projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / net / wireless / b43 / main.c
1 /*
2
3 Broadcom B43 wireless driver
4
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005, 2006 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
10
11 Some parts of the code in this file are derived from the ipw2200
12 driver Copyright(c) 2003 - 2004 Intel Corporation.
13
14 This program is free software; you can redistribute it and/or modify
15 it under the terms of the GNU General Public License as published by
16 the Free Software Foundation; either version 2 of the License, or
17 (at your option) any later version.
18
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 GNU General Public License for more details.
23
24 You should have received a copy of the GNU General Public License
25 along with this program; see the file COPYING. If not, write to
26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
27 Boston, MA 02110-1301, USA.
28
29 */
30
31 #include <linux/delay.h>
32 #include <linux/init.h>
33 #include <linux/moduleparam.h>
34 #include <linux/if_arp.h>
35 #include <linux/etherdevice.h>
36 #include <linux/version.h>
37 #include <linux/firmware.h>
38 #include <linux/wireless.h>
39 #include <linux/workqueue.h>
40 #include <linux/skbuff.h>
41 #include <linux/io.h>
42 #include <linux/dma-mapping.h>
43 #include <asm/unaligned.h>
44
45 #include "b43.h"
46 #include "main.h"
47 #include "debugfs.h"
48 #include "phy.h"
49 #include "nphy.h"
50 #include "dma.h"
51 #include "pio.h"
52 #include "sysfs.h"
53 #include "xmit.h"
54 #include "lo.h"
55 #include "pcmcia.h"
56
57 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
58 MODULE_AUTHOR("Martin Langer");
59 MODULE_AUTHOR("Stefano Brivio");
60 MODULE_AUTHOR("Michael Buesch");
61 MODULE_LICENSE("GPL");
62
63 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
64
65
66 static int modparam_bad_frames_preempt;
67 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
68 MODULE_PARM_DESC(bad_frames_preempt,
69 "enable(1) / disable(0) Bad Frames Preemption");
70
71 static char modparam_fwpostfix[16];
72 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
73 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
74
75 static int modparam_hwpctl;
76 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
77 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
78
79 static int modparam_nohwcrypt;
80 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
81 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
82
83 int b43_modparam_qos = 1;
84 module_param_named(qos, b43_modparam_qos, int, 0444);
85 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
86
87
88 static const struct ssb_device_id b43_ssb_tbl[] = {
89 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
90 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
91 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
92 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
93 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
94 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
95 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
96 SSB_DEVTABLE_END
97 };
98
99 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
100
101 /* Channel and ratetables are shared for all devices.
102 * They can't be const, because ieee80211 puts some precalculated
103 * data in there. This data is the same for all devices, so we don't
104 * get concurrency issues */
105 #define RATETAB_ENT(_rateid, _flags) \
106 { \
107 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
108 .hw_value = (_rateid), \
109 .flags = (_flags), \
110 }
111
112 /*
113 * NOTE: When changing this, sync with xmit.c's
114 * b43_plcp_get_bitrate_idx_* functions!
115 */
116 static struct ieee80211_rate __b43_ratetable[] = {
117 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
118 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
119 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
120 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
121 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
122 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
123 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
124 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
125 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
126 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
127 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
128 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
129 };
130
131 #define b43_a_ratetable (__b43_ratetable + 4)
132 #define b43_a_ratetable_size 8
133 #define b43_b_ratetable (__b43_ratetable + 0)
134 #define b43_b_ratetable_size 4
135 #define b43_g_ratetable (__b43_ratetable + 0)
136 #define b43_g_ratetable_size 12
137
138 #define CHAN4G(_channel, _freq, _flags) { \
139 .band = IEEE80211_BAND_2GHZ, \
140 .center_freq = (_freq), \
141 .hw_value = (_channel), \
142 .flags = (_flags), \
143 .max_antenna_gain = 0, \
144 .max_power = 30, \
145 }
146 static struct ieee80211_channel b43_2ghz_chantable[] = {
147 CHAN4G(1, 2412, 0),
148 CHAN4G(2, 2417, 0),
149 CHAN4G(3, 2422, 0),
150 CHAN4G(4, 2427, 0),
151 CHAN4G(5, 2432, 0),
152 CHAN4G(6, 2437, 0),
153 CHAN4G(7, 2442, 0),
154 CHAN4G(8, 2447, 0),
155 CHAN4G(9, 2452, 0),
156 CHAN4G(10, 2457, 0),
157 CHAN4G(11, 2462, 0),
158 CHAN4G(12, 2467, 0),
159 CHAN4G(13, 2472, 0),
160 CHAN4G(14, 2484, 0),
161 };
162 #undef CHAN4G
163
164 #define CHAN5G(_channel, _flags) { \
165 .band = IEEE80211_BAND_5GHZ, \
166 .center_freq = 5000 + (5 * (_channel)), \
167 .hw_value = (_channel), \
168 .flags = (_flags), \
169 .max_antenna_gain = 0, \
170 .max_power = 30, \
171 }
172 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
173 CHAN5G(32, 0), CHAN5G(34, 0),
174 CHAN5G(36, 0), CHAN5G(38, 0),
175 CHAN5G(40, 0), CHAN5G(42, 0),
176 CHAN5G(44, 0), CHAN5G(46, 0),
177 CHAN5G(48, 0), CHAN5G(50, 0),
178 CHAN5G(52, 0), CHAN5G(54, 0),
179 CHAN5G(56, 0), CHAN5G(58, 0),
180 CHAN5G(60, 0), CHAN5G(62, 0),
181 CHAN5G(64, 0), CHAN5G(66, 0),
182 CHAN5G(68, 0), CHAN5G(70, 0),
183 CHAN5G(72, 0), CHAN5G(74, 0),
184 CHAN5G(76, 0), CHAN5G(78, 0),
185 CHAN5G(80, 0), CHAN5G(82, 0),
186 CHAN5G(84, 0), CHAN5G(86, 0),
187 CHAN5G(88, 0), CHAN5G(90, 0),
188 CHAN5G(92, 0), CHAN5G(94, 0),
189 CHAN5G(96, 0), CHAN5G(98, 0),
190 CHAN5G(100, 0), CHAN5G(102, 0),
191 CHAN5G(104, 0), CHAN5G(106, 0),
192 CHAN5G(108, 0), CHAN5G(110, 0),
193 CHAN5G(112, 0), CHAN5G(114, 0),
194 CHAN5G(116, 0), CHAN5G(118, 0),
195 CHAN5G(120, 0), CHAN5G(122, 0),
196 CHAN5G(124, 0), CHAN5G(126, 0),
197 CHAN5G(128, 0), CHAN5G(130, 0),
198 CHAN5G(132, 0), CHAN5G(134, 0),
199 CHAN5G(136, 0), CHAN5G(138, 0),
200 CHAN5G(140, 0), CHAN5G(142, 0),
201 CHAN5G(144, 0), CHAN5G(145, 0),
202 CHAN5G(146, 0), CHAN5G(147, 0),
203 CHAN5G(148, 0), CHAN5G(149, 0),
204 CHAN5G(150, 0), CHAN5G(151, 0),
205 CHAN5G(152, 0), CHAN5G(153, 0),
206 CHAN5G(154, 0), CHAN5G(155, 0),
207 CHAN5G(156, 0), CHAN5G(157, 0),
208 CHAN5G(158, 0), CHAN5G(159, 0),
209 CHAN5G(160, 0), CHAN5G(161, 0),
210 CHAN5G(162, 0), CHAN5G(163, 0),
211 CHAN5G(164, 0), CHAN5G(165, 0),
212 CHAN5G(166, 0), CHAN5G(168, 0),
213 CHAN5G(170, 0), CHAN5G(172, 0),
214 CHAN5G(174, 0), CHAN5G(176, 0),
215 CHAN5G(178, 0), CHAN5G(180, 0),
216 CHAN5G(182, 0), CHAN5G(184, 0),
217 CHAN5G(186, 0), CHAN5G(188, 0),
218 CHAN5G(190, 0), CHAN5G(192, 0),
219 CHAN5G(194, 0), CHAN5G(196, 0),
220 CHAN5G(198, 0), CHAN5G(200, 0),
221 CHAN5G(202, 0), CHAN5G(204, 0),
222 CHAN5G(206, 0), CHAN5G(208, 0),
223 CHAN5G(210, 0), CHAN5G(212, 0),
224 CHAN5G(214, 0), CHAN5G(216, 0),
225 CHAN5G(218, 0), CHAN5G(220, 0),
226 CHAN5G(222, 0), CHAN5G(224, 0),
227 CHAN5G(226, 0), CHAN5G(228, 0),
228 };
229
230 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
231 CHAN5G(34, 0), CHAN5G(36, 0),
232 CHAN5G(38, 0), CHAN5G(40, 0),
233 CHAN5G(42, 0), CHAN5G(44, 0),
234 CHAN5G(46, 0), CHAN5G(48, 0),
235 CHAN5G(52, 0), CHAN5G(56, 0),
236 CHAN5G(60, 0), CHAN5G(64, 0),
237 CHAN5G(100, 0), CHAN5G(104, 0),
238 CHAN5G(108, 0), CHAN5G(112, 0),
239 CHAN5G(116, 0), CHAN5G(120, 0),
240 CHAN5G(124, 0), CHAN5G(128, 0),
241 CHAN5G(132, 0), CHAN5G(136, 0),
242 CHAN5G(140, 0), CHAN5G(149, 0),
243 CHAN5G(153, 0), CHAN5G(157, 0),
244 CHAN5G(161, 0), CHAN5G(165, 0),
245 CHAN5G(184, 0), CHAN5G(188, 0),
246 CHAN5G(192, 0), CHAN5G(196, 0),
247 CHAN5G(200, 0), CHAN5G(204, 0),
248 CHAN5G(208, 0), CHAN5G(212, 0),
249 CHAN5G(216, 0),
250 };
251 #undef CHAN5G
252
253 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
254 .band = IEEE80211_BAND_5GHZ,
255 .channels = b43_5ghz_nphy_chantable,
256 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
257 .bitrates = b43_a_ratetable,
258 .n_bitrates = b43_a_ratetable_size,
259 };
260
261 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
262 .band = IEEE80211_BAND_5GHZ,
263 .channels = b43_5ghz_aphy_chantable,
264 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
265 .bitrates = b43_a_ratetable,
266 .n_bitrates = b43_a_ratetable_size,
267 };
268
269 static struct ieee80211_supported_band b43_band_2GHz = {
270 .band = IEEE80211_BAND_2GHZ,
271 .channels = b43_2ghz_chantable,
272 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
273 .bitrates = b43_g_ratetable,
274 .n_bitrates = b43_g_ratetable_size,
275 };
276
277 static void b43_wireless_core_exit(struct b43_wldev *dev);
278 static int b43_wireless_core_init(struct b43_wldev *dev);
279 static void b43_wireless_core_stop(struct b43_wldev *dev);
280 static int b43_wireless_core_start(struct b43_wldev *dev);
281
282 static int b43_ratelimit(struct b43_wl *wl)
283 {
284 if (!wl || !wl->current_dev)
285 return 1;
286 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
287 return 1;
288 /* We are up and running.
289 * Ratelimit the messages to avoid DoS over the net. */
290 return net_ratelimit();
291 }
292
293 void b43info(struct b43_wl *wl, const char *fmt, ...)
294 {
295 va_list args;
296
297 if (!b43_ratelimit(wl))
298 return;
299 va_start(args, fmt);
300 printk(KERN_INFO "b43-%s: ",
301 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
302 vprintk(fmt, args);
303 va_end(args);
304 }
305
306 void b43err(struct b43_wl *wl, const char *fmt, ...)
307 {
308 va_list args;
309
310 if (!b43_ratelimit(wl))
311 return;
312 va_start(args, fmt);
313 printk(KERN_ERR "b43-%s ERROR: ",
314 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
315 vprintk(fmt, args);
316 va_end(args);
317 }
318
319 void b43warn(struct b43_wl *wl, const char *fmt, ...)
320 {
321 va_list args;
322
323 if (!b43_ratelimit(wl))
324 return;
325 va_start(args, fmt);
326 printk(KERN_WARNING "b43-%s warning: ",
327 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
328 vprintk(fmt, args);
329 va_end(args);
330 }
331
332 #if B43_DEBUG
333 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
334 {
335 va_list args;
336
337 va_start(args, fmt);
338 printk(KERN_DEBUG "b43-%s debug: ",
339 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
340 vprintk(fmt, args);
341 va_end(args);
342 }
343 #endif /* DEBUG */
344
345 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
346 {
347 u32 macctl;
348
349 B43_WARN_ON(offset % 4 != 0);
350
351 macctl = b43_read32(dev, B43_MMIO_MACCTL);
352 if (macctl & B43_MACCTL_BE)
353 val = swab32(val);
354
355 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
356 mmiowb();
357 b43_write32(dev, B43_MMIO_RAM_DATA, val);
358 }
359
360 static inline void b43_shm_control_word(struct b43_wldev *dev,
361 u16 routing, u16 offset)
362 {
363 u32 control;
364
365 /* "offset" is the WORD offset. */
366 control = routing;
367 control <<= 16;
368 control |= offset;
369 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
370 }
371
372 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
373 {
374 struct b43_wl *wl = dev->wl;
375 unsigned long flags;
376 u32 ret;
377
378 spin_lock_irqsave(&wl->shm_lock, flags);
379 if (routing == B43_SHM_SHARED) {
380 B43_WARN_ON(offset & 0x0001);
381 if (offset & 0x0003) {
382 /* Unaligned access */
383 b43_shm_control_word(dev, routing, offset >> 2);
384 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
385 ret <<= 16;
386 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
387 ret |= b43_read16(dev, B43_MMIO_SHM_DATA);
388
389 goto out;
390 }
391 offset >>= 2;
392 }
393 b43_shm_control_word(dev, routing, offset);
394 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
395 out:
396 spin_unlock_irqrestore(&wl->shm_lock, flags);
397
398 return ret;
399 }
400
401 u16 b43_shm_read16(struct b43_wldev * dev, u16 routing, u16 offset)
402 {
403 struct b43_wl *wl = dev->wl;
404 unsigned long flags;
405 u16 ret;
406
407 spin_lock_irqsave(&wl->shm_lock, flags);
408 if (routing == B43_SHM_SHARED) {
409 B43_WARN_ON(offset & 0x0001);
410 if (offset & 0x0003) {
411 /* Unaligned access */
412 b43_shm_control_word(dev, routing, offset >> 2);
413 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
414
415 goto out;
416 }
417 offset >>= 2;
418 }
419 b43_shm_control_word(dev, routing, offset);
420 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
421 out:
422 spin_unlock_irqrestore(&wl->shm_lock, flags);
423
424 return ret;
425 }
426
427 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
428 {
429 struct b43_wl *wl = dev->wl;
430 unsigned long flags;
431
432 spin_lock_irqsave(&wl->shm_lock, flags);
433 if (routing == B43_SHM_SHARED) {
434 B43_WARN_ON(offset & 0x0001);
435 if (offset & 0x0003) {
436 /* Unaligned access */
437 b43_shm_control_word(dev, routing, offset >> 2);
438 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
439 (value >> 16) & 0xffff);
440 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
441 b43_write16(dev, B43_MMIO_SHM_DATA, value & 0xffff);
442 goto out;
443 }
444 offset >>= 2;
445 }
446 b43_shm_control_word(dev, routing, offset);
447 b43_write32(dev, B43_MMIO_SHM_DATA, value);
448 out:
449 spin_unlock_irqrestore(&wl->shm_lock, flags);
450 }
451
452 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
453 {
454 struct b43_wl *wl = dev->wl;
455 unsigned long flags;
456
457 spin_lock_irqsave(&wl->shm_lock, flags);
458 if (routing == B43_SHM_SHARED) {
459 B43_WARN_ON(offset & 0x0001);
460 if (offset & 0x0003) {
461 /* Unaligned access */
462 b43_shm_control_word(dev, routing, offset >> 2);
463 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
464 goto out;
465 }
466 offset >>= 2;
467 }
468 b43_shm_control_word(dev, routing, offset);
469 b43_write16(dev, B43_MMIO_SHM_DATA, value);
470 out:
471 spin_unlock_irqrestore(&wl->shm_lock, flags);
472 }
473
474 /* Read HostFlags */
475 u64 b43_hf_read(struct b43_wldev * dev)
476 {
477 u64 ret;
478
479 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
480 ret <<= 16;
481 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
482 ret <<= 16;
483 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
484
485 return ret;
486 }
487
488 /* Write HostFlags */
489 void b43_hf_write(struct b43_wldev *dev, u64 value)
490 {
491 u16 lo, mi, hi;
492
493 lo = (value & 0x00000000FFFFULL);
494 mi = (value & 0x0000FFFF0000ULL) >> 16;
495 hi = (value & 0xFFFF00000000ULL) >> 32;
496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
497 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
498 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
499 }
500
501 void b43_tsf_read(struct b43_wldev *dev, u64 * tsf)
502 {
503 /* We need to be careful. As we read the TSF from multiple
504 * registers, we should take care of register overflows.
505 * In theory, the whole tsf read process should be atomic.
506 * We try to be atomic here, by restaring the read process,
507 * if any of the high registers changed (overflew).
508 */
509 if (dev->dev->id.revision >= 3) {
510 u32 low, high, high2;
511
512 do {
513 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
514 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
515 high2 = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
516 } while (unlikely(high != high2));
517
518 *tsf = high;
519 *tsf <<= 32;
520 *tsf |= low;
521 } else {
522 u64 tmp;
523 u16 v0, v1, v2, v3;
524 u16 test1, test2, test3;
525
526 do {
527 v3 = b43_read16(dev, B43_MMIO_TSF_3);
528 v2 = b43_read16(dev, B43_MMIO_TSF_2);
529 v1 = b43_read16(dev, B43_MMIO_TSF_1);
530 v0 = b43_read16(dev, B43_MMIO_TSF_0);
531
532 test3 = b43_read16(dev, B43_MMIO_TSF_3);
533 test2 = b43_read16(dev, B43_MMIO_TSF_2);
534 test1 = b43_read16(dev, B43_MMIO_TSF_1);
535 } while (v3 != test3 || v2 != test2 || v1 != test1);
536
537 *tsf = v3;
538 *tsf <<= 48;
539 tmp = v2;
540 tmp <<= 32;
541 *tsf |= tmp;
542 tmp = v1;
543 tmp <<= 16;
544 *tsf |= tmp;
545 *tsf |= v0;
546 }
547 }
548
549 static void b43_time_lock(struct b43_wldev *dev)
550 {
551 u32 macctl;
552
553 macctl = b43_read32(dev, B43_MMIO_MACCTL);
554 macctl |= B43_MACCTL_TBTTHOLD;
555 b43_write32(dev, B43_MMIO_MACCTL, macctl);
556 /* Commit the write */
557 b43_read32(dev, B43_MMIO_MACCTL);
558 }
559
560 static void b43_time_unlock(struct b43_wldev *dev)
561 {
562 u32 macctl;
563
564 macctl = b43_read32(dev, B43_MMIO_MACCTL);
565 macctl &= ~B43_MACCTL_TBTTHOLD;
566 b43_write32(dev, B43_MMIO_MACCTL, macctl);
567 /* Commit the write */
568 b43_read32(dev, B43_MMIO_MACCTL);
569 }
570
571 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
572 {
573 /* Be careful with the in-progress timer.
574 * First zero out the low register, so we have a full
575 * register-overflow duration to complete the operation.
