->ops->switch_analog(dev, 1);
3256 err = b43_phy_init(dev);
3258 goto err_gpio_clean;
3260 /* Disable Interference Mitigation. */
3261 if (phy->ops->interf_mitigation)
3262 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
3264 /* Select the antennae */
3265 if (phy->ops->set_rx_antenna)
3266 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
3267 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
3269 if (phy->type == B43_PHYTYPE_B) {
3270 value16 = b43_read16(dev, 0x005E);
3272 b43_write16(dev, 0x005E, value16);
3274 b43_write32(dev, 0x0100, 0x01000000);
3275 if (dev->dev->core_rev < 5)
3276 b43_write32(dev, 0x010C, 0x01000000);
3278 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_INFRA, 0);
3279 b43_maskset32(dev, B43_MMIO_MACCTL, ~0, B43_MACCTL_INFRA);
3281 /* Probe Response Timeout value */
3282 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
3283 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 0);
3285 /* Initially set the wireless operation mode. */
3286 b43_adjust_opmode(dev);
3288 if (dev->dev->core_rev < 3) {
3289 b43_write16(dev, 0x060E, 0x0000);
3290 b43_write16(dev, 0x0610, 0x8000);
3291 b43_write16(dev, 0x0604, 0x0000);
3292 b43_write16(dev, 0x0606, 0x0200);
3294 b43_write32(dev, 0x0188, 0x80000000);
3295 b43_write32(dev, 0x018C, 0x02000000);
3297 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
3298 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001FC00);
3299 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
3300 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
3301 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
3302 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
3303 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
3305 b43_mac_phy_clock_set(dev, true);
3307 switch (dev->dev->bus_type) {
3308 #ifdef CONFIG_B43_BCMA
3310 /* FIXME: 0xE74 is quite common, but should be read from CC */
3311 b43_write16(dev, B43_MMIO_POWERUP_DELAY, 0xE74);
3314 #ifdef CONFIG_B43_SSB
3316 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
3317 dev->dev->sdev->bus->chipco.fast_pwrup_delay);
3323 b43dbg(dev->wl, "Chip initialized\n");
3328 b43_gpio_cleanup(dev);
3332 static void b43_periodic_every60sec(struct b43_wldev *dev)
3334 const struct b43_phy_operations *ops = dev->phy.ops;
3336 if (ops->pwork_60sec)
3337 ops->pwork_60sec(dev);
3339 /* Force check the TX power emission now. */
3340 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
3343 static void b43_periodic_every30sec(struct b43_wldev *dev)
3345 /* Update device statistics. */
3346 b43_calculate_link_quality(dev);
3349 static void b43_periodic_every15sec(struct b43_wldev *dev)
3351 struct b43_phy *phy = &dev->phy;
3354 if (dev->fw.opensource) {
3355 /* Check if the firmware is still alive.
3356 * It will reset the watchdog counter to 0 in its idle loop. */
3357 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
3358 if (unlikely(wdr)) {
3359 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
3360 b43_controller_restart(dev, "Firmware watchdog");
3363 b43_shm_write16(dev, B43_SHM_SCRATCH,
3364 B43_WATCHDOG_REG, 1);
3368 if (phy->ops->pwork_15sec)
3369 phy->ops->pwork_15sec(dev);
3371 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3375 if (b43_debug(dev, B43_DBG_VERBOSESTATS)) {
3378 b43dbg(dev->wl, "Stats: %7u IRQs/sec, %7u TX/sec, %7u RX/sec\n",
3379 dev->irq_count / 15,
3381 dev->rx_count / 15);
3385 for (i = 0; i < ARRAY_SIZE(dev->irq_bit_count); i++) {
3386 if (dev->irq_bit_count[i]) {
3387 b43dbg(dev->wl, "Stats: %7u IRQ-%02u/sec (0x%08X)\n",
3388 dev->irq_bit_count[i] / 15, i, (1 << i));
3389 dev->irq_bit_count[i] = 0;
3396 static void do_periodic_work(struct b43_wldev *dev)
3400 state = dev->periodic_state;
3402 b43_periodic_every60sec(dev);
3404 b43_periodic_every30sec(dev);
3405 b43_periodic_every15sec(dev);
3408 /* Periodic work locking policy:
3409 * The whole periodic work handler is protected by
3410 * wl->mutex. If another lock is needed somewhere in the
3411 * pwork callchain, it's acquired in-place, where it's needed.
3413 static void b43_periodic_work_handler(struct work_struct *work)
3415 struct b43_wldev *dev = container_of(work, struct b43_wldev,
3416 periodic_work.work);
3417 struct b43_wl *wl = dev->wl;
3418 unsigned long delay;
3420 mutex_lock(&wl->mutex);
3422 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
3424 if (b43_debug(dev, B43_DBG_PWORK_STOP))
3427 do_periodic_work(dev);
3429 dev->periodic_state++;
3431 if (b43_debug(dev, B43_DBG_PWORK_FAST))
3432 delay = msecs_to_jiffies(50);
3434 delay = round_jiffies_relative(HZ * 15);
3435 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
3437 mutex_unlock(&wl->mutex);
3440 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
3442 struct delayed_work *work = &dev->periodic_work;
3444 dev->periodic_state = 0;
3445 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
3446 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
3449 /* Check if communication with the device works correctly. */
3450 static int b43_validate_chipaccess(struct b43_wldev *dev)
3452 u32 v, backup0, backup4;
3454 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
3455 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
3457 /* Check for read/write and endianness problems. */
3458 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
3459 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
3461 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
3462 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
3465 /* Check if unaligned 32bit SHM_SHARED access works properly.
3466 * However, don't bail out on failure, because it's noncritical. */
3467 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
3468 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
3469 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
3470 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
3471 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
3472 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
3473 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
3474 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
3475 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
3476 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
3477 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
3478 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
3480 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
3481 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
3483 if ((dev->dev->core_rev >= 3) && (dev->dev->core_rev <= 10)) {
3484 /* The 32bit register shadows the two 16bit registers
3485 * with update sideeffects. Validate this. */
3486 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
3487 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
3488 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
3490 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
3493 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
3495 v = b43_read32(dev, B43_MMIO_MACCTL);
3496 v |= B43_MACCTL_GMODE;
3497 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
3502 b43err(dev->wl, "Failed to validate the chipaccess\n");
3506 static void b43_security_init(struct b43_wldev *dev)
3508 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
3509 /* KTP is a word address, but we address SHM bytewise.
3510 * So multiply by two.
