if_iwi.c revision 170554
1/*- 2 * Copyright (c) 2004, 2005 3 * Damien Bergamini <damien.bergamini@free.fr>. All rights reserved. 4 * Copyright (c) 2005-2006 Sam Leffler, Errno Consulting 5 * Copyright (c) 2007 Andrew Thompson <thompsa@FreeBSD.org> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice unmodified, this list of conditions, and the following 12 * disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30#include <sys/cdefs.h> 31__FBSDID("$FreeBSD: head/sys/dev/iwi/if_iwi.c 170554 2007-06-11 10:56:06Z thompsa $"); 32 33/*- 34 * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver 35 * http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm 36 */ 37 38#include <sys/param.h> 39#include <sys/sysctl.h> 40#include <sys/sockio.h> 41#include <sys/mbuf.h> 42#include <sys/kernel.h> 43#include <sys/socket.h> 44#include <sys/systm.h> 45#include <sys/malloc.h> 46#include <sys/lock.h> 47#include <sys/mutex.h> 48#include <sys/module.h> 49#include <sys/bus.h> 50#include <sys/endian.h> 51#include <sys/proc.h> 52#include <sys/mount.h> 53#include <sys/namei.h> 54#include <sys/linker.h> 55#include <sys/firmware.h> 56#include <sys/kthread.h> 57#include <sys/taskqueue.h> 58 59#include <machine/bus.h> 60#include <machine/resource.h> 61#include <sys/rman.h> 62 63#include <dev/pci/pcireg.h> 64#include <dev/pci/pcivar.h> 65 66#include <net/bpf.h> 67#include <net/if.h> 68#include <net/if_arp.h> 69#include <net/ethernet.h> 70#include <net/if_dl.h> 71#include <net/if_media.h> 72#include <net/if_types.h> 73 74#include <net80211/ieee80211_var.h> 75#include <net80211/ieee80211_radiotap.h> 76#include <net80211/ieee80211_regdomain.h> 77 78#include <netinet/in.h> 79#include <netinet/in_systm.h> 80#include <netinet/in_var.h> 81#include <netinet/ip.h> 82#include <netinet/if_ether.h> 83 84#include <dev/iwi/if_iwireg.h> 85#include <dev/iwi/if_iwivar.h> 86 87#define IWI_DEBUG 88#ifdef IWI_DEBUG 89#define DPRINTF(x) do { if (iwi_debug > 0) printf x; } while (0) 90#define DPRINTFN(n, x) do { if (iwi_debug >= (n)) printf x; } while (0) 91int iwi_debug = 0; 92SYSCTL_INT(_debug, OID_AUTO, iwi, CTLFLAG_RW, &iwi_debug, 0, "iwi debug level"); 93#else 94#define DPRINTF(x) 95#define DPRINTFN(n, x) 96#endif 97 98MODULE_DEPEND(iwi, pci, 1, 1, 1); 99MODULE_DEPEND(iwi, wlan, 1, 1, 1); 100MODULE_DEPEND(iwi, firmware, 1, 1, 1); 101 102enum { 103 IWI_LED_TX, 104 IWI_LED_RX, 105 IWI_LED_POLL, 106}; 107 108struct iwi_ident { 109 uint16_t vendor; 110 uint16_t device; 111 const char *name; 112}; 113 114static const struct iwi_ident iwi_ident_table[] = { 115 { 0x8086, 0x4220, "Intel(R) PRO/Wireless 2200BG" }, 116 { 0x8086, 0x4221, "Intel(R) PRO/Wireless 2225BG" }, 117 { 0x8086, 0x4223, "Intel(R) PRO/Wireless 2915ABG" }, 118 { 0x8086, 0x4224, "Intel(R) PRO/Wireless 2915ABG" }, 119 120 { 0, 0, NULL } 121}; 122 123static void iwi_dma_map_addr(void *, bus_dma_segment_t *, int, int); 124static int iwi_alloc_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *, 125 int); 126static void iwi_reset_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 127static void iwi_free_cmd_ring(struct iwi_softc *, struct iwi_cmd_ring *); 128static int iwi_alloc_tx_ring(struct iwi_softc *, struct iwi_tx_ring *, 129 int, bus_addr_t, bus_addr_t); 130static void iwi_reset_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 131static void iwi_free_tx_ring(struct iwi_softc *, struct iwi_tx_ring *); 132static int iwi_alloc_rx_ring(struct iwi_softc *, struct iwi_rx_ring *, 133 int); 134static void iwi_reset_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 135static void iwi_free_rx_ring(struct iwi_softc *, struct iwi_rx_ring *); 136static struct ieee80211_node *iwi_node_alloc(struct ieee80211_node_table *); 137static void iwi_node_free(struct ieee80211_node *); 138static int iwi_media_change(struct ifnet *); 139static void iwi_media_status(struct ifnet *, struct ifmediareq *); 140static int iwi_newstate(struct ieee80211com *, enum ieee80211_state, int); 141static void iwi_wme_init(struct iwi_softc *); 142static int iwi_wme_setparams(struct iwi_softc *); 143static int iwi_wme_update(struct ieee80211com *); 144static uint16_t iwi_read_prom_word(struct iwi_softc *, uint8_t); 145static void iwi_frame_intr(struct iwi_softc *, struct iwi_rx_data *, int, 146 struct iwi_frame *); 147static void iwi_notification_intr(struct iwi_softc *, struct iwi_notif *); 148static void iwi_rx_intr(struct iwi_softc *); 149static void iwi_tx_intr(struct iwi_softc *, struct iwi_tx_ring *); 150static void iwi_intr(void *); 151static int iwi_cmd(struct iwi_softc *, uint8_t, void *, uint8_t); 152static void iwi_write_ibssnode(struct iwi_softc *, const u_int8_t [], int); 153static int iwi_tx_start(struct ifnet *, struct mbuf *, 154 struct ieee80211_node *, int); 155static void iwi_start(struct ifnet *); 156static void iwi_watchdog(void *); 157static int iwi_ioctl(struct ifnet *, u_long, caddr_t); 158static void iwi_stop_master(struct iwi_softc *); 159static int iwi_reset(struct iwi_softc *); 160static int iwi_load_ucode(struct iwi_softc *, const struct iwi_fw *); 161static int iwi_load_firmware(struct iwi_softc *, const struct iwi_fw *); 162static void iwi_release_fw_dma(struct iwi_softc *sc); 163static int iwi_config(struct iwi_softc *); 164static int iwi_get_firmware(struct iwi_softc *); 165static void iwi_put_firmware(struct iwi_softc *); 166static int iwi_scanchan(struct iwi_softc *, unsigned long, int); 167static void iwi_scan_start(struct ieee80211com *); 168static void iwi_scan_end(struct ieee80211com *); 169static void iwi_scanabort(void *, int); 170static void iwi_set_channel(struct ieee80211com *); 171static void iwi_scan_curchan(struct ieee80211com *, unsigned long maxdwell); 172#if 0 173static void iwi_scan_allchan(struct ieee80211com *, unsigned long maxdwell); 174#endif 175static void iwi_scan_mindwell(struct ieee80211com *); 176static void iwi_assoc(struct ieee80211com *ic); 177static void iwi_disassoc(struct ieee80211com *); 178static void iwi_ops(void *, int); 179static int iwi_queue_cmd(struct iwi_softc *, int); 180static int iwi_auth_and_assoc(struct iwi_softc *); 181static int iwi_disassociate(struct iwi_softc *, int quiet); 182static void iwi_init(void *); 183static void iwi_init_locked(void *, int); 184static void iwi_stop(void *); 185static void iwi_restart(void *, int); 186static int iwi_getrfkill(struct iwi_softc *); 187static void iwi_radio_on(void *, int); 188static void iwi_radio_off(void *, int); 189static void iwi_sysctlattach(struct iwi_softc *); 190static void iwi_led_event(struct iwi_softc *, int); 191static void iwi_ledattach(struct iwi_softc *); 192 193static int iwi_probe(device_t); 194static int iwi_attach(device_t); 195static int iwi_detach(device_t); 196static int iwi_shutdown(device_t); 197static int iwi_suspend(device_t); 198static int iwi_resume(device_t); 199 200static device_method_t iwi_methods[] = { 201 /* Device interface */ 202 DEVMETHOD(device_probe, iwi_probe), 203 DEVMETHOD(device_attach, iwi_attach), 204 DEVMETHOD(device_detach, iwi_detach), 205 DEVMETHOD(device_shutdown, iwi_shutdown), 206 DEVMETHOD(device_suspend, iwi_suspend), 207 DEVMETHOD(device_resume, iwi_resume), 208 209 { 0, 0 } 210}; 211 212static driver_t iwi_driver = { 213 "iwi", 214 iwi_methods, 215 sizeof (struct iwi_softc) 216}; 217 218static devclass_t iwi_devclass; 219 220DRIVER_MODULE(iwi, pci, iwi_driver, iwi_devclass, 0, 0); 221 222static __inline uint8_t 223MEM_READ_1(struct iwi_softc *sc, uint32_t addr) 224{ 225 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 226 return CSR_READ_1(sc, IWI_CSR_INDIRECT_DATA); 227} 228 229static __inline uint32_t 230MEM_READ_4(struct iwi_softc *sc, uint32_t addr) 231{ 232 CSR_WRITE_4(sc, IWI_CSR_INDIRECT_ADDR, addr); 233 return CSR_READ_4(sc, IWI_CSR_INDIRECT_DATA); 234} 235 236static int 237iwi_probe(device_t dev) 238{ 239 const struct iwi_ident *ident; 240 241 for (ident = iwi_ident_table; ident->name != NULL; ident++) { 242 if (pci_get_vendor(dev) == ident->vendor && 243 pci_get_device(dev) == ident->device) { 244 device_set_desc(dev, ident->name); 245 return 0; 246 } 247 } 248 return ENXIO; 249} 250 251/* Base Address Register */ 252#define IWI_PCI_BAR0 0x10 253 254static int 255iwi_attach(device_t dev) 256{ 257 struct iwi_softc *sc = device_get_softc(dev); 258 struct ifnet *ifp; 259 struct ieee80211com *ic = &sc->sc_ic; 260 uint16_t val; 261 int i, error, bands; 262 263 sc->sc_dev = dev; 264 265 IWI_LOCK_INIT(sc); 266 IWI_CMD_LOCK_INIT(sc); 267 268 sc->sc_unr = new_unrhdr(1, IWI_MAX_IBSSNODE-1, &sc->sc_mtx); 269 270#if __FreeBSD_version >= 700000 271 sc->sc_tq = taskqueue_create("iwi_taskq", M_NOWAIT | M_ZERO, 272 taskqueue_thread_enqueue, &sc->sc_tq); 273 taskqueue_start_threads(&sc->sc_tq, 1, PI_NET, "%s taskq", 274 device_get_nameunit(dev)); 275 sc->sc_tq2 = taskqueue_create("iwi_taskq2", M_NOWAIT | M_ZERO, 276 taskqueue_thread_enqueue, &sc->sc_tq2); 277 taskqueue_start_threads(&sc->sc_tq2, 1, PI_NET, "%s taskq2", 278 device_get_nameunit(dev)); 279#else 280 sc->sc_tq = taskqueue_create("iwi_taskq", M_NOWAIT | M_ZERO, 281 taskqueue_thread_enqueue, &sc->sc_tq, &sc->sc_tqproc); 282 kthread_create(taskqueue_thread_loop, &sc->sc_tq, &sc->sc_tqproc, 283 0, 0, "%s taskq", device_get_nameunit(dev)); 284 sc->sc_tq2 = taskqueue_create("iwi_taskq2", M_NOWAIT | M_ZERO, 285 taskqueue_thread_enqueue, &sc->sc_tq2, &sc->sc_tqproc); 286 kthread_create(taskqueue_thread_loop, &sc->sc_tq2, &sc->sc_tqproc, 287 0, 0, "%s taskq2", device_get_nameunit(dev)); 288#endif 289 TASK_INIT(&sc->sc_radiontask, 0, iwi_radio_on, sc); 290 TASK_INIT(&sc->sc_radiofftask, 0, iwi_radio_off, sc); 291 TASK_INIT(&sc->sc_restarttask, 0, iwi_restart, sc); 292 TASK_INIT(&sc->sc_opstask, 0, iwi_ops, sc); 293 TASK_INIT(&sc->sc_scanaborttask, 0, iwi_scanabort, sc); 294 callout_init_mtx(&sc->sc_wdtimer, &sc->sc_mtx, 0); 295 296 if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { 297 device_printf(dev, "chip is in D%d power mode " 298 "-- setting to D0\n", pci_get_powerstate(dev)); 299 pci_set_powerstate(dev, PCI_POWERSTATE_D0); 300 } 301 302 pci_write_config(dev, 0x41, 0, 1); 303 304 /* enable bus-mastering */ 305 pci_enable_busmaster(dev); 306 307 sc->mem_rid = IWI_PCI_BAR0; 308 sc->mem = bus_alloc_resource_any(dev, SYS_RES_MEMORY, &sc->mem_rid, 309 RF_ACTIVE); 310 if (sc->mem == NULL) { 311 device_printf(dev, "could not allocate memory resource\n"); 312 goto fail; 313 } 314 315 sc->sc_st = rman_get_bustag(sc->mem); 316 sc->sc_sh = rman_get_bushandle(sc->mem); 317 318 sc->irq_rid = 0; 319 sc->irq = bus_alloc_resource_any(dev, SYS_RES_IRQ, &sc->irq_rid, 320 RF_ACTIVE | RF_SHAREABLE); 321 if (sc->irq == NULL) { 322 device_printf(dev, "could not allocate interrupt resource\n"); 323 goto fail; 324 } 325 326 if (iwi_reset(sc) != 0) { 327 device_printf(dev, "could not reset adapter\n"); 328 goto fail; 329 } 330 331 /* 332 * Allocate rings. 