if_wpi.c revision 280107
1/*- 2 * Copyright (c) 2006,2007 3 * Damien Bergamini <damien.bergamini@free.fr> 4 * Benjamin Close <Benjamin.Close@clearchain.com> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#include <sys/cdefs.h> 20__FBSDID("$FreeBSD: head/sys/dev/wpi/if_wpi.c 280107 2015-03-15 21:19:52Z adrian $"); 21 22/* 23 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 24 * 25 * The 3945ABG network adapter doesn't use traditional hardware as 26 * many other adaptors do. Instead at run time the eeprom is set into a known 27 * state and told to load boot firmware. The boot firmware loads an init and a 28 * main binary firmware image into SRAM on the card via DMA. 29 * Once the firmware is loaded, the driver/hw then 30 * communicate by way of circular dma rings via the SRAM to the firmware. 31 * 32 * There is 6 memory rings. 1 command ring, 1 rx data ring & 4 tx data rings. 33 * The 4 tx data rings allow for prioritization QoS. 34 * 35 * The rx data ring consists of 32 dma buffers. Two registers are used to 36 * indicate where in the ring the driver and the firmware are up to. The 37 * driver sets the initial read index (reg1) and the initial write index (reg2), 38 * the firmware updates the read index (reg1) on rx of a packet and fires an 39 * interrupt. The driver then processes the buffers starting at reg1 indicating 40 * to the firmware which buffers have been accessed by updating reg2. At the 41 * same time allocating new memory for the processed buffer. 42 * 43 * A similar thing happens with the tx rings. The difference is the firmware 44 * stop processing buffers once the queue is full and until confirmation 45 * of a successful transmition (tx_done) has occurred. 46 * 47 * The command ring operates in the same manner as the tx queues. 48 * 49 * All communication direct to the card (ie eeprom) is classed as Stage1 50 * communication 51 * 52 * All communication via the firmware to the card is classed as State2. 53 * The firmware consists of 2 parts. A bootstrap firmware and a runtime 54 * firmware. The bootstrap firmware and runtime firmware are loaded 55 * from host memory via dma to the card then told to execute. From this point 56 * on the majority of communications between the driver and the card goes 57 * via the firmware. 58 */ 59 60#include "opt_wlan.h" 61#include "opt_wpi.h" 62 63#include <sys/param.h> 64#include <sys/sysctl.h> 65#include <sys/sockio.h> 66#include <sys/mbuf.h> 67#include <sys/kernel.h> 68#include <sys/socket.h> 69#include <sys/systm.h> 70#include <sys/malloc.h> 71#include <sys/queue.h> 72#include <sys/taskqueue.h> 73#include <sys/module.h> 74#include <sys/bus.h> 75#include <sys/endian.h> 76#include <sys/linker.h> 77#include <sys/firmware.h> 78 79#include <machine/bus.h> 80#include <machine/resource.h> 81#include <sys/rman.h> 82 83#include <dev/pci/pcireg.h> 84#include <dev/pci/pcivar.h> 85 86#include <net/bpf.h> 87#include <net/if.h> 88#include <net/if_var.h> 89#include <net/if_arp.h> 90#include <net/ethernet.h> 91#include <net/if_dl.h> 92#include <net/if_media.h> 93#include <net/if_types.h> 94 95#include <netinet/in.h> 96#include <netinet/in_systm.h> 97#include <netinet/in_var.h> 98#include <netinet/if_ether.h> 99#include <netinet/ip.h> 100 101#include <net80211/ieee80211_var.h> 102#include <net80211/ieee80211_radiotap.h> 103#include <net80211/ieee80211_regdomain.h> 104#include <net80211/ieee80211_ratectl.h> 105 106#include <dev/wpi/if_wpireg.h> 107#include <dev/wpi/if_wpivar.h> 108#include <dev/wpi/if_wpi_debug.h> 109 110struct wpi_ident { 111 uint16_t vendor; 112 uint16_t device; 113 uint16_t subdevice; 114 const char *name; 115}; 116 117static const struct wpi_ident wpi_ident_table[] = { 118 /* The below entries support ABG regardless of the subid */ 119 { 0x8086, 0x4222, 0x0, "Intel(R) PRO/Wireless 3945ABG" }, 120 { 0x8086, 0x4227, 0x0, "Intel(R) PRO/Wireless 3945ABG" }, 121 /* The below entries only support BG */ 122 { 0x8086, 0x4222, 0x1005, "Intel(R) PRO/Wireless 3945BG" }, 123 { 0x8086, 0x4222, 0x1034, "Intel(R) PRO/Wireless 3945BG" }, 124 { 0x8086, 0x4227, 0x1014, "Intel(R) PRO/Wireless 3945BG" }, 125 { 0x8086, 0x4222, 0x1044, "Intel(R) PRO/Wireless 3945BG" }, 126 { 0, 0, 0, NULL } 127}; 128 129static int wpi_probe(device_t); 130static int wpi_attach(device_t); 131static void wpi_radiotap_attach(struct wpi_softc *); 132static void wpi_sysctlattach(struct wpi_softc *); 133static void wpi_init_beacon(struct wpi_vap *); 134static struct ieee80211vap *wpi_vap_create(struct ieee80211com *, 135 const char [IFNAMSIZ], int, enum ieee80211_opmode, int, 136 const uint8_t [IEEE80211_ADDR_LEN], 137 const uint8_t [IEEE80211_ADDR_LEN]); 138static void wpi_vap_delete(struct ieee80211vap *); 139static int wpi_detach(device_t); 140static int wpi_shutdown(device_t); 141static int wpi_suspend(device_t); 142static int wpi_resume(device_t); 143static int wpi_nic_lock(struct wpi_softc *); 144static int wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int); 145static void wpi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 146static int wpi_dma_contig_alloc(struct wpi_softc *, struct wpi_dma_info *, 147 void **, bus_size_t, bus_size_t); 148static void wpi_dma_contig_free(struct wpi_dma_info *); 149static int wpi_alloc_shared(struct wpi_softc *); 150static void wpi_free_shared(struct wpi_softc *); 151static int wpi_alloc_fwmem(struct wpi_softc *); 152static void wpi_free_fwmem(struct wpi_softc *); 153static int wpi_alloc_rx_ring(struct wpi_softc *); 154static void wpi_update_rx_ring(struct wpi_softc *); 155static void wpi_reset_rx_ring(struct wpi_softc *); 156static void wpi_free_rx_ring(struct wpi_softc *); 157static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, 158 int); 159static void wpi_update_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 160static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 161static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 162static int wpi_read_eeprom(struct wpi_softc *, 163 uint8_t macaddr[IEEE80211_ADDR_LEN]); 164static uint32_t wpi_eeprom_channel_flags(struct wpi_eeprom_chan *); 165static void wpi_read_eeprom_band(struct wpi_softc *, int); 166static int wpi_read_eeprom_channels(struct wpi_softc *, int); 167static struct wpi_eeprom_chan *wpi_find_eeprom_channel(struct wpi_softc *, 168 struct ieee80211_channel *); 169static int wpi_setregdomain(struct ieee80211com *, 170 struct ieee80211_regdomain *, int, 171 struct ieee80211_channel[]); 172static int wpi_read_eeprom_group(struct wpi_softc *, int); 173static int wpi_add_node_entry_adhoc(struct wpi_softc *); 174static void wpi_node_free(struct ieee80211_node *); 175static struct ieee80211_node *wpi_node_alloc(struct ieee80211vap *, 176 const uint8_t mac[IEEE80211_ADDR_LEN]); 177static int wpi_newstate(struct ieee80211vap *, enum ieee80211_state, int); 178static void wpi_calib_timeout(void *); 179static void wpi_rx_done(struct wpi_softc *, struct wpi_rx_desc *, 180 struct wpi_rx_data *); 181static void wpi_rx_statistics(struct wpi_softc *, struct wpi_rx_desc *, 182 struct wpi_rx_data *); 183static void wpi_tx_done(struct wpi_softc *, struct wpi_rx_desc *); 184static void wpi_cmd_done(struct wpi_softc *, struct wpi_rx_desc *); 185static void wpi_notif_intr(struct wpi_softc *); 186static void wpi_wakeup_intr(struct wpi_softc *); 187#ifdef WPI_DEBUG 188static void wpi_debug_registers(struct wpi_softc *); 189#endif 190static void wpi_fatal_intr(struct wpi_softc *); 191static void wpi_intr(void *); 192static int wpi_cmd2(struct wpi_softc *, struct wpi_buf *); 193static int wpi_tx_data(struct wpi_softc *, struct mbuf *, 194 struct ieee80211_node *); 195static int wpi_tx_data_raw(struct wpi_softc *, struct mbuf *, 196 struct ieee80211_node *, 197 const struct ieee80211_bpf_params *); 198static int wpi_raw_xmit(struct ieee80211_node *, struct mbuf *, 199 const struct ieee80211_bpf_params *); 200static void wpi_start(struct ifnet *); 201static void wpi_start_task(void *, int); 202static void wpi_watchdog_rfkill(void *); 203static void wpi_scan_timeout(void *); 204static void wpi_watchdog(void *); 205static int wpi_ioctl(struct ifnet *, u_long, caddr_t); 206static int wpi_cmd(struct wpi_softc *, int, const void *, size_t, int); 207static int wpi_mrr_setup(struct wpi_softc *); 208static int wpi_add_node(struct wpi_softc *, struct ieee80211_node *); 209static int wpi_add_broadcast_node(struct wpi_softc *, int); 210static int wpi_add_ibss_node(struct wpi_softc *, struct ieee80211_node *); 211static void wpi_del_node(struct wpi_softc *, struct ieee80211_node *); 212static int wpi_updateedca(struct ieee80211com *); 213static void wpi_set_promisc(struct wpi_softc *); 214static void wpi_update_promisc(struct ifnet *); 215static void wpi_update_mcast(struct ifnet *); 216static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 217static int wpi_set_timing(struct wpi_softc *, struct ieee80211_node *); 218static void wpi_power_calibration(struct wpi_softc *); 219static int wpi_set_txpower(struct wpi_softc *, int); 220static int wpi_get_power_index(struct wpi_softc *, 221 struct wpi_power_group *, struct ieee80211_channel *, int); 222static int wpi_set_pslevel(struct wpi_softc *, uint8_t, int, int); 223static int wpi_send_btcoex(struct wpi_softc *); 224static int wpi_send_rxon(struct wpi_softc *, int, int); 225static int wpi_config(struct wpi_softc *); 226static uint16_t wpi_get_active_dwell_time(struct wpi_softc *, 227 struct ieee80211_channel *, uint8_t); 228static uint16_t wpi_limit_dwell(struct wpi_softc *, uint16_t); 229static uint16_t wpi_get_passive_dwell_time(struct wpi_softc *, 230 struct ieee80211_channel *); 231static int wpi_scan(struct wpi_softc *, struct ieee80211_channel *); 232static int wpi_auth(struct wpi_softc *, struct ieee80211vap *); 233static int wpi_config_beacon(struct wpi_vap *); 234static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 235static void wpi_update_beacon(struct ieee80211vap *, int); 236static void wpi_newassoc(struct ieee80211_node *, int); 237static int wpi_run(struct wpi_softc *, struct ieee80211vap *); 238static int wpi_load_key(struct ieee80211_node *, 239 const struct ieee80211_key *); 240static void wpi_load_key_cb(void *, struct ieee80211_node *); 241static int wpi_set_global_keys(struct ieee80211_node *); 242static int wpi_del_key(struct ieee80211_node *, 243 const struct ieee80211_key *); 244static void wpi_del_key_cb(void *, struct ieee80211_node *); 245static int wpi_process_key(struct ieee80211vap *, 246 const struct ieee80211_key *, int); 247static int wpi_key_set(struct ieee80211vap *, 248 const struct ieee80211_key *, 249 const uint8_t mac[IEEE80211_ADDR_LEN]); 250static int wpi_key_delete(struct ieee80211vap *, 251 const struct ieee80211_key *); 252static int wpi_post_alive(struct wpi_softc *); 253static int wpi_load_bootcode(struct wpi_softc *, const uint8_t *, int); 254static int wpi_load_firmware(struct wpi_softc *); 255static int wpi_read_firmware(struct wpi_softc *); 256static void wpi_unload_firmware(struct wpi_softc *); 257static int wpi_clock_wait(struct wpi_softc *); 258static int wpi_apm_init(struct wpi_softc *); 259static void wpi_apm_stop_master(struct wpi_softc *); 260static void wpi_apm_stop(struct wpi_softc *); 261static void wpi_nic_config(struct wpi_softc *); 262static int wpi_hw_init(struct wpi_softc *); 263static void wpi_hw_stop(struct wpi_softc *); 264static void wpi_radio_on(void *, int); 265static void wpi_radio_off(void *, int); 266static void wpi_init(void *); 267static void wpi_stop_locked(struct wpi_softc *); 268static void wpi_stop(struct wpi_softc *); 269static void wpi_scan_start(struct ieee80211com *); 270static void wpi_scan_end(struct ieee80211com *); 271static void wpi_set_channel(struct ieee80211com *); 272static void wpi_scan_curchan(struct ieee80211_scan_state *, unsigned long); 273static void wpi_scan_mindwell(struct ieee80211_scan_state *); 274static void wpi_hw_reset(void *, int); 275 276static device_method_t wpi_methods[] = { 277 /* Device interface */ 278 DEVMETHOD(device_probe, wpi_probe), 279 DEVMETHOD(device_attach, wpi_attach), 280 DEVMETHOD(device_detach, wpi_detach), 281 DEVMETHOD(device_shutdown, wpi_shutdown), 282 DEVMETHOD(device_suspend, wpi_suspend), 283 DEVMETHOD(device_resume, wpi_resume), 284 285 DEVMETHOD_END 286}; 287 288static driver_t wpi_driver = { 289 "wpi", 290 wpi_methods, 291 sizeof (struct wpi_softc) 292}; 293static devclass_t wpi_devclass; 294 295DRIVER_MODULE(wpi, pci, wpi_driver, wpi_devclass, NULL, NULL); 296 297MODULE_VERSION(wpi, 1); 298 299MODULE_DEPEND(wpi, pci, 1, 1, 1); 300MODULE_DEPEND(wpi, wlan, 1, 1, 1); 301MODULE_DEPEND(wpi, firmware, 1, 1, 1); 302 303static int 304wpi_probe(device_t dev) 305{ 306 const struct wpi_ident *ident; 307 308 for (ident = wpi_ident_table; ident->name != NULL; ident++) { 309 if (pci_get_vendor(dev) == ident->vendor && 310 pci_get_device(dev) == ident->device) { 311 device_set_desc(dev, ident->name); 312 return (BUS_PROBE_DEFAULT); 313 } 314 } 315 return ENXIO; 316} 317 318static int 319wpi_attach(device_t dev) 320{ 321 struct wpi_softc *sc = (struct wpi_softc *)device_get_softc(dev); 322 struct ieee80211com *ic; 323 struct ifnet *ifp; 324 int i, error, rid; 325#ifdef WPI_DEBUG 326 int supportsa = 1; 327 const struct wpi_ident *ident; 328#endif 329 uint8_t macaddr[IEEE80211_ADDR_LEN]; 330 331 sc->sc_dev = dev; 332 333#ifdef WPI_DEBUG 334 error = resource_int_value(device_get_name(sc->sc_dev), 335 device_get_unit(sc->sc_dev), "debug", &(sc->sc_debug)); 336 if (error != 0) 337 sc->sc_debug = 0; 338#else 339 sc->sc_debug = 0; 340#endif 341 342 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 343 344 /* 345 * Get the offset of the PCI Express Capability Structure in PCI 346 * Configuration Space. 347 */ 348 error = pci_find_cap(dev, PCIY_EXPRESS, &sc->sc_cap_off); 349 if (error != 0) { 350 device_printf(dev, "PCIe capability structure not found!\n"); 351 return error; 352 } 353 354 /* 355 * Some card's only support 802.11b/g not a, check to see if 356 * this is one such card. A 0x0 in the subdevice table indicates 357 * the entire subdevice range is to be ignored. 358 */ 359#ifdef WPI_DEBUG 360 for (ident = wpi_ident_table; ident->name != NULL; ident++) { 361 if (ident->subdevice && 362 pci_get_subdevice(dev) == ident->subdevice) { 363 supportsa = 0; 364 break; 365 } 366 } 367#endif 368 369 /* Clear device-specific "PCI retry timeout" register (41h). */ 370 pci_write_config(dev, 0x41, 0, 1); 371 372 /* Enable bus-mastering. */ 373 pci_enable_busmaster(dev); 374 375 rid = PCIR_BAR(0); 376 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &rid, 377 RF_ACTIVE); 378 if (sc->mem == NULL) { 379 device_printf(dev, "can't map mem space\n"); 380 return ENOMEM; 381 } 382 sc->sc_st = rman_get_bustag(sc->mem); 383 sc->sc_sh = rman_get_bushandle(sc->mem); 384 385 i = 1; 386 rid = 0; 387 if (pci_alloc_msi(dev, &i) == 0) 388 rid = 1; 389 /* Install interrupt handler. */ 390 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &rid, RF_ACTIVE | 391 (rid != 0 ? 0 : RF_SHAREABLE)); 392 if (sc->irq == NULL) { 393 device_printf(dev, "can't map interrupt\n"); 394 error = ENOMEM; 395 goto fail; 396 } 397 398 WPI_LOCK_INIT(sc); 399 WPI_NT_LOCK_INIT(sc); 400 WPI_TXQ_LOCK_INIT(sc); 401 402 /* Allocate DMA memory for firmware transfers. */ 403 if ((error = wpi_alloc_fwmem(sc)) != 0) { 404 device_printf(dev, 405 "could not allocate memory for firmware, error %d\n", 406 error); 407 goto fail; 408 } 409 410 /* Allocate shared page. */ 411 if ((error = wpi_alloc_shared(sc)) != 0) { 412 device_printf(dev, "could not allocate shared page\n"); 413 goto fail; 414 } 415 416 /* Allocate TX rings - 4 for QoS purposes, 1 for commands. */ 417 for (i = 0; i < WPI_NTXQUEUES; i++) { 418 if ((error = wpi_alloc_tx_ring(sc, &sc->txq[i], i)) != 0) { 419 device_printf(dev, 420 "could not allocate TX ring %d, error %d\n", i, 421 error); 422 goto fail; 423 } 424 } 425 426 /* Allocate RX ring. */ 427 if ((error = wpi_alloc_rx_ring(sc)) != 0) { 428 device_printf(dev, "could not allocate RX ring, error %d\n", 429 error); 430 goto fail; 431 } 432 433 /* Clear pending interrupts. */ 434 WPI_WRITE(sc, WPI_INT, 0xffffffff); 435 436 ifp = sc->sc_ifp = if_alloc(IFT_IEEE80211); 437 if (ifp == NULL) { 438 device_printf(dev, "can not allocate ifnet structure\n"); 439 goto fail; 440 } 441 442 ic = ifp->if_l2com; 443 ic->ic_ifp = ifp; 444 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 445 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 446 447 /* Set device capabilities. */ 448 ic->ic_caps = 449 IEEE80211_C_STA /* station mode supported */ 450 | IEEE80211_C_IBSS /* IBSS mode supported */ 451 | IEEE80211_C_HOSTAP /* Host access point mode */ 452 | IEEE80211_C_MONITOR /* monitor mode supported */ 453 | IEEE80211_C_AHDEMO /* adhoc demo mode */ 454 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 455 | IEEE80211_C_TXPMGT /* tx power management */ 456 | IEEE80211_C_SHSLOT /* short slot time supported */ 457 | IEEE80211_C_WPA /* 802.11i */ 458 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 459 | IEEE80211_C_WME /* 802.11e */ 460 | IEEE80211_C_PMGT /* Station-side power mgmt */ 461 ; 462 463 ic->ic_cryptocaps = 464 IEEE80211_CRYPTO_AES_CCM; 465 466 /* 467 * Read in the eeprom and also setup the channels for 468 * net80211. We don't set the rates as net80211 does this for us 469 */ 470 if ((error = wpi_read_eeprom(sc, macaddr)) != 0) { 471 device_printf(dev, "could not read EEPROM, error %d\n", 472 error); 473 goto fail; 474 } 475 476#ifdef WPI_DEBUG 477 if (bootverbose) { 478 device_printf(sc->sc_dev, "Regulatory Domain: %.4s\n", 479 sc->domain); 480 device_printf(sc->sc_dev, "Hardware Type: %c\n", 481 sc->type > 1 ? 'B': '?'); 482 device_printf(sc->sc_dev, "Hardware Revision: %c\n", 483 ((sc->rev & 0xf0) == 0xd0) ? 'D': '?'); 484 device_printf(sc->sc_dev, "SKU %s support 802.11a\n", 485 supportsa ? "does" : "does not"); 486 487 /* XXX hw_config uses the PCIDEV for the Hardware rev. Must 488 check what sc->rev really represents - benjsc 20070615 */ 489 } 490#endif 491 492 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 493 ifp->if_softc = sc; 494 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 495 ifp->if_init = wpi_init; 496 ifp->if_ioctl = wpi_ioctl; 497 ifp->if_start = wpi_start; 498 IFQ_SET_MAXLEN(&ifp->if_snd, ifqmaxlen); 499 ifp->if_snd.ifq_drv_maxlen = ifqmaxlen; 500 IFQ_SET_READY(&ifp->if_snd); 501 502 ieee80211_ifattach(ic, macaddr); 503 ic->ic_vap_create = wpi_vap_create; 504 ic->ic_vap_delete = wpi_vap_delete; 505 ic->ic_raw_xmit = wpi_raw_xmit; 506 ic->ic_node_alloc = wpi_node_alloc; 507 sc->sc_node_free = ic->ic_node_free; 508 ic->ic_node_free = wpi_node_free; 509 ic->ic_wme.wme_update = wpi_updateedca; 510 ic->ic_update_promisc = wpi_update_promisc; 511 ic->ic_update_mcast = wpi_update_mcast; 512 ic->ic_newassoc = wpi_newassoc; 513 ic->ic_scan_start = wpi_scan_start; 514 ic->ic_scan_end = wpi_scan_end; 515 ic->ic_set_channel = wpi_set_channel; 516 sc->sc_scan_curchan = ic->ic_scan_curchan; 517 ic->ic_scan_curchan = wpi_scan_curchan; 518 ic->ic_scan_mindwell = wpi_scan_mindwell; 519 ic->ic_setregdomain = wpi_setregdomain; 520 521 wpi_radiotap_attach(sc); 522 523 callout_init_mtx(&sc->calib_to, &sc->sc_mtx, 0); 524 callout_init_mtx(&sc->scan_timeout, &sc->sc_mtx, 0); 525 callout_init_mtx(&sc->watchdog_to, &sc->sc_mtx, 0); 526 callout_init_mtx(&sc->watchdog_rfkill, &sc->sc_mtx, 0); 527 TASK_INIT(&sc->sc_reinittask, 0, wpi_hw_reset, sc); 528 TASK_INIT(&sc->sc_radiooff_task, 0, wpi_radio_off, sc); 529 TASK_INIT(&sc->sc_radioon_task, 0, wpi_radio_on, sc); 530 TASK_INIT(&sc->sc_start_task, 0, wpi_start_task, sc); 531 532 wpi_sysctlattach(sc); 533 534 /* 535 * Hook our interrupt after all initialization is complete. 536 */ 537 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 538 NULL, wpi_intr, sc, &sc->sc_ih); 539 if (error != 0) { 540 device_printf(dev, "can't establish interrupt, error %d\n", 541 error); 542 goto fail; 543 } 544 545 if (bootverbose) 546 ieee80211_announce(ic); 547 548#ifdef WPI_DEBUG 549 if (sc->sc_debug & WPI_DEBUG_HW) 550 ieee80211_announce_channels(ic); 551#endif 552 553 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 554 return 0; 555 556fail: wpi_detach(dev); 557 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 558 return error; 559} 560 561/* 562 * Attach the interface to 802.11 radiotap. 