576 */
577 if (dev->dev->id.revision >= 3) {
578 u32 lo = (tsf & 0x00000000FFFFFFFFULL);
579 u32 hi = (tsf & 0xFFFFFFFF00000000ULL) >> 32;
580
581 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, 0);
582 mmiowb();
583 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, hi);
584 mmiowb();
585 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, lo);
586 } else {
587 u16 v0 = (tsf & 0x000000000000FFFFULL);
588 u16 v1 = (tsf & 0x00000000FFFF0000ULL) >> 16;
589 u16 v2 = (tsf & 0x0000FFFF00000000ULL) >> 32;
590 u16 v3 = (tsf & 0xFFFF000000000000ULL) >> 48;
591
592 b43_write16(dev, B43_MMIO_TSF_0, 0);
593 mmiowb();
594 b43_write16(dev, B43_MMIO_TSF_3, v3);
595 mmiowb();
596 b43_write16(dev, B43_MMIO_TSF_2, v2);
597 mmiowb();
598 b43_write16(dev, B43_MMIO_TSF_1, v1);
599 mmiowb();
600 b43_write16(dev, B43_MMIO_TSF_0, v0);
601 }
602 }
603
604 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
605 {
606 b43_time_lock(dev);
607 b43_tsf_write_locked(dev, tsf);
608 b43_time_unlock(dev);
609 }
610
611 static
612 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 * mac)
613 {
614 static const u8 zero_addr[ETH_ALEN] = { 0 };
615 u16 data;
616
617 if (!mac)
618 mac = zero_addr;
619
620 offset |= 0x0020;
621 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
622
623 data = mac[0];
624 data |= mac[1] << 8;
625 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
626 data = mac[2];
627 data |= mac[3] << 8;
628 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
629 data = mac[4];
630 data |= mac[5] << 8;
631 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
632 }
633
634 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
635 {
636 const u8 *mac;
637 const u8 *bssid;
638 u8 mac_bssid[ETH_ALEN * 2];
639 int i;
640 u32 tmp;
641
642 bssid = dev->wl->bssid;
643 mac = dev->wl->mac_addr;
644
645 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
646
647 memcpy(mac_bssid, mac, ETH_ALEN);
648 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
649
650 /* Write our MAC address and BSSID to template ram */
651 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
652 tmp = (u32) (mac_bssid[i + 0]);
653 tmp |= (u32) (mac_bssid[i + 1]) << 8;
654 tmp |= (u32) (mac_bssid[i + 2]) << 16;
655 tmp |= (u32) (mac_bssid[i + 3]) << 24;
656 b43_ram_write(dev, 0x20 + i, tmp);
657 }
658 }
659
660 static void b43_upload_card_macaddress(struct b43_wldev *dev)
661 {
662 b43_write_mac_bssid_templates(dev);
663 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
664 }
665
666 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
667 {
668 /* slot_time is in usec. */
669 if (dev->phy.type != B43_PHYTYPE_G)
670 return;
671 b43_write16(dev, 0x684, 510 + slot_time);
672 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
673 }
674
675 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
676 {
677 b43_set_slot_time(dev, 9);
678 dev->short_slot = 1;
679 }
680
681 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
682 {
683 b43_set_slot_time(dev, 20);
684 dev->short_slot = 0;
685 }
686
687 /* Enable a Generic IRQ. "mask" is the mask of which IRQs to enable.
688 * Returns the _previously_ enabled IRQ mask.
689 */
690 static inline u32 b43_interrupt_enable(struct b43_wldev *dev, u32 mask)
691 {
692 u32 old_mask;
693
694 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
695 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask | mask);
696
697 return old_mask;
698 }
699
700 /* Disable a Generic IRQ. "mask" is the mask of which IRQs to disable.
701 * Returns the _previously_ enabled IRQ mask.
702 */
703 static inline u32 b43_interrupt_disable(struct b43_wldev *dev, u32 mask)
704 {
705 u32 old_mask;
706
707 old_mask = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
708 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, old_mask & ~mask);
709
710 return old_mask;
711 }
712
713 /* Synchronize IRQ top- and bottom-half.
714 * IRQs must be masked before calling this.
715 * This must not be called with the irq_lock held.
716 */
717 static void b43_synchronize_irq(struct b43_wldev *dev)
718 {
719 synchronize_irq(dev->dev->irq);
720 tasklet_kill(&dev->isr_tasklet);
721 }
722
723 /* DummyTransmission function, as documented on
724 * http://bcm-specs.sipsolutions.net/DummyTransmission
725 */
726 void b43_dummy_transmission(struct b43_wldev *dev)
727 {
728 struct b43_phy *phy = &dev->phy;
729 unsigned int i, max_loop;
730 u16 value;
731 u32 buffer[5] = {
732 0x00000000,
733 0x00D40000,
734 0x00000000,
735 0x01000000,
736 0x00000000,
737 };
738
739 switch (phy->type) {
740 case B43_PHYTYPE_A:
741 max_loop = 0x1E;
742 buffer[0] = 0x000201CC;
743 break;
744 case B43_PHYTYPE_B:
745 case B43_PHYTYPE_G:
746 max_loop = 0xFA;
747 buffer[0] = 0x000B846E;
748 break;
749 default:
750 B43_WARN_ON(1);
751 return;
752 }
753
754 for (i = 0; i < 5; i++)
755 b43_ram_write(dev, i * 4, buffer[i]);
756
757 /* Commit writes */
758 b43_read32(dev, B43_MMIO_MACCTL);
759
760 b43_write16(dev, 0x0568, 0x0000);
761 b43_write16(dev, 0x07C0, 0x0000);
762 value = ((phy->type == B43_PHYTYPE_A) ? 1 : 0);
763 b43_write16(dev, 0x050C, value);
764 b43_write16(dev, 0x0508, 0x0000);
765 b43_write16(dev, 0x050A, 0x0000);
766 b43_write16(dev, 0x054C, 0x0000);
767 b43_write16(dev, 0x056A, 0x0014);
768 b43_write16(dev, 0x0568, 0x0826);
769 b43_write16(dev, 0x0500, 0x0000);
770 b43_write16(dev, 0x0502, 0x0030);
771
772 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
773 b43_radio_write16(dev, 0x0051, 0x0017);
774 for (i = 0x00; i < max_loop; i++) {
775 value = b43_read16(dev, 0x050E);
776 if (value & 0x0080)
777 break;
778 udelay(10);
779 }
780 for (i = 0x00; i < 0x0A; i++) {
781 value = b43_read16(dev, 0x050E);
782 if (value & 0x0400)
783 break;
784 udelay(10);
785 }
786 for (i = 0x00; i < 0x0A; i++) {
787 value = b43_read16(dev, 0x0690);
788 if (!(value & 0x0100))
789 break;
790 udelay(10);
791 }
792 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
793 b43_radio_write16(dev, 0x0051, 0x0037);
794 }
795
796 static void key_write(struct b43_wldev *dev,
797 u8 index, u8 algorithm, const u8 * key)
798 {
799 unsigned int i;
800 u32 offset;
801 u16 value;
802 u16 kidx;
803
804 /* Key index/algo block */
805 kidx = b43_kidx_to_fw(dev, index);
806 value = ((kidx << 4) | algorithm);
807 b43_shm_write16(dev, B43_SHM_SHARED,
808 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
809
810 /* Write the key to the Key Table Pointer offset */
811 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
812 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
813 value = key[i];
814 value |= (u16) (key[i + 1]) << 8;
815 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
816 }
817 }
818
819 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 * addr)
820 {
821 u32 addrtmp[2] = { 0, 0, };
822 u8 per_sta_keys_start = 8;
823
824 if (b43_new_kidx_api(dev))
825 per_sta_keys_start = 4;
826
827 B43_WARN_ON(index < per_sta_keys_start);
828 /* We have two default TX keys and possibly two default RX keys.
829 * Physical mac 0 is mapped to physical key 4 or 8, depending
830 * on the firmware version.
831 * So we must adjust the index here.
832 */
833 index -= per_sta_keys_start;
834
835 if (addr) {
836 addrtmp[0] = addr[0];
837 addrtmp[0] |= ((u32) (addr[1]) << 8);
838 addrtmp[0] |= ((u32) (addr[2]) << 16);
839 addrtmp[0] |= ((u32) (addr[3]) << 24);
840 addrtmp[1] = addr[4];
841 addrtmp[1] |= ((u32) (addr[5]) << 8);
842 }
843
844 if (dev->dev->id.revision >= 5) {
845 /* Receive match transmitter address mechanism */
846 b43_shm_write32(dev, B43_SHM_RCMTA,
847 (index * 2) + 0, addrtmp[0]);
848 b43_shm_write16(dev, B43_SHM_RCMTA,
849 (index * 2) + 1, addrtmp[1]);
850 } else {
851 /* RXE (Receive Engine) and
852 * PSM (Programmable State Machine) mechanism
853 */
854 if (index < 8) {
855 /* TODO write to RCM 16, 19, 22 and 25 */
856 } else {
857 b43_shm_write32(dev, B43_SHM_SHARED,
858 B43_SHM_SH_PSM + (index * 6) + 0,
859 addrtmp[0]);
860 b43_shm_write16(dev, B43_SHM_SHARED,
861 B43_SHM_SH_PSM + (index * 6) + 4,
862 addrtmp[1]);
863 }
864 }
865 }
866
867 static void do_key_write(struct b43_wldev *dev,
868 u8 index, u8 algorithm,
869 const u8 * key, size_t key_len, const u8 * mac_addr)
870 {
871 u8 buf[B43_SEC_KEYSIZE] = { 0, };
872 u8 per_sta_keys_start = 8;
873
874 if (b43_new_kidx_api(dev))
875 per_sta_keys_start = 4;
876
877 B43_WARN_ON(index >= dev->max_nr_keys);
878 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
879
880 if (index >= per_sta_keys_start)
881 keymac_write(dev, index, NULL); /* First zero out mac. */
882 if (key)
883 memcpy(buf, key, key_len);
884 key_write(dev, index, algorithm, buf);
885 if (index >= per_sta_keys_start)
886 keymac_write(dev, index, mac_addr);
887
888 dev->key[index].algorithm = algorithm;
889 }
890
891 static int b43_key_write(struct b43_wldev *dev,
892 int index, u8 algorithm,
893 const u8 * key, size_t key_len,
894 const u8 * mac_addr,
895 struct ieee80211_key_conf *keyconf)
896 {
897 int i;
898 int sta_keys_start;
899
900 if (key_len > B43_SEC_KEYSIZE)
901 return -EINVAL;
902 for (i = 0; i < dev->max_nr_keys; i++) {
903 /* Check that we don't already have this key. */
904 B43_WARN_ON(dev->key[i].keyconf == keyconf);
905 }
906 if (index < 0) {
907 /* Either pairwise key or address is 00:00:00:00:00:00
908 * for transmit-only keys. Search the index. */
909 if (b43_new_kidx_api(dev))
910 sta_keys_start = 4;
911 else
912 sta_keys_start = 8;
913 for (i = sta_keys_start; i < dev->max_nr_keys; i++) {
914 if (!dev->key[i].keyconf) {
915 /* found empty */
916 index = i;
917 break;
918 }
919 }
920 if (index < 0) {
921 b43err(dev->wl, "Out of hardware key memory\n");
922 return -ENOSPC;
923 }
924 } else
925 B43_WARN_ON(index > 3);
926
927 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
928 if ((index <= 3) && !b43_new_kidx_api(dev)) {
929 /* Default RX key */
930 B43_WARN_ON(mac_addr);
931 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
932 }
933 keyconf->hw_key_idx = index;
934 dev->key[index].keyconf = keyconf;
935
936 return 0;
937 }
938
939 static int b43_key_clear(struct b43_wldev *dev, int index)
940 {
941 if (B43_WARN_ON((index < 0) || (index >= dev->max_nr_keys)))
942 return -EINVAL;
943 do_key_write(dev, index, B43_SEC_ALGO_NONE,
944 NULL, B43_SEC_KEYSIZE, NULL);
945 if ((index <= 3) && !b43_new_kidx_api(dev)) {
946 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
947 NULL, B43_SEC_KEYSIZE, NULL);
948 }
949 dev->key[index].keyconf = NULL;
950
951 return 0;
952 }
953
954 static void b43_clear_keys(struct b43_wldev *dev)
955 {
956 int i;
957
958 for (i = 0; i < dev->max_nr_keys; i++)
959 b43_key_clear(dev, i);
960 }
961
962 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
963 {
964 u32 macctl;
965 u16 ucstat;
966 bool hwps;
967 bool awake;
968 int i;
969
970 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
971 (ps_flags & B43_PS_DISABLED));
972 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
973
974 if (ps_flags & B43_PS_ENABLED) {
975 hwps = 1;
976 } else if (ps_flags & B43_PS_DISABLED) {
977 hwps = 0;
978 } else {
979 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
980 // and thus is not an AP and we are associated, set bit 25
981 }
982 if (ps_flags & B43_PS_AWAKE) {
983 awake = 1;
984 } else if (ps_flags & B43_PS_ASLEEP) {
985 awake = 0;
986 } else {
987 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
988 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
989 // successful, set bit26
990 }
991
992 /* FIXME: For now we force awake-on and hwps-off */
993 hwps = 0;
994 awake = 1;
995
996 macctl = b43_read32(dev, B43_MMIO_MACCTL);
997 if (hwps)
998 macctl |= B43_MACCTL_HWPS;
999 else
1000 macctl &= ~B43_MACCTL_HWPS;
1001 if (awake)
1002 macctl |= B43_MACCTL_AWAKE;
1003 else
1004 macctl &= ~B43_MACCTL_AWAKE;
1005 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1006 /* Commit write */
1007 b43_read32(dev, B43_MMIO_MACCTL);
1008 if (awake && dev->dev->id.revision >= 5) {
1009 /* Wait for the microcode to wake up. */
1010 for (i = 0; i < 100; i++) {
1011 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1012 B43_SHM_SH_UCODESTAT);
1013 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1014 break;
1015 udelay(10);
1016 }
1017 }
1018 }
1019
1020 /* Turn the Analog ON/OFF */
1021 static void b43_switch_analog(struct b43_wldev *dev, int on)
1022 {
1023 switch (dev->phy.type) {
1024 case B43_PHYTYPE_A:
1025 case B43_PHYTYPE_G:
1026 b43_write16(dev, B43_MMIO_PHY0, on ? 0 : 0xF4);
1027 break;
1028 case B43_PHYTYPE_N:
1029 b43_phy_write(dev, B43_NPHY_AFECTL_OVER,
1030 on ? 0 : 0x7FFF);
1031 break;
1032 default:
1033 B43_WARN_ON(1);
1034 }
1035 }
1036
1037 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1038 {
1039 u32 tmslow;
1040 u32 macctl;
1041
1042 flags |= B43_TMSLOW_PHYCLKEN;
1043 flags |= B43_TMSLOW_PHYRESET;
1044 ssb_device_enable(dev->dev, flags);
1045 msleep(2); /* Wait for the PLL to turn on. */
1046
1047 /* Now take the PHY out of Reset again */
1048 tmslow = ssb_read32(dev->dev, SSB_TMSLOW);
1049 tmslow |= SSB_TMSLOW_FGC;
1050 tmslow &= ~B43_TMSLOW_PHYRESET;
1051 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1052 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1053 msleep(1);
1054 tmslow &= ~SSB_TMSLOW_FGC;
1055 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1056 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1057 msleep(1);
1058
1059 /* Turn Analog ON */
1060 b43_switch_analog(dev, 1);
1061
1062 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1063 macctl &= ~B43_MACCTL_GMODE;
1064 if (flags & B43_TMSLOW_GMODE)
1065 macctl |= B43_MACCTL_GMODE;
1066 macctl |= B43_MACCTL_IHR_ENABLED;
1067 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1068 }
1069
1070 static void handle_irq_transmit_status(struct b43_wldev *dev)
1071 {
1072 u32 v0, v1;
1073 u16 tmp;
1074 struct b43_txstatus stat;
1075
1076 while (1) {
1077 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1078 if (!(v0 & 0x00000001))
1079 break;
1080 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1081
1082 stat.cookie = (v0 >> 16);
1083 stat.seq = (v1 & 0x0000FFFF);
1084 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1085 tmp = (v0 & 0x0000FFFF);
1086 stat.frame_count = ((tmp & 0xF000) >> 12);
1087 stat.rts_count = ((tmp & 0x0F00) >> 8);
1088 stat.supp_reason = ((tmp & 0x001C) >> 2);
1089 stat.pm_indicated = !!(tmp & 0x0080);
1090 stat.intermediate = !!(tmp & 0x0040);
1091 stat.for_ampdu = !!(tmp & 0x0020);
1092 stat.acked = !!(tmp & 0x0002);
1093
1094 b43_handle_txstatus(dev, &stat);
1095 }
1096 }
1097
1098 static void drain_txstatus_queue(struct b43_wldev *dev)
1099 {
1100 u32 dummy;
1101
1102 if (dev->dev->id.revision < 5)
1103 return;
1104 /* Read all entries from the microcode TXstatus FIFO
1105 * and throw them away.
1106 */
1107 while (1) {
1108 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1109 if (!(dummy & 0x00000001))
1110 break;
1111 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1112 }
1113 }
1114
1115 static u32 b43_jssi_read(struct b43_wldev *dev)
1116 {
1117 u32 val = 0;
1118
1119 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1120 val <<= 16;
1121 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1122
1123 return val;
1124 }
1125
1126 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1127 {
1128 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1129 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1130 }
1131
1132 static void b43_generate_noise_sample(struct b43_wldev *dev)
1133 {
1134 b43_jssi_write(dev, 0x7F7F7F7F);
1135 b43_write32(dev, B43_MMIO_MACCMD,
1136 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1137 B43_WARN_ON(dev->noisecalc.channel_at_start != dev->phy.channel);
1138 }
1139
1140 static void b43_calculate_link_quality(struct b43_wldev *dev)
1141 {
1142 /* Top half of Link Quality calculation. */
1143
1144 if (dev->noisecalc.calculation_running)
1145 return;
1146 dev->noisecalc.channel_at_start = dev->phy.channel;
1147 dev->noisecalc.calculation_running = 1;
1148 dev->noisecalc.nr_samples = 0;
1149
1150 b43_generate_noise_sample(dev);
1151 }
1152
1153 static void handle_irq_noise(struct b43_wldev *dev)
1154 {
1155 struct b43_phy *phy = &dev->phy;
1156 u16 tmp;
1157 u8 noise[4];
1158 u8 i, j;
1159 s32 average;
1160
1161 /* Bottom half of Link Quality calculation. */
1162
1163 B43_WARN_ON(!dev->noisecalc.calculation_running);
1164 if (dev->noisecalc.channel_at_start != phy->channel)
1165 goto drop_calculation;
1166 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1167 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1168 noise[2] == 0x7F || noise[3] == 0x7F)
1169 goto generate_new;
1170
1171 /* Get the noise samples. */
1172 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1173 i = dev->noisecalc.nr_samples;
1174 noise[0] = limit_value(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1175 noise[1] = limit_value(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1176 noise[2] = limit_value(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1177 noise[3] = limit_value(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1178 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1179 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1180 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1181 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1182 dev->noisecalc.nr_samples++;
1183 if (dev->noisecalc.nr_samples == 8) {
1184 /* Calculate the Link Quality by the noise samples. */
1185 average = 0;
1186 for (i = 0; i < 8; i++) {
1187 for (j = 0; j < 4; j++)
1188 average += dev->noisecalc.samples[i][j];
1189 }
1190 average /= (8 * 4);
1191 average *= 125;
1192 average += 64;
1193 average /= 128;
1194 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1195 tmp = (tmp / 128) & 0x1F;
1196 if (tmp >= 8)
1197 average += 2;
1198 else
1199 average -= 25;
1200 if (tmp == 8)
1201 average -= 72;
1202 else
1203 average -= 48;
1204
1205 dev->stats.link_noise = average;
1206 drop_calculation:
1207 dev->noisecalc.calculation_running = 0;
1208 return;
1209 }
1210 generate_new:
1211 b43_generate_noise_sample(dev);
1212 }
1213
1214 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1215 {
1216 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_AP)) {
1217 ///TODO: PS TBTT
1218 } else {
1219 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1220 b43_power_saving_ctl_bits(dev, 0);
1221 }
1222 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS))
1223 dev->dfq_valid = 1;
1224 }
1225
1226 static void handle_irq_atim_end(struct b43_wldev *dev)
1227 {
1228 if (dev->dfq_valid) {
1229 b43_write32(dev, B43_MMIO_MACCMD,
1230 b43_read32(dev, B43_MMIO_MACCMD)
1231 | B43_MACCMD_DFQ_VALID);
1232 dev->dfq_valid = 0;
1233 }
1234 }
1235
1236 static void handle_irq_pmq(struct b43_wldev *dev)
1237 {
1238 u32 tmp;
1239
1240 //TODO: AP mode.