333 */ 334 if (iwi_alloc_cmd_ring(sc, &sc->cmdq, IWI_CMD_RING_COUNT) != 0) { 335 device_printf(dev, "could not allocate Cmd ring\n"); 336 goto fail; 337 } 338 339 for (i = 0; i < 4; i++) { 340 error = iwi_alloc_tx_ring(sc, &sc->txq[i], IWI_TX_RING_COUNT, 341 IWI_CSR_TX1_RIDX + i * 4, 342 IWI_CSR_TX1_WIDX + i * 4); 343 if (error != 0) { 344 device_printf(dev, "could not allocate Tx ring %d\n", 345 i+i); 346 goto fail; 347 } 348 } 349 350 if (iwi_alloc_rx_ring(sc, &sc->rxq, IWI_RX_RING_COUNT) != 0) { 351 device_printf(dev, "could not allocate Rx ring\n"); 352 goto fail; 353 } 354 355 iwi_wme_init(sc); 356 357 ifp = sc->sc_ifp = if_alloc(IFT_ETHER); 358 if (ifp == NULL) { 359 device_printf(dev, "can not if_alloc()\n"); 360 goto fail; 361 } 362 ic->ic_ifp = ifp; 363 ifp->if_softc = sc; 364 if_initname(ifp, device_get_name(dev), device_get_unit(dev)); 365 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 366 ifp->if_init = iwi_init; 367 ifp->if_ioctl = iwi_ioctl; 368 ifp->if_start = iwi_start; 369 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 370 ifp->if_snd.ifq_drv_maxlen = IFQ_MAXLEN; 371 IFQ_SET_READY(&ifp->if_snd); 372 373 ic->ic_wme.wme_update = iwi_wme_update; 374 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 375 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 376 ic->ic_state = IEEE80211_S_INIT; 377 378 /* set device capabilities */ 379 ic->ic_caps = 380 IEEE80211_C_IBSS /* IBSS mode supported */ 381 | IEEE80211_C_MONITOR /* monitor mode supported */ 382 | IEEE80211_C_PMGT /* power save supported */ 383 | IEEE80211_C_SHPREAMBLE /* short preamble supported */ 384 | IEEE80211_C_WPA /* 802.11i */ 385 | IEEE80211_C_WME /* 802.11e */ 386 | IEEE80211_C_BGSCAN /* capable of bg scanning */ 387 ; 388 389 /* read MAC address from EEPROM */ 390 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 0); 391 ic->ic_myaddr[0] = val & 0xff; 392 ic->ic_myaddr[1] = val >> 8; 393 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 1); 394 ic->ic_myaddr[2] = val & 0xff; 395 ic->ic_myaddr[3] = val >> 8; 396 val = iwi_read_prom_word(sc, IWI_EEPROM_MAC + 2); 397 ic->ic_myaddr[4] = val & 0xff; 398 ic->ic_myaddr[5] = val >> 8; 399 400 bands = 0; 401 setbit(&bands, IEEE80211_MODE_11B); 402 setbit(&bands, IEEE80211_MODE_11G); 403 if (pci_get_device(dev) >= 0x4223) 404 setbit(&bands, IEEE80211_MODE_11A); 405 ieee80211_init_channels(ic, 0, CTRY_DEFAULT, bands, 0, 1); 406 407 ieee80211_ifattach(ic); 408 ic->ic_bmissthreshold = 10; /* override default */ 409 /* override default methods */ 410 ic->ic_node_alloc = iwi_node_alloc; 411 sc->sc_node_free = ic->ic_node_free; 412 ic->ic_node_free = iwi_node_free; 413 ic->ic_scan_start = iwi_scan_start; 414 ic->ic_scan_end = iwi_scan_end; 415 ic->ic_set_channel = iwi_set_channel; 416 ic->ic_scan_curchan = iwi_scan_curchan; 417 ic->ic_scan_mindwell = iwi_scan_mindwell; 418 419 /* override state transition machine */ 420 sc->sc_newstate = ic->ic_newstate; 421 ic->ic_newstate = iwi_newstate; 422 ieee80211_media_init(ic, iwi_media_change, iwi_media_status); 423 424 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 425 sizeof (struct ieee80211_frame) + sizeof (sc->sc_txtap), 426 &sc->sc_drvbpf); 427 428 sc->sc_rxtap_len = sizeof sc->sc_rxtap; 429 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 430 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWI_RX_RADIOTAP_PRESENT); 431 432 sc->sc_txtap_len = sizeof sc->sc_txtap; 433 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 434 sc->sc_txtap.wt_ihdr.it_present = htole32(IWI_TX_RADIOTAP_PRESENT); 435 436 iwi_sysctlattach(sc); 437 iwi_ledattach(sc); 438 439 /* 440 * Hook our interrupt after all initialization is complete. 441 */ 442 error = bus_setup_intr(dev, sc->irq, INTR_TYPE_NET | INTR_MPSAFE, 443 NULL, iwi_intr, sc, &sc->sc_ih); 444 if (error != 0) { 445 device_printf(dev, "could not set up interrupt\n"); 446 goto fail; 447 } 448 449 if (bootverbose) 450 ieee80211_announce(ic); 451 452 return 0; 453 454fail: iwi_detach(dev); 455 return ENXIO; 456} 457 458static int 459iwi_detach(device_t dev) 460{ 461 struct iwi_softc *sc = device_get_softc(dev); 462 struct ieee80211com *ic = &sc->sc_ic; 463 struct ifnet *ifp = ic->ic_ifp; 464 IWI_LOCK_DECL; 465 466 if (ifp != NULL) { 467 IWI_LOCK(sc); 468 iwi_stop(sc); 469 IWI_UNLOCK(sc); 470 bpfdetach(ifp); 471 ieee80211_ifdetach(ic); 472 } 473 474 callout_drain(&sc->sc_wdtimer); 475 iwi_put_firmware(sc); 476 iwi_release_fw_dma(sc); 477 478 iwi_free_cmd_ring(sc, &sc->cmdq); 479 iwi_free_tx_ring(sc, &sc->txq[0]); 480 iwi_free_tx_ring(sc, &sc->txq[1]); 481 iwi_free_tx_ring(sc, &sc->txq[2]); 482 iwi_free_tx_ring(sc, &sc->txq[3]); 483 iwi_free_rx_ring(sc, &sc->rxq); 484 485 if (sc->irq != NULL) { 486 bus_teardown_intr(dev, sc->irq, sc->sc_ih); 487 bus_release_resource(dev, SYS_RES_IRQ, sc->irq_rid, sc->irq); 488 } 489 490 if (sc->mem != NULL) 491 bus_release_resource(dev, SYS_RES_MEMORY, sc->mem_rid, sc->mem); 492 493 if (ifp != NULL) 494 if_free(ifp); 495 496 taskqueue_free(sc->sc_tq); 497 taskqueue_free(sc->sc_tq2); 498 499 if (sc->sc_unr != NULL) 500 delete_unrhdr(sc->sc_unr); 501 502 IWI_LOCK_DESTROY(sc); 503 IWI_CMD_LOCK_DESTROY(sc); 504 505 return 0; 506} 507 508static void 509iwi_dma_map_addr(void *arg, bus_dma_segment_t *segs, int nseg, int error) 510{ 511 if (error != 0) 512 return; 513 514 KASSERT(nseg == 1, ("too many DMA segments, %d should be 1", nseg)); 515 516 *(bus_addr_t *)arg = segs[0].ds_addr; 517} 518 519static int 520iwi_alloc_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring, int count) 521{ 522 int error; 523 524 ring->count = count; 525 ring->queued = 0; 526 ring->cur = ring->next = 0; 527 528 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 529 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 530 count * IWI_CMD_DESC_SIZE, 1, count * IWI_CMD_DESC_SIZE, 0, 531 NULL, NULL, &ring->desc_dmat); 532 if (error != 0) { 533 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 534 goto fail; 535 } 536 537 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 538 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 539 if (error != 0) { 540 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 541 goto fail; 542 } 543 544 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 545 count * IWI_CMD_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 546 if (error != 0) { 547 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 548 goto fail; 549 } 550 551 return 0; 552 553fail: iwi_free_cmd_ring(sc, ring); 554 return error; 555} 556 557static void 558iwi_reset_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 559{ 560 ring->queued = 0; 561 ring->cur = ring->next = 0; 562} 563 564static void 565iwi_free_cmd_ring(struct iwi_softc *sc, struct iwi_cmd_ring *ring) 566{ 567 if (ring->desc != NULL) { 568 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 569 BUS_DMASYNC_POSTWRITE); 570 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 571 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 572 } 573 574 if (ring->desc_dmat != NULL) 575 bus_dma_tag_destroy(ring->desc_dmat); 576} 577 578static int 579iwi_alloc_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring, int count, 580 bus_addr_t csr_ridx, bus_addr_t csr_widx) 581{ 582 int i, error; 583 584 ring->count = count; 585 ring->queued = 0; 586 ring->cur = ring->next = 0; 587 ring->csr_ridx = csr_ridx; 588 ring->csr_widx = csr_widx; 589 590 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 591 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 592 count * IWI_TX_DESC_SIZE, 1, count * IWI_TX_DESC_SIZE, 0, NULL, 593 NULL, &ring->desc_dmat); 594 if (error != 0) { 595 device_printf(sc->sc_dev, "could not create desc DMA tag\n"); 596 goto fail; 597 } 598 599 error = bus_dmamem_alloc(ring->desc_dmat, (void **)&ring->desc, 600 BUS_DMA_NOWAIT | BUS_DMA_ZERO, &ring->desc_map); 601 if (error != 0) { 602 device_printf(sc->sc_dev, "could not allocate DMA memory\n"); 603 goto fail; 604 } 605 606 error = bus_dmamap_load(ring->desc_dmat, ring->desc_map, ring->desc, 607 count * IWI_TX_DESC_SIZE, iwi_dma_map_addr, &ring->physaddr, 0); 608 if (error != 0) { 609 device_printf(sc->sc_dev, "could not load desc DMA map\n"); 610 goto fail; 611 } 612 613 ring->data = malloc(count * sizeof (struct iwi_tx_data), M_DEVBUF, 614 M_NOWAIT | M_ZERO); 615 if (ring->data == NULL) { 616 device_printf(sc->sc_dev, "could not allocate soft data\n"); 617 error = ENOMEM; 618 goto fail; 619 } 620 621 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 622 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 623 IWI_MAX_NSEG, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 624 if (error != 0) { 625 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 626 goto fail; 627 } 628 629 for (i = 0; i < count; i++) { 630 error = bus_dmamap_create(ring->data_dmat, 0, 631 &ring->data[i].map); 632 if (error != 0) { 633 device_printf(sc->sc_dev, "could not create DMA map\n"); 634 goto fail; 635 } 636 } 637 638 return 0; 639 640fail: iwi_free_tx_ring(sc, ring); 641 return error; 642} 643 644static void 645iwi_reset_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 646{ 647 struct iwi_tx_data *data; 648 int i; 649 650 for (i = 0; i < ring->count; i++) { 651 data = &ring->data[i]; 652 653 if (data->m != NULL) { 654 bus_dmamap_sync(ring->data_dmat, data->map, 655 BUS_DMASYNC_POSTWRITE); 656 bus_dmamap_unload(ring->data_dmat, data->map); 657 m_freem(data->m); 658 data->m = NULL; 659 } 660 661 if (data->ni != NULL) { 662 ieee80211_free_node(data->ni); 663 data->ni = NULL; 664 } 665 } 666 667 ring->queued = 0; 668 ring->cur = ring->next = 0; 669} 670 671static void 672iwi_free_tx_ring(struct iwi_softc *sc, struct iwi_tx_ring *ring) 673{ 674 struct iwi_tx_data *data; 675 int i; 676 677 if (ring->desc != NULL) { 678 bus_dmamap_sync(ring->desc_dmat, ring->desc_map, 679 BUS_DMASYNC_POSTWRITE); 680 bus_dmamap_unload(ring->desc_dmat, ring->desc_map); 681 bus_dmamem_free(ring->desc_dmat, ring->desc, ring->desc_map); 682 } 683 684 if (ring->desc_dmat != NULL) 685 bus_dma_tag_destroy(ring->desc_dmat); 686 687 if (ring->data != NULL) { 688 for (i = 0; i < ring->count; i++) { 689 data = &ring->data[i]; 690 691 if (data->m != NULL) { 692 bus_dmamap_sync(ring->data_dmat, data->map, 693 BUS_DMASYNC_POSTWRITE); 694 bus_dmamap_unload(ring->data_dmat, data->map); 695 m_freem(data->m); 696 } 697 698 if (data->ni != NULL) 699 ieee80211_free_node(data->ni); 700 701 if (data->map != NULL) 702 bus_dmamap_destroy(ring->data_dmat, data->map); 703 } 704 705 free(ring->data, M_DEVBUF); 706 } 707 708 if (ring->data_dmat != NULL) 709 bus_dma_tag_destroy(ring->data_dmat); 710} 711 712static int 713iwi_alloc_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring, int count) 714{ 715 struct iwi_rx_data *data; 716 int i, error; 717 718 ring->count = count; 719 ring->cur = 0; 720 721 ring->data = malloc(count * sizeof (struct iwi_rx_data), M_DEVBUF, 722 M_NOWAIT | M_ZERO); 723 if (ring->data == NULL) { 724 device_printf(sc->sc_dev, "could not allocate soft data\n"); 725 error = ENOMEM; 726 goto fail; 727 } 728 729 error = bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 1, 0, 730 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, MCLBYTES, 731 1, MCLBYTES, 0, NULL, NULL, &ring->data_dmat); 732 if (error != 0) { 733 device_printf(sc->sc_dev, "could not create data DMA tag\n"); 734 goto fail; 735 } 736 737 for (i = 0; i < count; i++) { 738 data = &ring->data[i]; 739 740 error = bus_dmamap_create(ring->data_dmat, 0, &data->map); 741 if (error != 0) { 742 device_printf(sc->sc_dev, "could not create DMA map\n"); 743 goto fail; 744 } 745 746 data->m = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 747 if (data->m == NULL) { 748 device_printf(sc->sc_dev, 749 "could not allocate rx mbuf\n"); 750 error = ENOMEM; 751 goto fail; 752 } 753 754 error = bus_dmamap_load(ring->data_dmat, data->map, 755 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 756 &data->physaddr, 0); 757 if (error != 0) { 758 device_printf(sc->sc_dev, 759 "could not load rx buf DMA map"); 760 goto fail; 761 } 762 763 data->reg = IWI_CSR_RX_BASE + i * 4; 764 } 765 766 return 0; 767 768fail: iwi_free_rx_ring(sc, ring); 769 return error; 770} 771 772static void 773iwi_reset_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 774{ 775 ring->cur = 0; 776} 777 778static void 779iwi_free_rx_ring(struct iwi_softc *sc, struct iwi_rx_ring *ring) 780{ 781 struct iwi_rx_data *data; 782 int i; 783 784 if (ring->data != NULL) { 785 for (i = 0; i < ring->count; i++) { 786 data = &ring->data[i]; 787 788 if (data->m != NULL) { 789 bus_dmamap_sync(ring->data_dmat, data->map, 790 BUS_DMASYNC_POSTREAD); 791 bus_dmamap_unload(ring->data_dmat, data->map); 792 m_freem(data->m); 793 } 794 795 if (data->map != NULL) 796 bus_dmamap_destroy(ring->data_dmat, data->map); 797 } 798 799 free(ring->data, M_DEVBUF); 800 } 801 802 if (ring->data_dmat != NULL) 803 bus_dma_tag_destroy(ring->data_dmat); 804} 805 806static int 807iwi_shutdown(device_t dev) 808{ 809 struct iwi_softc *sc = device_get_softc(dev); 810 IWI_LOCK_DECL; 811 812 IWI_LOCK(sc); 813 iwi_stop(sc); 814 IWI_UNLOCK(sc); 815 iwi_put_firmware(sc); /* ??? XXX */ 816 817 return 0; 818} 819 820static int 821iwi_suspend(device_t dev) 822{ 823 struct iwi_softc *sc = device_get_softc(dev); 824 IWI_LOCK_DECL; 825 826 IWI_LOCK(sc); 827 iwi_stop(sc); 828 IWI_UNLOCK(sc); 829 830 return 0; 831} 832 833static int 834iwi_resume(device_t dev) 835{ 836 struct iwi_softc *sc = device_get_softc(dev); 837 struct ifnet *ifp = sc->sc_ic.ic_ifp; 838 IWI_LOCK_DECL; 839 840 IWI_LOCK(sc); 841 842 pci_write_config(dev, 0x41, 0, 1); 843 844 if (ifp->if_flags & IFF_UP) { 845 ifp->if_init(ifp->if_softc); 846 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 847 ifp->if_start(ifp); 848 } 849 850 IWI_UNLOCK(sc); 851 852 return 0; 853} 854 855static struct ieee80211_node * 856iwi_node_alloc(struct ieee80211_node_table *nt) 857{ 858 struct iwi_node *in; 859 860 in = malloc(sizeof (struct iwi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 861 if (in == NULL) 862 return NULL; 863 864 in->in_station = -1; 865 866 return &in->in_node; 867} 868 869static void 870iwi_node_free(struct ieee80211_node *ni) 871{ 872 struct ieee80211com *ic = ni->ni_ic; 873 struct iwi_softc *sc = ic->ic_ifp->if_softc; 874 struct iwi_node *in = (struct iwi_node *)ni; 875 876 if (in->in_station != -1) { 877 DPRINTF(("%s mac %6D station %u\n", __func__, 878 ni->ni_macaddr, ":", in->in_station)); 879 free_unr(sc->sc_unr, in->in_station); 880 } 881 882 sc->sc_node_free(ni); 883} 884 885static int 886iwi_media_change(struct ifnet *ifp) 887{ 888 struct iwi_softc *sc = ifp->if_softc; 889 int error; 890 IWI_LOCK_DECL; 891 892 IWI_LOCK(sc); 893 894 error = ieee80211_media_change(ifp); 895 if (error == ENETRESET && 896 (ifp->if_flags & IFF_UP) && (ifp->if_drv_flags & IFF_DRV_RUNNING)) 897 iwi_init_locked(sc, 0); 898 899 IWI_UNLOCK(sc); 900 901 return error; 902} 903 904/* 905 * Convert h/w rate code to IEEE rate code. 906 */ 907static int 908iwi_cvtrate(int iwirate) 909{ 910 switch (iwirate) { 911 case IWI_RATE_DS1: return 2; 912 case IWI_RATE_DS2: return 4; 913 case IWI_RATE_DS5: return 11; 914 case IWI_RATE_DS11: return 22; 915 case IWI_RATE_OFDM6: return 12; 916 case IWI_RATE_OFDM9: return 18; 917 case IWI_RATE_OFDM12: return 24; 918 case IWI_RATE_OFDM18: return 36; 919 case IWI_RATE_OFDM24: return 48; 920 case IWI_RATE_OFDM36: return 72; 921 case IWI_RATE_OFDM48: return 96; 922 case IWI_RATE_OFDM54: return 108; 923 } 924 return 0; 925} 926 927/* 928 * The firmware automatically adapts the transmit speed. We report its current 929 * value here. 930 */ 931static void 932iwi_media_status(struct ifnet *ifp, struct ifmediareq *imr) 933{ 934 struct iwi_softc *sc = ifp->if_softc; 935 struct ieee80211com *ic = &sc->sc_ic; 936 int rate; 937 938 imr->ifm_status = IFM_AVALID; 939 imr->ifm_active = IFM_IEEE80211; 940 if (ic->ic_state == IEEE80211_S_RUN) 941 imr->ifm_status |= IFM_ACTIVE; 942 943 /* read current transmission rate from adapter */ 944 rate = iwi_cvtrate(CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE)); 945 imr->ifm_active |= ieee80211_rate2media(ic, rate, ic->ic_curmode); 946 947 if (ic->ic_opmode == IEEE80211_M_IBSS) 948 imr->ifm_active |= IFM_IEEE80211_ADHOC; 949 else if (ic->ic_opmode == IEEE80211_M_MONITOR) 950 imr->ifm_active |= IFM_IEEE80211_MONITOR; 951} 952 953static int 954iwi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 955{ 956 struct ifnet *ifp = ic->ic_ifp; 957 struct iwi_softc *sc = ifp->if_softc; 958 int error = 0; 959 960 IWI_LOCK_ASSERT(sc); 961 DPRINTF(("%s: %s -> %s flags 0x%x\n", __func__, 962 ieee80211_state_name[ic->ic_state], 963 ieee80211_state_name[nstate], sc->flags)); 964 965 /* XXX state change race with taskqueue */ 966 switch (nstate) { 967 case IEEE80211_S_AUTH: 968 iwi_assoc(ic); 969 break; 970 case IEEE80211_S_RUN: 971 if (ic->ic_opmode == IEEE80211_M_IBSS) { 972 /* 973 * XXX when joining an ibss network we are called 974 * with a SCAN -> RUN transition on scan complete. 975 * Use that to call iwi_auth_and_assoc. On completing 976 * the join we are then called again with an 977 * AUTH -> RUN transition and we want to do nothing. 978 * This is all totally bogus and needs to be redone. 979 */ 980 if (ic->ic_state == IEEE80211_S_SCAN) 981 iwi_assoc(ic); 982 } 983 break; 984 case IEEE80211_S_INIT: 985 /* 986 * NB: don't try to do this if iwi_stop_master has 987 * shutdown the firmware and disabled interrupts. 988 */ 989 if (ic->ic_state == IEEE80211_S_RUN && 990 (sc->flags & IWI_FLAG_FW_INITED)) 991 iwi_disassoc(ic); 992 if (ic->ic_state == IEEE80211_S_SCAN && 993 (sc->fw_state == IWI_FW_SCANNING)) 994 ieee80211_cancel_scan(ic); 995 break; 996 case IEEE80211_S_ASSOC: 997 /* 998 * If we are not transitioning from AUTH the resend the 999 * association request. 1000 */ 1001 if (ic->ic_state != IEEE80211_S_AUTH) 1002 iwi_assoc(ic); 1003 break; 1004 default: 1005 break; 1006 } 1007 return (error != 0) ? error : sc->sc_newstate(ic, nstate, arg); 1008 1009} 1010 1011/* 1012 * WME parameters coming from IEEE 802.11e specification. These values are 1013 * already declared in ieee80211_proto.c, but they are static so they can't 1014 * be reused here. 1015 */ 1016static const struct wmeParams iwi_wme_cck_params[WME_NUM_AC] = { 1017 { 0, 3, 5, 7, 0 }, /* WME_AC_BE */ 1018 { 0, 3, 5, 10, 0 }, /* WME_AC_BK */ 1019 { 0, 2, 4, 5, 188 }, /* WME_AC_VI */ 1020 { 0, 2, 3, 4, 102 } /* WME_AC_VO */ 1021}; 1022 1023static const struct wmeParams iwi_wme_ofdm_params[WME_NUM_AC] = { 1024 { 0, 3, 4, 6, 0 }, /* WME_AC_BE */ 1025 { 0, 3, 4, 10, 0 }, /* WME_AC_BK */ 1026 { 0, 2, 3, 4, 94 }, /* WME_AC_VI */ 1027 { 0, 2, 2, 3, 47 } /* WME_AC_VO */ 1028}; 1029#define IWI_EXP2(v) htole16((1 << (v)) - 1) 1030#define IWI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 1031 1032static void 1033iwi_wme_init(struct iwi_softc *sc) 1034{ 1035 const struct wmeParams *wmep; 1036 int ac; 1037 1038 memset(sc->wme, 0, sizeof sc->wme); 1039 for (ac = 0; ac < WME_NUM_AC; ac++) { 1040 /* set WME values for CCK modulation */ 1041 wmep = &iwi_wme_cck_params[ac]; 1042 sc->wme[1].aifsn[ac] = wmep->wmep_aifsn; 1043 sc->wme[1].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1044 sc->wme[1].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1045 sc->wme[1].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1046 sc->wme[1].acm[ac] = wmep->wmep_acm; 1047 1048 /* set WME values for OFDM modulation */ 1049 wmep = &iwi_wme_ofdm_params[ac]; 1050 sc->wme[2].aifsn[ac] = wmep->wmep_aifsn; 1051 sc->wme[2].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1052 sc->wme[2].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1053 sc->wme[2].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1054 sc->wme[2].acm[ac] = wmep->wmep_acm; 1055 } 1056} 1057 1058static int 1059iwi_wme_setparams(struct iwi_softc *sc) 1060{ 1061 struct ieee80211com *ic = &sc->sc_ic; 1062 const struct wmeParams *wmep; 1063 int ac; 1064 1065 for (ac = 0; ac < WME_NUM_AC; ac++) { 1066 /* set WME values for current operating mode */ 1067 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 1068 sc->wme[0].aifsn[ac] = wmep->wmep_aifsn; 1069 sc->wme[0].cwmin[ac] = IWI_EXP2(wmep->wmep_logcwmin); 1070 sc->wme[0].cwmax[ac] = IWI_EXP2(wmep->wmep_logcwmax); 1071 sc->wme[0].burst[ac] = IWI_USEC(wmep->wmep_txopLimit); 1072 sc->wme[0].acm[ac] = wmep->wmep_acm; 1073 } 1074 1075 DPRINTF(("Setting WME parameters\n")); 1076 return iwi_cmd(sc, IWI_CMD_SET_WME_PARAMS, sc->wme, sizeof sc->wme); 1077} 1078#undef IWI_USEC 1079#undef IWI_EXP2 1080 1081static int 1082iwi_wme_update(struct ieee80211com *ic) 1083{ 1084 struct iwi_softc *sc = ic->ic_ifp->if_softc; 1085 1086 /* 1087 * We may be called to update the WME parameters in 1088 * the adapter at various places. If we're already 1089 * associated then initiate the request immediately 1090 * (via the taskqueue); otherwise we assume the params 1091 * will get sent down to the adapter as part of the 1092 * work iwi_auth_and_assoc does. 1093 */ 1094 return (iwi_queue_cmd(sc, IWI_SET_WME)); 1095} 1096 1097static int 1098iwi_wme_setie(struct iwi_softc *sc) 1099{ 1100 struct ieee80211_wme_info wme; 1101 1102 memset(&wme, 0, sizeof wme); 1103 wme.wme_id = IEEE80211_ELEMID_VENDOR; 1104 wme.wme_len = sizeof (struct ieee80211_wme_info) - 2; 1105 wme.wme_oui[0] = 0x00; 1106 wme.wme_oui[1] = 0x50; 1107 wme.wme_oui[2] = 0xf2; 1108 wme.wme_type = WME_OUI_TYPE; 1109 wme.wme_subtype = WME_INFO_OUI_SUBTYPE; 1110 wme.wme_version = WME_VERSION; 1111 wme.wme_info = 0; 1112 1113 DPRINTF(("Setting WME IE (len=%u)\n", wme.wme_len)); 1114 return iwi_cmd(sc, IWI_CMD_SET_WMEIE, &wme, sizeof wme); 1115} 1116 1117/* 1118 * Read 16 bits at address 'addr' from the serial EEPROM. 