3 Broadcom B43 wireless driver
5 Copyright (c) 2005 Martin Langer <martin-langer@gmx.de>
6 Copyright (c) 2005 Stefano Brivio <stefano.brivio@polimi.it>
7 Copyright (c) 2005-2009 Michael Buesch <mb@bu3sch.de>
8 Copyright (c) 2005 Danny van Dyk <kugelfang@gentoo.org>
9 Copyright (c) 2005 Andreas Jaggi <andreas.jaggi@waterwave.ch>
11 Some parts of the code in this file are derived from the ipw2200
12 driver Copyright(c) 2003 - 2004 Intel Corporation.
14 This program is free software; you can redistribute it and/or modify
15 it under the terms of the GNU General Public License as published by
16 the Free Software Foundation; either version 2 of the License, or
17 (at your option) any later version.
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 GNU General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program; see the file COPYING. If not, write to
26 the Free Software Foundation, Inc., 51 Franklin Steet, Fifth Floor,
27 Boston, MA 02110-1301, USA.
31 #include <linux/delay.h>
32 #include <linux/init.h>
33 #include <linux/moduleparam.h>
34 #include <linux/if_arp.h>
35 #include <linux/etherdevice.h>
36 #include <linux/firmware.h>
37 #include <linux/wireless.h>
38 #include <linux/workqueue.h>
39 #include <linux/skbuff.h>
41 #include <linux/dma-mapping.h>
42 #include <asm/unaligned.h>
47 #include "phy_common.h"
57 MODULE_DESCRIPTION("Broadcom B43 wireless driver");
58 MODULE_AUTHOR("Martin Langer");
59 MODULE_AUTHOR("Stefano Brivio");
60 MODULE_AUTHOR("Michael Buesch");
61 MODULE_AUTHOR("Gábor Stefanik");
62 MODULE_LICENSE("GPL");
64 MODULE_FIRMWARE(B43_SUPPORTED_FIRMWARE_ID);
67 static int modparam_bad_frames_preempt;
68 module_param_named(bad_frames_preempt, modparam_bad_frames_preempt, int, 0444);
69 MODULE_PARM_DESC(bad_frames_preempt,
70 "enable(1) / disable(0) Bad Frames Preemption");
72 static char modparam_fwpostfix[16];
73 module_param_string(fwpostfix, modparam_fwpostfix, 16, 0444);
74 MODULE_PARM_DESC(fwpostfix, "Postfix for the .fw files to load.");
76 static int modparam_hwpctl;
77 module_param_named(hwpctl, modparam_hwpctl, int, 0444);
78 MODULE_PARM_DESC(hwpctl, "Enable hardware-side power control (default off)");
80 static int modparam_nohwcrypt;
81 module_param_named(nohwcrypt, modparam_nohwcrypt, int, 0444);
82 MODULE_PARM_DESC(nohwcrypt, "Disable hardware encryption.");
84 static int modparam_hwtkip;
85 module_param_named(hwtkip, modparam_hwtkip, int, 0444);
86 MODULE_PARM_DESC(hwtkip, "Enable hardware tkip.");
88 static int modparam_qos = 1;
89 module_param_named(qos, modparam_qos, int, 0444);
90 MODULE_PARM_DESC(qos, "Enable QOS support (default on)");
92 static int modparam_btcoex = 1;
93 module_param_named(btcoex, modparam_btcoex, int, 0444);
94 MODULE_PARM_DESC(btcoex, "Enable Bluetooth coexistence (default on)");
96 int b43_modparam_verbose = B43_VERBOSITY_DEFAULT;
97 module_param_named(verbose, b43_modparam_verbose, int, 0644);
98 MODULE_PARM_DESC(verbose, "Log message verbosity: 0=error, 1=warn, 2=info(default), 3=debug");
101 static const struct ssb_device_id b43_ssb_tbl[] = {
102 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 5),
103 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 6),
104 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 7),
105 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 9),
106 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 10),
107 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 11),
108 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 13),
109 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 15),
110 SSB_DEVICE(SSB_VENDOR_BROADCOM, SSB_DEV_80211, 16),
114 MODULE_DEVICE_TABLE(ssb, b43_ssb_tbl);
116 /* Channel and ratetables are shared for all devices.
117 * They can't be const, because ieee80211 puts some precalculated
118 * data in there. This data is the same for all devices, so we don't
119 * get concurrency issues */
120 #define RATETAB_ENT(_rateid, _flags) \
122 .bitrate = B43_RATE_TO_BASE100KBPS(_rateid), \
123 .hw_value = (_rateid), \
128 * NOTE: When changing this, sync with xmit.c's
129 * b43_plcp_get_bitrate_idx_* functions!
131 static struct ieee80211_rate __b43_ratetable[] = {
132 RATETAB_ENT(B43_CCK_RATE_1MB, 0),
133 RATETAB_ENT(B43_CCK_RATE_2MB, IEEE80211_RATE_SHORT_PREAMBLE),
134 RATETAB_ENT(B43_CCK_RATE_5MB, IEEE80211_RATE_SHORT_PREAMBLE),
135 RATETAB_ENT(B43_CCK_RATE_11MB, IEEE80211_RATE_SHORT_PREAMBLE),
136 RATETAB_ENT(B43_OFDM_RATE_6MB, 0),
137 RATETAB_ENT(B43_OFDM_RATE_9MB, 0),
138 RATETAB_ENT(B43_OFDM_RATE_12MB, 0),
139 RATETAB_ENT(B43_OFDM_RATE_18MB, 0),
140 RATETAB_ENT(B43_OFDM_RATE_24MB, 0),
141 RATETAB_ENT(B43_OFDM_RATE_36MB, 0),
142 RATETAB_ENT(B43_OFDM_RATE_48MB, 0),
143 RATETAB_ENT(B43_OFDM_RATE_54MB, 0),
146 #define b43_a_ratetable (__b43_ratetable + 4)
147 #define b43_a_ratetable_size 8
148 #define b43_b_ratetable (__b43_ratetable + 0)
149 #define b43_b_ratetable_size 4
150 #define b43_g_ratetable (__b43_ratetable + 0)
151 #define b43_g_ratetable_size 12
153 #define CHAN4G(_channel, _freq, _flags) { \
154 .band = IEEE80211_BAND_2GHZ, \
155 .center_freq = (_freq), \
156 .hw_value = (_channel), \
158 .max_antenna_gain = 0, \
161 static struct ieee80211_channel b43_2ghz_chantable[] = {
179 #define CHAN5G(_channel, _flags) { \
180 .band = IEEE80211_BAND_5GHZ, \
181 .center_freq = 5000 + (5 * (_channel)), \
182 .hw_value = (_channel), \
184 .max_antenna_gain = 0, \
187 static struct ieee80211_channel b43_5ghz_nphy_chantable[] = {
188 CHAN5G(32, 0), CHAN5G(34, 0),
189 CHAN5G(36, 0), CHAN5G(38, 0),
190 CHAN5G(40, 0), CHAN5G(42, 0),
191 CHAN5G(44, 0), CHAN5G(46, 0),
192 CHAN5G(48, 0), CHAN5G(50, 0),
193 CHAN5G(52, 0), CHAN5G(54, 0),
194 CHAN5G(56, 0), CHAN5G(58, 0),
195 CHAN5G(60, 0), CHAN5G(62, 0),
196 CHAN5G(64, 0), CHAN5G(66, 0),
197 CHAN5G(68, 0), CHAN5G(70, 0),
198 CHAN5G(72, 0), CHAN5G(74, 0),
199 CHAN5G(76, 0), CHAN5G(78, 0),
200 CHAN5G(80, 0), CHAN5G(82, 0),
201 CHAN5G(84, 0), CHAN5G(86, 0),
202 CHAN5G(88, 0), CHAN5G(90, 0),
203 CHAN5G(92, 0), CHAN5G(94, 0),
204 CHAN5G(96, 0), CHAN5G(98, 0),
205 CHAN5G(100, 0), CHAN5G(102, 0),
206 CHAN5G(104, 0), CHAN5G(106, 0),
207 CHAN5G(108, 0), CHAN5G(110, 0),
208 CHAN5G(112, 0), CHAN5G(114, 0),
209 CHAN5G(116, 0), CHAN5G(118, 0),
210 CHAN5G(120, 0), CHAN5G(122, 0),
211 CHAN5G(124, 0), CHAN5G(126, 0),
212 CHAN5G(128, 0), CHAN5G(130, 0),
213 CHAN5G(132, 0), CHAN5G(134, 0),
214 CHAN5G(136, 0), CHAN5G(138, 0),
215 CHAN5G(140, 0), CHAN5G(142, 0),
216 CHAN5G(144, 0), CHAN5G(145, 0),
217 CHAN5G(146, 0), CHAN5G(147, 0),
218 CHAN5G(148, 0), CHAN5G(149, 0),
219 CHAN5G(150, 0), CHAN5G(151, 0),
220 CHAN5G(152, 0), CHAN5G(153, 0),
221 CHAN5G(154, 0), CHAN5G(155, 0),
222 CHAN5G(156, 0), CHAN5G(157, 0),
223 CHAN5G(158, 0), CHAN5G(159, 0),
224 CHAN5G(160, 0), CHAN5G(161, 0),
225 CHAN5G(162, 0), CHAN5G(163, 0),
226 CHAN5G(164, 0), CHAN5G(165, 0),
227 CHAN5G(166, 0), CHAN5G(168, 0),
228 CHAN5G(170, 0), CHAN5G(172, 0),
229 CHAN5G(174, 0), CHAN5G(176, 0),
230 CHAN5G(178, 0), CHAN5G(180, 0),
231 CHAN5G(182, 0), CHAN5G(184, 0),
232 CHAN5G(186, 0), CHAN5G(188, 0),
233 CHAN5G(190, 0), CHAN5G(192, 0),
234 CHAN5G(194, 0), CHAN5G(196, 0),
235 CHAN5G(198, 0), CHAN5G(200, 0),
236 CHAN5G(202, 0), CHAN5G(204, 0),
237 CHAN5G(206, 0), CHAN5G(208, 0),
238 CHAN5G(210, 0), CHAN5G(212, 0),
239 CHAN5G(214, 0), CHAN5G(216, 0),
240 CHAN5G(218, 0), CHAN5G(220, 0),
241 CHAN5G(222, 0), CHAN5G(224, 0),
242 CHAN5G(226, 0), CHAN5G(228, 0),
245 static struct ieee80211_channel b43_5ghz_aphy_chantable[] = {
246 CHAN5G(34, 0), CHAN5G(36, 0),
247 CHAN5G(38, 0), CHAN5G(40, 0),
248 CHAN5G(42, 0), CHAN5G(44, 0),
249 CHAN5G(46, 0), CHAN5G(48, 0),
250 CHAN5G(52, 0), CHAN5G(56, 0),
251 CHAN5G(60, 0), CHAN5G(64, 0),
252 CHAN5G(100, 0), CHAN5G(104, 0),
253 CHAN5G(108, 0), CHAN5G(112, 0),
254 CHAN5G(116, 0), CHAN5G(120, 0),
255 CHAN5G(124, 0), CHAN5G(128, 0),
256 CHAN5G(132, 0), CHAN5G(136, 0),
257 CHAN5G(140, 0), CHAN5G(149, 0),
258 CHAN5G(153, 0), CHAN5G(157, 0),
259 CHAN5G(161, 0), CHAN5G(165, 0),
260 CHAN5G(184, 0), CHAN5G(188, 0),
261 CHAN5G(192, 0), CHAN5G(196, 0),
262 CHAN5G(200, 0), CHAN5G(204, 0),
263 CHAN5G(208, 0), CHAN5G(212, 0),
268 static struct ieee80211_supported_band b43_band_5GHz_nphy = {
269 .band = IEEE80211_BAND_5GHZ,
270 .channels = b43_5ghz_nphy_chantable,
271 .n_channels = ARRAY_SIZE(b43_5ghz_nphy_chantable),
272 .bitrates = b43_a_ratetable,
273 .n_bitrates = b43_a_ratetable_size,
276 static struct ieee80211_supported_band b43_band_5GHz_aphy = {
277 .band = IEEE80211_BAND_5GHZ,
278 .channels = b43_5ghz_aphy_chantable,
279 .n_channels = ARRAY_SIZE(b43_5ghz_aphy_chantable),
280 .bitrates = b43_a_ratetable,
281 .n_bitrates = b43_a_ratetable_size,
284 static struct ieee80211_supported_band b43_band_2GHz = {
285 .band = IEEE80211_BAND_2GHZ,
286 .channels = b43_2ghz_chantable,
287 .n_channels = ARRAY_SIZE(b43_2ghz_chantable),
288 .bitrates = b43_g_ratetable,
289 .n_bitrates = b43_g_ratetable_size,
292 static void b43_wireless_core_exit(struct b43_wldev *dev);
293 static int b43_wireless_core_init(struct b43_wldev *dev);
294 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev);
295 static int b43_wireless_core_start(struct b43_wldev *dev);
297 static int b43_ratelimit(struct b43_wl *wl)
299 if (!wl || !wl->current_dev)
301 if (b43_status(wl->current_dev) < B43_STAT_STARTED)
303 /* We are up and running.
304 * Ratelimit the messages to avoid DoS over the net. */
305 return net_ratelimit();
308 void b43info(struct b43_wl *wl, const char *fmt, ...)
312 if (b43_modparam_verbose < B43_VERBOSITY_INFO)
314 if (!b43_ratelimit(wl))
317 printk(KERN_INFO "b43-%s: ",
318 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
323 void b43err(struct b43_wl *wl, const char *fmt, ...)
327 if (b43_modparam_verbose < B43_VERBOSITY_ERROR)
329 if (!b43_ratelimit(wl))
332 printk(KERN_ERR "b43-%s ERROR: ",
333 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
338 void b43warn(struct b43_wl *wl, const char *fmt, ...)
342 if (b43_modparam_verbose < B43_VERBOSITY_WARN)
344 if (!b43_ratelimit(wl))
347 printk(KERN_WARNING "b43-%s warning: ",
348 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
353 void b43dbg(struct b43_wl *wl, const char *fmt, ...)
357 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
360 printk(KERN_DEBUG "b43-%s debug: ",
361 (wl && wl->hw) ? wiphy_name(wl->hw->wiphy) : "wlan");
366 static void b43_ram_write(struct b43_wldev *dev, u16 offset, u32 val)
370 B43_WARN_ON(offset % 4 != 0);
372 macctl = b43_read32(dev, B43_MMIO_MACCTL);
373 if (macctl & B43_MACCTL_BE)
376 b43_write32(dev, B43_MMIO_RAM_CONTROL, offset);
378 b43_write32(dev, B43_MMIO_RAM_DATA, val);
381 static inline void b43_shm_control_word(struct b43_wldev *dev,
382 u16 routing, u16 offset)
386 /* "offset" is the WORD offset. */
390 b43_write32(dev, B43_MMIO_SHM_CONTROL, control);
393 u32 b43_shm_read32(struct b43_wldev *dev, u16 routing, u16 offset)
397 if (routing == B43_SHM_SHARED) {
398 B43_WARN_ON(offset & 0x0001);
399 if (offset & 0x0003) {
400 /* Unaligned access */
401 b43_shm_control_word(dev, routing, offset >> 2);
402 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
403 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
404 ret |= ((u32)b43_read16(dev, B43_MMIO_SHM_DATA)) << 16;
410 b43_shm_control_word(dev, routing, offset);
411 ret = b43_read32(dev, B43_MMIO_SHM_DATA);
416 u16 b43_shm_read16(struct b43_wldev *dev, u16 routing, u16 offset)
420 if (routing == B43_SHM_SHARED) {
421 B43_WARN_ON(offset & 0x0001);
422 if (offset & 0x0003) {
423 /* Unaligned access */
424 b43_shm_control_word(dev, routing, offset >> 2);
425 ret = b43_read16(dev, B43_MMIO_SHM_DATA_UNALIGNED);
431 b43_shm_control_word(dev, routing, offset);
432 ret = b43_read16(dev, B43_MMIO_SHM_DATA);
437 void b43_shm_write32(struct b43_wldev *dev, u16 routing, u16 offset, u32 value)
439 if (routing == B43_SHM_SHARED) {
440 B43_WARN_ON(offset & 0x0001);
441 if (offset & 0x0003) {
442 /* Unaligned access */
443 b43_shm_control_word(dev, routing, offset >> 2);
444 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED,
446 b43_shm_control_word(dev, routing, (offset >> 2) + 1);
447 b43_write16(dev, B43_MMIO_SHM_DATA,
448 (value >> 16) & 0xFFFF);
453 b43_shm_control_word(dev, routing, offset);
454 b43_write32(dev, B43_MMIO_SHM_DATA, value);
457 void b43_shm_write16(struct b43_wldev *dev, u16 routing, u16 offset, u16 value)
459 if (routing == B43_SHM_SHARED) {
460 B43_WARN_ON(offset & 0x0001);
461 if (offset & 0x0003) {
462 /* Unaligned access */
463 b43_shm_control_word(dev, routing, offset >> 2);
464 b43_write16(dev, B43_MMIO_SHM_DATA_UNALIGNED, value);
469 b43_shm_control_word(dev, routing, offset);
470 b43_write16(dev, B43_MMIO_SHM_DATA, value);
474 u64 b43_hf_read(struct b43_wldev *dev)
478 ret = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI);
480 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI);
482 ret |= b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO);
487 /* Write HostFlags */
488 void b43_hf_write(struct b43_wldev *dev, u64 value)
492 lo = (value & 0x00000000FFFFULL);
493 mi = (value & 0x0000FFFF0000ULL) >> 16;
494 hi = (value & 0xFFFF00000000ULL) >> 32;
495 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFLO, lo);
496 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFMI, mi);
497 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_HOSTFHI, hi);
500 /* Read the firmware capabilities bitmask (Opensource firmware only) */
501 static u16 b43_fwcapa_read(struct b43_wldev *dev)
503 B43_WARN_ON(!dev->fw.opensource);
504 return b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_FWCAPA);
507 void b43_tsf_read(struct b43_wldev *dev, u64 *tsf)
511 B43_WARN_ON(dev->dev->id.revision < 3);
513 /* The hardware guarantees us an atomic read, if we
514 * read the low register first. */
515 low = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_LOW);
516 high = b43_read32(dev, B43_MMIO_REV3PLUS_TSF_HIGH);
523 static void b43_time_lock(struct b43_wldev *dev)
527 macctl = b43_read32(dev, B43_MMIO_MACCTL);
528 macctl |= B43_MACCTL_TBTTHOLD;
529 b43_write32(dev, B43_MMIO_MACCTL, macctl);
530 /* Commit the write */
531 b43_read32(dev, B43_MMIO_MACCTL);
534 static void b43_time_unlock(struct b43_wldev *dev)
538 macctl = b43_read32(dev, B43_MMIO_MACCTL);
539 macctl &= ~B43_MACCTL_TBTTHOLD;
540 b43_write32(dev, B43_MMIO_MACCTL, macctl);
541 /* Commit the write */
542 b43_read32(dev, B43_MMIO_MACCTL);
545 static void b43_tsf_write_locked(struct b43_wldev *dev, u64 tsf)
549 B43_WARN_ON(dev->dev->id.revision < 3);
553 /* The hardware guarantees us an atomic write, if we
554 * write the low register first. */
555 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_LOW, low);
557 b43_write32(dev, B43_MMIO_REV3PLUS_TSF_HIGH, high);
561 void b43_tsf_write(struct b43_wldev *dev, u64 tsf)
564 b43_tsf_write_locked(dev, tsf);
565 b43_time_unlock(dev);
569 void b43_macfilter_set(struct b43_wldev *dev, u16 offset, const u8 *mac)
571 static const u8 zero_addr[ETH_ALEN] = { 0 };
578 b43_write16(dev, B43_MMIO_MACFILTER_CONTROL, offset);
582 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
585 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
588 b43_write16(dev, B43_MMIO_MACFILTER_DATA, data);
591 static void b43_write_mac_bssid_templates(struct b43_wldev *dev)
595 u8 mac_bssid[ETH_ALEN * 2];
599 bssid = dev->wl->bssid;
600 mac = dev->wl->mac_addr;
602 b43_macfilter_set(dev, B43_MACFILTER_BSSID, bssid);
604 memcpy(mac_bssid, mac, ETH_ALEN);
605 memcpy(mac_bssid + ETH_ALEN, bssid, ETH_ALEN);
607 /* Write our MAC address and BSSID to template ram */
608 for (i = 0; i < ARRAY_SIZE(mac_bssid); i += sizeof(u32)) {
609 tmp = (u32) (mac_bssid[i + 0]);
610 tmp |= (u32) (mac_bssid[i + 1]) << 8;
611 tmp |= (u32) (mac_bssid[i + 2]) << 16;
612 tmp |= (u32) (mac_bssid[i + 3]) << 24;
613 b43_ram_write(dev, 0x20 + i, tmp);
617 static void b43_upload_card_macaddress(struct b43_wldev *dev)
619 b43_write_mac_bssid_templates(dev);
620 b43_macfilter_set(dev, B43_MACFILTER_SELF, dev->wl->mac_addr);
623 static void b43_set_slot_time(struct b43_wldev *dev, u16 slot_time)
625 /* slot_time is in usec. */
626 if (dev->phy.type != B43_PHYTYPE_G)
628 b43_write16(dev, 0x684, 510 + slot_time);
629 b43_shm_write16(dev, B43_SHM_SHARED, 0x0010, slot_time);
632 static void b43_short_slot_timing_enable(struct b43_wldev *dev)
634 b43_set_slot_time(dev, 9);
637 static void b43_short_slot_timing_disable(struct b43_wldev *dev)
639 b43_set_slot_time(dev, 20);
642 /* DummyTransmission function, as documented on
643 * http://bcm-v4.sipsolutions.net/802.11/DummyTransmission
645 void b43_dummy_transmission(struct b43_wldev *dev, bool ofdm, bool pa_on)
647 struct b43_phy *phy = &dev->phy;
648 unsigned int i, max_loop;
660 buffer[0] = 0x000201CC;
663 buffer[0] = 0x000B846E;
666 for (i = 0; i < 5; i++)
667 b43_ram_write(dev, i * 4, buffer[i]);
669 b43_write16(dev, 0x0568, 0x0000);
670 if (dev->dev->id.revision < 11)
671 b43_write16(dev, 0x07C0, 0x0000);
673 b43_write16(dev, 0x07C0, 0x0100);
674 value = (ofdm ? 0x41 : 0x40);
675 b43_write16(dev, 0x050C, value);
676 if ((phy->type == B43_PHYTYPE_N) || (phy->type == B43_PHYTYPE_LP))
677 b43_write16(dev, 0x0514, 0x1A02);
678 b43_write16(dev, 0x0508, 0x0000);
679 b43_write16(dev, 0x050A, 0x0000);
680 b43_write16(dev, 0x054C, 0x0000);
681 b43_write16(dev, 0x056A, 0x0014);
682 b43_write16(dev, 0x0568, 0x0826);
683 b43_write16(dev, 0x0500, 0x0000);
684 if (!pa_on && (phy->type == B43_PHYTYPE_N)) {
690 b43_write16(dev, 0x0502, 0x00D0);
693 b43_write16(dev, 0x0502, 0x0050);
696 b43_write16(dev, 0x0502, 0x0030);
699 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
700 b43_radio_write16(dev, 0x0051, 0x0017);
701 for (i = 0x00; i < max_loop; i++) {
702 value = b43_read16(dev, 0x050E);
707 for (i = 0x00; i < 0x0A; i++) {
708 value = b43_read16(dev, 0x050E);
713 for (i = 0x00; i < 0x19; i++) {
714 value = b43_read16(dev, 0x0690);
715 if (!(value & 0x0100))
719 if (phy->radio_ver == 0x2050 && phy->radio_rev <= 0x5)
720 b43_radio_write16(dev, 0x0051, 0x0037);
723 static void key_write(struct b43_wldev *dev,
724 u8 index, u8 algorithm, const u8 *key)
731 /* Key index/algo block */
732 kidx = b43_kidx_to_fw(dev, index);
733 value = ((kidx << 4) | algorithm);
734 b43_shm_write16(dev, B43_SHM_SHARED,
735 B43_SHM_SH_KEYIDXBLOCK + (kidx * 2), value);
737 /* Write the key to the Key Table Pointer offset */
738 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
739 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
741 value |= (u16) (key[i + 1]) << 8;
742 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, value);
746 static void keymac_write(struct b43_wldev *dev, u8 index, const u8 *addr)
748 u32 addrtmp[2] = { 0, 0, };
749 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
751 if (b43_new_kidx_api(dev))
752 pairwise_keys_start = B43_NR_GROUP_KEYS;
754 B43_WARN_ON(index < pairwise_keys_start);
755 /* We have four default TX keys and possibly four default RX keys.