1241
1242 while (1) {
1243 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1244 if (!(tmp & 0x00000008))
1245 break;
1246 }
1247 /* 16bit write is odd, but correct. */
1248 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1249 }
1250
1251 static void b43_write_template_common(struct b43_wldev *dev,
1252 const u8 * data, u16 size,
1253 u16 ram_offset,
1254 u16 shm_size_offset, u8 rate)
1255 {
1256 u32 i, tmp;
1257 struct b43_plcp_hdr4 plcp;
1258
1259 plcp.data = 0;
1260 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1261 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1262 ram_offset += sizeof(u32);
1263 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1264 * So leave the first two bytes of the next write blank.
1265 */
1266 tmp = (u32) (data[0]) << 16;
1267 tmp |= (u32) (data[1]) << 24;
1268 b43_ram_write(dev, ram_offset, tmp);
1269 ram_offset += sizeof(u32);
1270 for (i = 2; i < size; i += sizeof(u32)) {
1271 tmp = (u32) (data[i + 0]);
1272 if (i + 1 < size)
1273 tmp |= (u32) (data[i + 1]) << 8;
1274 if (i + 2 < size)
1275 tmp |= (u32) (data[i + 2]) << 16;
1276 if (i + 3 < size)
1277 tmp |= (u32) (data[i + 3]) << 24;
1278 b43_ram_write(dev, ram_offset + i - 2, tmp);
1279 }
1280 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1281 size + sizeof(struct b43_plcp_hdr6));
1282 }
1283
1284 /* Check if the use of the antenna that ieee80211 told us to
1285 * use is possible. This will fall back to DEFAULT.
1286 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1287 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1288 u8 antenna_nr)
1289 {
1290 u8 antenna_mask;
1291
1292 if (antenna_nr == 0) {
1293 /* Zero means "use default antenna". That's always OK. */
1294 return 0;
1295 }
1296
1297 /* Get the mask of available antennas. */
1298 if (dev->phy.gmode)
1299 antenna_mask = dev->dev->bus->sprom.ant_available_bg;
1300 else
1301 antenna_mask = dev->dev->bus->sprom.ant_available_a;
1302
1303 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1304 /* This antenna is not available. Fall back to default. */
1305 return 0;
1306 }
1307
1308 return antenna_nr;
1309 }
1310
1311 static int b43_antenna_from_ieee80211(struct b43_wldev *dev, u8 antenna)
1312 {
1313 antenna = b43_ieee80211_antenna_sanitize(dev, antenna);
1314 switch (antenna) {
1315 case 0: /* default/diversity */
1316 return B43_ANTENNA_DEFAULT;
1317 case 1: /* Antenna 0 */
1318 return B43_ANTENNA0;
1319 case 2: /* Antenna 1 */
1320 return B43_ANTENNA1;
1321 case 3: /* Antenna 2 */
1322 return B43_ANTENNA2;
1323 case 4: /* Antenna 3 */
1324 return B43_ANTENNA3;
1325 default:
1326 return B43_ANTENNA_DEFAULT;
1327 }
1328 }
1329
1330 /* Convert a b43 antenna number value to the PHY TX control value. */
1331 static u16 b43_antenna_to_phyctl(int antenna)
1332 {
1333 switch (antenna) {
1334 case B43_ANTENNA0:
1335 return B43_TXH_PHY_ANT0;
1336 case B43_ANTENNA1:
1337 return B43_TXH_PHY_ANT1;
1338 case B43_ANTENNA2:
1339 return B43_TXH_PHY_ANT2;
1340 case B43_ANTENNA3:
1341 return B43_TXH_PHY_ANT3;
1342 case B43_ANTENNA_AUTO:
1343 return B43_TXH_PHY_ANT01AUTO;
1344 }
1345 B43_WARN_ON(1);
1346 return 0;
1347 }
1348
1349 static void b43_write_beacon_template(struct b43_wldev *dev,
1350 u16 ram_offset,
1351 u16 shm_size_offset)
1352 {
1353 unsigned int i, len, variable_len;
1354 const struct ieee80211_mgmt *bcn;
1355 const u8 *ie;
1356 bool tim_found = 0;
1357 unsigned int rate;
1358 u16 ctl;
1359 int antenna;
1360
1361 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1362 len = min((size_t) dev->wl->current_beacon->len,
1363 0x200 - sizeof(struct b43_plcp_hdr6));
1364 rate = dev->wl->beacon_txctl.tx_rate->hw_value;
1365
1366 b43_write_template_common(dev, (const u8 *)bcn,
1367 len, ram_offset, shm_size_offset, rate);
1368
1369 /* Write the PHY TX control parameters. */
1370 antenna = b43_antenna_from_ieee80211(dev,
1371 dev->wl->beacon_txctl.antenna_sel_tx);
1372 antenna = b43_antenna_to_phyctl(antenna);
1373 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1374 /* We can't send beacons with short preamble. Would get PHY errors. */
1375 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1376 ctl &= ~B43_TXH_PHY_ANT;
1377 ctl &= ~B43_TXH_PHY_ENC;
1378 ctl |= antenna;
1379 if (b43_is_cck_rate(rate))
1380 ctl |= B43_TXH_PHY_ENC_CCK;
1381 else
1382 ctl |= B43_TXH_PHY_ENC_OFDM;
1383 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1384
1385 /* Find the position of the TIM and the DTIM_period value
1386 * and write them to SHM. */
1387 ie = bcn->u.beacon.variable;
1388 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1389 for (i = 0; i < variable_len - 2; ) {
1390 uint8_t ie_id, ie_len;
1391
1392 ie_id = ie[i];
1393 ie_len = ie[i + 1];
1394 if (ie_id == 5) {
1395 u16 tim_position;
1396 u16 dtim_period;
1397 /* This is the TIM Information Element */
1398
1399 /* Check whether the ie_len is in the beacon data range. */
1400 if (variable_len < ie_len + 2 + i)
1401 break;
1402 /* A valid TIM is at least 4 bytes long. */
1403 if (ie_len < 4)
1404 break;
1405 tim_found = 1;
1406
1407 tim_position = sizeof(struct b43_plcp_hdr6);
1408 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1409 tim_position += i;
1410
1411 dtim_period = ie[i + 3];
1412
1413 b43_shm_write16(dev, B43_SHM_SHARED,
1414 B43_SHM_SH_TIMBPOS, tim_position);
1415 b43_shm_write16(dev, B43_SHM_SHARED,
1416 B43_SHM_SH_DTIMPER, dtim_period);
1417 break;
1418 }
1419 i += ie_len + 2;
1420 }
1421 if (!tim_found) {
1422 b43warn(dev->wl, "Did not find a valid TIM IE in "
1423 "the beacon template packet. AP or IBSS operation "
1424 "may be broken.\n");
1425 } else
1426 b43dbg(dev->wl, "Updated beacon template\n");
1427 }
1428
1429 static void b43_write_probe_resp_plcp(struct b43_wldev *dev,
1430 u16 shm_offset, u16 size,
1431 struct ieee80211_rate *rate)
1432 {
1433 struct b43_plcp_hdr4 plcp;
1434 u32 tmp;
1435 __le16 dur;
1436
1437 plcp.data = 0;
1438 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate->hw_value);
1439 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1440 dev->wl->vif, size,
1441 rate);
1442 /* Write PLCP in two parts and timing for packet transfer */
1443 tmp = le32_to_cpu(plcp.data);
1444 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset, tmp & 0xFFFF);
1445 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 2, tmp >> 16);
1446 b43_shm_write16(dev, B43_SHM_SHARED, shm_offset + 6, le16_to_cpu(dur));
1447 }
1448
1449 /* Instead of using custom probe response template, this function
1450 * just patches custom beacon template by:
1451 * 1) Changing packet type
1452 * 2) Patching duration field
1453 * 3) Stripping TIM
1454 */
1455 static const u8 * b43_generate_probe_resp(struct b43_wldev *dev,
1456 u16 *dest_size,
1457 struct ieee80211_rate *rate)
1458 {
1459 const u8 *src_data;
1460 u8 *dest_data;
1461 u16 src_size, elem_size, src_pos, dest_pos;
1462 __le16 dur;
1463 struct ieee80211_hdr *hdr;
1464 size_t ie_start;
1465
1466 src_size = dev->wl->current_beacon->len;
1467 src_data = (const u8 *)dev->wl->current_beacon->data;
1468
1469 /* Get the start offset of the variable IEs in the packet. */
1470 ie_start = offsetof(struct ieee80211_mgmt, u.probe_resp.variable);
1471 B43_WARN_ON(ie_start != offsetof(struct ieee80211_mgmt, u.beacon.variable));
1472
1473 if (B43_WARN_ON(src_size < ie_start))
1474 return NULL;
1475
1476 dest_data = kmalloc(src_size, GFP_ATOMIC);
1477 if (unlikely(!dest_data))
1478 return NULL;
1479
1480 /* Copy the static data and all Information Elements, except the TIM. */
1481 memcpy(dest_data, src_data, ie_start);
1482 src_pos = ie_start;
1483 dest_pos = ie_start;
1484 for ( ; src_pos < src_size - 2; src_pos += elem_size) {
1485 elem_size = src_data[src_pos + 1] + 2;
1486 if (src_data[src_pos] == 5) {
1487 /* This is the TIM. */
1488 continue;
1489 }
1490 memcpy(dest_data + dest_pos, src_data + src_pos,
1491 elem_size);
1492 dest_pos += elem_size;
1493 }
1494 *dest_size = dest_pos;
1495 hdr = (struct ieee80211_hdr *)dest_data;
1496
1497 /* Set the frame control. */
1498 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_MGMT |
1499 IEEE80211_STYPE_PROBE_RESP);
1500 dur = ieee80211_generic_frame_duration(dev->wl->hw,
1501 dev->wl->vif, *dest_size,
1502 rate);
1503 hdr->duration_id = dur;
1504
1505 return dest_data;
1506 }
1507
1508 static void b43_write_probe_resp_template(struct b43_wldev *dev,
1509 u16 ram_offset,
1510 u16 shm_size_offset,
1511 struct ieee80211_rate *rate)
1512 {
1513 const u8 *probe_resp_data;
1514 u16 size;
1515
1516 size = dev->wl->current_beacon->len;
1517 probe_resp_data = b43_generate_probe_resp(dev, &size, rate);
1518 if (unlikely(!probe_resp_data))
1519 return;
1520
1521 /* Looks like PLCP headers plus packet timings are stored for
1522 * all possible basic rates
1523 */
1524 b43_write_probe_resp_plcp(dev, 0x31A, size, &b43_b_ratetable[0]);
1525 b43_write_probe_resp_plcp(dev, 0x32C, size, &b43_b_ratetable[1]);
1526 b43_write_probe_resp_plcp(dev, 0x33E, size, &b43_b_ratetable[2]);
1527 b43_write_probe_resp_plcp(dev, 0x350, size, &b43_b_ratetable[3]);
1528
1529 size = min((size_t) size, 0x200 - sizeof(struct b43_plcp_hdr6));
1530 b43_write_template_common(dev, probe_resp_data,
1531 size, ram_offset, shm_size_offset,
1532 rate->hw_value);
1533 kfree(probe_resp_data);
1534 }
1535
1536 static void handle_irq_beacon(struct b43_wldev *dev)
1537 {
1538 struct b43_wl *wl = dev->wl;
1539 u32 cmd, beacon0_valid, beacon1_valid;
1540
1541 if (!b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
1542 return;
1543
1544 /* This is the bottom half of the asynchronous beacon update. */
1545
1546 /* Ignore interrupt in the future. */
1547 dev->irq_savedstate &= ~B43_IRQ_BEACON;
1548
1549 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1550 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1551 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1552
1553 /* Schedule interrupt manually, if busy. */
1554 if (beacon0_valid && beacon1_valid) {
1555 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1556 dev->irq_savedstate |= B43_IRQ_BEACON;
1557 return;
1558 }
1559
1560 if (!beacon0_valid) {
1561 if (!wl->beacon0_uploaded) {
1562 b43_write_beacon_template(dev, 0x68, 0x18);
1563 b43_write_probe_resp_template(dev, 0x268, 0x4A,
1564 &__b43_ratetable[3]);
1565 wl->beacon0_uploaded = 1;
1566 }
1567 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1568 cmd |= B43_MACCMD_BEACON0_VALID;
1569 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1570 } else if (!beacon1_valid) {
1571 if (!wl->beacon1_uploaded) {
1572 b43_write_beacon_template(dev, 0x468, 0x1A);
1573 wl->beacon1_uploaded = 1;
1574 }
1575 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1576 cmd |= B43_MACCMD_BEACON1_VALID;
1577 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1578 }
1579 }
1580
1581 static void b43_beacon_update_trigger_work(struct work_struct *work)
1582 {
1583 struct b43_wl *wl = container_of(work, struct b43_wl,
1584 beacon_update_trigger);
1585 struct b43_wldev *dev;
1586
1587 mutex_lock(&wl->mutex);
1588 dev = wl->current_dev;
1589 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1590 spin_lock_irq(&wl->irq_lock);
1591 /* update beacon right away or defer to irq */
1592 dev->irq_savedstate = b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1593 handle_irq_beacon(dev);
1594 /* The handler might have updated the IRQ mask. */
1595 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK,
1596 dev->irq_savedstate);
1597 mmiowb();
1598 spin_unlock_irq(&wl->irq_lock);
1599 }
1600 mutex_unlock(&wl->mutex);
1601 }
1602
1603 /* Asynchronously update the packet templates in template RAM.
1604 * Locking: Requires wl->irq_lock to be locked. */
1605 static void b43_update_templates(struct b43_wl *wl, struct sk_buff *beacon,
1606 const struct ieee80211_tx_control *txctl)
1607 {
1608 /* This is the top half of the ansynchronous beacon update.
1609 * The bottom half is the beacon IRQ.