1119 */ 1120static uint16_t 1121iwi_read_prom_word(struct iwi_softc *sc, uint8_t addr) 1122{ 1123 uint32_t tmp; 1124 uint16_t val; 1125 int n; 1126 1127 /* clock C once before the first command */ 1128 IWI_EEPROM_CTL(sc, 0); 1129 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1130 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1131 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1132 1133 /* write start bit (1) */ 1134 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1135 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1136 1137 /* write READ opcode (10) */ 1138 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D); 1139 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_D | IWI_EEPROM_C); 1140 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1141 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1142 1143 /* write address A7-A0 */ 1144 for (n = 7; n >= 0; n--) { 1145 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1146 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D)); 1147 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | 1148 (((addr >> n) & 1) << IWI_EEPROM_SHIFT_D) | IWI_EEPROM_C); 1149 } 1150 1151 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1152 1153 /* read data Q15-Q0 */ 1154 val = 0; 1155 for (n = 15; n >= 0; n--) { 1156 IWI_EEPROM_CTL(sc, IWI_EEPROM_S | IWI_EEPROM_C); 1157 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1158 tmp = MEM_READ_4(sc, IWI_MEM_EEPROM_CTL); 1159 val |= ((tmp & IWI_EEPROM_Q) >> IWI_EEPROM_SHIFT_Q) << n; 1160 } 1161 1162 IWI_EEPROM_CTL(sc, 0); 1163 1164 /* clear Chip Select and clock C */ 1165 IWI_EEPROM_CTL(sc, IWI_EEPROM_S); 1166 IWI_EEPROM_CTL(sc, 0); 1167 IWI_EEPROM_CTL(sc, IWI_EEPROM_C); 1168 1169 return val; 1170} 1171 1172static void 1173iwi_setcurchan(struct iwi_softc *sc, int chan) 1174{ 1175 struct ieee80211com *ic = &sc->sc_ic; 1176 1177 sc->curchan = chan; 1178 1179 sc->sc_rxtap.wr_chan_freq = sc->sc_txtap.wt_chan_freq = 1180 htole16(ic->ic_curchan->ic_freq); 1181 sc->sc_rxtap.wr_chan_flags = sc->sc_txtap.wt_chan_flags = 1182 htole16(ic->ic_curchan->ic_flags); 1183} 1184 1185static void 1186iwi_frame_intr(struct iwi_softc *sc, struct iwi_rx_data *data, int i, 1187 struct iwi_frame *frame) 1188{ 1189 struct ieee80211com *ic = &sc->sc_ic; 1190 struct ifnet *ifp = ic->ic_ifp; 1191 struct mbuf *mnew, *m; 1192 struct ieee80211_node *ni; 1193 int type, error, framelen; 1194 IWI_LOCK_DECL; 1195 1196 framelen = le16toh(frame->len); 1197 if (framelen < IEEE80211_MIN_LEN || framelen > MCLBYTES) { 1198 /* 1199 * XXX >MCLBYTES is bogus as it means the h/w dma'd 1200 * out of bounds; need to figure out how to limit 1201 * frame size in the firmware 1202 */ 1203 /* XXX stat */ 1204 DPRINTFN(1, 1205 ("drop rx frame len=%u chan=%u rssi=%u rssi_dbm=%u\n", 1206 le16toh(frame->len), frame->chan, frame->rssi, 1207 frame->rssi_dbm)); 1208 return; 1209 } 1210 1211 DPRINTFN(5, ("received frame len=%u chan=%u rssi=%u rssi_dbm=%u\n", 1212 le16toh(frame->len), frame->chan, frame->rssi, frame->rssi_dbm)); 1213 1214 if (frame->chan != sc->curchan) 1215 iwi_setcurchan(sc, frame->chan); 1216 1217 /* 1218 * Try to allocate a new mbuf for this ring element and load it before 1219 * processing the current mbuf. If the ring element cannot be loaded, 1220 * drop the received packet and reuse the old mbuf. In the unlikely 1221 * case that the old mbuf can't be reloaded either, explicitly panic. 1222 */ 1223 mnew = m_getcl(M_DONTWAIT, MT_DATA, M_PKTHDR); 1224 if (mnew == NULL) { 1225 ifp->if_ierrors++; 1226 return; 1227 } 1228 1229 bus_dmamap_unload(sc->rxq.data_dmat, data->map); 1230 1231 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1232 mtod(mnew, void *), MCLBYTES, iwi_dma_map_addr, &data->physaddr, 1233 0); 1234 if (error != 0) { 1235 m_freem(mnew); 1236 1237 /* try to reload the old mbuf */ 1238 error = bus_dmamap_load(sc->rxq.data_dmat, data->map, 1239 mtod(data->m, void *), MCLBYTES, iwi_dma_map_addr, 1240 &data->physaddr, 0); 1241 if (error != 0) { 1242 /* very unlikely that it will fail... */ 1243 panic("%s: could not load old rx mbuf", 1244 device_get_name(sc->sc_dev)); 1245 } 1246 ifp->if_ierrors++; 1247 return; 1248 } 1249 1250 /* 1251 * New mbuf successfully loaded, update Rx ring and continue 1252 * processing. 1253 */ 1254 m = data->m; 1255 data->m = mnew; 1256 CSR_WRITE_4(sc, data->reg, data->physaddr); 1257 1258 /* finalize mbuf */ 1259 m->m_pkthdr.rcvif = ifp; 1260 m->m_pkthdr.len = m->m_len = sizeof (struct iwi_hdr) + 1261 sizeof (struct iwi_frame) + framelen; 1262 1263 m_adj(m, sizeof (struct iwi_hdr) + sizeof (struct iwi_frame)); 1264 1265 if (bpf_peers_present(sc->sc_drvbpf)) { 1266 struct iwi_rx_radiotap_header *tap = &sc->sc_rxtap; 1267 1268 tap->wr_flags = 0; 1269 tap->wr_rate = iwi_cvtrate(frame->rate); 1270 tap->wr_antsignal = frame->signal; 1271 tap->wr_antenna = frame->antenna; 1272 1273 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1274 } 1275 IWI_UNLOCK(sc); 1276 1277 ni = ieee80211_find_rxnode(ic, mtod(m, struct ieee80211_frame_min *)); 1278 1279 /* send the frame to the 802.11 layer */ 1280 type = ieee80211_input(ic, m, ni, frame->rssi_dbm, 0, 0); 1281 1282 /* node is no longer needed */ 1283 ieee80211_free_node(ni); 1284 1285 IWI_LOCK(sc); 1286 if (sc->sc_softled) { 1287 /* 1288 * Blink for any data frame. Otherwise do a 1289 * heartbeat-style blink when idle. The latter 1290 * is mainly for station mode where we depend on 1291 * periodic beacon frames to trigger the poll event. 1292 */ 1293 if (type == IEEE80211_FC0_TYPE_DATA) { 1294 sc->sc_rxrate = frame->rate; 1295 iwi_led_event(sc, IWI_LED_RX); 1296 } else if (ticks - sc->sc_ledevent >= sc->sc_ledidle) 1297 iwi_led_event(sc, IWI_LED_POLL); 1298 } 1299} 1300 1301/* unaligned little endian access */ 1302#define LE_READ_2(p) \ 1303 ((u_int16_t) \ 1304 ((((const u_int8_t *)(p))[0] ) | \ 1305 (((const u_int8_t *)(p))[1] << 8))) 1306#define LE_READ_4(p) \ 1307 ((u_int32_t) \ 1308 ((((const u_int8_t *)(p))[0] ) | \ 1309 (((const u_int8_t *)(p))[1] << 8) | \ 1310 (((const u_int8_t *)(p))[2] << 16) | \ 1311 (((const u_int8_t *)(p))[3] << 24))) 1312 1313#define IEEE80211_VERIFY_LENGTH(_len, _minlen) do { \ 1314 if ((_len) < (_minlen)) { \ 1315 return; \ 1316 } \ 1317} while (0) 1318 1319static int __inline 1320iswmeoui(const u_int8_t *frm) 1321{ 1322 return frm[1] > 3 && LE_READ_4(frm+2) == ((WME_OUI_TYPE<<24)|WME_OUI); 1323} 1324 1325/* 1326 * Check for an association response frame to see if QoS 1327 * has been negotiated. We parse just enough to figure 1328 * out if we're supposed to use QoS. The proper solution 1329 * is to pass the frame up so ieee80211_input can do the 1330 * work but that's made hard by how things currently are 1331 * done in the driver. 1332 */ 1333static void 1334iwi_checkforqos(struct iwi_softc *sc, const struct ieee80211_frame *wh, int len) 1335{ 1336#define SUBTYPE(wh) ((wh)->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) 1337 const uint8_t *frm, *efrm, *wme; 1338 struct ieee80211_node *ni; 1339 uint16_t capinfo, status, associd; 1340 1341 /* NB: +8 for capinfo, status, associd, and first ie */ 1342 if (!(sizeof(*wh)+8 < len && len < IEEE80211_MAX_LEN) || 1343 SUBTYPE(wh) != IEEE80211_FC0_SUBTYPE_ASSOC_RESP) 1344 return; 1345 /* 1346 * asresp frame format 1347 * [2] capability information 1348 * [2] status 1349 * [2] association ID 1350 * [tlv] supported rates 1351 * [tlv] extended supported rates 1352 * [tlv] WME 1353 */ 1354 frm = (const uint8_t *)&wh[1]; 1355 efrm = ((const uint8_t *) wh) + len; 1356 1357 capinfo = le16toh(*(const uint16_t *)frm); 1358 frm += 2; 1359 status = le16toh(*(const uint16_t *)frm); 1360 frm += 2; 1361 associd = le16toh(*(const uint16_t *)frm); 1362 frm += 2; 1363 1364 wme = NULL; 1365 while (frm < efrm) { 1366 IEEE80211_VERIFY_LENGTH(efrm - frm, frm[1]); 1367 switch (*frm) { 1368 case IEEE80211_ELEMID_VENDOR: 1369 if (iswmeoui(frm)) 1370 wme = frm; 1371 break; 1372 } 1373 frm += frm[1] + 2; 1374 } 1375 1376 ni = sc->sc_ic.ic_bss; 1377 ni->ni_capinfo = capinfo; 1378 ni->ni_associd = associd; 1379 if (wme != NULL) 1380 ni->ni_flags |= IEEE80211_NODE_QOS; 1381 else 1382 ni->ni_flags &= ~IEEE80211_NODE_QOS; 1383#undef SUBTYPE 1384} 1385 1386static void 1387iwi_notification_intr(struct iwi_softc *sc, struct iwi_notif *notif) 1388{ 1389 struct ieee80211com *ic = &sc->sc_ic; 1390 struct iwi_notif_scan_channel *chan; 1391 struct iwi_notif_scan_complete *scan; 1392 struct iwi_notif_authentication *auth; 1393 struct iwi_notif_association *assoc; 1394 struct iwi_notif_beacon_state *beacon; 1395 1396 switch (notif->type) { 1397 case IWI_NOTIF_TYPE_SCAN_CHANNEL: 1398 chan = (struct iwi_notif_scan_channel *)(notif + 1); 1399 1400 DPRINTFN(3, ("Scan of channel %u complete (%u)\n", 1401 ieee80211_ieee2mhz(chan->nchan, 0), chan->nchan)); 1402 1403 /* Reset the timer, the scan is still going */ 1404 sc->sc_state_timer = 3; 1405 break; 1406 1407 case IWI_NOTIF_TYPE_SCAN_COMPLETE: 1408 scan = (struct iwi_notif_scan_complete *)(notif + 1); 1409 1410 DPRINTFN(2, ("Scan completed (%u, %u)\n", scan->nchan, 1411 scan->status)); 1412 1413 IWI_STATE_END(sc, IWI_FW_SCANNING); 1414 1415 if (scan->status == IWI_SCAN_COMPLETED) 1416 ieee80211_scan_next(ic); 1417 1418 break; 1419 1420 case IWI_NOTIF_TYPE_AUTHENTICATION: 1421 auth = (struct iwi_notif_authentication *)(notif + 1); 1422 1423 switch (auth->state) { 1424 case IWI_AUTH_SUCCESS: 1425 DPRINTFN(2, ("Authentication succeeeded\n")); 1426 ieee80211_node_authorize(ic->ic_bss); 1427 ieee80211_new_state(ic, IEEE80211_S_ASSOC, -1); 1428 break; 1429 1430 case IWI_AUTH_FAIL: 1431 DPRINTFN(2, ("Authentication failed\n")); 1432 sc->flags &= ~IWI_FLAG_ASSOCIATED; 1433 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1434 /* XXX */ 1435 break; 1436 1437 case IWI_AUTH_SENT_1: 1438 case IWI_AUTH_RECV_2: 1439 case IWI_AUTH_SEQ1_PASS: 1440 break; 1441 1442 case IWI_AUTH_SEQ1_FAIL: 1443 DPRINTFN(2, ("Initial authentication handshake failed; " 1444 "you probably need shared key\n")); 1445 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1446 /* XXX retry shared key when in auto */ 1447 break; 1448 1449 default: 1450 device_printf(sc->sc_dev, 1451 "unknown authentication state %u\n", auth->state); 1452 } 1453 break; 1454 1455 case IWI_NOTIF_TYPE_ASSOCIATION: 1456 assoc = (struct iwi_notif_association *)(notif + 1); 1457 1458 switch (assoc->state) { 1459 case IWI_AUTH_SUCCESS: 1460 /* re-association, do nothing */ 1461 break; 1462 1463 case IWI_ASSOC_SUCCESS: 1464 DPRINTFN(2, ("Association succeeded\n")); 1465 sc->flags |= IWI_FLAG_ASSOCIATED; 1466 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1467 iwi_checkforqos(sc, 1468 (const struct ieee80211_frame *)(assoc+1), 1469 le16toh(notif->len) - sizeof(*assoc)); 1470 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1471 break; 1472 1473 case IWI_ASSOC_INIT: 1474 switch (sc->fw_state) { 1475 case IWI_FW_ASSOCIATING: 1476 DPRINTFN(2, ("Association failed\n")); 1477 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 1478 ieee80211_new_state(ic, 1479 IEEE80211_S_SCAN, -1); 1480 break; 1481 1482 case IWI_FW_DISASSOCIATING: 1483 DPRINTFN(2, ("Dissassociated\n")); 1484 IWI_STATE_END(sc, 1485 IWI_FW_DISASSOCIATING); 1486 break; 1487 } 1488 sc->flags &= ~IWI_FLAG_ASSOCIATED; 1489 break; 1490 1491 default: 1492 device_printf(sc->sc_dev, 1493 "unknown association state %u\n", assoc->state); 1494 } 1495 break; 1496 1497 case IWI_NOTIF_TYPE_BEACON: 1498 /* XXX check struct length */ 1499 beacon = (struct iwi_notif_beacon_state *)(notif + 1); 1500 1501 DPRINTFN(5, ("Beacon state (%u, %u)\n", 1502 beacon->state, le32toh(beacon->number))); 1503 1504 if (beacon->state == IWI_BEACON_MISS) { 1505 /* 1506 * The firmware notifies us of every beacon miss 1507 * so we need to track the count against the 1508 * configured threshold before notifying the 1509 * 802.11 layer. 