756 * Physical mac 0 is mapped to physical key 4 or 8, depending
757 * on the firmware version.
758 * So we must adjust the index here.
760 index -= pairwise_keys_start;
761 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
764 addrtmp[0] = addr[0];
765 addrtmp[0] |= ((u32) (addr[1]) << 8);
766 addrtmp[0] |= ((u32) (addr[2]) << 16);
767 addrtmp[0] |= ((u32) (addr[3]) << 24);
768 addrtmp[1] = addr[4];
769 addrtmp[1] |= ((u32) (addr[5]) << 8);
772 /* Receive match transmitter address (RCMTA) mechanism */
773 b43_shm_write32(dev, B43_SHM_RCMTA,
774 (index * 2) + 0, addrtmp[0]);
775 b43_shm_write16(dev, B43_SHM_RCMTA,
776 (index * 2) + 1, addrtmp[1]);
779 /* The ucode will use phase1 key with TEK key to decrypt rx packets.
780 * When a packet is received, the iv32 is checked.
781 * - if it doesn't the packet is returned without modification (and software
782 * decryption can be done). That's what happen when iv16 wrap.
783 * - if it does, the rc4 key is computed, and decryption is tried.
784 * Either it will success and B43_RX_MAC_DEC is returned,
785 * either it fails and B43_RX_MAC_DEC|B43_RX_MAC_DECERR is returned
786 * and the packet is not usable (it got modified by the ucode).
787 * So in order to never have B43_RX_MAC_DECERR, we should provide
788 * a iv32 and phase1key that match. Because we drop packets in case of
789 * B43_RX_MAC_DECERR, if we have a correct iv32 but a wrong phase1key, all
790 * packets will be lost without higher layer knowing (ie no resync possible
793 * NOTE : this should support 50 key like RCMTA because
794 * (B43_SHM_SH_KEYIDXBLOCK - B43_SHM_SH_TKIPTSCTTAK)/14 = 50
796 static void rx_tkip_phase1_write(struct b43_wldev *dev, u8 index, u32 iv32,
801 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
803 if (!modparam_hwtkip)
806 if (b43_new_kidx_api(dev))
807 pairwise_keys_start = B43_NR_GROUP_KEYS;
809 B43_WARN_ON(index < pairwise_keys_start);
810 /* We have four default TX keys and possibly four default RX keys.
811 * Physical mac 0 is mapped to physical key 4 or 8, depending
812 * on the firmware version.
813 * So we must adjust the index here.
815 index -= pairwise_keys_start;
816 B43_WARN_ON(index >= B43_NR_PAIRWISE_KEYS);
818 if (b43_debug(dev, B43_DBG_KEYS)) {
819 b43dbg(dev->wl, "rx_tkip_phase1_write : idx 0x%x, iv32 0x%x\n",
822 /* Write the key to the RX tkip shared mem */
823 offset = B43_SHM_SH_TKIPTSCTTAK + index * (10 + 4);
824 for (i = 0; i < 10; i += 2) {
825 b43_shm_write16(dev, B43_SHM_SHARED, offset + i,
826 phase1key ? phase1key[i / 2] : 0);
828 b43_shm_write16(dev, B43_SHM_SHARED, offset + i, iv32);
829 b43_shm_write16(dev, B43_SHM_SHARED, offset + i + 2, iv32 >> 16);
832 static void b43_op_update_tkip_key(struct ieee80211_hw *hw,
833 struct ieee80211_key_conf *keyconf, const u8 *addr,
834 u32 iv32, u16 *phase1key)
836 struct b43_wl *wl = hw_to_b43_wl(hw);
837 struct b43_wldev *dev;
838 int index = keyconf->hw_key_idx;
840 if (B43_WARN_ON(!modparam_hwtkip))
843 mutex_lock(&wl->mutex);
845 dev = wl->current_dev;
846 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
849 keymac_write(dev, index, NULL); /* First zero out mac to avoid race */
851 rx_tkip_phase1_write(dev, index, iv32, phase1key);
852 keymac_write(dev, index, addr);
855 mutex_unlock(&wl->mutex);
858 static void do_key_write(struct b43_wldev *dev,
859 u8 index, u8 algorithm,
860 const u8 *key, size_t key_len, const u8 *mac_addr)
862 u8 buf[B43_SEC_KEYSIZE] = { 0, };
863 u8 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
865 if (b43_new_kidx_api(dev))
866 pairwise_keys_start = B43_NR_GROUP_KEYS;
868 B43_WARN_ON(index >= ARRAY_SIZE(dev->key));
869 B43_WARN_ON(key_len > B43_SEC_KEYSIZE);
871 if (index >= pairwise_keys_start)
872 keymac_write(dev, index, NULL); /* First zero out mac. */
873 if (algorithm == B43_SEC_ALGO_TKIP) {
875 * We should provide an initial iv32, phase1key pair.
876 * We could start with iv32=0 and compute the corresponding
877 * phase1key, but this means calling ieee80211_get_tkip_key
878 * with a fake skb (or export other tkip function).
879 * Because we are lazy we hope iv32 won't start with
880 * 0xffffffff and let's b43_op_update_tkip_key provide a
883 rx_tkip_phase1_write(dev, index, 0xffffffff, (u16*)buf);
884 } else if (index >= pairwise_keys_start) /* clear it */
885 rx_tkip_phase1_write(dev, index, 0, NULL);
887 memcpy(buf, key, key_len);
888 key_write(dev, index, algorithm, buf);
889 if (index >= pairwise_keys_start)
890 keymac_write(dev, index, mac_addr);
892 dev->key[index].algorithm = algorithm;
895 static int b43_key_write(struct b43_wldev *dev,
896 int index, u8 algorithm,
897 const u8 *key, size_t key_len,
899 struct ieee80211_key_conf *keyconf)
902 int pairwise_keys_start;
904 /* For ALG_TKIP the key is encoded as a 256-bit (32 byte) data block:
905 * - Temporal Encryption Key (128 bits)
906 * - Temporal Authenticator Tx MIC Key (64 bits)
907 * - Temporal Authenticator Rx MIC Key (64 bits)
909 * Hardware only store TEK
911 if (algorithm == B43_SEC_ALGO_TKIP && key_len == 32)
913 if (key_len > B43_SEC_KEYSIZE)
915 for (i = 0; i < ARRAY_SIZE(dev->key); i++) {
916 /* Check that we don't already have this key. */
917 B43_WARN_ON(dev->key[i].keyconf == keyconf);
920 /* Pairwise key. Get an empty slot for the key. */
921 if (b43_new_kidx_api(dev))
922 pairwise_keys_start = B43_NR_GROUP_KEYS;
924 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
925 for (i = pairwise_keys_start;
926 i < pairwise_keys_start + B43_NR_PAIRWISE_KEYS;
928 B43_WARN_ON(i >= ARRAY_SIZE(dev->key));
929 if (!dev->key[i].keyconf) {
936 b43warn(dev->wl, "Out of hardware key memory\n");
940 B43_WARN_ON(index > 3);
942 do_key_write(dev, index, algorithm, key, key_len, mac_addr);
943 if ((index <= 3) && !b43_new_kidx_api(dev)) {
945 B43_WARN_ON(mac_addr);
946 do_key_write(dev, index + 4, algorithm, key, key_len, NULL);
948 keyconf->hw_key_idx = index;
949 dev->key[index].keyconf = keyconf;
954 static int b43_key_clear(struct b43_wldev *dev, int index)
956 if (B43_WARN_ON((index < 0) || (index >= ARRAY_SIZE(dev->key))))
958 do_key_write(dev, index, B43_SEC_ALGO_NONE,
959 NULL, B43_SEC_KEYSIZE, NULL);
960 if ((index <= 3) && !b43_new_kidx_api(dev)) {
961 do_key_write(dev, index + 4, B43_SEC_ALGO_NONE,
962 NULL, B43_SEC_KEYSIZE, NULL);
964 dev->key[index].keyconf = NULL;
969 static void b43_clear_keys(struct b43_wldev *dev)
973 if (b43_new_kidx_api(dev))
974 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
976 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
977 for (i = 0; i < count; i++)
978 b43_key_clear(dev, i);
981 static void b43_dump_keymemory(struct b43_wldev *dev)
983 unsigned int i, index, count, offset, pairwise_keys_start;
991 if (!b43_debug(dev, B43_DBG_KEYS))
994 hf = b43_hf_read(dev);
995 b43dbg(dev->wl, "Hardware key memory dump: USEDEFKEYS=%u\n",
996 !!(hf & B43_HF_USEDEFKEYS));
997 if (b43_new_kidx_api(dev)) {
998 pairwise_keys_start = B43_NR_GROUP_KEYS;
999 count = B43_NR_GROUP_KEYS + B43_NR_PAIRWISE_KEYS;
1001 pairwise_keys_start = B43_NR_GROUP_KEYS * 2;
1002 count = B43_NR_GROUP_KEYS * 2 + B43_NR_PAIRWISE_KEYS;
1004 for (index = 0; index < count; index++) {
1005 key = &(dev->key[index]);
1006 printk(KERN_DEBUG "Key slot %02u: %s",
1007 index, (key->keyconf == NULL) ? " " : "*");
1008 offset = dev->ktp + (index * B43_SEC_KEYSIZE);
1009 for (i = 0; i < B43_SEC_KEYSIZE; i += 2) {
1010 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1011 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1014 algo = b43_shm_read16(dev, B43_SHM_SHARED,
1015 B43_SHM_SH_KEYIDXBLOCK + (index * 2));
1016 printk(" Algo: %04X/%02X", algo, key->algorithm);
1018 if (index >= pairwise_keys_start) {
1019 if (key->algorithm == B43_SEC_ALGO_TKIP) {
1021 offset = B43_SHM_SH_TKIPTSCTTAK + (index - 4) * (10 + 4);
1022 for (i = 0; i < 14; i += 2) {
1023 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, offset + i);
1024 printk("%02X%02X", (tmp & 0xFF), ((tmp >> 8) & 0xFF));
1027 rcmta0 = b43_shm_read32(dev, B43_SHM_RCMTA,
1028 ((index - pairwise_keys_start) * 2) + 0);
1029 rcmta1 = b43_shm_read16(dev, B43_SHM_RCMTA,
1030 ((index - pairwise_keys_start) * 2) + 1);
1031 *((__le32 *)(&mac[0])) = cpu_to_le32(rcmta0);
1032 *((__le16 *)(&mac[4])) = cpu_to_le16(rcmta1);
1033 printk(" MAC: %pM", mac);
1035 printk(" DEFAULT KEY");
1040 void b43_power_saving_ctl_bits(struct b43_wldev *dev, unsigned int ps_flags)
1048 B43_WARN_ON((ps_flags & B43_PS_ENABLED) &&
1049 (ps_flags & B43_PS_DISABLED));
1050 B43_WARN_ON((ps_flags & B43_PS_AWAKE) && (ps_flags & B43_PS_ASLEEP));
1052 if (ps_flags & B43_PS_ENABLED) {
1054 } else if (ps_flags & B43_PS_DISABLED) {
1057 //TODO: If powersave is not off and FIXME is not set and we are not in adhoc
1058 // and thus is not an AP and we are associated, set bit 25
1060 if (ps_flags & B43_PS_AWAKE) {
1062 } else if (ps_flags & B43_PS_ASLEEP) {
1065 //TODO: If the device is awake or this is an AP, or we are scanning, or FIXME,
1066 // or we are associated, or FIXME, or the latest PS-Poll packet sent was
1067 // successful, set bit26
1070 /* FIXME: For now we force awake-on and hwps-off */
1074 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1076 macctl |= B43_MACCTL_HWPS;
1078 macctl &= ~B43_MACCTL_HWPS;
1080 macctl |= B43_MACCTL_AWAKE;
1082 macctl &= ~B43_MACCTL_AWAKE;
1083 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1085 b43_read32(dev, B43_MMIO_MACCTL);
1086 if (awake && dev->dev->id.revision >= 5) {
1087 /* Wait for the microcode to wake up. */
1088 for (i = 0; i < 100; i++) {
1089 ucstat = b43_shm_read16(dev, B43_SHM_SHARED,
1090 B43_SHM_SH_UCODESTAT);
1091 if (ucstat != B43_SHM_SH_UCODESTAT_SLEEP)
1098 void b43_wireless_core_reset(struct b43_wldev *dev, u32 flags)
1103 flags |= B43_TMSLOW_PHYCLKEN;
1104 flags |= B43_TMSLOW_PHYRESET;
1105 ssb_device_enable(dev->dev, flags);
1106 msleep(2); /* Wait for the PLL to turn on. */
1108 /* Now take the PHY out of Reset again */
1109 tmslow = ssb_read32(dev->dev, SSB_TMSLOW);
1110 tmslow |= SSB_TMSLOW_FGC;
1111 tmslow &= ~B43_TMSLOW_PHYRESET;
1112 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1113 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1115 tmslow &= ~SSB_TMSLOW_FGC;
1116 ssb_write32(dev->dev, SSB_TMSLOW, tmslow);
1117 ssb_read32(dev->dev, SSB_TMSLOW); /* flush */
1120 /* Turn Analog ON, but only if we already know the PHY-type.
1121 * This protects against very early setup where we don't know the
1122 * PHY-type, yet. wireless_core_reset will be called once again later,
1123 * when we know the PHY-type. */
1125 dev->phy.ops->switch_analog(dev, 1);
1127 macctl = b43_read32(dev, B43_MMIO_MACCTL);
1128 macctl &= ~B43_MACCTL_GMODE;
1129 if (flags & B43_TMSLOW_GMODE)
1130 macctl |= B43_MACCTL_GMODE;
1131 macctl |= B43_MACCTL_IHR_ENABLED;
1132 b43_write32(dev, B43_MMIO_MACCTL, macctl);
1135 static void handle_irq_transmit_status(struct b43_wldev *dev)
1139 struct b43_txstatus stat;
1142 v0 = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1143 if (!(v0 & 0x00000001))
1145 v1 = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1147 stat.cookie = (v0 >> 16);
1148 stat.seq = (v1 & 0x0000FFFF);
1149 stat.phy_stat = ((v1 & 0x00FF0000) >> 16);
1150 tmp = (v0 & 0x0000FFFF);
1151 stat.frame_count = ((tmp & 0xF000) >> 12);
1152 stat.rts_count = ((tmp & 0x0F00) >> 8);
1153 stat.supp_reason = ((tmp & 0x001C) >> 2);
1154 stat.pm_indicated = !!(tmp & 0x0080);
1155 stat.intermediate = !!(tmp & 0x0040);
1156 stat.for_ampdu = !!(tmp & 0x0020);
1157 stat.acked = !!(tmp & 0x0002);
1159 b43_handle_txstatus(dev, &stat);
1163 static void drain_txstatus_queue(struct b43_wldev *dev)
1167 if (dev->dev->id.revision < 5)
1169 /* Read all entries from the microcode TXstatus FIFO
1170 * and throw them away.