563 */ 564static void 565wpi_radiotap_attach(struct wpi_softc *sc) 566{ 567 struct ifnet *ifp = sc->sc_ifp; 568 struct ieee80211com *ic = ifp->if_l2com; 569 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 570 ieee80211_radiotap_attach(ic, 571 &sc->sc_txtap.wt_ihdr, sizeof(sc->sc_txtap), 572 WPI_TX_RADIOTAP_PRESENT, 573 &sc->sc_rxtap.wr_ihdr, sizeof(sc->sc_rxtap), 574 WPI_RX_RADIOTAP_PRESENT); 575 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 576} 577 578static void 579wpi_sysctlattach(struct wpi_softc *sc) 580{ 581#ifdef WPI_DEBUG 582 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 583 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 584 585 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 586 "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug, 587 "control debugging printfs"); 588#endif 589} 590 591static void 592wpi_init_beacon(struct wpi_vap *wvp) 593{ 594 struct wpi_buf *bcn = &wvp->wv_bcbuf; 595 struct wpi_cmd_beacon *cmd = (struct wpi_cmd_beacon *)&bcn->data; 596 597 cmd->id = WPI_ID_BROADCAST; 598 cmd->ofdm_mask = 0xff; 599 cmd->cck_mask = 0x0f; 600 cmd->lifetime = htole32(WPI_LIFETIME_INFINITE); 601 cmd->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 602 603 bcn->code = WPI_CMD_SET_BEACON; 604 bcn->ac = WPI_CMD_QUEUE_NUM; 605 bcn->size = sizeof(struct wpi_cmd_beacon); 606} 607 608static struct ieee80211vap * 609wpi_vap_create(struct ieee80211com *ic, const char name[IFNAMSIZ], int unit, 610 enum ieee80211_opmode opmode, int flags, 611 const uint8_t bssid[IEEE80211_ADDR_LEN], 612 const uint8_t mac[IEEE80211_ADDR_LEN]) 613{ 614 struct wpi_vap *wvp; 615 struct ieee80211vap *vap; 616 617 if (!TAILQ_EMPTY(&ic->ic_vaps)) /* only one at a time */ 618 return NULL; 619 620 wvp = (struct wpi_vap *) malloc(sizeof(struct wpi_vap), 621 M_80211_VAP, M_NOWAIT | M_ZERO); 622 if (wvp == NULL) 623 return NULL; 624 vap = &wvp->wv_vap; 625 ieee80211_vap_setup(ic, vap, name, unit, opmode, flags, bssid, mac); 626 627 if (opmode == IEEE80211_M_IBSS || opmode == IEEE80211_M_HOSTAP) { 628 WPI_VAP_LOCK_INIT(wvp); 629 wpi_init_beacon(wvp); 630 } 631 632 /* Override with driver methods. */ 633 vap->iv_key_set = wpi_key_set; 634 vap->iv_key_delete = wpi_key_delete; 635 wvp->wv_newstate = vap->iv_newstate; 636 vap->iv_newstate = wpi_newstate; 637 vap->iv_update_beacon = wpi_update_beacon; 638 vap->iv_max_aid = WPI_ID_IBSS_MAX - WPI_ID_IBSS_MIN + 1; 639 640 ieee80211_ratectl_init(vap); 641 /* Complete setup. */ 642 ieee80211_vap_attach(vap, ieee80211_media_change, 643 ieee80211_media_status); 644 ic->ic_opmode = opmode; 645 return vap; 646} 647 648static void 649wpi_vap_delete(struct ieee80211vap *vap) 650{ 651 struct wpi_vap *wvp = WPI_VAP(vap); 652 struct wpi_buf *bcn = &wvp->wv_bcbuf; 653 enum ieee80211_opmode opmode = vap->iv_opmode; 654 655 ieee80211_ratectl_deinit(vap); 656 ieee80211_vap_detach(vap); 657 658 if (opmode == IEEE80211_M_IBSS || opmode == IEEE80211_M_HOSTAP) { 659 if (bcn->m != NULL) 660 m_freem(bcn->m); 661 662 WPI_VAP_LOCK_DESTROY(wvp); 663 } 664 665 free(wvp, M_80211_VAP); 666} 667 668static int 669wpi_detach(device_t dev) 670{ 671 struct wpi_softc *sc = device_get_softc(dev); 672 struct ifnet *ifp = sc->sc_ifp; 673 struct ieee80211com *ic; 674 int qid; 675 676 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 677 678 if (ifp != NULL) { 679 ic = ifp->if_l2com; 680 681 ieee80211_draintask(ic, &sc->sc_reinittask); 682 ieee80211_draintask(ic, &sc->sc_radiooff_task); 683 ieee80211_draintask(ic, &sc->sc_radioon_task); 684 ieee80211_draintask(ic, &sc->sc_start_task); 685 686 wpi_stop(sc); 687 688 callout_drain(&sc->watchdog_rfkill); 689 callout_drain(&sc->watchdog_to); 690 callout_drain(&sc->scan_timeout); 691 callout_drain(&sc->calib_to); 692 ieee80211_ifdetach(ic); 693 } 694 695 /* Uninstall interrupt handler. */ 696 if (sc->irq != NULL) { 697 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 698 bus_release_resource(dev, SYS_RES_IRQ, rman_get_rid(sc->irq), 699 sc->irq); 700 pci_release_msi(dev); 701 } 702 703 if (sc->txq[0].data_dmat) { 704 /* Free DMA resources. */ 705 for (qid = 0; qid < WPI_NTXQUEUES; qid++) 706 wpi_free_tx_ring(sc, &sc->txq[qid]); 707 708 wpi_free_rx_ring(sc); 709 wpi_free_shared(sc); 710 } 711 712 if (sc->fw_dma.tag) 713 wpi_free_fwmem(sc); 714 715 if (sc->mem != NULL) 716 bus_release_resource(dev, SYS_RES_MEMORY, 717 rman_get_rid(sc->mem), sc->mem); 718 719 if (ifp != NULL) 720 if_free(ifp); 721 722 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 723 WPI_TXQ_LOCK_DESTROY(sc); 724 WPI_NT_LOCK_DESTROY(sc); 725 WPI_LOCK_DESTROY(sc); 726 return 0; 727} 728 729static int 730wpi_shutdown(device_t dev) 731{ 732 struct wpi_softc *sc = device_get_softc(dev); 733 734 wpi_stop(sc); 735 return 0; 736} 737 738static int 739wpi_suspend(device_t dev) 740{ 741 struct wpi_softc *sc = device_get_softc(dev); 742 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 743 744 ieee80211_suspend_all(ic); 745 return 0; 746} 747 748static int 749wpi_resume(device_t dev) 750{ 751 struct wpi_softc *sc = device_get_softc(dev); 752 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 753 754 /* Clear device-specific "PCI retry timeout" register (41h). */ 755 pci_write_config(dev, 0x41, 0, 1); 756 757 ieee80211_resume_all(ic); 758 return 0; 759} 760 761/* 762 * Grab exclusive access to NIC memory. 763 */ 764static int 765wpi_nic_lock(struct wpi_softc *sc) 766{ 767 int ntries; 768 769 /* Request exclusive access to NIC. */ 770 WPI_SETBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_MAC_ACCESS_REQ); 771 772 /* Spin until we actually get the lock. */ 773 for (ntries = 0; ntries < 1000; ntries++) { 774 if ((WPI_READ(sc, WPI_GP_CNTRL) & 775 (WPI_GP_CNTRL_MAC_ACCESS_ENA | WPI_GP_CNTRL_SLEEP)) == 776 WPI_GP_CNTRL_MAC_ACCESS_ENA) 777 return 0; 778 DELAY(10); 779 } 780 781 device_printf(sc->sc_dev, "could not lock memory\n"); 782 783 return ETIMEDOUT; 784} 785 786/* 787 * Release lock on NIC memory. 788 */ 789static __inline void 790wpi_nic_unlock(struct wpi_softc *sc) 791{ 792 WPI_CLRBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_MAC_ACCESS_REQ); 793} 794 795static __inline uint32_t 796wpi_prph_read(struct wpi_softc *sc, uint32_t addr) 797{ 798 WPI_WRITE(sc, WPI_PRPH_RADDR, WPI_PRPH_DWORD | addr); 799 WPI_BARRIER_READ_WRITE(sc); 800 return WPI_READ(sc, WPI_PRPH_RDATA); 801} 802 803static __inline void 804wpi_prph_write(struct wpi_softc *sc, uint32_t addr, uint32_t data) 805{ 806 WPI_WRITE(sc, WPI_PRPH_WADDR, WPI_PRPH_DWORD | addr); 807 WPI_BARRIER_WRITE(sc); 808 WPI_WRITE(sc, WPI_PRPH_WDATA, data); 809} 810 811static __inline void 812wpi_prph_setbits(struct wpi_softc *sc, uint32_t addr, uint32_t mask) 813{ 814 wpi_prph_write(sc, addr, wpi_prph_read(sc, addr) | mask); 815} 816 817static __inline void 818wpi_prph_clrbits(struct wpi_softc *sc, uint32_t addr, uint32_t mask) 819{ 820 wpi_prph_write(sc, addr, wpi_prph_read(sc, addr) & ~mask); 821} 822 823static __inline void 824wpi_prph_write_region_4(struct wpi_softc *sc, uint32_t addr, 825 const uint32_t *data, int count) 826{ 827 for (; count > 0; count--, data++, addr += 4) 828 wpi_prph_write(sc, addr, *data); 829} 830 831static __inline uint32_t 832wpi_mem_read(struct wpi_softc *sc, uint32_t addr) 833{ 834 WPI_WRITE(sc, WPI_MEM_RADDR, addr); 835 WPI_BARRIER_READ_WRITE(sc); 836 return WPI_READ(sc, WPI_MEM_RDATA); 837} 838 839static __inline void 840wpi_mem_read_region_4(struct wpi_softc *sc, uint32_t addr, uint32_t *data, 841 int count) 842{ 843 for (; count > 0; count--, addr += 4) 844 *data++ = wpi_mem_read(sc, addr); 845} 846 847static int 848wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int count) 849{ 850 uint8_t *out = data; 851 uint32_t val; 852 int error, ntries; 853 854 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 855 856 if ((error = wpi_nic_lock(sc)) != 0) 857 return error; 858 859 for (; count > 0; count -= 2, addr++) { 860 WPI_WRITE(sc, WPI_EEPROM, addr << 2); 861 for (ntries = 0; ntries < 10; ntries++) { 862 val = WPI_READ(sc, WPI_EEPROM); 863 if (val & WPI_EEPROM_READ_VALID) 864 break; 865 DELAY(5); 866 } 867 if (ntries == 10) { 868 device_printf(sc->sc_dev, 869 "timeout reading ROM at 0x%x\n", addr); 870 return ETIMEDOUT; 871 } 872 *out++= val >> 16; 873 if (count > 1) 874 *out ++= val >> 24; 875 } 876 877 wpi_nic_unlock(sc); 878 879 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 880 881 return 0; 882} 883 884static void 885wpi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nsegs, int error) 886{ 887 if (error != 0) 888 return; 889 KASSERT(nsegs == 1, ("too many DMA segments, %d should be 1", nsegs)); 890 *(bus_addr_t *)arg = segs[0].ds_addr; 891} 892 893/* 894 * Allocates a contiguous block of dma memory of the requested size and 895 * alignment. 896 */ 897static int 898wpi_dma_contig_alloc(struct wpi_softc *sc, struct wpi_dma_info *dma, 899 void **kvap, bus_size_t size, bus_size_t alignment) 900{ 901 int error; 902 903 dma->tag = NULL; 904 dma->size = size; 905 906 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), alignment, 907 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, size, 908 1, size, BUS_DMA_NOWAIT, NULL, NULL, &dma->tag); 909 if (error != 0) 910 goto fail; 911 912 error = bus_dmamem_alloc(dma->tag, (void **)&dma->vaddr, 913 BUS_DMA_NOWAIT | BUS_DMA_ZERO | BUS_DMA_COHERENT, &dma->map); 914 if (error != 0) 915 goto fail; 916 917 error = bus_dmamap_load(dma->tag, dma->map, dma->vaddr, size, 918 wpi_dma_map_addr, &dma->paddr, BUS_DMA_NOWAIT); 919 if (error != 0) 920 goto fail; 921 922 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 923 924 if (kvap != NULL) 925 *kvap = dma->vaddr; 926 927 return 0; 928 929fail: wpi_dma_contig_free(dma); 930 return error; 931} 932 933static void 934wpi_dma_contig_free(struct wpi_dma_info *dma) 935{ 936 if (dma->vaddr != NULL) { 937 bus_dmamap_sync(dma->tag, dma->map, 938 BUS_DMASYNC_POSTREAD | BUS_DMASYNC_POSTWRITE); 939 bus_dmamap_unload(dma->tag, dma->map); 940 bus_dmamem_free(dma->tag, dma->vaddr, dma->map); 941 dma->vaddr = NULL; 942 } 943 if (dma->tag != NULL) { 944 bus_dma_tag_destroy(dma->tag); 945 dma->tag = NULL; 946 } 947} 948 949/* 950 * Allocate a shared page between host and NIC. 951 */ 952static int 953wpi_alloc_shared(struct wpi_softc *sc) 954{ 955 /* Shared buffer must be aligned on a 4KB boundary. */ 956 return wpi_dma_contig_alloc(sc, &sc->shared_dma, 957 (void **)&sc->shared, sizeof (struct wpi_shared), 4096); 958} 959 960static void 961wpi_free_shared(struct wpi_softc *sc) 962{ 963 wpi_dma_contig_free(&sc->shared_dma); 964} 965 966/* 967 * Allocate DMA-safe memory for firmware transfer. 968 */ 969static int 970wpi_alloc_fwmem(struct wpi_softc *sc) 971{ 972 /* Must be aligned on a 16-byte boundary. */ 973 return wpi_dma_contig_alloc(sc, &sc->fw_dma, NULL, 974 WPI_FW_TEXT_MAXSZ + WPI_FW_DATA_MAXSZ, 16); 975} 976 977static void 978wpi_free_fwmem(struct wpi_softc *sc) 979{ 980 wpi_dma_contig_free(&sc->fw_dma); 981} 982 983static int 984wpi_alloc_rx_ring(struct wpi_softc *sc) 985{ 986 struct wpi_rx_ring *ring = &sc->rxq; 987 bus_size_t size; 988 int i, error; 989 990 ring->cur = 0; 991 ring->update = 0; 992 993 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 994 995 /* Allocate RX descriptors (16KB aligned.) */ 996 size = WPI_RX_RING_COUNT * sizeof (uint32_t); 997 error = wpi_dma_contig_alloc(sc, &ring->desc_dma, 998 (void **)&ring->desc, size, WPI_RING_DMA_ALIGN); 999 if (error != 0) { 1000 device_printf(sc->sc_dev, 1001 "%s: could not allocate RX ring DMA memory, error %d\n", 1002 __func__, error); 1003 goto fail; 1004 } 1005 1006 /* Create RX buffer DMA tag. */ 1007 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1008 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 1009 MJUMPAGESIZE, 1, MJUMPAGESIZE, BUS_DMA_NOWAIT, NULL, NULL, 1010 &ring->data_dmat); 1011 if (error != 0) { 1012 device_printf(sc->sc_dev, 1013 "%s: could not create RX buf DMA tag, error %d\n", 1014 __func__, error); 1015 goto fail; 1016 } 1017 1018 /* 1019 * Allocate and map RX buffers. 1020 */ 1021 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 1022 struct wpi_rx_data *data = &ring->data[i]; 1023 bus_addr_t paddr; 1024 1025 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1026 if (error != 0) { 1027 device_printf(sc->sc_dev, 1028 "%s: could not create RX buf DMA map, error %d\n", 1029 __func__, error); 1030 goto fail; 1031 } 1032 1033 data->m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 1034 if (data->m == NULL) { 1035 device_printf(sc->sc_dev, 1036 "%s: could not allocate RX mbuf\n", __func__); 1037 error = ENOBUFS; 1038 goto fail; 1039 } 1040 1041 error = bus_dmamap_load(ring->data_dmat, data->map, 1042 mtod(data->m, void *), MJUMPAGESIZE, wpi_dma_map_addr, 1043 &paddr, BUS_DMA_NOWAIT); 1044 if (error != 0 && error != EFBIG) { 1045 device_printf(sc->sc_dev, 1046 "%s: can't map mbuf (error %d)\n", __func__, 1047 error); 1048 goto fail; 1049 } 1050 1051 /* Set physical address of RX buffer. */ 1052 ring->desc[i] = htole32(paddr); 1053 } 1054 1055 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1056 BUS_DMASYNC_PREWRITE); 1057 1058 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1059 1060 return 0; 1061 1062fail: wpi_free_rx_ring(sc); 1063 1064 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 1065 1066 return error; 1067} 1068 1069static void 1070wpi_update_rx_ring(struct wpi_softc *sc) 1071{ 1072 struct wpi_rx_ring *ring = &sc->rxq; 1073 1074 if (ring->update != 0) { 1075 /* Wait for INT_WAKEUP event. */ 1076 return; 1077 } 1078 1079 if (WPI_READ(sc, WPI_UCODE_GP1) & WPI_UCODE_GP1_MAC_SLEEP) { 1080 DPRINTF(sc, WPI_DEBUG_PWRSAVE, "%s: wakeup request\n", 1081 __func__); 1082 1083 WPI_SETBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_MAC_ACCESS_REQ); 1084 ring->update = 1; 1085 } else 1086 WPI_WRITE(sc, WPI_FH_RX_WPTR, ring->cur & ~7); 1087} 1088 1089static void 1090wpi_reset_rx_ring(struct wpi_softc *sc) 1091{ 1092 struct wpi_rx_ring *ring = &sc->rxq; 1093 int ntries; 1094 1095 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 1096 1097 if (wpi_nic_lock(sc) == 0) { 1098 WPI_WRITE(sc, WPI_FH_RX_CONFIG, 0); 1099 for (ntries = 0; ntries < 1000; ntries++) { 1100 if (WPI_READ(sc, WPI_FH_RX_STATUS) & 1101 WPI_FH_RX_STATUS_IDLE) 1102 break; 1103 DELAY(10); 1104 } 1105 wpi_nic_unlock(sc); 1106 } 1107 1108 ring->cur = 0; 1109 ring->update = 0; 1110} 1111 1112static void 1113wpi_free_rx_ring(struct wpi_softc *sc) 1114{ 1115 struct wpi_rx_ring *ring = &sc->rxq; 1116 int i; 1117 1118 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 1119 1120 wpi_dma_contig_free(&ring->desc_dma); 1121 1122 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 1123 struct wpi_rx_data *data = &ring->data[i]; 1124 1125 if (data->m != NULL) { 1126 bus_dmamap_sync(ring->data_dmat, data->map, 1127 BUS_DMASYNC_POSTREAD); 1128 bus_dmamap_unload(ring->data_dmat, data->map); 1129 m_freem(data->m); 1130 data->m = NULL; 1131 } 1132 if (data->map != NULL) 1133 bus_dmamap_destroy(ring->data_dmat, data->map); 1134 } 1135 if (ring->data_dmat != NULL) { 1136 bus_dma_tag_destroy(ring->data_dmat); 1137 ring->data_dmat = NULL; 1138 } 1139} 1140 1141static int 1142wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int qid) 1143{ 1144 bus_addr_t paddr; 1145 bus_size_t size; 1146 int i, error; 1147 1148 ring->qid = qid; 1149 ring->queued = 0; 1150 ring->cur = 0; 1151 ring->update = 0; 1152 1153 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1154 1155 /* Allocate TX descriptors (16KB aligned.) */ 1156 size = WPI_TX_RING_COUNT * sizeof (struct wpi_tx_desc); 1157 error = wpi_dma_contig_alloc(sc, &ring->desc_dma, (void **)&ring->desc, 1158 size, WPI_RING_DMA_ALIGN); 1159 if (error != 0) { 1160 device_printf(sc->sc_dev, 1161 "%s: could not allocate TX ring DMA memory, error %d\n", 1162 __func__, error); 1163 goto fail; 1164 } 1165 1166 /* Update shared area with ring physical address. */ 1167 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 1168 bus_dmamap_sync(sc->shared_dma.tag, sc->shared_dma.map, 1169 BUS_DMASYNC_PREWRITE); 1170 1171 /* 1172 * We only use rings 0 through 4 (4 EDCA + cmd) so there is no need 1173 * to allocate commands space for other rings. 1174 * XXX Do we really need to allocate descriptors for other rings? 1175 */ 1176 if (qid > WPI_CMD_QUEUE_NUM) { 1177 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1178 return 0; 1179 } 1180 1181 size = WPI_TX_RING_COUNT * sizeof (struct wpi_tx_cmd); 1182 error = wpi_dma_contig_alloc(sc, &ring->cmd_dma, (void **)&ring->cmd, 1183 size, 4); 1184 if (error != 0) { 1185 device_printf(sc->sc_dev, 1186 "%s: could not allocate TX cmd DMA memory, error %d\n", 1187 __func__, error); 1188 goto fail; 1189 } 1190 1191 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 1192 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 1193 WPI_MAX_SCATTER - 1, MCLBYTES, BUS_DMA_NOWAIT, NULL, NULL, 1194 &ring->data_dmat); 1195 if (error != 0) { 1196 device_printf(sc->sc_dev, 1197 "%s: could not create TX buf DMA tag, error %d\n", 1198 __func__, error); 1199 goto fail; 1200 } 1201 1202 paddr = ring->cmd_dma.paddr; 1203 for (i = 0; i < WPI_TX_RING_COUNT; i++) { 1204 struct wpi_tx_data *data = &ring->data[i]; 1205 1206 data->cmd_paddr = paddr; 1207 paddr += sizeof (struct wpi_tx_cmd); 1208 1209 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 1210 if (error != 0) { 1211 device_printf(sc->sc_dev, 1212 "%s: could not create TX buf DMA map, error %d\n", 1213 __func__, error); 1214 goto fail; 1215 } 1216 } 1217 1218 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1219 1220 return 0; 1221 1222fail: wpi_free_tx_ring(sc, ring); 1223 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 1224 return error; 1225} 1226 1227static void 1228wpi_update_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 1229{ 1230 if (ring->update != 0) { 1231 /* Wait for INT_WAKEUP event. */ 1232 return; 1233 } 1234 1235 if (WPI_READ(sc, WPI_UCODE_GP1) & WPI_UCODE_GP1_MAC_SLEEP) { 1236 DPRINTF(sc, WPI_DEBUG_PWRSAVE, "%s (%d): requesting wakeup\n", 1237 __func__, ring->qid); 1238 1239 WPI_SETBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_MAC_ACCESS_REQ); 1240 ring->update = 1; 1241 } else 1242 WPI_WRITE(sc, WPI_HBUS_TARG_WRPTR, ring->qid << 8 | ring->cur); 1243} 1244 1245static void 1246wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 1247{ 1248 int i; 1249 1250 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 1251 1252 for (i = 0; i < WPI_TX_RING_COUNT; i++) { 1253 struct wpi_tx_data *data = &ring->data[i]; 1254 1255 if (data->m != NULL) { 1256 bus_dmamap_sync(ring->data_dmat, data->map, 1257 BUS_DMASYNC_POSTWRITE); 1258 bus_dmamap_unload(ring->data_dmat, data->map); 1259 m_freem(data->m); 1260 data->m = NULL; 1261 } 1262 } 1263 /* Clear TX descriptors. */ 1264 memset(ring->desc, 0, ring->desc_dma.size); 1265 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1266 BUS_DMASYNC_PREWRITE); 1267 sc->qfullmsk &= ~(1 << ring->qid); 1268 ring->queued = 0; 1269 ring->cur = 0; 1270 ring->update = 0; 1271} 1272 1273static void 1274wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 1275{ 1276 int i; 1277 1278 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 1279 1280 wpi_dma_contig_free(&ring->desc_dma); 1281 wpi_dma_contig_free(&ring->cmd_dma); 1282 1283 for (i = 0; i < WPI_TX_RING_COUNT; i++) { 1284 struct wpi_tx_data *data = &ring->data[i]; 1285 1286 if (data->m != NULL) { 1287 bus_dmamap_sync(ring->data_dmat, data->map, 1288 BUS_DMASYNC_POSTWRITE); 1289 bus_dmamap_unload(ring->data_dmat, data->map); 1290 m_freem(data->m); 1291 } 1292 if (data->map != NULL) 1293 bus_dmamap_destroy(ring->data_dmat, data->map); 1294 } 1295 if (ring->data_dmat != NULL) { 1296 bus_dma_tag_destroy(ring->data_dmat); 1297 ring->data_dmat = NULL; 1298 } 1299} 1300 1301/* 1302 * Extract various information from EEPROM. 