1510 * XXX try to roam, drop assoc only on much higher count 1511 */ 1512 if (le32toh(beacon->number) >= ic->ic_bmissthreshold) { 1513 DPRINTF(("Beacon miss: %u >= %u\n", 1514 le32toh(beacon->number), 1515 ic->ic_bmissthreshold)); 1516 ieee80211_beacon_miss(ic); 1517 } 1518 } 1519 break; 1520 1521 case IWI_NOTIF_TYPE_CALIBRATION: 1522 case IWI_NOTIF_TYPE_NOISE: 1523 case IWI_NOTIF_TYPE_LINK_QUALITY: 1524 DPRINTFN(5, ("Notification (%u)\n", notif->type)); 1525 break; 1526 1527 default: 1528 DPRINTF(("unknown notification type %u flags 0x%x len %u\n", 1529 notif->type, notif->flags, le16toh(notif->len))); 1530 } 1531} 1532 1533static void 1534iwi_rx_intr(struct iwi_softc *sc) 1535{ 1536 struct iwi_rx_data *data; 1537 struct iwi_hdr *hdr; 1538 uint32_t hw; 1539 1540 hw = CSR_READ_4(sc, IWI_CSR_RX_RIDX); 1541 1542 for (; sc->rxq.cur != hw;) { 1543 data = &sc->rxq.data[sc->rxq.cur]; 1544 1545 bus_dmamap_sync(sc->rxq.data_dmat, data->map, 1546 BUS_DMASYNC_POSTREAD); 1547 1548 hdr = mtod(data->m, struct iwi_hdr *); 1549 1550 switch (hdr->type) { 1551 case IWI_HDR_TYPE_FRAME: 1552 iwi_frame_intr(sc, data, sc->rxq.cur, 1553 (struct iwi_frame *)(hdr + 1)); 1554 break; 1555 1556 case IWI_HDR_TYPE_NOTIF: 1557 iwi_notification_intr(sc, 1558 (struct iwi_notif *)(hdr + 1)); 1559 break; 1560 1561 default: 1562 device_printf(sc->sc_dev, "unknown hdr type %u\n", 1563 hdr->type); 1564 } 1565 1566 DPRINTFN(15, ("rx done idx=%u\n", sc->rxq.cur)); 1567 1568 sc->rxq.cur = (sc->rxq.cur + 1) % IWI_RX_RING_COUNT; 1569 } 1570 1571 /* tell the firmware what we have processed */ 1572 hw = (hw == 0) ? IWI_RX_RING_COUNT - 1 : hw - 1; 1573 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, hw); 1574} 1575 1576static void 1577iwi_tx_intr(struct iwi_softc *sc, struct iwi_tx_ring *txq) 1578{ 1579 struct ieee80211com *ic = &sc->sc_ic; 1580 struct ifnet *ifp = ic->ic_ifp; 1581 struct iwi_tx_data *data; 1582 uint32_t hw; 1583 1584 hw = CSR_READ_4(sc, txq->csr_ridx); 1585 1586 for (; txq->next != hw;) { 1587 data = &txq->data[txq->next]; 1588 1589 bus_dmamap_sync(txq->data_dmat, data->map, 1590 BUS_DMASYNC_POSTWRITE); 1591 bus_dmamap_unload(txq->data_dmat, data->map); 1592 if (data->m->m_flags & M_TXCB) 1593 ieee80211_process_callback(data->ni, data->m, 0/*XXX*/); 1594 m_freem(data->m); 1595 data->m = NULL; 1596 ieee80211_free_node(data->ni); 1597 data->ni = NULL; 1598 1599 DPRINTFN(15, ("tx done idx=%u\n", txq->next)); 1600 1601 ifp->if_opackets++; 1602 1603 txq->queued--; 1604 txq->next = (txq->next + 1) % IWI_TX_RING_COUNT; 1605 } 1606 1607 sc->sc_tx_timer = 0; 1608 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1609 1610 if (sc->sc_softled) 1611 iwi_led_event(sc, IWI_LED_TX); 1612 1613 iwi_start(ifp); 1614} 1615 1616static void 1617iwi_intr(void *arg) 1618{ 1619 struct iwi_softc *sc = arg; 1620 uint32_t r; 1621 IWI_LOCK_DECL; 1622 1623 IWI_LOCK(sc); 1624 1625 if ((r = CSR_READ_4(sc, IWI_CSR_INTR)) == 0 || r == 0xffffffff) { 1626 IWI_UNLOCK(sc); 1627 return; 1628 } 1629 1630 /* acknowledge interrupts */ 1631 CSR_WRITE_4(sc, IWI_CSR_INTR, r); 1632 1633 if (r & IWI_INTR_FATAL_ERROR) { 1634 device_printf(sc->sc_dev, "firmware error\n"); 1635 /* don't restart if the interface isn't up */ 1636 if (sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING) 1637 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 1638 1639 sc->flags &= ~IWI_FLAG_BUSY; 1640 sc->sc_busy_timer = 0; 1641 wakeup(sc); 1642 } 1643 1644 if (r & IWI_INTR_FW_INITED) { 1645 if (!(r & (IWI_INTR_FATAL_ERROR | IWI_INTR_PARITY_ERROR))) 1646 wakeup(sc); 1647 } 1648 1649 if (r & IWI_INTR_RADIO_OFF) 1650 taskqueue_enqueue(sc->sc_tq, &sc->sc_radiofftask); 1651 1652 if (r & IWI_INTR_CMD_DONE) { 1653 sc->flags &= ~IWI_FLAG_BUSY; 1654 sc->sc_busy_timer = 0; 1655 wakeup(sc); 1656 } 1657 1658 if (r & IWI_INTR_TX1_DONE) 1659 iwi_tx_intr(sc, &sc->txq[0]); 1660 1661 if (r & IWI_INTR_TX2_DONE) 1662 iwi_tx_intr(sc, &sc->txq[1]); 1663 1664 if (r & IWI_INTR_TX3_DONE) 1665 iwi_tx_intr(sc, &sc->txq[2]); 1666 1667 if (r & IWI_INTR_TX4_DONE) 1668 iwi_tx_intr(sc, &sc->txq[3]); 1669 1670 if (r & IWI_INTR_RX_DONE) 1671 iwi_rx_intr(sc); 1672 1673 if (r & IWI_INTR_PARITY_ERROR) { 1674 /* XXX rate-limit */ 1675 device_printf(sc->sc_dev, "parity error\n"); 1676 } 1677 1678 IWI_UNLOCK(sc); 1679} 1680 1681static int 1682iwi_cmd(struct iwi_softc *sc, uint8_t type, void *data, uint8_t len) 1683{ 1684 struct iwi_cmd_desc *desc; 1685 1686 IWI_LOCK_ASSERT(sc); 1687 1688 if (sc->flags & IWI_FLAG_BUSY) { 1689 device_printf(sc->sc_dev, "%s: cmd %d not sent, busy\n", 1690 __func__, type); 1691 return EAGAIN; 1692 } 1693 sc->flags |= IWI_FLAG_BUSY; 1694 sc->sc_busy_timer = 2; 1695 1696 desc = &sc->cmdq.desc[sc->cmdq.cur]; 1697 1698 desc->hdr.type = IWI_HDR_TYPE_COMMAND; 1699 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1700 desc->type = type; 1701 desc->len = len; 1702 memcpy(desc->data, data, len); 1703 1704 bus_dmamap_sync(sc->cmdq.desc_dmat, sc->cmdq.desc_map, 1705 BUS_DMASYNC_PREWRITE); 1706 1707 DPRINTFN(2, ("sending command idx=%u type=%u len=%u\n", sc->cmdq.cur, 1708 type, len)); 1709 1710 sc->cmdq.cur = (sc->cmdq.cur + 1) % IWI_CMD_RING_COUNT; 1711 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 1712 1713 return msleep(sc, &sc->sc_mtx, 0, "iwicmd", hz); 1714} 1715 1716static void 1717iwi_write_ibssnode(struct iwi_softc *sc, 1718 const u_int8_t addr[IEEE80211_ADDR_LEN], int entry) 1719{ 1720 struct iwi_ibssnode node; 1721 1722 /* write node information into NIC memory */ 1723 memset(&node, 0, sizeof node); 1724 IEEE80211_ADDR_COPY(node.bssid, addr); 1725 1726 DPRINTF(("%s mac %6D station %u\n", __func__, node.bssid, ":", entry)); 1727 1728 CSR_WRITE_REGION_1(sc, 1729 IWI_CSR_NODE_BASE + entry * sizeof node, 1730 (uint8_t *)&node, sizeof node); 1731} 1732 1733static int 1734iwi_tx_start(struct ifnet *ifp, struct mbuf *m0, struct ieee80211_node *ni, 1735 int ac) 1736{ 1737 struct iwi_softc *sc = ifp->if_softc; 1738 struct ieee80211com *ic = &sc->sc_ic; 1739 struct iwi_node *in = (struct iwi_node *)ni; 1740 const struct ieee80211_frame *wh; 1741 struct ieee80211_key *k; 1742 const struct chanAccParams *cap; 1743 struct iwi_tx_ring *txq = &sc->txq[ac]; 1744 struct iwi_tx_data *data; 1745 struct iwi_tx_desc *desc; 1746 struct mbuf *mnew; 1747 bus_dma_segment_t segs[IWI_MAX_NSEG]; 1748 int error, nsegs, hdrlen, i; 1749 int ismcast, flags, xflags, staid; 1750 1751 IWI_LOCK_ASSERT(sc); 1752 wh = mtod(m0, const struct ieee80211_frame *); 1753 /* NB: only data frames use this path */ 1754 hdrlen = ieee80211_hdrsize(wh); 1755 ismcast = IEEE80211_IS_MULTICAST(wh->i_addr1); 1756 flags = xflags = 0; 1757 1758 if (!ismcast) 1759 flags |= IWI_DATA_FLAG_NEED_ACK; 1760 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1761 flags |= IWI_DATA_FLAG_SHPREAMBLE; 1762 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1763 xflags |= IWI_DATA_XFLAG_QOS; 1764 cap = &ic->ic_wme.wme_chanParams; 1765 if (!cap->cap_wmeParams[ac].wmep_noackPolicy) 1766 flags &= ~IWI_DATA_FLAG_NEED_ACK; 1767 } 1768 1769 /* 1770 * This is only used in IBSS mode where the firmware expect an index 1771 * in a h/w table instead of a destination address. 1772 */ 1773 if (ic->ic_opmode == IEEE80211_M_IBSS) { 1774 if (!ismcast) { 1775 if (in->in_station == -1) { 1776 in->in_station = alloc_unr(sc->sc_unr); 1777 if (in->in_station == -1) { 1778 /* h/w table is full */ 1779 m_freem(m0); 1780 ieee80211_free_node(ni); 1781 ifp->if_oerrors++; 1782 return 0; 1783 } 1784 iwi_write_ibssnode(sc, 1785 ni->ni_macaddr, in->in_station); 1786 } 1787 staid = in->in_station; 1788 } else { 1789 /* 1790 * Multicast addresses have no associated node 1791 * so there will be no station entry. We reserve 1792 * entry 0 for one mcast address and use that. 1793 * If there are many being used this will be 1794 * expensive and we'll need to do a better job 1795 * but for now this handles the broadcast case. 1796 */ 1797 if (!IEEE80211_ADDR_EQ(wh->i_addr1, sc->sc_mcast)) { 1798 IEEE80211_ADDR_COPY(sc->sc_mcast, wh->i_addr1); 1799 iwi_write_ibssnode(sc, sc->sc_mcast, 0); 1800 } 1801 staid = 0; 1802 } 1803 } else 1804 staid = 0; 1805 1806 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1807 k = ieee80211_crypto_encap(ic, ni, m0); 1808 if (k == NULL) { 1809 m_freem(m0); 1810 return ENOBUFS; 1811 } 1812 1813 /* packet header may have moved, reset our local pointer */ 1814 wh = mtod(m0, struct ieee80211_frame *); 1815 } 1816 1817 if (bpf_peers_present(sc->sc_drvbpf)) { 1818 struct iwi_tx_radiotap_header *tap = &sc->sc_txtap; 1819 1820 tap->wt_flags = 0; 1821 1822 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1823 } 1824 1825 data = &txq->data[txq->cur]; 1826 desc = &txq->desc[txq->cur]; 1827 1828 /* save and trim IEEE802.11 header */ 1829 m_copydata(m0, 0, hdrlen, (caddr_t)&desc->wh); 1830 m_adj(m0, hdrlen); 1831 1832 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, m0, segs, 1833 &nsegs, 0); 1834 if (error != 0 && error != EFBIG) { 1835 device_printf(sc->sc_dev, "could not map mbuf (error %d)\n", 1836 error); 1837 m_freem(m0); 1838 return error; 1839 } 1840 if (error != 0) { 1841 mnew = m_defrag(m0, M_DONTWAIT); 1842 if (mnew == NULL) { 1843 device_printf(sc->sc_dev, 1844 "could not defragment mbuf\n"); 1845 m_freem(m0); 1846 return ENOBUFS; 1847 } 1848 m0 = mnew; 1849 1850 error = bus_dmamap_load_mbuf_sg(txq->data_dmat, data->map, 1851 m0, segs, &nsegs, 0); 1852 if (error != 0) { 1853 device_printf(sc->sc_dev, 1854 "could not map mbuf (error %d)\n", error); 1855 m_freem(m0); 1856 return error; 1857 } 1858 } 1859 1860 data->m = m0; 1861 data->ni = ni; 1862 1863 desc->hdr.type = IWI_HDR_TYPE_DATA; 1864 desc->hdr.flags = IWI_HDR_FLAG_IRQ; 1865 desc->station = staid; 1866 desc->cmd = IWI_DATA_CMD_TX; 1867 desc->len = htole16(m0->m_pkthdr.len); 1868 desc->flags = flags; 1869 desc->xflags = xflags; 1870 1871#if 0 1872 if (ic->ic_flags & IEEE80211_F_PRIVACY) 1873 desc->wep_txkey = ic->ic_crypto.cs_def_txkey; 1874 else 1875#endif 1876 desc->flags |= IWI_DATA_FLAG_NO_WEP; 1877 1878 desc->nseg = htole32(nsegs); 1879 for (i = 0; i < nsegs; i++) { 1880 desc->seg_addr[i] = htole32(segs[i].ds_addr); 1881 desc->seg_len[i] = htole16(segs[i].ds_len); 1882 } 1883 1884 bus_dmamap_sync(txq->data_dmat, data->map, BUS_DMASYNC_PREWRITE); 1885 bus_dmamap_sync(txq->desc_dmat, txq->desc_map, BUS_DMASYNC_PREWRITE); 1886 1887 DPRINTFN(5, ("sending data frame txq=%u idx=%u len=%u nseg=%u\n", 1888 ac, txq->cur, le16toh(desc->len), nsegs)); 1889 1890 txq->queued++; 1891 txq->cur = (txq->cur + 1) % IWI_TX_RING_COUNT; 1892 CSR_WRITE_4(sc, txq->csr_widx, txq->cur); 1893 1894 return 0; 1895} 1896 1897static void 1898iwi_start(struct ifnet *ifp) 1899{ 1900 struct iwi_softc *sc = ifp->if_softc; 1901 struct ieee80211com *ic = &sc->sc_ic; 1902 struct mbuf *m0; 1903 struct ether_header *eh; 1904 struct ieee80211_node *ni; 1905 int ac; 1906 IWI_LOCK_DECL; 1907 1908 IWI_LOCK(sc); 1909 1910 if (ic->ic_state != IEEE80211_S_RUN) { 1911 IWI_UNLOCK(sc); 1912 return; 1913 } 1914 1915 for (;;) { 1916 IF_DEQUEUE(&ic->ic_mgtq, m0); 1917 if (m0 == NULL) { 1918 IFQ_DRV_DEQUEUE(&ifp->if_snd, m0); 1919 if (m0 == NULL) 1920 break; 1921 1922 if (m0->m_len < sizeof (struct ether_header) && 1923 (m0 = m_pullup(m0, sizeof (struct ether_header))) == NULL) { 1924 ifp->if_oerrors++; 1925 continue; 1926 } 1927 eh = mtod(m0, struct ether_header *); 1928 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1929 if (ni == NULL) { 1930 m_freem(m0); 1931 ifp->if_oerrors++; 1932 continue; 1933 } 1934 1935 /* classify mbuf so we can find which tx ring to use */ 1936 if (ieee80211_classify(ic, m0, ni) != 0) { 1937 m_freem(m0); 1938 ieee80211_free_node(ni); 1939 ifp->if_oerrors++; 1940 continue; 1941 } 1942 1943 /* XXX does not belong here */ 1944 /* no QoS encapsulation for EAPOL frames */ 1945 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1946 M_WME_GETAC(m0) : WME_AC_BE; 1947 1948 if (sc->txq[ac].queued > IWI_TX_RING_COUNT - 8) { 1949 /* there is no place left in this ring */ 1950 IFQ_DRV_PREPEND(&ifp->if_snd, m0); 1951 ifp->if_drv_flags |= IFF_DRV_OACTIVE; 1952 break; 1953 } 1954 1955 BPF_MTAP(ifp, m0); 1956 1957 m0 = ieee80211_encap(ic, m0, ni); 1958 if (m0 == NULL) { 1959 ieee80211_free_node(ni); 1960 ifp->if_oerrors++; 1961 continue; 1962 } 1963 } else { 1964 ni = (struct ieee80211_node *) m0->m_pkthdr.rcvif; 1965 m0->m_pkthdr.rcvif = NULL; 1966 /* XXX no way to send mgt frames (yet), discard */ 1967 m_freem(m0); 1968 ieee80211_free_node(ni); 1969 continue; 1970 } 1971 1972 if (bpf_peers_present(ic->ic_rawbpf)) 1973 bpf_mtap(ic->ic_rawbpf, m0); 1974 1975 if (iwi_tx_start(ifp, m0, ni, ac) != 0) { 1976 ieee80211_free_node(ni); 1977 ifp->if_oerrors++; 1978 break; 1979 } 1980 1981 sc->sc_tx_timer = 5; 1982 } 1983 1984 IWI_UNLOCK(sc); 1985} 1986 1987static void 1988iwi_watchdog(void *arg) 1989{ 1990 struct iwi_softc *sc = arg; 1991 struct ifnet *ifp = sc->sc_ifp; 1992 1993 IWI_LOCK_ASSERT(sc); 1994 1995 if (sc->sc_tx_timer > 0) { 1996 if (--sc->sc_tx_timer == 0) { 1997 if_printf(ifp, "device timeout\n"); 1998 ifp->if_oerrors++; 1999 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2000 } 2001 } 2002 if (sc->sc_rfkill_timer > 0) { 2003 if (--sc->sc_rfkill_timer == 0) { 2004 /* 2005 * Check for a change in rfkill state. We get an 2006 * interrupt when a radio is disabled but not when 2007 * it is enabled so we must poll for the latter. 