1173 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_0);
1174 if (!(dummy & 0x00000001))
1176 dummy = b43_read32(dev, B43_MMIO_XMITSTAT_1);
1180 static u32 b43_jssi_read(struct b43_wldev *dev)
1184 val = b43_shm_read16(dev, B43_SHM_SHARED, 0x08A);
1186 val |= b43_shm_read16(dev, B43_SHM_SHARED, 0x088);
1191 static void b43_jssi_write(struct b43_wldev *dev, u32 jssi)
1193 b43_shm_write16(dev, B43_SHM_SHARED, 0x088, (jssi & 0x0000FFFF));
1194 b43_shm_write16(dev, B43_SHM_SHARED, 0x08A, (jssi & 0xFFFF0000) >> 16);
1197 static void b43_generate_noise_sample(struct b43_wldev *dev)
1199 b43_jssi_write(dev, 0x7F7F7F7F);
1200 b43_write32(dev, B43_MMIO_MACCMD,
1201 b43_read32(dev, B43_MMIO_MACCMD) | B43_MACCMD_BGNOISE);
1204 static void b43_calculate_link_quality(struct b43_wldev *dev)
1206 /* Top half of Link Quality calculation. */
1208 if (dev->phy.type != B43_PHYTYPE_G)
1210 if (dev->noisecalc.calculation_running)
1212 dev->noisecalc.calculation_running = 1;
1213 dev->noisecalc.nr_samples = 0;
1215 b43_generate_noise_sample(dev);
1218 static void handle_irq_noise(struct b43_wldev *dev)
1220 struct b43_phy_g *phy = dev->phy.g;
1226 /* Bottom half of Link Quality calculation. */
1228 if (dev->phy.type != B43_PHYTYPE_G)
1231 /* Possible race condition: It might be possible that the user
1232 * changed to a different channel in the meantime since we
1233 * started the calculation. We ignore that fact, since it's
1234 * not really that much of a problem. The background noise is
1235 * an estimation only anyway. Slightly wrong results will get damped
1236 * by the averaging of the 8 sample rounds. Additionally the
1237 * value is shortlived. So it will be replaced by the next noise
1238 * calculation round soon. */
1240 B43_WARN_ON(!dev->noisecalc.calculation_running);
1241 *((__le32 *)noise) = cpu_to_le32(b43_jssi_read(dev));
1242 if (noise[0] == 0x7F || noise[1] == 0x7F ||
1243 noise[2] == 0x7F || noise[3] == 0x7F)
1246 /* Get the noise samples. */
1247 B43_WARN_ON(dev->noisecalc.nr_samples >= 8);
1248 i = dev->noisecalc.nr_samples;
1249 noise[0] = clamp_val(noise[0], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1250 noise[1] = clamp_val(noise[1], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1251 noise[2] = clamp_val(noise[2], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1252 noise[3] = clamp_val(noise[3], 0, ARRAY_SIZE(phy->nrssi_lt) - 1);
1253 dev->noisecalc.samples[i][0] = phy->nrssi_lt[noise[0]];
1254 dev->noisecalc.samples[i][1] = phy->nrssi_lt[noise[1]];
1255 dev->noisecalc.samples[i][2] = phy->nrssi_lt[noise[2]];
1256 dev->noisecalc.samples[i][3] = phy->nrssi_lt[noise[3]];
1257 dev->noisecalc.nr_samples++;
1258 if (dev->noisecalc.nr_samples == 8) {
1259 /* Calculate the Link Quality by the noise samples. */
1261 for (i = 0; i < 8; i++) {
1262 for (j = 0; j < 4; j++)
1263 average += dev->noisecalc.samples[i][j];
1269 tmp = b43_shm_read16(dev, B43_SHM_SHARED, 0x40C);
1270 tmp = (tmp / 128) & 0x1F;
1280 dev->stats.link_noise = average;
1281 dev->noisecalc.calculation_running = 0;
1285 b43_generate_noise_sample(dev);
1288 static void handle_irq_tbtt_indication(struct b43_wldev *dev)
1290 if (b43_is_mode(dev->wl, NL80211_IFTYPE_AP)) {
1293 if (1 /*FIXME: the last PSpoll frame was sent successfully */ )
1294 b43_power_saving_ctl_bits(dev, 0);
1296 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC))
1300 static void handle_irq_atim_end(struct b43_wldev *dev)
1302 if (dev->dfq_valid) {
1303 b43_write32(dev, B43_MMIO_MACCMD,
1304 b43_read32(dev, B43_MMIO_MACCMD)
1305 | B43_MACCMD_DFQ_VALID);
1310 static void handle_irq_pmq(struct b43_wldev *dev)
1317 tmp = b43_read32(dev, B43_MMIO_PS_STATUS);
1318 if (!(tmp & 0x00000008))
1321 /* 16bit write is odd, but correct. */
1322 b43_write16(dev, B43_MMIO_PS_STATUS, 0x0002);
1325 static void b43_write_template_common(struct b43_wldev *dev,
1326 const u8 *data, u16 size,
1328 u16 shm_size_offset, u8 rate)
1331 struct b43_plcp_hdr4 plcp;
1334 b43_generate_plcp_hdr(&plcp, size + FCS_LEN, rate);
1335 b43_ram_write(dev, ram_offset, le32_to_cpu(plcp.data));
1336 ram_offset += sizeof(u32);
1337 /* The PLCP is 6 bytes long, but we only wrote 4 bytes, yet.
1338 * So leave the first two bytes of the next write blank.
1340 tmp = (u32) (data[0]) << 16;
1341 tmp |= (u32) (data[1]) << 24;
1342 b43_ram_write(dev, ram_offset, tmp);
1343 ram_offset += sizeof(u32);
1344 for (i = 2; i < size; i += sizeof(u32)) {
1345 tmp = (u32) (data[i + 0]);
1347 tmp |= (u32) (data[i + 1]) << 8;
1349 tmp |= (u32) (data[i + 2]) << 16;
1351 tmp |= (u32) (data[i + 3]) << 24;
1352 b43_ram_write(dev, ram_offset + i - 2, tmp);
1354 b43_shm_write16(dev, B43_SHM_SHARED, shm_size_offset,
1355 size + sizeof(struct b43_plcp_hdr6));
1358 /* Check if the use of the antenna that ieee80211 told us to
1359 * use is possible. This will fall back to DEFAULT.
1360 * "antenna_nr" is the antenna identifier we got from ieee80211. */
1361 u8 b43_ieee80211_antenna_sanitize(struct b43_wldev *dev,
1366 if (antenna_nr == 0) {
1367 /* Zero means "use default antenna". That's always OK. */
1371 /* Get the mask of available antennas. */
1373 antenna_mask = dev->dev->bus->sprom.ant_available_bg;
1375 antenna_mask = dev->dev->bus->sprom.ant_available_a;
1377 if (!(antenna_mask & (1 << (antenna_nr - 1)))) {
1378 /* This antenna is not available. Fall back to default. */
1385 /* Convert a b43 antenna number value to the PHY TX control value. */
1386 static u16 b43_antenna_to_phyctl(int antenna)
1390 return B43_TXH_PHY_ANT0;
1392 return B43_TXH_PHY_ANT1;
1394 return B43_TXH_PHY_ANT2;
1396 return B43_TXH_PHY_ANT3;
1397 case B43_ANTENNA_AUTO0:
1398 case B43_ANTENNA_AUTO1:
1399 return B43_TXH_PHY_ANT01AUTO;
1405 static void b43_write_beacon_template(struct b43_wldev *dev,
1407 u16 shm_size_offset)
1409 unsigned int i, len, variable_len;
1410 const struct ieee80211_mgmt *bcn;
1416 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(dev->wl->current_beacon);
1418 bcn = (const struct ieee80211_mgmt *)(dev->wl->current_beacon->data);
1419 len = min((size_t) dev->wl->current_beacon->len,
1420 0x200 - sizeof(struct b43_plcp_hdr6));
1421 rate = ieee80211_get_tx_rate(dev->wl->hw, info)->hw_value;
1423 b43_write_template_common(dev, (const u8 *)bcn,
1424 len, ram_offset, shm_size_offset, rate);
1426 /* Write the PHY TX control parameters. */
1427 antenna = B43_ANTENNA_DEFAULT;
1428 antenna = b43_antenna_to_phyctl(antenna);
1429 ctl = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL);
1430 /* We can't send beacons with short preamble. Would get PHY errors. */
1431 ctl &= ~B43_TXH_PHY_SHORTPRMBL;
1432 ctl &= ~B43_TXH_PHY_ANT;
1433 ctl &= ~B43_TXH_PHY_ENC;
1435 if (b43_is_cck_rate(rate))
1436 ctl |= B43_TXH_PHY_ENC_CCK;
1438 ctl |= B43_TXH_PHY_ENC_OFDM;
1439 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
1441 /* Find the position of the TIM and the DTIM_period value
1442 * and write them to SHM. */
1443 ie = bcn->u.beacon.variable;
1444 variable_len = len - offsetof(struct ieee80211_mgmt, u.beacon.variable);
1445 for (i = 0; i < variable_len - 2; ) {
1446 uint8_t ie_id, ie_len;
1453 /* This is the TIM Information Element */
1455 /* Check whether the ie_len is in the beacon data range. */
1456 if (variable_len < ie_len + 2 + i)
1458 /* A valid TIM is at least 4 bytes long. */
1463 tim_position = sizeof(struct b43_plcp_hdr6);
1464 tim_position += offsetof(struct ieee80211_mgmt, u.beacon.variable);
1467 dtim_period = ie[i + 3];
1469 b43_shm_write16(dev, B43_SHM_SHARED,
1470 B43_SHM_SH_TIMBPOS, tim_position);
1471 b43_shm_write16(dev, B43_SHM_SHARED,
1472 B43_SHM_SH_DTIMPER, dtim_period);
1479 * If ucode wants to modify TIM do it behind the beacon, this
1480 * will happen, for example, when doing mesh networking.
1482 b43_shm_write16(dev, B43_SHM_SHARED,
1484 len + sizeof(struct b43_plcp_hdr6));
1485 b43_shm_write16(dev, B43_SHM_SHARED,
1486 B43_SHM_SH_DTIMPER, 0);
1488 b43dbg(dev->wl, "Updated beacon template at 0x%x\n", ram_offset);
1491 static void b43_upload_beacon0(struct b43_wldev *dev)
1493 struct b43_wl *wl = dev->wl;
1495 if (wl->beacon0_uploaded)
1497 b43_write_beacon_template(dev, 0x68, 0x18);
1498 wl->beacon0_uploaded = 1;
1501 static void b43_upload_beacon1(struct b43_wldev *dev)
1503 struct b43_wl *wl = dev->wl;
1505 if (wl->beacon1_uploaded)
1507 b43_write_beacon_template(dev, 0x468, 0x1A);
1508 wl->beacon1_uploaded = 1;
1511 static void handle_irq_beacon(struct b43_wldev *dev)
1513 struct b43_wl *wl = dev->wl;
1514 u32 cmd, beacon0_valid, beacon1_valid;
1516 if (!b43_is_mode(wl, NL80211_IFTYPE_AP) &&
1517 !b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
1520 /* This is the bottom half of the asynchronous beacon update. */
1522 /* Ignore interrupt in the future. */
1523 dev->irq_mask &= ~B43_IRQ_BEACON;
1525 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1526 beacon0_valid = (cmd & B43_MACCMD_BEACON0_VALID);
1527 beacon1_valid = (cmd & B43_MACCMD_BEACON1_VALID);
1529 /* Schedule interrupt manually, if busy. */
1530 if (beacon0_valid && beacon1_valid) {
1531 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_BEACON);
1532 dev->irq_mask |= B43_IRQ_BEACON;
1536 if (unlikely(wl->beacon_templates_virgin)) {
1537 /* We never uploaded a beacon before.
1538 * Upload both templates now, but only mark one valid. */
1539 wl->beacon_templates_virgin = 0;
1540 b43_upload_beacon0(dev);
1541 b43_upload_beacon1(dev);
1542 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1543 cmd |= B43_MACCMD_BEACON0_VALID;
1544 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1546 if (!beacon0_valid) {
1547 b43_upload_beacon0(dev);
1548 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1549 cmd |= B43_MACCMD_BEACON0_VALID;
1550 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1551 } else if (!beacon1_valid) {
1552 b43_upload_beacon1(dev);
1553 cmd = b43_read32(dev, B43_MMIO_MACCMD);
1554 cmd |= B43_MACCMD_BEACON1_VALID;
1555 b43_write32(dev, B43_MMIO_MACCMD, cmd);
1560 static void b43_do_beacon_update_trigger_work(struct b43_wldev *dev)
1562 u32 old_irq_mask = dev->irq_mask;
1564 /* update beacon right away or defer to irq */
1565 handle_irq_beacon(dev);
1566 if (old_irq_mask != dev->irq_mask) {
1567 /* The handler updated the IRQ mask. */
1568 B43_WARN_ON(!dev->irq_mask);
1569 if (b43_read32(dev, B43_MMIO_GEN_IRQ_MASK)) {
1570 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1572 /* Device interrupts are currently disabled. That means
1573 * we just ran the hardirq handler and scheduled the
1574 * IRQ thread. The thread will write the IRQ mask when
1575 * it finished, so there's nothing to do here. Writing
1576 * the mask _here_ would incorrectly re-enable IRQs. */
1581 static void b43_beacon_update_trigger_work(struct work_struct *work)
1583 struct b43_wl *wl = container_of(work, struct b43_wl,
1584 beacon_update_trigger);
1585 struct b43_wldev *dev;
1587 mutex_lock(&wl->mutex);
1588 dev = wl->current_dev;
1589 if (likely(dev && (b43_status(dev) >= B43_STAT_INITIALIZED))) {
1590 if (0 /*FIXME dev->dev->bus->bustype == SSB_BUSTYPE_SDIO*/) {
1591 /* wl->mutex is enough. */
1592 b43_do_beacon_update_trigger_work(dev);
1595 spin_lock_irq(&wl->hardirq_lock);
1596 b43_do_beacon_update_trigger_work(dev);
1598 spin_unlock_irq(&wl->hardirq_lock);
1601 mutex_unlock(&wl->mutex);
1604 /* Asynchronously update the packet templates in template RAM.
1605 * Locking: Requires wl->mutex to be locked. */
1606 static void b43_update_templates(struct b43_wl *wl)
1608 struct sk_buff *beacon;
1610 /* This is the top half of the ansynchronous beacon update.
1611 * The bottom half is the beacon IRQ.
1612 * Beacon update must be asynchronous to avoid sending an
1613 * invalid beacon. This can happen for example, if the firmware
1614 * transmits a beacon while we are updating it. */
1616 /* We could modify the existing beacon and set the aid bit in
1617 * the TIM field, but that would probably require resizing and
1618 * moving of data within the beacon template.
1619 * Simply request a new beacon and let mac80211 do the hard work. */
1620 beacon = ieee80211_beacon_get(wl->hw, wl->vif);
1621 if (unlikely(!beacon))
1624 if (wl->current_beacon)
1625 dev_kfree_skb_any(wl->current_beacon);
1626 wl->current_beacon = beacon;
1627 wl->beacon0_uploaded = 0;
1628 wl->beacon1_uploaded = 0;
1629 ieee80211_queue_work(wl->hw, &wl->beacon_update_trigger);
1632 static void b43_set_beacon_int(struct b43_wldev *dev, u16 beacon_int)
1635 if (dev->dev->id.revision >= 3) {
1636 b43_write32(dev, B43_MMIO_TSF_CFP_REP, (beacon_int << 16));
1637 b43_write32(dev, B43_MMIO_TSF_CFP_START, (beacon_int << 10));
1639 b43_write16(dev, 0x606, (beacon_int >> 6));
1640 b43_write16(dev, 0x610, beacon_int);
1642 b43_time_unlock(dev);
1643 b43dbg(dev->wl, "Set beacon interval to %u\n", beacon_int);
1646 static void b43_handle_firmware_panic(struct b43_wldev *dev)
1650 /* Read the register that contains the reason code for the panic. */
1651 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_FWPANIC_REASON_REG);
1652 b43err(dev->wl, "Whoopsy, firmware panic! Reason: %u\n", reason);
1656 b43dbg(dev->wl, "The panic reason is unknown.\n");
1658 case B43_FWPANIC_DIE:
1659 /* Do not restart the controller or firmware.
1660 * The device is nonfunctional from now on.
1661 * Restarting would result in this panic to trigger again,
1662 * so we avoid that recursion. */
1664 case B43_FWPANIC_RESTART:
1665 b43_controller_restart(dev, "Microcode panic");
1670 static void handle_irq_ucode_debug(struct b43_wldev *dev)
1672 unsigned int i, cnt;
1673 u16 reason, marker_id, marker_line;
1676 /* The proprietary firmware doesn't have this IRQ. */
1677 if (!dev->fw.opensource)
1680 /* Read the register that contains the reason code for this IRQ. */
1681 reason = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_DEBUGIRQ_REASON_REG);
1684 case B43_DEBUGIRQ_PANIC:
1685 b43_handle_firmware_panic(dev);
1687 case B43_DEBUGIRQ_DUMP_SHM:
1689 break; /* Only with driver debugging enabled. */
1690 buf = kmalloc(4096, GFP_ATOMIC);
1692 b43dbg(dev->wl, "SHM-dump: Failed to allocate memory\n");
1695 for (i = 0; i < 4096; i += 2) {
1696 u16 tmp = b43_shm_read16(dev, B43_SHM_SHARED, i);
1697 buf[i / 2] = cpu_to_le16(tmp);
1699 b43info(dev->wl, "Shared memory dump:\n");
1700 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_OFFSET,
1701 16, 2, buf, 4096, 1);
1704 case B43_DEBUGIRQ_DUMP_REGS:
1706 break; /* Only with driver debugging enabled. */
1707 b43info(dev->wl, "Microcode register dump:\n");
1708 for (i = 0, cnt = 0; i < 64; i++) {
1709 u16 tmp = b43_shm_read16(dev, B43_SHM_SCRATCH, i);
1712 printk("r%02u: 0x%04X ", i, tmp);
1721 case B43_DEBUGIRQ_MARKER:
1723 break; /* Only with driver debugging enabled. */
1724 marker_id = b43_shm_read16(dev, B43_SHM_SCRATCH,
1726 marker_line = b43_shm_read16(dev, B43_SHM_SCRATCH,
1727 B43_MARKER_LINE_REG);
1728 b43info(dev->wl, "The firmware just executed the MARKER(%u) "
1729 "at line number %u\n",
1730 marker_id, marker_line);
1733 b43dbg(dev->wl, "Debug-IRQ triggered for unknown reason: %u\n",
1737 /* Acknowledge the debug-IRQ, so the firmware can continue. */
1738 b43_shm_write16(dev, B43_SHM_SCRATCH,
1739 B43_DEBUGIRQ_REASON_REG, B43_DEBUGIRQ_ACK);
1742 static void b43_do_interrupt_thread(struct b43_wldev *dev)
1745 u32 dma_reason[ARRAY_SIZE(dev->dma_reason)];
1746 u32 merged_dma_reason = 0;
1749 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
1752 reason = dev->irq_reason;
1753 for (i = 0; i < ARRAY_SIZE(dma_reason); i++) {
1754 dma_reason[i] = dev->dma_reason[i];
1755 merged_dma_reason |= dma_reason[i];
1758 if (unlikely(reason & B43_IRQ_MAC_TXERR))
1759 b43err(dev->wl, "MAC transmission error\n");
1761 if (unlikely(reason & B43_IRQ_PHY_TXERR)) {
1762 b43err(dev->wl, "PHY transmission error\n");
1764 if (unlikely(atomic_dec_and_test(&dev->phy.txerr_cnt))) {
1765 atomic_set(&dev->phy.txerr_cnt,
1766 B43_PHY_TX_BADNESS_LIMIT);
1767 b43err(dev->wl, "Too many PHY TX errors, "
1768 "restarting the controller\n");
1769 b43_controller_restart(dev, "PHY TX errors");
1773 if (unlikely(merged_dma_reason & (B43_DMAIRQ_FATALMASK |
1774 B43_DMAIRQ_NONFATALMASK))) {
1775 if (merged_dma_reason & B43_DMAIRQ_FATALMASK) {
1776 b43err(dev->wl, "Fatal DMA error: "
1777 "0x%08X, 0x%08X, 0x%08X, "
1778 "0x%08X, 0x%08X, 0x%08X\n",
1779 dma_reason[0], dma_reason[1],
1780 dma_reason[2], dma_reason[3],
1781 dma_reason[4], dma_reason[5]);
1782 b43_controller_restart(dev, "DMA error");
1785 if (merged_dma_reason & B43_DMAIRQ_NONFATALMASK) {
1786 b43err(dev->wl, "DMA error: "
1787 "0x%08X, 0x%08X, 0x%08X, "
1788 "0x%08X, 0x%08X, 0x%08X\n",
1789 dma_reason[0], dma_reason[1],
1790 dma_reason[2], dma_reason[3],
1791 dma_reason[4], dma_reason[5]);
1795 if (unlikely(reason & B43_IRQ_UCODE_DEBUG))
1796 handle_irq_ucode_debug(dev);
1797 if (reason & B43_IRQ_TBTT_INDI)
1798 handle_irq_tbtt_indication(dev);
1799 if (reason & B43_IRQ_ATIM_END)
1800 handle_irq_atim_end(dev);
1801 if (reason & B43_IRQ_BEACON)
1802 handle_irq_beacon(dev);
1803 if (reason & B43_IRQ_PMQ)
1804 handle_irq_pmq(dev);
1805 if (reason & B43_IRQ_TXFIFO_FLUSH_OK)
1807 if (reason & B43_IRQ_NOISESAMPLE_OK)
1808 handle_irq_noise(dev);
1810 /* Check the DMA reason registers for received data. */
1811 if (dma_reason[0] & B43_DMAIRQ_RX_DONE) {
1812 if (b43_using_pio_transfers(dev))
1813 b43_pio_rx(dev->pio.rx_queue);
1815 b43_dma_rx(dev->dma.rx_ring);
1817 B43_WARN_ON(dma_reason[1] & B43_DMAIRQ_RX_DONE);
1818 B43_WARN_ON(dma_reason[2] & B43_DMAIRQ_RX_DONE);
1819 B43_WARN_ON(dma_reason[3] & B43_DMAIRQ_RX_DONE);
1820 B43_WARN_ON(dma_reason[4] & B43_DMAIRQ_RX_DONE);
1821 B43_WARN_ON(dma_reason[5] & B43_DMAIRQ_RX_DONE);
1823 if (reason & B43_IRQ_TX_OK)
1824 handle_irq_transmit_status(dev);
1826 /* Re-enable interrupts on the device by restoring the current interrupt mask. */
1827 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
1830 /* Interrupt thread handler. Handles device interrupts in thread context. */
1831 static irqreturn_t b43_interrupt_thread_handler(int irq, void *dev_id)
1833 struct b43_wldev *dev = dev_id;
1835 mutex_lock(&dev->wl->mutex);
1836 b43_do_interrupt_thread(dev);
1838 mutex_unlock(&dev->wl->mutex);
1843 static irqreturn_t b43_do_interrupt(struct b43_wldev *dev)
1847 /* This code runs under wl->hardirq_lock, but _only_ on non-SDIO busses.