1303 */ 1304static int 1305wpi_read_eeprom(struct wpi_softc *sc, uint8_t macaddr[IEEE80211_ADDR_LEN]) 1306{ 1307#define WPI_CHK(res) do { \ 1308 if ((error = res) != 0) \ 1309 goto fail; \ 1310} while (0) 1311 int error, i; 1312 1313 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1314 1315 /* Adapter has to be powered on for EEPROM access to work. */ 1316 if ((error = wpi_apm_init(sc)) != 0) { 1317 device_printf(sc->sc_dev, 1318 "%s: could not power ON adapter, error %d\n", __func__, 1319 error); 1320 return error; 1321 } 1322 1323 if ((WPI_READ(sc, WPI_EEPROM_GP) & 0x6) == 0) { 1324 device_printf(sc->sc_dev, "bad EEPROM signature\n"); 1325 error = EIO; 1326 goto fail; 1327 } 1328 /* Clear HW ownership of EEPROM. */ 1329 WPI_CLRBITS(sc, WPI_EEPROM_GP, WPI_EEPROM_GP_IF_OWNER); 1330 1331 /* Read the hardware capabilities, revision and SKU type. */ 1332 WPI_CHK(wpi_read_prom_data(sc, WPI_EEPROM_SKU_CAP, &sc->cap, 1333 sizeof(sc->cap))); 1334 WPI_CHK(wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev, 1335 sizeof(sc->rev))); 1336 WPI_CHK(wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1337 sizeof(sc->type))); 1338 1339 sc->rev = le16toh(sc->rev); 1340 DPRINTF(sc, WPI_DEBUG_EEPROM, "cap=%x rev=%x type=%x\n", sc->cap, 1341 sc->rev, sc->type); 1342 1343 /* Read the regulatory domain (4 ASCII characters.) */ 1344 WPI_CHK(wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, sc->domain, 1345 sizeof(sc->domain))); 1346 1347 /* Read MAC address. */ 1348 WPI_CHK(wpi_read_prom_data(sc, WPI_EEPROM_MAC, macaddr, 1349 IEEE80211_ADDR_LEN)); 1350 1351 /* Read the list of authorized channels. */ 1352 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++) 1353 WPI_CHK(wpi_read_eeprom_channels(sc, i)); 1354 1355 /* Read the list of TX power groups. */ 1356 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++) 1357 WPI_CHK(wpi_read_eeprom_group(sc, i)); 1358 1359fail: wpi_apm_stop(sc); /* Power OFF adapter. */ 1360 1361 DPRINTF(sc, WPI_DEBUG_TRACE, error ? TRACE_STR_END_ERR : TRACE_STR_END, 1362 __func__); 1363 1364 return error; 1365#undef WPI_CHK 1366} 1367 1368/* 1369 * Translate EEPROM flags to net80211. 1370 */ 1371static uint32_t 1372wpi_eeprom_channel_flags(struct wpi_eeprom_chan *channel) 1373{ 1374 uint32_t nflags; 1375 1376 nflags = 0; 1377 if ((channel->flags & WPI_EEPROM_CHAN_ACTIVE) == 0) 1378 nflags |= IEEE80211_CHAN_PASSIVE; 1379 if ((channel->flags & WPI_EEPROM_CHAN_IBSS) == 0) 1380 nflags |= IEEE80211_CHAN_NOADHOC; 1381 if (channel->flags & WPI_EEPROM_CHAN_RADAR) { 1382 nflags |= IEEE80211_CHAN_DFS; 1383 /* XXX apparently IBSS may still be marked */ 1384 nflags |= IEEE80211_CHAN_NOADHOC; 1385 } 1386 1387 /* XXX HOSTAP uses WPI_MODE_IBSS */ 1388 if (nflags & IEEE80211_CHAN_NOADHOC) 1389 nflags |= IEEE80211_CHAN_NOHOSTAP; 1390 1391 return nflags; 1392} 1393 1394static void 1395wpi_read_eeprom_band(struct wpi_softc *sc, int n) 1396{ 1397 struct ifnet *ifp = sc->sc_ifp; 1398 struct ieee80211com *ic = ifp->if_l2com; 1399 struct wpi_eeprom_chan *channels = sc->eeprom_channels[n]; 1400 const struct wpi_chan_band *band = &wpi_bands[n]; 1401 struct ieee80211_channel *c; 1402 uint8_t chan; 1403 int i, nflags; 1404 1405 for (i = 0; i < band->nchan; i++) { 1406 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) { 1407 DPRINTF(sc, WPI_DEBUG_EEPROM, 1408 "Channel Not Valid: %d, band %d\n", 1409 band->chan[i],n); 1410 continue; 1411 } 1412 1413 chan = band->chan[i]; 1414 nflags = wpi_eeprom_channel_flags(&channels[i]); 1415 1416 c = &ic->ic_channels[ic->ic_nchans++]; 1417 c->ic_ieee = chan; 1418 c->ic_maxregpower = channels[i].maxpwr; 1419 c->ic_maxpower = 2*c->ic_maxregpower; 1420 1421 if (n == 0) { /* 2GHz band */ 1422 c->ic_freq = ieee80211_ieee2mhz(chan, 1423 IEEE80211_CHAN_G); 1424 1425 /* G =>'s B is supported */ 1426 c->ic_flags = IEEE80211_CHAN_B | nflags; 1427 c = &ic->ic_channels[ic->ic_nchans++]; 1428 c[0] = c[-1]; 1429 c->ic_flags = IEEE80211_CHAN_G | nflags; 1430 } else { /* 5GHz band */ 1431 c->ic_freq = ieee80211_ieee2mhz(chan, 1432 IEEE80211_CHAN_A); 1433 1434 c->ic_flags = IEEE80211_CHAN_A | nflags; 1435 } 1436 1437 /* Save maximum allowed TX power for this channel. */ 1438 sc->maxpwr[chan] = channels[i].maxpwr; 1439 1440 DPRINTF(sc, WPI_DEBUG_EEPROM, 1441 "adding chan %d (%dMHz) flags=0x%x maxpwr=%d passive=%d," 1442 " offset %d\n", chan, c->ic_freq, 1443 channels[i].flags, sc->maxpwr[chan], 1444 IEEE80211_IS_CHAN_PASSIVE(c), ic->ic_nchans); 1445 } 1446} 1447 1448/** 1449 * Read the eeprom to find out what channels are valid for the given 1450 * band and update net80211 with what we find. 1451 */ 1452static int 1453wpi_read_eeprom_channels(struct wpi_softc *sc, int n) 1454{ 1455 struct ifnet *ifp = sc->sc_ifp; 1456 struct ieee80211com *ic = ifp->if_l2com; 1457 const struct wpi_chan_band *band = &wpi_bands[n]; 1458 int error; 1459 1460 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1461 1462 error = wpi_read_prom_data(sc, band->addr, &sc->eeprom_channels[n], 1463 band->nchan * sizeof (struct wpi_eeprom_chan)); 1464 if (error != 0) { 1465 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 1466 return error; 1467 } 1468 1469 wpi_read_eeprom_band(sc, n); 1470 1471 ieee80211_sort_channels(ic->ic_channels, ic->ic_nchans); 1472 1473 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1474 1475 return 0; 1476} 1477 1478static struct wpi_eeprom_chan * 1479wpi_find_eeprom_channel(struct wpi_softc *sc, struct ieee80211_channel *c) 1480{ 1481 int i, j; 1482 1483 for (j = 0; j < WPI_CHAN_BANDS_COUNT; j++) 1484 for (i = 0; i < wpi_bands[j].nchan; i++) 1485 if (wpi_bands[j].chan[i] == c->ic_ieee) 1486 return &sc->eeprom_channels[j][i]; 1487 1488 return NULL; 1489} 1490 1491/* 1492 * Enforce flags read from EEPROM. 1493 */ 1494static int 1495wpi_setregdomain(struct ieee80211com *ic, struct ieee80211_regdomain *rd, 1496 int nchan, struct ieee80211_channel chans[]) 1497{ 1498 struct ifnet *ifp = ic->ic_ifp; 1499 struct wpi_softc *sc = ifp->if_softc; 1500 int i; 1501 1502 for (i = 0; i < nchan; i++) { 1503 struct ieee80211_channel *c = &chans[i]; 1504 struct wpi_eeprom_chan *channel; 1505 1506 channel = wpi_find_eeprom_channel(sc, c); 1507 if (channel == NULL) { 1508 if_printf(ic->ic_ifp, 1509 "%s: invalid channel %u freq %u/0x%x\n", 1510 __func__, c->ic_ieee, c->ic_freq, c->ic_flags); 1511 return EINVAL; 1512 } 1513 c->ic_flags |= wpi_eeprom_channel_flags(channel); 1514 } 1515 1516 return 0; 1517} 1518 1519static int 1520wpi_read_eeprom_group(struct wpi_softc *sc, int n) 1521{ 1522 struct wpi_power_group *group = &sc->groups[n]; 1523 struct wpi_eeprom_group rgroup; 1524 int i, error; 1525 1526 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1527 1528 if ((error = wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, 1529 &rgroup, sizeof rgroup)) != 0) { 1530 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 1531 return error; 1532 } 1533 1534 /* Save TX power group information. */ 1535 group->chan = rgroup.chan; 1536 group->maxpwr = rgroup.maxpwr; 1537 /* Retrieve temperature at which the samples were taken. */ 1538 group->temp = (int16_t)le16toh(rgroup.temp); 1539 1540 DPRINTF(sc, WPI_DEBUG_EEPROM, 1541 "power group %d: chan=%d maxpwr=%d temp=%d\n", n, group->chan, 1542 group->maxpwr, group->temp); 1543 1544 for (i = 0; i < WPI_SAMPLES_COUNT; i++) { 1545 group->samples[i].index = rgroup.samples[i].index; 1546 group->samples[i].power = rgroup.samples[i].power; 1547 1548 DPRINTF(sc, WPI_DEBUG_EEPROM, 1549 "\tsample %d: index=%d power=%d\n", i, 1550 group->samples[i].index, group->samples[i].power); 1551 } 1552 1553 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1554 1555 return 0; 1556} 1557 1558static int 1559wpi_add_node_entry_adhoc(struct wpi_softc *sc) 1560{ 1561 int newid = WPI_ID_IBSS_MIN; 1562 1563 for (; newid <= WPI_ID_IBSS_MAX; newid++) { 1564 if ((sc->nodesmsk & (1 << newid)) == 0) { 1565 sc->nodesmsk |= 1 << newid; 1566 return newid; 1567 } 1568 } 1569 1570 return WPI_ID_UNDEFINED; 1571} 1572 1573static __inline int 1574wpi_add_node_entry_sta(struct wpi_softc *sc) 1575{ 1576 sc->nodesmsk |= 1 << WPI_ID_BSS; 1577 1578 return WPI_ID_BSS; 1579} 1580 1581static __inline int 1582wpi_check_node_entry(struct wpi_softc *sc, uint8_t id) 1583{ 1584 if (id == WPI_ID_UNDEFINED) 1585 return 0; 1586 1587 return (sc->nodesmsk >> id) & 1; 1588} 1589 1590static __inline void 1591wpi_clear_node_table(struct wpi_softc *sc) 1592{ 1593 sc->nodesmsk = 0; 1594} 1595 1596static __inline void 1597wpi_del_node_entry(struct wpi_softc *sc, uint8_t id) 1598{ 1599 sc->nodesmsk &= ~(1 << id); 1600} 1601 1602static struct ieee80211_node * 1603wpi_node_alloc(struct ieee80211vap *vap, const uint8_t mac[IEEE80211_ADDR_LEN]) 1604{ 1605 struct wpi_node *wn; 1606 1607 wn = malloc(sizeof (struct wpi_node), M_80211_NODE, 1608 M_NOWAIT | M_ZERO); 1609 1610 if (wn == NULL) 1611 return NULL; 1612 1613 wn->id = WPI_ID_UNDEFINED; 1614 1615 return &wn->ni; 1616} 1617 1618static void 1619wpi_node_free(struct ieee80211_node *ni) 1620{ 1621 struct ieee80211com *ic = ni->ni_ic; 1622 struct wpi_softc *sc = ic->ic_ifp->if_softc; 1623 struct wpi_node *wn = WPI_NODE(ni); 1624 1625 if (wn->id != WPI_ID_UNDEFINED) { 1626 WPI_NT_LOCK(sc); 1627 if (wpi_check_node_entry(sc, wn->id)) { 1628 wpi_del_node_entry(sc, wn->id); 1629 wpi_del_node(sc, ni); 1630 } 1631 WPI_NT_UNLOCK(sc); 1632 } 1633 1634 sc->sc_node_free(ni); 1635} 1636 1637/** 1638 * Called by net80211 when ever there is a change to 80211 state machine 1639 */ 1640static int 1641wpi_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg) 1642{ 1643 struct wpi_vap *wvp = WPI_VAP(vap); 1644 struct ieee80211com *ic = vap->iv_ic; 1645 struct ifnet *ifp = ic->ic_ifp; 1646 struct wpi_softc *sc = ifp->if_softc; 1647 int error = 0; 1648 1649 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1650 1651 DPRINTF(sc, WPI_DEBUG_STATE, "%s: %s -> %s\n", __func__, 1652 ieee80211_state_name[vap->iv_state], 1653 ieee80211_state_name[nstate]); 1654 1655 IEEE80211_UNLOCK(ic); 1656 WPI_LOCK(sc); 1657 switch (nstate) { 1658 case IEEE80211_S_SCAN: 1659 if ((sc->rxon.filter & htole32(WPI_FILTER_BSS)) && 1660 vap->iv_opmode != IEEE80211_M_STA) { 1661 sc->rxon.filter &= ~htole32(WPI_FILTER_BSS); 1662 if ((error = wpi_send_rxon(sc, 0, 1)) != 0) { 1663 device_printf(sc->sc_dev, 1664 "%s: could not send RXON\n", __func__); 1665 } 1666 } 1667 break; 1668 1669 case IEEE80211_S_ASSOC: 1670 if (vap->iv_state != IEEE80211_S_RUN) 1671 break; 1672 /* FALLTHROUGH */ 1673 case IEEE80211_S_AUTH: 1674 /* 1675 * The node must be registered in the firmware before auth. 1676 * Also the associd must be cleared on RUN -> ASSOC 1677 * transitions. 1678 */ 1679 if ((error = wpi_auth(sc, vap)) != 0) { 1680 device_printf(sc->sc_dev, 1681 "%s: could not move to AUTH state, error %d\n", 1682 __func__, error); 1683 } 1684 break; 1685 1686 case IEEE80211_S_RUN: 1687 /* 1688 * RUN -> RUN transition; Just restart the timers. 1689 */ 1690 if (vap->iv_state == IEEE80211_S_RUN) { 1691 wpi_calib_timeout(sc); 1692 break; 1693 } 1694 1695 /* 1696 * !RUN -> RUN requires setting the association id 1697 * which is done with a firmware cmd. We also defer 1698 * starting the timers until that work is done. 1699 */ 1700 if ((error = wpi_run(sc, vap)) != 0) { 1701 device_printf(sc->sc_dev, 1702 "%s: could not move to RUN state\n", __func__); 1703 } 1704 break; 1705 1706 default: 1707 break; 1708 } 1709 WPI_UNLOCK(sc); 1710 IEEE80211_LOCK(ic); 1711 if (error != 0) { 1712 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 1713 return error; 1714 } 1715 1716 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1717 1718 return wvp->wv_newstate(vap, nstate, arg); 1719} 1720 1721static void 1722wpi_calib_timeout(void *arg) 1723{ 1724 struct wpi_softc *sc = arg; 1725 1726 if (!(sc->rxon.filter & htole32(WPI_FILTER_BSS))) 1727 return; 1728 1729 wpi_power_calibration(sc); 1730 1731 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc); 1732} 1733 1734static __inline uint8_t 1735rate2plcp(const uint8_t rate) 1736{ 1737 switch (rate) { 1738 case 12: return 0xd; 1739 case 18: return 0xf; 1740 case 24: return 0x5; 1741 case 36: return 0x7; 1742 case 48: return 0x9; 1743 case 72: return 0xb; 1744 case 96: return 0x1; 1745 case 108: return 0x3; 1746 case 2: return 10; 1747 case 4: return 20; 1748 case 11: return 55; 1749 case 22: return 110; 1750 default: return 0; 1751 } 1752} 1753 1754static __inline uint8_t 1755plcp2rate(const uint8_t plcp) 1756{ 1757 switch (plcp) { 1758 case 0xd: return 12; 1759 case 0xf: return 18; 1760 case 0x5: return 24; 1761 case 0x7: return 36; 1762 case 0x9: return 48; 1763 case 0xb: return 72; 1764 case 0x1: return 96; 1765 case 0x3: return 108; 1766 case 10: return 2; 1767 case 20: return 4; 1768 case 55: return 11; 1769 case 110: return 22; 1770 default: return 0; 1771 } 1772} 1773 1774/* Quickly determine if a given rate is CCK or OFDM. */ 1775#define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1776 1777static void 1778wpi_rx_done(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1779 struct wpi_rx_data *data) 1780{ 1781 struct ifnet *ifp = sc->sc_ifp; 1782 struct ieee80211com *ic = ifp->if_l2com; 1783 struct wpi_rx_ring *ring = &sc->rxq; 1784 struct wpi_rx_stat *stat; 1785 struct wpi_rx_head *head; 1786 struct wpi_rx_tail *tail; 1787 struct ieee80211_frame *wh; 1788 struct ieee80211_node *ni; 1789 struct mbuf *m, *m1; 1790 bus_addr_t paddr; 1791 uint32_t flags; 1792 uint16_t len; 1793 int error; 1794 1795 stat = (struct wpi_rx_stat *)(desc + 1); 1796 1797 if (stat->len > WPI_STAT_MAXLEN) { 1798 device_printf(sc->sc_dev, "invalid RX statistic header\n"); 1799 goto fail1; 1800 } 1801 1802 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTREAD); 1803 head = (struct wpi_rx_head *)((caddr_t)(stat + 1) + stat->len); 1804 len = le16toh(head->len); 1805 tail = (struct wpi_rx_tail *)((caddr_t)(head + 1) + len); 1806 flags = le32toh(tail->flags); 1807 1808 DPRINTF(sc, WPI_DEBUG_RECV, "%s: idx %d len %d stat len %u rssi %d" 1809 " rate %x chan %d tstamp %ju\n", __func__, ring->cur, 1810 le32toh(desc->len), len, (int8_t)stat->rssi, 1811 head->plcp, head->chan, (uintmax_t)le64toh(tail->tstamp)); 1812 1813 /* Discard frames with a bad FCS early. */ 1814 if ((flags & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1815 DPRINTF(sc, WPI_DEBUG_RECV, "%s: RX flags error %x\n", 1816 __func__, flags); 1817 goto fail1; 1818 } 1819 /* Discard frames that are too short. */ 1820 if (len < sizeof (*wh)) { 1821 DPRINTF(sc, WPI_DEBUG_RECV, "%s: frame too short: %d\n", 1822 __func__, len); 1823 goto fail1; 1824 } 1825 1826 m1 = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 1827 if (m1 == NULL) { 1828 DPRINTF(sc, WPI_DEBUG_ANY, "%s: no mbuf to restock ring\n", 1829 __func__); 1830 goto fail1; 1831 } 1832 bus_dmamap_unload(ring->data_dmat, data->map); 1833 1834 error = bus_dmamap_load(ring->data_dmat, data->map, mtod(m1, void *), 1835 MJUMPAGESIZE, wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 1836 if (error != 0 && error != EFBIG) { 1837 device_printf(sc->sc_dev, 1838 "%s: bus_dmamap_load failed, error %d\n", __func__, error); 1839 m_freem(m1); 1840 1841 /* Try to reload the old mbuf. */ 1842 error = bus_dmamap_load(ring->data_dmat, data->map, 1843 mtod(data->m, void *), MJUMPAGESIZE, wpi_dma_map_addr, 1844 &paddr, BUS_DMA_NOWAIT); 1845 if (error != 0 && error != EFBIG) { 1846 panic("%s: could not load old RX mbuf", __func__); 1847 } 1848 /* Physical address may have changed. */ 1849 ring->desc[ring->cur] = htole32(paddr); 1850 bus_dmamap_sync(ring->data_dmat, ring->desc_dma.map, 1851 BUS_DMASYNC_PREWRITE); 1852 goto fail1; 1853 } 1854 1855 m = data->m; 1856 data->m = m1; 1857 /* Update RX descriptor. */ 1858 ring->desc[ring->cur] = htole32(paddr); 1859 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 1860 BUS_DMASYNC_PREWRITE); 1861 1862 /* Finalize mbuf. */ 1863 m->m_pkthdr.rcvif = ifp; 1864 m->m_data = (caddr_t)(head + 1); 1865 m->m_pkthdr.len = m->m_len = len; 1866 1867 /* Grab a reference to the source node. */ 1868 wh = mtod(m, struct ieee80211_frame *); 1869 1870 if ((wh->i_fc[1] & IEEE80211_FC1_PROTECTED) && 1871 (flags & WPI_RX_CIPHER_MASK) == WPI_RX_CIPHER_CCMP) { 1872 /* Check whether decryption was successful or not. */ 1873 if ((flags & WPI_RX_DECRYPT_MASK) != WPI_RX_DECRYPT_OK) { 1874 DPRINTF(sc, WPI_DEBUG_RECV, 1875 "CCMP decryption failed 0x%x\n", flags); 1876 goto fail2; 1877 } 1878 m->m_flags |= M_WEP; 1879 } 1880 1881 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1882 1883 if (ieee80211_radiotap_active(ic)) { 1884 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1885 1886 tap->wr_flags = 0; 1887 if (head->flags & htole16(WPI_STAT_FLAG_SHPREAMBLE)) 1888 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1889 tap->wr_dbm_antsignal = (int8_t)(stat->rssi + WPI_RSSI_OFFSET); 1890 tap->wr_dbm_antnoise = WPI_RSSI_OFFSET; 1891 tap->wr_tsft = tail->tstamp; 1892 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf; 1893 tap->wr_rate = plcp2rate(head->plcp); 1894 } 1895 1896 WPI_UNLOCK(sc); 1897 1898 /* Send the frame to the 802.11 layer. */ 1899 if (ni != NULL) { 1900 (void)ieee80211_input(ni, m, stat->rssi, WPI_RSSI_OFFSET); 1901 /* Node is no longer needed. */ 1902 ieee80211_free_node(ni); 1903 } else 1904 (void)ieee80211_input_all(ic, m, stat->rssi, WPI_RSSI_OFFSET); 1905 1906 WPI_LOCK(sc); 1907 1908 return; 1909 1910fail2: m_freem(m); 1911 1912fail1: if_inc_counter(ifp, IFCOUNTER_IERRORS, 1); 1913} 1914 1915static void 1916wpi_rx_statistics(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1917 struct wpi_rx_data *data) 1918{ 1919 /* Ignore */ 1920} 1921 1922static void 1923wpi_tx_done(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1924{ 1925 struct ifnet *ifp = sc->sc_ifp; 1926 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1927 struct wpi_tx_data *data = &ring->data[desc->idx]; 1928 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1929 struct mbuf *m; 1930 struct ieee80211_node *ni; 1931 struct ieee80211vap *vap; 1932 struct ieee80211com *ic; 1933 int ackfailcnt = stat->ackfailcnt / 2; /* wpi_mrr_setup() */ 1934 int status = le32toh(stat->status); 1935 1936 KASSERT(data->ni != NULL, ("no node")); 1937 KASSERT(data->m != NULL, ("no mbuf")); 1938 1939 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 1940 1941 DPRINTF(sc, WPI_DEBUG_XMIT, "%s: " 1942 "qid %d idx %d retries %d btkillcnt %d rate %x duration %d " 1943 "status %x\n", __func__, desc->qid, desc->idx, ackfailcnt, 1944 stat->btkillcnt, stat->rate, le32toh(stat->duration), status); 1945 1946 /* Unmap and free mbuf. */ 1947 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_POSTWRITE); 1948 bus_dmamap_unload(ring->data_dmat, data->map); 1949 m = data->m, data->m = NULL; 1950 ni = data->ni, data->ni = NULL; 1951 vap = ni->ni_vap; 1952 ic = vap->iv_ic; 1953 1954 /* 1955 * Update rate control statistics for the node. 1956 */ 1957 WPI_UNLOCK(sc); 1958 if ((status & 0xff) != 1) { 1959 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 1960 ieee80211_ratectl_tx_complete(vap, ni, 1961 IEEE80211_RATECTL_TX_FAILURE, &ackfailcnt, NULL); 1962 } else { 1963 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 1964 ieee80211_ratectl_tx_complete(vap, ni, 1965 IEEE80211_RATECTL_TX_SUCCESS, &ackfailcnt, NULL); 1966 } 1967 1968 ieee80211_tx_complete(ni, m, (status & 0xff) != 1); 1969 WPI_LOCK(sc); 1970 1971 sc->sc_tx_timer = 0; 1972 if (--ring->queued < WPI_TX_RING_LOMARK) { 1973 sc->qfullmsk &= ~(1 << ring->qid); 1974 IF_LOCK(&ifp->if_snd); 1975 if (sc->qfullmsk == 0 && 1976 (ifp->if_drv_flags & IFF_DRV_OACTIVE)) { 1977 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1978 IF_UNLOCK(&ifp->if_snd); 1979 ieee80211_runtask(ic, &sc->sc_start_task); 1980 } else 1981 IF_UNLOCK(&ifp->if_snd); 1982 } 1983 1984 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 1985} 1986 1987/* 1988 * Process a "command done" firmware notification. This is where we wakeup 1989 * processes waiting for a synchronous command completion. 