3513 /* Number of RCMTA address slots */
3514 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
3515 /* Clear the key memory. */
3516 b43_clear_keys(dev);
3519 #ifdef CONFIG_B43_HWRNG
3520 static int b43_rng_read(struct hwrng *rng, u32 *data)
3522 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3523 struct b43_wldev *dev;
3524 int count = -ENODEV;
3526 mutex_lock(&wl->mutex);
3527 dev = wl->current_dev;
3528 if (likely(dev && b43_status(dev) >= B43_STAT_INITIALIZED)) {
3529 *data = b43_read16(dev, B43_MMIO_RNG);
3530 count = sizeof(u16);
3532 mutex_unlock(&wl->mutex);
3536 #endif /* CONFIG_B43_HWRNG */
3538 static void b43_rng_exit(struct b43_wl *wl)
3540 #ifdef CONFIG_B43_HWRNG
3541 if (wl->rng_initialized)
3542 hwrng_unregister(&wl->rng);
3543 #endif /* CONFIG_B43_HWRNG */
3546 static int b43_rng_init(struct b43_wl *wl)
3550 #ifdef CONFIG_B43_HWRNG
3551 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3552 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3553 wl->rng.name = wl->rng_name;
3554 wl->rng.data_read = b43_rng_read;
3555 wl->rng.priv = (unsigned long)wl;
3556 wl->rng_initialized = true;
3557 err = hwrng_register(&wl->rng);
3559 wl->rng_initialized = false;
3560 b43err(wl, "Failed to register the random "
3561 "number generator (%d)\n", err);
3563 #endif /* CONFIG_B43_HWRNG */
3568 static void b43_tx_work(struct work_struct *work)
3570 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3571 struct b43_wldev *dev;
3572 struct sk_buff *skb;
3576 mutex_lock(&wl->mutex);
3577 dev = wl->current_dev;
3578 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3579 mutex_unlock(&wl->mutex);
3583 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
3584 while (skb_queue_len(&wl->tx_queue[queue_num])) {
3585 skb = skb_dequeue(&wl->tx_queue[queue_num]);
3586 if (b43_using_pio_transfers(dev))
3587 err = b43_pio_tx(dev, skb);
3589 err = b43_dma_tx(dev, skb);
3590 if (err == -ENOSPC) {
3591 wl->tx_queue_stopped[queue_num] = true;
3592 ieee80211_stop_queue(wl->hw, queue_num);
3593 skb_queue_head(&wl->tx_queue[queue_num], skb);
3597 ieee80211_free_txskb(wl->hw, skb);
3602 wl->tx_queue_stopped[queue_num] = false;
3608 mutex_unlock(&wl->mutex);
3611 static void b43_op_tx(struct ieee80211_hw *hw,
3612 struct ieee80211_tx_control *control,
3613 struct sk_buff *skb)
3615 struct b43_wl *wl = hw_to_b43_wl(hw);
3617 if (unlikely(skb->len < 2 + 2 + 6)) {
3618 /* Too short, this can't be a valid frame. */
3619 ieee80211_free_txskb(hw, skb);
3622 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3624 skb_queue_tail(&wl->tx_queue[skb->queue_mapping], skb);
3625 if (!wl->tx_queue_stopped[skb->queue_mapping]) {
3626 ieee80211_queue_work(wl->hw, &wl->tx_work);
3628 ieee80211_stop_queue(wl->hw, skb->queue_mapping);
3632 static void b43_qos_params_upload(struct b43_wldev *dev,
3633 const struct ieee80211_tx_queue_params *p,
3636 u16 params[B43_NR_QOSPARAMS];
3640 if (!dev->qos_enabled)
3643 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3645 memset(¶ms, 0, sizeof(params));
3647 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3648 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3649 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3650 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3651 params[B43_QOSPARAM_AIFS] = p->aifs;
3652 params[B43_QOSPARAM_BSLOTS] = bslots;
3653 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3655 for (i = 0; i < ARRAY_SIZE(params); i++) {
3656 if (i == B43_QOSPARAM_STATUS) {
3657 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3658 shm_offset + (i * 2));
3659 /* Mark the parameters as updated. */
3661 b43_shm_write16(dev, B43_SHM_SHARED,
3662 shm_offset + (i * 2),
3665 b43_shm_write16(dev, B43_SHM_SHARED,
3666 shm_offset + (i * 2),
3672 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3673 static const u16 b43_qos_shm_offsets[] = {
3674 /* [mac80211-queue-nr] = SHM_OFFSET, */
3675 [0] = B43_QOS_VOICE,
3676 [1] = B43_QOS_VIDEO,
3677 [2] = B43_QOS_BESTEFFORT,
3678 [3] = B43_QOS_BACKGROUND,
3681 /* Update all QOS parameters in hardware. */
3682 static void b43_qos_upload_all(struct b43_wldev *dev)
3684 struct b43_wl *wl = dev->wl;
3685 struct b43_qos_params *params;
3688 if (!dev->qos_enabled)
3691 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3692 ARRAY_SIZE(wl->qos_params));
3694 b43_mac_suspend(dev);
3695 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3696 params = &(wl->qos_params[i]);
3697 b43_qos_params_upload(dev, &(params->p),
3698 b43_qos_shm_offsets[i]);
3700 b43_mac_enable(dev);
3703 static void b43_qos_clear(struct b43_wl *wl)
3705 struct b43_qos_params *params;
3708 /* Initialize QoS parameters to sane defaults. */
3710 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3711 ARRAY_SIZE(wl->qos_params));
3713 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3714 params = &(wl->qos_params[i]);
3716 switch (b43_qos_shm_offsets[i]) {
3720 params->p.cw_min = 0x0001;
3721 params->p.cw_max = 0x0001;
3726 params->p.cw_min = 0x0001;
3727 params->p.cw_max = 0x0001;
3729 case B43_QOS_BESTEFFORT:
3732 params->p.cw_min = 0x0001;
3733 params->p.cw_max = 0x03FF;
3735 case B43_QOS_BACKGROUND:
3738 params->p.cw_min = 0x0001;
3739 params->p.cw_max = 0x03FF;
3747 /* Initialize the core's QOS capabilities */
3748 static void b43_qos_init(struct b43_wldev *dev)
3750 if (!dev->qos_enabled) {
3751 /* Disable QOS support. */
3752 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3753 b43_write16(dev, B43_MMIO_IFSCTL,
3754 b43_read16(dev, B43_MMIO_IFSCTL)
3755 & ~B43_MMIO_IFSCTL_USE_EDCF);
3756 b43dbg(dev->wl, "QoS disabled\n");
3760 /* Upload the current QOS parameters. */
3761 b43_qos_upload_all(dev);
3763 /* Enable QOS support. */
3764 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3765 b43_write16(dev, B43_MMIO_IFSCTL,
3766 b43_read16(dev, B43_MMIO_IFSCTL)
3767 | B43_MMIO_IFSCTL_USE_EDCF);
3768 b43dbg(dev->wl, "QoS enabled\n");
3771 static int b43_op_conf_tx(struct ieee80211_hw *hw,
3772 struct ieee80211_vif *vif, u16 _queue,
3773 const struct ieee80211_tx_queue_params *params)
3775 struct b43_wl *wl = hw_to_b43_wl(hw);
3776 struct b43_wldev *dev;
3777 unsigned int queue = (unsigned int)_queue;
3780 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3781 /* Queue not available or don't support setting
3782 * params on this queue. Return success to not
3783 * confuse mac80211. */
3786 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3787 ARRAY_SIZE(wl->qos_params));
3789 mutex_lock(&wl->mutex);
3790 dev = wl->current_dev;
3791 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3794 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3795 b43_mac_suspend(dev);
3796 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3797 b43_qos_shm_offsets[queue]);
3798 b43_mac_enable(dev);
3802 mutex_unlock(&wl->mutex);
3807 static int b43_op_get_stats(struct ieee80211_hw *hw,
3808 struct ieee80211_low_level_stats *stats)
3810 struct b43_wl *wl = hw_to_b43_wl(hw);
3812 mutex_lock(&wl->mutex);
3813 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3814 mutex_unlock(&wl->mutex);
3819 static u64 b43_op_get_tsf(struct ieee80211_hw *hw, struct ieee80211_vif *vif)
3821 struct b43_wl *wl = hw_to_b43_wl(hw);
3822 struct b43_wldev *dev;
3825 mutex_lock(&wl->mutex);
3826 dev = wl->current_dev;
3828 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3829 b43_tsf_read(dev, &tsf);
3833 mutex_unlock(&wl->mutex);
3838 static void b43_op_set_tsf(struct ieee80211_hw *hw,
3839 struct ieee80211_vif *vif, u64 tsf)
3841 struct b43_wl *wl = hw_to_b43_wl(hw);
3842 struct b43_wldev *dev;
3844 mutex_lock(&wl->mutex);
3845 dev = wl->current_dev;
3847 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3848 b43_tsf_write(dev, tsf);
3850 mutex_unlock(&wl->mutex);
3853 static const char *band_to_string(enum nl80211_band band)
3856 case NL80211_BAND_5GHZ:
3858 case NL80211_BAND_2GHZ:
3867 /* Expects wl->mutex locked */
3868 static int b43_switch_band(struct b43_wldev *dev,
3869 struct ieee80211_channel *chan)
3871 struct b43_phy *phy = &dev->phy;
3875 switch (chan->band) {
3876 case NL80211_BAND_5GHZ:
3879 case NL80211_BAND_2GHZ:
3887 if (!((gmode && phy->supports_2ghz) ||
3888 (!gmode && phy->supports_5ghz))) {
3889 b43err(dev->wl, "This device doesn't support %s-GHz band\n",
3890 band_to_string(chan->band));
3894 if (!!phy->gmode == !!gmode) {
3895 /* This device is already running. */
3899 b43dbg(dev->wl, "Switching to %s GHz band\n",
3900 band_to_string(chan->band));
3902 /* Some new devices don't need disabling radio for band switching */
3903 if (!(phy->type == B43_PHYTYPE_N && phy->rev >= 3))
3904 b43_software_rfkill(dev, true);
3907 b43_phy_put_into_reset(dev);
3908 switch (dev->dev->bus_type) {
3909 #ifdef CONFIG_B43_BCMA
3911 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOCTL);
3913 tmp |= B43_BCMA_IOCTL_GMODE;
3915 tmp &= ~B43_BCMA_IOCTL_GMODE;
3916 bcma_awrite32(dev->dev->bdev, BCMA_IOCTL, tmp);
3919 #ifdef CONFIG_B43_SSB
3921 tmp = ssb_read32(dev->dev->sdev, SSB_TMSLOW);
3923 tmp |= B43_TMSLOW_GMODE;
3925 tmp &= ~B43_TMSLOW_GMODE;
3926 ssb_write32(dev->dev->sdev, SSB_TMSLOW, tmp);
3930 b43_phy_take_out_of_reset(dev);
3932 b43_upload_initvals_band(dev);
3939 static void b43_set_beacon_listen_interval(struct b43_wldev *dev, u16 interval)
3941 interval = min_t(u16, interval, (u16)0xFF);
3942 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BCN_LI, interval);
3945 /* Write the short and long frame retry limit values. */
3946 static void b43_set_retry_limits(struct b43_wldev *dev,
3947 unsigned int short_retry,
3948 unsigned int long_retry)
3950 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3951 * the chip-internal counter. */
3952 short_retry = min(short_retry, (unsigned int)0xF);
3953 long_retry = min(long_retry, (unsigned int)0xF);
3955 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3957 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3961 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3963 struct b43_wl *wl = hw_to_b43_wl(hw);
3964 struct b43_wldev *dev = wl->current_dev;
3965 struct b43_phy *phy = &dev->phy;
3966 struct ieee80211_conf *conf = &hw->conf;
3970 mutex_lock(&wl->mutex);
3971 b43_mac_suspend(dev);
3973 if (changed & IEEE80211_CONF_CHANGE_LISTEN_INTERVAL)
3974 b43_set_beacon_listen_interval(dev, conf->listen_interval);
3976 if (changed & IEEE80211_CONF_CHANGE_CHANNEL) {
3977 phy->chandef = &conf->chandef;
3978 phy->channel = conf->chandef.chan->hw_value;
3980 /* Switch the band (if necessary). */
3981 err = b43_switch_band(dev, conf->chandef.chan);
3983 goto out_mac_enable;
3985 /* Switch to the requested channel.