1848 * On SDIO, this runs under wl->mutex. */
1850 reason = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
1851 if (reason == 0xffffffff) /* shared IRQ */
1853 reason &= dev->irq_mask;
1857 dev->dma_reason[0] = b43_read32(dev, B43_MMIO_DMA0_REASON)
1859 dev->dma_reason[1] = b43_read32(dev, B43_MMIO_DMA1_REASON)
1861 dev->dma_reason[2] = b43_read32(dev, B43_MMIO_DMA2_REASON)
1863 dev->dma_reason[3] = b43_read32(dev, B43_MMIO_DMA3_REASON)
1865 dev->dma_reason[4] = b43_read32(dev, B43_MMIO_DMA4_REASON)
1868 dev->dma_reason[5] = b43_read32(dev, B43_MMIO_DMA5_REASON)
1872 /* ACK the interrupt. */
1873 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, reason);
1874 b43_write32(dev, B43_MMIO_DMA0_REASON, dev->dma_reason[0]);
1875 b43_write32(dev, B43_MMIO_DMA1_REASON, dev->dma_reason[1]);
1876 b43_write32(dev, B43_MMIO_DMA2_REASON, dev->dma_reason[2]);
1877 b43_write32(dev, B43_MMIO_DMA3_REASON, dev->dma_reason[3]);
1878 b43_write32(dev, B43_MMIO_DMA4_REASON, dev->dma_reason[4]);
1880 b43_write32(dev, B43_MMIO_DMA5_REASON, dev->dma_reason[5]);
1883 /* Disable IRQs on the device. The IRQ thread handler will re-enable them. */
1884 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
1885 /* Save the reason bitmasks for the IRQ thread handler. */
1886 dev->irq_reason = reason;
1888 return IRQ_WAKE_THREAD;
1891 /* Interrupt handler top-half. This runs with interrupts disabled. */
1892 static irqreturn_t b43_interrupt_handler(int irq, void *dev_id)
1894 struct b43_wldev *dev = dev_id;
1897 if (unlikely(b43_status(dev) < B43_STAT_STARTED))
1900 spin_lock(&dev->wl->hardirq_lock);
1901 ret = b43_do_interrupt(dev);
1903 spin_unlock(&dev->wl->hardirq_lock);
1908 void b43_do_release_fw(struct b43_firmware_file *fw)
1910 release_firmware(fw->data);
1912 fw->filename = NULL;
1915 static void b43_release_firmware(struct b43_wldev *dev)
1917 b43_do_release_fw(&dev->fw.ucode);
1918 b43_do_release_fw(&dev->fw.pcm);
1919 b43_do_release_fw(&dev->fw.initvals);
1920 b43_do_release_fw(&dev->fw.initvals_band);
1923 static void b43_print_fw_helptext(struct b43_wl *wl, bool error)
1927 "http://wireless.kernel.org/en/users/Drivers/b43#devicefirmware " \
1928 "and download the correct firmware for this driver version. " \
1929 "Please carefully read all instructions on this website.\n";
1937 int b43_do_request_fw(struct b43_request_fw_context *ctx,
1939 struct b43_firmware_file *fw)
1941 const struct firmware *blob;
1942 struct b43_fw_header *hdr;
1947 /* Don't fetch anything. Free possibly cached firmware. */
1948 /* FIXME: We should probably keep it anyway, to save some headache
1949 * on suspend/resume with multiband devices. */
1950 b43_do_release_fw(fw);
1954 if ((fw->type == ctx->req_type) &&
1955 (strcmp(fw->filename, name) == 0))
1956 return 0; /* Already have this fw. */
1957 /* Free the cached firmware first. */
1958 /* FIXME: We should probably do this later after we successfully
1959 * got the new fw. This could reduce headache with multiband devices.
1960 * We could also redesign this to cache the firmware for all possible
1961 * bands all the time. */
1962 b43_do_release_fw(fw);
1965 switch (ctx->req_type) {
1966 case B43_FWTYPE_PROPRIETARY:
1967 snprintf(ctx->fwname, sizeof(ctx->fwname),
1969 modparam_fwpostfix, name);
1971 case B43_FWTYPE_OPENSOURCE:
1972 snprintf(ctx->fwname, sizeof(ctx->fwname),
1974 modparam_fwpostfix, name);
1980 err = request_firmware(&blob, ctx->fwname, ctx->dev->dev->dev);
1981 if (err == -ENOENT) {
1982 snprintf(ctx->errors[ctx->req_type],
1983 sizeof(ctx->errors[ctx->req_type]),
1984 "Firmware file \"%s\" not found\n", ctx->fwname);
1987 snprintf(ctx->errors[ctx->req_type],
1988 sizeof(ctx->errors[ctx->req_type]),
1989 "Firmware file \"%s\" request failed (err=%d)\n",
1993 if (blob->size < sizeof(struct b43_fw_header))
1995 hdr = (struct b43_fw_header *)(blob->data);
1996 switch (hdr->type) {
1997 case B43_FW_TYPE_UCODE:
1998 case B43_FW_TYPE_PCM:
1999 size = be32_to_cpu(hdr->size);
2000 if (size != blob->size - sizeof(struct b43_fw_header))
2003 case B43_FW_TYPE_IV:
2012 fw->filename = name;
2013 fw->type = ctx->req_type;
2018 snprintf(ctx->errors[ctx->req_type],
2019 sizeof(ctx->errors[ctx->req_type]),
2020 "Firmware file \"%s\" format error.\n", ctx->fwname);
2021 release_firmware(blob);
2026 static int b43_try_request_fw(struct b43_request_fw_context *ctx)
2028 struct b43_wldev *dev = ctx->dev;
2029 struct b43_firmware *fw = &ctx->dev->fw;
2030 const u8 rev = ctx->dev->dev->id.revision;
2031 const char *filename;
2036 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
2037 if ((rev >= 5) && (rev <= 10))
2038 filename = "ucode5";
2039 else if ((rev >= 11) && (rev <= 12))
2040 filename = "ucode11";
2042 filename = "ucode13";
2044 filename = "ucode14";
2046 filename = "ucode15";
2049 err = b43_do_request_fw(ctx, filename, &fw->ucode);
2054 if ((rev >= 5) && (rev <= 10))
2060 fw->pcm_request_failed = 0;
2061 err = b43_do_request_fw(ctx, filename, &fw->pcm);
2062 if (err == -ENOENT) {
2063 /* We did not find a PCM file? Not fatal, but
2064 * core rev <= 10 must do without hwcrypto then. */
2065 fw->pcm_request_failed = 1;
2070 switch (dev->phy.type) {
2072 if ((rev >= 5) && (rev <= 10)) {
2073 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2074 filename = "a0g1initvals5";
2076 filename = "a0g0initvals5";
2078 goto err_no_initvals;
2081 if ((rev >= 5) && (rev <= 10))
2082 filename = "b0g0initvals5";
2084 filename = "b0g0initvals13";
2086 goto err_no_initvals;
2089 if ((rev >= 11) && (rev <= 12))
2090 filename = "n0initvals11";
2092 goto err_no_initvals;
2094 case B43_PHYTYPE_LP:
2096 filename = "lp0initvals13";
2098 filename = "lp0initvals14";
2100 filename = "lp0initvals15";
2102 goto err_no_initvals;
2105 goto err_no_initvals;
2107 err = b43_do_request_fw(ctx, filename, &fw->initvals);
2111 /* Get bandswitch initvals */
2112 switch (dev->phy.type) {
2114 if ((rev >= 5) && (rev <= 10)) {
2115 if (tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY)
2116 filename = "a0g1bsinitvals5";
2118 filename = "a0g0bsinitvals5";
2119 } else if (rev >= 11)
2122 goto err_no_initvals;
2125 if ((rev >= 5) && (rev <= 10))
2126 filename = "b0g0bsinitvals5";
2130 goto err_no_initvals;
2133 if ((rev >= 11) && (rev <= 12))
2134 filename = "n0bsinitvals11";
2136 goto err_no_initvals;
2138 case B43_PHYTYPE_LP:
2140 filename = "lp0bsinitvals13";
2142 filename = "lp0bsinitvals14";
2144 filename = "lp0bsinitvals15";
2146 goto err_no_initvals;
2149 goto err_no_initvals;
2151 err = b43_do_request_fw(ctx, filename, &fw->initvals_band);
2158 err = ctx->fatal_failure = -EOPNOTSUPP;
2159 b43err(dev->wl, "The driver does not know which firmware (ucode) "
2160 "is required for your device (wl-core rev %u)\n", rev);
2164 err = ctx->fatal_failure = -EOPNOTSUPP;
2165 b43err(dev->wl, "The driver does not know which firmware (PCM) "
2166 "is required for your device (wl-core rev %u)\n", rev);
2170 err = ctx->fatal_failure = -EOPNOTSUPP;
2171 b43err(dev->wl, "The driver does not know which firmware (initvals) "
2172 "is required for your device (wl-core rev %u)\n", rev);
2176 /* We failed to load this firmware image. The error message
2177 * already is in ctx->errors. Return and let our caller decide
2182 b43_release_firmware(dev);
2186 static int b43_request_firmware(struct b43_wldev *dev)
2188 struct b43_request_fw_context *ctx;
2193 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
2198 ctx->req_type = B43_FWTYPE_PROPRIETARY;
2199 err = b43_try_request_fw(ctx);
2201 goto out; /* Successfully loaded it. */
2202 err = ctx->fatal_failure;
2206 ctx->req_type = B43_FWTYPE_OPENSOURCE;
2207 err = b43_try_request_fw(ctx);
2209 goto out; /* Successfully loaded it. */
2210 err = ctx->fatal_failure;
2214 /* Could not find a usable firmware. Print the errors. */
2215 for (i = 0; i < B43_NR_FWTYPES; i++) {
2216 errmsg = ctx->errors[i];
2218 b43err(dev->wl, errmsg);
2220 b43_print_fw_helptext(dev->wl, 1);
2228 static int b43_upload_microcode(struct b43_wldev *dev)
2230 const size_t hdr_len = sizeof(struct b43_fw_header);
2232 unsigned int i, len;
2233 u16 fwrev, fwpatch, fwdate, fwtime;
2237 /* Jump the microcode PSM to offset 0 */
2238 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2239 B43_WARN_ON(macctl & B43_MACCTL_PSM_RUN);
2240 macctl |= B43_MACCTL_PSM_JMP0;
2241 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2242 /* Zero out all microcode PSM registers and shared memory. */
2243 for (i = 0; i < 64; i++)
2244 b43_shm_write16(dev, B43_SHM_SCRATCH, i, 0);
2245 for (i = 0; i < 4096; i += 2)
2246 b43_shm_write16(dev, B43_SHM_SHARED, i, 0);
2248 /* Upload Microcode. */
2249 data = (__be32 *) (dev->fw.ucode.data->data + hdr_len);
2250 len = (dev->fw.ucode.data->size - hdr_len) / sizeof(__be32);
2251 b43_shm_control_word(dev, B43_SHM_UCODE | B43_SHM_AUTOINC_W, 0x0000);
2252 for (i = 0; i < len; i++) {
2253 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2257 if (dev->fw.pcm.data) {
2258 /* Upload PCM data. */
2259 data = (__be32 *) (dev->fw.pcm.data->data + hdr_len);
2260 len = (dev->fw.pcm.data->size - hdr_len) / sizeof(__be32);
2261 b43_shm_control_word(dev, B43_SHM_HW, 0x01EA);
2262 b43_write32(dev, B43_MMIO_SHM_DATA, 0x00004000);
2263 /* No need for autoinc bit in SHM_HW */
2264 b43_shm_control_word(dev, B43_SHM_HW, 0x01EB);
2265 for (i = 0; i < len; i++) {
2266 b43_write32(dev, B43_MMIO_SHM_DATA, be32_to_cpu(data[i]));
2271 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, B43_IRQ_ALL);
2273 /* Start the microcode PSM */
2274 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2275 macctl &= ~B43_MACCTL_PSM_JMP0;
2276 macctl |= B43_MACCTL_PSM_RUN;
2277 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2279 /* Wait for the microcode to load and respond */
2282 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2283 if (tmp == B43_IRQ_MAC_SUSPENDED)
2287 b43err(dev->wl, "Microcode not responding\n");
2288 b43_print_fw_helptext(dev->wl, 1);
2294 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON); /* dummy read */
2296 /* Get and check the revisions. */
2297 fwrev = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEREV);
2298 fwpatch = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEPATCH);
2299 fwdate = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODEDATE);
2300 fwtime = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_UCODETIME);
2302 if (fwrev <= 0x128) {
2303 b43err(dev->wl, "YOUR FIRMWARE IS TOO OLD. Firmware from "
2304 "binary drivers older than version 4.x is unsupported. "
2305 "You must upgrade your firmware files.\n");
2306 b43_print_fw_helptext(dev->wl, 1);
2310 dev->fw.rev = fwrev;
2311 dev->fw.patch = fwpatch;
2312 dev->fw.opensource = (fwdate == 0xFFFF);
2314 /* Default to use-all-queues. */
2315 dev->wl->hw->queues = dev->wl->mac80211_initially_registered_queues;
2316 dev->qos_enabled = !!modparam_qos;
2317 /* Default to firmware/hardware crypto acceleration. */
2318 dev->hwcrypto_enabled = 1;
2320 if (dev->fw.opensource) {
2323 /* Patchlevel info is encoded in the "time" field. */
2324 dev->fw.patch = fwtime;
2325 b43info(dev->wl, "Loading OpenSource firmware version %u.%u\n",
2326 dev->fw.rev, dev->fw.patch);
2328 fwcapa = b43_fwcapa_read(dev);
2329 if (!(fwcapa & B43_FWCAPA_HWCRYPTO) || dev->fw.pcm_request_failed) {
2330 b43info(dev->wl, "Hardware crypto acceleration not supported by firmware\n");
2331 /* Disable hardware crypto and fall back to software crypto. */
2332 dev->hwcrypto_enabled = 0;
2334 if (!(fwcapa & B43_FWCAPA_QOS)) {
2335 b43info(dev->wl, "QoS not supported by firmware\n");
2336 /* Disable QoS. Tweak hw->queues to 1. It will be restored before
2337 * ieee80211_unregister to make sure the networking core can
2338 * properly free possible resources. */
2339 dev->wl->hw->queues = 1;
2340 dev->qos_enabled = 0;
2343 b43info(dev->wl, "Loading firmware version %u.%u "
2344 "(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
2346 (fwdate >> 12) & 0xF, (fwdate >> 8) & 0xF, fwdate & 0xFF,
2347 (fwtime >> 11) & 0x1F, (fwtime >> 5) & 0x3F, fwtime & 0x1F);
2348 if (dev->fw.pcm_request_failed) {
2349 b43warn(dev->wl, "No \"pcm5.fw\" firmware file found. "
2350 "Hardware accelerated cryptography is disabled.\n");
2351 b43_print_fw_helptext(dev->wl, 0);
2355 if (b43_is_old_txhdr_format(dev)) {
2356 /* We're over the deadline, but we keep support for old fw
2357 * until it turns out to be in major conflict with something new. */
2358 b43warn(dev->wl, "You are using an old firmware image. "
2359 "Support for old firmware will be removed soon "
2360 "(official deadline was July 2008).\n");
2361 b43_print_fw_helptext(dev->wl, 0);
2367 macctl = b43_read32(dev, B43_MMIO_MACCTL);
2368 macctl &= ~B43_MACCTL_PSM_RUN;
2369 macctl |= B43_MACCTL_PSM_JMP0;
2370 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2375 static int b43_write_initvals(struct b43_wldev *dev,
2376 const struct b43_iv *ivals,
2380 const struct b43_iv *iv;
2385 BUILD_BUG_ON(sizeof(struct b43_iv) != 6);
2387 for (i = 0; i < count; i++) {
2388 if (array_size < sizeof(iv->offset_size))
2390 array_size -= sizeof(iv->offset_size);
2391 offset = be16_to_cpu(iv->offset_size);
2392 bit32 = !!(offset & B43_IV_32BIT);
2393 offset &= B43_IV_OFFSET_MASK;
2394 if (offset >= 0x1000)
2399 if (array_size < sizeof(iv->data.d32))
2401 array_size -= sizeof(iv->data.d32);
2403 value = get_unaligned_be32(&iv->data.d32);
2404 b43_write32(dev, offset, value);
2406 iv = (const struct b43_iv *)((const uint8_t *)iv +
2412 if (array_size < sizeof(iv->data.d16))
2414 array_size -= sizeof(iv->data.d16);
2416 value = be16_to_cpu(iv->data.d16);
2417 b43_write16(dev, offset, value);
2419 iv = (const struct b43_iv *)((const uint8_t *)iv +
2430 b43err(dev->wl, "Initial Values Firmware file-format error.\n");
2431 b43_print_fw_helptext(dev->wl, 1);
2436 static int b43_upload_initvals(struct b43_wldev *dev)
2438 const size_t hdr_len = sizeof(struct b43_fw_header);
2439 const struct b43_fw_header *hdr;
2440 struct b43_firmware *fw = &dev->fw;
2441 const struct b43_iv *ivals;
2445 hdr = (const struct b43_fw_header *)(fw->initvals.data->data);
2446 ivals = (const struct b43_iv *)(fw->initvals.data->data + hdr_len);
2447 count = be32_to_cpu(hdr->size);
2448 err = b43_write_initvals(dev, ivals, count,
2449 fw->initvals.data->size - hdr_len);
2452 if (fw->initvals_band.data) {
2453 hdr = (const struct b43_fw_header *)(fw->initvals_band.data->data);
2454 ivals = (const struct b43_iv *)(fw->initvals_band.data->data + hdr_len);
2455 count = be32_to_cpu(hdr->size);
2456 err = b43_write_initvals(dev, ivals, count,