1610 * Beacon update must be asynchronous to avoid sending an
1611 * invalid beacon. This can happen for example, if the firmware
1612 * transmits a beacon while we are updating it. */
1613
1614 if (wl->current_beacon)
1615 dev_kfree_skb_any(wl->current_beacon);
1616 wl->current_beacon = beacon;
1617 memcpy(&wl->beacon_txctl, txctl, sizeof(wl->beacon_txctl));
1618 wl->beacon0_uploaded = 0;
1619 wl->beacon1_uploaded = 0;
1620 queue_work(wl->hw->workqueue, &wl->beacon_update_trigger);
1621 }
1622
1623 static void b43_set_ssid(struct b43_wldev *dev, const u8 * ssid, u8 ssid_len)
1624 {
1625 u32 tmp;
1626 u16 i, len;
1627
1628 len = min((u16) ssid_len, (u16) 0x100);
1629 for (i = 0; i < len; i += sizeof(u32)) {
1630 tmp = (u32) (ssid[i + 0]);
1631 if (i + 1 < len)
1632 tmp |= (u32) (ssid[i + 1]) << 8;
1633 if (i + 2 < len)
1634 tmp |= (u32) (ssid[i + 2]) << 16;
1635 if (i + 3 < len)
1636 tmp |= (u32) (ssid[i + 3]) << 24;
1637 b43_shm_write32(dev, B43_SHM_SHARED, 0x380 + i, tmp);
1638 }
1639 b43_shm_write16(dev, B43_SHM_SHARED, 0x48, len);
1640 }
1641
1642 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1643 {
1644 b43_time_lock(dev);
1645 if (dev->dev->id.revision >= 3) {
1646 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1647 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1648 } else {
1649 b43_write16(dev, 0x606, (beacon_int >> 6));
1650 b43_write16(dev, 0x610, beacon_int);
1651 }
1652 b43_time_unlock(dev);
1653 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1654 }
1655
1656 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1657 {
1658 //TODO
1659 }
1660
1661 /* Interrupt handler bottom-half */
1662 static void b43_interrupt_tasklet(struct b43_wldev *dev)
1663 {
1664 u32 reason;
1665 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1666 u32 merged_dma_reason = 0;
1667 int i;
1668 unsigned long flags;
1669
1670 spin_lock_irqsave(&dev->wl->irq_lock, flags);
1671
1672 B43_WARN_ON(b43_status(dev) != B43_STAT_STARTED);
1673
1674 reason = dev->irq_reason;
1675 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1676 dma_reason[i] = dev->dma_reason[i];
1677 merged_dma_reason |= dma_reason[i];
1678 }
1679
1680 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1681 b43err(dev->wl, "MAC transmission error\n");
1682
1683 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1684 b43err(dev->wl, "PHY transmission error\n");
1685 rmb();
1686 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1687 atomic_set(&dev->phy.txerr_cnt,
1688 B43_PHY_TX_BADNESS_LIMIT);
1689 b43err(dev->wl, "Too many PHY TX errors, "
1690 "restarting the controller\n");
1691 b43_controller_restart(dev, "PHY TX errors");
1692 }
1693 }
1694
1695 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1696 B43_DMAIRQ_NONFATALMASK))) {
1697 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1698 b43err(dev->wl, "Fatal DMA error: "
1699 "0x%08X, 0x%08X, 0x%08X, "
1700 "0x%08X, 0x%08X, 0x%08X\n",
1701 dma_reason[0], dma_reason[1],
1702 dma_reason[2], dma_reason[3],
1703 dma_reason[4], dma_reason[5]);
1704 b43_controller_restart(dev, "DMA error");
1705 mmiowb();
1706 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1707 return;
1708 }
1709 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1710 b43err(dev->wl, "DMA error: "
1711 "0x%08X, 0x%08X, 0x%08X, "
1712 "0x%08X, 0x%08X, 0x%08X\n",
1713 dma_reason[0], dma_reason[1],
1714 dma_reason[2], dma_reason[3],
1715 dma_reason[4], dma_reason[5]);
1716 }
1717 }
1718
1719 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1720 handle_irq_ucode_debug(dev);
1721 if (reason & B43_IRQ_TBTT_INDI)
1722 handle_irq_tbtt_indication(dev);
1723 if (reason & B43_IRQ_ATIM_END)
1724 handle_irq_atim_end(dev);
1725 if (reason & B43_IRQ_BEACON)
1726 handle_irq_beacon(dev);
1727 if (reason & B43_IRQ_PMQ)
1728 handle_irq_pmq(dev);
1729 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1730 ;/* TODO */
1731 if (reason & B43_IRQ_NOISESAMPLE_OK)
1732 handle_irq_noise(dev);
1733
1734 /* Check the DMA reason registers for received data. */
1735 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1736 if (b43_using_pio_transfers(dev))
1737 b43_pio_rx(dev->pio.rx_queue);
1738 else
1739 b43_dma_rx(dev->dma.rx_ring);
1740 }
1741 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1742 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1743 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1744 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1745 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1746
1747 if (reason & B43_IRQ_TX_OK)
1748 handle_irq_transmit_status(dev);
1749
1750 b43_interrupt_enable(dev, dev->irq_savedstate);
1751 mmiowb();
1752 spin_unlock_irqrestore(&dev->wl->irq_lock, flags);
1753 }
1754
1755 static void b43_interrupt_ack(struct b43_wldev *dev, u32 reason)
1756 {
1757 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1758
1759 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1760 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1761 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1762 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1763 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1764 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1765 }
1766
1767 /* Interrupt handler top-half */
1768 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1769 {
1770 irqreturn_t ret = IRQ_NONE;
1771 struct b43_wldev *dev = dev_id;
1772 u32 reason;
1773
1774 if (!dev)
1775 return IRQ_NONE;
1776
1777 spin_lock(&dev->wl->irq_lock);
1778
1779 if (b43_status(dev) < B43_STAT_STARTED)
1780 goto out;
1781 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1782 if (reason == 0xffffffff) /* shared IRQ */
1783 goto out;
1784 ret = IRQ_HANDLED;
1785 reason &= b43_read32(dev, B43_MMIO_GEN_IRQ_MASK);
1786 if (!reason)
1787 goto out;
1788
1789 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1790 & 0x0001DC00;
1791 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1792 & 0x0000DC00;
1793 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1794 & 0x0000DC00;
1795 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1796 & 0x0001DC00;
1797 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1798 & 0x0000DC00;
1799 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1800 & 0x0000DC00;
1801
1802 b43_interrupt_ack(dev, reason);
1803 /* disable all IRQs. They are enabled again in the bottom half. */
1804 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
1805 /* save the reason code and call our bottom half. */
1806 dev->irq_reason = reason;
1807 tasklet_schedule(&dev->isr_tasklet);
1808 out:
1809 mmiowb();
1810 spin_unlock(&dev->wl->irq_lock);
1811
1812 return ret;
1813 }
1814
1815 static void do_release_fw(struct b43_firmware_file *fw)
1816 {
1817 release_firmware(fw->data);
1818 fw->data = NULL;
1819 fw->filename = NULL;
1820 }
1821
1822 static void b43_release_firmware(struct b43_wldev *dev)
1823 {
1824 do_release_fw(&dev->fw.ucode);
1825 do_release_fw(&dev->fw.pcm);
1826 do_release_fw(&dev->fw.initvals);
1827 do_release_fw(&dev->fw.initvals_band);
1828 }
1829
1830 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
1831 {
1832 const char *text;
1833
1834 text = "You must go to "
1835 "http://linuxwireless.org/en/users/Drivers/b43#devicefirmware "
1836 "and download the latest firmware (version 4).\n";
1837 if (error)
1838 b43err(wl, text);
1839 else
1840 b43warn(wl, text);
1841 }
1842
1843 static int do_request_fw(struct b43_wldev *dev,
1844 const char *name,
1845 struct b43_firmware_file *fw)
1846 {
1847 char path[sizeof(modparam_fwpostfix) + 32];
1848 const struct firmware *blob;
1849 struct b43_fw_header *hdr;
1850 u32 size;
1851 int err;
1852
1853 if (!name) {
1854 /* Don't fetch anything. Free possibly cached firmware. */
1855 do_release_fw(fw);
1856 return 0;
1857 }
1858 if (fw->filename) {
1859 if (strcmp(fw->filename, name) == 0)
1860 return 0; /* Already have this fw. */
1861 /* Free the cached firmware first. */
1862 do_release_fw(fw);
1863 }
1864
1865 snprintf(path, ARRAY_SIZE(path),
1866 "b43%s/%s.fw",
1867 modparam_fwpostfix, name);
1868 err = request_firmware(&blob, path, dev->dev->dev);
1869 if (err) {
1870 b43err(dev->wl, "Firmware file \"%s\" not found "
1871 "or load failed.\n", path);
1872 return err;
1873 }
1874 if (blob->size < sizeof(struct b43_fw_header))
1875 goto err_format;
1876 hdr = (struct b43_fw_header *)(blob->data);
1877 switch (hdr->type) {
1878 case B43_FW_TYPE_UCODE:
1879 case B43_FW_TYPE_PCM:
1880 size = be32_to_cpu(hdr->size);
1881 if (size != blob->size - sizeof(struct b43_fw_header))
1882 goto err_format;
1883 /* fallthrough */
1884 case B43_FW_TYPE_IV:
1885 if (hdr->ver != 1)
1886 goto err_format;
1887 break;
1888 default:
1889 goto err_format;
1890 }
1891
1892 fw->data = blob;
1893 fw->filename = name;
1894
1895 return 0;
1896
1897 err_format:
1898 b43err(dev->wl, "Firmware file \"%s\" format error.\n", path);
1899 release_firmware(blob);
1900
1901 return -EPROTO;
1902 }
1903
1904 static int b43_request_firmware(struct b43_wldev *dev)
1905 {
1906 struct b43_firmware *fw = &dev->fw;
1907 const u8 rev = dev->dev->id.revision;
1908 const char *filename;
1909 u32 tmshigh;
1910 int err;
1911
1912 /* Get microcode */
1913 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
1914 if ((rev >= 5) && (rev <= 10))
1915 filename = "ucode5";
1916 else if ((rev >= 11) && (rev <= 12))
1917 filename = "ucode11";
1918 else if (rev >= 13)
1919 filename = "ucode13";
1920 else
1921 goto err_no_ucode;
1922 err = do_request_fw(dev, filename, &fw->ucode);
1923 if (err)
1924 goto err_load;
1925
1926 /* Get PCM code */
1927 if ((rev >= 5) && (rev <= 10))
1928 filename = "pcm5";
1929 else if (rev >= 11)
1930 filename = NULL;
1931 else
1932 goto err_no_pcm;
1933 err = do_request_fw(dev, filename, &fw->pcm);
1934 if (err)
1935 goto err_load;
1936
1937 /* Get initvals */
1938 switch (dev->phy.type) {
1939 case B43_PHYTYPE_A:
1940 if ((rev >= 5) && (rev <= 10)) {
1941 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
1942 filename = "a0g1initvals5";
1943 else
1944 filename = "a0g0initvals5";
1945 } else
1946 goto err_no_initvals;
1947 break;
1948 case B43_PHYTYPE_G:
1949 if ((rev >= 5) && (rev <= 10))
1950 filename = "b0g0initvals5";
1951 else if (rev >= 13)
1952 filename = "lp0initvals13";
1953 else
1954 goto err_no_initvals;
1955 break;
1956 case B43_PHYTYPE_N:
1957 if ((rev >= 11) && (rev <= 12))
1958 filename = "n0initvals11";
1959 else
1960 goto err_no_initvals;
1961 break;
1962 default:
1963 goto err_no_initvals;
1964 }
1965 err = do_request_fw(dev, filename, &fw->initvals);
1966 if (err)
1967 goto err_load;
1968
1969 /* Get bandswitch initvals */
1970 switch (dev->phy.type) {
1971 case B43_PHYTYPE_A:
1972 if ((rev >= 5) && (rev <= 10)) {
1973 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
1974 filename = "a0g1bsinitvals5";
1975 else
1976 filename = "a0g0bsinitvals5";
1977 } else if (rev >= 11)
1978 filename = NULL;
1979 else
1980 goto err_no_initvals;
1981 break;
1982 case B43_PHYTYPE_G:
1983 if ((rev >= 5) && (rev <= 10))
1984 filename = "b0g0bsinitvals5";
1985 else if (rev >= 11)
1986 filename = NULL;
1987 else
1988 goto err_no_initvals;
1989 break;
1990 case B43_PHYTYPE_N:
1991 if ((rev >= 11) && (rev <= 12))
1992 filename = "n0bsinitvals11";
1993 else
1994 goto err_no_initvals;
1995 break;
1996 default:
1997 goto err_no_initvals;
1998 }
1999 err = do_request_fw(dev, filename, &fw->initvals_band);
2000 if (err)
2001 goto err_load;
2002
2003 return 0;
2004
2005 err_load:
2006 b43_print_fw_helptext(dev->wl, 1);
2007 goto error;
2008
2009 err_no_ucode:
2010 err = -ENODEV;
2011 b43err(dev->wl, "No microcode available for core rev %u\n", rev);
2012 goto error;
2013
2014 err_no_pcm:
2015 err = -ENODEV;
2016 b43err(dev->wl, "No PCM available for core rev %u\n", rev);
2017 goto error;
2018
2019 err_no_initvals:
2020 err = -ENODEV;
2021 b43err(dev->wl, "No Initial Values firmware file for PHY %u, "
2022 "core rev %u\n", dev->phy.type, rev);
2023 goto error;
2024
2025 error:
2026 b43_release_firmware(dev);
2027 return err;
2028 }
2029
2030 static int b43_upload_microcode(struct b43_wldev *dev)
2031 {
2032 const size_t hdr_len = sizeof(struct b43_fw_header);
2033 const __be32 *data;
2034 unsigned int i, len;
2035 u16 fwrev, fwpatch, fwdate, fwtime;
2036 u32 tmp, macctl;
2037 int err = 0;
2038
2039 /* Jump the microcode PSM to offset 0 */
2040 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2041 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2042 macctl |= B43_MACCTL_PSM_JMP0;
2043 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2044 /* Zero out all microcode PSM registers and shared memory. */
2045 for (i = 0; i < 64; i++)
2046 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2047 for (i = 0; i < 4096; i += 2)
2048 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2049
2050 /* Upload Microcode. */
2051 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2052 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2053 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2054 for (i = 0; i < len; i++) {
2055 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2056 udelay(10);
2057 }
2058
2059 if (dev->fw.pcm.data) {
2060 /* Upload PCM data. */
2061 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2062 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2063 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2064 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2065 /* No need for autoinc bit in SHM_HW */
2066 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2067 for (i = 0; i < len; i++) {
2068 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2069 udelay(10);
2070 }
2071 }
2072
2073 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2074
2075 /* Start the microcode PSM */
2076 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2077 macctl &= ~B43_MACCTL_PSM_JMP0;
2078 macctl |= B43_MACCTL_PSM_RUN;
2079 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2080
2081 /* Wait for the microcode to load and respond */
2082 i = 0;
2083 while (1) {
2084 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2085 if (tmp == B43_IRQ_MAC_SUSPENDED)
2086 break;
2087 i++;
2088 if (i >= 20) {
2089 b43err(dev->wl, "Microcode not responding\n");
2090 b43_print_fw_helptext(dev->wl, 1);
2091 err = -ENODEV;
2092 goto error;
2093 }
2094 msleep_interruptible(50);
2095 if (signal_pending(current)) {
2096 err = -EINTR;
2097 goto error;
2098 }
2099 }
2100 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2101
2102 /* Get and check the revisions. */
2103 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2104 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2105 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2106 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2107
2108 if (fwrev <= 0x128) {
2109 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2110 "binary drivers older than version 4.x is unsupported. "
2111 "You must upgrade your firmware files.\n");
2112 b43_print_fw_helptext(dev->wl, 1);
2113 err = -EOPNOTSUPP;
2114 goto error;
2115 }
2116 b43info(dev->wl, "Loading firmware version %u.%u "
2117 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2118 fwrev, fwpatch,
2119 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2120 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2121
2122 dev->fw.rev = fwrev;
2123 dev->fw.patch = fwpatch;
2124
2125 if (b43_is_old_txhdr_format(dev)) {
2126 b43warn(dev->wl, "You are using an old firmware image. "
2127 "Support for old firmware will be removed in July 2008.\n");
2128 b43_print_fw_helptext(dev->wl, 0);
2129 }
2130
2131 return 0;
2132
2133 error:
2134 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2135 macctl &= ~B43_MACCTL_PSM_RUN;
2136 macctl |= B43_MACCTL_PSM_JMP0;
2137 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2138
2139 return err;
2140 }
2141
2142 static int b43_write_initvals(struct b43_wldev *dev,
2143 const struct b43_iv *ivals,
2144 size_t count,
2145 size_t array_size)
2146 {
2147 const struct b43_iv *iv;
2148 u16 offset;
2149 size_t i;
2150 bool bit32;
2151
2152 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2153 iv = ivals;
2154 for (i = 0; i < count; i++) {
2155 if (array_size < sizeof(iv->offset_size))
2156 goto err_format;
2157 array_size -= sizeof(iv->offset_size);
2158 offset = be16_to_cpu(iv->offset_size);
2159 bit32 = !!(offset & B43_IV_32BIT);
2160 offset &= B43_IV_OFFSET_MASK;
2161 if (offset >= 0x1000)
2162 goto err_format;
2163 if (bit32) {
2164 u32 value;
2165
2166 if (array_size < sizeof(iv->data.d32))
2167 goto err_format;
2168 array_size -= sizeof(iv->data.d32);
2169
2170 value = be32_to_cpu(get_unaligned(&iv->data.d32));
2171 b43_write32(dev, offset, value);
2172
2173 iv = (const struct b43_iv *)((const uint8_t *)iv +
2174 sizeof(__be16) +
2175 sizeof(__be32));
2176 } else {
2177 u16 value;
2178
2179 if (array_size < sizeof(iv->data.d16))
2180 goto err_format;
2181 array_size -= sizeof(iv->data.d16);
2182
2183 value = be16_to_cpu(iv->data.d16);
2184 b43_write16(dev, offset, value);
2185
2186 iv = (const struct b43_iv *)((const uint8_t *)iv +
2187 sizeof(__be16) +
2188 sizeof(__be16));
2189 }
2190 }
2191 if (array_size)
2192 goto err_format;
2193
2194 return 0;
2195
2196 err_format:
2197 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2198 b43_print_fw_helptext(dev->wl, 1);
2199
2200 return -EPROTO;
2201 }
2202
2203 static int b43_upload_initvals(struct b43_wldev *dev)
2204 {
2205 const size_t hdr_len = sizeof(struct b43_fw_header);
2206 const struct b43_fw_header *hdr;
2207 struct b43_firmware *fw = &dev->fw;
2208 const struct b43_iv *ivals;
2209 size_t count;
2210 int err;
2211
2212 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2213 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2214 count = be32_to_cpu(hdr->size);
2215 err = b43_write_initvals(dev, ivals, count,
2216 fw->initvals.data->size - hdr_len);
2217 if (err)
2218 goto out;
2219 if (fw->initvals_band.data) {
2220 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2221 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2222 count = be32_to_cpu(hdr->size);
2223 err = b43_write_initvals(dev, ivals, count,
2224 fw->initvals_band.data->size - hdr_len);
2225 if (err)
2226 goto out;
2227 }
2228 out:
2229
2230 return err;
2231 }
2232
2233 /* Initialize the GPIOs
2234 * http://bcm-specs.sipsolutions.net/GPIO
2235 */
2236 static int b43_gpio_init(struct b43_wldev *dev)
2237 {
2238 struct ssb_bus *bus = dev->dev->bus;
2239 struct ssb_device *gpiodev, *pcidev = NULL;
2240 u32 mask, set;
2241