3986 * The firmware takes care of races with the TX handler.
3988 b43_switch_channel(dev, phy->channel);
3991 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3992 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3993 conf->long_frame_max_tx_count);
3994 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3996 goto out_mac_enable;
3998 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_MONITOR);
4000 /* Adjust the desired TX power level. */
4001 if (conf->power_level != 0) {
4002 if (conf->power_level != phy->desired_txpower) {
4003 phy->desired_txpower = conf->power_level;
4004 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
4005 B43_TXPWR_IGNORE_TSSI);
4009 /* Antennas for RX and management frame TX. */
4010 antenna = B43_ANTENNA_DEFAULT;
4011 b43_mgmtframe_txantenna(dev, antenna);
4012 antenna = B43_ANTENNA_DEFAULT;
4013 if (phy->ops->set_rx_antenna)
4014 phy->ops->set_rx_antenna(dev, antenna);
4016 if (wl->radio_enabled != phy->radio_on) {
4017 if (wl->radio_enabled) {
4018 b43_software_rfkill(dev, false);
4019 b43info(dev->wl, "Radio turned on by software\n");
4020 if (!dev->radio_hw_enable) {
4021 b43info(dev->wl, "The hardware RF-kill button "
4022 "still turns the radio physically off. "
4023 "Press the button to turn it on.\n");
4026 b43_software_rfkill(dev, true);
4027 b43info(dev->wl, "Radio turned off by software\n");
4032 b43_mac_enable(dev);
4033 mutex_unlock(&wl->mutex);
4038 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
4040 struct ieee80211_supported_band *sband =
4041 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
4042 const struct ieee80211_rate *rate;
4044 u16 basic, direct, offset, basic_offset, rateptr;
4046 for (i = 0; i < sband->n_bitrates; i++) {
4047 rate = &sband->bitrates[i];
4049 if (b43_is_cck_rate(rate->hw_value)) {
4050 direct = B43_SHM_SH_CCKDIRECT;
4051 basic = B43_SHM_SH_CCKBASIC;
4052 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
4055 direct = B43_SHM_SH_OFDMDIRECT;
4056 basic = B43_SHM_SH_OFDMBASIC;
4057 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
4061 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
4063 if (b43_is_cck_rate(rate->hw_value)) {
4064 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
4065 basic_offset &= 0xF;
4067 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
4068 basic_offset &= 0xF;
4072 * Get the pointer that we need to point to
4073 * from the direct map
4075 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
4076 direct + 2 * basic_offset);
4077 /* and write it to the basic map */
4078 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
4083 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
4084 struct ieee80211_vif *vif,
4085 struct ieee80211_bss_conf *conf,
4088 struct b43_wl *wl = hw_to_b43_wl(hw);
4089 struct b43_wldev *dev;
4091 mutex_lock(&wl->mutex);
4093 dev = wl->current_dev;
4094 if (!dev || b43_status(dev) < B43_STAT_STARTED)
4095 goto out_unlock_mutex;
4097 B43_WARN_ON(wl->vif != vif);
4099 if (changed & BSS_CHANGED_BSSID) {
4101 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
4103 eth_zero_addr(wl->bssid);
4106 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
4107 if (changed & BSS_CHANGED_BEACON &&
4108 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
4109 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
4110 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
4111 b43_update_templates(wl);
4113 if (changed & BSS_CHANGED_BSSID)
4114 b43_write_mac_bssid_templates(dev);
4117 b43_mac_suspend(dev);
4119 /* Update templates for AP/mesh mode. */
4120 if (changed & BSS_CHANGED_BEACON_INT &&
4121 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
4122 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
4123 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)) &&
4125 b43_set_beacon_int(dev, conf->beacon_int);
4127 if (changed & BSS_CHANGED_BASIC_RATES)
4128 b43_update_basic_rates(dev, conf->basic_rates);
4130 if (changed & BSS_CHANGED_ERP_SLOT) {
4131 if (conf->use_short_slot)
4132 b43_short_slot_timing_enable(dev);
4134 b43_short_slot_timing_disable(dev);
4137 b43_mac_enable(dev);
4139 mutex_unlock(&wl->mutex);
4142 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
4143 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
4144 struct ieee80211_key_conf *key)
4146 struct b43_wl *wl = hw_to_b43_wl(hw);
4147 struct b43_wldev *dev;
4151 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
4153 if (modparam_nohwcrypt)
4154 return -ENOSPC; /* User disabled HW-crypto */
4156 if ((vif->type == NL80211_IFTYPE_ADHOC ||
4157 vif->type == NL80211_IFTYPE_MESH_POINT) &&
4158 (key->cipher == WLAN_CIPHER_SUITE_TKIP ||
4159 key->cipher == WLAN_CIPHER_SUITE_CCMP) &&
4160 !(key->flags & IEEE80211_KEY_FLAG_PAIRWISE)) {
4162 * For now, disable hw crypto for the RSN IBSS group keys. This
4163 * could be optimized in the future, but until that gets
4164 * implemented, use of software crypto for group addressed
4165 * frames is a acceptable to allow RSN IBSS to be used.
4170 mutex_lock(&wl->mutex);
4172 dev = wl->current_dev;
4174 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
4177 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
4178 /* We don't have firmware for the crypto engine.