1990 */ 1991static void 1992wpi_cmd_done(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1993{ 1994 struct wpi_tx_ring *ring = &sc->txq[WPI_CMD_QUEUE_NUM]; 1995 struct wpi_tx_data *data; 1996 1997 DPRINTF(sc, WPI_DEBUG_CMD, "cmd notification qid %x idx %d flags %x " 1998 "type %s len %d\n", desc->qid, desc->idx, 1999 desc->flags, wpi_cmd_str(desc->type), 2000 le32toh(desc->len)); 2001 2002 if ((desc->qid & WPI_RX_DESC_QID_MSK) != WPI_CMD_QUEUE_NUM) 2003 return; /* Not a command ack. */ 2004 2005 KASSERT(ring->queued == 0, ("ring->queued must be 0")); 2006 2007 data = &ring->data[desc->idx]; 2008 2009 /* If the command was mapped in an mbuf, free it. */ 2010 if (data->m != NULL) { 2011 bus_dmamap_sync(ring->data_dmat, data->map, 2012 BUS_DMASYNC_POSTWRITE); 2013 bus_dmamap_unload(ring->data_dmat, data->map); 2014 m_freem(data->m); 2015 data->m = NULL; 2016 } 2017 2018 wakeup(&ring->cmd[desc->idx]); 2019} 2020 2021static void 2022wpi_notif_intr(struct wpi_softc *sc) 2023{ 2024 struct ifnet *ifp = sc->sc_ifp; 2025 struct ieee80211com *ic = ifp->if_l2com; 2026 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2027 int hw; 2028 2029 bus_dmamap_sync(sc->shared_dma.tag, sc->shared_dma.map, 2030 BUS_DMASYNC_POSTREAD); 2031 2032 hw = le32toh(sc->shared->next); 2033 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 2034 2035 while (sc->rxq.cur != hw) { 2036 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 2037 2038 struct wpi_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 2039 struct wpi_rx_desc *desc; 2040 2041 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2042 BUS_DMASYNC_POSTREAD); 2043 desc = mtod(data->m, struct wpi_rx_desc *); 2044 2045 DPRINTF(sc, WPI_DEBUG_NOTIFY, 2046 "%s: cur=%d; qid %x idx %d flags %x type %d(%s) len %d\n", 2047 __func__, sc->rxq.cur, desc->qid, desc->idx, desc->flags, 2048 desc->type, wpi_cmd_str(desc->type), le32toh(desc->len)); 2049 2050 if (!(desc->qid & WPI_UNSOLICITED_RX_NOTIF)) { 2051 /* Reply to a command. */ 2052 wpi_cmd_done(sc, desc); 2053 } 2054 2055 switch (desc->type) { 2056 case WPI_RX_DONE: 2057 /* An 802.11 frame has been received. */ 2058 wpi_rx_done(sc, desc, data); 2059 2060 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 2061 /* wpi_stop() was called. */ 2062 return; 2063 } 2064 2065 break; 2066 2067 case WPI_TX_DONE: 2068 /* An 802.11 frame has been transmitted. */ 2069 wpi_tx_done(sc, desc); 2070 break; 2071 2072 case WPI_RX_STATISTICS: 2073 case WPI_BEACON_STATISTICS: 2074 wpi_rx_statistics(sc, desc, data); 2075 break; 2076 2077 case WPI_BEACON_MISSED: 2078 { 2079 struct wpi_beacon_missed *miss = 2080 (struct wpi_beacon_missed *)(desc + 1); 2081 int misses; 2082 2083 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2084 BUS_DMASYNC_POSTREAD); 2085 misses = le32toh(miss->consecutive); 2086 2087 DPRINTF(sc, WPI_DEBUG_STATE, 2088 "%s: beacons missed %d/%d\n", __func__, misses, 2089 le32toh(miss->total)); 2090 2091 if (vap->iv_state == IEEE80211_S_RUN && 2092 (ic->ic_flags & IEEE80211_F_SCAN) == 0) { 2093 if (misses >= vap->iv_bmissthreshold) { 2094 WPI_UNLOCK(sc); 2095 ieee80211_beacon_miss(ic); 2096 WPI_LOCK(sc); 2097 } 2098 } 2099 break; 2100 } 2101 case WPI_UC_READY: 2102 { 2103 struct wpi_ucode_info *uc = 2104 (struct wpi_ucode_info *)(desc + 1); 2105 2106 /* The microcontroller is ready. */ 2107 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2108 BUS_DMASYNC_POSTREAD); 2109 DPRINTF(sc, WPI_DEBUG_RESET, 2110 "microcode alive notification version=%d.%d " 2111 "subtype=%x alive=%x\n", uc->major, uc->minor, 2112 uc->subtype, le32toh(uc->valid)); 2113 2114 if (le32toh(uc->valid) != 1) { 2115 device_printf(sc->sc_dev, 2116 "microcontroller initialization failed\n"); 2117 wpi_stop_locked(sc); 2118 } 2119 /* Save the address of the error log in SRAM. */ 2120 sc->errptr = le32toh(uc->errptr); 2121 break; 2122 } 2123 case WPI_STATE_CHANGED: 2124 { 2125 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2126 BUS_DMASYNC_POSTREAD); 2127 2128 uint32_t *status = (uint32_t *)(desc + 1); 2129 2130 DPRINTF(sc, WPI_DEBUG_STATE, "state changed to %x\n", 2131 le32toh(*status)); 2132 2133 if (le32toh(*status) & 1) { 2134 WPI_NT_LOCK(sc); 2135 wpi_clear_node_table(sc); 2136 WPI_NT_UNLOCK(sc); 2137 ieee80211_runtask(ic, &sc->sc_radiooff_task); 2138 return; 2139 } 2140 break; 2141 } 2142 case WPI_START_SCAN: 2143 { 2144 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2145 BUS_DMASYNC_POSTREAD); 2146#ifdef WPI_DEBUG 2147 struct wpi_start_scan *scan = 2148 (struct wpi_start_scan *)(desc + 1); 2149 DPRINTF(sc, WPI_DEBUG_SCAN, 2150 "%s: scanning channel %d status %x\n", 2151 __func__, scan->chan, le32toh(scan->status)); 2152#endif 2153 break; 2154 } 2155 case WPI_STOP_SCAN: 2156 { 2157 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 2158 BUS_DMASYNC_POSTREAD); 2159#ifdef WPI_DEBUG 2160 struct wpi_stop_scan *scan = 2161 (struct wpi_stop_scan *)(desc + 1); 2162 DPRINTF(sc, WPI_DEBUG_SCAN, 2163 "scan finished nchan=%d status=%d chan=%d\n", 2164 scan->nchan, scan->status, scan->chan); 2165#endif 2166 callout_stop(&sc->scan_timeout); 2167 WPI_UNLOCK(sc); 2168 ieee80211_scan_next(vap); 2169 WPI_LOCK(sc); 2170 break; 2171 } 2172 } 2173 } 2174 2175 /* Tell the firmware what we have processed. */ 2176 wpi_update_rx_ring(sc); 2177} 2178 2179/* 2180 * Process an INT_WAKEUP interrupt raised when the microcontroller wakes up 2181 * from power-down sleep mode. 2182 */ 2183static void 2184wpi_wakeup_intr(struct wpi_softc *sc) 2185{ 2186 int qid; 2187 2188 DPRINTF(sc, WPI_DEBUG_PWRSAVE, 2189 "%s: ucode wakeup from power-down sleep\n", __func__); 2190 2191 /* Wakeup RX and TX rings. */ 2192 if (sc->rxq.update) { 2193 sc->rxq.update = 0; 2194 wpi_update_rx_ring(sc); 2195 } 2196 WPI_TXQ_LOCK(sc); 2197 for (qid = 0; qid < WPI_DRV_NTXQUEUES; qid++) { 2198 struct wpi_tx_ring *ring = &sc->txq[qid]; 2199 2200 if (ring->update) { 2201 ring->update = 0; 2202 wpi_update_tx_ring(sc, ring); 2203 } 2204 } 2205 WPI_TXQ_UNLOCK(sc); 2206 2207 WPI_CLRBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_MAC_ACCESS_REQ); 2208} 2209 2210/* 2211 * This function prints firmware registers 2212 */ 2213#ifdef WPI_DEBUG 2214static void 2215wpi_debug_registers(struct wpi_softc *sc) 2216{ 2217#define COUNTOF(array) (sizeof(array) / sizeof(array[0])) 2218 int i; 2219 static const uint32_t csr_tbl[] = { 2220 WPI_HW_IF_CONFIG, 2221 WPI_INT, 2222 WPI_INT_MASK, 2223 WPI_FH_INT, 2224 WPI_GPIO_IN, 2225 WPI_RESET, 2226 WPI_GP_CNTRL, 2227 WPI_EEPROM, 2228 WPI_EEPROM_GP, 2229 WPI_GIO, 2230 WPI_UCODE_GP1, 2231 WPI_UCODE_GP2, 2232 WPI_GIO_CHICKEN, 2233 WPI_ANA_PLL, 2234 WPI_DBG_HPET_MEM, 2235 }; 2236 static const uint32_t prph_tbl[] = { 2237 WPI_APMG_CLK_CTRL, 2238 WPI_APMG_PS, 2239 WPI_APMG_PCI_STT, 2240 WPI_APMG_RFKILL, 2241 }; 2242 2243 DPRINTF(sc, WPI_DEBUG_REGISTER,"%s","\n"); 2244 2245 for (i = 0; i < COUNTOF(csr_tbl); i++) { 2246 DPRINTF(sc, WPI_DEBUG_REGISTER, " %-18s: 0x%08x ", 2247 wpi_get_csr_string(csr_tbl[i]), WPI_READ(sc, csr_tbl[i])); 2248 2249 if ((i + 1) % 2 == 0) 2250 DPRINTF(sc, WPI_DEBUG_REGISTER, "\n"); 2251 } 2252 DPRINTF(sc, WPI_DEBUG_REGISTER, "\n\n"); 2253 2254 if (wpi_nic_lock(sc) == 0) { 2255 for (i = 0; i < COUNTOF(prph_tbl); i++) { 2256 DPRINTF(sc, WPI_DEBUG_REGISTER, " %-18s: 0x%08x ", 2257 wpi_get_prph_string(prph_tbl[i]), 2258 wpi_prph_read(sc, prph_tbl[i])); 2259 2260 if ((i + 1) % 2 == 0) 2261 DPRINTF(sc, WPI_DEBUG_REGISTER, "\n"); 2262 } 2263 DPRINTF(sc, WPI_DEBUG_REGISTER, "\n"); 2264 wpi_nic_unlock(sc); 2265 } else { 2266 DPRINTF(sc, WPI_DEBUG_REGISTER, 2267 "Cannot access internal registers.\n"); 2268 } 2269#undef COUNTOF 2270} 2271#endif 2272 2273/* 2274 * Dump the error log of the firmware when a firmware panic occurs. Although 2275 * we can't debug the firmware because it is neither open source nor free, it 2276 * can help us to identify certain classes of problems. 2277 */ 2278static void 2279wpi_fatal_intr(struct wpi_softc *sc) 2280{ 2281 struct wpi_fw_dump dump; 2282 uint32_t i, offset, count; 2283 const uint32_t size_errmsg = 2284 (sizeof (wpi_fw_errmsg) / sizeof ((wpi_fw_errmsg)[0])); 2285 2286 /* Check that the error log address is valid. */ 2287 if (sc->errptr < WPI_FW_DATA_BASE || 2288 sc->errptr + sizeof (dump) > 2289 WPI_FW_DATA_BASE + WPI_FW_DATA_MAXSZ) { 2290 printf("%s: bad firmware error log address 0x%08x\n", __func__, 2291 sc->errptr); 2292 return; 2293 } 2294 if (wpi_nic_lock(sc) != 0) { 2295 printf("%s: could not read firmware error log\n", __func__); 2296 return; 2297 } 2298 /* Read number of entries in the log. */ 2299 count = wpi_mem_read(sc, sc->errptr); 2300 if (count == 0 || count * sizeof (dump) > WPI_FW_DATA_MAXSZ) { 2301 printf("%s: invalid count field (count = %u)\n", __func__, 2302 count); 2303 wpi_nic_unlock(sc); 2304 return; 2305 } 2306 /* Skip "count" field. */ 2307 offset = sc->errptr + sizeof (uint32_t); 2308 printf("firmware error log (count = %u):\n", count); 2309 for (i = 0; i < count; i++) { 2310 wpi_mem_read_region_4(sc, offset, (uint32_t *)&dump, 2311 sizeof (dump) / sizeof (uint32_t)); 2312 2313 printf(" error type = \"%s\" (0x%08X)\n", 2314 (dump.desc < size_errmsg) ? 2315 wpi_fw_errmsg[dump.desc] : "UNKNOWN", 2316 dump.desc); 2317 printf(" error data = 0x%08X\n", 2318 dump.data); 2319 printf(" branch link = 0x%08X%08X\n", 2320 dump.blink[0], dump.blink[1]); 2321 printf(" interrupt link = 0x%08X%08X\n", 2322 dump.ilink[0], dump.ilink[1]); 2323 printf(" time = %u\n", dump.time); 2324 2325 offset += sizeof (dump); 2326 } 2327 wpi_nic_unlock(sc); 2328 /* Dump driver status (TX and RX rings) while we're here. */ 2329 printf("driver status:\n"); 2330 WPI_TXQ_LOCK(sc); 2331 for (i = 0; i < WPI_DRV_NTXQUEUES; i++) { 2332 struct wpi_tx_ring *ring = &sc->txq[i]; 2333 printf(" tx ring %2d: qid=%-2d cur=%-3d queued=%-3d\n", 2334 i, ring->qid, ring->cur, ring->queued); 2335 } 2336 WPI_TXQ_UNLOCK(sc); 2337 printf(" rx ring: cur=%d\n", sc->rxq.cur); 2338} 2339 2340static void 2341wpi_intr(void *arg) 2342{ 2343 struct wpi_softc *sc = arg; 2344 struct ifnet *ifp = sc->sc_ifp; 2345 uint32_t r1, r2; 2346 2347 WPI_LOCK(sc); 2348 2349 /* Disable interrupts. */ 2350 WPI_WRITE(sc, WPI_INT_MASK, 0); 2351 2352 r1 = WPI_READ(sc, WPI_INT); 2353 2354 if (r1 == 0xffffffff || (r1 & 0xfffffff0) == 0xa5a5a5a0) 2355 goto end; /* Hardware gone! */ 2356 2357 r2 = WPI_READ(sc, WPI_FH_INT); 2358 2359 DPRINTF(sc, WPI_DEBUG_INTR, "%s: reg1=0x%08x reg2=0x%08x\n", __func__, 2360 r1, r2); 2361 2362 if (r1 == 0 && r2 == 0) 2363 goto done; /* Interrupt not for us. */ 2364 2365 /* Acknowledge interrupts. */ 2366 WPI_WRITE(sc, WPI_INT, r1); 2367 WPI_WRITE(sc, WPI_FH_INT, r2); 2368 2369 if (r1 & (WPI_INT_SW_ERR | WPI_INT_HW_ERR)) { 2370 struct ieee80211com *ic = ifp->if_l2com; 2371 2372 device_printf(sc->sc_dev, "fatal firmware error\n"); 2373#ifdef WPI_DEBUG 2374 wpi_debug_registers(sc); 2375#endif 2376 wpi_fatal_intr(sc); 2377 DPRINTF(sc, WPI_DEBUG_HW, 2378 "(%s)\n", (r1 & WPI_INT_SW_ERR) ? "(Software Error)" : 2379 "(Hardware Error)"); 2380 ieee80211_runtask(ic, &sc->sc_reinittask); 2381 goto end; 2382 } 2383 2384 if ((r1 & (WPI_INT_FH_RX | WPI_INT_SW_RX)) || 2385 (r2 & WPI_FH_INT_RX)) 2386 wpi_notif_intr(sc); 2387 2388 if (r1 & WPI_INT_ALIVE) 2389 wakeup(sc); /* Firmware is alive. */ 2390 2391 if (r1 & WPI_INT_WAKEUP) 2392 wpi_wakeup_intr(sc); 2393 2394done: 2395 /* Re-enable interrupts. */ 2396 if (ifp->if_flags & IFF_UP) 2397 WPI_WRITE(sc, WPI_INT_MASK, WPI_INT_MASK_DEF); 2398 2399end: WPI_UNLOCK(sc); 2400} 2401 2402static int 2403wpi_cmd2(struct wpi_softc *sc, struct wpi_buf *buf) 2404{ 2405 struct ieee80211_frame *wh; 2406 struct wpi_tx_cmd *cmd; 2407 struct wpi_tx_data *data; 2408 struct wpi_tx_desc *desc; 2409 struct wpi_tx_ring *ring; 2410 struct mbuf *m1; 2411 bus_dma_segment_t *seg, segs[WPI_MAX_SCATTER]; 2412 int error, i, hdrlen, nsegs, totlen, pad; 2413 2414 WPI_TXQ_LOCK(sc); 2415 2416 KASSERT(buf->size <= sizeof(buf->data), ("buffer overflow")); 2417 2418 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 2419 2420 if (sc->txq_active == 0) { 2421 /* wpi_stop() was called */ 2422 error = ENETDOWN; 2423 goto fail; 2424 } 2425 2426 wh = mtod(buf->m, struct ieee80211_frame *); 2427 hdrlen = ieee80211_anyhdrsize(wh); 2428 totlen = buf->m->m_pkthdr.len; 2429 2430 if (hdrlen & 3) { 2431 /* First segment length must be a multiple of 4. */ 2432 pad = 4 - (hdrlen & 3); 2433 } else 2434 pad = 0; 2435 2436 ring = &sc->txq[buf->ac]; 2437 desc = &ring->desc[ring->cur]; 2438 data = &ring->data[ring->cur]; 2439 2440 /* Prepare TX firmware command. */ 2441 cmd = &ring->cmd[ring->cur]; 2442 cmd->code = buf->code; 2443 cmd->flags = 0; 2444 cmd->qid = ring->qid; 2445 cmd->idx = ring->cur; 2446 2447 memcpy(cmd->data, buf->data, buf->size); 2448 2449 /* Save and trim IEEE802.11 header. */ 2450 memcpy((uint8_t *)(cmd->data + buf->size), wh, hdrlen); 2451 m_adj(buf->m, hdrlen); 2452 2453 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, buf->m, 2454 segs, &nsegs, BUS_DMA_NOWAIT); 2455 if (error != 0 && error != EFBIG) { 2456 device_printf(sc->sc_dev, 2457 "%s: can't map mbuf (error %d)\n", __func__, error); 2458 goto fail; 2459 } 2460 if (error != 0) { 2461 /* Too many DMA segments, linearize mbuf. */ 2462 m1 = m_collapse(buf->m, M_NOWAIT, WPI_MAX_SCATTER - 1); 2463 if (m1 == NULL) { 2464 device_printf(sc->sc_dev, 2465 "%s: could not defrag mbuf\n", __func__); 2466 error = ENOBUFS; 2467 goto fail; 2468 } 2469 buf->m = m1; 2470 2471 error = bus_dmamap_load_mbuf_sg(ring->data_dmat, data->map, 2472 buf->m, segs, &nsegs, BUS_DMA_NOWAIT); 2473 if (error != 0) { 2474 device_printf(sc->sc_dev, 2475 "%s: can't map mbuf (error %d)\n", __func__, 2476 error); 2477 goto fail; 2478 } 2479 } 2480 2481 KASSERT(nsegs < WPI_MAX_SCATTER, 2482 ("too many DMA segments, nsegs (%d) should be less than %d", 2483 nsegs, WPI_MAX_SCATTER)); 2484 2485 data->m = buf->m; 2486 data->ni = buf->ni; 2487 2488 DPRINTF(sc, WPI_DEBUG_XMIT, "%s: qid %d idx %d len %d nsegs %d\n", 2489 __func__, ring->qid, ring->cur, totlen, nsegs); 2490 2491 /* Fill TX descriptor. */ 2492 desc->nsegs = WPI_PAD32(totlen + pad) << 4 | (1 + nsegs); 2493 /* First DMA segment is used by the TX command. */ 2494 desc->segs[0].addr = htole32(data->cmd_paddr); 2495 desc->segs[0].len = htole32(4 + buf->size + hdrlen + pad); 2496 /* Other DMA segments are for data payload. */ 2497 seg = &segs[0]; 2498 for (i = 1; i <= nsegs; i++) { 2499 desc->segs[i].addr = htole32(seg->ds_addr); 2500 desc->segs[i].len = htole32(seg->ds_len); 2501 seg++; 2502 } 2503 2504 bus_dmamap_sync(ring->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 2505 bus_dmamap_sync(ring->data_dmat, ring->cmd_dma.map, 2506 BUS_DMASYNC_PREWRITE); 2507 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 2508 BUS_DMASYNC_PREWRITE); 2509 2510 /* Kick TX ring. */ 2511 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 2512 wpi_update_tx_ring(sc, ring); 2513 2514 if (ring->qid < WPI_CMD_QUEUE_NUM) { 2515 /* Mark TX ring as full if we reach a certain threshold. */ 2516 if (++ring->queued > WPI_TX_RING_HIMARK) 2517 sc->qfullmsk |= 1 << ring->qid; 2518 2519 sc->sc_tx_timer = 5; 2520 } 2521 2522 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 2523 2524 WPI_TXQ_UNLOCK(sc); 2525 2526 return 0; 2527 2528fail: m_freem(buf->m); 2529 2530 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 2531 2532 WPI_TXQ_UNLOCK(sc); 2533 2534 return error; 2535} 2536 2537/* 2538 * Construct the data packet for a transmit buffer. 2539 */ 2540static int 2541wpi_tx_data(struct wpi_softc *sc, struct mbuf *m, struct ieee80211_node *ni) 2542{ 2543 const struct ieee80211_txparam *tp; 2544 struct ieee80211vap *vap = ni->ni_vap; 2545 struct ieee80211com *ic = ni->ni_ic; 2546 struct wpi_node *wn = WPI_NODE(ni); 2547 struct ieee80211_channel *chan; 2548 struct ieee80211_frame *wh; 2549 struct ieee80211_key *k = NULL; 2550 struct wpi_buf tx_data; 2551 struct wpi_cmd_data *tx = (struct wpi_cmd_data *)&tx_data.data; 2552 uint32_t flags; 2553 uint16_t qos; 2554 uint8_t tid, type; 2555 int ac, error, swcrypt, rate, ismcast, totlen; 2556 2557 wh = mtod(m, struct ieee80211_frame *); 2558 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2559 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 2560 2561 /* Select EDCA Access Category and TX ring for this frame. */ 2562 if (IEEE80211_QOS_HAS_SEQ(wh)) { 2563 qos = ((const struct ieee80211_qosframe *)wh)->i_qos[0]; 2564 tid = qos & IEEE80211_QOS_TID; 2565 } else { 2566 qos = 0; 2567 tid = 0; 2568 } 2569 ac = M_WME_GETAC(m); 2570 2571 chan = (ni->ni_chan != IEEE80211_CHAN_ANYC) ? 2572 ni->ni_chan : ic->ic_curchan; 2573 tp = &vap->iv_txparms[ieee80211_chan2mode(chan)]; 2574 2575 /* Choose a TX rate index. */ 2576 if (type == IEEE80211_FC0_TYPE_MGT) 2577 rate = tp->mgmtrate; 2578 else if (ismcast) 2579 rate = tp->mcastrate; 2580 else if (tp->ucastrate != IEEE80211_FIXED_RATE_NONE) 2581 rate = tp->ucastrate; 2582 else if (m->m_flags & M_EAPOL) 2583 rate = tp->mgmtrate; 2584 else { 2585 /* XXX pass pktlen */ 2586 (void) ieee80211_ratectl_rate(ni, NULL, 0); 2587 rate = ni->ni_txrate; 2588 } 2589 2590 /* Encrypt the frame if need be. */ 2591 if (wh->i_fc[1] & IEEE80211_FC1_PROTECTED) { 2592 /* Retrieve key for TX. */ 2593 k = ieee80211_crypto_encap(ni, m); 2594 if (k == NULL) { 2595 error = ENOBUFS; 2596 goto fail; 2597 } 2598 swcrypt = k->wk_flags & IEEE80211_KEY_SWCRYPT; 2599 2600 /* 802.11 header may have moved. */ 2601 wh = mtod(m, struct ieee80211_frame *); 2602 } 2603 totlen = m->m_pkthdr.len; 2604 2605 if (ieee80211_radiotap_active_vap(vap)) { 2606 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 2607 2608 tap->wt_flags = 0; 2609 tap->wt_rate = rate; 2610 if (k != NULL) 2611 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2612 2613 ieee80211_radiotap_tx(vap, m); 2614 } 2615 2616 flags = 0; 2617 if (!ismcast) { 2618 /* Unicast frame, check if an ACK is expected. */ 2619 if (!qos || (qos & IEEE80211_QOS_ACKPOLICY) != 2620 IEEE80211_QOS_ACKPOLICY_NOACK) 2621 flags |= WPI_TX_NEED_ACK; 2622 } 2623 2624 if (wh->i_fc[1] & IEEE80211_FC1_MORE_FRAG) 2625 flags |= WPI_TX_MORE_FRAG; /* Cannot happen yet. */ 2626 2627 /* Check if frame must be protected using RTS/CTS or CTS-to-self. */ 2628 if (!ismcast) { 2629 /* NB: Group frames are sent using CCK in 802.11b/g. */ 2630 if (totlen + IEEE80211_CRC_LEN > vap->iv_rtsthreshold) { 2631 flags |= WPI_TX_NEED_RTS; 2632 } else if ((ic->ic_flags & IEEE80211_F_USEPROT) && 2633 WPI_RATE_IS_OFDM(rate)) { 2634 if (ic->ic_protmode == IEEE80211_PROT_CTSONLY) 2635 flags |= WPI_TX_NEED_CTS; 2636 else if (ic->ic_protmode == IEEE80211_PROT_RTSCTS) 2637 flags |= WPI_TX_NEED_RTS; 2638 } 2639 2640 if (flags & (WPI_TX_NEED_RTS | WPI_TX_NEED_CTS)) 2641 flags |= WPI_TX_FULL_TXOP; 2642 } 2643 2644 memset(tx, 0, sizeof (struct wpi_cmd_data)); 2645 if (type == IEEE80211_FC0_TYPE_MGT) { 2646 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2647 2648 /* Tell HW to set timestamp in probe responses. */ 2649 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2650 flags |= WPI_TX_INSERT_TSTAMP; 2651 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2652 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2653 tx->timeout = htole16(3); 2654 else 2655 tx->timeout = htole16(2); 2656 } 2657 2658 if (ismcast || type != IEEE80211_FC0_TYPE_DATA) 2659 tx->id = WPI_ID_BROADCAST; 2660 else { 2661 if (wn->id == WPI_ID_UNDEFINED) { 2662 device_printf(sc->sc_dev, 2663 "%s: undefined node id\n", __func__); 2664 error = EINVAL; 2665 goto fail; 2666 } 2667 2668 tx->id = wn->id; 2669 } 2670 2671 if (type != IEEE80211_FC0_TYPE_MGT) 2672 tx->data_ntries = tp->maxretry; 2673 2674 if (k != NULL && !swcrypt) { 2675 switch (k->wk_cipher->ic_cipher) { 2676 case IEEE80211_CIPHER_AES_CCM: 2677 tx->security = WPI_CIPHER_CCMP; 2678 break; 2679 2680 default: 2681 break; 2682 } 2683 2684 memcpy(tx->key, k->wk_key, k->wk_keylen); 2685 } 2686 2687 tx->len = htole16(totlen); 2688 tx->flags = htole32(flags); 2689 tx->plcp = rate2plcp(rate); 2690 tx->tid = tid; 2691 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 2692 tx->ofdm_mask = 0xff; 2693 tx->cck_mask = 0x0f; 2694 tx->rts_ntries = 7; 2695 2696 tx_data.ni = ni; 2697 tx_data.m = m; 2698 tx_data.size = sizeof(struct wpi_cmd_data); 2699 tx_data.code = WPI_CMD_TX_DATA; 2700 tx_data.ac = ac; 2701 2702 return wpi_cmd2(sc, &tx_data); 2703 2704fail: m_freem(m); 2705 return error; 2706} 2707 2708static int 2709wpi_tx_data_raw(struct wpi_softc *sc, struct mbuf *m, 2710 struct ieee80211_node *ni, const struct ieee80211_bpf_params *params) 