2242 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2243 & ~B43_MACCTL_GPOUTSMSK);
2244
2245 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2246 | 0x000F);
2247
2248 mask = 0x0000001F;
2249 set = 0x0000000F;
2250 if (dev->dev->bus->chip_id == 0x4301) {
2251 mask |= 0x0060;
2252 set |= 0x0060;
2253 }
2254 if (0 /* FIXME: conditional unknown */ ) {
2255 b43_write16(dev, B43_MMIO_GPIO_MASK,
2256 b43_read16(dev, B43_MMIO_GPIO_MASK)
2257 | 0x0100);
2258 mask |= 0x0180;
2259 set |= 0x0180;
2260 }
2261 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2262 b43_write16(dev, B43_MMIO_GPIO_MASK,
2263 b43_read16(dev, B43_MMIO_GPIO_MASK)
2264 | 0x0200);
2265 mask |= 0x0200;
2266 set |= 0x0200;
2267 }
2268 if (dev->dev->id.revision >= 2)
2269 mask |= 0x0010; /* FIXME: This is redundant. */
2270
2271 #ifdef CONFIG_SSB_DRIVER_PCICORE
2272 pcidev = bus->pcicore.dev;
2273 #endif
2274 gpiodev = bus->chipco.dev ? : pcidev;
2275 if (!gpiodev)
2276 return 0;
2277 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2278 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2279 & mask) | set);
2280
2281 return 0;
2282 }
2283
2284 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2285 static void b43_gpio_cleanup(struct b43_wldev *dev)
2286 {
2287 struct ssb_bus *bus = dev->dev->bus;
2288 struct ssb_device *gpiodev, *pcidev = NULL;
2289
2290 #ifdef CONFIG_SSB_DRIVER_PCICORE
2291 pcidev = bus->pcicore.dev;
2292 #endif
2293 gpiodev = bus->chipco.dev ? : pcidev;
2294 if (!gpiodev)
2295 return;
2296 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2297 }
2298
2299 /* http://bcm-specs.sipsolutions.net/EnableMac */
2300 static void b43_mac_enable(struct b43_wldev *dev)
2301 {
2302 dev->mac_suspended--;
2303 B43_WARN_ON(dev->mac_suspended < 0);
2304 if (dev->mac_suspended == 0) {
2305 b43_write32(dev, B43_MMIO_MACCTL,
2306 b43_read32(dev, B43_MMIO_MACCTL)
2307 | B43_MACCTL_ENABLED);
2308 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2309 B43_IRQ_MAC_SUSPENDED);
2310 /* Commit writes */
2311 b43_read32(dev, B43_MMIO_MACCTL);
2312 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2313 b43_power_saving_ctl_bits(dev, 0);
2314
2315 /* Re-enable IRQs. */
2316 spin_lock_irq(&dev->wl->irq_lock);
2317 b43_interrupt_enable(dev, dev->irq_savedstate);
2318 spin_unlock_irq(&dev->wl->irq_lock);
2319 }
2320 }
2321
2322 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2323 static void b43_mac_suspend(struct b43_wldev *dev)
2324 {
2325 int i;
2326 u32 tmp;
2327
2328 might_sleep();
2329 B43_WARN_ON(dev->mac_suspended < 0);
2330
2331 if (dev->mac_suspended == 0) {
2332 /* Mask IRQs before suspending MAC. Otherwise
2333 * the MAC stays busy and won't suspend. */
2334 spin_lock_irq(&dev->wl->irq_lock);
2335 tmp = b43_interrupt_disable(dev, B43_IRQ_ALL);
2336 spin_unlock_irq(&dev->wl->irq_lock);
2337 b43_synchronize_irq(dev);
2338 dev->irq_savedstate = tmp;
2339
2340 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2341 b43_write32(dev, B43_MMIO_MACCTL,
2342 b43_read32(dev, B43_MMIO_MACCTL)
2343 & ~B43_MACCTL_ENABLED);
2344 /* force pci to flush the write */
2345 b43_read32(dev, B43_MMIO_MACCTL);
2346 for (i = 35; i; i--) {
2347 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2348 if (tmp & B43_IRQ_MAC_SUSPENDED)
2349 goto out;
2350 udelay(10);
2351 }
2352 /* Hm, it seems this will take some time. Use msleep(). */
2353 for (i = 40; i; i--) {
2354 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2355 if (tmp & B43_IRQ_MAC_SUSPENDED)
2356 goto out;
2357 msleep(1);
2358 }
2359 b43err(dev->wl, "MAC suspend failed\n");
2360 }
2361 out:
2362 dev->mac_suspended++;
2363 }
2364
2365 static void b43_adjust_opmode(struct b43_wldev *dev)
2366 {
2367 struct b43_wl *wl = dev->wl;
2368 u32 ctl;
2369 u16 cfp_pretbtt;
2370
2371 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2372 /* Reset status to STA infrastructure mode. */
2373 ctl &= ~B43_MACCTL_AP;
2374 ctl &= ~B43_MACCTL_KEEP_CTL;
2375 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2376 ctl &= ~B43_MACCTL_KEEP_BAD;
2377 ctl &= ~B43_MACCTL_PROMISC;
2378 ctl &= ~B43_MACCTL_BEACPROMISC;
2379 ctl |= B43_MACCTL_INFRA;
2380
2381 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
2382 ctl |= B43_MACCTL_AP;
2383 else if (b43_is_mode(wl, IEEE80211_IF_TYPE_IBSS))
2384 ctl &= ~B43_MACCTL_INFRA;
2385
2386 if (wl->filter_flags & FIF_CONTROL)
2387 ctl |= B43_MACCTL_KEEP_CTL;
2388 if (wl->filter_flags & FIF_FCSFAIL)
2389 ctl |= B43_MACCTL_KEEP_BAD;
2390 if (wl->filter_flags & FIF_PLCPFAIL)
2391 ctl |= B43_MACCTL_KEEP_BADPLCP;
2392 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2393 ctl |= B43_MACCTL_PROMISC;
2394 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2395 ctl |= B43_MACCTL_BEACPROMISC;
2396
2397 /* Workaround: On old hardware the HW-MAC-address-filter
2398 * doesn't work properly, so always run promisc in filter
2399 * it in software. */
2400 if (dev->dev->id.revision <= 4)
2401 ctl |= B43_MACCTL_PROMISC;
2402
2403 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2404
2405 cfp_pretbtt = 2;
2406 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2407 if (dev->dev->bus->chip_id == 0x4306 &&
2408 dev->dev->bus->chip_rev == 3)
2409 cfp_pretbtt = 100;
2410 else
2411 cfp_pretbtt = 50;
2412 }
2413 b43_write16(dev, 0x612, cfp_pretbtt);
2414 }
2415
2416 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2417 {
2418 u16 offset;
2419
2420 if (is_ofdm) {
2421 offset = 0x480;
2422 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2423 } else {
2424 offset = 0x4C0;
2425 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2426 }
2427 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2428 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2429 }
2430
2431 static void b43_rate_memory_init(struct b43_wldev *dev)
2432 {
2433 switch (dev->phy.type) {
2434 case B43_PHYTYPE_A:
2435 case B43_PHYTYPE_G:
2436 case B43_PHYTYPE_N:
2437 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2438 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2439 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2440 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2441 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2442 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2443 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2444 if (dev->phy.type == B43_PHYTYPE_A)
2445 break;
2446 /* fallthrough */
2447 case B43_PHYTYPE_B:
2448 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2449 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2450 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2451 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2452 break;
2453 default:
2454 B43_WARN_ON(1);
2455 }
2456 }
2457
2458 /* Set the default values for the PHY TX Control Words. */
2459 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2460 {
2461 u16 ctl = 0;
2462
2463 ctl |= B43_TXH_PHY_ENC_CCK;
2464 ctl |= B43_TXH_PHY_ANT01AUTO;
2465 ctl |= B43_TXH_PHY_TXPWR;
2466
2467 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2468 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2469 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2470 }
2471
2472 /* Set the TX-Antenna for management frames sent by firmware. */
2473 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2474 {
2475 u16 ant;
2476 u16 tmp;
2477
2478 ant = b43_antenna_to_phyctl(antenna);
2479
2480 /* For ACK/CTS */
2481 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2482 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2483 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2484 /* For Probe Resposes */
2485 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2486 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2487 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2488 }
2489
2490 /* This is the opposite of b43_chip_init() */
2491 static void b43_chip_exit(struct b43_wldev *dev)
2492 {
2493 b43_radio_turn_off(dev, 1);
2494 b43_gpio_cleanup(dev);
2495 /* firmware is released later */
2496 }
2497
2498 /* Initialize the chip
2499 * http://bcm-specs.sipsolutions.net/ChipInit
2500 */
2501 static int b43_chip_init(struct b43_wldev *dev)
2502 {
2503 struct b43_phy *phy = &dev->phy;
2504 int err, tmp;
2505 u32 value32, macctl;
2506 u16 value16;
2507
2508 /* Initialize the MAC control */
2509 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2510 if (dev->phy.gmode)
2511 macctl |= B43_MACCTL_GMODE;
2512 macctl |= B43_MACCTL_INFRA;
2513 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2514
2515 err = b43_request_firmware(dev);
2516 if (err)
2517 goto out;
2518 err = b43_upload_microcode(dev);
2519 if (err)
2520 goto out; /* firmware is released later */
2521
2522 err = b43_gpio_init(dev);
2523 if (err)
2524 goto out; /* firmware is released later */
2525
2526 err = b43_upload_initvals(dev);
2527 if (err)
2528 goto err_gpio_clean;
2529 b43_radio_turn_on(dev);
2530
2531 b43_write16(dev, 0x03E6, 0x0000);
2532 err = b43_phy_init(dev);
2533 if (err)
2534 goto err_radio_off;
2535
2536 /* Select initial Interference Mitigation. */
2537 tmp = phy->interfmode;
2538 phy->interfmode = B43_INTERFMODE_NONE;
2539 b43_radio_set_interference_mitigation(dev, tmp);
2540
2541 b43_set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2542 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2543
2544 if (phy->type == B43_PHYTYPE_B) {
2545 value16 = b43_read16(dev, 0x005E);
2546 value16 |= 0x0004;
2547 b43_write16(dev, 0x005E, value16);
2548 }
2549 b43_write32(dev, 0x0100, 0x01000000);
2550 if (dev->dev->id.revision < 5)
2551 b43_write32(dev, 0x010C, 0x01000000);
2552
2553 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2554 & ~B43_MACCTL_INFRA);
2555 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2556 | B43_MACCTL_INFRA);
2557
2558 /* Probe Response Timeout value */
2559 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2560 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2561
2562 /* Initially set the wireless operation mode. */
2563 b43_adjust_opmode(dev);
2564
2565 if (dev->dev->id.revision < 3) {
2566 b43_write16(dev, 0x060E, 0x0000);
2567 b43_write16(dev, 0x0610, 0x8000);
2568 b43_write16(dev, 0x0604, 0x0000);
2569 b43_write16(dev, 0x0606, 0x0200);
2570 } else {
2571 b43_write32(dev, 0x0188, 0x80000000);
2572 b43_write32(dev, 0x018C, 0x02000000);
2573 }
2574 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2575 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2576 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2577 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2578 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2579 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2580 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2581
2582 value32 = ssb_read32(dev->dev, SSB_TMSLOW);
2583 value32 |= 0x00100000;
2584 ssb_write32(dev->dev, SSB_TMSLOW, value32);
2585
2586 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2587 dev->dev->bus->chipco.fast_pwrup_delay);
2588
2589 err = 0;
2590 b43dbg(dev->wl, "Chip initialized\n");
2591 out:
2592 return err;
2593
2594 err_radio_off:
2595 b43_radio_turn_off(dev, 1);
2596 err_gpio_clean:
2597 b43_gpio_cleanup(dev);
2598 return err;
2599 }
2600
2601 static void b43_periodic_every120sec(struct b43_wldev *dev)
2602 {
2603 struct b43_phy *phy = &dev->phy;
2604
2605 if (phy->type != B43_PHYTYPE_G || phy->rev < 2)
2606 return;
2607
2608 b43_mac_suspend(dev);
2609 b43_lo_g_measure(dev);
2610 b43_mac_enable(dev);
2611 if (b43_has_hardware_pctl(phy))
2612 b43_lo_g_ctl_mark_all_unused(dev);
2613 }
2614
2615 static void b43_periodic_every60sec(struct b43_wldev *dev)
2616 {
2617 struct b43_phy *phy = &dev->phy;
2618
2619 if (phy->type != B43_PHYTYPE_G)
2620 return;
2621 if (!b43_has_hardware_pctl(phy))
2622 b43_lo_g_ctl_mark_all_unused(dev);
2623 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_RSSI) {
2624 b43_mac_suspend(dev);
2625 b43_calc_nrssi_slope(dev);
2626 if ((phy->radio_ver == 0x2050) && (phy->radio_rev == 8)) {
2627 u8 old_chan = phy->channel;
2628
2629 /* VCO Calibration */
2630 if (old_chan >= 8)
2631 b43_radio_selectchannel(dev, 1, 0);
2632 else
2633 b43_radio_selectchannel(dev, 13, 0);
2634 b43_radio_selectchannel(dev, old_chan, 0);
2635 }
2636 b43_mac_enable(dev);
2637 }
2638 }
2639
2640 static void b43_periodic_every30sec(struct b43_wldev *dev)
2641 {
2642 /* Update device statistics. */
2643 b43_calculate_link_quality(dev);
2644 }
2645
2646 static void b43_periodic_every15sec(struct b43_wldev *dev)
2647 {
2648 struct b43_phy *phy = &dev->phy;
2649
2650 if (phy->type == B43_PHYTYPE_G) {
2651 //TODO: update_aci_moving_average
2652 if (phy->aci_enable && phy->aci_wlan_automatic) {
2653 b43_mac_suspend(dev);
2654 if (!phy->aci_enable && 1 /*TODO: not scanning? */ ) {
2655 if (0 /*TODO: bunch of conditions */ ) {
2656 b43_radio_set_interference_mitigation
2657 (dev, B43_INTERFMODE_MANUALWLAN);
2658 }
2659 } else if (1 /*TODO*/) {
2660 /*
2661 if ((aci_average > 1000) && !(b43_radio_aci_scan(dev))) {
2662 b43_radio_set_interference_mitigation(dev,
2663 B43_INTERFMODE_NONE);
2664 }
2665 */
2666 }
2667 b43_mac_enable(dev);
2668 } else if (phy->interfmode == B43_INTERFMODE_NONWLAN &&
2669 phy->rev == 1) {
2670 //TODO: implement rev1 workaround
2671 }
2672 }
2673 b43_phy_xmitpower(dev); //FIXME: unless scanning?
2674 //TODO for APHY (temperature?)
2675
2676 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
2677 wmb();
2678 }
2679
2680 static void do_periodic_work(struct b43_wldev *dev)
2681 {
2682 unsigned int state;
2683
2684 state = dev->periodic_state;
2685 if (state % 8 == 0)
2686 b43_periodic_every120sec(dev);
2687 if (state % 4 == 0)
2688 b43_periodic_every60sec(dev);
2689 if (state % 2 == 0)
2690 b43_periodic_every30sec(dev);
2691 b43_periodic_every15sec(dev);
2692 }
2693
2694 /* Periodic work locking policy:
2695 * The whole periodic work handler is protected by
2696 * wl->mutex. If another lock is needed somewhere in the
2697 * pwork callchain, it's aquired in-place, where it's needed.
2698 */
2699 static void b43_periodic_work_handler(struct work_struct *work)
2700 {
2701 struct b43_wldev *dev = container_of(work, struct b43_wldev,
2702 periodic_work.work);
2703 struct b43_wl *wl = dev->wl;
2704 unsigned long delay;
2705
2706 mutex_lock(&wl->mutex);
2707
2708 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
2709 goto out;
2710 if (b43_debug(dev, B43_DBG_PWORK_STOP))
2711 goto out_requeue;
2712
2713 do_periodic_work(dev);
2714
2715 dev->periodic_state++;
2716 out_requeue:
2717 if (b43_debug(dev, B43_DBG_PWORK_FAST))
2718 delay = msecs_to_jiffies(50);
2719 else
2720 delay = round_jiffies_relative(HZ * 15);
2721 queue_delayed_work(wl->hw->workqueue, &dev->periodic_work, delay);
2722 out:
2723 mutex_unlock(&wl->mutex);
2724 }
2725
2726 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
2727 {
2728 struct delayed_work *work = &dev->periodic_work;
2729
2730 dev->periodic_state = 0;
2731 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
2732 queue_delayed_work(dev->wl->hw->workqueue, work, 0);
2733 }
2734
2735 /* Check if communication with the device works correctly. */
2736 static int b43_validate_chipaccess(struct b43_wldev *dev)
2737 {
2738 u32 v, backup;
2739
2740 backup = b43_shm_read32(dev, B43_SHM_SHARED, 0);
2741
2742 /* Check for read/write and endianness problems. */
2743 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
2744 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
2745 goto error;
2746 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
2747 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
2748 goto error;
2749
2750 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup);
2751
2752 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) {
2753 /* The 32bit register shadows the two 16bit registers
2754 * with update sideeffects. Validate this. */
2755 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
2756 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
2757 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
2758 goto error;
2759 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
2760 goto error;
2761 }
2762 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
2763
2764 v = b43_read32(dev, B43_MMIO_MACCTL);
2765 v |= B43_MACCTL_GMODE;
2766 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
2767 goto error;
2768
2769 return 0;
2770 error:
2771 b43err(dev->wl, "Failed to validate the chipaccess\n");
2772 return -ENODEV;
2773 }
2774
2775 static void b43_security_init(struct b43_wldev *dev)
2776 {
2777 dev->max_nr_keys = (dev->dev->id.revision >= 5) ? 58 : 20;
2778 B43_WARN_ON(dev->max_nr_keys > ARRAY_SIZE(dev->key));
2779 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
2780 /* KTP is a word address, but we address SHM bytewise.
2781 * So multiply by two.
2782 */
2783 dev->ktp *= 2;
2784 if (dev->dev->id.revision >= 5) {
2785 /* Number of RCMTA address slots */
2786 b43_write16(dev, B43_MMIO_RCMTA_COUNT, dev->max_nr_keys - 8);
2787 }
2788 b43_clear_keys(dev);
2789 }
2790
2791 static int b43_rng_read(struct hwrng *rng, u32 * data)
2792 {
2793 struct b43_wl *wl = (struct b43_wl *)rng->priv;
2794 unsigned long flags;
2795
2796 /* Don't take wl->mutex here, as it could deadlock with
2797 * hwrng internal locking. It's not needed to take
2798 * wl->mutex here, anyway. */
2799
2800 spin_lock_irqsave(&wl->irq_lock, flags);
2801 *data = b43_read16(wl->current_dev, B43_MMIO_RNG);
2802 spin_unlock_irqrestore(&wl->irq_lock, flags);
2803
2804 return (sizeof(u16));
2805 }
2806
2807 static void b43_rng_exit(struct b43_wl *wl)
2808 {
2809 if (wl->rng_initialized)
2810 hwrng_unregister(&wl->rng);
2811 }
2812
2813 static int b43_rng_init(struct b43_wl *wl)
2814 {
2815 int err;
2816
2817 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
2818 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
2819 wl->rng.name = wl->rng_name;
2820 wl->rng.data_read = b43_rng_read;
2821 wl->rng.priv = (unsigned long)wl;
2822 wl->rng_initialized = 1;
2823 err = hwrng_register(&wl->rng);
2824 if (err) {
2825 wl->rng_initialized = 0;
2826 b43err(wl, "Failed to register the random "
2827 "number generator (%d)\n", err);
2828 }
2829
2830 return err;
2831 }
2832
2833 static int b43_op_tx(struct ieee80211_hw *hw,
2834 struct sk_buff *skb,
2835 struct ieee80211_tx_control *ctl)
2836 {
2837 struct b43_wl *wl = hw_to_b43_wl(hw);
2838 struct b43_wldev *dev = wl->current_dev;
2839 int err = -ENODEV;
2840
2841 if (unlikely(skb->len < 2 + 2 + 6)) {
2842 /* Too short, this can't be a valid frame. */
2843 return -EINVAL;
2844 }
2845 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
2846
2847 if (unlikely(!dev))