4179 * Must use software-crypto. */
4185 switch (key->cipher) {
4186 case WLAN_CIPHER_SUITE_WEP40:
4187 algorithm = B43_SEC_ALGO_WEP40;
4189 case WLAN_CIPHER_SUITE_WEP104:
4190 algorithm = B43_SEC_ALGO_WEP104;
4192 case WLAN_CIPHER_SUITE_TKIP:
4193 algorithm = B43_SEC_ALGO_TKIP;
4195 case WLAN_CIPHER_SUITE_CCMP:
4196 algorithm = B43_SEC_ALGO_AES;
4202 index = (u8) (key->keyidx);
4208 if (algorithm == B43_SEC_ALGO_TKIP &&
4209 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
4210 !modparam_hwtkip)) {
4211 /* We support only pairwise key */
4216 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
4217 if (WARN_ON(!sta)) {
4221 /* Pairwise key with an assigned MAC address. */
4222 err = b43_key_write(dev, -1, algorithm,
4223 key->key, key->keylen,
4227 err = b43_key_write(dev, index, algorithm,
4228 key->key, key->keylen, NULL, key);
4233 if (algorithm == B43_SEC_ALGO_WEP40 ||
4234 algorithm == B43_SEC_ALGO_WEP104) {
4235 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
4238 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
4240 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
4241 if (algorithm == B43_SEC_ALGO_TKIP)
4242 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
4245 err = b43_key_clear(dev, key->hw_key_idx);
4256 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
4258 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
4259 sta ? sta->addr : bcast_addr);
4260 b43_dump_keymemory(dev);
4262 mutex_unlock(&wl->mutex);
4267 static void b43_op_configure_filter(struct ieee80211_hw *hw,
4268 unsigned int changed, unsigned int *fflags,
4271 struct b43_wl *wl = hw_to_b43_wl(hw);
4272 struct b43_wldev *dev;
4274 mutex_lock(&wl->mutex);
4275 dev = wl->current_dev;
4281 *fflags &= FIF_ALLMULTI |
4286 FIF_BCN_PRBRESP_PROMISC;
4288 changed &= FIF_ALLMULTI |
4293 FIF_BCN_PRBRESP_PROMISC;
4295 wl->filter_flags = *fflags;
4297 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
4298 b43_adjust_opmode(dev);
4301 mutex_unlock(&wl->mutex);
4304 /* Locking: wl->mutex
4305 * Returns the current dev. This might be different from the passed in dev,
4306 * because the core might be gone away while we unlocked the mutex. */
4307 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
4310 struct b43_wldev *orig_dev;
4318 if (!dev || b43_status(dev) < B43_STAT_STARTED)
4321 /* Cancel work. Unlock to avoid deadlocks. */
4322 mutex_unlock(&wl->mutex);
4323 cancel_delayed_work_sync(&dev->periodic_work);
4324 cancel_work_sync(&wl->tx_work);
4326 mutex_lock(&wl->mutex);
4327 dev = wl->current_dev;
4328 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
4329 /* Whoops, aliens ate up the device while we were unlocked. */
4333 /* Disable interrupts on the device. */
4334 b43_set_status(dev, B43_STAT_INITIALIZED);
4335 if (b43_bus_host_is_sdio(dev->dev)) {
4336 /* wl->mutex is locked. That is enough. */
4337 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
4338 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
4340 spin_lock_irq(&wl->hardirq_lock);
4341 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
4342 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
4343 spin_unlock_irq(&wl->hardirq_lock);
4345 /* Synchronize and free the interrupt handlers. Unlock to avoid deadlocks. */
4347 mutex_unlock(&wl->mutex);
4348 if (b43_bus_host_is_sdio(dev->dev))
4349 b43_sdio_free_irq(dev);
4351 free_irq(dev->dev->irq, dev);
4352 mutex_lock(&wl->mutex);
4353 dev = wl->current_dev;
4356 if (dev != orig_dev) {
4357 if (b43_status(dev) >= B43_STAT_STARTED)
4361 mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
4362 B43_WARN_ON(mask != 0xFFFFFFFF && mask);
4364 /* Drain all TX queues. */
4365 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
4366 while (skb_queue_len(&wl->tx_queue[queue_num])) {
4367 struct sk_buff *skb;
4369 skb = skb_dequeue(&wl->tx_queue[queue_num]);
4370 ieee80211_free_txskb(wl->hw, skb);
4374 b43_mac_suspend(dev);
4376 b43dbg(wl, "Wireless interface stopped\n");
4381 /* Locking: wl->mutex */
4382 static int b43_wireless_core_start(struct b43_wldev *dev)
4386 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
4388 drain_txstatus_queue(dev);
4389 if (b43_bus_host_is_sdio(dev->dev)) {
4390 err = b43_sdio_request_irq(dev, b43_sdio_interrupt_handler);
4392 b43err(dev->wl, "Cannot request SDIO IRQ\n");
4396 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
4397 b43_interrupt_thread_handler,
4398 IRQF_SHARED, KBUILD_MODNAME, dev);
4400 b43err(dev->wl, "Cannot request IRQ-%d\n",
4406 /* We are ready to run. */
4407 ieee80211_wake_queues(dev->wl->hw);
4408 b43_set_status(dev, B43_STAT_STARTED);
4410 /* Start data flow (TX/RX). */
4411 b43_mac_enable(dev);
4412 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
4414 /* Start maintenance work */
4415 b43_periodic_tasks_setup(dev);
4419 b43dbg(dev->wl, "Wireless interface started\n");
4424 static char *b43_phy_name(struct b43_wldev *dev, u8 phy_type)
4435 case B43_PHYTYPE_LP:
4437 case B43_PHYTYPE_SSLPN:
4439 case B43_PHYTYPE_HT:
4441 case B43_PHYTYPE_LCN:
4443 case B43_PHYTYPE_LCNXN:
4445 case B43_PHYTYPE_LCN40:
4447 case B43_PHYTYPE_AC:
4453 /* Get PHY and RADIO versioning numbers */
4454 static int b43_phy_versioning(struct b43_wldev *dev)
4456 struct b43_phy *phy = &dev->phy;
4457 const u8 core_rev = dev->dev->core_rev;
4466 int unsupported = 0;
4468 /* Get PHY versioning */
4469 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
4470 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
4471 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
4472 phy_rev = (tmp & B43_PHYVER_VERSION);
4474 /* LCNXN is continuation of N which run out of revisions */
4475 if (phy_type == B43_PHYTYPE_LCNXN) {
4476 phy_type = B43_PHYTYPE_N;
4481 #ifdef CONFIG_B43_PHY_G
4487 #ifdef CONFIG_B43_PHY_N
4493 #ifdef CONFIG_B43_PHY_LP
4494 case B43_PHYTYPE_LP:
4499 #ifdef CONFIG_B43_PHY_HT
4500 case B43_PHYTYPE_HT:
4505 #ifdef CONFIG_B43_PHY_LCN
4506 case B43_PHYTYPE_LCN:
4511 #ifdef CONFIG_B43_PHY_AC
4512 case B43_PHYTYPE_AC:
4521 b43err(dev->wl, "FOUND UNSUPPORTED PHY (Analog %u, Type %d (%s), Revision %u)\n",
4522 analog_type, phy_type, b43_phy_name(dev, phy_type),
4526 b43info(dev->wl, "Found PHY: Analog %u, Type %d (%s), Revision %u\n",
4527 analog_type, phy_type, b43_phy_name(dev, phy_type), phy_rev);
4529 /* Get RADIO versioning */
4530 if (core_rev == 40 || core_rev == 42) {
4531 radio_manuf = 0x17F;
4533 b43_write16f(dev, B43_MMIO_RADIO24_CONTROL, 0);
4534 radio_rev = b43_read16(dev, B43_MMIO_RADIO24_DATA);
4536 b43_write16f(dev, B43_MMIO_RADIO24_CONTROL, 1);
4537 radio_id = b43_read16(dev, B43_MMIO_RADIO24_DATA);
4539 radio_ver = 0; /* Is there version somewhere? */
4540 } else if (core_rev >= 24) {
4543 for (tmp = 0; tmp < 3; tmp++) {
4544 b43_write16f(dev, B43_MMIO_RADIO24_CONTROL, tmp);
4545 radio24[tmp] = b43_read16(dev, B43_MMIO_RADIO24_DATA);
4548 radio_manuf = 0x17F;
4549 radio_id = (radio24[2] << 8) | radio24[1];
4550 radio_rev = (radio24[0] & 0xF);
4551 radio_ver = (radio24[0] & 0xF0) >> 4;
4553 if (dev->dev->chip_id == 0x4317) {
4554 if (dev->dev->chip_rev == 0)
4556 else if (dev->dev->chip_rev == 1)
4561 b43_write16f(dev, B43_MMIO_RADIO_CONTROL,
4563 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
4564 b43_write16f(dev, B43_MMIO_RADIO_CONTROL,