2457 fw->initvals_band.data->size - hdr_len);
2466 /* Initialize the GPIOs
2467 * http://bcm-specs.sipsolutions.net/GPIO
2469 static int b43_gpio_init(struct b43_wldev *dev)
2471 struct ssb_bus *bus = dev->dev->bus;
2472 struct ssb_device *gpiodev, *pcidev = NULL;
2475 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2476 & ~B43_MACCTL_GPOUTSMSK);
2478 b43_write16(dev, B43_MMIO_GPIO_MASK, b43_read16(dev, B43_MMIO_GPIO_MASK)
2483 if (dev->dev->bus->chip_id == 0x4301) {
2487 if (0 /* FIXME: conditional unknown */ ) {
2488 b43_write16(dev, B43_MMIO_GPIO_MASK,
2489 b43_read16(dev, B43_MMIO_GPIO_MASK)
2494 if (dev->dev->bus->sprom.boardflags_lo & B43_BFL_PACTRL) {
2495 b43_write16(dev, B43_MMIO_GPIO_MASK,
2496 b43_read16(dev, B43_MMIO_GPIO_MASK)
2501 if (dev->dev->id.revision >= 2)
2502 mask |= 0x0010; /* FIXME: This is redundant. */
2504 #ifdef CONFIG_SSB_DRIVER_PCICORE
2505 pcidev = bus->pcicore.dev;
2507 gpiodev = bus->chipco.dev ? : pcidev;
2510 ssb_write32(gpiodev, B43_GPIO_CONTROL,
2511 (ssb_read32(gpiodev, B43_GPIO_CONTROL)
2517 /* Turn off all GPIO stuff. Call this on module unload, for example. */
2518 static void b43_gpio_cleanup(struct b43_wldev *dev)
2520 struct ssb_bus *bus = dev->dev->bus;
2521 struct ssb_device *gpiodev, *pcidev = NULL;
2523 #ifdef CONFIG_SSB_DRIVER_PCICORE
2524 pcidev = bus->pcicore.dev;
2526 gpiodev = bus->chipco.dev ? : pcidev;
2529 ssb_write32(gpiodev, B43_GPIO_CONTROL, 0);
2532 /* http://bcm-specs.sipsolutions.net/EnableMac */
2533 void b43_mac_enable(struct b43_wldev *dev)
2535 if (b43_debug(dev, B43_DBG_FIRMWARE)) {
2538 fwstate = b43_shm_read16(dev, B43_SHM_SHARED,
2539 B43_SHM_SH_UCODESTAT);
2540 if ((fwstate != B43_SHM_SH_UCODESTAT_SUSP) &&
2541 (fwstate != B43_SHM_SH_UCODESTAT_SLEEP)) {
2542 b43err(dev->wl, "b43_mac_enable(): The firmware "
2543 "should be suspended, but current state is %u\n",
2548 dev->mac_suspended--;
2549 B43_WARN_ON(dev->mac_suspended < 0);
2550 if (dev->mac_suspended == 0) {
2551 b43_write32(dev, B43_MMIO_MACCTL,
2552 b43_read32(dev, B43_MMIO_MACCTL)
2553 | B43_MACCTL_ENABLED);
2554 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON,
2555 B43_IRQ_MAC_SUSPENDED);
2557 b43_read32(dev, B43_MMIO_MACCTL);
2558 b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2559 b43_power_saving_ctl_bits(dev, 0);
2563 /* http://bcm-specs.sipsolutions.net/SuspendMAC */
2564 void b43_mac_suspend(struct b43_wldev *dev)
2570 B43_WARN_ON(dev->mac_suspended < 0);
2572 if (dev->mac_suspended == 0) {
2573 b43_power_saving_ctl_bits(dev, B43_PS_AWAKE);
2574 b43_write32(dev, B43_MMIO_MACCTL,
2575 b43_read32(dev, B43_MMIO_MACCTL)
2576 & ~B43_MACCTL_ENABLED);
2577 /* force pci to flush the write */
2578 b43_read32(dev, B43_MMIO_MACCTL);
2579 for (i = 35; i; i--) {
2580 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2581 if (tmp & B43_IRQ_MAC_SUSPENDED)
2585 /* Hm, it seems this will take some time. Use msleep(). */
2586 for (i = 40; i; i--) {
2587 tmp = b43_read32(dev, B43_MMIO_GEN_IRQ_REASON);
2588 if (tmp & B43_IRQ_MAC_SUSPENDED)
2592 b43err(dev->wl, "MAC suspend failed\n");
2595 dev->mac_suspended++;
2598 static void b43_adjust_opmode(struct b43_wldev *dev)
2600 struct b43_wl *wl = dev->wl;
2604 ctl = b43_read32(dev, B43_MMIO_MACCTL);
2605 /* Reset status to STA infrastructure mode. */
2606 ctl &= ~B43_MACCTL_AP;
2607 ctl &= ~B43_MACCTL_KEEP_CTL;
2608 ctl &= ~B43_MACCTL_KEEP_BADPLCP;
2609 ctl &= ~B43_MACCTL_KEEP_BAD;
2610 ctl &= ~B43_MACCTL_PROMISC;
2611 ctl &= ~B43_MACCTL_BEACPROMISC;
2612 ctl |= B43_MACCTL_INFRA;
2614 if (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
2615 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT))
2616 ctl |= B43_MACCTL_AP;
2617 else if (b43_is_mode(wl, NL80211_IFTYPE_ADHOC))
2618 ctl &= ~B43_MACCTL_INFRA;
2620 if (wl->filter_flags & FIF_CONTROL)
2621 ctl |= B43_MACCTL_KEEP_CTL;
2622 if (wl->filter_flags & FIF_FCSFAIL)
2623 ctl |= B43_MACCTL_KEEP_BAD;
2624 if (wl->filter_flags & FIF_PLCPFAIL)
2625 ctl |= B43_MACCTL_KEEP_BADPLCP;
2626 if (wl->filter_flags & FIF_PROMISC_IN_BSS)
2627 ctl |= B43_MACCTL_PROMISC;
2628 if (wl->filter_flags & FIF_BCN_PRBRESP_PROMISC)
2629 ctl |= B43_MACCTL_BEACPROMISC;
2631 /* Workaround: On old hardware the HW-MAC-address-filter
2632 * doesn't work properly, so always run promisc in filter
2633 * it in software. */
2634 if (dev->dev->id.revision <= 4)
2635 ctl |= B43_MACCTL_PROMISC;
2637 b43_write32(dev, B43_MMIO_MACCTL, ctl);
2640 if ((ctl & B43_MACCTL_INFRA) && !(ctl & B43_MACCTL_AP)) {
2641 if (dev->dev->bus->chip_id == 0x4306 &&
2642 dev->dev->bus->chip_rev == 3)
2647 b43_write16(dev, 0x612, cfp_pretbtt);
2650 static void b43_rate_memory_write(struct b43_wldev *dev, u16 rate, int is_ofdm)
2656 offset += (b43_plcp_get_ratecode_ofdm(rate) & 0x000F) * 2;
2659 offset += (b43_plcp_get_ratecode_cck(rate) & 0x000F) * 2;
2661 b43_shm_write16(dev, B43_SHM_SHARED, offset + 0x20,
2662 b43_shm_read16(dev, B43_SHM_SHARED, offset));
2665 static void b43_rate_memory_init(struct b43_wldev *dev)
2667 switch (dev->phy.type) {
2671 case B43_PHYTYPE_LP:
2672 b43_rate_memory_write(dev, B43_OFDM_RATE_6MB, 1);
2673 b43_rate_memory_write(dev, B43_OFDM_RATE_12MB, 1);
2674 b43_rate_memory_write(dev, B43_OFDM_RATE_18MB, 1);
2675 b43_rate_memory_write(dev, B43_OFDM_RATE_24MB, 1);
2676 b43_rate_memory_write(dev, B43_OFDM_RATE_36MB, 1);
2677 b43_rate_memory_write(dev, B43_OFDM_RATE_48MB, 1);
2678 b43_rate_memory_write(dev, B43_OFDM_RATE_54MB, 1);
2679 if (dev->phy.type == B43_PHYTYPE_A)
2683 b43_rate_memory_write(dev, B43_CCK_RATE_1MB, 0);
2684 b43_rate_memory_write(dev, B43_CCK_RATE_2MB, 0);
2685 b43_rate_memory_write(dev, B43_CCK_RATE_5MB, 0);
2686 b43_rate_memory_write(dev, B43_CCK_RATE_11MB, 0);
2693 /* Set the default values for the PHY TX Control Words. */
2694 static void b43_set_phytxctl_defaults(struct b43_wldev *dev)
2698 ctl |= B43_TXH_PHY_ENC_CCK;
2699 ctl |= B43_TXH_PHY_ANT01AUTO;
2700 ctl |= B43_TXH_PHY_TXPWR;
2702 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_BEACPHYCTL, ctl);
2703 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, ctl);
2704 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, ctl);
2707 /* Set the TX-Antenna for management frames sent by firmware. */
2708 static void b43_mgmtframe_txantenna(struct b43_wldev *dev, int antenna)
2713 ant = b43_antenna_to_phyctl(antenna);
2716 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL);
2717 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2718 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_ACKCTSPHYCTL, tmp);
2719 /* For Probe Resposes */
2720 tmp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL);
2721 tmp = (tmp & ~B43_TXH_PHY_ANT) | ant;
2722 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRPHYCTL, tmp);
2725 /* This is the opposite of b43_chip_init() */
2726 static void b43_chip_exit(struct b43_wldev *dev)
2729 b43_gpio_cleanup(dev);
2730 /* firmware is released later */
2733 /* Initialize the chip
2734 * http://bcm-specs.sipsolutions.net/ChipInit
2736 static int b43_chip_init(struct b43_wldev *dev)
2738 struct b43_phy *phy = &dev->phy;
2740 u32 value32, macctl;
2743 /* Initialize the MAC control */
2744 macctl = B43_MACCTL_IHR_ENABLED | B43_MACCTL_SHM_ENABLED;
2746 macctl |= B43_MACCTL_GMODE;
2747 macctl |= B43_MACCTL_INFRA;
2748 b43_write32(dev, B43_MMIO_MACCTL, macctl);
2750 err = b43_request_firmware(dev);
2753 err = b43_upload_microcode(dev);
2755 goto out; /* firmware is released later */
2757 err = b43_gpio_init(dev);
2759 goto out; /* firmware is released later */
2761 err = b43_upload_initvals(dev);
2763 goto err_gpio_clean;
2765 /* Turn the Analog on and initialize the PHY. */
2766 phy->ops->switch_analog(dev, 1);
2767 err = b43_phy_init(dev);
2769 goto err_gpio_clean;
2771 /* Disable Interference Mitigation. */
2772 if (phy->ops->interf_mitigation)
2773 phy->ops->interf_mitigation(dev, B43_INTERFMODE_NONE);
2775 /* Select the antennae */
2776 if (phy->ops->set_rx_antenna)
2777 phy->ops->set_rx_antenna(dev, B43_ANTENNA_DEFAULT);
2778 b43_mgmtframe_txantenna(dev, B43_ANTENNA_DEFAULT);
2780 if (phy->type == B43_PHYTYPE_B) {
2781 value16 = b43_read16(dev, 0x005E);
2783 b43_write16(dev, 0x005E, value16);
2785 b43_write32(dev, 0x0100, 0x01000000);
2786 if (dev->dev->id.revision < 5)
2787 b43_write32(dev, 0x010C, 0x01000000);
2789 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2790 & ~B43_MACCTL_INFRA);
2791 b43_write32(dev, B43_MMIO_MACCTL, b43_read32(dev, B43_MMIO_MACCTL)
2792 | B43_MACCTL_INFRA);
2794 /* Probe Response Timeout value */
2795 /* FIXME: Default to 0, has to be set by ioctl probably... :-/ */
2796 b43_shm_write16(dev, B43_SHM_SHARED, 0x0074, 0x0000);
2798 /* Initially set the wireless operation mode. */
2799 b43_adjust_opmode(dev);
2801 if (dev->dev->id.revision < 3) {
2802 b43_write16(dev, 0x060E, 0x0000);
2803 b43_write16(dev, 0x0610, 0x8000);
2804 b43_write16(dev, 0x0604, 0x0000);
2805 b43_write16(dev, 0x0606, 0x0200);
2807 b43_write32(dev, 0x0188, 0x80000000);
2808 b43_write32(dev, 0x018C, 0x02000000);
2810 b43_write32(dev, B43_MMIO_GEN_IRQ_REASON, 0x00004000);
2811 b43_write32(dev, B43_MMIO_DMA0_IRQ_MASK, 0x0001DC00);
2812 b43_write32(dev, B43_MMIO_DMA1_IRQ_MASK, 0x0000DC00);
2813 b43_write32(dev, B43_MMIO_DMA2_IRQ_MASK, 0x0000DC00);
2814 b43_write32(dev, B43_MMIO_DMA3_IRQ_MASK, 0x0001DC00);
2815 b43_write32(dev, B43_MMIO_DMA4_IRQ_MASK, 0x0000DC00);
2816 b43_write32(dev, B43_MMIO_DMA5_IRQ_MASK, 0x0000DC00);
2818 value32 = ssb_read32(dev->dev, SSB_TMSLOW);
2819 value32 |= 0x00100000;
2820 ssb_write32(dev->dev, SSB_TMSLOW, value32);
2822 b43_write16(dev, B43_MMIO_POWERUP_DELAY,
2823 dev->dev->bus->chipco.fast_pwrup_delay);
2826 b43dbg(dev->wl, "Chip initialized\n");
2831 b43_gpio_cleanup(dev);
2835 static void b43_periodic_every60sec(struct b43_wldev *dev)
2837 const struct b43_phy_operations *ops = dev->phy.ops;
2839 if (ops->pwork_60sec)
2840 ops->pwork_60sec(dev);
2842 /* Force check the TX power emission now. */
2843 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME);
2846 static void b43_periodic_every30sec(struct b43_wldev *dev)
2848 /* Update device statistics. */
2849 b43_calculate_link_quality(dev);
2852 static void b43_periodic_every15sec(struct b43_wldev *dev)
2854 struct b43_phy *phy = &dev->phy;
2857 if (dev->fw.opensource) {
2858 /* Check if the firmware is still alive.
2859 * It will reset the watchdog counter to 0 in its idle loop. */
2860 wdr = b43_shm_read16(dev, B43_SHM_SCRATCH, B43_WATCHDOG_REG);
2861 if (unlikely(wdr)) {
2862 b43err(dev->wl, "Firmware watchdog: The firmware died!\n");
2863 b43_controller_restart(dev, "Firmware watchdog");
2866 b43_shm_write16(dev, B43_SHM_SCRATCH,
2867 B43_WATCHDOG_REG, 1);
2871 if (phy->ops->pwork_15sec)
2872 phy->ops->pwork_15sec(dev);
2874 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
2878 static void do_periodic_work(struct b43_wldev *dev)
2882 state = dev->periodic_state;
2884 b43_periodic_every60sec(dev);
2886 b43_periodic_every30sec(dev);
2887 b43_periodic_every15sec(dev);
2890 /* Periodic work locking policy:
2891 * The whole periodic work handler is protected by
2892 * wl->mutex. If another lock is needed somewhere in the
2893 * pwork callchain, it's aquired in-place, where it's needed.
2895 static void b43_periodic_work_handler(struct work_struct *work)
2897 struct b43_wldev *dev = container_of(work, struct b43_wldev,
2898 periodic_work.work);
2899 struct b43_wl *wl = dev->wl;
2900 unsigned long delay;
2902 mutex_lock(&wl->mutex);
2904 if (unlikely(b43_status(dev) != B43_STAT_STARTED))
2906 if (b43_debug(dev, B43_DBG_PWORK_STOP))
2909 do_periodic_work(dev);
2911 dev->periodic_state++;
2913 if (b43_debug(dev, B43_DBG_PWORK_FAST))
2914 delay = msecs_to_jiffies(50);
2916 delay = round_jiffies_relative(HZ * 15);
2917 ieee80211_queue_delayed_work(wl->hw, &dev->periodic_work, delay);
2919 mutex_unlock(&wl->mutex);
2922 static void b43_periodic_tasks_setup(struct b43_wldev *dev)
2924 struct delayed_work *work = &dev->periodic_work;
2926 dev->periodic_state = 0;
2927 INIT_DELAYED_WORK(work, b43_periodic_work_handler);
2928 ieee80211_queue_delayed_work(dev->wl->hw, work, 0);
2931 /* Check if communication with the device works correctly. */
2932 static int b43_validate_chipaccess(struct b43_wldev *dev)
2934 u32 v, backup0, backup4;
2936 backup0 = b43_shm_read32(dev, B43_SHM_SHARED, 0);
2937 backup4 = b43_shm_read32(dev, B43_SHM_SHARED, 4);
2939 /* Check for read/write and endianness problems. */
2940 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0x55AAAA55);
2941 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0x55AAAA55)
2943 b43_shm_write32(dev, B43_SHM_SHARED, 0, 0xAA5555AA);
2944 if (b43_shm_read32(dev, B43_SHM_SHARED, 0) != 0xAA5555AA)
2947 /* Check if unaligned 32bit SHM_SHARED access works properly.
2948 * However, don't bail out on failure, because it's noncritical. */
2949 b43_shm_write16(dev, B43_SHM_SHARED, 0, 0x1122);
2950 b43_shm_write16(dev, B43_SHM_SHARED, 2, 0x3344);
2951 b43_shm_write16(dev, B43_SHM_SHARED, 4, 0x5566);
2952 b43_shm_write16(dev, B43_SHM_SHARED, 6, 0x7788);
2953 if (b43_shm_read32(dev, B43_SHM_SHARED, 2) != 0x55663344)
2954 b43warn(dev->wl, "Unaligned 32bit SHM read access is broken\n");
2955 b43_shm_write32(dev, B43_SHM_SHARED, 2, 0xAABBCCDD);
2956 if (b43_shm_read16(dev, B43_SHM_SHARED, 0) != 0x1122 ||
2957 b43_shm_read16(dev, B43_SHM_SHARED, 2) != 0xCCDD ||
2958 b43_shm_read16(dev, B43_SHM_SHARED, 4) != 0xAABB ||
2959 b43_shm_read16(dev, B43_SHM_SHARED, 6) != 0x7788)
2960 b43warn(dev->wl, "Unaligned 32bit SHM write access is broken\n");
2962 b43_shm_write32(dev, B43_SHM_SHARED, 0, backup0);
2963 b43_shm_write32(dev, B43_SHM_SHARED, 4, backup4);
2965 if ((dev->dev->id.revision >= 3) && (dev->dev->id.revision <= 10)) {
2966 /* The 32bit register shadows the two 16bit registers
2967 * with update sideeffects. Validate this. */
2968 b43_write16(dev, B43_MMIO_TSF_CFP_START, 0xAAAA);
2969 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0xCCCCBBBB);
2970 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_LOW) != 0xBBBB)
2972 if (b43_read16(dev, B43_MMIO_TSF_CFP_START_HIGH) != 0xCCCC)
2975 b43_write32(dev, B43_MMIO_TSF_CFP_START, 0);
2977 v = b43_read32(dev, B43_MMIO_MACCTL);
2978 v |= B43_MACCTL_GMODE;
2979 if (v != (B43_MACCTL_GMODE | B43_MACCTL_IHR_ENABLED))
2984 b43err(dev->wl, "Failed to validate the chipaccess\n");
2988 static void b43_security_init(struct b43_wldev *dev)
2990 dev->ktp = b43_shm_read16(dev, B43_SHM_SHARED, B43_SHM_SH_KTP);
2991 /* KTP is a word address, but we address SHM bytewise.
2992 * So multiply by two.