2711{ 2712 struct ieee80211vap *vap = ni->ni_vap; 2713 struct ieee80211_key *k = NULL; 2714 struct ieee80211_frame *wh; 2715 struct wpi_buf tx_data; 2716 struct wpi_cmd_data *tx = (struct wpi_cmd_data *)&tx_data.data; 2717 uint32_t flags; 2718 uint8_t type; 2719 int ac, rate, swcrypt, totlen; 2720 2721 wh = mtod(m, struct ieee80211_frame *); 2722 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 2723 2724 ac = params->ibp_pri & 3; 2725 2726 /* Choose a TX rate index. */ 2727 rate = params->ibp_rate0; 2728 2729 flags = 0; 2730 if ((params->ibp_flags & IEEE80211_BPF_NOACK) == 0) 2731 flags |= WPI_TX_NEED_ACK; 2732 if (params->ibp_flags & IEEE80211_BPF_RTS) 2733 flags |= WPI_TX_NEED_RTS; 2734 if (params->ibp_flags & IEEE80211_BPF_CTS) 2735 flags |= WPI_TX_NEED_CTS; 2736 if (flags & (WPI_TX_NEED_RTS | WPI_TX_NEED_CTS)) 2737 flags |= WPI_TX_FULL_TXOP; 2738 2739 /* Encrypt the frame if need be. */ 2740 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) { 2741 /* Retrieve key for TX. */ 2742 k = ieee80211_crypto_encap(ni, m); 2743 if (k == NULL) { 2744 m_freem(m); 2745 return ENOBUFS; 2746 } 2747 swcrypt = k->wk_flags & IEEE80211_KEY_SWCRYPT; 2748 2749 /* 802.11 header may have moved. */ 2750 wh = mtod(m, struct ieee80211_frame *); 2751 } 2752 totlen = m->m_pkthdr.len; 2753 2754 if (ieee80211_radiotap_active_vap(vap)) { 2755 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 2756 2757 tap->wt_flags = 0; 2758 tap->wt_rate = rate; 2759 if (params->ibp_flags & IEEE80211_BPF_CRYPTO) 2760 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 2761 2762 ieee80211_radiotap_tx(vap, m); 2763 } 2764 2765 memset(tx, 0, sizeof (struct wpi_cmd_data)); 2766 if (type == IEEE80211_FC0_TYPE_MGT) { 2767 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2768 2769 /* Tell HW to set timestamp in probe responses. */ 2770 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) 2771 flags |= WPI_TX_INSERT_TSTAMP; 2772 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2773 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) 2774 tx->timeout = htole16(3); 2775 else 2776 tx->timeout = htole16(2); 2777 } 2778 2779 if (k != NULL && !swcrypt) { 2780 switch (k->wk_cipher->ic_cipher) { 2781 case IEEE80211_CIPHER_AES_CCM: 2782 tx->security = WPI_CIPHER_CCMP; 2783 break; 2784 2785 default: 2786 break; 2787 } 2788 2789 memcpy(tx->key, k->wk_key, k->wk_keylen); 2790 } 2791 2792 tx->len = htole16(totlen); 2793 tx->flags = htole32(flags); 2794 tx->plcp = rate2plcp(rate); 2795 tx->id = WPI_ID_BROADCAST; 2796 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 2797 tx->rts_ntries = params->ibp_try1; 2798 tx->data_ntries = params->ibp_try0; 2799 2800 tx_data.ni = ni; 2801 tx_data.m = m; 2802 tx_data.size = sizeof(struct wpi_cmd_data); 2803 tx_data.code = WPI_CMD_TX_DATA; 2804 tx_data.ac = ac; 2805 2806 return wpi_cmd2(sc, &tx_data); 2807} 2808 2809static int 2810wpi_raw_xmit(struct ieee80211_node *ni, struct mbuf *m, 2811 const struct ieee80211_bpf_params *params) 2812{ 2813 struct ieee80211com *ic = ni->ni_ic; 2814 struct ifnet *ifp = ic->ic_ifp; 2815 struct wpi_softc *sc = ifp->if_softc; 2816 int error = 0; 2817 2818 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 2819 2820 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) { 2821 ieee80211_free_node(ni); 2822 m_freem(m); 2823 return ENETDOWN; 2824 } 2825 2826 WPI_LOCK(sc); 2827 if (params == NULL) { 2828 /* 2829 * Legacy path; interpret frame contents to decide 2830 * precisely how to send the frame. 2831 */ 2832 error = wpi_tx_data(sc, m, ni); 2833 } else { 2834 /* 2835 * Caller supplied explicit parameters to use in 2836 * sending the frame. 2837 */ 2838 error = wpi_tx_data_raw(sc, m, ni, params); 2839 } 2840 WPI_UNLOCK(sc); 2841 2842 if (error != 0) { 2843 /* NB: m is reclaimed on tx failure */ 2844 ieee80211_free_node(ni); 2845 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2846 2847 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 2848 2849 return error; 2850 } 2851 2852 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 2853 2854 return 0; 2855} 2856 2857/** 2858 * Process data waiting to be sent on the IFNET output queue 2859 */ 2860static void 2861wpi_start(struct ifnet *ifp) 2862{ 2863 struct wpi_softc *sc = ifp->if_softc; 2864 struct ieee80211_node *ni; 2865 struct mbuf *m; 2866 2867 DPRINTF(sc, WPI_DEBUG_XMIT, "%s: called\n", __func__); 2868 2869 IF_LOCK(&ifp->if_snd); 2870 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 || 2871 (ifp->if_drv_flags & IFF_DRV_OACTIVE)) { 2872 IF_UNLOCK(&ifp->if_snd); 2873 return; 2874 } 2875 IF_UNLOCK(&ifp->if_snd); 2876 2877 WPI_LOCK(sc); 2878 for (;;) { 2879 if (sc->qfullmsk != 0) { 2880 IF_LOCK(&ifp->if_snd); 2881 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 2882 IF_UNLOCK(&ifp->if_snd); 2883 break; 2884 } 2885 IFQ_DRV_DEQUEUE(&ifp->if_snd, m); 2886 if (m == NULL) 2887 break; 2888 ni = (struct ieee80211_node *)m->m_pkthdr.rcvif; 2889 if (wpi_tx_data(sc, m, ni) != 0) { 2890 WPI_UNLOCK(sc); 2891 ieee80211_free_node(ni); 2892 WPI_LOCK(sc); 2893 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2894 } 2895 } 2896 WPI_UNLOCK(sc); 2897 2898 DPRINTF(sc, WPI_DEBUG_XMIT, "%s: done\n", __func__); 2899} 2900 2901static void 2902wpi_start_task(void *arg0, int pending) 2903{ 2904 struct wpi_softc *sc = arg0; 2905 struct ifnet *ifp = sc->sc_ifp; 2906 2907 wpi_start(ifp); 2908} 2909 2910static void 2911wpi_watchdog_rfkill(void *arg) 2912{ 2913 struct wpi_softc *sc = arg; 2914 struct ifnet *ifp = sc->sc_ifp; 2915 struct ieee80211com *ic = ifp->if_l2com; 2916 2917 DPRINTF(sc, WPI_DEBUG_WATCHDOG, "RFkill Watchdog: tick\n"); 2918 2919 /* No need to lock firmware memory. */ 2920 if ((wpi_prph_read(sc, WPI_APMG_RFKILL) & 0x1) == 0) { 2921 /* Radio kill switch is still off. */ 2922 callout_reset(&sc->watchdog_rfkill, hz, wpi_watchdog_rfkill, 2923 sc); 2924 } else 2925 ieee80211_runtask(ic, &sc->sc_radioon_task); 2926} 2927 2928static void 2929wpi_scan_timeout(void *arg) 2930{ 2931 struct wpi_softc *sc = arg; 2932 struct ifnet *ifp = sc->sc_ifp; 2933 struct ieee80211com *ic = ifp->if_l2com; 2934 2935 if_printf(ifp, "scan timeout\n"); 2936 ieee80211_runtask(ic, &sc->sc_reinittask); 2937} 2938 2939/** 2940 * Called every second, wpi_watchdog used by the watch dog timer 2941 * to check that the card is still alive 2942 */ 2943static void 2944wpi_watchdog(void *arg) 2945{ 2946 struct wpi_softc *sc = arg; 2947 struct ifnet *ifp = sc->sc_ifp; 2948 struct ieee80211com *ic = ifp->if_l2com; 2949 2950 DPRINTF(sc, WPI_DEBUG_WATCHDOG, "Watchdog: tick\n"); 2951 2952 if (sc->sc_tx_timer > 0) { 2953 if (--sc->sc_tx_timer == 0) { 2954 if_printf(ifp, "device timeout\n"); 2955 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1); 2956 ieee80211_runtask(ic, &sc->sc_reinittask); 2957 } 2958 } 2959 2960 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2961 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 2962} 2963 2964static int 2965wpi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2966{ 2967 struct wpi_softc *sc = ifp->if_softc; 2968 struct ieee80211com *ic = ifp->if_l2com; 2969 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 2970 struct ifreq *ifr = (struct ifreq *) data; 2971 int error = 0; 2972 2973 switch (cmd) { 2974 case SIOCGIFADDR: 2975 error = ether_ioctl(ifp, cmd, data); 2976 break; 2977 case SIOCSIFFLAGS: 2978 if (ifp->if_flags & IFF_UP) { 2979 wpi_init(sc); 2980 2981 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0 && 2982 vap != NULL) 2983 ieee80211_stop(vap); 2984 } else if ((ifp->if_drv_flags & IFF_DRV_RUNNING) != 0) 2985 wpi_stop(sc); 2986 break; 2987 case SIOCGIFMEDIA: 2988 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd); 2989 break; 2990 default: 2991 error = EINVAL; 2992 break; 2993 } 2994 return error; 2995} 2996 2997/* 2998 * Send a command to the firmware. 2999 */ 3000static int 3001wpi_cmd(struct wpi_softc *sc, int code, const void *buf, size_t size, 3002 int async) 3003{ 3004 struct wpi_tx_ring *ring = &sc->txq[WPI_CMD_QUEUE_NUM]; 3005 struct wpi_tx_desc *desc; 3006 struct wpi_tx_data *data; 3007 struct wpi_tx_cmd *cmd; 3008 struct mbuf *m; 3009 bus_addr_t paddr; 3010 int totlen, error; 3011 3012 WPI_TXQ_LOCK(sc); 3013 3014 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 3015 3016 if (sc->txq_active == 0) { 3017 /* wpi_stop() was called */ 3018 error = 0; 3019 goto fail; 3020 } 3021 3022 if (async == 0) 3023 WPI_LOCK_ASSERT(sc); 3024 3025 DPRINTF(sc, WPI_DEBUG_CMD, "%s: cmd %s size %zu async %d\n", 3026 __func__, wpi_cmd_str(code), size, async); 3027 3028 desc = &ring->desc[ring->cur]; 3029 data = &ring->data[ring->cur]; 3030 totlen = 4 + size; 3031 3032 if (size > sizeof cmd->data) { 3033 /* Command is too large to fit in a descriptor. */ 3034 if (totlen > MCLBYTES) { 3035 error = EINVAL; 3036 goto fail; 3037 } 3038 m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 3039 if (m == NULL) { 3040 error = ENOMEM; 3041 goto fail; 3042 } 3043 cmd = mtod(m, struct wpi_tx_cmd *); 3044 error = bus_dmamap_load(ring->data_dmat, data->map, cmd, 3045 totlen, wpi_dma_map_addr, &paddr, BUS_DMA_NOWAIT); 3046 if (error != 0) { 3047 m_freem(m); 3048 goto fail; 3049 } 3050 data->m = m; 3051 } else { 3052 cmd = &ring->cmd[ring->cur]; 3053 paddr = data->cmd_paddr; 3054 } 3055 3056 cmd->code = code; 3057 cmd->flags = 0; 3058 cmd->qid = ring->qid; 3059 cmd->idx = ring->cur; 3060 memcpy(cmd->data, buf, size); 3061 3062 desc->nsegs = 1 + (WPI_PAD32(size) << 4); 3063 desc->segs[0].addr = htole32(paddr); 3064 desc->segs[0].len = htole32(totlen); 3065 3066 if (size > sizeof cmd->data) { 3067 bus_dmamap_sync(ring->data_dmat, data->map, 3068 BUS_DMASYNC_PREWRITE); 3069 } else { 3070 bus_dmamap_sync(ring->data_dmat, ring->cmd_dma.map, 3071 BUS_DMASYNC_PREWRITE); 3072 } 3073 bus_dmamap_sync(ring->desc_dma.tag, ring->desc_dma.map, 3074 BUS_DMASYNC_PREWRITE); 3075 3076 /* Kick command ring. */ 3077 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 3078 wpi_update_tx_ring(sc, ring); 3079 3080 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 3081 3082 WPI_TXQ_UNLOCK(sc); 3083 3084 if (async) 3085 return 0; 3086 3087 return mtx_sleep(cmd, &sc->sc_mtx, PCATCH, "wpicmd", hz); 3088 3089fail: DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 3090 3091 WPI_TXQ_UNLOCK(sc); 3092 3093 return error; 3094} 3095 3096/* 3097 * Configure HW multi-rate retries. 3098 */ 3099static int 3100wpi_mrr_setup(struct wpi_softc *sc) 3101{ 3102 struct ifnet *ifp = sc->sc_ifp; 3103 struct ieee80211com *ic = ifp->if_l2com; 3104 struct wpi_mrr_setup mrr; 3105 int i, error; 3106 3107 /* CCK rates (not used with 802.11a). */ 3108 for (i = WPI_RIDX_CCK1; i <= WPI_RIDX_CCK11; i++) { 3109 mrr.rates[i].flags = 0; 3110 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 3111 /* Fallback to the immediate lower CCK rate (if any.) */ 3112 mrr.rates[i].next = 3113 (i == WPI_RIDX_CCK1) ? WPI_RIDX_CCK1 : i - 1; 3114 /* Try one time at this rate before falling back to "next". */ 3115 mrr.rates[i].ntries = 1; 3116 } 3117 /* OFDM rates (not used with 802.11b). */ 3118 for (i = WPI_RIDX_OFDM6; i <= WPI_RIDX_OFDM54; i++) { 3119 mrr.rates[i].flags = 0; 3120 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 3121 /* Fallback to the immediate lower rate (if any.) */ 3122 /* We allow fallback from OFDM/6 to CCK/2 in 11b/g mode. */ 3123 mrr.rates[i].next = (i == WPI_RIDX_OFDM6) ? 3124 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 3125 WPI_RIDX_OFDM6 : WPI_RIDX_CCK2) : 3126 i - 1; 3127 /* Try one time at this rate before falling back to "next". */ 3128 mrr.rates[i].ntries = 1; 3129 } 3130 /* Setup MRR for control frames. */ 3131 mrr.which = htole32(WPI_MRR_CTL); 3132 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 3133 if (error != 0) { 3134 device_printf(sc->sc_dev, 3135 "could not setup MRR for control frames\n"); 3136 return error; 3137 } 3138 /* Setup MRR for data frames. */ 3139 mrr.which = htole32(WPI_MRR_DATA); 3140 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 3141 if (error != 0) { 3142 device_printf(sc->sc_dev, 3143 "could not setup MRR for data frames\n"); 3144 return error; 3145 } 3146 return 0; 3147} 3148 3149static int 3150wpi_add_node(struct wpi_softc *sc, struct ieee80211_node *ni) 3151{ 3152 struct ieee80211com *ic = ni->ni_ic; 3153 struct wpi_vap *wvp = WPI_VAP(ni->ni_vap); 3154 struct wpi_node *wn = WPI_NODE(ni); 3155 struct wpi_node_info node; 3156 int error; 3157 3158 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3159 3160 if (wn->id == WPI_ID_UNDEFINED) 3161 return EINVAL; 3162 3163 memset(&node, 0, sizeof node); 3164 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 3165 node.id = wn->id; 3166 node.plcp = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3167 wpi_ridx_to_plcp[WPI_RIDX_OFDM6] : wpi_ridx_to_plcp[WPI_RIDX_CCK1]; 3168 node.action = htole32(WPI_ACTION_SET_RATE); 3169 node.antenna = WPI_ANTENNA_BOTH; 3170 3171 DPRINTF(sc, WPI_DEBUG_NODE, "%s: adding node %d (%s)\n", __func__, 3172 wn->id, ether_sprintf(ni->ni_macaddr)); 3173 3174 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 3175 if (error != 0) { 3176 device_printf(sc->sc_dev, 3177 "%s: wpi_cmd() call failed with error code %d\n", __func__, 3178 error); 3179 return error; 3180 } 3181 3182 if (wvp->wv_gtk != 0) { 3183 error = wpi_set_global_keys(ni); 3184 if (error != 0) { 3185 device_printf(sc->sc_dev, 3186 "%s: error while setting global keys\n", __func__); 3187 return ENXIO; 3188 } 3189 } 3190 3191 return 0; 3192} 3193 3194/* 3195 * Broadcast node is used to send group-addressed and management frames. 3196 */ 3197static int 3198wpi_add_broadcast_node(struct wpi_softc *sc, int async) 3199{ 3200 struct ifnet *ifp = sc->sc_ifp; 3201 struct ieee80211com *ic = ifp->if_l2com; 3202 struct wpi_node_info node; 3203 3204 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3205 3206 memset(&node, 0, sizeof node); 3207 IEEE80211_ADDR_COPY(node.macaddr, ifp->if_broadcastaddr); 3208 node.id = WPI_ID_BROADCAST; 3209 node.plcp = (ic->ic_curmode == IEEE80211_MODE_11A) ? 3210 wpi_ridx_to_plcp[WPI_RIDX_OFDM6] : wpi_ridx_to_plcp[WPI_RIDX_CCK1]; 3211 node.action = htole32(WPI_ACTION_SET_RATE); 3212 node.antenna = WPI_ANTENNA_BOTH; 3213 3214 DPRINTF(sc, WPI_DEBUG_NODE, "%s: adding broadcast node\n", __func__); 3215 3216 return wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, async); 3217} 3218 3219static int 3220wpi_add_sta_node(struct wpi_softc *sc, struct ieee80211_node *ni) 3221{ 3222 struct wpi_node *wn = WPI_NODE(ni); 3223 int error; 3224 3225 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3226 3227 wn->id = wpi_add_node_entry_sta(sc); 3228 3229 if ((error = wpi_add_node(sc, ni)) != 0) { 3230 wpi_del_node_entry(sc, wn->id); 3231 wn->id = WPI_ID_UNDEFINED; 3232 return error; 3233 } 3234 3235 return 0; 3236} 3237 3238static int 3239wpi_add_ibss_node(struct wpi_softc *sc, struct ieee80211_node *ni) 3240{ 3241 struct wpi_node *wn = WPI_NODE(ni); 3242 int error; 3243 3244 KASSERT(wn->id == WPI_ID_UNDEFINED, 3245 ("the node %d was added before", wn->id)); 3246 3247 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3248 3249 if ((wn->id = wpi_add_node_entry_adhoc(sc)) == WPI_ID_UNDEFINED) { 3250 device_printf(sc->sc_dev, "%s: h/w table is full\n", __func__); 3251 return ENOMEM; 3252 } 3253 3254 if ((error = wpi_add_node(sc, ni)) != 0) { 3255 wpi_del_node_entry(sc, wn->id); 3256 wn->id = WPI_ID_UNDEFINED; 3257 return error; 3258 } 3259 3260 return 0; 3261} 3262 3263static void 3264wpi_del_node(struct wpi_softc *sc, struct ieee80211_node *ni) 3265{ 3266 struct wpi_node *wn = WPI_NODE(ni); 3267 struct wpi_cmd_del_node node; 3268 int error; 3269 3270 KASSERT(wn->id != WPI_ID_UNDEFINED, ("undefined node id passed")); 3271 3272 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3273 3274 memset(&node, 0, sizeof node); 3275 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 3276 node.count = 1; 3277 3278 DPRINTF(sc, WPI_DEBUG_NODE, "%s: deleting node %d (%s)\n", __func__, 3279 wn->id, ether_sprintf(ni->ni_macaddr)); 3280 3281 error = wpi_cmd(sc, WPI_CMD_DEL_NODE, &node, sizeof node, 1); 3282 if (error != 0) { 3283 device_printf(sc->sc_dev, 3284 "%s: could not delete node %u, error %d\n", __func__, 3285 wn->id, error); 3286 } 3287} 3288 3289static int 3290wpi_updateedca(struct ieee80211com *ic) 3291{ 3292#define WPI_EXP2(x) ((1 << (x)) - 1) /* CWmin = 2^ECWmin - 1 */ 3293 struct wpi_softc *sc = ic->ic_ifp->if_softc; 3294 struct wpi_edca_params cmd; 3295 int aci, error; 3296 3297 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 3298 3299 memset(&cmd, 0, sizeof cmd); 3300 cmd.flags = htole32(WPI_EDCA_UPDATE); 3301 for (aci = 0; aci < WME_NUM_AC; aci++) { 3302 const struct wmeParams *ac = 3303 &ic->ic_wme.wme_chanParams.cap_wmeParams[aci]; 3304 cmd.ac[aci].aifsn = ac->wmep_aifsn; 3305 cmd.ac[aci].cwmin = htole16(WPI_EXP2(ac->wmep_logcwmin)); 3306 cmd.ac[aci].cwmax = htole16(WPI_EXP2(ac->wmep_logcwmax)); 3307 cmd.ac[aci].txoplimit = 3308 htole16(IEEE80211_TXOP_TO_US(ac->wmep_txopLimit)); 3309 3310 DPRINTF(sc, WPI_DEBUG_EDCA, 3311 "setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 3312 "txoplimit=%d\n", aci, cmd.ac[aci].aifsn, 3313 cmd.ac[aci].cwmin, cmd.ac[aci].cwmax, 3314 cmd.ac[aci].txoplimit); 3315 } 3316 error = wpi_cmd(sc, WPI_CMD_EDCA_PARAMS, &cmd, sizeof cmd, 1); 3317 3318 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 3319 3320 return error; 3321#undef WPI_EXP2 3322} 3323 3324static void 3325wpi_set_promisc(struct wpi_softc *sc) 3326{ 3327 struct ifnet *ifp = sc->sc_ifp; 3328 struct ieee80211com *ic = ifp->if_l2com; 3329 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3330 uint32_t promisc_filter; 3331 3332 promisc_filter = WPI_FILTER_CTL; 3333 if (vap != NULL && vap->iv_opmode != IEEE80211_M_HOSTAP) 3334 promisc_filter |= WPI_FILTER_PROMISC; 3335 3336 if (ifp->if_flags & IFF_PROMISC) 3337 sc->rxon.filter |= htole32(promisc_filter); 3338 else 3339 sc->rxon.filter &= ~htole32(promisc_filter); 3340} 3341 3342static void 3343wpi_update_promisc(struct ifnet *ifp) 3344{ 3345 struct wpi_softc *sc = ifp->if_softc; 3346 3347 WPI_LOCK(sc); 3348 wpi_set_promisc(sc); 3349 3350 if (wpi_send_rxon(sc, 1, 1) != 0) { 3351 device_printf(sc->sc_dev, "%s: could not send RXON\n", 3352 __func__); 3353 } 3354 WPI_UNLOCK(sc); 3355} 3356 3357static void 3358wpi_update_mcast(struct ifnet *ifp) 3359{ 3360 /* Ignore */ 3361} 3362 3363static void 3364wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 3365{ 3366 struct wpi_cmd_led led; 3367 3368 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3369 3370 led.which = which; 3371 led.unit = htole32(100000); /* on/off in unit of 100ms */ 3372 led.off = off; 3373 led.on = on; 3374 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 3375} 3376 3377static int 3378wpi_set_timing(struct wpi_softc *sc, struct ieee80211_node *ni) 3379{ 3380 struct wpi_cmd_timing cmd; 3381 uint64_t val, mod; 3382 3383 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3384 3385 memset(&cmd, 0, sizeof cmd); 3386 memcpy(&cmd.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 3387 cmd.bintval = htole16(ni->ni_intval); 3388 cmd.lintval = htole16(10); 3389 3390 /* Compute remaining time until next beacon. */ 3391 val = (uint64_t)ni->ni_intval * IEEE80211_DUR_TU; 3392 mod = le64toh(cmd.tstamp) % val; 3393 cmd.binitval = htole32((uint32_t)(val - mod)); 3394 3395 DPRINTF(sc, WPI_DEBUG_RESET, "timing bintval=%u tstamp=%ju, init=%u\n", 3396 ni->ni_intval, le64toh(cmd.tstamp), (uint32_t)(val - mod)); 3397 3398 return wpi_cmd(sc, WPI_CMD_TIMING, &cmd, sizeof cmd, 1); 3399} 3400 3401/* 3402 * This function is called periodically (every 60 seconds) to adjust output 3403 * power to temperature changes. 3404 */ 3405static void 3406wpi_power_calibration(struct wpi_softc *sc) 3407{ 3408 int temp; 3409 3410 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 3411 3412 /* Update sensor data. */ 3413 temp = (int)WPI_READ(sc, WPI_UCODE_GP2); 3414 DPRINTF(sc, WPI_DEBUG_TEMP, "Temp in calibration is: %d\n", temp); 3415 3416 /* Sanity-check read value. */ 3417 if (temp < -260 || temp > 25) { 3418 /* This can't be correct, ignore. */ 3419 DPRINTF(sc, WPI_DEBUG_TEMP, 3420 "out-of-range temperature reported: %d\n", temp); 3421 return; 3422 } 3423 3424 DPRINTF(sc, WPI_DEBUG_TEMP, "temperature %d->%d\n", sc->temp, temp); 3425 3426 /* Adjust Tx power if need be. */ 3427 if (abs(temp - sc->temp) <= 6) 3428 return; 3429 3430 sc->temp = temp; 3431 3432 if (wpi_set_txpower(sc, 1) != 0) { 3433 /* just warn, too bad for the automatic calibration... */ 3434 device_printf(sc->sc_dev,"could not adjust Tx power\n"); 3435 } 3436} 3437 3438/* 3439 * Set TX power for current channel. 