4566 tmp |= b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
4568 radio_manuf = (tmp & 0x00000FFF);
4569 radio_id = (tmp & 0x0FFFF000) >> 12;
4570 radio_rev = (tmp & 0xF0000000) >> 28;
4571 radio_ver = 0; /* Probably not available on old hw */
4574 if (radio_manuf != 0x17F /* Broadcom */)
4578 if ((radio_id & 0xFFF0) != 0x2050)
4582 if (radio_id != 0x2050)
4586 if (radio_id != 0x2055 && radio_id != 0x2056 &&
4589 if (radio_id == 0x2057 &&
4590 !(radio_rev == 9 || radio_rev == 14))
4593 case B43_PHYTYPE_LP:
4594 if (radio_id != 0x2062 && radio_id != 0x2063)
4597 case B43_PHYTYPE_HT:
4598 if (radio_id != 0x2059)
4601 case B43_PHYTYPE_LCN:
4602 if (radio_id != 0x2064)
4605 case B43_PHYTYPE_AC:
4606 if (radio_id != 0x2069)
4614 "FOUND UNSUPPORTED RADIO (Manuf 0x%X, ID 0x%X, Revision %u, Version %u)\n",
4615 radio_manuf, radio_id, radio_rev, radio_ver);
4619 "Found Radio: Manuf 0x%X, ID 0x%X, Revision %u, Version %u\n",
4620 radio_manuf, radio_id, radio_rev, radio_ver);
4622 /* FIXME: b43 treats "id" as "ver" and ignores the real "ver" */
4623 phy->radio_manuf = radio_manuf;
4624 phy->radio_ver = radio_id;
4625 phy->radio_rev = radio_rev;
4627 phy->analog = analog_type;
4628 phy->type = phy_type;
4634 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4635 struct b43_phy *phy)
4637 phy->hardware_power_control = !!modparam_hwpctl;
4638 phy->next_txpwr_check_time = jiffies;
4639 /* PHY TX errors counter. */
4640 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4643 phy->phy_locked = false;
4644 phy->radio_locked = false;
4648 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4650 dev->dfq_valid = false;
4652 /* Assume the radio is enabled. If it's not enabled, the state will
4653 * immediately get fixed on the first periodic work run. */
4654 dev->radio_hw_enable = true;
4657 memset(&dev->stats, 0, sizeof(dev->stats));
4659 setup_struct_phy_for_init(dev, &dev->phy);
4661 /* IRQ related flags */
4662 dev->irq_reason = 0;
4663 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4664 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4665 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4666 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4668 dev->mac_suspended = 1;
4670 /* Noise calculation context */
4671 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4674 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4676 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4679 if (!modparam_btcoex)
4681 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4683 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4686 hf = b43_hf_read(dev);
4687 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4688 hf |= B43_HF_BTCOEXALT;
4690 hf |= B43_HF_BTCOEX;
4691 b43_hf_write(dev, hf);
4694 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4696 if (!modparam_btcoex)
4701 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4703 struct ssb_bus *bus;
4706 #ifdef CONFIG_B43_SSB
4707 if (dev->dev->bus_type != B43_BUS_SSB)
4713 bus = dev->dev->sdev->bus;
4715 if ((bus->chip_id == 0x4311 && bus->chip_rev == 2) ||
4716 (bus->chip_id == 0x4312)) {
4717 tmp = ssb_read32(dev->dev->sdev, SSB_IMCFGLO);
4718 tmp &= ~SSB_IMCFGLO_REQTO;
4719 tmp &= ~SSB_IMCFGLO_SERTO;
4721 ssb_write32(dev->dev->sdev, SSB_IMCFGLO, tmp);
4722 ssb_commit_settings(bus);
4726 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4730 /* The time value is in microseconds. */
4732 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4734 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4735 pu_delay = max(pu_delay, (u16)2400);
4737 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4740 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4741 static void b43_set_pretbtt(struct b43_wldev *dev)
4745 /* The time value is in microseconds. */
4746 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
4750 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4751 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4754 /* Shutdown a wireless core */
4755 /* Locking: wl->mutex */
4756 static void b43_wireless_core_exit(struct b43_wldev *dev)
4758 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4759 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4762 b43_set_status(dev, B43_STAT_UNINIT);
4764 /* Stop the microcode PSM. */
4765 b43_maskset32(dev, B43_MMIO_MACCTL, ~B43_MACCTL_PSM_RUN,
4766 B43_MACCTL_PSM_JMP0);
4768 switch (dev->dev->bus_type) {
4769 #ifdef CONFIG_B43_BCMA
4771 bcma_host_pci_down(dev->dev->bdev->bus);
4774 #ifdef CONFIG_B43_SSB
4784 dev->phy.ops->switch_analog(dev, 0);
4785 if (dev->wl->current_beacon) {
4786 dev_kfree_skb_any(dev->wl->current_beacon);
4787 dev->wl->current_beacon = NULL;
4790 b43_device_disable(dev, 0);
4791 b43_bus_may_powerdown(dev);
4794 /* Initialize a wireless core */
4795 static int b43_wireless_core_init(struct b43_wldev *dev)
4797 struct ssb_sprom *sprom = dev->dev->bus_sprom;
4798 struct b43_phy *phy = &dev->phy;
4802 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4804 err = b43_bus_powerup(dev, 0);
4807 if (!b43_device_is_enabled(dev))
4808 b43_wireless_core_reset(dev, phy->gmode);
4810 /* Reset all data structures. */
4811 setup_struct_wldev_for_init(dev);
4812 phy->ops->prepare_structs(dev);
4814 /* Enable IRQ routing to this device. */
4815 switch (dev->dev->bus_type) {
4816 #ifdef CONFIG_B43_BCMA
4818 bcma_host_pci_irq_ctl(dev->dev->bdev->bus,
4819 dev->dev->bdev, true);
4820 bcma_host_pci_up(dev->dev->bdev->bus);
4823 #ifdef CONFIG_B43_SSB
4825 ssb_pcicore_dev_irqvecs_enable(&dev->dev->sdev->bus->pcicore,
4831 b43_imcfglo_timeouts_workaround(dev);
4832 b43_bluetooth_coext_disable(dev);
4833 if (phy->ops->prepare_hardware) {
4834 err = phy->ops->prepare_hardware(dev);
4838 err = b43_chip_init(dev);
4841 b43_shm_write16(dev, B43_SHM_SHARED,
4842 B43_SHM_SH_WLCOREREV, dev->dev->core_rev);
4843 hf = b43_hf_read(dev);
4844 if (phy->type == B43_PHYTYPE_G) {
4848 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4849 hf |= B43_HF_OFDMPABOOST;
4851 if (phy->radio_ver == 0x2050) {
4852 if (phy->radio_rev == 6)
4853 hf |= B43_HF_4318TSSI;
4854 if (phy->radio_rev < 6)
4855 hf |= B43_HF_VCORECALC;
4857 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4858 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4859 #if defined(CONFIG_B43_SSB) && defined(CONFIG_SSB_DRIVER_PCICORE)
4860 if (dev->dev->bus_type == B43_BUS_SSB &&
4861 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI &&
4862 dev->dev->sdev->bus->pcicore.dev->id.revision <= 10)
4863 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4865 hf &= ~B43_HF_SKCFPUP;
4866 b43_hf_write(dev, hf);
4868 /* tell the ucode MAC capabilities */
4869 if (dev->dev->core_rev >= 13) {
4870 u32 mac_hw_cap = b43_read32(dev, B43_MMIO_MAC_HW_CAP);
4872 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_MACHW_L,
4873 mac_hw_cap & 0xffff);
4874 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_MACHW_H,
4875 (mac_hw_cap >> 16) & 0xffff);
4878 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4879 B43_DEFAULT_LONG_RETRY_LIMIT);
4880 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4881 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4883 /* Disable sending probe responses from firmware.
4884 * Setting the MaxTime to one usec will always trigger
4885 * a timeout, so we never send any probe resp.