2848 goto out;
2849 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
2850 goto out;
2851 /* TX is done without a global lock. */
2852 if (b43_using_pio_transfers(dev))
2853 err = b43_pio_tx(dev, skb, ctl);
2854 else
2855 err = b43_dma_tx(dev, skb, ctl);
2856 out:
2857 if (unlikely(err))
2858 return NETDEV_TX_BUSY;
2859 return NETDEV_TX_OK;
2860 }
2861
2862 /* Locking: wl->irq_lock */
2863 static void b43_qos_params_upload(struct b43_wldev *dev,
2864 const struct ieee80211_tx_queue_params *p,
2865 u16 shm_offset)
2866 {
2867 u16 params[B43_NR_QOSPARAMS];
2868 int cw_min, cw_max, aifs, bslots, tmp;
2869 unsigned int i;
2870
2871 const u16 aCWmin = 0x0001;
2872 const u16 aCWmax = 0x03FF;
2873
2874 /* Calculate the default values for the parameters, if needed. */
2875 switch (shm_offset) {
2876 case B43_QOS_VOICE:
2877 aifs = (p->aifs == -1) ? 2 : p->aifs;
2878 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 4 - 1) : p->cw_min;
2879 cw_max = (p->cw_max == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_max;
2880 break;
2881 case B43_QOS_VIDEO:
2882 aifs = (p->aifs == -1) ? 2 : p->aifs;
2883 cw_min = (p->cw_min == 0) ? ((aCWmin + 1) / 2 - 1) : p->cw_min;
2884 cw_max = (p->cw_max == 0) ? aCWmin : p->cw_max;
2885 break;
2886 case B43_QOS_BESTEFFORT:
2887 aifs = (p->aifs == -1) ? 3 : p->aifs;
2888 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min;
2889 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max;
2890 break;
2891 case B43_QOS_BACKGROUND:
2892 aifs = (p->aifs == -1) ? 7 : p->aifs;
2893 cw_min = (p->cw_min == 0) ? aCWmin : p->cw_min;
2894 cw_max = (p->cw_max == 0) ? aCWmax : p->cw_max;
2895 break;
2896 default:
2897 B43_WARN_ON(1);
2898 return;
2899 }
2900 if (cw_min <= 0)
2901 cw_min = aCWmin;
2902 if (cw_max <= 0)
2903 cw_max = aCWmin;
2904 bslots = b43_read16(dev, B43_MMIO_RNG) % cw_min;
2905
2906 memset(&params, 0, sizeof(params));
2907
2908 params[B43_QOSPARAM_TXOP] = p->txop * 32;
2909 params[B43_QOSPARAM_CWMIN] = cw_min;
2910 params[B43_QOSPARAM_CWMAX] = cw_max;
2911 params[B43_QOSPARAM_CWCUR] = cw_min;
2912 params[B43_QOSPARAM_AIFS] = aifs;
2913 params[B43_QOSPARAM_BSLOTS] = bslots;
2914 params[B43_QOSPARAM_REGGAP] = bslots + aifs;
2915
2916 for (i = 0; i < ARRAY_SIZE(params); i++) {
2917 if (i == B43_QOSPARAM_STATUS) {
2918 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
2919 shm_offset + (i * 2));
2920 /* Mark the parameters as updated. */
2921 tmp |= 0x100;
2922 b43_shm_write16(dev, B43_SHM_SHARED,
2923 shm_offset + (i * 2),
2924 tmp);
2925 } else {
2926 b43_shm_write16(dev, B43_SHM_SHARED,
2927 shm_offset + (i * 2),
2928 params[i]);
2929 }
2930 }
2931 }
2932
2933 /* Update the QOS parameters in hardware. */
2934 static void b43_qos_update(struct b43_wldev *dev)
2935 {
2936 struct b43_wl *wl = dev->wl;
2937 struct b43_qos_params *params;
2938 unsigned long flags;
2939 unsigned int i;
2940
2941 /* Mapping of mac80211 queues to b43 SHM offsets. */
2942 static const u16 qos_shm_offsets[] = {
2943 [0] = B43_QOS_VOICE,
2944 [1] = B43_QOS_VIDEO,
2945 [2] = B43_QOS_BESTEFFORT,
2946 [3] = B43_QOS_BACKGROUND,
2947 };
2948 BUILD_BUG_ON(ARRAY_SIZE(qos_shm_offsets) != ARRAY_SIZE(wl->qos_params));
2949
2950 b43_mac_suspend(dev);
2951 spin_lock_irqsave(&wl->irq_lock, flags);
2952
2953 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
2954 params = &(wl->qos_params[i]);
2955 if (params->need_hw_update) {
2956 b43_qos_params_upload(dev, &(params->p),
2957 qos_shm_offsets[i]);
2958 params->need_hw_update = 0;
2959 }
2960 }
2961
2962 spin_unlock_irqrestore(&wl->irq_lock, flags);
2963 b43_mac_enable(dev);
2964 }
2965
2966 static void b43_qos_clear(struct b43_wl *wl)
2967 {
2968 struct b43_qos_params *params;
2969 unsigned int i;
2970
2971 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
2972 params = &(wl->qos_params[i]);
2973
2974 memset(&(params->p), 0, sizeof(params->p));
2975 params->p.aifs = -1;
2976 params->need_hw_update = 1;
2977 }
2978 }
2979
2980 /* Initialize the core's QOS capabilities */
2981 static void b43_qos_init(struct b43_wldev *dev)
2982 {
2983 struct b43_wl *wl = dev->wl;
2984 unsigned int i;
2985
2986 /* Upload the current QOS parameters. */
2987 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++)
2988 wl->qos_params[i].need_hw_update = 1;
2989 b43_qos_update(dev);
2990
2991 /* Enable QOS support. */
2992 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
2993 b43_write16(dev, B43_MMIO_IFSCTL,
2994 b43_read16(dev, B43_MMIO_IFSCTL)
2995 | B43_MMIO_IFSCTL_USE_EDCF);
2996 }
2997
2998 static void b43_qos_update_work(struct work_struct *work)
2999 {
3000 struct b43_wl *wl = container_of(work, struct b43_wl, qos_update_work);
3001 struct b43_wldev *dev;
3002
3003 mutex_lock(&wl->mutex);
3004 dev = wl->current_dev;
3005 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED)))
3006 b43_qos_update(dev);
3007 mutex_unlock(&wl->mutex);
3008 }
3009
3010 static int b43_op_conf_tx(struct ieee80211_hw *hw,
3011 int _queue,
3012 const struct ieee80211_tx_queue_params *params)
3013 {
3014 struct b43_wl *wl = hw_to_b43_wl(hw);
3015 unsigned long flags;
3016 unsigned int queue = (unsigned int)_queue;
3017 struct b43_qos_params *p;
3018
3019 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3020 /* Queue not available or don't support setting
3021 * params on this queue. Return success to not
3022 * confuse mac80211. */
3023 return 0;
3024 }
3025
3026 spin_lock_irqsave(&wl->irq_lock, flags);
3027 p = &(wl->qos_params[queue]);
3028 memcpy(&(p->p), params, sizeof(p->p));
3029 p->need_hw_update = 1;
3030 spin_unlock_irqrestore(&wl->irq_lock, flags);
3031
3032 queue_work(hw->workqueue, &wl->qos_update_work);
3033
3034 return 0;
3035 }
3036
3037 static int b43_op_get_tx_stats(struct ieee80211_hw *hw,
3038 struct ieee80211_tx_queue_stats *stats)
3039 {
3040 struct b43_wl *wl = hw_to_b43_wl(hw);
3041 struct b43_wldev *dev = wl->current_dev;
3042 unsigned long flags;
3043 int err = -ENODEV;
3044
3045 if (!dev)
3046 goto out;
3047 spin_lock_irqsave(&wl->irq_lock, flags);
3048 if (likely(b43_status(dev) >= B43_STAT_STARTED)) {
3049 if (b43_using_pio_transfers(dev))
3050 b43_pio_get_tx_stats(dev, stats);
3051 else
3052 b43_dma_get_tx_stats(dev, stats);
3053 err = 0;
3054 }
3055 spin_unlock_irqrestore(&wl->irq_lock, flags);
3056 out:
3057 return err;
3058 }
3059
3060 static int b43_op_get_stats(struct ieee80211_hw *hw,
3061 struct ieee80211_low_level_stats *stats)
3062 {
3063 struct b43_wl *wl = hw_to_b43_wl(hw);
3064 unsigned long flags;
3065
3066 spin_lock_irqsave(&wl->irq_lock, flags);
3067 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3068 spin_unlock_irqrestore(&wl->irq_lock, flags);
3069
3070 return 0;
3071 }
3072
3073 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3074 {
3075 struct ssb_device *sdev = dev->dev;
3076 u32 tmslow;
3077
3078 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3079 tmslow &= ~B43_TMSLOW_GMODE;
3080 tmslow |= B43_TMSLOW_PHYRESET;
3081 tmslow |= SSB_TMSLOW_FGC;
3082 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3083 msleep(1);
3084
3085 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3086 tmslow &= ~SSB_TMSLOW_FGC;
3087 tmslow |= B43_TMSLOW_PHYRESET;
3088 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3089 msleep(1);
3090 }
3091
3092 static const char * band_to_string(enum ieee80211_band band)
3093 {
3094 switch (band) {
3095 case IEEE80211_BAND_5GHZ:
3096 return "5";
3097 case IEEE80211_BAND_2GHZ:
3098 return "2.4";
3099 default:
3100 break;
3101 }
3102 B43_WARN_ON(1);
3103 return "";
3104 }
3105
3106 /* Expects wl->mutex locked */
3107 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3108 {
3109 struct b43_wldev *up_dev = NULL;
3110 struct b43_wldev *down_dev;
3111 struct b43_wldev *d;
3112 int err;
3113 bool gmode;
3114 int prev_status;
3115
3116 /* Find a device and PHY which supports the band. */
3117 list_for_each_entry(d, &wl->devlist, list) {
3118 switch (chan->band) {
3119 case IEEE80211_BAND_5GHZ:
3120 if (d->phy.supports_5ghz) {
3121 up_dev = d;
3122 gmode = 0;
3123 }
3124 break;
3125 case IEEE80211_BAND_2GHZ:
3126 if (d->phy.supports_2ghz) {
3127 up_dev = d;
3128 gmode = 1;
3129 }
3130 break;
3131 default:
3132 B43_WARN_ON(1);
3133 return -EINVAL;
3134 }
3135 if (up_dev)
3136 break;
3137 }
3138 if (!up_dev) {
3139 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3140 band_to_string(chan->band));
3141 return -ENODEV;
3142 }
3143 if ((up_dev == wl->current_dev) &&
3144 (!!wl->current_dev->phy.gmode == !!gmode)) {
3145 /* This device is already running. */
3146 return 0;
3147 }
3148 b43dbg(wl, "Switching to %s-GHz band\n",
3149 band_to_string(chan->band));
3150 down_dev = wl->current_dev;
3151
3152 prev_status = b43_status(down_dev);
3153 /* Shutdown the currently running core. */
3154 if (prev_status >= B43_STAT_STARTED)
3155 b43_wireless_core_stop(down_dev);
3156 if (prev_status >= B43_STAT_INITIALIZED)
3157 b43_wireless_core_exit(down_dev);
3158
3159 if (down_dev != up_dev) {
3160 /* We switch to a different core, so we put PHY into
3161 * RESET on the old core. */
3162 b43_put_phy_into_reset(down_dev);
3163 }
3164
3165 /* Now start the new core. */
3166 up_dev->phy.gmode = gmode;
3167 if (prev_status >= B43_STAT_INITIALIZED) {
3168 err = b43_wireless_core_init(up_dev);
3169 if (err) {
3170 b43err(wl, "Fatal: Could not initialize device for "
3171 "selected %s-GHz band\n",
3172 band_to_string(chan->band));
3173 goto init_failure;
3174 }
3175 }
3176 if (prev_status >= B43_STAT_STARTED) {
3177 err = b43_wireless_core_start(up_dev);
3178 if (err) {
3179 b43err(wl, "Fatal: Coult not start device for "
3180 "selected %s-GHz band\n",
3181 band_to_string(chan->band));
3182 b43_wireless_core_exit(up_dev);
3183 goto init_failure;
3184 }
3185 }
3186 B43_WARN_ON(b43_status(up_dev) != prev_status);
3187
3188 wl->current_dev = up_dev;
3189
3190 return 0;
3191 init_failure:
3192 /* Whoops, failed to init the new core. No core is operating now. */
3193 wl->current_dev = NULL;
3194 return err;
3195 }
3196
3197 static int b43_op_config(struct ieee80211_hw *hw, struct ieee80211_conf *conf)
3198 {
3199 struct b43_wl *wl = hw_to_b43_wl(hw);
3200 struct b43_wldev *dev;
3201 struct b43_phy *phy;
3202 unsigned long flags;
3203 int antenna;
3204 int err = 0;
3205 u32 savedirqs;
3206
3207 mutex_lock(&wl->mutex);
3208
3209 /* Switch the band (if necessary). This might change the active core. */
3210 err = b43_switch_band(wl, conf->channel);
3211 if (err)
3212 goto out_unlock_mutex;
3213 dev = wl->current_dev;
3214 phy = &dev->phy;
3215
3216 /* Disable IRQs while reconfiguring the device.
3217 * This makes it possible to drop the spinlock throughout
3218 * the reconfiguration process. */
3219 spin_lock_irqsave(&wl->irq_lock, flags);
3220 if (b43_status(dev) < B43_STAT_STARTED) {
3221 spin_unlock_irqrestore(&wl->irq_lock, flags);
3222 goto out_unlock_mutex;
3223 }
3224 savedirqs = b43_interrupt_disable(dev, B43_IRQ_ALL);
3225 spin_unlock_irqrestore(&wl->irq_lock, flags);
3226 b43_synchronize_irq(dev);
3227
3228 /* Switch to the requested channel.
3229 * The firmware takes care of races with the TX handler. */
3230 if (conf->channel->hw_value != phy->channel)
3231 b43_radio_selectchannel(dev, conf->channel->hw_value, 0);
3232
3233 /* Enable/Disable ShortSlot timing. */
3234 if ((!!(conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)) !=
3235 dev->short_slot) {
3236 B43_WARN_ON(phy->type != B43_PHYTYPE_G);
3237 if (conf->flags & IEEE80211_CONF_SHORT_SLOT_TIME)
3238 b43_short_slot_timing_enable(dev);
3239 else
3240 b43_short_slot_timing_disable(dev);
3241 }
3242
3243 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
3244
3245 /* Adjust the desired TX power level. */
3246 if (conf->power_level != 0) {
3247 if (conf->power_level != phy->power_level) {
3248 phy->power_level = conf->power_level;
3249 b43_phy_xmitpower(dev);
3250 }
3251 }
3252
3253 /* Antennas for RX and management frame TX. */
3254 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_tx);
3255 b43_mgmtframe_txantenna(dev, antenna);
3256 antenna = b43_antenna_from_ieee80211(dev, conf->antenna_sel_rx);
3257 b43_set_rx_antenna(dev, antenna);
3258
3259 /* Update templates for AP mode. */
3260 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP))
3261 b43_set_beacon_int(dev, conf->beacon_int);
3262
3263 if (!!conf->radio_enabled != phy->radio_on) {
3264 if (conf->radio_enabled) {
3265 b43_radio_turn_on(dev);
3266 b43info(dev->wl, "Radio turned on by software\n");
3267 if (!dev->radio_hw_enable) {
3268 b43info(dev->wl, "The hardware RF-kill button "
3269 "still turns the radio physically off. "
3270 "Press the button to turn it on.\n");
3271 }
3272 } else {
3273 b43_radio_turn_off(dev, 0);
3274 b43info(dev->wl, "Radio turned off by software\n");
3275 }
3276 }
3277
3278 spin_lock_irqsave(&wl->irq_lock, flags);
3279 b43_interrupt_enable(dev, savedirqs);
3280 mmiowb();
3281 spin_unlock_irqrestore(&wl->irq_lock, flags);
3282 out_unlock_mutex:
3283 mutex_unlock(&wl->mutex);
3284
3285 return err;
3286 }
3287
3288 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3289 const u8 *local_addr, const u8 *addr,
3290 struct ieee80211_key_conf *key)
3291 {
3292 struct b43_wl *wl = hw_to_b43_wl(hw);
3293 struct b43_wldev *dev;
3294 unsigned long flags;
3295 u8 algorithm;
3296 u8 index;
3297 int err;
3298 DECLARE_MAC_BUF(mac);
3299
3300 if (modparam_nohwcrypt)
3301 return -ENOSPC; /* User disabled HW-crypto */
3302
3303 mutex_lock(&wl->mutex);
3304 spin_lock_irqsave(&wl->irq_lock, flags);
3305
3306 dev = wl->current_dev;
3307 err = -ENODEV;
3308 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3309 goto out_unlock;
3310
3311 err = -EINVAL;
3312 switch (key->alg) {
3313 case ALG_WEP:
3314 if (key->keylen == 5)
3315 algorithm = B43_SEC_ALGO_WEP40;
3316 else
3317 algorithm = B43_SEC_ALGO_WEP104;
3318 break;
3319 case ALG_TKIP:
3320 algorithm = B43_SEC_ALGO_TKIP;
3321 break;
3322 case ALG_CCMP:
3323 algorithm = B43_SEC_ALGO_AES;
3324 break;
3325 default:
3326 B43_WARN_ON(1);
3327 goto out_unlock;
3328 }
3329 index = (u8) (key->keyidx);
3330 if (index > 3)
3331 goto out_unlock;
3332
3333 switch (cmd) {
3334 case SET_KEY:
3335 if (algorithm == B43_SEC_ALGO_TKIP) {
3336 /* FIXME: No TKIP hardware encryption for now. */
3337 err = -EOPNOTSUPP;
3338 goto out_unlock;
3339 }
3340
3341 if (is_broadcast_ether_addr(addr)) {
3342 /* addr is FF:FF:FF:FF:FF:FF for default keys */
3343 err = b43_key_write(dev, index, algorithm,
3344 key->key, key->keylen, NULL, key);
3345 } else {
3346 /*
3347 * either pairwise key or address is 00:00:00:00:00:00
3348 * for transmit-only keys
3349 */
3350 err = b43_key_write(dev, -1, algorithm,
3351 key->key, key->keylen, addr, key);
3352 }
3353 if (err)
3354 goto out_unlock;
3355
3356 if (algorithm == B43_SEC_ALGO_WEP40 ||
3357 algorithm == B43_SEC_ALGO_WEP104) {
3358 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3359 } else {
3360 b43_hf_write(dev,
3361 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3362 }
3363 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3364 break;
3365 case DISABLE_KEY: {
3366 err = b43_key_clear(dev, key->hw_key_idx);
3367 if (err)
3368 goto out_unlock;
3369 break;
3370 }
3371 default:
3372 B43_WARN_ON(1);
3373 }
3374 out_unlock:
3375 spin_unlock_irqrestore(&wl->irq_lock, flags);
3376 mutex_unlock(&wl->mutex);
3377 if (!err) {
3378 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3379 "mac: %s\n",
3380 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3381 print_mac(mac, addr));
3382 }
3383 return err;
3384 }
3385
3386 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3387 unsigned int changed, unsigned int *fflags,
3388 int mc_count, struct dev_addr_list *mc_list)
3389 {
3390 struct b43_wl *wl = hw_to_b43_wl(hw);
3391 struct b43_wldev *dev = wl->current_dev;
3392 unsigned long flags;
3393
3394 if (!dev) {
3395 *fflags = 0;
3396 return;
3397 }
3398
3399 spin_lock_irqsave(&wl->irq_lock, flags);
3400 *fflags &= FIF_PROMISC_IN_BSS |
3401 FIF_ALLMULTI |
3402 FIF_FCSFAIL |
3403 FIF_PLCPFAIL |
3404 FIF_CONTROL |
3405 FIF_OTHER_BSS |
3406 FIF_BCN_PRBRESP_PROMISC;
3407
3408 changed &= FIF_PROMISC_IN_BSS |
3409 FIF_ALLMULTI |
3410 FIF_FCSFAIL |
3411 FIF_PLCPFAIL |
3412 FIF_CONTROL |
3413 FIF_OTHER_BSS |
3414 FIF_BCN_PRBRESP_PROMISC;
3415
3416 wl->filter_flags = *fflags;
3417
3418 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3419 b43_adjust_opmode(dev);
3420 spin_unlock_irqrestore(&wl->irq_lock, flags);
3421 }
3422
3423 static int b43_op_config_interface(struct ieee80211_hw *hw,
3424 struct ieee80211_vif *vif,
3425 struct ieee80211_if_conf *conf)
3426 {
3427 struct b43_wl *wl = hw_to_b43_wl(hw);
3428 struct b43_wldev *dev = wl->current_dev;
3429 unsigned long flags;
3430
3431 if (!dev)
3432 return -ENODEV;
3433 mutex_lock(&wl->mutex);
3434 spin_lock_irqsave(&wl->irq_lock, flags);
3435 B43_WARN_ON(wl->vif != vif);
3436 if (conf->bssid)
3437 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3438 else
3439 memset(wl->bssid, 0, ETH_ALEN);
3440 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3441 if (b43_is_mode(wl, IEEE80211_IF_TYPE_AP)) {
3442 B43_WARN_ON(conf->type != IEEE80211_IF_TYPE_AP);
3443 b43_set_ssid(dev, conf->ssid, conf->ssid_len);
3444 if (conf->beacon) {
3445 b43_update_templates(wl, conf->beacon,
3446 conf->beacon_control);
3447 }
3448 }
3449 b43_write_mac_bssid_templates(dev);
3450 }
3451 spin_unlock_irqrestore(&wl->irq_lock, flags);
3452 mutex_unlock(&wl->mutex);
3453
3454 return 0;
3455 }
3456
3457 /* Locking: wl->mutex */
3458 static void b43_wireless_core_stop(struct b43_wldev *dev)
3459 {
3460 struct b43_wl *wl = dev->wl;
3461 unsigned long flags;
3462
3463 if (b43_status(dev) < B43_STAT_STARTED)
3464 return;
3465
3466 /* Disable and sync interrupts. We must do this before than
3467 * setting the status to INITIALIZED, as the interrupt handler
3468 * won't care about IRQs then. */
3469 spin_lock_irqsave(&wl->irq_lock, flags);
3470 dev->irq_savedstate = b43_interrupt_disable(dev, B43_IRQ_ALL);
3471 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* flush */
3472 spin_unlock_irqrestore(&wl->irq_lock, flags);
3473 b43_synchronize_irq(dev);
3474
3475 b43_set_status(dev, B43_STAT_INITIALIZED);
3476
3477 b43_pio_stop(dev);
3478 mutex_unlock(&wl->mutex);
3479 /* Must unlock as it would otherwise deadlock. No races here.
3480 * Cancel the possibly running self-rearming periodic work. */
3481 cancel_delayed_work_sync(&dev->periodic_work);
3482 mutex_lock(&wl->mutex);
3483
3484 ieee80211_stop_queues(wl->hw); //FIXME this could cause a deadlock, as mac80211 seems buggy.