3440 */ 3441static int 3442wpi_set_txpower(struct wpi_softc *sc, int async) 3443{ 3444 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3445 struct ieee80211_channel *ch; 3446 struct wpi_power_group *group; 3447 struct wpi_cmd_txpower cmd; 3448 uint8_t chan; 3449 int idx, i; 3450 3451 /* Retrieve current channel from last RXON. */ 3452 chan = sc->rxon.chan; 3453 ch = &ic->ic_channels[chan]; 3454 3455 /* Find the TX power group to which this channel belongs. */ 3456 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3457 for (group = &sc->groups[1]; group < &sc->groups[4]; group++) 3458 if (chan <= group->chan) 3459 break; 3460 } else 3461 group = &sc->groups[0]; 3462 3463 memset(&cmd, 0, sizeof cmd); 3464 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 3465 cmd.chan = htole16(chan); 3466 3467 /* Set TX power for all OFDM and CCK rates. */ 3468 for (i = 0; i <= WPI_RIDX_MAX ; i++) { 3469 /* Retrieve TX power for this channel/rate. */ 3470 idx = wpi_get_power_index(sc, group, ch, i); 3471 3472 cmd.rates[i].plcp = wpi_ridx_to_plcp[i]; 3473 3474 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 3475 cmd.rates[i].rf_gain = wpi_rf_gain_5ghz[idx]; 3476 cmd.rates[i].dsp_gain = wpi_dsp_gain_5ghz[idx]; 3477 } else { 3478 cmd.rates[i].rf_gain = wpi_rf_gain_2ghz[idx]; 3479 cmd.rates[i].dsp_gain = wpi_dsp_gain_2ghz[idx]; 3480 } 3481 DPRINTF(sc, WPI_DEBUG_TEMP, 3482 "chan %d/ridx %d: power index %d\n", chan, i, idx); 3483 } 3484 3485 return wpi_cmd(sc, WPI_CMD_TXPOWER, &cmd, sizeof cmd, async); 3486} 3487 3488/* 3489 * Determine Tx power index for a given channel/rate combination. 3490 * This takes into account the regulatory information from EEPROM and the 3491 * current temperature. 3492 */ 3493static int 3494wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group, 3495 struct ieee80211_channel *c, int ridx) 3496{ 3497/* Fixed-point arithmetic division using a n-bit fractional part. */ 3498#define fdivround(a, b, n) \ 3499 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 3500 3501/* Linear interpolation. */ 3502#define interpolate(x, x1, y1, x2, y2, n) \ 3503 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 3504 3505 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3506 struct wpi_power_sample *sample; 3507 int pwr, idx; 3508 u_int chan; 3509 3510 /* Get channel number. */ 3511 chan = ieee80211_chan2ieee(ic, c); 3512 3513 /* Default TX power is group maximum TX power minus 3dB. */ 3514 pwr = group->maxpwr / 2; 3515 3516 /* Decrease TX power for highest OFDM rates to reduce distortion. */ 3517 switch (ridx) { 3518 case WPI_RIDX_OFDM36: 3519 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5; 3520 break; 3521 case WPI_RIDX_OFDM48: 3522 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10; 3523 break; 3524 case WPI_RIDX_OFDM54: 3525 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12; 3526 break; 3527 } 3528 3529 /* Never exceed the channel maximum allowed TX power. */ 3530 pwr = min(pwr, sc->maxpwr[chan]); 3531 3532 /* Retrieve TX power index into gain tables from samples. */ 3533 for (sample = group->samples; sample < &group->samples[3]; sample++) 3534 if (pwr > sample[1].power) 3535 break; 3536 /* Fixed-point linear interpolation using a 19-bit fractional part. */ 3537 idx = interpolate(pwr, sample[0].power, sample[0].index, 3538 sample[1].power, sample[1].index, 19); 3539 3540 /*- 3541 * Adjust power index based on current temperature: 3542 * - if cooler than factory-calibrated: decrease output power 3543 * - if warmer than factory-calibrated: increase output power 3544 */ 3545 idx -= (sc->temp - group->temp) * 11 / 100; 3546 3547 /* Decrease TX power for CCK rates (-5dB). */ 3548 if (ridx >= WPI_RIDX_CCK1) 3549 idx += 10; 3550 3551 /* Make sure idx stays in a valid range. */ 3552 if (idx < 0) 3553 return 0; 3554 if (idx > WPI_MAX_PWR_INDEX) 3555 return WPI_MAX_PWR_INDEX; 3556 return idx; 3557 3558#undef interpolate 3559#undef fdivround 3560} 3561 3562/* 3563 * Set STA mode power saving level (between 0 and 5). 3564 * Level 0 is CAM (Continuously Aware Mode), 5 is for maximum power saving. 3565 */ 3566static int 3567wpi_set_pslevel(struct wpi_softc *sc, uint8_t dtim, int level, int async) 3568{ 3569 struct wpi_pmgt_cmd cmd; 3570 const struct wpi_pmgt *pmgt; 3571 uint32_t max, skip_dtim; 3572 uint32_t reg; 3573 int i; 3574 3575 DPRINTF(sc, WPI_DEBUG_PWRSAVE, 3576 "%s: dtim=%d, level=%d, async=%d\n", 3577 __func__, dtim, level, async); 3578 3579 /* Select which PS parameters to use. */ 3580 if (dtim <= 10) 3581 pmgt = &wpi_pmgt[0][level]; 3582 else 3583 pmgt = &wpi_pmgt[1][level]; 3584 3585 memset(&cmd, 0, sizeof cmd); 3586 if (level != 0) /* not CAM */ 3587 cmd.flags |= htole16(WPI_PS_ALLOW_SLEEP); 3588 /* Retrieve PCIe Active State Power Management (ASPM). */ 3589 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + 0x10, 1); 3590 if (!(reg & 0x1)) /* L0s Entry disabled. */ 3591 cmd.flags |= htole16(WPI_PS_PCI_PMGT); 3592 3593 cmd.rxtimeout = htole32(pmgt->rxtimeout * IEEE80211_DUR_TU); 3594 cmd.txtimeout = htole32(pmgt->txtimeout * IEEE80211_DUR_TU); 3595 3596 if (dtim == 0) { 3597 dtim = 1; 3598 skip_dtim = 0; 3599 } else 3600 skip_dtim = pmgt->skip_dtim; 3601 3602 if (skip_dtim != 0) { 3603 cmd.flags |= htole16(WPI_PS_SLEEP_OVER_DTIM); 3604 max = pmgt->intval[4]; 3605 if (max == (uint32_t)-1) 3606 max = dtim * (skip_dtim + 1); 3607 else if (max > dtim) 3608 max = (max / dtim) * dtim; 3609 } else 3610 max = dtim; 3611 3612 for (i = 0; i < 5; i++) 3613 cmd.intval[i] = htole32(MIN(max, pmgt->intval[i])); 3614 3615 return wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &cmd, sizeof cmd, async); 3616} 3617 3618static int 3619wpi_send_btcoex(struct wpi_softc *sc) 3620{ 3621 struct wpi_bluetooth cmd; 3622 3623 memset(&cmd, 0, sizeof cmd); 3624 cmd.flags = WPI_BT_COEX_MODE_4WIRE; 3625 cmd.lead_time = WPI_BT_LEAD_TIME_DEF; 3626 cmd.max_kill = WPI_BT_MAX_KILL_DEF; 3627 DPRINTF(sc, WPI_DEBUG_RESET, "%s: configuring bluetooth coexistence\n", 3628 __func__); 3629 return wpi_cmd(sc, WPI_CMD_BT_COEX, &cmd, sizeof(cmd), 0); 3630} 3631 3632static int 3633wpi_send_rxon(struct wpi_softc *sc, int assoc, int async) 3634{ 3635 int error; 3636 3637 if (assoc && (sc->rxon.filter & htole32(WPI_FILTER_BSS))) { 3638 struct wpi_assoc rxon_assoc; 3639 3640 rxon_assoc.flags = sc->rxon.flags; 3641 rxon_assoc.filter = sc->rxon.filter; 3642 rxon_assoc.ofdm_mask = sc->rxon.ofdm_mask; 3643 rxon_assoc.cck_mask = sc->rxon.cck_mask; 3644 rxon_assoc.reserved = 0; 3645 3646 error = wpi_cmd(sc, WPI_CMD_RXON_ASSOC, &rxon_assoc, 3647 sizeof (struct wpi_assoc), async); 3648 if (error != 0) { 3649 device_printf(sc->sc_dev, 3650 "RXON_ASSOC command failed, error %d\n", error); 3651 return error; 3652 } 3653 } else { 3654 if (async) { 3655 WPI_NT_LOCK(sc); 3656 error = wpi_cmd(sc, WPI_CMD_RXON, &sc->rxon, 3657 sizeof (struct wpi_rxon), async); 3658 if (error == 0) 3659 wpi_clear_node_table(sc); 3660 WPI_NT_UNLOCK(sc); 3661 } else { 3662 error = wpi_cmd(sc, WPI_CMD_RXON, &sc->rxon, 3663 sizeof (struct wpi_rxon), async); 3664 if (error == 0) 3665 wpi_clear_node_table(sc); 3666 } 3667 3668 if (error != 0) { 3669 device_printf(sc->sc_dev, 3670 "RXON command failed, error %d\n", error); 3671 return error; 3672 } 3673 3674 /* Add broadcast node. */ 3675 error = wpi_add_broadcast_node(sc, async); 3676 if (error != 0) { 3677 device_printf(sc->sc_dev, 3678 "could not add broadcast node, error %d\n", error); 3679 return error; 3680 } 3681 } 3682 3683 /* Configuration has changed, set Tx power accordingly. */ 3684 if ((error = wpi_set_txpower(sc, async)) != 0) { 3685 device_printf(sc->sc_dev, 3686 "%s: could not set TX power, error %d\n", __func__, error); 3687 return error; 3688 } 3689 3690 return 0; 3691} 3692 3693/** 3694 * Configure the card to listen to a particular channel, this transisions the 3695 * card in to being able to receive frames from remote devices. 3696 */ 3697static int 3698wpi_config(struct wpi_softc *sc) 3699{ 3700 struct ifnet *ifp = sc->sc_ifp; 3701 struct ieee80211com *ic = ifp->if_l2com; 3702 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3703 uint32_t flags; 3704 int error; 3705 3706 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 3707 3708 /* Set power saving level to CAM during initialization. */ 3709 if ((error = wpi_set_pslevel(sc, 0, 0, 0)) != 0) { 3710 device_printf(sc->sc_dev, 3711 "%s: could not set power saving level\n", __func__); 3712 return error; 3713 } 3714 3715 /* Configure bluetooth coexistence. */ 3716 if ((error = wpi_send_btcoex(sc)) != 0) { 3717 device_printf(sc->sc_dev, 3718 "could not configure bluetooth coexistence\n"); 3719 return error; 3720 } 3721 3722 /* Configure adapter. */ 3723 memset(&sc->rxon, 0, sizeof (struct wpi_rxon)); 3724 IEEE80211_ADDR_COPY(sc->rxon.myaddr, vap->iv_myaddr); 3725 3726 /* Set default channel. */ 3727 sc->rxon.chan = ieee80211_chan2ieee(ic, ic->ic_curchan); 3728 sc->rxon.flags = htole32(WPI_RXON_TSF | WPI_RXON_CTS_TO_SELF); 3729 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 3730 sc->rxon.flags |= htole32(WPI_RXON_AUTO | WPI_RXON_24GHZ); 3731 3732 sc->rxon.filter = WPI_FILTER_MULTICAST; 3733 switch (ic->ic_opmode) { 3734 case IEEE80211_M_STA: 3735 sc->rxon.mode = WPI_MODE_STA; 3736 break; 3737 case IEEE80211_M_IBSS: 3738 sc->rxon.mode = WPI_MODE_IBSS; 3739 sc->rxon.filter |= WPI_FILTER_BEACON; 3740 break; 3741 case IEEE80211_M_HOSTAP: 3742 /* XXX workaround for beaconing */ 3743 sc->rxon.mode = WPI_MODE_IBSS; 3744 sc->rxon.filter |= WPI_FILTER_ASSOC | WPI_FILTER_PROMISC; 3745 break; 3746 case IEEE80211_M_AHDEMO: 3747 /* XXX workaround for passive channels selection */ 3748 sc->rxon.mode = WPI_MODE_HOSTAP; 3749 break; 3750 case IEEE80211_M_MONITOR: 3751 sc->rxon.mode = WPI_MODE_MONITOR; 3752 break; 3753 default: 3754 device_printf(sc->sc_dev, "unknown opmode %d\n", 3755 ic->ic_opmode); 3756 return EINVAL; 3757 } 3758 sc->rxon.filter = htole32(sc->rxon.filter); 3759 wpi_set_promisc(sc); 3760 sc->rxon.cck_mask = 0x0f; /* not yet negotiated */ 3761 sc->rxon.ofdm_mask = 0xff; /* not yet negotiated */ 3762 3763 if ((error = wpi_send_rxon(sc, 0, 0)) != 0) { 3764 device_printf(sc->sc_dev, "%s: could not send RXON\n", 3765 __func__); 3766 return error; 3767 } 3768 3769 /* Setup rate scalling. */ 3770 if ((error = wpi_mrr_setup(sc)) != 0) { 3771 device_printf(sc->sc_dev, "could not setup MRR, error %d\n", 3772 error); 3773 return error; 3774 } 3775 3776 /* Disable beacon notifications (unused). */ 3777 flags = WPI_STATISTICS_BEACON_DISABLE; 3778 error = wpi_cmd(sc, WPI_CMD_GET_STATISTICS, &flags, sizeof flags, 1); 3779 if (error != 0) { 3780 device_printf(sc->sc_dev, 3781 "could not disable beacon statistics, error %d\n", error); 3782 return error; 3783 } 3784 3785 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 3786 3787 return 0; 3788} 3789 3790static uint16_t 3791wpi_get_active_dwell_time(struct wpi_softc *sc, 3792 struct ieee80211_channel *c, uint8_t n_probes) 3793{ 3794 /* No channel? Default to 2GHz settings. */ 3795 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) { 3796 return (WPI_ACTIVE_DWELL_TIME_2GHZ + 3797 WPI_ACTIVE_DWELL_FACTOR_2GHZ * (n_probes + 1)); 3798 } 3799 3800 /* 5GHz dwell time. */ 3801 return (WPI_ACTIVE_DWELL_TIME_5GHZ + 3802 WPI_ACTIVE_DWELL_FACTOR_5GHZ * (n_probes + 1)); 3803} 3804 3805/* 3806 * Limit the total dwell time to 85% of the beacon interval. 3807 * 3808 * Returns the dwell time in milliseconds. 3809 */ 3810static uint16_t 3811wpi_limit_dwell(struct wpi_softc *sc, uint16_t dwell_time) 3812{ 3813 struct ieee80211com *ic = sc->sc_ifp->if_l2com; 3814 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 3815 int bintval = 0; 3816 3817 /* bintval is in TU (1.024mS) */ 3818 if (vap != NULL) 3819 bintval = vap->iv_bss->ni_intval; 3820 3821 /* 3822 * If it's non-zero, we should calculate the minimum of 3823 * it and the DWELL_BASE. 3824 * 3825 * XXX Yes, the math should take into account that bintval 3826 * is 1.024mS, not 1mS.. 3827 */ 3828 if (bintval > 0) { 3829 DPRINTF(sc, WPI_DEBUG_SCAN, "%s: bintval=%d\n", __func__, 3830 bintval); 3831 return (MIN(WPI_PASSIVE_DWELL_BASE, ((bintval * 85) / 100))); 3832 } 3833 3834 /* No association context? Default. */ 3835 return (WPI_PASSIVE_DWELL_BASE); 3836} 3837 3838static uint16_t 3839wpi_get_passive_dwell_time(struct wpi_softc *sc, struct ieee80211_channel *c) 3840{ 3841 uint16_t passive; 3842 3843 if (c == NULL || IEEE80211_IS_CHAN_2GHZ(c)) 3844 passive = WPI_PASSIVE_DWELL_BASE + WPI_PASSIVE_DWELL_TIME_2GHZ; 3845 else 3846 passive = WPI_PASSIVE_DWELL_BASE + WPI_PASSIVE_DWELL_TIME_5GHZ; 3847 3848 /* Clamp to the beacon interval if we're associated. */ 3849 return (wpi_limit_dwell(sc, passive)); 3850} 3851 3852/* 3853 * Send a scan request to the firmware. 3854 */ 3855static int 3856wpi_scan(struct wpi_softc *sc, struct ieee80211_channel *c) 3857{ 3858 struct ifnet *ifp = sc->sc_ifp; 3859 struct ieee80211com *ic = ifp->if_l2com; 3860 struct ieee80211_scan_state *ss = ic->ic_scan; 3861 struct ieee80211vap *vap = ss->ss_vap; 3862 struct wpi_scan_hdr *hdr; 3863 struct wpi_cmd_data *tx; 3864 struct wpi_scan_essid *essids; 3865 struct wpi_scan_chan *chan; 3866 struct ieee80211_frame *wh; 3867 struct ieee80211_rateset *rs; 3868 uint16_t dwell_active, dwell_passive; 3869 uint8_t *buf, *frm; 3870 int buflen, error, i, nssid; 3871 3872 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 3873 3874 /* 3875 * We are absolutely not allowed to send a scan command when another 3876 * scan command is pending. 3877 */ 3878 if (callout_pending(&sc->scan_timeout)) { 3879 device_printf(sc->sc_dev, "%s: called whilst scanning!\n", 3880 __func__); 3881 3882 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 3883 3884 return (EAGAIN); 3885 } 3886 3887 buf = malloc(WPI_SCAN_MAXSZ, M_DEVBUF, M_NOWAIT | M_ZERO); 3888 if (buf == NULL) { 3889 device_printf(sc->sc_dev, 3890 "%s: could not allocate buffer for scan command\n", 3891 __func__); 3892 error = ENOMEM; 3893 goto fail; 3894 } 3895 hdr = (struct wpi_scan_hdr *)buf; 3896 3897 /* 3898 * Move to the next channel if no packets are received within 10 msecs 3899 * after sending the probe request. 3900 */ 3901 hdr->quiet_time = htole16(10); /* timeout in milliseconds */ 3902 hdr->quiet_threshold = htole16(1); /* min # of packets */ 3903 /* 3904 * Max needs to be greater than active and passive and quiet! 3905 * It's also in microseconds! 3906 */ 3907 hdr->max_svc = htole32(250 * IEEE80211_DUR_TU); 3908 hdr->pause_svc = htole32((4 << 24) | 3909 (100 * IEEE80211_DUR_TU)); /* Hardcode for now */ 3910 hdr->filter = htole32(WPI_FILTER_MULTICAST | WPI_FILTER_BEACON); 3911 3912 tx = (struct wpi_cmd_data *)(hdr + 1); 3913 tx->flags = htole32(WPI_TX_AUTO_SEQ); 3914 tx->id = WPI_ID_BROADCAST; 3915 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 3916 3917 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3918 /* Send probe requests at 6Mbps. */ 3919 tx->plcp = wpi_ridx_to_plcp[WPI_RIDX_OFDM6]; 3920 rs = &ic->ic_sup_rates[IEEE80211_MODE_11A]; 3921 } else { 3922 hdr->flags = htole32(WPI_RXON_24GHZ | WPI_RXON_AUTO); 3923 /* Send probe requests at 1Mbps. */ 3924 tx->plcp = wpi_ridx_to_plcp[WPI_RIDX_CCK1]; 3925 rs = &ic->ic_sup_rates[IEEE80211_MODE_11G]; 3926 } 3927 3928 essids = (struct wpi_scan_essid *)(tx + 1); 3929 nssid = MIN(ss->ss_nssid, WPI_SCAN_MAX_ESSIDS); 3930 for (i = 0; i < nssid; i++) { 3931 essids[i].id = IEEE80211_ELEMID_SSID; 3932 essids[i].len = MIN(ss->ss_ssid[i].len, IEEE80211_NWID_LEN); 3933 memcpy(essids[i].data, ss->ss_ssid[i].ssid, essids[i].len); 3934#ifdef WPI_DEBUG 3935 if (sc->sc_debug & WPI_DEBUG_SCAN) { 3936 printf("Scanning Essid: "); 3937 ieee80211_print_essid(essids[i].data, essids[i].len); 3938 printf("\n"); 3939 } 3940#endif 3941 } 3942 3943 /* 3944 * Build a probe request frame. Most of the following code is a 3945 * copy & paste of what is done in net80211. 3946 */ 3947 wh = (struct ieee80211_frame *)(essids + WPI_SCAN_MAX_ESSIDS); 3948 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 3949 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 3950 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 3951 IEEE80211_ADDR_COPY(wh->i_addr1, ifp->if_broadcastaddr); 3952 IEEE80211_ADDR_COPY(wh->i_addr2, vap->iv_myaddr); 3953 IEEE80211_ADDR_COPY(wh->i_addr3, ifp->if_broadcastaddr); 3954 *(uint16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 3955 *(uint16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 3956 3957 frm = (uint8_t *)(wh + 1); 3958 frm = ieee80211_add_ssid(frm, NULL, 0); 3959 frm = ieee80211_add_rates(frm, rs); 3960 if (rs->rs_nrates > IEEE80211_RATE_SIZE) 3961 frm = ieee80211_add_xrates(frm, rs); 3962 3963 /* Set length of probe request. */ 3964 tx->len = htole16(frm - (uint8_t *)wh); 3965 3966 /* 3967 * Construct information about the channel that we 3968 * want to scan. The firmware expects this to be directly 3969 * after the scan probe request 3970 */ 3971 chan = (struct wpi_scan_chan *)frm; 3972 chan->chan = htole16(ieee80211_chan2ieee(ic, c)); 3973 chan->flags = 0; 3974 if (nssid) { 3975 hdr->crc_threshold = WPI_SCAN_CRC_TH_DEFAULT; 3976 chan->flags |= WPI_CHAN_NPBREQS(nssid); 3977 } else 3978 hdr->crc_threshold = WPI_SCAN_CRC_TH_NEVER; 3979 3980 if (!IEEE80211_IS_CHAN_PASSIVE(c)) 3981 chan->flags |= WPI_CHAN_ACTIVE; 3982 3983 /* 3984 * Calculate the active/passive dwell times. 3985 */ 3986 3987 dwell_active = wpi_get_active_dwell_time(sc, c, nssid); 3988 dwell_passive = wpi_get_passive_dwell_time(sc, c); 3989 3990 /* Make sure they're valid. */ 3991 if (dwell_passive <= dwell_active) 3992 dwell_passive = dwell_active + 1; 3993 3994 chan->active = htole16(dwell_active); 3995 chan->passive = htole16(dwell_passive); 3996 3997 chan->dsp_gain = 0x6e; /* Default level */ 3998 3999 if (IEEE80211_IS_CHAN_5GHZ(c)) 4000 chan->rf_gain = 0x3b; 4001 else 4002 chan->rf_gain = 0x28; 4003 4004 DPRINTF(sc, WPI_DEBUG_SCAN, "Scanning %u Passive: %d\n", 4005 chan->chan, IEEE80211_IS_CHAN_PASSIVE(c)); 4006 4007 hdr->nchan++; 4008 chan++; 4009 4010 buflen = (uint8_t *)chan - buf; 4011 hdr->len = htole16(buflen); 4012 4013 DPRINTF(sc, WPI_DEBUG_CMD, "sending scan command nchan=%d\n", 4014 hdr->nchan); 4015 error = wpi_cmd(sc, WPI_CMD_SCAN, buf, buflen, 1); 4016 free(buf, M_DEVBUF); 4017 4018 if (error != 0) 4019 goto fail; 4020 4021 callout_reset(&sc->scan_timeout, 5*hz, wpi_scan_timeout, sc); 4022 4023 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 4024 4025 return 0; 4026 4027fail: DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 4028 4029 return error; 4030} 4031 4032static int 4033wpi_auth(struct wpi_softc *sc, struct ieee80211vap *vap) 4034{ 4035 struct ieee80211com *ic = vap->iv_ic; 4036 struct ieee80211_node *ni = vap->iv_bss; 4037 int error; 4038 4039 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 4040 4041 /* Update adapter configuration. */ 4042 sc->rxon.associd = 0; 4043 sc->rxon.filter &= ~htole32(WPI_FILTER_BSS); 4044 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4045 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4046 sc->rxon.flags = htole32(WPI_RXON_TSF | WPI_RXON_CTS_TO_SELF); 4047 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4048 sc->rxon.flags |= htole32(WPI_RXON_AUTO | WPI_RXON_24GHZ); 4049 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4050 sc->rxon.flags |= htole32(WPI_RXON_SHSLOT); 4051 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4052 sc->rxon.flags |= htole32(WPI_RXON_SHPREAMBLE); 4053 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 4054 sc->rxon.cck_mask = 0; 4055 sc->rxon.ofdm_mask = 0x15; 4056 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 4057 sc->rxon.cck_mask = 0x03; 4058 sc->rxon.ofdm_mask = 0; 4059 } else { 4060 /* Assume 802.11b/g. */ 4061 sc->rxon.cck_mask = 0x0f; 4062 sc->rxon.ofdm_mask = 0x15; 4063 } 4064 4065 DPRINTF(sc, WPI_DEBUG_STATE, "rxon chan %d flags %x cck %x ofdm %x\n", 4066 sc->rxon.chan, sc->rxon.flags, sc->rxon.cck_mask, 4067 sc->rxon.ofdm_mask); 4068 4069 if ((error = wpi_send_rxon(sc, 0, 1)) != 0) { 4070 device_printf(sc->sc_dev, "%s: could not send RXON\n", 4071 __func__); 4072 } 4073 4074 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 4075 4076 return error; 4077} 4078 4079static int 4080wpi_config_beacon(struct wpi_vap *wvp) 4081{ 4082 struct ieee80211com *ic = wvp->wv_vap.iv_ic; 4083 struct ieee80211_beacon_offsets *bo = &wvp->wv_boff; 4084 struct wpi_buf *bcn = &wvp->wv_bcbuf; 4085 struct wpi_softc *sc = ic->ic_ifp->if_softc; 4086 struct wpi_cmd_beacon *cmd = (struct wpi_cmd_beacon *)&bcn->data; 4087 struct ieee80211_tim_ie *tie; 4088 struct mbuf *m; 4089 uint8_t *ptr; 4090 int error; 4091 4092 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4093 4094 WPI_VAP_LOCK_ASSERT(wvp); 4095 4096 cmd->len = htole16(bcn->m->m_pkthdr.len); 4097 cmd->plcp = (ic->ic_curmode == IEEE80211_MODE_11A) ? 