2995 /* Number of RCMTA address slots */
2996 b43_write16(dev, B43_MMIO_RCMTA_COUNT, B43_NR_PAIRWISE_KEYS);
2997 /* Clear the key memory. */
2998 b43_clear_keys(dev);
3001 #ifdef CONFIG_B43_HWRNG
3002 static int b43_rng_read(struct hwrng *rng, u32 *data)
3004 struct b43_wl *wl = (struct b43_wl *)rng->priv;
3006 /* FIXME: We need to take wl->mutex here to make sure the device
3007 * is not going away from under our ass. However it could deadlock
3008 * with hwrng internal locking. */
3010 *data = b43_read16(wl->current_dev, B43_MMIO_RNG);
3012 return (sizeof(u16));
3014 #endif /* CONFIG_B43_HWRNG */
3016 static void b43_rng_exit(struct b43_wl *wl)
3018 #ifdef CONFIG_B43_HWRNG
3019 if (wl->rng_initialized)
3020 hwrng_unregister(&wl->rng);
3021 #endif /* CONFIG_B43_HWRNG */
3024 static int b43_rng_init(struct b43_wl *wl)
3028 #ifdef CONFIG_B43_HWRNG
3029 snprintf(wl->rng_name, ARRAY_SIZE(wl->rng_name),
3030 "%s_%s", KBUILD_MODNAME, wiphy_name(wl->hw->wiphy));
3031 wl->rng.name = wl->rng_name;
3032 wl->rng.data_read = b43_rng_read;
3033 wl->rng.priv = (unsigned long)wl;
3034 wl->rng_initialized = 1;
3035 err = hwrng_register(&wl->rng);
3037 wl->rng_initialized = 0;
3038 b43err(wl, "Failed to register the random "
3039 "number generator (%d)\n", err);
3041 #endif /* CONFIG_B43_HWRNG */
3046 static void b43_tx_work(struct work_struct *work)
3048 struct b43_wl *wl = container_of(work, struct b43_wl, tx_work);
3049 struct b43_wldev *dev;
3050 struct sk_buff *skb;
3053 mutex_lock(&wl->mutex);
3054 dev = wl->current_dev;
3055 if (unlikely(!dev || b43_status(dev) < B43_STAT_STARTED)) {
3056 mutex_unlock(&wl->mutex);
3060 while (skb_queue_len(&wl->tx_queue)) {
3061 skb = skb_dequeue(&wl->tx_queue);
3063 if (b43_using_pio_transfers(dev))
3064 err = b43_pio_tx(dev, skb);
3066 err = b43_dma_tx(dev, skb);
3068 dev_kfree_skb(skb); /* Drop it */
3071 mutex_unlock(&wl->mutex);
3074 static int b43_op_tx(struct ieee80211_hw *hw,
3075 struct sk_buff *skb)
3077 struct b43_wl *wl = hw_to_b43_wl(hw);
3079 if (unlikely(skb->len < 2 + 2 + 6)) {
3080 /* Too short, this can't be a valid frame. */
3081 dev_kfree_skb_any(skb);
3082 return NETDEV_TX_OK;
3084 B43_WARN_ON(skb_shinfo(skb)->nr_frags);
3086 skb_queue_tail(&wl->tx_queue, skb);
3087 ieee80211_queue_work(wl->hw, &wl->tx_work);
3089 return NETDEV_TX_OK;
3092 static void b43_qos_params_upload(struct b43_wldev *dev,
3093 const struct ieee80211_tx_queue_params *p,
3096 u16 params[B43_NR_QOSPARAMS];
3100 if (!dev->qos_enabled)
3103 bslots = b43_read16(dev, B43_MMIO_RNG) & p->cw_min;
3105 memset(¶ms, 0, sizeof(params));
3107 params[B43_QOSPARAM_TXOP] = p->txop * 32;
3108 params[B43_QOSPARAM_CWMIN] = p->cw_min;
3109 params[B43_QOSPARAM_CWMAX] = p->cw_max;
3110 params[B43_QOSPARAM_CWCUR] = p->cw_min;
3111 params[B43_QOSPARAM_AIFS] = p->aifs;
3112 params[B43_QOSPARAM_BSLOTS] = bslots;
3113 params[B43_QOSPARAM_REGGAP] = bslots + p->aifs;
3115 for (i = 0; i < ARRAY_SIZE(params); i++) {
3116 if (i == B43_QOSPARAM_STATUS) {
3117 tmp = b43_shm_read16(dev, B43_SHM_SHARED,
3118 shm_offset + (i * 2));
3119 /* Mark the parameters as updated. */
3121 b43_shm_write16(dev, B43_SHM_SHARED,
3122 shm_offset + (i * 2),
3125 b43_shm_write16(dev, B43_SHM_SHARED,
3126 shm_offset + (i * 2),
3132 /* Mapping of mac80211 queue numbers to b43 QoS SHM offsets. */
3133 static const u16 b43_qos_shm_offsets[] = {
3134 /* [mac80211-queue-nr] = SHM_OFFSET, */
3135 [0] = B43_QOS_VOICE,
3136 [1] = B43_QOS_VIDEO,
3137 [2] = B43_QOS_BESTEFFORT,
3138 [3] = B43_QOS_BACKGROUND,
3141 /* Update all QOS parameters in hardware. */
3142 static void b43_qos_upload_all(struct b43_wldev *dev)
3144 struct b43_wl *wl = dev->wl;
3145 struct b43_qos_params *params;
3148 if (!dev->qos_enabled)
3151 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3152 ARRAY_SIZE(wl->qos_params));
3154 b43_mac_suspend(dev);
3155 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3156 params = &(wl->qos_params[i]);
3157 b43_qos_params_upload(dev, &(params->p),
3158 b43_qos_shm_offsets[i]);
3160 b43_mac_enable(dev);
3163 static void b43_qos_clear(struct b43_wl *wl)
3165 struct b43_qos_params *params;
3168 /* Initialize QoS parameters to sane defaults. */
3170 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3171 ARRAY_SIZE(wl->qos_params));
3173 for (i = 0; i < ARRAY_SIZE(wl->qos_params); i++) {
3174 params = &(wl->qos_params[i]);
3176 switch (b43_qos_shm_offsets[i]) {
3180 params->p.cw_min = 0x0001;
3181 params->p.cw_max = 0x0001;
3186 params->p.cw_min = 0x0001;
3187 params->p.cw_max = 0x0001;
3189 case B43_QOS_BESTEFFORT:
3192 params->p.cw_min = 0x0001;
3193 params->p.cw_max = 0x03FF;
3195 case B43_QOS_BACKGROUND:
3198 params->p.cw_min = 0x0001;
3199 params->p.cw_max = 0x03FF;
3207 /* Initialize the core's QOS capabilities */
3208 static void b43_qos_init(struct b43_wldev *dev)
3210 if (!dev->qos_enabled) {
3211 /* Disable QOS support. */
3212 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_EDCF);
3213 b43_write16(dev, B43_MMIO_IFSCTL,
3214 b43_read16(dev, B43_MMIO_IFSCTL)
3215 & ~B43_MMIO_IFSCTL_USE_EDCF);
3216 b43dbg(dev->wl, "QoS disabled\n");
3220 /* Upload the current QOS parameters. */
3221 b43_qos_upload_all(dev);
3223 /* Enable QOS support. */
3224 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_EDCF);
3225 b43_write16(dev, B43_MMIO_IFSCTL,
3226 b43_read16(dev, B43_MMIO_IFSCTL)
3227 | B43_MMIO_IFSCTL_USE_EDCF);
3228 b43dbg(dev->wl, "QoS enabled\n");
3231 static int b43_op_conf_tx(struct ieee80211_hw *hw, u16 _queue,
3232 const struct ieee80211_tx_queue_params *params)
3234 struct b43_wl *wl = hw_to_b43_wl(hw);
3235 struct b43_wldev *dev;
3236 unsigned int queue = (unsigned int)_queue;
3239 if (queue >= ARRAY_SIZE(wl->qos_params)) {
3240 /* Queue not available or don't support setting
3241 * params on this queue. Return success to not
3242 * confuse mac80211. */
3245 BUILD_BUG_ON(ARRAY_SIZE(b43_qos_shm_offsets) !=
3246 ARRAY_SIZE(wl->qos_params));
3248 mutex_lock(&wl->mutex);
3249 dev = wl->current_dev;
3250 if (unlikely(!dev || (b43_status(dev) < B43_STAT_INITIALIZED)))
3253 memcpy(&(wl->qos_params[queue].p), params, sizeof(*params));
3254 b43_mac_suspend(dev);
3255 b43_qos_params_upload(dev, &(wl->qos_params[queue].p),
3256 b43_qos_shm_offsets[queue]);
3257 b43_mac_enable(dev);
3261 mutex_unlock(&wl->mutex);
3266 static int b43_op_get_tx_stats(struct ieee80211_hw *hw,
3267 struct ieee80211_tx_queue_stats *stats)
3269 struct b43_wl *wl = hw_to_b43_wl(hw);
3270 struct b43_wldev *dev;
3273 mutex_lock(&wl->mutex);
3274 dev = wl->current_dev;
3275 if (dev && b43_status(dev) >= B43_STAT_STARTED) {
3276 if (b43_using_pio_transfers(dev))
3277 b43_pio_get_tx_stats(dev, stats);
3279 b43_dma_get_tx_stats(dev, stats);
3282 mutex_unlock(&wl->mutex);
3287 static int b43_op_get_stats(struct ieee80211_hw *hw,
3288 struct ieee80211_low_level_stats *stats)
3290 struct b43_wl *wl = hw_to_b43_wl(hw);
3292 mutex_lock(&wl->mutex);
3293 memcpy(stats, &wl->ieee_stats, sizeof(*stats));
3294 mutex_unlock(&wl->mutex);
3299 static u64 b43_op_get_tsf(struct ieee80211_hw *hw)
3301 struct b43_wl *wl = hw_to_b43_wl(hw);
3302 struct b43_wldev *dev;
3305 mutex_lock(&wl->mutex);
3306 dev = wl->current_dev;
3308 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3309 b43_tsf_read(dev, &tsf);
3313 mutex_unlock(&wl->mutex);
3318 static void b43_op_set_tsf(struct ieee80211_hw *hw, u64 tsf)
3320 struct b43_wl *wl = hw_to_b43_wl(hw);
3321 struct b43_wldev *dev;
3323 mutex_lock(&wl->mutex);
3324 dev = wl->current_dev;
3326 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED))
3327 b43_tsf_write(dev, tsf);
3329 mutex_unlock(&wl->mutex);
3332 static void b43_put_phy_into_reset(struct b43_wldev *dev)
3334 struct ssb_device *sdev = dev->dev;
3337 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3338 tmslow &= ~B43_TMSLOW_GMODE;
3339 tmslow |= B43_TMSLOW_PHYRESET;
3340 tmslow |= SSB_TMSLOW_FGC;
3341 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3344 tmslow = ssb_read32(sdev, SSB_TMSLOW);
3345 tmslow &= ~SSB_TMSLOW_FGC;
3346 tmslow |= B43_TMSLOW_PHYRESET;
3347 ssb_write32(sdev, SSB_TMSLOW, tmslow);
3351 static const char *band_to_string(enum ieee80211_band band)
3354 case IEEE80211_BAND_5GHZ:
3356 case IEEE80211_BAND_2GHZ:
3365 /* Expects wl->mutex locked */
3366 static int b43_switch_band(struct b43_wl *wl, struct ieee80211_channel *chan)
3368 struct b43_wldev *up_dev = NULL;
3369 struct b43_wldev *down_dev;
3370 struct b43_wldev *d;
3372 bool uninitialized_var(gmode);
3375 /* Find a device and PHY which supports the band. */
3376 list_for_each_entry(d, &wl->devlist, list) {
3377 switch (chan->band) {
3378 case IEEE80211_BAND_5GHZ:
3379 if (d->phy.supports_5ghz) {
3384 case IEEE80211_BAND_2GHZ:
3385 if (d->phy.supports_2ghz) {
3398 b43err(wl, "Could not find a device for %s-GHz band operation\n",
3399 band_to_string(chan->band));
3402 if ((up_dev == wl->current_dev) &&
3403 (!!wl->current_dev->phy.gmode == !!gmode)) {
3404 /* This device is already running. */
3407 b43dbg(wl, "Switching to %s-GHz band\n",
3408 band_to_string(chan->band));
3409 down_dev = wl->current_dev;
3411 prev_status = b43_status(down_dev);
3412 /* Shutdown the currently running core. */
3413 if (prev_status >= B43_STAT_STARTED)
3414 down_dev = b43_wireless_core_stop(down_dev);
3415 if (prev_status >= B43_STAT_INITIALIZED)
3416 b43_wireless_core_exit(down_dev);
3418 if (down_dev != up_dev) {
3419 /* We switch to a different core, so we put PHY into
3420 * RESET on the old core. */
3421 b43_put_phy_into_reset(down_dev);
3424 /* Now start the new core. */
3425 up_dev->phy.gmode = gmode;
3426 if (prev_status >= B43_STAT_INITIALIZED) {
3427 err = b43_wireless_core_init(up_dev);
3429 b43err(wl, "Fatal: Could not initialize device for "
3430 "selected %s-GHz band\n",
3431 band_to_string(chan->band));
3435 if (prev_status >= B43_STAT_STARTED) {
3436 err = b43_wireless_core_start(up_dev);
3438 b43err(wl, "Fatal: Coult not start device for "
3439 "selected %s-GHz band\n",
3440 band_to_string(chan->band));
3441 b43_wireless_core_exit(up_dev);
3445 B43_WARN_ON(b43_status(up_dev) != prev_status);
3447 wl->current_dev = up_dev;
3451 /* Whoops, failed to init the new core. No core is operating now. */
3452 wl->current_dev = NULL;
3456 /* Write the short and long frame retry limit values. */
3457 static void b43_set_retry_limits(struct b43_wldev *dev,
3458 unsigned int short_retry,
3459 unsigned int long_retry)
3461 /* The retry limit is a 4-bit counter. Enforce this to avoid overflowing
3462 * the chip-internal counter. */
3463 short_retry = min(short_retry, (unsigned int)0xF);
3464 long_retry = min(long_retry, (unsigned int)0xF);
3466 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_SRLIMIT,
3468 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_LRLIMIT,
3472 static int b43_op_config(struct ieee80211_hw *hw, u32 changed)
3474 struct b43_wl *wl = hw_to_b43_wl(hw);
3475 struct b43_wldev *dev;
3476 struct b43_phy *phy;
3477 struct ieee80211_conf *conf = &hw->conf;
3481 mutex_lock(&wl->mutex);
3483 /* Switch the band (if necessary). This might change the active core. */
3484 err = b43_switch_band(wl, conf->channel);
3486 goto out_unlock_mutex;
3487 dev = wl->current_dev;
3490 b43_mac_suspend(dev);
3492 if (changed & IEEE80211_CONF_CHANGE_RETRY_LIMITS)
3493 b43_set_retry_limits(dev, conf->short_frame_max_tx_count,
3494 conf->long_frame_max_tx_count);
3495 changed &= ~IEEE80211_CONF_CHANGE_RETRY_LIMITS;
3497 goto out_mac_enable;
3499 /* Switch to the requested channel.
3500 * The firmware takes care of races with the TX handler. */
3501 if (conf->channel->hw_value != phy->channel)
3502 b43_switch_channel(dev, conf->channel->hw_value);
3504 dev->wl->radiotap_enabled = !!(conf->flags & IEEE80211_CONF_RADIOTAP);
3506 /* Adjust the desired TX power level. */
3507 if (conf->power_level != 0) {
3508 if (conf->power_level != phy->desired_txpower) {
3509 phy->desired_txpower = conf->power_level;
3510 b43_phy_txpower_check(dev, B43_TXPWR_IGNORE_TIME |
3511 B43_TXPWR_IGNORE_TSSI);
3515 /* Antennas for RX and management frame TX. */
3516 antenna = B43_ANTENNA_DEFAULT;
3517 b43_mgmtframe_txantenna(dev, antenna);
3518 antenna = B43_ANTENNA_DEFAULT;
3519 if (phy->ops->set_rx_antenna)
3520 phy->ops->set_rx_antenna(dev, antenna);
3522 if (wl->radio_enabled != phy->radio_on) {
3523 if (wl->radio_enabled) {
3524 b43_software_rfkill(dev, false);
3525 b43info(dev->wl, "Radio turned on by software\n");
3526 if (!dev->radio_hw_enable) {
3527 b43info(dev->wl, "The hardware RF-kill button "
3528 "still turns the radio physically off. "
3529 "Press the button to turn it on.\n");
3532 b43_software_rfkill(dev, true);
3533 b43info(dev->wl, "Radio turned off by software\n");
3538 b43_mac_enable(dev);
3540 mutex_unlock(&wl->mutex);
3545 static void b43_update_basic_rates(struct b43_wldev *dev, u32 brates)
3547 struct ieee80211_supported_band *sband =
3548 dev->wl->hw->wiphy->bands[b43_current_band(dev->wl)];
3549 struct ieee80211_rate *rate;
3551 u16 basic, direct, offset, basic_offset, rateptr;
3553 for (i = 0; i < sband->n_bitrates; i++) {
3554 rate = &sband->bitrates[i];
3556 if (b43_is_cck_rate(rate->hw_value)) {
3557 direct = B43_SHM_SH_CCKDIRECT;
3558 basic = B43_SHM_SH_CCKBASIC;
3559 offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3562 direct = B43_SHM_SH_OFDMDIRECT;
3563 basic = B43_SHM_SH_OFDMBASIC;
3564 offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3568 rate = ieee80211_get_response_rate(sband, brates, rate->bitrate);
3570 if (b43_is_cck_rate(rate->hw_value)) {
3571 basic_offset = b43_plcp_get_ratecode_cck(rate->hw_value);
3572 basic_offset &= 0xF;
3574 basic_offset = b43_plcp_get_ratecode_ofdm(rate->hw_value);
3575 basic_offset &= 0xF;
3579 * Get the pointer that we need to point to
3580 * from the direct map
3582 rateptr = b43_shm_read16(dev, B43_SHM_SHARED,
3583 direct + 2 * basic_offset);
3584 /* and write it to the basic map */
3585 b43_shm_write16(dev, B43_SHM_SHARED, basic + 2 * offset,
3590 static void b43_op_bss_info_changed(struct ieee80211_hw *hw,
3591 struct ieee80211_vif *vif,
3592 struct ieee80211_bss_conf *conf,
3595 struct b43_wl *wl = hw_to_b43_wl(hw);
3596 struct b43_wldev *dev;
3598 mutex_lock(&wl->mutex);
3600 dev = wl->current_dev;
3601 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3602 goto out_unlock_mutex;
3604 B43_WARN_ON(wl->vif != vif);
3606 if (changed & BSS_CHANGED_BSSID) {
3608 memcpy(wl->bssid, conf->bssid, ETH_ALEN);
3610 memset(wl->bssid, 0, ETH_ALEN);
3613 if (b43_status(dev) >= B43_STAT_INITIALIZED) {
3614 if (changed & BSS_CHANGED_BEACON &&
3615 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3616 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3617 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3618 b43_update_templates(wl);
3620 if (changed & BSS_CHANGED_BSSID)
3621 b43_write_mac_bssid_templates(dev);
3624 b43_mac_suspend(dev);
3626 /* Update templates for AP/mesh mode. */
3627 if (changed & BSS_CHANGED_BEACON_INT &&
3628 (b43_is_mode(wl, NL80211_IFTYPE_AP) ||
3629 b43_is_mode(wl, NL80211_IFTYPE_MESH_POINT) ||
3630 b43_is_mode(wl, NL80211_IFTYPE_ADHOC)))
3631 b43_set_beacon_int(dev, conf->beacon_int);
3633 if (changed & BSS_CHANGED_BASIC_RATES)
3634 b43_update_basic_rates(dev, conf->basic_rates);
3636 if (changed & BSS_CHANGED_ERP_SLOT) {
3637 if (conf->use_short_slot)
3638 b43_short_slot_timing_enable(dev);
3640 b43_short_slot_timing_disable(dev);
3643 b43_mac_enable(dev);
3645 mutex_unlock(&wl->mutex);
3648 static int b43_op_set_key(struct ieee80211_hw *hw, enum set_key_cmd cmd,
3649 struct ieee80211_vif *vif, struct ieee80211_sta *sta,
3650 struct ieee80211_key_conf *key)
3652 struct b43_wl *wl = hw_to_b43_wl(hw);
3653 struct b43_wldev *dev;
3657 static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
3659 if (modparam_nohwcrypt)
3660 return -ENOSPC; /* User disabled HW-crypto */
3662 mutex_lock(&wl->mutex);
3664 dev = wl->current_dev;
3666 if (!dev || b43_status(dev) < B43_STAT_INITIALIZED)
3669 if (dev->fw.pcm_request_failed || !dev->hwcrypto_enabled) {
3670 /* We don't have firmware for the crypto engine.