3485
3486 b43_mac_suspend(dev);
3487 free_irq(dev->dev->irq, dev);
3488 b43dbg(wl, "Wireless interface stopped\n");
3489 }
3490
3491 /* Locking: wl->mutex */
3492 static int b43_wireless_core_start(struct b43_wldev *dev)
3493 {
3494 int err;
3495
3496 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
3497
3498 drain_txstatus_queue(dev);
3499 err = request_irq(dev->dev->irq, b43_interrupt_handler,
3500 IRQF_SHARED, KBUILD_MODNAME, dev);
3501 if (err) {
3502 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq);
3503 goto out;
3504 }
3505
3506 /* We are ready to run. */
3507 b43_set_status(dev, B43_STAT_STARTED);
3508
3509 /* Start data flow (TX/RX). */
3510 b43_mac_enable(dev);
3511 b43_interrupt_enable(dev, dev->irq_savedstate);
3512 ieee80211_start_queues(dev->wl->hw);
3513
3514 /* Start maintainance work */
3515 b43_periodic_tasks_setup(dev);
3516
3517 b43dbg(dev->wl, "Wireless interface started\n");
3518 out:
3519 return err;
3520 }
3521
3522 /* Get PHY and RADIO versioning numbers */
3523 static int b43_phy_versioning(struct b43_wldev *dev)
3524 {
3525 struct b43_phy *phy = &dev->phy;
3526 u32 tmp;
3527 u8 analog_type;
3528 u8 phy_type;
3529 u8 phy_rev;
3530 u16 radio_manuf;
3531 u16 radio_ver;
3532 u16 radio_rev;
3533 int unsupported = 0;
3534
3535 /* Get PHY versioning */
3536 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
3537 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
3538 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
3539 phy_rev = (tmp & B43_PHYVER_VERSION);
3540 switch (phy_type) {
3541 case B43_PHYTYPE_A:
3542 if (phy_rev >= 4)
3543 unsupported = 1;
3544 break;
3545 case B43_PHYTYPE_B:
3546 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
3547 && phy_rev != 7)
3548 unsupported = 1;
3549 break;
3550 case B43_PHYTYPE_G:
3551 if (phy_rev > 9)
3552 unsupported = 1;
3553 break;
3554 #ifdef CONFIG_B43_NPHY
3555 case B43_PHYTYPE_N:
3556 if (phy_rev > 1)
3557 unsupported = 1;
3558 break;
3559 #endif
3560 default:
3561 unsupported = 1;
3562 };
3563 if (unsupported) {
3564 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
3565 "(Analog %u, Type %u, Revision %u)\n",
3566 analog_type, phy_type, phy_rev);
3567 return -EOPNOTSUPP;
3568 }
3569 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
3570 analog_type, phy_type, phy_rev);
3571
3572 /* Get RADIO versioning */
3573 if (dev->dev->bus->chip_id == 0x4317) {
3574 if (dev->dev->bus->chip_rev == 0)
3575 tmp = 0x3205017F;
3576 else if (dev->dev->bus->chip_rev == 1)
3577 tmp = 0x4205017F;
3578 else
3579 tmp = 0x5205017F;
3580 } else {
3581 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3582 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
3583 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3584 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
3585 }
3586 radio_manuf = (tmp & 0x00000FFF);
3587 radio_ver = (tmp & 0x0FFFF000) >> 12;
3588 radio_rev = (tmp & 0xF0000000) >> 28;
3589 if (radio_manuf != 0x17F /* Broadcom */)
3590 unsupported = 1;
3591 switch (phy_type) {
3592 case B43_PHYTYPE_A:
3593 if (radio_ver != 0x2060)
3594 unsupported = 1;
3595 if (radio_rev != 1)
3596 unsupported = 1;
3597 if (radio_manuf != 0x17F)
3598 unsupported = 1;
3599 break;
3600 case B43_PHYTYPE_B:
3601 if ((radio_ver & 0xFFF0) != 0x2050)
3602 unsupported = 1;
3603 break;
3604 case B43_PHYTYPE_G:
3605 if (radio_ver != 0x2050)
3606 unsupported = 1;
3607 break;
3608 case B43_PHYTYPE_N:
3609 if (radio_ver != 0x2055)
3610 unsupported = 1;
3611 break;
3612 default:
3613 B43_WARN_ON(1);
3614 }
3615 if (unsupported) {
3616 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
3617 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
3618 radio_manuf, radio_ver, radio_rev);
3619 return -EOPNOTSUPP;
3620 }
3621 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
3622 radio_manuf, radio_ver, radio_rev);
3623
3624 phy->radio_manuf = radio_manuf;
3625 phy->radio_ver = radio_ver;
3626 phy->radio_rev = radio_rev;
3627
3628 phy->analog = analog_type;
3629 phy->type = phy_type;
3630 phy->rev = phy_rev;
3631
3632 return 0;
3633 }
3634
3635 static void setup_struct_phy_for_init(struct b43_wldev *dev,
3636 struct b43_phy *phy)
3637 {
3638 struct b43_txpower_lo_control *lo;
3639 int i;
3640
3641 memset(phy->minlowsig, 0xFF, sizeof(phy->minlowsig));
3642 memset(phy->minlowsigpos, 0, sizeof(phy->minlowsigpos));
3643
3644 phy->aci_enable = 0;
3645 phy->aci_wlan_automatic = 0;
3646 phy->aci_hw_rssi = 0;
3647
3648 phy->radio_off_context.valid = 0;
3649
3650 lo = phy->lo_control;
3651 if (lo) {
3652 memset(lo, 0, sizeof(*(phy->lo_control)));
3653 lo->rebuild = 1;
3654 lo->tx_bias = 0xFF;
3655 }
3656 phy->max_lb_gain = 0;
3657 phy->trsw_rx_gain = 0;
3658 phy->txpwr_offset = 0;
3659
3660 /* NRSSI */
3661 phy->nrssislope = 0;
3662 for (i = 0; i < ARRAY_SIZE(phy->nrssi); i++)
3663 phy->nrssi[i] = -1000;
3664 for (i = 0; i < ARRAY_SIZE(phy->nrssi_lt); i++)
3665 phy->nrssi_lt[i] = i;
3666
3667 phy->lofcal = 0xFFFF;
3668 phy->initval = 0xFFFF;
3669
3670 phy->interfmode = B43_INTERFMODE_NONE;
3671 phy->channel = 0xFF;
3672
3673 phy->hardware_power_control = !!modparam_hwpctl;
3674
3675 /* PHY TX errors counter. */
3676 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
3677
3678 /* OFDM-table address caching. */
3679 phy->ofdmtab_addr_direction = B43_OFDMTAB_DIRECTION_UNKNOWN;
3680 }
3681
3682 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
3683 {
3684 dev->dfq_valid = 0;
3685
3686 /* Assume the radio is enabled. If it's not enabled, the state will
3687 * immediately get fixed on the first periodic work run. */
3688 dev->radio_hw_enable = 1;
3689
3690 /* Stats */
3691 memset(&dev->stats, 0, sizeof(dev->stats));
3692
3693 setup_struct_phy_for_init(dev, &dev->phy);
3694
3695 /* IRQ related flags */
3696 dev->irq_reason = 0;
3697 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
3698 dev->irq_savedstate = B43_IRQ_MASKTEMPLATE;
3699
3700 dev->mac_suspended = 1;
3701
3702 /* Noise calculation context */
3703 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
3704 }
3705
3706 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
3707 {
3708 struct ssb_sprom *sprom = &dev->dev->bus->sprom;
3709 u32 hf;
3710
3711 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
3712 return;
3713 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
3714 return;
3715
3716 hf = b43_hf_read(dev);
3717 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
3718 hf |= B43_HF_BTCOEXALT;
3719 else
3720 hf |= B43_HF_BTCOEX;
3721 b43_hf_write(dev, hf);
3722 //TODO
3723 }
3724
3725 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
3726 { //TODO
3727 }
3728
3729 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
3730 {
3731 #ifdef CONFIG_SSB_DRIVER_PCICORE
3732 struct ssb_bus *bus = dev->dev->bus;
3733 u32 tmp;
3734
3735 if (bus->pcicore.dev &&
3736 bus->pcicore.dev->id.coreid == SSB_DEV_PCI &&
3737 bus->pcicore.dev->id.revision <= 5) {
3738 /* IMCFGLO timeouts workaround. */
3739 tmp = ssb_read32(dev->dev, SSB_IMCFGLO);
3740 tmp &= ~SSB_IMCFGLO_REQTO;
3741 tmp &= ~SSB_IMCFGLO_SERTO;
3742 switch (bus->bustype) {
3743 case SSB_BUSTYPE_PCI:
3744 case SSB_BUSTYPE_PCMCIA:
3745 tmp |= 0x32;
3746 break;
3747 case SSB_BUSTYPE_SSB:
3748 tmp |= 0x53;
3749 break;
3750 }
3751 ssb_write32(dev->dev, SSB_IMCFGLO, tmp);
3752 }
3753 #endif /* CONFIG_SSB_DRIVER_PCICORE */
3754 }
3755
3756 /* Write the short and long frame retry limit values. */
3757 static void b43_set_retry_limits(struct b43_wldev *dev,
3758 unsigned int short_retry,
3759 unsigned int long_retry)
3760 {
3761 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3762 * the chip-internal counter. */
3763 short_retry = min(short_retry, (unsigned int)0xF);
3764 long_retry = min(long_retry, (unsigned int)0xF);
3765
3766 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3767 short_retry);
3768 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3769 long_retry);
3770 }
3771
3772 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
3773 {
3774 u16 pu_delay;
3775
3776 /* The time value is in microseconds. */
3777 if (dev->phy.type == B43_PHYTYPE_A)
3778 pu_delay = 3700;
3779 else
3780 pu_delay = 1050;
3781 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS) || idle)
3782 pu_delay = 500;
3783 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
3784 pu_delay = max(pu_delay, (u16)2400);
3785
3786 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
3787 }
3788
3789 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
3790 static void b43_set_pretbtt(struct b43_wldev *dev)
3791 {
3792 u16 pretbtt;
3793
3794 /* The time value is in microseconds. */
3795 if (b43_is_mode(dev->wl, IEEE80211_IF_TYPE_IBSS)) {
3796 pretbtt = 2;
3797 } else {
3798 if (dev->phy.type == B43_PHYTYPE_A)
3799 pretbtt = 120;
3800 else
3801 pretbtt = 250;
3802 }
3803 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
3804 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
3805 }
3806
3807 /* Shutdown a wireless core */
3808 /* Locking: wl->mutex */
3809 static void b43_wireless_core_exit(struct b43_wldev *dev)
3810 {
3811 struct b43_phy *phy = &dev->phy;
3812 u32 macctl;
3813
3814 B43_WARN_ON(b43_status(dev) > B43_STAT_INITIALIZED);
3815 if (b43_status(dev) != B43_STAT_INITIALIZED)
3816 return;
3817 b43_set_status(dev, B43_STAT_UNINIT);
3818
3819 /* Stop the microcode PSM. */
3820 macctl = b43_read32(dev, B43_MMIO_MACCTL);
3821 macctl &= ~B43_MACCTL_PSM_RUN;
3822 macctl |= B43_MACCTL_PSM_JMP0;
3823 b43_write32(dev, B43_MMIO_MACCTL, macctl);
3824
3825 if (!dev->suspend_in_progress) {
3826 b43_leds_exit(dev);
3827 b43_rng_exit(dev->wl);
3828 }
3829 b43_dma_free(dev);
3830 b43_pio_free(dev);
3831 b43_chip_exit(dev);
3832 b43_radio_turn_off(dev, 1);
3833 b43_switch_analog(dev, 0);
3834 if (phy->dyn_tssi_tbl)
3835 kfree(phy->tssi2dbm);
3836 kfree(phy->lo_control);
3837 phy->lo_control = NULL;
3838 if (dev->wl->current_beacon) {
3839 dev_kfree_skb_any(dev->wl->current_beacon);
3840 dev->wl->current_beacon = NULL;
3841 }
3842
3843 ssb_device_disable(dev->dev, 0);
3844 ssb_bus_may_powerdown(dev->dev->bus);
3845 }
3846
3847 /* Initialize a wireless core */
3848 static int b43_wireless_core_init(struct b43_wldev *dev)
3849 {
3850 struct b43_wl *wl = dev->wl;
3851 struct ssb_bus *bus = dev->dev->bus;
3852 struct ssb_sprom *sprom = &bus->sprom;
3853 struct b43_phy *phy = &dev->phy;
3854 int err;
3855 u32 hf, tmp;
3856
3857 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
3858
3859 err = ssb_bus_powerup(bus, 0);
3860 if (err)
3861 goto out;
3862 if (!ssb_device_is_enabled(dev->dev)) {
3863 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
3864 b43_wireless_core_reset(dev, tmp);
3865 }
3866
3867 if ((phy->type == B43_PHYTYPE_B) || (phy->type == B43_PHYTYPE_G)) {
3868 phy->lo_control =
3869 kzalloc(sizeof(*(phy->lo_control)), GFP_KERNEL);
3870 if (!phy->lo_control) {
3871 err = -ENOMEM;
3872 goto err_busdown;
3873 }
3874 }
3875 setup_struct_wldev_for_init(dev);
3876
3877 err = b43_phy_init_tssi2dbm_table(dev);
3878 if (err)
3879 goto err_kfree_lo_control;
3880
3881 /* Enable IRQ routing to this device. */
3882 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev);
3883
3884 b43_imcfglo_timeouts_workaround(dev);
3885 b43_bluetooth_coext_disable(dev);
3886 b43_phy_early_init(dev);
3887 err = b43_chip_init(dev);
3888 if (err)
3889 goto err_kfree_tssitbl;
3890 b43_shm_write16(dev, B43_SHM_SHARED,
3891 B43_SHM_SH_WLCOREREV, dev->dev->id.revision);
3892 hf = b43_hf_read(dev);
3893 if (phy->type == B43_PHYTYPE_G) {
3894 hf |= B43_HF_SYMW;
3895 if (phy->rev == 1)
3896 hf |= B43_HF_GDCW;
3897 if (sprom->boardflags_lo & B43_BFL_PACTRL)
3898 hf |= B43_HF_OFDMPABOOST;
3899 } else if (phy->type == B43_PHYTYPE_B) {
3900 hf |= B43_HF_SYMW;
3901 if (phy->rev >= 2 && phy->radio_ver == 0x2050)
3902 hf &= ~B43_HF_GDCW;
3903 }
3904 b43_hf_write(dev, hf);
3905
3906 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
3907 B43_DEFAULT_LONG_RETRY_LIMIT);
3908 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
3909 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
3910
3911 /* Disable sending probe responses from firmware.
3912 * Setting the MaxTime to one usec will always trigger
3913 * a timeout, so we never send any probe resp.
3914 * A timeout of zero is infinite. */
3915 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
3916
3917 b43_rate_memory_init(dev);
3918 b43_set_phytxctl_defaults(dev);
3919
3920 /* Minimum Contention Window */
3921 if (phy->type == B43_PHYTYPE_B) {
3922 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
3923 } else {
3924 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
3925 }
3926 /* Maximum Contention Window */
3927 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
3928
3929 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) {
3930 dev->__using_pio_transfers = 1;
3931 err = b43_pio_init(dev);
3932 } else {
3933 dev->__using_pio_transfers = 0;
3934 err = b43_dma_init(dev);
3935 }
3936 if (err)
3937 goto err_chip_exit;
3938 b43_qos_init(dev);
3939 b43_set_synth_pu_delay(dev, 1);
3940 b43_bluetooth_coext_enable(dev);
3941
3942 ssb_bus_powerup(bus, 1); /* Enable dynamic PCTL */
3943 b43_upload_card_macaddress(dev);
3944 b43_security_init(dev);
3945 if (!dev->suspend_in_progress)
3946 b43_rng_init(wl);
3947
3948 b43_set_status(dev, B43_STAT_INITIALIZED);
3949
3950 if (!dev->suspend_in_progress)
3951 b43_leds_init(dev);
3952 out:
3953 return err;
3954
3955 err_chip_exit:
3956 b43_chip_exit(dev);
3957 err_kfree_tssitbl:
3958 if (phy->dyn_tssi_tbl)
3959 kfree(phy->tssi2dbm);
3960 err_kfree_lo_control:
3961 kfree(phy->lo_control);
3962 phy->lo_control = NULL;
3963 err_busdown:
3964 ssb_bus_may_powerdown(bus);
3965 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
3966 return err;
3967 }
3968
3969 static int b43_op_add_interface(struct ieee80211_hw *hw,
3970 struct ieee80211_if_init_conf *conf)
3971 {
3972 struct b43_wl *wl = hw_to_b43_wl(hw);
3973 struct b43_wldev *dev;
3974 unsigned long flags;
3975 int err = -EOPNOTSUPP;
3976
3977 /* TODO: allow WDS/AP devices to coexist */
3978
3979 if (conf->type != IEEE80211_IF_TYPE_AP &&
3980 conf->type != IEEE80211_IF_TYPE_STA &&
3981 conf->type != IEEE80211_IF_TYPE_WDS &&
3982 conf->type != IEEE80211_IF_TYPE_IBSS)
3983 return -EOPNOTSUPP;
3984
3985 mutex_lock(&wl->mutex);
3986 if (wl->operating)
3987 goto out_mutex_unlock;
3988
3989 b43dbg(wl, "Adding Interface type %d\n", conf->type);
3990
3991 dev = wl->current_dev;
3992 wl->operating = 1;
3993 wl->vif = conf->vif;
3994 wl->if_type = conf->type;
3995 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN);
3996
3997 spin_lock_irqsave(&wl->irq_lock, flags);
3998 b43_adjust_opmode(dev);
3999 b43_set_pretbtt(dev);
4000 b43_set_synth_pu_delay(dev, 0);
4001 b43_upload_card_macaddress(dev);
4002 spin_unlock_irqrestore(&wl->irq_lock, flags);
4003
4004 err = 0;
4005 out_mutex_unlock:
4006 mutex_unlock(&wl->mutex);
4007
4008 return err;
4009 }
4010
4011 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4012 struct ieee80211_if_init_conf *conf)
4013 {
4014 struct b43_wl *wl = hw_to_b43_wl(hw);
4015 struct b43_wldev *dev = wl->current_dev;
4016 unsigned long flags;
4017
4018 b43dbg(wl, "Removing Interface type %d\n", conf->type);
4019
4020 mutex_lock(&wl->mutex);
4021
4022 B43_WARN_ON(!wl->operating);
4023 B43_WARN_ON(wl->vif != conf->vif);
4024 wl->vif = NULL;
4025
4026 wl->operating = 0;
4027
4028 spin_lock_irqsave(&wl->irq_lock, flags);
4029 b43_adjust_opmode(dev);
4030 memset(wl->mac_addr, 0, ETH_ALEN);
4031 b43_upload_card_macaddress(dev);
4032 spin_unlock_irqrestore(&wl->irq_lock, flags);
4033
4034 mutex_unlock(&wl->mutex);
4035 }
4036
4037 static int b43_op_start(struct ieee80211_hw *hw)
4038 {
4039 struct b43_wl *wl = hw_to_b43_wl(hw);
4040 struct b43_wldev *dev = wl->current_dev;
4041 int did_init = 0;
4042 int err = 0;
4043 bool do_rfkill_exit = 0;
4044
4045 /* Kill all old instance specific information to make sure
4046 * the card won't use it in the short timeframe between start
4047 * and mac80211 reconfiguring it. */
4048 memset(wl->bssid, 0, ETH_ALEN);
4049 memset(wl->mac_addr, 0, ETH_ALEN);
4050 wl->filter_flags = 0;
4051 wl->radiotap_enabled = 0;
4052 b43_qos_clear(wl);
4053
4054 /* First register RFkill.