4098 wpi_ridx_to_plcp[WPI_RIDX_OFDM6] : wpi_ridx_to_plcp[WPI_RIDX_CCK1]; 4099 4100 /* XXX seems to be unused */ 4101 if (*(bo->bo_tim) == IEEE80211_ELEMID_TIM) { 4102 tie = (struct ieee80211_tim_ie *) bo->bo_tim; 4103 ptr = mtod(bcn->m, uint8_t *); 4104 4105 cmd->tim = htole16(bo->bo_tim - ptr); 4106 cmd->timsz = tie->tim_len; 4107 } 4108 4109 /* Necessary for recursion in ieee80211_beacon_update(). */ 4110 m = bcn->m; 4111 bcn->m = m_dup(m, M_NOWAIT); 4112 if (bcn->m == NULL) { 4113 device_printf(sc->sc_dev, 4114 "%s: could not copy beacon frame\n", __func__); 4115 error = ENOMEM; 4116 goto end; 4117 } 4118 4119 if ((error = wpi_cmd2(sc, bcn)) != 0) { 4120 device_printf(sc->sc_dev, 4121 "%s: could not update beacon frame, error %d", __func__, 4122 error); 4123 } 4124 4125 /* Restore mbuf. */ 4126end: bcn->m = m; 4127 4128 return error; 4129} 4130 4131static int 4132wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 4133{ 4134 struct wpi_vap *wvp = WPI_VAP(ni->ni_vap); 4135 struct wpi_buf *bcn = &wvp->wv_bcbuf; 4136 struct ieee80211_beacon_offsets *bo = &wvp->wv_boff; 4137 struct mbuf *m; 4138 int error; 4139 4140 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4141 4142 if (ni->ni_chan == IEEE80211_CHAN_ANYC) 4143 return EINVAL; 4144 4145 m = ieee80211_beacon_alloc(ni, bo); 4146 if (m == NULL) { 4147 device_printf(sc->sc_dev, 4148 "%s: could not allocate beacon frame\n", __func__); 4149 return ENOMEM; 4150 } 4151 4152 WPI_VAP_LOCK(wvp); 4153 if (bcn->m != NULL) 4154 m_freem(bcn->m); 4155 4156 bcn->m = m; 4157 4158 error = wpi_config_beacon(wvp); 4159 WPI_VAP_UNLOCK(wvp); 4160 4161 return error; 4162} 4163 4164static void 4165wpi_update_beacon(struct ieee80211vap *vap, int item) 4166{ 4167 struct wpi_softc *sc = vap->iv_ic->ic_ifp->if_softc; 4168 struct wpi_vap *wvp = WPI_VAP(vap); 4169 struct wpi_buf *bcn = &wvp->wv_bcbuf; 4170 struct ieee80211_beacon_offsets *bo = &wvp->wv_boff; 4171 struct ieee80211_node *ni = vap->iv_bss; 4172 int mcast = 0; 4173 4174 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 4175 4176 WPI_VAP_LOCK(wvp); 4177 if (bcn->m == NULL) { 4178 bcn->m = ieee80211_beacon_alloc(ni, bo); 4179 if (bcn->m == NULL) { 4180 device_printf(sc->sc_dev, 4181 "%s: could not allocate beacon frame\n", __func__); 4182 4183 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, 4184 __func__); 4185 4186 WPI_VAP_UNLOCK(wvp); 4187 return; 4188 } 4189 } 4190 WPI_VAP_UNLOCK(wvp); 4191 4192 if (item == IEEE80211_BEACON_TIM) 4193 mcast = 1; /* TODO */ 4194 4195 setbit(bo->bo_flags, item); 4196 ieee80211_beacon_update(ni, bo, bcn->m, mcast); 4197 4198 WPI_VAP_LOCK(wvp); 4199 wpi_config_beacon(wvp); 4200 WPI_VAP_UNLOCK(wvp); 4201 4202 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 4203} 4204 4205static void 4206wpi_newassoc(struct ieee80211_node *ni, int isnew) 4207{ 4208 struct ieee80211vap *vap = ni->ni_vap; 4209 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4210 struct wpi_node *wn = WPI_NODE(ni); 4211 int error; 4212 4213 WPI_NT_LOCK(sc); 4214 4215 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4216 4217 if (vap->iv_opmode != IEEE80211_M_STA && wn->id == WPI_ID_UNDEFINED) { 4218 if ((error = wpi_add_ibss_node(sc, ni)) != 0) { 4219 device_printf(sc->sc_dev, 4220 "%s: could not add IBSS node, error %d\n", 4221 __func__, error); 4222 } 4223 } 4224 WPI_NT_UNLOCK(sc); 4225} 4226 4227static int 4228wpi_run(struct wpi_softc *sc, struct ieee80211vap *vap) 4229{ 4230 struct ieee80211com *ic = vap->iv_ic; 4231 struct ieee80211_node *ni = vap->iv_bss; 4232 int error; 4233 4234 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 4235 4236 if (vap->iv_opmode == IEEE80211_M_MONITOR) { 4237 /* Link LED blinks while monitoring. */ 4238 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 4239 return 0; 4240 } 4241 4242 /* XXX kernel panic workaround */ 4243 if (ni->ni_chan == IEEE80211_CHAN_ANYC) { 4244 device_printf(sc->sc_dev, "%s: incomplete configuration\n", 4245 __func__); 4246 return EINVAL; 4247 } 4248 4249 if ((error = wpi_set_timing(sc, ni)) != 0) { 4250 device_printf(sc->sc_dev, 4251 "%s: could not set timing, error %d\n", __func__, error); 4252 return error; 4253 } 4254 4255 /* Update adapter configuration. */ 4256 IEEE80211_ADDR_COPY(sc->rxon.bssid, ni->ni_bssid); 4257 sc->rxon.associd = htole16(IEEE80211_NODE_AID(ni)); 4258 sc->rxon.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 4259 sc->rxon.flags = htole32(WPI_RXON_TSF | WPI_RXON_CTS_TO_SELF); 4260 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) 4261 sc->rxon.flags |= htole32(WPI_RXON_AUTO | WPI_RXON_24GHZ); 4262 /* Short preamble and slot time are negotiated when associating. */ 4263 sc->rxon.flags &= ~htole32(WPI_RXON_SHPREAMBLE | WPI_RXON_SHSLOT); 4264 if (ic->ic_flags & IEEE80211_F_SHSLOT) 4265 sc->rxon.flags |= htole32(WPI_RXON_SHSLOT); 4266 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 4267 sc->rxon.flags |= htole32(WPI_RXON_SHPREAMBLE); 4268 if (IEEE80211_IS_CHAN_A(ni->ni_chan)) { 4269 sc->rxon.cck_mask = 0; 4270 sc->rxon.ofdm_mask = 0x15; 4271 } else if (IEEE80211_IS_CHAN_B(ni->ni_chan)) { 4272 sc->rxon.cck_mask = 0x03; 4273 sc->rxon.ofdm_mask = 0; 4274 } else { 4275 /* Assume 802.11b/g. */ 4276 sc->rxon.cck_mask = 0x0f; 4277 sc->rxon.ofdm_mask = 0x15; 4278 } 4279 sc->rxon.filter |= htole32(WPI_FILTER_BSS); 4280 4281 DPRINTF(sc, WPI_DEBUG_STATE, "rxon chan %d flags %x\n", 4282 sc->rxon.chan, sc->rxon.flags); 4283 4284 if ((error = wpi_send_rxon(sc, 0, 1)) != 0) { 4285 device_printf(sc->sc_dev, "%s: could not send RXON\n", 4286 __func__); 4287 return error; 4288 } 4289 4290 if (vap->iv_opmode == IEEE80211_M_IBSS || 4291 vap->iv_opmode == IEEE80211_M_HOSTAP) { 4292 if ((error = wpi_setup_beacon(sc, ni)) != 0) { 4293 device_printf(sc->sc_dev, 4294 "%s: could not setup beacon, error %d\n", __func__, 4295 error); 4296 return error; 4297 } 4298 } 4299 4300 if (vap->iv_opmode == IEEE80211_M_STA) { 4301 /* Add BSS node. */ 4302 WPI_NT_LOCK(sc); 4303 error = wpi_add_sta_node(sc, ni); 4304 WPI_NT_UNLOCK(sc); 4305 if (error != 0) { 4306 device_printf(sc->sc_dev, 4307 "%s: could not add BSS node, error %d\n", __func__, 4308 error); 4309 return error; 4310 } 4311 } 4312 4313 /* Link LED always on while associated. */ 4314 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 4315 4316 /* Start periodic calibration timer. */ 4317 callout_reset(&sc->calib_to, 60*hz, wpi_calib_timeout, sc); 4318 4319 /* Enable power-saving mode if requested by user. */ 4320 if ((vap->iv_flags & IEEE80211_F_PMGTON) && 4321 vap->iv_opmode != IEEE80211_M_IBSS) 4322 (void)wpi_set_pslevel(sc, 0, 3, 1); 4323 else 4324 (void)wpi_set_pslevel(sc, 0, 0, 1); 4325 4326 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 4327 4328 return 0; 4329} 4330 4331static int 4332wpi_load_key(struct ieee80211_node *ni, const struct ieee80211_key *k) 4333{ 4334 const struct ieee80211_cipher *cip = k->wk_cipher; 4335 struct ieee80211vap *vap = ni->ni_vap; 4336 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4337 struct wpi_node *wn = WPI_NODE(ni); 4338 struct wpi_node_info node; 4339 uint16_t kflags; 4340 int error; 4341 4342 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4343 4344 if (wpi_check_node_entry(sc, wn->id) == 0) { 4345 device_printf(sc->sc_dev, "%s: node does not exist\n", 4346 __func__); 4347 return 0; 4348 } 4349 4350 switch (cip->ic_cipher) { 4351 case IEEE80211_CIPHER_AES_CCM: 4352 kflags = WPI_KFLAG_CCMP; 4353 break; 4354 4355 default: 4356 device_printf(sc->sc_dev, "%s: unknown cipher %d\n", __func__, 4357 cip->ic_cipher); 4358 return 0; 4359 } 4360 4361 kflags |= WPI_KFLAG_KID(k->wk_keyix); 4362 if (k->wk_flags & IEEE80211_KEY_GROUP) 4363 kflags |= WPI_KFLAG_MULTICAST; 4364 4365 memset(&node, 0, sizeof node); 4366 node.id = wn->id; 4367 node.control = WPI_NODE_UPDATE; 4368 node.flags = WPI_FLAG_KEY_SET; 4369 node.kflags = htole16(kflags); 4370 memcpy(node.key, k->wk_key, k->wk_keylen); 4371again: 4372 DPRINTF(sc, WPI_DEBUG_KEY, 4373 "%s: setting %s key id %d for node %d (%s)\n", __func__, 4374 (kflags & WPI_KFLAG_MULTICAST) ? "group" : "ucast", k->wk_keyix, 4375 node.id, ether_sprintf(ni->ni_macaddr)); 4376 4377 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 4378 if (error != 0) { 4379 device_printf(sc->sc_dev, "can't update node info, error %d\n", 4380 error); 4381 return !error; 4382 } 4383 4384 if (!(kflags & WPI_KFLAG_MULTICAST) && &vap->iv_nw_keys[0] <= k && 4385 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) { 4386 kflags |= WPI_KFLAG_MULTICAST; 4387 node.kflags = htole16(kflags); 4388 4389 goto again; 4390 } 4391 4392 return 1; 4393} 4394 4395static void 4396wpi_load_key_cb(void *arg, struct ieee80211_node *ni) 4397{ 4398 const struct ieee80211_key *k = arg; 4399 struct ieee80211vap *vap = ni->ni_vap; 4400 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4401 struct wpi_node *wn = WPI_NODE(ni); 4402 int error; 4403 4404 if (vap->iv_bss == ni && wn->id == WPI_ID_UNDEFINED) 4405 return; 4406 4407 WPI_NT_LOCK(sc); 4408 error = wpi_load_key(ni, k); 4409 WPI_NT_UNLOCK(sc); 4410 4411 if (error == 0) { 4412 device_printf(sc->sc_dev, "%s: error while setting key\n", 4413 __func__); 4414 } 4415} 4416 4417static int 4418wpi_set_global_keys(struct ieee80211_node *ni) 4419{ 4420 struct ieee80211vap *vap = ni->ni_vap; 4421 struct ieee80211_key *wk = &vap->iv_nw_keys[0]; 4422 int error = 1; 4423 4424 for (; wk < &vap->iv_nw_keys[IEEE80211_WEP_NKID] && error; wk++) 4425 if (wk->wk_keyix != IEEE80211_KEYIX_NONE) 4426 error = wpi_load_key(ni, wk); 4427 4428 return !error; 4429} 4430 4431static int 4432wpi_del_key(struct ieee80211_node *ni, const struct ieee80211_key *k) 4433{ 4434 struct ieee80211vap *vap = ni->ni_vap; 4435 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4436 struct wpi_node *wn = WPI_NODE(ni); 4437 struct wpi_node_info node; 4438 uint16_t kflags; 4439 int error; 4440 4441 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4442 4443 if (wpi_check_node_entry(sc, wn->id) == 0) { 4444 DPRINTF(sc, WPI_DEBUG_KEY, "%s: node was removed\n", __func__); 4445 return 1; /* Nothing to do. */ 4446 } 4447 4448 kflags = WPI_KFLAG_KID(k->wk_keyix); 4449 if (k->wk_flags & IEEE80211_KEY_GROUP) 4450 kflags |= WPI_KFLAG_MULTICAST; 4451 4452 memset(&node, 0, sizeof node); 4453 node.id = wn->id; 4454 node.control = WPI_NODE_UPDATE; 4455 node.flags = WPI_FLAG_KEY_SET; 4456 node.kflags = htole16(kflags); 4457again: 4458 DPRINTF(sc, WPI_DEBUG_KEY, "%s: deleting %s key %d for node %d (%s)\n", 4459 __func__, (kflags & WPI_KFLAG_MULTICAST) ? "group" : "ucast", 4460 k->wk_keyix, node.id, ether_sprintf(ni->ni_macaddr)); 4461 4462 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 4463 if (error != 0) { 4464 device_printf(sc->sc_dev, "can't update node info, error %d\n", 4465 error); 4466 return !error; 4467 } 4468 4469 if (!(kflags & WPI_KFLAG_MULTICAST) && &vap->iv_nw_keys[0] <= k && 4470 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) { 4471 kflags |= WPI_KFLAG_MULTICAST; 4472 node.kflags = htole16(kflags); 4473 4474 goto again; 4475 } 4476 4477 return 1; 4478} 4479 4480static void 4481wpi_del_key_cb(void *arg, struct ieee80211_node *ni) 4482{ 4483 const struct ieee80211_key *k = arg; 4484 struct ieee80211vap *vap = ni->ni_vap; 4485 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 4486 struct wpi_node *wn = WPI_NODE(ni); 4487 int error; 4488 4489 if (vap->iv_bss == ni && wn->id == WPI_ID_UNDEFINED) 4490 return; 4491 4492 WPI_NT_LOCK(sc); 4493 error = wpi_del_key(ni, k); 4494 WPI_NT_UNLOCK(sc); 4495 4496 if (error == 0) { 4497 device_printf(sc->sc_dev, "%s: error while deleting key\n", 4498 __func__); 4499 } 4500} 4501 4502static int 4503wpi_process_key(struct ieee80211vap *vap, const struct ieee80211_key *k, 4504 int set) 4505{ 4506 struct ieee80211com *ic = vap->iv_ic; 4507 struct wpi_softc *sc = ic->ic_ifp->if_softc; 4508 struct wpi_vap *wvp = WPI_VAP(vap); 4509 struct ieee80211_node *ni; 4510 int error, ni_ref = 0; 4511 4512 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4513 4514 if (k->wk_flags & IEEE80211_KEY_SWCRYPT) { 4515 /* Not for us. */ 4516 return 1; 4517 } 4518 4519 if (!(k->wk_flags & IEEE80211_KEY_RECV)) { 4520 /* XMIT keys are handled in wpi_tx_data(). */ 4521 return 1; 4522 } 4523 4524 /* Handle group keys. */ 4525 if (&vap->iv_nw_keys[0] <= k && 4526 k < &vap->iv_nw_keys[IEEE80211_WEP_NKID]) { 4527 WPI_NT_LOCK(sc); 4528 if (set) 4529 wvp->wv_gtk |= WPI_VAP_KEY(k->wk_keyix); 4530 else 4531 wvp->wv_gtk &= ~WPI_VAP_KEY(k->wk_keyix); 4532 WPI_NT_UNLOCK(sc); 4533 4534 if (vap->iv_state == IEEE80211_S_RUN) { 4535 ieee80211_iterate_nodes(&ic->ic_sta, 4536 set ? wpi_load_key_cb : wpi_del_key_cb, (void *)k); 4537 } 4538 4539 return 1; 4540 } 4541 4542 switch (vap->iv_opmode) { 4543 case IEEE80211_M_STA: 4544 ni = vap->iv_bss; 4545 break; 4546 4547 case IEEE80211_M_IBSS: 4548 case IEEE80211_M_AHDEMO: 4549 case IEEE80211_M_HOSTAP: 4550 ni = ieee80211_find_vap_node(&ic->ic_sta, vap, k->wk_macaddr); 4551 if (ni == NULL) 4552 return 0; /* should not happen */ 4553 4554 ni_ref = 1; 4555 break; 4556 4557 default: 4558 device_printf(sc->sc_dev, "%s: unknown opmode %d\n", __func__, 4559 vap->iv_opmode); 4560 return 0; 4561 } 4562 4563 WPI_NT_LOCK(sc); 4564 if (set) 4565 error = wpi_load_key(ni, k); 4566 else 4567 error = wpi_del_key(ni, k); 4568 WPI_NT_UNLOCK(sc); 4569 4570 if (ni_ref) 4571 ieee80211_node_decref(ni); 4572 4573 return error; 4574} 4575 4576static int 4577wpi_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, 4578 const uint8_t mac[IEEE80211_ADDR_LEN]) 4579{ 4580 return wpi_process_key(vap, k, 1); 4581} 4582 4583static int 4584wpi_key_delete(struct ieee80211vap *vap, const struct ieee80211_key *k) 4585{ 4586 return wpi_process_key(vap, k, 0); 4587} 4588 4589/* 4590 * This function is called after the runtime firmware notifies us of its 4591 * readiness (called in a process context). 4592 */ 4593static int 4594wpi_post_alive(struct wpi_softc *sc) 4595{ 4596 int ntries, error; 4597 4598 /* Check (again) that the radio is not disabled. */ 4599 if ((error = wpi_nic_lock(sc)) != 0) 4600 return error; 4601 4602 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4603 4604 /* NB: Runtime firmware must be up and running. */ 4605 if (!(wpi_prph_read(sc, WPI_APMG_RFKILL) & 1)) { 4606 device_printf(sc->sc_dev, 4607 "RF switch: radio disabled (%s)\n", __func__); 4608 wpi_nic_unlock(sc); 4609 return EPERM; /* :-) */ 4610 } 4611 wpi_nic_unlock(sc); 4612 4613 /* Wait for thermal sensor to calibrate. */ 4614 for (ntries = 0; ntries < 1000; ntries++) { 4615 if ((sc->temp = (int)WPI_READ(sc, WPI_UCODE_GP2)) != 0) 4616 break; 4617 DELAY(10); 4618 } 4619 4620 if (ntries == 1000) { 4621 device_printf(sc->sc_dev, 4622 "timeout waiting for thermal sensor calibration\n"); 4623 return ETIMEDOUT; 4624 } 4625 4626 DPRINTF(sc, WPI_DEBUG_TEMP, "temperature %d\n", sc->temp); 4627 return 0; 4628} 4629 4630/* 4631 * The firmware boot code is small and is intended to be copied directly into 4632 * the NIC internal memory (no DMA transfer). 4633 */ 4634static int 4635wpi_load_bootcode(struct wpi_softc *sc, const uint8_t *ucode, int size) 4636{ 4637 int error, ntries; 4638 4639 DPRINTF(sc, WPI_DEBUG_HW, "Loading microcode size 0x%x\n", size); 4640 4641 size /= sizeof (uint32_t); 4642 4643 if ((error = wpi_nic_lock(sc)) != 0) 4644 return error; 4645 4646 /* Copy microcode image into NIC memory. */ 4647 wpi_prph_write_region_4(sc, WPI_BSM_SRAM_BASE, 4648 (const uint32_t *)ucode, size); 4649 4650 wpi_prph_write(sc, WPI_BSM_WR_MEM_SRC, 0); 4651 wpi_prph_write(sc, WPI_BSM_WR_MEM_DST, WPI_FW_TEXT_BASE); 4652 wpi_prph_write(sc, WPI_BSM_WR_DWCOUNT, size); 4653 4654 /* Start boot load now. */ 4655 wpi_prph_write(sc, WPI_BSM_WR_CTRL, WPI_BSM_WR_CTRL_START); 4656 4657 /* Wait for transfer to complete. */ 4658 for (ntries = 0; ntries < 1000; ntries++) { 4659 uint32_t status = WPI_READ(sc, WPI_FH_TX_STATUS); 4660 DPRINTF(sc, WPI_DEBUG_HW, 4661 "firmware status=0x%x, val=0x%x, result=0x%x\n", status, 4662 WPI_FH_TX_STATUS_IDLE(6), 4663 status & WPI_FH_TX_STATUS_IDLE(6)); 4664 if (status & WPI_FH_TX_STATUS_IDLE(6)) { 4665 DPRINTF(sc, WPI_DEBUG_HW, 4666 "Status Match! - ntries = %d\n", ntries); 4667 break; 4668 } 4669 DELAY(10); 4670 } 4671 if (ntries == 1000) { 4672 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 4673 __func__); 4674 wpi_nic_unlock(sc); 4675 return ETIMEDOUT; 4676 } 4677 4678 /* Enable boot after power up. */ 4679 wpi_prph_write(sc, WPI_BSM_WR_CTRL, WPI_BSM_WR_CTRL_START_EN); 4680 4681 wpi_nic_unlock(sc); 4682 return 0; 4683} 4684 4685static int 4686wpi_load_firmware(struct wpi_softc *sc) 4687{ 4688 struct wpi_fw_info *fw = &sc->fw; 4689 struct wpi_dma_info *dma = &sc->fw_dma; 4690 int error; 4691 4692 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4693 4694 /* Copy initialization sections into pre-allocated DMA-safe memory. */ 4695 memcpy(dma->vaddr, fw->init.data, fw->init.datasz); 4696 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 4697 memcpy(dma->vaddr + WPI_FW_DATA_MAXSZ, fw->init.text, fw->init.textsz); 4698 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 4699 4700 /* Tell adapter where to find initialization sections. */ 4701 if ((error = wpi_nic_lock(sc)) != 0) 4702 return error; 4703 wpi_prph_write(sc, WPI_BSM_DRAM_DATA_ADDR, dma->paddr); 4704 wpi_prph_write(sc, WPI_BSM_DRAM_DATA_SIZE, fw->init.datasz); 4705 wpi_prph_write(sc, WPI_BSM_DRAM_TEXT_ADDR, 4706 dma->paddr + WPI_FW_DATA_MAXSZ); 4707 wpi_prph_write(sc, WPI_BSM_DRAM_TEXT_SIZE, fw->init.textsz); 4708 wpi_nic_unlock(sc); 4709 4710 /* Load firmware boot code. */ 4711 error = wpi_load_bootcode(sc, fw->boot.text, fw->boot.textsz); 4712 if (error != 0) { 4713 device_printf(sc->sc_dev, "%s: could not load boot firmware\n", 4714 __func__); 4715 return error; 4716 } 4717 4718 /* Now press "execute". */ 4719 WPI_WRITE(sc, WPI_RESET, 0); 4720 4721 /* Wait at most one second for first alive notification. */ 4722 if ((error = mtx_sleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) { 4723 device_printf(sc->sc_dev, 4724 "%s: timeout waiting for adapter to initialize, error %d\n", 4725 __func__, error); 4726 return error; 4727 } 4728 4729 /* Copy runtime sections into pre-allocated DMA-safe memory. */ 4730 memcpy(dma->vaddr, fw->main.data, fw->main.datasz); 4731 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 4732 memcpy(dma->vaddr + WPI_FW_DATA_MAXSZ, fw->main.text, fw->main.textsz); 4733 bus_dmamap_sync(dma->tag, dma->map, BUS_DMASYNC_PREWRITE); 4734 4735 /* Tell adapter where to find runtime sections. */ 4736 if ((error = wpi_nic_lock(sc)) != 0) 4737 return error; 4738 wpi_prph_write(sc, WPI_BSM_DRAM_DATA_ADDR, dma->paddr); 4739 wpi_prph_write(sc, WPI_BSM_DRAM_DATA_SIZE, fw->main.datasz); 4740 wpi_prph_write(sc, WPI_BSM_DRAM_TEXT_ADDR, 4741 dma->paddr + WPI_FW_DATA_MAXSZ); 4742 wpi_prph_write(sc, WPI_BSM_DRAM_TEXT_SIZE, 4743 WPI_FW_UPDATED | fw->main.textsz); 4744 wpi_nic_unlock(sc); 4745 4746 return 0; 4747} 4748 4749static int 4750wpi_read_firmware(struct wpi_softc *sc) 4751{ 4752 const struct firmware *fp; 4753 struct