2008 */ 2009 if (!iwi_getrfkill(sc)) 2010 taskqueue_enqueue(sc->sc_tq, &sc->sc_radiontask); 2011 else 2012 sc->sc_rfkill_timer = 2; 2013 } 2014 } 2015 if (sc->sc_state_timer > 0) { 2016 if (--sc->sc_state_timer == 0) { 2017 if_printf(ifp, "firmware stuck in state %d, resetting\n", 2018 sc->fw_state); 2019 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2020 if (sc->fw_state == IWI_FW_SCANNING) 2021 ieee80211_cancel_scan(&sc->sc_ic); 2022 sc->sc_state_timer = 3; 2023 } 2024 } 2025 if (sc->sc_busy_timer > 0) { 2026 if (--sc->sc_busy_timer == 0) { 2027 if_printf(ifp, "firmware command timeout, resetting\n"); 2028 taskqueue_enqueue(sc->sc_tq2, &sc->sc_restarttask); 2029 } 2030 } 2031 2032 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2033 callout_reset(&sc->sc_wdtimer, hz, iwi_watchdog, sc); 2034} 2035 2036static int 2037iwi_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 2038{ 2039 struct iwi_softc *sc = ifp->if_softc; 2040 struct ieee80211com *ic = &sc->sc_ic; 2041 int error = 0; 2042 IWI_LOCK_DECL; 2043 2044 IWI_LOCK(sc); 2045 2046 /* 2047 * wait until pending iwi_cmd() are completed, to avoid races 2048 * that could cause problems. 2049 */ 2050 while (sc->flags & IWI_FLAG_BUSY) 2051 msleep(sc, &sc->sc_mtx, 0, "iwiioctl", hz); 2052 2053 switch (cmd) { 2054 case SIOCSIFFLAGS: 2055 if (ifp->if_flags & IFF_UP) { 2056 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) 2057 iwi_init_locked(sc, 0); 2058 } else { 2059 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 2060 iwi_stop(sc); 2061 else { 2062 /* 2063 * If device was stopped due to rfkill then 2064 * marked down we'll have the polling thread 2065 * running; stop it explicitly. 2066 */ 2067 sc->sc_rfkill_timer = 0; 2068 } 2069 } 2070 break; 2071 2072 default: 2073 error = ieee80211_ioctl(ic, cmd, data); 2074 } 2075 2076 if (error == ENETRESET) { 2077 if ((ifp->if_flags & IFF_UP) && 2078 (ifp->if_drv_flags & IFF_DRV_RUNNING) && 2079 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2080 iwi_init_locked(sc, 0); 2081 error = 0; 2082 } 2083 2084 IWI_UNLOCK(sc); 2085 2086 return error; 2087} 2088 2089static void 2090iwi_stop_master(struct iwi_softc *sc) 2091{ 2092 uint32_t tmp; 2093 int ntries; 2094 2095 /* disable interrupts */ 2096 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, 0); 2097 2098 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_STOP_MASTER); 2099 for (ntries = 0; ntries < 5; ntries++) { 2100 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2101 break; 2102 DELAY(10); 2103 } 2104 if (ntries == 5) 2105 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2106 2107 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2108 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_PRINCETON_RESET); 2109 2110 sc->flags &= ~IWI_FLAG_FW_INITED; 2111} 2112 2113static int 2114iwi_reset(struct iwi_softc *sc) 2115{ 2116 uint32_t tmp; 2117 int i, ntries; 2118 2119 iwi_stop_master(sc); 2120 2121 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2122 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2123 2124 CSR_WRITE_4(sc, IWI_CSR_READ_INT, IWI_READ_INT_INIT_HOST); 2125 2126 /* wait for clock stabilization */ 2127 for (ntries = 0; ntries < 1000; ntries++) { 2128 if (CSR_READ_4(sc, IWI_CSR_CTL) & IWI_CTL_CLOCK_READY) 2129 break; 2130 DELAY(200); 2131 } 2132 if (ntries == 1000) { 2133 device_printf(sc->sc_dev, 2134 "timeout waiting for clock stabilization\n"); 2135 return EIO; 2136 } 2137 2138 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2139 CSR_WRITE_4(sc, IWI_CSR_RST, tmp | IWI_RST_SOFT_RESET); 2140 2141 DELAY(10); 2142 2143 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2144 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_INIT); 2145 2146 /* clear NIC memory */ 2147 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0); 2148 for (i = 0; i < 0xc000; i++) 2149 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2150 2151 return 0; 2152} 2153 2154static const struct iwi_firmware_ohdr * 2155iwi_setup_ofw(struct iwi_softc *sc, struct iwi_fw *fw) 2156{ 2157 const struct firmware *fp = fw->fp; 2158 const struct iwi_firmware_ohdr *hdr; 2159 2160 if (fp->datasize < sizeof (struct iwi_firmware_ohdr)) { 2161 device_printf(sc->sc_dev, "image '%s' too small\n", fp->name); 2162 return NULL; 2163 } 2164 hdr = (const struct iwi_firmware_ohdr *)fp->data; 2165 if ((IWI_FW_GET_MAJOR(le32toh(hdr->version)) != IWI_FW_REQ_MAJOR) || 2166 (IWI_FW_GET_MINOR(le32toh(hdr->version)) != IWI_FW_REQ_MINOR)) { 2167 device_printf(sc->sc_dev, "version for '%s' %d.%d != %d.%d\n", 2168 fp->name, IWI_FW_GET_MAJOR(le32toh(hdr->version)), 2169 IWI_FW_GET_MINOR(le32toh(hdr->version)), IWI_FW_REQ_MAJOR, 2170 IWI_FW_REQ_MINOR); 2171 return NULL; 2172 } 2173 fw->data = ((const char *) fp->data) + sizeof(struct iwi_firmware_ohdr); 2174 fw->size = fp->datasize - sizeof(struct iwi_firmware_ohdr); 2175 fw->name = fp->name; 2176 return hdr; 2177} 2178 2179static const struct iwi_firmware_ohdr * 2180iwi_setup_oucode(struct iwi_softc *sc, struct iwi_fw *fw) 2181{ 2182 const struct iwi_firmware_ohdr *hdr; 2183 2184 hdr = iwi_setup_ofw(sc, fw); 2185 if (hdr != NULL && le32toh(hdr->mode) != IWI_FW_MODE_UCODE) { 2186 device_printf(sc->sc_dev, "%s is not a ucode image\n", 2187 fw->name); 2188 hdr = NULL; 2189 } 2190 return hdr; 2191} 2192 2193static void 2194iwi_getfw(struct iwi_fw *fw, const char *fwname, 2195 struct iwi_fw *uc, const char *ucname) 2196{ 2197 if (fw->fp == NULL) 2198 fw->fp = firmware_get(fwname); 2199 /* NB: pre-3.0 ucode is packaged separately */ 2200 if (uc->fp == NULL && fw->fp != NULL && fw->fp->version < 300) 2201 uc->fp = firmware_get(ucname); 2202} 2203 2204/* 2205 * Get the required firmware images if not already loaded. 2206 * Note that we hold firmware images so long as the device 2207 * is marked up in case we need to reload them on device init. 2208 * This is necessary because we re-init the device sometimes 2209 * from a context where we cannot read from the filesystem 2210 * (e.g. from the taskqueue thread when rfkill is re-enabled). 2211 * XXX return 0 on success, 1 on error. 2212 * 2213 * NB: the order of get'ing and put'ing images here is 2214 * intentional to support handling firmware images bundled 2215 * by operating mode and/or all together in one file with 2216 * the boot firmware as "master". 2217 */ 2218static int 2219iwi_get_firmware(struct iwi_softc *sc) 2220{ 2221 struct ieee80211com *ic = &sc->sc_ic; 2222 const struct iwi_firmware_hdr *hdr; 2223 const struct firmware *fp; 2224 2225 /* invalidate cached firmware on mode change */ 2226 if (sc->fw_mode != ic->ic_opmode) 2227 iwi_put_firmware(sc); 2228 2229 switch (ic->ic_opmode) { 2230 case IEEE80211_M_STA: 2231 iwi_getfw(&sc->fw_fw, "iwi_bss", &sc->fw_uc, "iwi_ucode_bss"); 2232 break; 2233 2234 case IEEE80211_M_IBSS: 2235 iwi_getfw(&sc->fw_fw, "iwi_ibss", &sc->fw_uc, "iwi_ucode_ibss"); 2236 break; 2237 2238 case IEEE80211_M_MONITOR: 2239 iwi_getfw(&sc->fw_fw, "iwi_monitor", 2240 &sc->fw_uc, "iwi_ucode_monitor"); 2241 break; 2242 2243 default: 2244 break; 2245 } 2246 fp = sc->fw_fw.fp; 2247 if (fp == NULL) { 2248 device_printf(sc->sc_dev, "could not load firmware\n"); 2249 goto bad; 2250 } 2251 if (fp->version < 300) { 2252 /* 2253 * Firmware prior to 3.0 was packaged as separate 2254 * boot, firmware, and ucode images. Verify the 2255 * ucode image was read in, retrieve the boot image 2256 * if needed, and check version stamps for consistency. 2257 * The version stamps in the data are also checked 2258 * above; this is a bit paranoid but is a cheap 2259 * safeguard against mis-packaging. 2260 */ 2261 if (sc->fw_uc.fp == NULL) { 2262 device_printf(sc->sc_dev, "could not load ucode\n"); 2263 goto bad; 2264 } 2265 if (sc->fw_boot.fp == NULL) { 2266 sc->fw_boot.fp = firmware_get("iwi_boot"); 2267 if (sc->fw_boot.fp == NULL) { 2268 device_printf(sc->sc_dev, 2269 "could not load boot firmware\n"); 2270 goto bad; 2271 } 2272 } 2273 if (sc->fw_boot.fp->version != sc->fw_fw.fp->version || 2274 sc->fw_boot.fp->version != sc->fw_uc.fp->version) { 2275 device_printf(sc->sc_dev, 2276 "firmware version mismatch: " 2277 "'%s' is %d, '%s' is %d, '%s' is %d\n", 2278 sc->fw_boot.fp->name, sc->fw_boot.fp->version, 2279 sc->fw_uc.fp->name, sc->fw_uc.fp->version, 2280 sc->fw_fw.fp->name, sc->fw_fw.fp->version 2281 ); 2282 goto bad; 2283 } 2284 /* 2285 * Check and setup each image. 2286 */ 2287 if (iwi_setup_oucode(sc, &sc->fw_uc) == NULL || 2288 iwi_setup_ofw(sc, &sc->fw_boot) == NULL || 2289 iwi_setup_ofw(sc, &sc->fw_fw) == NULL) 2290 goto bad; 2291 } else { 2292 /* 2293 * Check and setup combined image. 2294 */ 2295 if (fp->datasize < sizeof(struct iwi_firmware_hdr)) { 2296 device_printf(sc->sc_dev, "image '%s' too small\n", 2297 fp->name); 2298 goto bad; 2299 } 2300 hdr = (const struct iwi_firmware_hdr *)fp->data; 2301 if (fp->datasize < sizeof(*hdr) + le32toh(hdr->bsize) + le32toh(hdr->usize) 2302 + le32toh(hdr->fsize)) { 2303 device_printf(sc->sc_dev, "image '%s' too small (2)\n", 2304 fp->name); 2305 goto bad; 2306 } 2307 sc->fw_boot.data = ((const char *) fp->data) + sizeof(*hdr); 2308 sc->fw_boot.size = le32toh(hdr->bsize); 2309 sc->fw_boot.name = fp->name; 2310 sc->fw_uc.data = sc->fw_boot.data + sc->fw_boot.size; 2311 sc->fw_uc.size = le32toh(hdr->usize); 2312 sc->fw_uc.name = fp->name; 2313 sc->fw_fw.data = sc->fw_uc.data + sc->fw_uc.size; 2314 sc->fw_fw.size = le32toh(hdr->fsize); 2315 sc->fw_fw.name = fp->name; 2316 } 2317#if 0 2318 device_printf(sc->sc_dev, "boot %d ucode %d fw %d bytes\n", 2319 sc->fw_boot.size, sc->fw_uc.size, sc->fw_fw.size); 2320#endif 2321 2322 sc->fw_mode = ic->ic_opmode; 2323 return 0; 2324bad: 2325 iwi_put_firmware(sc); 2326 return 1; 2327} 2328 2329static void 2330iwi_put_fw(struct iwi_fw *fw) 2331{ 2332 if (fw->fp != NULL) { 2333 firmware_put(fw->fp, FIRMWARE_UNLOAD); 2334 fw->fp = NULL; 2335 } 2336 fw->data = NULL; 2337 fw->size = 0; 2338 fw->name = NULL; 2339} 2340 2341/* 2342 * Release any cached firmware images. 