4055 * LEDs that are registered later depend on it. */
4056 b43_rfkill_init(dev);
4057
4058 mutex_lock(&wl->mutex);
4059
4060 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4061 err = b43_wireless_core_init(dev);
4062 if (err) {
4063 do_rfkill_exit = 1;
4064 goto out_mutex_unlock;
4065 }
4066 did_init = 1;
4067 }
4068
4069 if (b43_status(dev) < B43_STAT_STARTED) {
4070 err = b43_wireless_core_start(dev);
4071 if (err) {
4072 if (did_init)
4073 b43_wireless_core_exit(dev);
4074 do_rfkill_exit = 1;
4075 goto out_mutex_unlock;
4076 }
4077 }
4078
4079 out_mutex_unlock:
4080 mutex_unlock(&wl->mutex);
4081
4082 if (do_rfkill_exit)
4083 b43_rfkill_exit(dev);
4084
4085 return err;
4086 }
4087
4088 static void b43_op_stop(struct ieee80211_hw *hw)
4089 {
4090 struct b43_wl *wl = hw_to_b43_wl(hw);
4091 struct b43_wldev *dev = wl->current_dev;
4092
4093 b43_rfkill_exit(dev);
4094 cancel_work_sync(&(wl->qos_update_work));
4095 cancel_work_sync(&(wl->beacon_update_trigger));
4096
4097 mutex_lock(&wl->mutex);
4098 if (b43_status(dev) >= B43_STAT_STARTED)
4099 b43_wireless_core_stop(dev);
4100 b43_wireless_core_exit(dev);
4101 mutex_unlock(&wl->mutex);
4102 }
4103
4104 static int b43_op_set_retry_limit(struct ieee80211_hw *hw,
4105 u32 short_retry_limit, u32 long_retry_limit)
4106 {
4107 struct b43_wl *wl = hw_to_b43_wl(hw);
4108 struct b43_wldev *dev;
4109 int err = 0;
4110
4111 mutex_lock(&wl->mutex);
4112 dev = wl->current_dev;
4113 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED))) {
4114 err = -ENODEV;
4115 goto out_unlock;
4116 }
4117 b43_set_retry_limits(dev, short_retry_limit, long_retry_limit);
4118 out_unlock:
4119 mutex_unlock(&wl->mutex);
4120
4121 return err;
4122 }
4123
4124 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw, int aid, int set)
4125 {
4126 struct b43_wl *wl = hw_to_b43_wl(hw);
4127 struct sk_buff *beacon;
4128 unsigned long flags;
4129 struct ieee80211_tx_control txctl;
4130
4131 /* We could modify the existing beacon and set the aid bit in
4132 * the TIM field, but that would probably require resizing and
4133 * moving of data within the beacon template.
4134 * Simply request a new beacon and let mac80211 do the hard work. */
4135 beacon = ieee80211_beacon_get(hw, wl->vif, &txctl);
4136 if (unlikely(!beacon))
4137 return -ENOMEM;
4138 spin_lock_irqsave(&wl->irq_lock, flags);
4139 b43_update_templates(wl, beacon, &txctl);
4140 spin_unlock_irqrestore(&wl->irq_lock, flags);
4141
4142 return 0;
4143 }
4144
4145 static int b43_op_ibss_beacon_update(struct ieee80211_hw *hw,
4146 struct sk_buff *beacon,
4147 struct ieee80211_tx_control *ctl)
4148 {
4149 struct b43_wl *wl = hw_to_b43_wl(hw);
4150 unsigned long flags;
4151
4152 spin_lock_irqsave(&wl->irq_lock, flags);
4153 b43_update_templates(wl, beacon, ctl);
4154 spin_unlock_irqrestore(&wl->irq_lock, flags);
4155
4156 return 0;
4157 }
4158
4159 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4160 struct ieee80211_vif *vif,
4161 enum sta_notify_cmd notify_cmd,
4162 const u8 *addr)
4163 {
4164 struct b43_wl *wl = hw_to_b43_wl(hw);
4165
4166 B43_WARN_ON(!vif || wl->vif != vif);
4167 }
4168
4169 static const struct ieee80211_ops b43_hw_ops = {
4170 .tx = b43_op_tx,
4171 .conf_tx = b43_op_conf_tx,
4172 .add_interface = b43_op_add_interface,
4173 .remove_interface = b43_op_remove_interface,
4174 .config = b43_op_config,
4175 .config_interface = b43_op_config_interface,
4176 .configure_filter = b43_op_configure_filter,
4177 .set_key = b43_op_set_key,
4178 .get_stats = b43_op_get_stats,
4179 .get_tx_stats = b43_op_get_tx_stats,
4180 .start = b43_op_start,
4181 .stop = b43_op_stop,
4182 .set_retry_limit = b43_op_set_retry_limit,
4183 .set_tim = b43_op_beacon_set_tim,
4184 .beacon_update = b43_op_ibss_beacon_update,
4185 .sta_notify = b43_op_sta_notify,
4186 };
4187
4188 /* Hard-reset the chip. Do not call this directly.
4189 * Use b43_controller_restart()
4190 */
4191 static void b43_chip_reset(struct work_struct *work)
4192 {
4193 struct b43_wldev *dev =
4194 container_of(work, struct b43_wldev, restart_work);
4195 struct b43_wl *wl = dev->wl;
4196 int err = 0;
4197 int prev_status;
4198
4199 mutex_lock(&wl->mutex);
4200
4201 prev_status = b43_status(dev);
4202 /* Bring the device down... */
4203 if (prev_status >= B43_STAT_STARTED)
4204 b43_wireless_core_stop(dev);
4205 if (prev_status >= B43_STAT_INITIALIZED)
4206 b43_wireless_core_exit(dev);
4207
4208 /* ...and up again. */
4209 if (prev_status >= B43_STAT_INITIALIZED) {
4210 err = b43_wireless_core_init(dev);
4211 if (err)
4212 goto out;
4213 }
4214 if (prev_status >= B43_STAT_STARTED) {
4215 err = b43_wireless_core_start(dev);
4216 if (err) {
4217 b43_wireless_core_exit(dev);
4218 goto out;
4219 }
4220 }
4221 out:
4222 mutex_unlock(&wl->mutex);
4223 if (err)
4224 b43err(wl, "Controller restart FAILED\n");
4225 else
4226 b43info(wl, "Controller restarted\n");
4227 }
4228
4229 static int b43_setup_bands(struct b43_wldev *dev,
4230 bool have_2ghz_phy, bool have_5ghz_phy)
4231 {
4232 struct ieee80211_hw *hw = dev->wl->hw;
4233
4234 if (have_2ghz_phy)
4235 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4236 if (dev->phy.type == B43_PHYTYPE_N) {
4237 if (have_5ghz_phy)
4238 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4239 } else {
4240 if (have_5ghz_phy)
4241 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4242 }
4243
4244 dev->phy.supports_2ghz = have_2ghz_phy;
4245 dev->phy.supports_5ghz = have_5ghz_phy;
4246
4247 return 0;
4248 }
4249
4250 static void b43_wireless_core_detach(struct b43_wldev *dev)
4251 {
4252 /* We release firmware that late to not be required to re-request
4253 * is all the time when we reinit the core. */
4254 b43_release_firmware(dev);
4255 }
4256
4257 static int b43_wireless_core_attach(struct b43_wldev *dev)
4258 {
4259 struct b43_wl *wl = dev->wl;
4260 struct ssb_bus *bus = dev->dev->bus;
4261 struct pci_dev *pdev = bus->host_pci;
4262 int err;
4263 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4264 u32 tmp;
4265
4266 /* Do NOT do any device initialization here.
4267 * Do it in wireless_core_init() instead.
4268 * This function is for gathering basic information about the HW, only.
4269 * Also some structs may be set up here. But most likely you want to have
4270 * that in core_init(), too.
4271 */
4272
4273 err = ssb_bus_powerup(bus, 0);
4274 if (err) {
4275 b43err(wl, "Bus powerup failed\n");
4276 goto out;
4277 }
4278 /* Get the PHY type. */
4279 if (dev->dev->id.revision >= 5) {
4280 u32 tmshigh;
4281
4282 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
4283 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4284 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4285 } else
4286 B43_WARN_ON(1);
4287
4288 dev->phy.gmode = have_2ghz_phy;
4289 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4290 b43_wireless_core_reset(dev, tmp);
4291
4292 err = b43_phy_versioning(dev);
4293 if (err)
4294 goto err_powerdown;
4295 /* Check if this device supports multiband. */
4296 if (!pdev ||
4297 (pdev->device != 0x4312 &&
4298 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4299 /* No multiband support. */
4300 have_2ghz_phy = 0;
4301 have_5ghz_phy = 0;
4302 switch (dev->phy.type) {
4303 case B43_PHYTYPE_A:
4304 have_5ghz_phy = 1;
4305 break;
4306 case B43_PHYTYPE_G:
4307 case B43_PHYTYPE_N:
4308 have_2ghz_phy = 1;
4309 break;
4310 default:
4311 B43_WARN_ON(1);
4312 }
4313 }
4314 if (dev->phy.type == B43_PHYTYPE_A) {
4315 /* FIXME */
4316 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4317 err = -EOPNOTSUPP;
4318 goto err_powerdown;
4319 }
4320 dev->phy.gmode = have_2ghz_phy;
4321 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4322 b43_wireless_core_reset(dev, tmp);
4323
4324 err = b43_validate_chipaccess(dev);
4325 if (err)
4326 goto err_powerdown;
4327 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4328 if (err)
4329 goto err_powerdown;
4330
4331 /* Now set some default "current_dev" */
4332 if (!wl->current_dev)
4333 wl->current_dev = dev;
4334 INIT_WORK(&dev->restart_work, b43_chip_reset);
4335
4336 b43_radio_turn_off(dev, 1);
4337 b43_switch_analog(dev, 0);
4338 ssb_device_disable(dev->dev, 0);
4339 ssb_bus_may_powerdown(bus);
4340
4341 out:
4342 return err;
4343
4344 err_powerdown:
4345 ssb_bus_may_powerdown(bus);
4346 return err;
4347 }
4348
4349 static void b43_one_core_detach(struct ssb_device *dev)
4350 {
4351 struct b43_wldev *wldev;
4352 struct b43_wl *wl;
4353
4354 wldev = ssb_get_drvdata(dev);
4355 wl = wldev->wl;
4356 cancel_work_sync(&wldev->restart_work);
4357 b43_debugfs_remove_device(wldev);
4358 b43_wireless_core_detach(wldev);
4359 list_del(&wldev->list);
4360 wl->nr_devs--;
4361 ssb_set_drvdata(dev, NULL);
4362 kfree(wldev);
4363 }
4364
4365 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4366 {
4367 struct b43_wldev *wldev;
4368 struct pci_dev *pdev;
4369 int err = -ENOMEM;
4370
4371 if (!list_empty(&wl->devlist)) {
4372 /* We are not the first core on this chip. */
4373 pdev = dev->bus->host_pci;
4374 /* Only special chips support more than one wireless
4375 * core, although some of the other chips have more than
4376 * one wireless core as well. Check for this and
4377 * bail out early.
4378 */
4379 if (!pdev ||
4380 ((pdev->device != 0x4321) &&
4381 (pdev->device != 0x4313) && (pdev->device != 0x431A))) {
4382 b43dbg(wl, "Ignoring unconnected 802.11 core\n");
4383 return -ENODEV;
4384 }
4385 }
4386
4387 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4388 if (!wldev)
4389 goto out;
4390
4391 wldev->dev = dev;
4392 wldev->wl = wl;
4393 b43_set_status(wldev, B43_STAT_UNINIT);
4394 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4395 tasklet_init(&wldev->isr_tasklet,
4396 (void (*)(unsigned long))b43_interrupt_tasklet,
4397 (unsigned long)wldev);
4398 INIT_LIST_HEAD(&wldev->list);
4399
4400 err = b43_wireless_core_attach(wldev);
4401 if (err)
4402 goto err_kfree_wldev;
4403
4404 list_add(&wldev->list, &wl->devlist);
4405 wl->nr_devs++;
4406 ssb_set_drvdata(dev, wldev);
4407 b43_debugfs_add_device(wldev);
4408
4409 out:
4410 return err;
4411
4412 err_kfree_wldev:
4413 kfree(wldev);
4414 return err;
4415 }
4416
4417 static void b43_sprom_fixup(struct ssb_bus *bus)
4418 {
4419 /* boardflags workarounds */
4420 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4421 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4422 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4423 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4424 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4425 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4426 }
4427
4428 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4429 {
4430 struct ieee80211_hw *hw = wl->hw;
4431
4432 ssb_set_devtypedata(dev, NULL);
4433 ieee80211_free_hw(hw);
4434 }
4435
4436 static int b43_wireless_init(struct ssb_device *dev)
4437 {
4438 struct ssb_sprom *sprom = &dev->bus->sprom;
4439 struct ieee80211_hw *hw;
4440 struct b43_wl *wl;
4441 int err = -ENOMEM;
4442
4443 b43_sprom_fixup(dev->bus);
4444
4445 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4446 if (!hw) {
4447 b43err(NULL, "Could not allocate ieee80211 device\n");
4448 goto out;
4449 }
4450
4451 /* fill hw info */
4452 hw->flags = IEEE80211_HW_HOST_GEN_BEACON_TEMPLATE |
4453 IEEE80211_HW_RX_INCLUDES_FCS;
4454 hw->max_signal = 100;
4455 hw->max_rssi = -110;
4456 hw->max_noise = -110;
4457 hw->queues = b43_modparam_qos ? 4 : 1;
4458 SET_IEEE80211_DEV(hw, dev->dev);
4459 if (is_valid_ether_addr(sprom->et1mac))
4460 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4461 else
4462 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4463
4464 /* Get and initialize struct b43_wl */
4465 wl = hw_to_b43_wl(hw);
4466 memset(wl, 0, sizeof(*wl));
4467 wl->hw = hw;
4468 spin_lock_init(&wl->irq_lock);
4469 spin_lock_init(&wl->leds_lock);
4470 spin_lock_init(&wl->shm_lock);
4471 mutex_init(&wl->mutex);
4472 INIT_LIST_HEAD(&wl->devlist);
4473 INIT_WORK(&wl->qos_update_work, b43_qos_update_work);
4474 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4475
4476 ssb_set_devtypedata(dev, wl);
4477 b43info(wl, "Broadcom %04X WLAN found\n", dev->bus->chip_id);
4478 err = 0;
4479 out:
4480 return err;
4481 }
4482
4483 static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4484 {
4485 struct b43_wl *wl;
4486 int err;
4487 int first = 0;
4488
4489 wl = ssb_get_devtypedata(dev);
4490 if (!wl) {
4491 /* Probing the first core. Must setup common struct b43_wl */
4492 first = 1;
4493 err = b43_wireless_init(dev);
4494 if (err)
4495 goto out;
4496 wl = ssb_get_devtypedata(dev);
4497 B43_WARN_ON(!wl);
4498 }
4499 err = b43_one_core_attach(dev, wl);
4500 if (err)
4501 goto err_wireless_exit;
4502
4503 if (first) {
4504 err = ieee80211_register_hw(wl->hw);
4505 if (err)
4506 goto err_one_core_detach;
4507 }
4508
4509 out:
4510 return err;
4511
4512 err_one_core_detach:
4513 b43_one_core_detach(dev);
4514 err_wireless_exit:
4515 if (first)
4516 b43_wireless_exit(dev, wl);
4517 return err;
4518 }
4519
4520 static void b43_remove(struct ssb_device *dev)
4521 {
4522 struct b43_wl *wl = ssb_get_devtypedata(dev);
4523 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4524
4525 B43_WARN_ON(!wl);
4526 if (wl->current_dev == wldev)
4527 ieee80211_unregister_hw(wl->hw);
4528
4529 b43_one_core_detach(dev);
4530
4531 if (list_empty(&wl->devlist)) {
4532 /* Last core on the chip unregistered.
4533 * We can destroy common struct b43_wl.
4534 */
4535 b43_wireless_exit(dev, wl);
4536 }
4537 }
4538
4539 /* Perform a hardware reset. This can be called from any context. */
4540 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
4541 {
4542 /* Must avoid requeueing, if we are in shutdown. */
4543 if (b43_status(dev) < B43_STAT_INITIALIZED)
4544 return;
4545 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
4546 queue_work(dev->wl->hw->workqueue, &dev->restart_work);
4547 }
4548
4549 #ifdef CONFIG_PM
4550
4551 static int b43_suspend(struct ssb_device *dev, pm_message_t state)
4552 {
4553 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4554 struct b43_wl *wl = wldev->wl;
4555
4556 b43dbg(wl, "Suspending...\n");
4557
4558 mutex_lock(&wl->mutex);
4559 wldev->suspend_in_progress = true;
4560 wldev->suspend_init_status = b43_status(wldev);
4561 if (wldev->suspend_init_status >= B43_STAT_STARTED)
4562 b43_wireless_core_stop(wldev);
4563 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED)
4564 b43_wireless_core_exit(wldev);
4565 mutex_unlock(&wl->mutex);
4566
4567 b43dbg(wl, "Device suspended.\n");
4568
4569 return 0;
4570 }
4571
4572 static int b43_resume(struct ssb_device *dev)
4573 {
4574 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4575 struct b43_wl *wl = wldev->wl;
4576 int err = 0;
4577
4578 b43dbg(wl, "Resuming...\n");
4579
4580 mutex_lock(&wl->mutex);
4581 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) {
4582 err = b43_wireless_core_init(wldev);
4583 if (err) {
4584 b43err(wl, "Resume failed at core init\n");
4585 goto out;
4586 }
4587 }
4588 if (wldev->suspend_init_status >= B43_STAT_STARTED) {
4589 err = b43_wireless_core_start(wldev);
4590 if (err) {
4591 b43_leds_exit(wldev);
4592 b43_rng_exit(wldev->wl);
4593 b43_wireless_core_exit(wldev);
4594 b43err(wl, "Resume failed at core start\n");
4595 goto out;
4596 }
4597 }
4598 b43dbg(wl, "Device resumed.\n");
4599 out:
4600 wldev->suspend_in_progress = false;
4601 mutex_unlock(&wl->mutex);
4602 return err;
4603 }
4604
4605 #else /* CONFIG_PM */
4606 # define b43_suspend NULL
4607 # define b43_resume NULL
4608 #endif /* CONFIG_PM */
4609
4610 static struct ssb_driver b43_ssb_driver = {
4611 .name = KBUILD_MODNAME,
4612 .id_table = b43_ssb_tbl,
4613 .probe = b43_probe,
4614 .remove = b43_remove,
4615 .suspend = b43_suspend,
4616 .resume = b43_resume,
4617 };
4618
4619 static void b43_print_driverinfo(void)
4620 {
4621 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
4622 *feat_leds = "", *feat_rfkill = "";
4623
4624 #ifdef CONFIG_B43_PCI_AUTOSELECT
4625 feat_pci = "P";
4626 #endif
4627 #ifdef CONFIG_B43_PCMCIA
4628 feat_pcmcia = "M";
4629 #endif
4630 #ifdef CONFIG_B43_NPHY
4631 feat_nphy = "N";
4632 #endif
4633 #ifdef CONFIG_B43_LEDS
4634 feat_leds = "L";
4635 #endif
4636 #ifdef CONFIG_B43_RFKILL
4637 feat_rfkill = "R";
4638 #endif
4639 printk(KERN_INFO "Broadcom 43xx driver loaded "
4640 "[ Features: %s%s%s%s%s, Firmware-ID: "
4641 B43_SUPPORTED_FIRMWARE_ID " ]\n",
4642 feat_pci, feat_pcmcia, feat_nphy,
4643 feat_leds, feat_rfkill);
4644 }
4645
4646 static int __init b43_init(void)
4647 {
4648 int err;
4649
4650 b43_debugfs_init();
4651 err = b43_pcmcia_init();
4652 if (err)
4653 goto err_dfs_exit;
4654 err = ssb_driver_register(&b43_ssb_driver);
4655 if (err)
4656 goto err_pcmcia_exit;
4657 b43_print_driverinfo();
4658
4659 return err;
4660
4661 err_pcmcia_exit:
4662 b43_pcmcia_exit();
4663 err_dfs_exit:
4664 b43_debugfs_exit();
4665 return err;
4666 }
4667
4668 static void __exit b43_exit(void)
4669 {
4670 ssb_driver_unregister(&b43_ssb_driver);
4671 b43_pcmcia_exit();
4672 b43_debugfs_exit();
4673 }
4674
4675 module_init(b43_init)
4676 module_exit(b43_exit)
kernel source for telekom puls (alcatel/mediatek)