4886 * A timeout of zero is infinite. */
4887 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4889 b43_rate_memory_init(dev);
4890 b43_set_phytxctl_defaults(dev);
4892 /* Minimum Contention Window */
4893 if (phy->type == B43_PHYTYPE_B)
4894 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4896 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4897 /* Maximum Contention Window */
4898 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4900 /* write phytype and phyvers */
4901 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PHYTYPE, phy->type);
4902 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PHYVER, phy->rev);
4904 if (b43_bus_host_is_pcmcia(dev->dev) ||
4905 b43_bus_host_is_sdio(dev->dev)) {
4906 dev->__using_pio_transfers = true;
4907 err = b43_pio_init(dev);
4908 } else if (dev->use_pio) {
4909 b43warn(dev->wl, "Forced PIO by use_pio module parameter. "
4910 "This should not be needed and will result in lower "
4912 dev->__using_pio_transfers = true;
4913 err = b43_pio_init(dev);
4915 dev->__using_pio_transfers = false;
4916 err = b43_dma_init(dev);
4921 b43_set_synth_pu_delay(dev, 1);
4922 b43_bluetooth_coext_enable(dev);
4924 b43_bus_powerup(dev, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4925 b43_upload_card_macaddress(dev);
4926 b43_security_init(dev);
4928 ieee80211_wake_queues(dev->wl->hw);
4930 b43_set_status(dev, B43_STAT_INITIALIZED);
4938 b43_bus_may_powerdown(dev);
4939 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4943 static int b43_op_add_interface(struct ieee80211_hw *hw,
4944 struct ieee80211_vif *vif)
4946 struct b43_wl *wl = hw_to_b43_wl(hw);
4947 struct b43_wldev *dev;
4948 int err = -EOPNOTSUPP;
4950 /* TODO: allow AP devices to coexist */
4952 if (vif->type != NL80211_IFTYPE_AP &&
4953 vif->type != NL80211_IFTYPE_MESH_POINT &&
4954 vif->type != NL80211_IFTYPE_STATION &&
4955 vif->type != NL80211_IFTYPE_ADHOC)
4958 mutex_lock(&wl->mutex);
4960 goto out_mutex_unlock;
4962 b43dbg(wl, "Adding Interface type %d\n", vif->type);
4964 dev = wl->current_dev;
4965 wl->operating = true;
4967 wl->if_type = vif->type;
4968 memcpy(wl->mac_addr, vif->addr, ETH_ALEN);
4970 b43_adjust_opmode(dev);
4971 b43_set_pretbtt(dev);
4972 b43_set_synth_pu_delay(dev, 0);
4973 b43_upload_card_macaddress(dev);
4977 mutex_unlock(&wl->mutex);
4980 b43_op_bss_info_changed(hw, vif, &vif->bss_conf, ~0);
4985 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4986 struct ieee80211_vif *vif)
4988 struct b43_wl *wl = hw_to_b43_wl(hw);
4989 struct b43_wldev *dev = wl->current_dev;
4991 b43dbg(wl, "Removing Interface type %d\n", vif->type);
4993 mutex_lock(&wl->mutex);
4995 B43_WARN_ON(!wl->operating);
4996 B43_WARN_ON(wl->vif != vif);
4999 wl->operating = false;
5001 b43_adjust_opmode(dev);
5002 eth_zero_addr(wl->mac_addr);
5003 b43_upload_card_macaddress(dev);
5005 mutex_unlock(&wl->mutex);
5008 static int b43_op_start(struct ieee80211_hw *hw)
5010 struct b43_wl *wl = hw_to_b43_wl(hw);
5011 struct b43_wldev *dev = wl->current_dev;
5015 /* Kill all old instance specific information to make sure
5016 * the card won't use it in the short timeframe between start
5017 * and mac80211 reconfiguring it. */
5018 eth_zero_addr(wl->bssid);
5019 eth_zero_addr(wl->mac_addr);
5020 wl->filter_flags = 0;
5021 wl->radiotap_enabled = false;
5023 wl->beacon0_uploaded = false;
5024 wl->beacon1_uploaded = false;
5025 wl->beacon_templates_virgin = true;
5026 wl->radio_enabled = true;
5028 mutex_lock(&wl->mutex);
5030 if (b43_status(dev) < B43_STAT_INITIALIZED) {
5031 err = b43_wireless_core_init(dev);
5033 goto out_mutex_unlock;
5037 if (b43_status(dev) < B43_STAT_STARTED) {
5038 err = b43_wireless_core_start(dev);
5041 b43_wireless_core_exit(dev);
5042 goto out_mutex_unlock;
5046 /* XXX: only do if device doesn't support rfkill irq */
5047 wiphy_rfkill_start_polling(hw->wiphy);
5050 mutex_unlock(&wl->mutex);
5053 * Configuration may have been overwritten during initialization.
5054 * Reload the configuration, but only if initialization was
5055 * successful. Reloading the configuration after a failed init
5056 * may hang the system.
5059 b43_op_config(hw, ~0);
5064 static void b43_op_stop(struct ieee80211_hw *hw)
5066 struct b43_wl *wl = hw_to_b43_wl(hw);
5067 struct b43_wldev *dev = wl->current_dev;
5069 cancel_work_sync(&(wl->beacon_update_trigger));
5074 mutex_lock(&wl->mutex);
5075 if (b43_status(dev) >= B43_STAT_STARTED) {
5076 dev = b43_wireless_core_stop(dev);
5080 b43_wireless_core_exit(dev);
5081 wl->radio_enabled = false;
5084 mutex_unlock(&wl->mutex);
5086 cancel_work_sync(&(wl->txpower_adjust_work));
5089 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
5090 struct ieee80211_sta *sta, bool set)
5092 struct b43_wl *wl = hw_to_b43_wl(hw);
5094 b43_update_templates(wl);
5099 static void b43_op_sta_notify(struct ieee80211_hw *hw,
5100 struct ieee80211_vif *vif,
5101 enum sta_notify_cmd notify_cmd,
5102 struct ieee80211_sta *sta)
5104 struct b43_wl *wl = hw_to_b43_wl(hw);
5106 B43_WARN_ON(!vif || wl->vif != vif);
5109 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw,
5110 struct ieee80211_vif *vif,
5113 struct b43_wl *wl = hw_to_b43_wl(hw);
5114 struct b43_wldev *dev;
5116 mutex_lock(&wl->mutex);
5117 dev = wl->current_dev;
5118 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
5119 /* Disable CFP update during scan on other channels. */
5120 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
5122 mutex_unlock(&wl->mutex);
5125 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw,
5126 struct ieee80211_vif *vif)
5128 struct b43_wl *wl = hw_to_b43_wl(hw);
5129 struct b43_wldev *dev;
5131 mutex_lock(&wl->mutex);
5132 dev = wl->current_dev;
5133 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
5134 /* Re-enable CFP update. */
5135 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
5137 mutex_unlock(&wl->mutex);
5140 static int b43_op_get_survey(struct ieee80211_hw *hw, int idx,
5141 struct survey_info *survey)
5143 struct b43_wl *wl = hw_to_b43_wl(hw);
5144 struct b43_wldev *dev = wl->current_dev;
5145 struct ieee80211_conf *conf = &hw->conf;
5150 survey->channel = conf->chandef.chan;
5151 survey->filled = SURVEY_INFO_NOISE_DBM;
5152 survey->noise = dev->stats.link_noise;
5157 static const struct ieee80211_ops b43_hw_ops = {
5159 .conf_tx = b43_op_conf_tx,
5160 .add_interface = b43_op_add_interface,
5161 .remove_interface = b43_op_remove_interface,
5162 .config = b43_op_config,
5163 .bss_info_changed = b43_op_bss_info_changed,
5164 .configure_filter = b43_op_configure_filter,
5165 .set_key = b43_op_set_key,
5166 .update_tkip_key = b43_op_update_tkip_key,
5167 .get_stats = b43_op_get_stats,
5168 .get_tsf = b43_op_get_tsf,
5169 .set_tsf = b43_op_set_tsf,
5170 .start = b43_op_start,
5171 .stop = b43_op_stop,
5172 .set_tim = b43_op_beacon_set_tim,
5173 .sta_notify = b43_op_sta_notify,
5174 .sw_scan_start = b43_op_sw_scan_start_notifier,
5175 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
5176 .get_survey = b43_op_get_survey,
5177 .rfkill_poll = b43_rfkill_poll,
5180 /* Hard-reset the chip. Do not call this directly.
5181 * Use b43_controller_restart()
5183 static void b43_chip_reset(struct work_struct *work)
5185 struct b43_wldev *dev =
5186 container_of(work, struct b43_wldev, restart_work);
5187 struct b43_wl *wl = dev->wl;
5191 mutex_lock(&wl->mutex);
5193 prev_status = b43_status(dev);
5194 /* Bring the device down... */
5195 if (prev_status >= B43_STAT_STARTED) {
5196 dev = b43_wireless_core_stop(dev);
5202 if (prev_status >= B43_STAT_INITIALIZED)
5203 b43_wireless_core_exit(dev);
5205 /* ...and up again. */
5206 if (prev_status >= B43_STAT_INITIALIZED) {
5207 err = b43_wireless_core_init(dev);
5211 if (prev_status >= B43_STAT_STARTED) {
5212 err = b43_wireless_core_start(dev);
5214 b43_wireless_core_exit(dev);
5220 wl->current_dev = NULL; /* Failed to init the dev. */
5221 mutex_unlock(&wl->mutex);
5224 b43err(wl, "Controller restart FAILED\n");
5228 /* reload configuration */
5229 b43_op_config(wl->hw, ~0);
5231 b43_op_bss_info_changed(wl->hw, wl->vif, &wl->vif->bss_conf, ~0);
5233 b43info(wl, "Controller restarted\n");
5236 static int b43_setup_bands(struct b43_wldev *dev,
5237 bool have_2ghz_phy, bool have_5ghz_phy)
5239 struct ieee80211_hw *hw = dev->wl->hw;
5240 struct b43_phy *phy = &dev->phy;
5244 /* We don't support all 2 GHz channels on some devices */
5245 limited_2g = phy->radio_ver == 0x2057 &&
5246 (phy->radio_rev == 9 || phy->radio_rev == 14);
5247 limited_5g = phy->radio_ver == 0x2057 &&
5248 phy->radio_rev == 9;
5251 hw->wiphy->bands[NL80211_BAND_2GHZ] = limited_2g ?