3671 * Must use software-crypto. */
3679 if (key->keylen == WLAN_KEY_LEN_WEP40)
3680 algorithm = B43_SEC_ALGO_WEP40;
3682 algorithm = B43_SEC_ALGO_WEP104;
3685 algorithm = B43_SEC_ALGO_TKIP;
3688 algorithm = B43_SEC_ALGO_AES;
3694 index = (u8) (key->keyidx);
3700 if (algorithm == B43_SEC_ALGO_TKIP &&
3701 (!(key->flags & IEEE80211_KEY_FLAG_PAIRWISE) ||
3702 !modparam_hwtkip)) {
3703 /* We support only pairwise key */
3708 if (key->flags & IEEE80211_KEY_FLAG_PAIRWISE) {
3709 if (WARN_ON(!sta)) {
3713 /* Pairwise key with an assigned MAC address. */
3714 err = b43_key_write(dev, -1, algorithm,
3715 key->key, key->keylen,
3719 err = b43_key_write(dev, index, algorithm,
3720 key->key, key->keylen, NULL, key);
3725 if (algorithm == B43_SEC_ALGO_WEP40 ||
3726 algorithm == B43_SEC_ALGO_WEP104) {
3727 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_USEDEFKEYS);
3730 b43_hf_read(dev) & ~B43_HF_USEDEFKEYS);
3732 key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV;
3733 if (algorithm == B43_SEC_ALGO_TKIP)
3734 key->flags |= IEEE80211_KEY_FLAG_GENERATE_MMIC;
3737 err = b43_key_clear(dev, key->hw_key_idx);
3748 b43dbg(wl, "%s hardware based encryption for keyidx: %d, "
3750 cmd == SET_KEY ? "Using" : "Disabling", key->keyidx,
3751 sta ? sta->addr : bcast_addr);
3752 b43_dump_keymemory(dev);
3754 mutex_unlock(&wl->mutex);
3759 static void b43_op_configure_filter(struct ieee80211_hw *hw,
3760 unsigned int changed, unsigned int *fflags,
3763 struct b43_wl *wl = hw_to_b43_wl(hw);
3764 struct b43_wldev *dev;
3766 mutex_lock(&wl->mutex);
3767 dev = wl->current_dev;
3773 *fflags &= FIF_PROMISC_IN_BSS |
3779 FIF_BCN_PRBRESP_PROMISC;
3781 changed &= FIF_PROMISC_IN_BSS |
3787 FIF_BCN_PRBRESP_PROMISC;
3789 wl->filter_flags = *fflags;
3791 if (changed && b43_status(dev) >= B43_STAT_INITIALIZED)
3792 b43_adjust_opmode(dev);
3795 mutex_unlock(&wl->mutex);
3798 /* Locking: wl->mutex
3799 * Returns the current dev. This might be different from the passed in dev,
3800 * because the core might be gone away while we unlocked the mutex. */
3801 static struct b43_wldev * b43_wireless_core_stop(struct b43_wldev *dev)
3803 struct b43_wl *wl = dev->wl;
3804 struct b43_wldev *orig_dev;
3807 if (!dev || b43_status(dev) < B43_STAT_STARTED)
3810 /* Cancel work. Unlock to avoid deadlocks. */
3811 mutex_unlock(&wl->mutex);
3812 cancel_delayed_work_sync(&dev->periodic_work);
3813 cancel_work_sync(&wl->tx_work);
3814 mutex_lock(&wl->mutex);
3815 dev = wl->current_dev;
3816 if (!dev || b43_status(dev) < B43_STAT_STARTED) {
3817 /* Whoops, aliens ate up the device while we were unlocked. */
3821 /* Disable interrupts on the device. */
3822 b43_set_status(dev, B43_STAT_INITIALIZED);
3823 if (0 /*FIXME dev->dev->bus->bustype == SSB_BUSTYPE_SDIO*/) {
3824 /* wl->mutex is locked. That is enough. */
3825 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3826 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3828 spin_lock_irq(&wl->hardirq_lock);
3829 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, 0);
3830 b43_read32(dev, B43_MMIO_GEN_IRQ_MASK); /* Flush */
3831 spin_unlock_irq(&wl->hardirq_lock);
3833 /* Synchronize the interrupt handlers. Unlock to avoid deadlocks. */
3835 mutex_unlock(&wl->mutex);
3836 synchronize_irq(dev->dev->irq);
3837 mutex_lock(&wl->mutex);
3838 dev = wl->current_dev;
3841 if (dev != orig_dev) {
3842 if (b43_status(dev) >= B43_STAT_STARTED)
3846 B43_WARN_ON(b43_read32(dev, B43_MMIO_GEN_IRQ_MASK));
3848 /* Drain the TX queue */
3849 while (skb_queue_len(&wl->tx_queue))
3850 dev_kfree_skb(skb_dequeue(&wl->tx_queue));
3852 b43_mac_suspend(dev);
3853 free_irq(dev->dev->irq, dev);
3854 b43dbg(wl, "Wireless interface stopped\n");
3859 /* Locking: wl->mutex */
3860 static int b43_wireless_core_start(struct b43_wldev *dev)
3864 B43_WARN_ON(b43_status(dev) != B43_STAT_INITIALIZED);
3866 drain_txstatus_queue(dev);
3867 err = request_threaded_irq(dev->dev->irq, b43_interrupt_handler,
3868 b43_interrupt_thread_handler,
3869 IRQF_SHARED, KBUILD_MODNAME, dev);
3871 b43err(dev->wl, "Cannot request IRQ-%d\n", dev->dev->irq);
3875 /* We are ready to run. */
3876 b43_set_status(dev, B43_STAT_STARTED);
3878 /* Start data flow (TX/RX). */
3879 b43_mac_enable(dev);
3880 b43_write32(dev, B43_MMIO_GEN_IRQ_MASK, dev->irq_mask);
3882 /* Start maintainance work */
3883 b43_periodic_tasks_setup(dev);
3885 b43dbg(dev->wl, "Wireless interface started\n");
3890 /* Get PHY and RADIO versioning numbers */
3891 static int b43_phy_versioning(struct b43_wldev *dev)
3893 struct b43_phy *phy = &dev->phy;
3901 int unsupported = 0;
3903 /* Get PHY versioning */
3904 tmp = b43_read16(dev, B43_MMIO_PHY_VER);
3905 analog_type = (tmp & B43_PHYVER_ANALOG) >> B43_PHYVER_ANALOG_SHIFT;
3906 phy_type = (tmp & B43_PHYVER_TYPE) >> B43_PHYVER_TYPE_SHIFT;
3907 phy_rev = (tmp & B43_PHYVER_VERSION);
3914 if (phy_rev != 2 && phy_rev != 4 && phy_rev != 6
3922 #ifdef CONFIG_B43_NPHY
3928 #ifdef CONFIG_B43_PHY_LP
3929 case B43_PHYTYPE_LP:
3938 b43err(dev->wl, "FOUND UNSUPPORTED PHY "
3939 "(Analog %u, Type %u, Revision %u)\n",
3940 analog_type, phy_type, phy_rev);
3943 b43dbg(dev->wl, "Found PHY: Analog %u, Type %u, Revision %u\n",
3944 analog_type, phy_type, phy_rev);
3946 /* Get RADIO versioning */
3947 if (dev->dev->bus->chip_id == 0x4317) {
3948 if (dev->dev->bus->chip_rev == 0)
3950 else if (dev->dev->bus->chip_rev == 1)
3955 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3956 tmp = b43_read16(dev, B43_MMIO_RADIO_DATA_LOW);
3957 b43_write16(dev, B43_MMIO_RADIO_CONTROL, B43_RADIOCTL_ID);
3958 tmp |= (u32)b43_read16(dev, B43_MMIO_RADIO_DATA_HIGH) << 16;
3960 radio_manuf = (tmp & 0x00000FFF);
3961 radio_ver = (tmp & 0x0FFFF000) >> 12;
3962 radio_rev = (tmp & 0xF0000000) >> 28;
3963 if (radio_manuf != 0x17F /* Broadcom */)
3967 if (radio_ver != 0x2060)
3971 if (radio_manuf != 0x17F)
3975 if ((radio_ver & 0xFFF0) != 0x2050)
3979 if (radio_ver != 0x2050)
3983 if (radio_ver != 0x2055 && radio_ver != 0x2056)
3986 case B43_PHYTYPE_LP:
3987 if (radio_ver != 0x2062 && radio_ver != 0x2063)
3994 b43err(dev->wl, "FOUND UNSUPPORTED RADIO "
3995 "(Manuf 0x%X, Version 0x%X, Revision %u)\n",
3996 radio_manuf, radio_ver, radio_rev);
3999 b43dbg(dev->wl, "Found Radio: Manuf 0x%X, Version 0x%X, Revision %u\n",
4000 radio_manuf, radio_ver, radio_rev);
4002 phy->radio_manuf = radio_manuf;
4003 phy->radio_ver = radio_ver;
4004 phy->radio_rev = radio_rev;
4006 phy->analog = analog_type;
4007 phy->type = phy_type;
4013 static void setup_struct_phy_for_init(struct b43_wldev *dev,
4014 struct b43_phy *phy)
4016 phy->hardware_power_control = !!modparam_hwpctl;
4017 phy->next_txpwr_check_time = jiffies;
4018 /* PHY TX errors counter. */
4019 atomic_set(&phy->txerr_cnt, B43_PHY_TX_BADNESS_LIMIT);
4022 phy->phy_locked = 0;
4023 phy->radio_locked = 0;
4027 static void setup_struct_wldev_for_init(struct b43_wldev *dev)
4031 /* Assume the radio is enabled. If it's not enabled, the state will
4032 * immediately get fixed on the first periodic work run. */
4033 dev->radio_hw_enable = 1;
4036 memset(&dev->stats, 0, sizeof(dev->stats));
4038 setup_struct_phy_for_init(dev, &dev->phy);
4040 /* IRQ related flags */
4041 dev->irq_reason = 0;
4042 memset(dev->dma_reason, 0, sizeof(dev->dma_reason));
4043 dev->irq_mask = B43_IRQ_MASKTEMPLATE;
4044 if (b43_modparam_verbose < B43_VERBOSITY_DEBUG)
4045 dev->irq_mask &= ~B43_IRQ_PHY_TXERR;
4047 dev->mac_suspended = 1;
4049 /* Noise calculation context */
4050 memset(&dev->noisecalc, 0, sizeof(dev->noisecalc));
4053 static void b43_bluetooth_coext_enable(struct b43_wldev *dev)
4055 struct ssb_sprom *sprom = &dev->dev->bus->sprom;
4058 if (!modparam_btcoex)
4060 if (!(sprom->boardflags_lo & B43_BFL_BTCOEXIST))
4062 if (dev->phy.type != B43_PHYTYPE_B && !dev->phy.gmode)
4065 hf = b43_hf_read(dev);
4066 if (sprom->boardflags_lo & B43_BFL_BTCMOD)
4067 hf |= B43_HF_BTCOEXALT;
4069 hf |= B43_HF_BTCOEX;
4070 b43_hf_write(dev, hf);
4073 static void b43_bluetooth_coext_disable(struct b43_wldev *dev)
4075 if (!modparam_btcoex)
4080 static void b43_imcfglo_timeouts_workaround(struct b43_wldev *dev)
4082 #ifdef CONFIG_SSB_DRIVER_PCICORE
4083 struct ssb_bus *bus = dev->dev->bus;
4086 if (bus->pcicore.dev &&
4087 bus->pcicore.dev->id.coreid == SSB_DEV_PCI &&
4088 bus->pcicore.dev->id.revision <= 5) {
4089 /* IMCFGLO timeouts workaround. */
4090 tmp = ssb_read32(dev->dev, SSB_IMCFGLO);
4091 switch (bus->bustype) {
4092 case SSB_BUSTYPE_PCI:
4093 case SSB_BUSTYPE_PCMCIA:
4094 tmp &= ~SSB_IMCFGLO_REQTO;
4095 tmp &= ~SSB_IMCFGLO_SERTO;
4098 case SSB_BUSTYPE_SSB:
4099 tmp &= ~SSB_IMCFGLO_REQTO;
4100 tmp &= ~SSB_IMCFGLO_SERTO;
4106 ssb_write32(dev->dev, SSB_IMCFGLO, tmp);
4108 #endif /* CONFIG_SSB_DRIVER_PCICORE */
4111 static void b43_set_synth_pu_delay(struct b43_wldev *dev, bool idle)
4115 /* The time value is in microseconds. */
4116 if (dev->phy.type == B43_PHYTYPE_A)
4120 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC) || idle)
4122 if ((dev->phy.radio_ver == 0x2050) && (dev->phy.radio_rev == 8))
4123 pu_delay = max(pu_delay, (u16)2400);
4125 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SPUWKUP, pu_delay);
4128 /* Set the TSF CFP pre-TargetBeaconTransmissionTime. */
4129 static void b43_set_pretbtt(struct b43_wldev *dev)
4133 /* The time value is in microseconds. */
4134 if (b43_is_mode(dev->wl, NL80211_IFTYPE_ADHOC)) {
4137 if (dev->phy.type == B43_PHYTYPE_A)
4142 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRETBTT, pretbtt);
4143 b43_write16(dev, B43_MMIO_TSF_CFP_PRETBTT, pretbtt);
4146 /* Shutdown a wireless core */
4147 /* Locking: wl->mutex */
4148 static void b43_wireless_core_exit(struct b43_wldev *dev)
4152 B43_WARN_ON(dev && b43_status(dev) > B43_STAT_INITIALIZED);
4153 if (!dev || b43_status(dev) != B43_STAT_INITIALIZED)
4155 b43_set_status(dev, B43_STAT_UNINIT);
4157 /* Stop the microcode PSM. */
4158 macctl = b43_read32(dev, B43_MMIO_MACCTL);
4159 macctl &= ~B43_MACCTL_PSM_RUN;
4160 macctl |= B43_MACCTL_PSM_JMP0;
4161 b43_write32(dev, B43_MMIO_MACCTL, macctl);
4163 if (!dev->suspend_in_progress) {
4165 b43_rng_exit(dev->wl);
4170 dev->phy.ops->switch_analog(dev, 0);
4171 if (dev->wl->current_beacon) {
4172 dev_kfree_skb_any(dev->wl->current_beacon);
4173 dev->wl->current_beacon = NULL;
4176 ssb_device_disable(dev->dev, 0);
4177 ssb_bus_may_powerdown(dev->dev->bus);
4180 /* Initialize a wireless core */
4181 static int b43_wireless_core_init(struct b43_wldev *dev)
4183 struct b43_wl *wl = dev->wl;
4184 struct ssb_bus *bus = dev->dev->bus;
4185 struct ssb_sprom *sprom = &bus->sprom;
4186 struct b43_phy *phy = &dev->phy;
4191 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4193 err = ssb_bus_powerup(bus, 0);
4196 if (!ssb_device_is_enabled(dev->dev)) {
4197 tmp = phy->gmode ? B43_TMSLOW_GMODE : 0;
4198 b43_wireless_core_reset(dev, tmp);
4201 /* Reset all data structures. */
4202 setup_struct_wldev_for_init(dev);
4203 phy->ops->prepare_structs(dev);
4205 /* Enable IRQ routing to this device. */
4206 ssb_pcicore_dev_irqvecs_enable(&bus->pcicore, dev->dev);
4208 b43_imcfglo_timeouts_workaround(dev);
4209 b43_bluetooth_coext_disable(dev);
4210 if (phy->ops->prepare_hardware) {
4211 err = phy->ops->prepare_hardware(dev);
4215 err = b43_chip_init(dev);
4218 b43_shm_write16(dev, B43_SHM_SHARED,
4219 B43_SHM_SH_WLCOREREV, dev->dev->id.revision);
4220 hf = b43_hf_read(dev);
4221 if (phy->type == B43_PHYTYPE_G) {
4225 if (sprom->boardflags_lo & B43_BFL_PACTRL)
4226 hf |= B43_HF_OFDMPABOOST;
4228 if (phy->radio_ver == 0x2050) {
4229 if (phy->radio_rev == 6)
4230 hf |= B43_HF_4318TSSI;
4231 if (phy->radio_rev < 6)
4232 hf |= B43_HF_VCORECALC;
4234 if (sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW)
4235 hf |= B43_HF_DSCRQ; /* Disable slowclock requests from ucode. */
4236 #ifdef CONFIG_SSB_DRIVER_PCICORE
4237 if ((bus->bustype == SSB_BUSTYPE_PCI) &&
4238 (bus->pcicore.dev->id.revision <= 10))
4239 hf |= B43_HF_PCISCW; /* PCI slow clock workaround. */
4241 hf &= ~B43_HF_SKCFPUP;
4242 b43_hf_write(dev, hf);
4244 b43_set_retry_limits(dev, B43_DEFAULT_SHORT_RETRY_LIMIT,
4245 B43_DEFAULT_LONG_RETRY_LIMIT);
4246 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_SFFBLIM, 3);
4247 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_LFFBLIM, 2);
4249 /* Disable sending probe responses from firmware.
4250 * Setting the MaxTime to one usec will always trigger
4251 * a timeout, so we never send any probe resp.