2343 */ 2344static void 2345iwi_put_firmware(struct iwi_softc *sc) 2346{ 2347 iwi_put_fw(&sc->fw_uc); 2348 iwi_put_fw(&sc->fw_fw); 2349 iwi_put_fw(&sc->fw_boot); 2350} 2351 2352static int 2353iwi_load_ucode(struct iwi_softc *sc, const struct iwi_fw *fw) 2354{ 2355 uint32_t tmp; 2356 const uint16_t *w; 2357 const char *uc = fw->data; 2358 size_t size = fw->size; 2359 int i, ntries, error; 2360 2361 IWI_LOCK_ASSERT(sc); 2362 error = 0; 2363 CSR_WRITE_4(sc, IWI_CSR_RST, CSR_READ_4(sc, IWI_CSR_RST) | 2364 IWI_RST_STOP_MASTER); 2365 for (ntries = 0; ntries < 5; ntries++) { 2366 if (CSR_READ_4(sc, IWI_CSR_RST) & IWI_RST_MASTER_DISABLED) 2367 break; 2368 DELAY(10); 2369 } 2370 if (ntries == 5) { 2371 device_printf(sc->sc_dev, "timeout waiting for master\n"); 2372 error = EIO; 2373 goto fail; 2374 } 2375 2376 MEM_WRITE_4(sc, 0x3000e0, 0x80000000); 2377 DELAY(5000); 2378 2379 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2380 tmp &= ~IWI_RST_PRINCETON_RESET; 2381 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2382 2383 DELAY(5000); 2384 MEM_WRITE_4(sc, 0x3000e0, 0); 2385 DELAY(1000); 2386 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, 1); 2387 DELAY(1000); 2388 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, 0); 2389 DELAY(1000); 2390 MEM_WRITE_1(sc, 0x200000, 0x00); 2391 MEM_WRITE_1(sc, 0x200000, 0x40); 2392 DELAY(1000); 2393 2394 /* write microcode into adapter memory */ 2395 for (w = (const uint16_t *)uc; size > 0; w++, size -= 2) 2396 MEM_WRITE_2(sc, 0x200010, htole16(*w)); 2397 2398 MEM_WRITE_1(sc, 0x200000, 0x00); 2399 MEM_WRITE_1(sc, 0x200000, 0x80); 2400 2401 /* wait until we get an answer */ 2402 for (ntries = 0; ntries < 100; ntries++) { 2403 if (MEM_READ_1(sc, 0x200000) & 1) 2404 break; 2405 DELAY(100); 2406 } 2407 if (ntries == 100) { 2408 device_printf(sc->sc_dev, 2409 "timeout waiting for ucode to initialize\n"); 2410 error = EIO; 2411 goto fail; 2412 } 2413 2414 /* read the answer or the firmware will not initialize properly */ 2415 for (i = 0; i < 7; i++) 2416 MEM_READ_4(sc, 0x200004); 2417 2418 MEM_WRITE_1(sc, 0x200000, 0x00); 2419 2420fail: 2421 return error; 2422} 2423 2424/* macro to handle unaligned little endian data in firmware image */ 2425#define GETLE32(p) ((p)[0] | (p)[1] << 8 | (p)[2] << 16 | (p)[3] << 24) 2426 2427static int 2428iwi_load_firmware(struct iwi_softc *sc, const struct iwi_fw *fw) 2429{ 2430 u_char *p, *end; 2431 uint32_t sentinel, ctl, src, dst, sum, len, mlen, tmp; 2432 int ntries, error; 2433 2434 IWI_LOCK_ASSERT(sc); 2435 /* copy firmware image to DMA memory */ 2436 memcpy(sc->fw_virtaddr, fw->data, fw->size); 2437 2438 /* make sure the adapter will get up-to-date values */ 2439 bus_dmamap_sync(sc->fw_dmat, sc->fw_map, BUS_DMASYNC_PREWRITE); 2440 2441 /* tell the adapter where the command blocks are stored */ 2442 MEM_WRITE_4(sc, 0x3000a0, 0x27000); 2443 2444 /* 2445 * Store command blocks into adapter's internal memory using register 2446 * indirections. The adapter will read the firmware image through DMA 2447 * using information stored in command blocks. 2448 */ 2449 src = sc->fw_physaddr; 2450 p = sc->fw_virtaddr; 2451 end = p + fw->size; 2452 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_ADDR, 0x27000); 2453 2454 while (p < end) { 2455 dst = GETLE32(p); p += 4; src += 4; 2456 len = GETLE32(p); p += 4; src += 4; 2457 p += len; 2458 2459 while (len > 0) { 2460 mlen = min(len, IWI_CB_MAXDATALEN); 2461 2462 ctl = IWI_CB_DEFAULT_CTL | mlen; 2463 sum = ctl ^ src ^ dst; 2464 2465 /* write a command block */ 2466 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, ctl); 2467 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, src); 2468 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, dst); 2469 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, sum); 2470 2471 src += mlen; 2472 dst += mlen; 2473 len -= mlen; 2474 } 2475 } 2476 2477 /* write a fictive final command block (sentinel) */ 2478 sentinel = CSR_READ_4(sc, IWI_CSR_AUTOINC_ADDR); 2479 CSR_WRITE_4(sc, IWI_CSR_AUTOINC_DATA, 0); 2480 2481 tmp = CSR_READ_4(sc, IWI_CSR_RST); 2482 tmp &= ~(IWI_RST_MASTER_DISABLED | IWI_RST_STOP_MASTER); 2483 CSR_WRITE_4(sc, IWI_CSR_RST, tmp); 2484 2485 /* tell the adapter to start processing command blocks */ 2486 MEM_WRITE_4(sc, 0x3000a4, 0x540100); 2487 2488 /* wait until the adapter reaches the sentinel */ 2489 for (ntries = 0; ntries < 400; ntries++) { 2490 if (MEM_READ_4(sc, 0x3000d0) >= sentinel) 2491 break; 2492 DELAY(100); 2493 } 2494 /* sync dma, just in case */ 2495 bus_dmamap_sync(sc->fw_dmat, sc->fw_map, BUS_DMASYNC_POSTWRITE); 2496 if (ntries == 400) { 2497 device_printf(sc->sc_dev, 2498 "timeout processing command blocks for %s firmware\n", 2499 fw->name); 2500 return EIO; 2501 } 2502 2503 /* we're done with command blocks processing */ 2504 MEM_WRITE_4(sc, 0x3000a4, 0x540c00); 2505 2506 /* allow interrupts so we know when the firmware is ready */ 2507 CSR_WRITE_4(sc, IWI_CSR_INTR_MASK, IWI_INTR_MASK); 2508 2509 /* tell the adapter to initialize the firmware */ 2510 CSR_WRITE_4(sc, IWI_CSR_RST, 0); 2511 2512 tmp = CSR_READ_4(sc, IWI_CSR_CTL); 2513 CSR_WRITE_4(sc, IWI_CSR_CTL, tmp | IWI_CTL_ALLOW_STANDBY); 2514 2515 /* wait at most one second for firmware initialization to complete */ 2516 if ((error = msleep(sc, &sc->sc_mtx, 0, "iwiinit", hz)) != 0) { 2517 device_printf(sc->sc_dev, "timeout waiting for %s firmware " 2518 "initialization to complete\n", fw->name); 2519 } 2520 2521 return error; 2522} 2523 2524static int 2525iwi_setpowermode(struct iwi_softc *sc) 2526{ 2527 struct ieee80211com *ic = &sc->sc_ic; 2528 uint32_t data; 2529 2530 if (ic->ic_flags & IEEE80211_F_PMGTON) { 2531 /* XXX set more fine-grained operation */ 2532 data = htole32(IWI_POWER_MODE_MAX); 2533 } else 2534 data = htole32(IWI_POWER_MODE_CAM); 2535 2536 DPRINTF(("Setting power mode to %u\n", le32toh(data))); 2537 return iwi_cmd(sc, IWI_CMD_SET_POWER_MODE, &data, sizeof data); 2538} 2539 2540static int 2541iwi_setwepkeys(struct iwi_softc *sc) 2542{ 2543 struct ieee80211com *ic = &sc->sc_ic; 2544 struct iwi_wep_key wepkey; 2545 struct ieee80211_key *wk; 2546 int error, i; 2547 2548 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2549 wk = &ic->ic_crypto.cs_nw_keys[i]; 2550 2551 wepkey.cmd = IWI_WEP_KEY_CMD_SETKEY; 2552 wepkey.idx = i; 2553 wepkey.len = wk->wk_keylen; 2554 memset(wepkey.key, 0, sizeof wepkey.key); 2555 memcpy(wepkey.key, wk->wk_key, wk->wk_keylen); 2556 DPRINTF(("Setting wep key index %u len %u\n", wepkey.idx, 2557 wepkey.len)); 2558 error = iwi_cmd(sc, IWI_CMD_SET_WEP_KEY, &wepkey, 2559 sizeof wepkey); 2560 if (error != 0) 2561 return error; 2562 } 2563 return 0; 2564} 2565 2566static int 2567iwi_config(struct iwi_softc *sc) 2568{ 2569 struct ieee80211com *ic = &sc->sc_ic; 2570 struct ifnet *ifp = ic->ic_ifp; 2571 struct iwi_configuration config; 2572 struct iwi_rateset rs; 2573 struct iwi_txpower power; 2574 uint32_t data; 2575 int error, i; 2576 IWI_LOCK_ASSERT(sc); 2577 2578 IEEE80211_ADDR_COPY(ic->ic_myaddr, IF_LLADDR(ifp)); 2579 DPRINTF(("Setting MAC address to %6D\n", ic->ic_myaddr, ":")); 2580 error = iwi_cmd(sc, IWI_CMD_SET_MAC_ADDRESS, ic->ic_myaddr, 2581 IEEE80211_ADDR_LEN); 2582 if (error != 0) 2583 return error; 2584 2585 memset(&config, 0, sizeof config); 2586 config.bluetooth_coexistence = sc->bluetooth; 2587 config.silence_threshold = 0x1e; 2588 config.antenna = sc->antenna; 2589 config.multicast_enabled = 1; 2590 config.answer_pbreq = (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2591 config.disable_unicast_decryption = 1; 2592 config.disable_multicast_decryption = 1; 2593 DPRINTF(("Configuring adapter\n")); 2594 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config); 2595 if (error != 0) 2596 return error; 2597 2598 error = iwi_setpowermode(sc); 2599 if (error != 0) 2600 return error; 2601 2602 data = htole32(ic->ic_rtsthreshold); 2603 DPRINTF(("Setting RTS threshold to %u\n", le32toh(data))); 2604 error = iwi_cmd(sc, IWI_CMD_SET_RTS_THRESHOLD, &data, sizeof data); 2605 if (error != 0) 2606 return error; 2607 2608 data = htole32(ic->ic_fragthreshold); 2609 DPRINTF(("Setting fragmentation threshold to %u\n", le32toh(data))); 2610 error = iwi_cmd(sc, IWI_CMD_SET_FRAG_THRESHOLD, &data, sizeof data); 2611 if (error != 0) 2612 return error; 2613 2614 if (ic->ic_opmode == IEEE80211_M_IBSS) { 2615 power.mode = IWI_MODE_11B; 2616 power.nchan = 11; 2617 for (i = 0; i < 11; i++) { 2618 power.chan[i].chan = i + 1; 2619 power.chan[i].power = IWI_TXPOWER_MAX; 2620 } 2621 DPRINTF(("Setting .11b channels tx power\n")); 2622 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power); 2623 if (error != 0) 2624 return error; 2625 2626 power.mode = IWI_MODE_11G; 2627 DPRINTF(("Setting .11g channels tx power\n")); 2628 error = iwi_cmd(sc, IWI_CMD_SET_TX_POWER, &power, sizeof power); 2629 if (error != 0) 2630 return error; 2631 } 2632 2633 rs.mode = IWI_MODE_11G; 2634 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2635 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11G].rs_nrates; 2636 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11G].rs_rates, 2637 rs.nrates); 2638 DPRINTF(("Setting .11bg supported rates (%u)\n", rs.nrates)); 2639 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2640 if (error != 0) 2641 return error; 2642 2643 rs.mode = IWI_MODE_11A; 2644 rs.type = IWI_RATESET_TYPE_SUPPORTED; 2645 rs.nrates = ic->ic_sup_rates[IEEE80211_MODE_11A].rs_nrates; 2646 memcpy(rs.rates, ic->ic_sup_rates[IEEE80211_MODE_11A].rs_rates, 2647 rs.nrates); 2648 DPRINTF(("Setting .11a supported rates (%u)\n", rs.nrates)); 2649 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2650 if (error != 0) 2651 return error; 2652 2653 /* if we have a desired ESSID, set it now */ 2654 if (ic->ic_des_ssid[0].len != 0) { 2655#ifdef IWI_DEBUG 2656 if (iwi_debug > 0) { 2657 printf("Setting desired ESSID to "); 2658 ieee80211_print_essid(ic->ic_des_ssid[0].ssid, 2659 ic->ic_des_ssid[0].len); 2660 printf("\n"); 2661 } 2662#endif 2663 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ic->ic_des_ssid[0].ssid, 2664 ic->ic_des_ssid[0].len); 2665 if (error != 0) 2666 return error; 2667 } 2668 2669 data = htole32(arc4random()); 2670 DPRINTF(("Setting initialization vector to %u\n", le32toh(data))); 2671 error = iwi_cmd(sc, IWI_CMD_SET_IV, &data, sizeof data); 2672 if (error != 0) 2673 return error; 2674 2675 error = iwi_setwepkeys(sc); 2676 if (error != 0) 2677 return error; 2678 2679 /* enable adapter */ 2680 DPRINTF(("Enabling adapter\n")); 2681 return iwi_cmd(sc, IWI_CMD_ENABLE, NULL, 0); 2682} 2683 2684static __inline void 2685set_scan_type(struct iwi_scan_ext *scan, int ix, int scan_type) 2686{ 2687 uint8_t *st = &scan->scan_type[ix / 2]; 2688 if (ix % 2) 2689 *st = (*st & 0xf0) | ((scan_type & 0xf) << 0); 2690 else 2691 *st = (*st & 0x0f) | ((scan_type & 0xf) << 4); 2692} 2693 2694static int 2695scan_type(const struct ieee80211_scan_state *ss, 2696 const struct ieee80211_channel *chan) 2697{ 2698 /* We can only set one essid for a directed scan */ 2699 if (ss->ss_nssid != 0) 2700 return IWI_SCAN_TYPE_BDIRECTED; 2701 if ((ss->ss_flags & IEEE80211_SCAN_ACTIVE) && 2702 (chan->ic_flags & IEEE80211_CHAN_PASSIVE) == 0) 2703 return IWI_SCAN_TYPE_BROADCAST; 2704 return IWI_SCAN_TYPE_PASSIVE; 2705} 2706 2707static __inline int 2708scan_band(const struct ieee80211_channel *c) 2709{ 2710 return IEEE80211_IS_CHAN_5GHZ(c) ? IWI_CHAN_5GHZ : IWI_CHAN_2GHZ; 2711} 2712 2713/* 2714 * Start a scan on the current channel or all channels. 