5252 &b43_band_2ghz_limited : &b43_band_2GHz;
5253 if (dev->phy.type == B43_PHYTYPE_N) {
5255 hw->wiphy->bands[NL80211_BAND_5GHZ] = limited_5g ?
5256 &b43_band_5GHz_nphy_limited :
5257 &b43_band_5GHz_nphy;
5260 hw->wiphy->bands[NL80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
5263 dev->phy.supports_2ghz = have_2ghz_phy;
5264 dev->phy.supports_5ghz = have_5ghz_phy;
5269 static void b43_wireless_core_detach(struct b43_wldev *dev)
5271 /* We release firmware that late to not be required to re-request
5272 * is all the time when we reinit the core. */
5273 b43_release_firmware(dev);
5277 static void b43_supported_bands(struct b43_wldev *dev, bool *have_2ghz_phy,
5278 bool *have_5ghz_phy)
5282 #ifdef CONFIG_B43_BCMA
5283 if (dev->dev->bus_type == B43_BUS_BCMA &&
5284 dev->dev->bdev->bus->hosttype == BCMA_HOSTTYPE_PCI)
5285 dev_id = dev->dev->bdev->bus->host_pci->device;
5287 #ifdef CONFIG_B43_SSB
5288 if (dev->dev->bus_type == B43_BUS_SSB &&
5289 dev->dev->sdev->bus->bustype == SSB_BUSTYPE_PCI)
5290 dev_id = dev->dev->sdev->bus->host_pci->device;
5292 /* Override with SPROM value if available */
5293 if (dev->dev->bus_sprom->dev_id)
5294 dev_id = dev->dev->bus_sprom->dev_id;
5296 /* Note: below IDs can be "virtual" (not maching e.g. real PCI ID) */
5298 case 0x4324: /* BCM4306 */
5299 case 0x4312: /* BCM4311 */
5300 case 0x4319: /* BCM4318 */
5301 case 0x4328: /* BCM4321 */
5302 case 0x432b: /* BCM4322 */
5303 case 0x4350: /* BCM43222 */
5304 case 0x4353: /* BCM43224 */
5305 case 0x0576: /* BCM43224 */
5306 case 0x435f: /* BCM6362 */
5307 case 0x4331: /* BCM4331 */
5308 case 0x4359: /* BCM43228 */
5309 case 0x43a0: /* BCM4360 */
5310 case 0x43b1: /* BCM4352 */
5311 /* Dual band devices */
5312 *have_2ghz_phy = true;
5313 *have_5ghz_phy = true;
5315 case 0x4321: /* BCM4306 */
5316 /* There are 14e4:4321 PCI devs with 2.4 GHz BCM4321 (N-PHY) */
5317 if (dev->phy.type != B43_PHYTYPE_G)
5320 case 0x4313: /* BCM4311 */
5321 case 0x431a: /* BCM4318 */
5322 case 0x432a: /* BCM4321 */
5323 case 0x432d: /* BCM4322 */
5324 case 0x4352: /* BCM43222 */
5325 case 0x435a: /* BCM43228 */
5326 case 0x4333: /* BCM4331 */
5327 case 0x43a2: /* BCM4360 */
5328 case 0x43b3: /* BCM4352 */
5329 /* 5 GHz only devices */
5330 *have_2ghz_phy = false;
5331 *have_5ghz_phy = true;
5335 /* As a fallback, try to guess using PHY type */
5336 switch (dev->phy.type) {
5339 case B43_PHYTYPE_LP:
5340 case B43_PHYTYPE_HT:
5341 case B43_PHYTYPE_LCN:
5342 *have_2ghz_phy = true;
5343 *have_5ghz_phy = false;
5350 static int b43_wireless_core_attach(struct b43_wldev *dev)
5352 struct b43_wl *wl = dev->wl;
5353 struct b43_phy *phy = &dev->phy;
5356 bool have_2ghz_phy = false, have_5ghz_phy = false;
5358 /* Do NOT do any device initialization here.
5359 * Do it in wireless_core_init() instead.
5360 * This function is for gathering basic information about the HW, only.
5361 * Also some structs may be set up here. But most likely you want to have
5362 * that in core_init(), too.
5365 err = b43_bus_powerup(dev, 0);
5367 b43err(wl, "Bus powerup failed\n");
5371 phy->do_full_init = true;
5373 /* Try to guess supported bands for the first init needs */
5374 switch (dev->dev->bus_type) {
5375 #ifdef CONFIG_B43_BCMA
5377 tmp = bcma_aread32(dev->dev->bdev, BCMA_IOST);
5378 have_2ghz_phy = !!(tmp & B43_BCMA_IOST_2G_PHY);
5379 have_5ghz_phy = !!(tmp & B43_BCMA_IOST_5G_PHY);
5382 #ifdef CONFIG_B43_SSB
5384 if (dev->dev->core_rev >= 5) {
5385 tmp = ssb_read32(dev->dev->sdev, SSB_TMSHIGH);
5386 have_2ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_2GHZ_PHY);
5387 have_5ghz_phy = !!(tmp & B43_TMSHIGH_HAVE_5GHZ_PHY);
5394 dev->phy.gmode = have_2ghz_phy;
5395 b43_wireless_core_reset(dev, dev->phy.gmode);
5397 /* Get the PHY type. */
5398 err = b43_phy_versioning(dev);
5402 /* Get real info about supported bands */
5403 b43_supported_bands(dev, &have_2ghz_phy, &have_5ghz_phy);
5405 /* We don't support 5 GHz on some PHYs yet */
5406 if (have_5ghz_phy) {
5407 switch (dev->phy.type) {
5409 case B43_PHYTYPE_LP:
5410 case B43_PHYTYPE_HT:
5411 b43warn(wl, "5 GHz band is unsupported on this PHY\n");
5412 have_5ghz_phy = false;
5416 if (!have_2ghz_phy && !have_5ghz_phy) {
5417 b43err(wl, "b43 can't support any band on this device\n");
5422 err = b43_phy_allocate(dev);
5426 dev->phy.gmode = have_2ghz_phy;
5427 b43_wireless_core_reset(dev, dev->phy.gmode);
5429 err = b43_validate_chipaccess(dev);
5432 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
5436 /* Now set some default "current_dev" */
5437 if (!wl->current_dev)
5438 wl->current_dev = dev;
5439 INIT_WORK(&dev->restart_work, b43_chip_reset);
5441 dev->phy.ops->switch_analog(dev, 0);
5442 b43_device_disable(dev, 0);
5443 b43_bus_may_powerdown(dev);
5451 b43_bus_may_powerdown(dev);
5455 static void b43_one_core_detach(struct b43_bus_dev *dev)
5457 struct b43_wldev *wldev;
5459 /* Do not cancel ieee80211-workqueue based work here.