wpi_fw_info *fw = &sc->fw; 4754 const struct wpi_firmware_hdr *hdr; 4755 int error; 4756 4757 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4758 4759 DPRINTF(sc, WPI_DEBUG_FIRMWARE, 4760 "Attempting Loading Firmware from %s module\n", WPI_FW_NAME); 4761 4762 WPI_UNLOCK(sc); 4763 fp = firmware_get(WPI_FW_NAME); 4764 WPI_LOCK(sc); 4765 4766 if (fp == NULL) { 4767 device_printf(sc->sc_dev, 4768 "could not load firmware image '%s'\n", WPI_FW_NAME); 4769 return EINVAL; 4770 } 4771 4772 sc->fw_fp = fp; 4773 4774 if (fp->datasize < sizeof (struct wpi_firmware_hdr)) { 4775 device_printf(sc->sc_dev, 4776 "firmware file too short: %zu bytes\n", fp->datasize); 4777 error = EINVAL; 4778 goto fail; 4779 } 4780 4781 fw->size = fp->datasize; 4782 fw->data = (const uint8_t *)fp->data; 4783 4784 /* Extract firmware header information. */ 4785 hdr = (const struct wpi_firmware_hdr *)fw->data; 4786 4787 /* | RUNTIME FIRMWARE | INIT FIRMWARE | BOOT FW | 4788 |HDR|<--TEXT-->|<--DATA-->|<--TEXT-->|<--DATA-->|<--TEXT-->| */ 4789 4790 fw->main.textsz = le32toh(hdr->rtextsz); 4791 fw->main.datasz = le32toh(hdr->rdatasz); 4792 fw->init.textsz = le32toh(hdr->itextsz); 4793 fw->init.datasz = le32toh(hdr->idatasz); 4794 fw->boot.textsz = le32toh(hdr->btextsz); 4795 fw->boot.datasz = 0; 4796 4797 /* Sanity-check firmware header. */ 4798 if (fw->main.textsz > WPI_FW_TEXT_MAXSZ || 4799 fw->main.datasz > WPI_FW_DATA_MAXSZ || 4800 fw->init.textsz > WPI_FW_TEXT_MAXSZ || 4801 fw->init.datasz > WPI_FW_DATA_MAXSZ || 4802 fw->boot.textsz > WPI_FW_BOOT_TEXT_MAXSZ || 4803 (fw->boot.textsz & 3) != 0) { 4804 device_printf(sc->sc_dev, "invalid firmware header\n"); 4805 error = EINVAL; 4806 goto fail; 4807 } 4808 4809 /* Check that all firmware sections fit. */ 4810 if (fw->size < sizeof (*hdr) + fw->main.textsz + fw->main.datasz + 4811 fw->init.textsz + fw->init.datasz + fw->boot.textsz) { 4812 device_printf(sc->sc_dev, 4813 "firmware file too short: %zu bytes\n", fw->size); 4814 error = EINVAL; 4815 goto fail; 4816 } 4817 4818 /* Get pointers to firmware sections. */ 4819 fw->main.text = (const uint8_t *)(hdr + 1); 4820 fw->main.data = fw->main.text + fw->main.textsz; 4821 fw->init.text = fw->main.data + fw->main.datasz; 4822 fw->init.data = fw->init.text + fw->init.textsz; 4823 fw->boot.text = fw->init.data + fw->init.datasz; 4824 4825 DPRINTF(sc, WPI_DEBUG_FIRMWARE, 4826 "Firmware Version: Major %d, Minor %d, Driver %d, \n" 4827 "runtime (text: %u, data: %u) init (text: %u, data %u) " 4828 "boot (text %u)\n", hdr->major, hdr->minor, le32toh(hdr->driver), 4829 fw->main.textsz, fw->main.datasz, 4830 fw->init.textsz, fw->init.datasz, fw->boot.textsz); 4831 4832 DPRINTF(sc, WPI_DEBUG_FIRMWARE, "fw->main.text %p\n", fw->main.text); 4833 DPRINTF(sc, WPI_DEBUG_FIRMWARE, "fw->main.data %p\n", fw->main.data); 4834 DPRINTF(sc, WPI_DEBUG_FIRMWARE, "fw->init.text %p\n", fw->init.text); 4835 DPRINTF(sc, WPI_DEBUG_FIRMWARE, "fw->init.data %p\n", fw->init.data); 4836 DPRINTF(sc, WPI_DEBUG_FIRMWARE, "fw->boot.text %p\n", fw->boot.text); 4837 4838 return 0; 4839 4840fail: wpi_unload_firmware(sc); 4841 return error; 4842} 4843 4844/** 4845 * Free the referenced firmware image 4846 */ 4847static void 4848wpi_unload_firmware(struct wpi_softc *sc) 4849{ 4850 if (sc->fw_fp != NULL) { 4851 firmware_put(sc->fw_fp, FIRMWARE_UNLOAD); 4852 sc->fw_fp = NULL; 4853 } 4854} 4855 4856static int 4857wpi_clock_wait(struct wpi_softc *sc) 4858{ 4859 int ntries; 4860 4861 /* Set "initialization complete" bit. */ 4862 WPI_SETBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_INIT_DONE); 4863 4864 /* Wait for clock stabilization. */ 4865 for (ntries = 0; ntries < 2500; ntries++) { 4866 if (WPI_READ(sc, WPI_GP_CNTRL) & WPI_GP_CNTRL_MAC_CLOCK_READY) 4867 return 0; 4868 DELAY(100); 4869 } 4870 device_printf(sc->sc_dev, 4871 "%s: timeout waiting for clock stabilization\n", __func__); 4872 4873 return ETIMEDOUT; 4874} 4875 4876static int 4877wpi_apm_init(struct wpi_softc *sc) 4878{ 4879 uint32_t reg; 4880 int error; 4881 4882 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4883 4884 /* Disable L0s exit timer (NMI bug workaround). */ 4885 WPI_SETBITS(sc, WPI_GIO_CHICKEN, WPI_GIO_CHICKEN_DIS_L0S_TIMER); 4886 /* Don't wait for ICH L0s (ICH bug workaround). */ 4887 WPI_SETBITS(sc, WPI_GIO_CHICKEN, WPI_GIO_CHICKEN_L1A_NO_L0S_RX); 4888 4889 /* Set FH wait threshold to max (HW bug under stress workaround). */ 4890 WPI_SETBITS(sc, WPI_DBG_HPET_MEM, 0xffff0000); 4891 4892 /* Cleanup. */ 4893 wpi_prph_write(sc, WPI_APMG_CLK_DIS, 0x00000400); 4894 wpi_prph_clrbits(sc, WPI_APMG_PS, 0x00000E00); 4895 4896 /* Retrieve PCIe Active State Power Management (ASPM). */ 4897 reg = pci_read_config(sc->sc_dev, sc->sc_cap_off + 0x10, 1); 4898 /* Workaround for HW instability in PCIe L0->L0s->L1 transition. */ 4899 if (reg & 0x02) /* L1 Entry enabled. */ 4900 WPI_SETBITS(sc, WPI_GIO, WPI_GIO_L0S_ENA); 4901 else 4902 WPI_CLRBITS(sc, WPI_GIO, WPI_GIO_L0S_ENA); 4903 4904 WPI_SETBITS(sc, WPI_ANA_PLL, WPI_ANA_PLL_INIT); 4905 4906 /* Wait for clock stabilization before accessing prph. */ 4907 if ((error = wpi_clock_wait(sc)) != 0) 4908 return error; 4909 4910 if ((error = wpi_nic_lock(sc)) != 0) 4911 return error; 4912 /* Enable DMA and BSM (Bootstrap State Machine). */ 4913 wpi_prph_write(sc, WPI_APMG_CLK_EN, 4914 WPI_APMG_CLK_CTRL_DMA_CLK_RQT | WPI_APMG_CLK_CTRL_BSM_CLK_RQT); 4915 DELAY(20); 4916 /* Disable L1-Active. */ 4917 wpi_prph_setbits(sc, WPI_APMG_PCI_STT, WPI_APMG_PCI_STT_L1A_DIS); 4918 wpi_nic_unlock(sc); 4919 4920 return 0; 4921} 4922 4923static void 4924wpi_apm_stop_master(struct wpi_softc *sc) 4925{ 4926 int ntries; 4927 4928 /* Stop busmaster DMA activity. */ 4929 WPI_SETBITS(sc, WPI_RESET, WPI_RESET_STOP_MASTER); 4930 4931 if ((WPI_READ(sc, WPI_GP_CNTRL) & WPI_GP_CNTRL_PS_MASK) == 4932 WPI_GP_CNTRL_MAC_PS) 4933 return; /* Already asleep. */ 4934 4935 for (ntries = 0; ntries < 100; ntries++) { 4936 if (WPI_READ(sc, WPI_RESET) & WPI_RESET_MASTER_DISABLED) 4937 return; 4938 DELAY(10); 4939 } 4940 device_printf(sc->sc_dev, "%s: timeout waiting for master\n", 4941 __func__); 4942} 4943 4944static void 4945wpi_apm_stop(struct wpi_softc *sc) 4946{ 4947 wpi_apm_stop_master(sc); 4948 4949 /* Reset the entire device. */ 4950 WPI_SETBITS(sc, WPI_RESET, WPI_RESET_SW); 4951 DELAY(10); 4952 /* Clear "initialization complete" bit. */ 4953 WPI_CLRBITS(sc, WPI_GP_CNTRL, WPI_GP_CNTRL_INIT_DONE); 4954} 4955 4956static void 4957wpi_nic_config(struct wpi_softc *sc) 4958{ 4959 uint32_t rev; 4960 4961 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 4962 4963 /* voodoo from the Linux "driver".. */ 4964 rev = pci_read_config(sc->sc_dev, PCIR_REVID, 1); 4965 if ((rev & 0xc0) == 0x40) 4966 WPI_SETBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_ALM_MB); 4967 else if (!(rev & 0x80)) 4968 WPI_SETBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_ALM_MM); 4969 4970 if (sc->cap == 0x80) 4971 WPI_SETBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_SKU_MRC); 4972 4973 if ((sc->rev & 0xf0) == 0xd0) 4974 WPI_SETBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_REV_D); 4975 else 4976 WPI_CLRBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_REV_D); 4977 4978 if (sc->type > 1) 4979 WPI_SETBITS(sc, WPI_HW_IF_CONFIG, WPI_HW_IF_CONFIG_TYPE_B); 4980} 4981 4982static int 4983wpi_hw_init(struct wpi_softc *sc) 4984{ 4985 int chnl, ntries, error; 4986 4987 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 4988 4989 /* Clear pending interrupts. */ 4990 WPI_WRITE(sc, WPI_INT, 0xffffffff); 4991 4992 if ((error = wpi_apm_init(sc)) != 0) { 4993 device_printf(sc->sc_dev, 4994 "%s: could not power ON adapter, error %d\n", __func__, 4995 error); 4996 return error; 4997 } 4998 4999 /* Select VMAIN power source. */ 5000 if ((error = wpi_nic_lock(sc)) != 0) 5001 return error; 5002 wpi_prph_clrbits(sc, WPI_APMG_PS, WPI_APMG_PS_PWR_SRC_MASK); 5003 wpi_nic_unlock(sc); 5004 /* Spin until VMAIN gets selected. */ 5005 for (ntries = 0; ntries < 5000; ntries++) { 5006 if (WPI_READ(sc, WPI_GPIO_IN) & WPI_GPIO_IN_VMAIN) 5007 break; 5008 DELAY(10); 5009 } 5010 if (ntries == 5000) { 5011 device_printf(sc->sc_dev, "timeout selecting power source\n"); 5012 return ETIMEDOUT; 5013 } 5014 5015 /* Perform adapter initialization. */ 5016 wpi_nic_config(sc); 5017 5018 /* Initialize RX ring. */ 5019 if ((error = wpi_nic_lock(sc)) != 0) 5020 return error; 5021 /* Set physical address of RX ring. */ 5022 WPI_WRITE(sc, WPI_FH_RX_BASE, sc->rxq.desc_dma.paddr); 5023 /* Set physical address of RX read pointer. */ 5024 WPI_WRITE(sc, WPI_FH_RX_RPTR_ADDR, sc->shared_dma.paddr + 5025 offsetof(struct wpi_shared, next)); 5026 WPI_WRITE(sc, WPI_FH_RX_WPTR, 0); 5027 /* Enable RX. */ 5028 WPI_WRITE(sc, WPI_FH_RX_CONFIG, 5029 WPI_FH_RX_CONFIG_DMA_ENA | 5030 WPI_FH_RX_CONFIG_RDRBD_ENA | 5031 WPI_FH_RX_CONFIG_WRSTATUS_ENA | 5032 WPI_FH_RX_CONFIG_MAXFRAG | 5033 WPI_FH_RX_CONFIG_NRBD(WPI_RX_RING_COUNT_LOG) | 5034 WPI_FH_RX_CONFIG_IRQ_DST_HOST | 5035 WPI_FH_RX_CONFIG_IRQ_TIMEOUT(1)); 5036 (void)WPI_READ(sc, WPI_FH_RSSR_TBL); /* barrier */ 5037 wpi_nic_unlock(sc); 5038 WPI_WRITE(sc, WPI_FH_RX_WPTR, (WPI_RX_RING_COUNT - 1) & ~7); 5039 5040 /* Initialize TX rings. */ 5041 if ((error = wpi_nic_lock(sc)) != 0) 5042 return error; 5043 wpi_prph_write(sc, WPI_ALM_SCHED_MODE, 2); /* bypass mode */ 5044 wpi_prph_write(sc, WPI_ALM_SCHED_ARASTAT, 1); /* enable RA0 */ 5045 /* Enable all 6 TX rings. */ 5046 wpi_prph_write(sc, WPI_ALM_SCHED_TXFACT, 0x3f); 5047 wpi_prph_write(sc, WPI_ALM_SCHED_SBYPASS_MODE1, 0x10000); 5048 wpi_prph_write(sc, WPI_ALM_SCHED_SBYPASS_MODE2, 0x30002); 5049 wpi_prph_write(sc, WPI_ALM_SCHED_TXF4MF, 4); 5050 wpi_prph_write(sc, WPI_ALM_SCHED_TXF5MF, 5); 5051 /* Set physical address of TX rings. */ 5052 WPI_WRITE(sc, WPI_FH_TX_BASE, sc->shared_dma.paddr); 5053 WPI_WRITE(sc, WPI_FH_MSG_CONFIG, 0xffff05a5); 5054 5055 /* Enable all DMA channels. */ 5056 for (chnl = 0; chnl < WPI_NDMACHNLS; chnl++) { 5057 WPI_WRITE(sc, WPI_FH_CBBC_CTRL(chnl), 0); 5058 WPI_WRITE(sc, WPI_FH_CBBC_BASE(chnl), 0); 5059 WPI_WRITE(sc, WPI_FH_TX_CONFIG(chnl), 0x80200008); 5060 } 5061 wpi_nic_unlock(sc); 5062 (void)WPI_READ(sc, WPI_FH_TX_BASE); /* barrier */ 5063 5064 /* Clear "radio off" and "commands blocked" bits. */ 5065 WPI_WRITE(sc, WPI_UCODE_GP1_CLR, WPI_UCODE_GP1_RFKILL); 5066 WPI_WRITE(sc, WPI_UCODE_GP1_CLR, WPI_UCODE_GP1_CMD_BLOCKED); 5067 5068 /* Clear pending interrupts. */ 5069 WPI_WRITE(sc, WPI_INT, 0xffffffff); 5070 /* Enable interrupts. */ 5071 WPI_WRITE(sc, WPI_INT_MASK, WPI_INT_MASK_DEF); 5072 5073 /* _Really_ make sure "radio off" bit is cleared! */ 5074 WPI_WRITE(sc, WPI_UCODE_GP1_CLR, WPI_UCODE_GP1_RFKILL); 5075 WPI_WRITE(sc, WPI_UCODE_GP1_CLR, WPI_UCODE_GP1_RFKILL); 5076 5077 if ((error = wpi_load_firmware(sc)) != 0) { 5078 device_printf(sc->sc_dev, 5079 "%s: could not load firmware, error %d\n", __func__, 5080 error); 5081 return error; 5082 } 5083 /* Wait at most one second for firmware alive notification. */ 5084 if ((error = mtx_sleep(sc, &sc->sc_mtx, PCATCH, "wpiinit", hz)) != 0) { 5085 device_printf(sc->sc_dev, 5086 "%s: timeout waiting for adapter to initialize, error %d\n", 5087 __func__, error); 5088 return error; 5089 } 5090 5091 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 5092 5093 /* Do post-firmware initialization. */ 5094 return wpi_post_alive(sc); 5095} 5096 5097static void 5098wpi_hw_stop(struct wpi_softc *sc) 5099{ 5100 int chnl, qid, ntries; 5101 5102 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 5103 5104 if (WPI_READ(sc, WPI_UCODE_GP1) & WPI_UCODE_GP1_MAC_SLEEP) 5105 wpi_nic_lock(sc); 5106 5107 WPI_WRITE(sc, WPI_RESET, WPI_RESET_NEVO); 5108 5109 /* Disable interrupts. */ 5110 WPI_WRITE(sc, WPI_INT_MASK, 0); 5111 WPI_WRITE(sc, WPI_INT, 0xffffffff); 5112 WPI_WRITE(sc, WPI_FH_INT, 0xffffffff); 5113 5114 /* Make sure we no longer hold the NIC lock. */ 5115 wpi_nic_unlock(sc); 5116 5117 if (wpi_nic_lock(sc) == 0) { 5118 /* Stop TX scheduler. */ 5119 wpi_prph_write(sc, WPI_ALM_SCHED_MODE, 0); 5120 wpi_prph_write(sc, WPI_ALM_SCHED_TXFACT, 0); 5121 5122 /* Stop all DMA channels. */ 5123 for (chnl = 0; chnl < WPI_NDMACHNLS; chnl++) { 5124 WPI_WRITE(sc, WPI_FH_TX_CONFIG(chnl), 0); 5125 for (ntries = 0; ntries < 200; ntries++) { 5126 if (WPI_READ(sc, WPI_FH_TX_STATUS) & 5127 WPI_FH_TX_STATUS_IDLE(chnl)) 5128 break; 5129 DELAY(10); 5130 } 5131 } 5132 wpi_nic_unlock(sc); 5133 } 5134 5135 /* Stop RX ring. */ 5136 wpi_reset_rx_ring(sc); 5137 5138 /* Reset all TX rings. */ 5139 for (qid = 0; qid < WPI_NTXQUEUES; qid++) 5140 wpi_reset_tx_ring(sc, &sc->txq[qid]); 5141 5142 if (wpi_nic_lock(sc) == 0) { 5143 wpi_prph_write(sc, WPI_APMG_CLK_DIS, 5144 WPI_APMG_CLK_CTRL_DMA_CLK_RQT); 5145 wpi_nic_unlock(sc); 5146 } 5147 DELAY(5); 5148 /* Power OFF adapter. */ 5149 wpi_apm_stop(sc); 5150} 5151 5152static void 5153wpi_radio_on(void *arg0, int pending) 5154{ 5155 struct wpi_softc *sc = arg0; 5156 struct ifnet *ifp = sc->sc_ifp; 5157 struct ieee80211com *ic = ifp->if_l2com; 5158 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5159 5160 device_printf(sc->sc_dev, "RF switch: radio enabled\n"); 5161 5162 if (vap != NULL) { 5163 wpi_init(sc); 5164 ieee80211_init(vap); 5165 } 5166 5167 if (WPI_READ(sc, WPI_GP_CNTRL) & WPI_GP_CNTRL_RFKILL) { 5168 WPI_LOCK(sc); 5169 callout_stop(&sc->watchdog_rfkill); 5170 WPI_UNLOCK(sc); 5171 } 5172} 5173 5174static void 5175wpi_radio_off(void *arg0, int pending) 5176{ 5177 struct wpi_softc *sc = arg0; 5178 struct ifnet *ifp = sc->sc_ifp; 5179 struct ieee80211com *ic = ifp->if_l2com; 5180 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5181 5182 device_printf(sc->sc_dev, "RF switch: radio disabled\n"); 5183 5184 wpi_stop(sc); 5185 if (vap != NULL) 5186 ieee80211_stop(vap); 5187 5188 WPI_LOCK(sc); 5189 callout_reset(&sc->watchdog_rfkill, hz, wpi_watchdog_rfkill, sc); 5190 WPI_UNLOCK(sc); 5191} 5192 5193static void 5194wpi_init(void *arg) 5195{ 5196 struct wpi_softc *sc = arg; 5197 struct ifnet *ifp = sc->sc_ifp; 5198 struct ieee80211com *ic = ifp->if_l2com; 5199 int error; 5200 5201 WPI_LOCK(sc); 5202 5203 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_BEGIN, __func__); 5204 5205 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) != 0) 5206 goto end; 5207 5208 /* Check that the radio is not disabled by hardware switch. */ 5209 if (!(WPI_READ(sc, WPI_GP_CNTRL) & WPI_GP_CNTRL_RFKILL)) { 5210 device_printf(sc->sc_dev, 5211 "RF switch: radio disabled (%s)\n", __func__); 5212 callout_reset(&sc->watchdog_rfkill, hz, wpi_watchdog_rfkill, 5213 sc); 5214 goto end; 5215 } 5216 5217 /* Read firmware images from the filesystem. */ 5218 if ((error = wpi_read_firmware(sc)) != 0) { 5219 device_printf(sc->sc_dev, 5220 "%s: could not read firmware, error %d\n", __func__, 5221 error); 5222 goto fail; 5223 } 5224 5225 /* Initialize hardware and upload firmware. */ 5226 error = wpi_hw_init(sc); 5227 wpi_unload_firmware(sc); 5228 if (error != 0) { 5229 device_printf(sc->sc_dev, 5230 "%s: could not initialize hardware, error %d\n", __func__, 5231 error); 5232 goto fail; 5233 } 5234 5235 /* Configure adapter now that it is ready. */ 5236 sc->txq_active = 1; 5237 if ((error = wpi_config(sc)) != 0) { 5238 device_printf(sc->sc_dev, 5239 "%s: could not configure device, error %d\n", __func__, 5240 error); 5241 goto fail; 5242 } 5243 5244 IF_LOCK(&ifp->if_snd); 5245 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 5246 ifp->if_drv_flags |= IFF_DRV_RUNNING; 5247 IF_UNLOCK(&ifp->if_snd); 5248 5249 callout_reset(&sc->watchdog_to, hz, wpi_watchdog, sc); 5250 5251 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END, __func__); 5252 5253 WPI_UNLOCK(sc); 5254 5255 ieee80211_start_all(ic); 5256 5257 return; 5258 5259fail: wpi_stop_locked(sc); 5260end: DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_END_ERR, __func__); 5261 WPI_UNLOCK(sc); 5262} 5263 5264static void 5265wpi_stop_locked(struct wpi_softc *sc) 5266{ 5267 struct ifnet *ifp = sc->sc_ifp; 5268 5269 WPI_LOCK_ASSERT(sc); 5270 5271 WPI_TXQ_LOCK(sc); 5272 sc->txq_active = 0; 5273 WPI_TXQ_UNLOCK(sc); 5274 5275 sc->sc_tx_timer = 0; 5276 callout_stop(&sc->watchdog_to); 5277 callout_stop(&sc->scan_timeout); 5278 callout_stop(&sc->calib_to); 5279 5280 IF_LOCK(&ifp->if_snd); 5281 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 5282 IF_UNLOCK(&ifp->if_snd); 5283 5284 /* Power OFF hardware. */ 5285 wpi_hw_stop(sc); 5286} 5287 5288static void 5289wpi_stop(struct wpi_softc *sc) 5290{ 5291 WPI_LOCK(sc); 5292 wpi_stop_locked(sc); 5293 WPI_UNLOCK(sc); 5294} 5295 5296/* 5297 * Callback from net80211 to start a scan. 5298 */ 5299static void 5300wpi_scan_start(struct ieee80211com *ic) 5301{ 5302 struct wpi_softc *sc = ic->ic_ifp->if_softc; 5303 5304 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 5305} 5306 5307/* 5308 * Callback from net80211 to terminate a scan. 5309 */ 5310static void 5311wpi_scan_end(struct ieee80211com *ic) 5312{ 5313 struct ifnet *ifp = ic->ic_ifp; 5314 struct wpi_softc *sc = ifp->if_softc; 5315 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5316 5317 if (vap->iv_state == IEEE80211_S_RUN) 5318 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 5319} 5320 5321/** 5322 * Called by the net80211 framework to indicate to the driver 5323 * that the channel should be changed 5324 */ 5325static void 5326wpi_set_channel(struct ieee80211com *ic) 5327{ 5328 const struct ieee80211_channel *c = ic->ic_curchan; 5329 struct ifnet *ifp = ic->ic_ifp; 5330 struct wpi_softc *sc = ifp->if_softc; 5331 int error; 5332 5333 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 5334 5335 WPI_LOCK(sc); 5336 sc->sc_rxtap.wr_chan_freq = htole16(c->ic_freq); 5337 sc->sc_rxtap.wr_chan_flags = htole16(c->ic_flags); 5338 sc->sc_txtap.wt_chan_freq = htole16(c->ic_freq); 5339 sc->sc_txtap.wt_chan_flags = htole16(c->ic_flags); 5340 5341 /* 5342 * Only need to set the channel in Monitor mode. AP scanning and auth 5343 * are already taken care of by their respective firmware commands. 5344 */ 5345 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 5346 sc->rxon.chan = ieee80211_chan2ieee(ic, c); 5347 if (IEEE80211_IS_CHAN_2GHZ(c)) { 5348 sc->rxon.flags |= htole32(WPI_RXON_AUTO | 5349 WPI_RXON_24GHZ); 5350 } else { 5351 sc->rxon.flags &= ~htole32(WPI_RXON_AUTO | 5352 WPI_RXON_24GHZ); 5353 } 5354 if ((error = wpi_send_rxon(sc, 0, 0)) != 0) 5355 device_printf(sc->sc_dev, 5356 "%s: error %d setting channel\n", __func__, 5357 error); 5358 } 5359 WPI_UNLOCK(sc); 5360} 5361 5362/** 5363 * Called by net80211 to indicate that we need to scan the current 5364 * channel. The channel is previously be set via the wpi_set_channel 5365 * callback. 5366 */ 5367static void 5368wpi_scan_curchan(struct ieee80211_scan_state *ss, unsigned long maxdwell) 5369{ 5370 struct ieee80211vap *vap = ss->ss_vap; 5371 struct ieee80211com *ic = vap->iv_ic; 5372 struct wpi_softc *sc = ic->ic_ifp->if_softc; 5373 int error; 5374 5375 if (sc->rxon.chan != ieee80211_chan2ieee(ic, ic->ic_curchan)) { 5376 WPI_LOCK(sc); 5377 error = wpi_scan(sc, ic->ic_curchan); 5378 WPI_UNLOCK(sc); 5379 if (error != 0) 5380 ieee80211_cancel_scan(vap); 5381 } else { 5382 /* Send probe request when associated. */ 5383 sc->sc_scan_curchan(ss, maxdwell); 5384 } 5385} 5386 5387/** 5388 * Called by the net80211 framework to indicate 5389 * the minimum dwell time has been met, terminate the scan. 5390 * We don't actually terminate the scan as the firmware will notify 5391 * us when it's finished and we have no way to interrupt it. 5392 */ 5393static void 5394wpi_scan_mindwell(struct ieee80211_scan_state *ss) 5395{ 5396 /* NB: don't try to abort scan; wait for firmware to finish */ 5397} 5398 5399static void 5400wpi_hw_reset(void *arg, int pending) 5401{ 5402 struct wpi_softc *sc = arg; 5403 struct ifnet *ifp = sc->sc_ifp; 5404 struct ieee80211com *ic = ifp->if_l2com; 5405 struct ieee80211vap *vap = TAILQ_FIRST(&ic->ic_vaps); 5406 5407 DPRINTF(sc, WPI_DEBUG_TRACE, TRACE_STR_DOING, __func__); 5408 5409 if (vap != NULL && (ic->ic_flags & IEEE80211_F_SCAN)) 5410 ieee80211_cancel_scan(vap); 5411 5412 wpi_stop(sc); 5413 if (vap != NULL) 5414 ieee80211_stop(vap); 5415 wpi_init(sc); 5416 if (vap != NULL) 5417 ieee80211_init(vap); 5418} 5419