4252 * A timeout of zero is infinite. */
4253 b43_shm_write16(dev, B43_SHM_SHARED, B43_SHM_SH_PRMAXTIME, 1);
4255 b43_rate_memory_init(dev);
4256 b43_set_phytxctl_defaults(dev);
4258 /* Minimum Contention Window */
4259 if (phy->type == B43_PHYTYPE_B) {
4260 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0x1F);
4262 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MINCONT, 0xF);
4264 /* Maximum Contention Window */
4265 b43_shm_write16(dev, B43_SHM_SCRATCH, B43_SHM_SC_MAXCONT, 0x3FF);
4267 if ((dev->dev->bus->bustype == SSB_BUSTYPE_PCMCIA) || B43_FORCE_PIO) {
4268 dev->__using_pio_transfers = 1;
4269 err = b43_pio_init(dev);
4271 dev->__using_pio_transfers = 0;
4272 err = b43_dma_init(dev);
4277 b43_set_synth_pu_delay(dev, 1);
4278 b43_bluetooth_coext_enable(dev);
4280 ssb_bus_powerup(bus, !(sprom->boardflags_lo & B43_BFL_XTAL_NOSLOW));
4281 b43_upload_card_macaddress(dev);
4282 b43_security_init(dev);
4283 if (!dev->suspend_in_progress)
4286 ieee80211_wake_queues(dev->wl->hw);
4288 b43_set_status(dev, B43_STAT_INITIALIZED);
4290 if (!dev->suspend_in_progress)
4298 ssb_bus_may_powerdown(bus);
4299 B43_WARN_ON(b43_status(dev) != B43_STAT_UNINIT);
4303 static int b43_op_add_interface(struct ieee80211_hw *hw,
4304 struct ieee80211_if_init_conf *conf)
4306 struct b43_wl *wl = hw_to_b43_wl(hw);
4307 struct b43_wldev *dev;
4308 int err = -EOPNOTSUPP;
4310 /* TODO: allow WDS/AP devices to coexist */
4312 if (conf->type != NL80211_IFTYPE_AP &&
4313 conf->type != NL80211_IFTYPE_MESH_POINT &&
4314 conf->type != NL80211_IFTYPE_STATION &&
4315 conf->type != NL80211_IFTYPE_WDS &&
4316 conf->type != NL80211_IFTYPE_ADHOC)
4319 mutex_lock(&wl->mutex);
4321 goto out_mutex_unlock;
4323 b43dbg(wl, "Adding Interface type %d\n", conf->type);
4325 dev = wl->current_dev;
4327 wl->vif = conf->vif;
4328 wl->if_type = conf->type;
4329 memcpy(wl->mac_addr, conf->mac_addr, ETH_ALEN);
4331 b43_adjust_opmode(dev);
4332 b43_set_pretbtt(dev);
4333 b43_set_synth_pu_delay(dev, 0);
4334 b43_upload_card_macaddress(dev);
4338 mutex_unlock(&wl->mutex);
4343 static void b43_op_remove_interface(struct ieee80211_hw *hw,
4344 struct ieee80211_if_init_conf *conf)
4346 struct b43_wl *wl = hw_to_b43_wl(hw);
4347 struct b43_wldev *dev = wl->current_dev;
4349 b43dbg(wl, "Removing Interface type %d\n", conf->type);
4351 mutex_lock(&wl->mutex);
4353 B43_WARN_ON(!wl->operating);
4354 B43_WARN_ON(wl->vif != conf->vif);
4359 b43_adjust_opmode(dev);
4360 memset(wl->mac_addr, 0, ETH_ALEN);
4361 b43_upload_card_macaddress(dev);
4363 mutex_unlock(&wl->mutex);
4366 static int b43_op_start(struct ieee80211_hw *hw)
4368 struct b43_wl *wl = hw_to_b43_wl(hw);
4369 struct b43_wldev *dev = wl->current_dev;
4373 /* Kill all old instance specific information to make sure
4374 * the card won't use it in the short timeframe between start
4375 * and mac80211 reconfiguring it. */
4376 memset(wl->bssid, 0, ETH_ALEN);
4377 memset(wl->mac_addr, 0, ETH_ALEN);
4378 wl->filter_flags = 0;
4379 wl->radiotap_enabled = 0;
4381 wl->beacon0_uploaded = 0;
4382 wl->beacon1_uploaded = 0;
4383 wl->beacon_templates_virgin = 1;
4384 wl->radio_enabled = 1;
4386 mutex_lock(&wl->mutex);
4388 if (b43_status(dev) < B43_STAT_INITIALIZED) {
4389 err = b43_wireless_core_init(dev);
4391 goto out_mutex_unlock;
4395 if (b43_status(dev) < B43_STAT_STARTED) {
4396 err = b43_wireless_core_start(dev);
4399 b43_wireless_core_exit(dev);
4400 goto out_mutex_unlock;
4404 /* XXX: only do if device doesn't support rfkill irq */
4405 wiphy_rfkill_start_polling(hw->wiphy);
4408 mutex_unlock(&wl->mutex);
4413 static void b43_op_stop(struct ieee80211_hw *hw)
4415 struct b43_wl *wl = hw_to_b43_wl(hw);
4416 struct b43_wldev *dev = wl->current_dev;
4418 cancel_work_sync(&(wl->beacon_update_trigger));
4420 mutex_lock(&wl->mutex);
4421 if (b43_status(dev) >= B43_STAT_STARTED) {
4422 dev = b43_wireless_core_stop(dev);
4426 b43_wireless_core_exit(dev);
4427 wl->radio_enabled = 0;
4430 mutex_unlock(&wl->mutex);
4432 cancel_work_sync(&(wl->txpower_adjust_work));
4435 static int b43_op_beacon_set_tim(struct ieee80211_hw *hw,
4436 struct ieee80211_sta *sta, bool set)
4438 struct b43_wl *wl = hw_to_b43_wl(hw);
4440 mutex_lock(&wl->mutex);
4441 b43_update_templates(wl);
4442 mutex_unlock(&wl->mutex);
4447 static void b43_op_sta_notify(struct ieee80211_hw *hw,
4448 struct ieee80211_vif *vif,
4449 enum sta_notify_cmd notify_cmd,
4450 struct ieee80211_sta *sta)
4452 struct b43_wl *wl = hw_to_b43_wl(hw);
4454 B43_WARN_ON(!vif || wl->vif != vif);
4457 static void b43_op_sw_scan_start_notifier(struct ieee80211_hw *hw)
4459 struct b43_wl *wl = hw_to_b43_wl(hw);
4460 struct b43_wldev *dev;
4462 mutex_lock(&wl->mutex);
4463 dev = wl->current_dev;
4464 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4465 /* Disable CFP update during scan on other channels. */
4466 b43_hf_write(dev, b43_hf_read(dev) | B43_HF_SKCFPUP);
4468 mutex_unlock(&wl->mutex);
4471 static void b43_op_sw_scan_complete_notifier(struct ieee80211_hw *hw)
4473 struct b43_wl *wl = hw_to_b43_wl(hw);
4474 struct b43_wldev *dev;
4476 mutex_lock(&wl->mutex);
4477 dev = wl->current_dev;
4478 if (dev && (b43_status(dev) >= B43_STAT_INITIALIZED)) {
4479 /* Re-enable CFP update. */
4480 b43_hf_write(dev, b43_hf_read(dev) & ~B43_HF_SKCFPUP);
4482 mutex_unlock(&wl->mutex);
4485 static const struct ieee80211_ops b43_hw_ops = {
4487 .conf_tx = b43_op_conf_tx,
4488 .add_interface = b43_op_add_interface,
4489 .remove_interface = b43_op_remove_interface,
4490 .config = b43_op_config,
4491 .bss_info_changed = b43_op_bss_info_changed,
4492 .configure_filter = b43_op_configure_filter,
4493 .set_key = b43_op_set_key,
4494 .update_tkip_key = b43_op_update_tkip_key,
4495 .get_stats = b43_op_get_stats,
4496 .get_tx_stats = b43_op_get_tx_stats,
4497 .get_tsf = b43_op_get_tsf,
4498 .set_tsf = b43_op_set_tsf,
4499 .start = b43_op_start,
4500 .stop = b43_op_stop,
4501 .set_tim = b43_op_beacon_set_tim,
4502 .sta_notify = b43_op_sta_notify,
4503 .sw_scan_start = b43_op_sw_scan_start_notifier,
4504 .sw_scan_complete = b43_op_sw_scan_complete_notifier,
4505 .rfkill_poll = b43_rfkill_poll,
4508 /* Hard-reset the chip. Do not call this directly.
4509 * Use b43_controller_restart()
4511 static void b43_chip_reset(struct work_struct *work)
4513 struct b43_wldev *dev =
4514 container_of(work, struct b43_wldev, restart_work);
4515 struct b43_wl *wl = dev->wl;
4519 mutex_lock(&wl->mutex);
4521 prev_status = b43_status(dev);
4522 /* Bring the device down... */
4523 if (prev_status >= B43_STAT_STARTED) {
4524 dev = b43_wireless_core_stop(dev);
4530 if (prev_status >= B43_STAT_INITIALIZED)
4531 b43_wireless_core_exit(dev);
4533 /* ...and up again. */
4534 if (prev_status >= B43_STAT_INITIALIZED) {
4535 err = b43_wireless_core_init(dev);
4539 if (prev_status >= B43_STAT_STARTED) {
4540 err = b43_wireless_core_start(dev);
4542 b43_wireless_core_exit(dev);
4548 wl->current_dev = NULL; /* Failed to init the dev. */
4549 mutex_unlock(&wl->mutex);
4551 b43err(wl, "Controller restart FAILED\n");
4553 b43info(wl, "Controller restarted\n");
4556 static int b43_setup_bands(struct b43_wldev *dev,
4557 bool have_2ghz_phy, bool have_5ghz_phy)
4559 struct ieee80211_hw *hw = dev->wl->hw;
4562 hw->wiphy->bands[IEEE80211_BAND_2GHZ] = &b43_band_2GHz;
4563 if (dev->phy.type == B43_PHYTYPE_N) {
4565 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_nphy;
4568 hw->wiphy->bands[IEEE80211_BAND_5GHZ] = &b43_band_5GHz_aphy;
4571 dev->phy.supports_2ghz = have_2ghz_phy;
4572 dev->phy.supports_5ghz = have_5ghz_phy;
4577 static void b43_wireless_core_detach(struct b43_wldev *dev)
4579 /* We release firmware that late to not be required to re-request
4580 * is all the time when we reinit the core. */
4581 b43_release_firmware(dev);
4585 static int b43_wireless_core_attach(struct b43_wldev *dev)
4587 struct b43_wl *wl = dev->wl;
4588 struct ssb_bus *bus = dev->dev->bus;
4589 struct pci_dev *pdev = bus->host_pci;
4591 bool have_2ghz_phy = 0, have_5ghz_phy = 0;
4594 /* Do NOT do any device initialization here.
4595 * Do it in wireless_core_init() instead.
4596 * This function is for gathering basic information about the HW, only.
4597 * Also some structs may be set up here. But most likely you want to have
4598 * that in core_init(), too.
4601 err = ssb_bus_powerup(bus, 0);
4603 b43err(wl, "Bus powerup failed\n");
4606 /* Get the PHY type. */
4607 if (dev->dev->id.revision >= 5) {
4610 tmshigh = ssb_read32(dev->dev, SSB_TMSHIGH);
4611 have_2ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_2GHZ_PHY);
4612 have_5ghz_phy = !!(tmshigh & B43_TMSHIGH_HAVE_5GHZ_PHY);
4616 dev->phy.gmode = have_2ghz_phy;
4617 dev->phy.radio_on = 1;
4618 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4619 b43_wireless_core_reset(dev, tmp);
4621 err = b43_phy_versioning(dev);
4624 /* Check if this device supports multiband. */
4626 (pdev->device != 0x4312 &&
4627 pdev->device != 0x4319 && pdev->device != 0x4324)) {
4628 /* No multiband support. */
4631 switch (dev->phy.type) {
4635 case B43_PHYTYPE_LP: //FIXME not always!
4636 #if 0 //FIXME enabling 5GHz causes a NULL pointer dereference
4647 if (dev->phy.type == B43_PHYTYPE_A) {
4649 b43err(wl, "IEEE 802.11a devices are unsupported\n");
4653 if (1 /* disable A-PHY */) {
4654 /* FIXME: For now we disable the A-PHY on multi-PHY devices. */
4655 if (dev->phy.type != B43_PHYTYPE_N &&
4656 dev->phy.type != B43_PHYTYPE_LP) {
4662 err = b43_phy_allocate(dev);
4666 dev->phy.gmode = have_2ghz_phy;
4667 tmp = dev->phy.gmode ? B43_TMSLOW_GMODE : 0;
4668 b43_wireless_core_reset(dev, tmp);
4670 err = b43_validate_chipaccess(dev);
4673 err = b43_setup_bands(dev, have_2ghz_phy, have_5ghz_phy);
4677 /* Now set some default "current_dev" */
4678 if (!wl->current_dev)
4679 wl->current_dev = dev;
4680 INIT_WORK(&dev->restart_work, b43_chip_reset);
4682 dev->phy.ops->switch_analog(dev, 0);
4683 ssb_device_disable(dev->dev, 0);
4684 ssb_bus_may_powerdown(bus);
4692 ssb_bus_may_powerdown(bus);
4696 static void b43_one_core_detach(struct ssb_device *dev)
4698 struct b43_wldev *wldev;
4701 /* Do not cancel ieee80211-workqueue based work here.
4702 * See comment in b43_remove(). */
4704 wldev = ssb_get_drvdata(dev);
4706 b43_debugfs_remove_device(wldev);
4707 b43_wireless_core_detach(wldev);
4708 list_del(&wldev->list);
4710 ssb_set_drvdata(dev, NULL);
4714 static int b43_one_core_attach(struct ssb_device *dev, struct b43_wl *wl)
4716 struct b43_wldev *wldev;
4717 struct pci_dev *pdev;
4720 if (!list_empty(&wl->devlist)) {
4721 /* We are not the first core on this chip. */
4722 pdev = dev->bus->host_pci;
4723 /* Only special chips support more than one wireless
4724 * core, although some of the other chips have more than
4725 * one wireless core as well. Check for this and
4729 ((pdev->device != 0x4321) &&
4730 (pdev->device != 0x4313) && (pdev->device != 0x431A))) {
4731 b43dbg(wl, "Ignoring unconnected 802.11 core\n");
4736 wldev = kzalloc(sizeof(*wldev), GFP_KERNEL);
4742 b43_set_status(wldev, B43_STAT_UNINIT);
4743 wldev->bad_frames_preempt = modparam_bad_frames_preempt;
4744 INIT_LIST_HEAD(&wldev->list);
4746 err = b43_wireless_core_attach(wldev);
4748 goto err_kfree_wldev;
4750 list_add(&wldev->list, &wl->devlist);
4752 ssb_set_drvdata(dev, wldev);
4753 b43_debugfs_add_device(wldev);
4763 #define IS_PDEV(pdev, _vendor, _device, _subvendor, _subdevice) ( \
4764 (pdev->vendor == PCI_VENDOR_ID_##_vendor) && \
4765 (pdev->device == _device) && \
4766 (pdev->subsystem_vendor == PCI_VENDOR_ID_##_subvendor) && \
4767 (pdev->subsystem_device == _subdevice) )
4769 static void b43_sprom_fixup(struct ssb_bus *bus)
4771 struct pci_dev *pdev;
4773 /* boardflags workarounds */
4774 if (bus->boardinfo.vendor == SSB_BOARDVENDOR_DELL &&
4775 bus->chip_id == 0x4301 && bus->boardinfo.rev == 0x74)
4776 bus->sprom.boardflags_lo |= B43_BFL_BTCOEXIST;
4777 if (bus->boardinfo.vendor == PCI_VENDOR_ID_APPLE &&
4778 bus->boardinfo.type == 0x4E && bus->boardinfo.rev > 0x40)
4779 bus->sprom.boardflags_lo |= B43_BFL_PACTRL;
4780 if (bus->bustype == SSB_BUSTYPE_PCI) {
4781 pdev = bus->host_pci;
4782 if (IS_PDEV(pdev, BROADCOM, 0x4318, ASUSTEK, 0x100F) ||
4783 IS_PDEV(pdev, BROADCOM, 0x4320, DELL, 0x0003) ||
4784 IS_PDEV(pdev, BROADCOM, 0x4320, HP, 0x12f8) ||
4785 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0015) ||
4786 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0014) ||
4787 IS_PDEV(pdev, BROADCOM, 0x4320, LINKSYS, 0x0013) ||
4788 IS_PDEV(pdev, BROADCOM, 0x4320, MOTOROLA, 0x7010))
4789 bus->sprom.boardflags_lo &= ~B43_BFL_BTCOEXIST;
4793 static void b43_wireless_exit(struct ssb_device *dev, struct b43_wl *wl)
4795 struct ieee80211_hw *hw = wl->hw;
4797 ssb_set_devtypedata(dev, NULL);
4798 ieee80211_free_hw(hw);
4801 static int b43_wireless_init(struct ssb_device *dev)
4803 struct ssb_sprom *sprom = &dev->bus->sprom;
4804 struct ieee80211_hw *hw;
4808 b43_sprom_fixup(dev->bus);
4810 hw = ieee80211_alloc_hw(sizeof(*wl), &b43_hw_ops);
4812 b43err(NULL, "Could not allocate ieee80211 device\n");
4815 wl = hw_to_b43_wl(hw);
4818 hw->flags = IEEE80211_HW_RX_INCLUDES_FCS |
4819 IEEE80211_HW_SIGNAL_DBM |
4820 IEEE80211_HW_NOISE_DBM;
4822 hw->wiphy->interface_modes =
4823 BIT(NL80211_IFTYPE_AP) |
4824 BIT(NL80211_IFTYPE_MESH_POINT) |
4825 BIT(NL80211_IFTYPE_STATION) |
4826 BIT(NL80211_IFTYPE_WDS) |
4827 BIT(NL80211_IFTYPE_ADHOC);
4829 hw->queues = modparam_qos ? 4 : 1;
4830 wl->mac80211_initially_registered_queues = hw->queues;
4832 SET_IEEE80211_DEV(hw, dev->dev);
4833 if (is_valid_ether_addr(sprom->et1mac))
4834 SET_IEEE80211_PERM_ADDR(hw, sprom->et1mac);
4836 SET_IEEE80211_PERM_ADDR(hw, sprom->il0mac);
4838 /* Initialize struct b43_wl */
4840 spin_lock_init(&wl->leds_lock);
4841 mutex_init(&wl->mutex);
4842 spin_lock_init(&wl->hardirq_lock);
4843 INIT_LIST_HEAD(&wl->devlist);
4844 INIT_WORK(&wl->beacon_update_trigger, b43_beacon_update_trigger_work);
4845 INIT_WORK(&wl->txpower_adjust_work, b43_phy_txpower_adjust_work);
4846 INIT_WORK(&wl->tx_work, b43_tx_work);
4847 skb_queue_head_init(&wl->tx_queue);
4849 ssb_set_devtypedata(dev, wl);
4850 b43info(wl, "Broadcom %04X WLAN found (core revision %u)\n",
4851 dev->bus->chip_id, dev->id.revision);
4857 static int b43_probe(struct ssb_device *dev, const struct ssb_device_id *id)
4863 wl = ssb_get_devtypedata(dev);
4865 /* Probing the first core. Must setup common struct b43_wl */
4867 err = b43_wireless_init(dev);
4870 wl = ssb_get_devtypedata(dev);
4873 err = b43_one_core_attach(dev, wl);
4875 goto err_wireless_exit;
4878 err = ieee80211_register_hw(wl->hw);
4880 goto err_one_core_detach;
4886 err_one_core_detach:
4887 b43_one_core_detach(dev);
4890 b43_wireless_exit(dev, wl);
4894 static void b43_remove(struct ssb_device *dev)
4896 struct b43_wl *wl = ssb_get_devtypedata(dev);
4897 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4899 /* We must cancel any work here before unregistering from ieee80211,
4900 * as the ieee80211 unreg will destroy the workqueue. */
4901 cancel_work_sync(&wldev->restart_work);
4904 if (wl->current_dev == wldev) {
4905 /* Restore the queues count before unregistering, because firmware detect
4906 * might have modified it. Restoring is important, so the networking
4907 * stack can properly free resources. */
4908 wl->hw->queues = wl->mac80211_initially_registered_queues;
4909 ieee80211_unregister_hw(wl->hw);
4912 b43_one_core_detach(dev);
4914 if (list_empty(&wl->devlist)) {
4915 /* Last core on the chip unregistered.
4916 * We can destroy common struct b43_wl.
4918 b43_wireless_exit(dev, wl);
4922 /* Perform a hardware reset. This can be called from any context. */
4923 void b43_controller_restart(struct b43_wldev *dev, const char *reason)
4925 /* Must avoid requeueing, if we are in shutdown. */
4926 if (b43_status(dev) < B43_STAT_INITIALIZED)
4928 b43info(dev->wl, "Controller RESET (%s) ...\n", reason);
4929 ieee80211_queue_work(dev->wl->hw, &dev->restart_work);
4934 static int b43_suspend(struct ssb_device *dev, pm_message_t state)
4936 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4937 struct b43_wl *wl = wldev->wl;
4939 b43dbg(wl, "Suspending...\n");
4941 mutex_lock(&wl->mutex);
4942 wldev->suspend_in_progress = true;
4943 wldev->suspend_init_status = b43_status(wldev);
4944 if (wldev->suspend_init_status >= B43_STAT_STARTED)
4945 wldev = b43_wireless_core_stop(wldev);
4946 if (wldev && wldev->suspend_init_status >= B43_STAT_INITIALIZED)
4947 b43_wireless_core_exit(wldev);
4948 mutex_unlock(&wl->mutex);
4950 b43dbg(wl, "Device suspended.\n");
4955 static int b43_resume(struct ssb_device *dev)
4957 struct b43_wldev *wldev = ssb_get_drvdata(dev);
4958 struct b43_wl *wl = wldev->wl;
4961 b43dbg(wl, "Resuming...\n");
4963 mutex_lock(&wl->mutex);
4964 if (wldev->suspend_init_status >= B43_STAT_INITIALIZED) {
4965 err = b43_wireless_core_init(wldev);
4967 b43err(wl, "Resume failed at core init\n");
4971 if (wldev->suspend_init_status >= B43_STAT_STARTED) {
4972 err = b43_wireless_core_start(wldev);
4974 b43_leds_exit(wldev);
4975 b43_rng_exit(wldev->wl);
4976 b43_wireless_core_exit(wldev);
4977 b43err(wl, "Resume failed at core start\n");
4981 b43dbg(wl, "Device resumed.\n");
4983 wldev->suspend_in_progress = false;
4984 mutex_unlock(&wl->mutex);
4988 #else /* CONFIG_PM */
4989 # define b43_suspend NULL
4990 # define b43_resume NULL
4991 #endif /* CONFIG_PM */
4993 static struct ssb_driver b43_ssb_driver = {
4994 .name = KBUILD_MODNAME,
4995 .id_table = b43_ssb_tbl,
4997 .remove = b43_remove,
4998 .suspend = b43_suspend,
4999 .resume = b43_resume,
5002 static void b43_print_driverinfo(void)
5004 const char *feat_pci = "", *feat_pcmcia = "", *feat_nphy = "",
5007 #ifdef CONFIG_B43_PCI_AUTOSELECT
5010 #ifdef CONFIG_B43_PCMCIA
5013 #ifdef CONFIG_B43_NPHY
5016 #ifdef CONFIG_B43_LEDS
5019 printk(KERN_INFO "Broadcom 43xx driver loaded "
5020 "[ Features: %s%s%s%s, Firmware-ID: "
5021 B43_SUPPORTED_FIRMWARE_ID " ]\n",
5022 feat_pci, feat_pcmcia, feat_nphy,
5026 static int __init b43_init(void)
5031 err = b43_pcmcia_init();
5034 err = ssb_driver_register(&b43_ssb_driver);
5036 goto err_pcmcia_exit;
5037 b43_print_driverinfo();
5048 static void __exit b43_exit(void)
5050 ssb_driver_unregister(&b43_ssb_driver);
5055 module_init(b43_init)
5056 module_exit(b43_exit)
Code Review / linux-2.6.git / blob