5460 * See comment in b43_remove(). */
5462 wldev = b43_bus_get_wldev(dev);
5463 b43_debugfs_remove_device(wldev);
5464 b43_wireless_core_detach(wldev);
5465 list_del(&wldev->list);
5466 b43_bus_set_wldev(dev, NULL);
5470 static int b43_one_core_attach(struct b43_bus_dev *dev, struct b43_wl *wl)
5472 struct b43_wldev *wldev;
5475 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
5479 wldev->use_pio = b43_modparam_pio;
5482 b43_set_status(wldev, B43_STAT_UNINIT);
5483 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
5484 INIT_LIST_HEAD(&wldev->list);
5486 err = b43_wireless_core_attach(wldev);
5488 goto err_kfree_wldev;
5490 b43_bus_set_wldev(dev, wldev);
5491 b43_debugfs_add_device(wldev);
5501 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
5502 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
5503 (pdev->device == _device) && \
5504 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
5505 (pdev->subsystem_device == _subdevice) )
5507 #ifdef CONFIG_B43_SSB
5508 static void b43_sprom_fixup(struct ssb_bus *bus)
5510 struct pci_dev *pdev;
5512 /* boardflags workarounds */
5513 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
5514 bus->chip_id == 0x4301 && bus->sprom.board_rev == 0x74)
5515 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
5516 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
5517 bus->boardinfo.type == 0x4E && bus->sprom.board_rev > 0x40)
5518 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
5519 if (bus->bustype == SSB_BUSTYPE_PCI) {
5520 pdev = bus->host_pci;
5521 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
5522 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
5523 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
5524 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
5525 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
5526 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
5527 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
5528 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
5532 static void b43_wireless_exit(struct b43_bus_dev *dev, struct b43_wl *wl)
5534 struct ieee80211_hw *hw = wl->hw;
5536 ssb_set_devtypedata(dev->sdev, NULL);
5537 ieee80211_free_hw(hw);
5541 static struct b43_wl *b43_wireless_init(struct b43_bus_dev *dev)
5543 struct ssb_sprom *sprom = dev->bus_sprom;
5544 struct ieee80211_hw *hw;
5549 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
5551 b43err(NULL, "Could not allocate ieee80211 device\n");
5552 return ERR_PTR(-ENOMEM);
5554 wl = hw_to_b43_wl(hw);
5557 ieee80211_hw_set(hw, RX_INCLUDES_FCS);
5558 ieee80211_hw_set(hw, SIGNAL_DBM);
5559 ieee80211_hw_set(hw, MFP_CAPABLE);
5560 hw->wiphy->interface_modes =
5561 BIT(NL80211_IFTYPE_AP) |
5562 BIT(NL80211_IFTYPE_MESH_POINT) |
5563 BIT(NL80211_IFTYPE_STATION) |
5564 BIT(NL80211_IFTYPE_ADHOC);
5566 hw->wiphy->flags |= WIPHY_FLAG_IBSS_RSN;
5568 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
5570 wl->hw_registered = false;
5572 SET_IEEE80211_DEV(hw, dev->dev);
5573 if (is_valid_ether_addr(sprom->et1mac))
5574 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
5576 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
5578 /* Initialize struct b43_wl */
5580 mutex_init(&wl->mutex);
5581 spin_lock_init(&wl->hardirq_lock);
5582 spin_lock_init(&wl->beacon_lock);
5583 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
5584 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
5585 INIT_WORK(&wl->tx_work, b43_tx_work);
5587 /* Initialize queues and flags. */
5588 for (queue_num = 0; queue_num < B43_QOS_QUEUE_NUM; queue_num++) {
5589 skb_queue_head_init(&wl->tx_queue[queue_num]);
5590 wl->tx_queue_stopped[queue_num] = false;
5593 snprintf(chip_name, ARRAY_SIZE(chip_name),
5594 (dev->chip_id > 0x9999) ? "%d" : "%04X", dev->chip_id);
5595 b43info(wl, "Broadcom %s WLAN found (core revision %u)\n", chip_name,
5600 #ifdef CONFIG_B43_BCMA
5601 static int b43_bcma_probe(struct bcma_device *core)
5603 struct b43_bus_dev *dev;
5607 if (!modparam_allhwsupport &&
5608 (core->id.rev == 0x17 || core->id.rev == 0x18)) {
5609 pr_err("Support for cores revisions 0x17 and 0x18 disabled by module param allhwsupport=0. Try b43.allhwsupport=1\n");
5613 dev = b43_bus_dev_bcma_init(core);
5617 wl = b43_wireless_init(dev);
5623 err = b43_one_core_attach(dev, wl);
5625 goto bcma_err_wireless_exit;
5627 /* setup and start work to load firmware */
5628 INIT_WORK(&wl->firmware_load, b43_request_firmware);
5629 schedule_work(&wl->firmware_load);
5633 bcma_err_wireless_exit:
5634 ieee80211_free_hw(wl->hw);
5640 static void b43_bcma_remove(struct bcma_device *core)
5642 struct b43_wldev *wldev = bcma_get_drvdata(core);
5643 struct b43_wl *wl = wldev->wl;
5645 /* We must cancel any work here before unregistering from ieee80211,
5646 * as the ieee80211 unreg will destroy the workqueue. */
5647 cancel_work_sync(&wldev->restart_work);
5648 cancel_work_sync(&wl->firmware_load);
5651 if (!wldev->fw.ucode.data)
5652 return; /* NULL if firmware never loaded */
5653 if (wl->current_dev == wldev && wl->hw_registered) {
5654 b43_leds_stop(wldev);
5655 ieee80211_unregister_hw(wl->hw);
5658 b43_one_core_detach(wldev->dev);
5660 /* Unregister HW RNG driver */
5663 b43_leds_unregister(wl);
5664 ieee80211_free_hw(wl->hw);
5668 static struct bcma_driver b43_bcma_driver = {
5669 .name = KBUILD_MODNAME,
5670 .id_table = b43_bcma_tbl,
5671 .probe = b43_bcma_probe,
5672 .remove = b43_bcma_remove,
5676 #ifdef CONFIG_B43_SSB
5678 int b43_ssb_probe(struct ssb_device *sdev, const struct ssb_device_id *id)
5680 struct b43_bus_dev *dev;
5684 dev = b43_bus_dev_ssb_init(sdev);
5688 wl = ssb_get_devtypedata(sdev);
5690 b43err(NULL, "Dual-core devices are not supported\n");
5692 goto err_ssb_kfree_dev;
5695 b43_sprom_fixup(sdev->bus);
5697 wl = b43_wireless_init(dev);
5700 goto err_ssb_kfree_dev;
5702 ssb_set_devtypedata(sdev, wl);
5703 B43_WARN_ON(ssb_get_devtypedata(sdev) != wl);
5705 err = b43_one_core_attach(dev, wl);
5707 goto err_ssb_wireless_exit;
5709 /* setup and start work to load firmware */
5710 INIT_WORK(&wl->firmware_load, b43_request_firmware);
5711 schedule_work(&wl->firmware_load);
5715 err_ssb_wireless_exit:
5716 b43_wireless_exit(dev, wl);
5722 static void b43_ssb_remove(struct ssb_device *sdev)
5724 struct b43_wl *wl = ssb_get_devtypedata(sdev);
5725 struct b43_wldev *wldev = ssb_get_drvdata(sdev);
5726 struct b43_bus_dev *dev = wldev->dev;
5728 /* We must cancel any work here before unregistering from ieee80211,
5729 * as the ieee80211 unreg will destroy the workqueue. */
5730 cancel_work_sync(&wldev->restart_work);
5731 cancel_work_sync(&wl->firmware_load);
5734 if (!wldev->fw.ucode.data)
5735 return; /* NULL if firmware never loaded */
5736 if (wl->current_dev == wldev && wl->hw_registered) {
5737 b43_leds_stop(wldev);
5738 ieee80211_unregister_hw(wl->hw);
5741 b43_one_core_detach(dev);
5743 /* Unregister HW RNG driver */
5746 b43_leds_unregister(wl);
5747 b43_wireless_exit(dev, wl);
5751 static struct ssb_driver b43_ssb_driver = {
5752 .name = KBUILD_MODNAME,
5753 .id_table = b43_ssb_tbl,
5754 .probe = b43_ssb_probe,
5755 .remove = b43_ssb_remove,
5757 #endif /* CONFIG_B43_SSB */
5759 /* Perform a hardware reset. This can be called from any context. */
5760 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
5762 /* Must avoid requeueing, if we are in shutdown. */
5763 if (b43_status(dev) < B43_STAT_INITIALIZED)
5765 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
5766 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
5769 static void b43_print_driverinfo(void)
5771 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5772 *feat_leds = "", *feat_sdio = "";
5774 #ifdef CONFIG_B43_PCI_AUTOSELECT
5777 #ifdef CONFIG_B43_PCMCIA
5780 #ifdef CONFIG_B43_PHY_N
5783 #ifdef CONFIG_B43_LEDS
5786 #ifdef CONFIG_B43_SDIO
5789 printk(KERN_INFO "Broadcom 43xx driver loaded "
5790 "[ Features: %s%s%s%s%s ]\n",
5791 feat_pci, feat_pcmcia, feat_nphy,
5792 feat_leds, feat_sdio);
5795 static int __init b43_init(void)
5800 err = b43_sdio_init();
5803 #ifdef CONFIG_B43_BCMA
5804 err = bcma_driver_register(&b43_bcma_driver);
5808 #ifdef CONFIG_B43_SSB
5809 err = ssb_driver_register(&b43_ssb_driver);
5811 goto err_bcma_driver_exit;
5813 b43_print_driverinfo();
5817 #ifdef CONFIG_B43_SSB
5818 err_bcma_driver_exit:
5820 #ifdef CONFIG_B43_BCMA
5821 bcma_driver_unregister(&b43_bcma_driver);
5830 static void __exit b43_exit(void)
5832 #ifdef CONFIG_B43_SSB
5833 ssb_driver_unregister(&b43_ssb_driver);
5835 #ifdef CONFIG_B43_BCMA
5836 bcma_driver_unregister(&b43_bcma_driver);
5842 module_init(b43_init)
5843 module_exit(b43_exit)
projects / releases.git / blob