2715 */ 2716static int 2717iwi_scanchan(struct iwi_softc *sc, unsigned long maxdwell, int mode) 2718{ 2719 struct ieee80211com *ic; 2720 struct ieee80211_channel *chan; 2721 struct ieee80211_scan_state *ss; 2722 struct iwi_scan_ext scan; 2723 int error = 0; 2724 2725 IWI_LOCK_ASSERT(sc); 2726 if (sc->fw_state == IWI_FW_SCANNING) { 2727 /* 2728 * This should not happen as we only trigger scan_next after 2729 * completion 2730 */ 2731 DPRINTF(("%s: called too early - still scanning\n", __func__)); 2732 return (EBUSY); 2733 } 2734 IWI_STATE_BEGIN(sc, IWI_FW_SCANNING); 2735 2736 ic = &sc->sc_ic; 2737 ss = ic->ic_scan; 2738 2739 memset(&scan, 0, sizeof scan); 2740 scan.full_scan_index = htole32(++sc->sc_scangen); 2741 scan.dwell_time[IWI_SCAN_TYPE_PASSIVE] = htole16(maxdwell); 2742 if (ic->ic_flags_ext & IEEE80211_FEXT_BGSCAN) { 2743 /* 2744 * Use very short dwell times for when we send probe request 2745 * frames. Without this bg scans hang. Ideally this should 2746 * be handled with early-termination as done by net80211 but 2747 * that's not feasible (aborting a scan is problematic). 2748 */ 2749 scan.dwell_time[IWI_SCAN_TYPE_BROADCAST] = htole16(30); 2750 scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED] = htole16(30); 2751 } else { 2752 scan.dwell_time[IWI_SCAN_TYPE_BROADCAST] = htole16(maxdwell); 2753 scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED] = htole16(maxdwell); 2754 } 2755 2756 /* We can only set one essid for a directed scan */ 2757 if (ss->ss_nssid != 0) { 2758 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ss->ss_ssid[0].ssid, 2759 ss->ss_ssid[0].len); 2760 if (error) 2761 return (error); 2762 } 2763 2764 if (mode == IWI_SCAN_ALLCHAN) { 2765 int i, next, band, b, bstart; 2766 /* 2767 * Convert scan list to run-length encoded channel list 2768 * the firmware requires (preserving the order setup by 2769 * net80211). The first entry in each run specifies the 2770 * band and the count of items in the run. 2771 */ 2772 next = 0; /* next open slot */ 2773 bstart = 0; /* NB: not needed, silence compiler */ 2774 band = -1; /* NB: impossible value */ 2775 KASSERT(ss->ss_last > 0, ("no channels")); 2776 for (i = 0; i < ss->ss_last; i++) { 2777 chan = ss->ss_chans[i]; 2778 b = scan_band(chan); 2779 if (b != band) { 2780 if (band != -1) 2781 scan.channels[bstart] = 2782 (next - bstart) | band; 2783 /* NB: this allocates a slot for the run-len */ 2784 band = b, bstart = next++; 2785 } 2786 if (next >= IWI_SCAN_CHANNELS) { 2787 DPRINTF(("truncating scan list\n")); 2788 break; 2789 } 2790 scan.channels[next] = ieee80211_chan2ieee(ic, chan); 2791 set_scan_type(&scan, next, scan_type(ss, chan)); 2792 next++; 2793 } 2794 scan.channels[bstart] = (next - bstart) | band; 2795 } else { 2796 /* Scan the current channel only */ 2797 chan = ic->ic_curchan; 2798 scan.channels[0] = 1 | scan_band(chan); 2799 scan.channels[1] = ieee80211_chan2ieee(ic, chan); 2800 set_scan_type(&scan, 1, scan_type(ss, chan)); 2801 } 2802#ifdef IWI_DEBUG 2803 if (iwi_debug > 0) { 2804 static const char *scantype[8] = 2805 { "PSTOP", "PASV", "DIR", "BCAST", "BDIR", "5", "6", "7" }; 2806 int i; 2807 printf("Scan request: index %u dwell %d/%d/%d\n" 2808 , le32toh(scan.full_scan_index) 2809 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_PASSIVE]) 2810 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_BROADCAST]) 2811 , le16toh(scan.dwell_time[IWI_SCAN_TYPE_BDIRECTED]) 2812 ); 2813 i = 0; 2814 do { 2815 int run = scan.channels[i]; 2816 if (run == 0) 2817 break; 2818 printf("Scan %d %s channels:", run & 0x3f, 2819 run & IWI_CHAN_2GHZ ? "2.4GHz" : "5GHz"); 2820 for (run &= 0x3f, i++; run > 0; run--, i++) { 2821 uint8_t type = scan.scan_type[i/2]; 2822 printf(" %u/%s", scan.channels[i], 2823 scantype[(i & 1 ? type : type>>4) & 7]); 2824 } 2825 printf("\n"); 2826 } while (i < IWI_SCAN_CHANNELS); 2827 } 2828#endif 2829 2830 return (iwi_cmd(sc, IWI_CMD_SCAN_EXT, &scan, sizeof scan)); 2831} 2832 2833static void 2834iwi_scanabort(void *arg, int npending) 2835{ 2836 struct iwi_softc *sc = arg; 2837 IWI_LOCK_DECL; 2838 2839 IWI_LOCK(sc); 2840 sc->flags &= ~IWI_FLAG_CHANNEL_SCAN; 2841 /* NB: make sure we're still scanning */ 2842 if (sc->fw_state == IWI_FW_SCANNING) 2843 iwi_cmd(sc, IWI_CMD_ABORT_SCAN, NULL, 0); 2844 IWI_UNLOCK(sc); 2845} 2846 2847static int 2848iwi_set_sensitivity(struct iwi_softc *sc, int8_t rssi_dbm) 2849{ 2850 struct iwi_sensitivity sens; 2851 2852 DPRINTF(("Setting sensitivity to %d\n", rssi_dbm)); 2853 2854 memset(&sens, 0, sizeof sens); 2855 sens.rssi = htole16(rssi_dbm); 2856 return iwi_cmd(sc, IWI_CMD_SET_SENSITIVITY, &sens, sizeof sens); 2857} 2858 2859static int 2860iwi_auth_and_assoc(struct iwi_softc *sc) 2861{ 2862 struct ieee80211com *ic = &sc->sc_ic; 2863 struct ifnet *ifp = ic->ic_ifp; 2864 struct ieee80211_node *ni = ic->ic_bss; 2865 struct iwi_configuration config; 2866 struct iwi_associate *assoc = &sc->assoc; 2867 struct iwi_rateset rs; 2868 uint16_t capinfo; 2869 int error; 2870 2871 IWI_LOCK_ASSERT(sc); 2872 2873 if (sc->flags & IWI_FLAG_ASSOCIATED) { 2874 DPRINTF(("Already associated\n")); 2875 return (-1); 2876 } 2877 2878 IWI_STATE_BEGIN(sc, IWI_FW_ASSOCIATING); 2879 error = 0; 2880 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) { 2881 memset(&config, 0, sizeof config); 2882 config.bluetooth_coexistence = sc->bluetooth; 2883 config.antenna = sc->antenna; 2884 config.multicast_enabled = 1; 2885 config.use_protection = 1; 2886 config.answer_pbreq = 2887 (ic->ic_opmode == IEEE80211_M_IBSS) ? 1 : 0; 2888 config.disable_unicast_decryption = 1; 2889 config.disable_multicast_decryption = 1; 2890 DPRINTF(("Configuring adapter\n")); 2891 error = iwi_cmd(sc, IWI_CMD_SET_CONFIG, &config, sizeof config); 2892 if (error != 0) 2893 goto done; 2894 } 2895 2896#ifdef IWI_DEBUG 2897 if (iwi_debug > 0) { 2898 printf("Setting ESSID to "); 2899 ieee80211_print_essid(ni->ni_essid, ni->ni_esslen); 2900 printf("\n"); 2901 } 2902#endif 2903 error = iwi_cmd(sc, IWI_CMD_SET_ESSID, ni->ni_essid, ni->ni_esslen); 2904 if (error != 0) 2905 goto done; 2906 2907 /* the rate set has already been "negotiated" */ 2908 if (IEEE80211_IS_CHAN_A(ic->ic_curchan)) 2909 rs.mode = IWI_MODE_11A; 2910 else if (IEEE80211_IS_CHAN_G(ic->ic_curchan)) 2911 rs.mode = IWI_MODE_11G; 2912 if (IEEE80211_IS_CHAN_B(ic->ic_curchan)) 2913 rs.mode = IWI_MODE_11B; 2914 2915 rs.type = IWI_RATESET_TYPE_NEGOTIATED; 2916 rs.nrates = ni->ni_rates.rs_nrates; 2917 if (rs.nrates > IWI_RATESET_SIZE) { 2918 DPRINTF(("Truncating negotiated rate set from %u\n", 2919 rs.nrates)); 2920 rs.nrates = IWI_RATESET_SIZE; 2921 } 2922 memcpy(rs.rates, ni->ni_rates.rs_rates, rs.nrates); 2923 DPRINTF(("Setting negotiated rates (%u)\n", rs.nrates)); 2924 error = iwi_cmd(sc, IWI_CMD_SET_RATES, &rs, sizeof rs); 2925 if (error != 0) 2926 goto done; 2927 2928 memset(assoc, 0, sizeof *assoc); 2929 2930 if ((ic->ic_flags & IEEE80211_F_WME) && ni->ni_wme_ie != NULL) { 2931 /* NB: don't treat WME setup as failure */ 2932 if (iwi_wme_setparams(sc) == 0 && iwi_wme_setie(sc) == 0) 2933 assoc->policy |= htole16(IWI_POLICY_WME); 2934 /* XXX complain on failure? */ 2935 } 2936 2937 if (ic->ic_opt_ie != NULL) { 2938 DPRINTF(("Setting optional IE (len=%u)\n", ic->ic_opt_ie_len)); 2939 error = iwi_cmd(sc, IWI_CMD_SET_OPTIE, ic->ic_opt_ie, 2940 ic->ic_opt_ie_len); 2941 if (error != 0) 2942 goto done; 2943 } 2944 2945 error = iwi_set_sensitivity(sc, ni->ni_rssi); 2946 if (error != 0) 2947 goto done; 2948 2949 if (IEEE80211_IS_CHAN_A(ic->ic_curchan)) 2950 assoc->mode = IWI_MODE_11A; 2951 else if (IEEE80211_IS_CHAN_G(ic->ic_curchan)) 2952 assoc->mode = IWI_MODE_11G; 2953 else if (IEEE80211_IS_CHAN_B(ic->ic_curchan)) 2954 assoc->mode = IWI_MODE_11B; 2955 2956 assoc->chan = ic->ic_curchan->ic_ieee; 2957 /* 2958 * NB: do not arrange for shared key auth w/o privacy 2959 * (i.e. a wep key); it causes a firmware error. 2960 */ 2961 if ((ic->ic_flags & IEEE80211_F_PRIVACY) && 2962 ni->ni_authmode == IEEE80211_AUTH_SHARED) { 2963 assoc->auth = IWI_AUTH_SHARED; 2964 /* 2965 * It's possible to have privacy marked but no default 2966 * key setup. This typically is due to a user app bug 2967 * but if we blindly grab the key the firmware will 2968 * barf so avoid it for now. 2969 */ 2970 if (ic->ic_crypto.cs_def_txkey != IEEE80211_KEYIX_NONE) 2971 assoc->auth |= ic->ic_crypto.cs_def_txkey << 4; 2972 2973 error = iwi_setwepkeys(sc); 2974 if (error != 0) 2975 goto done; 2976 } 2977 if (ic->ic_flags & IEEE80211_F_WPA) 2978 assoc->policy |= htole16(IWI_POLICY_WPA); 2979 if (ic->ic_opmode == IEEE80211_M_IBSS && ni->ni_tstamp.tsf == 0) 2980 assoc->type = IWI_HC_IBSS_START; 2981 else 2982 assoc->type = IWI_HC_ASSOC; 2983 memcpy(assoc->tstamp, ni->ni_tstamp.data, 8); 2984 2985 if (ic->ic_opmode == IEEE80211_M_IBSS) 2986 capinfo = IEEE80211_CAPINFO_IBSS; 2987 else 2988 capinfo = IEEE80211_CAPINFO_ESS; 2989 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2990 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2991 if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) && 2992 IEEE80211_IS_CHAN_2GHZ(ic->ic_curchan)) 2993 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2994 if (ni->ni_capinfo & IEEE80211_CAPINFO_SHORT_SLOTTIME) 2995 capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME; 2996 assoc->capinfo = htole16(capinfo); 2997 2998 assoc->lintval = htole16(ic->ic_lintval); 2999 assoc->intval = htole16(ni->ni_intval); 3000 IEEE80211_ADDR_COPY(assoc->bssid, ni->ni_bssid); 3001 if (ic->ic_opmode == IEEE80211_M_IBSS) 3002 IEEE80211_ADDR_COPY(assoc->dst, ifp->if_broadcastaddr); 3003 else 3004 IEEE80211_ADDR_COPY(assoc->dst, ni->ni_bssid); 3005 3006 DPRINTF(("%s bssid %6D dst %6D channel %u policy 0x%x " 3007 "auth %u capinfo 0x%x lintval %u bintval %u\n", 3008 assoc->type == IWI_HC_IBSS_START ? "Start" : "Join", 3009 assoc->bssid, ":", assoc->dst, ":", 3010 assoc->chan, le16toh(assoc->policy), assoc->auth, 3011 le16toh(assoc->capinfo), le16toh(assoc->lintval), 3012 le16toh(assoc->intval))); 3013 error = iwi_cmd(sc, IWI_CMD_ASSOCIATE, assoc, sizeof *assoc); 3014done: 3015 if (error) 3016 IWI_STATE_END(sc, IWI_FW_ASSOCIATING); 3017 3018 return (error); 3019} 3020 3021static int 3022iwi_disassociate(struct iwi_softc *sc, int quiet) 3023{ 3024 struct iwi_associate *assoc = &sc->assoc; 3025 3026 if ((sc->flags & IWI_FLAG_ASSOCIATED) == 0) { 3027 DPRINTF(("Not associated\n")); 3028 return (-1); 3029 } 3030 3031 IWI_STATE_BEGIN(sc, IWI_FW_DISASSOCIATING); 3032 3033 if (quiet) 3034 assoc->type = IWI_HC_DISASSOC_QUIET; 3035 else 3036 assoc->type = IWI_HC_DISASSOC; 3037 3038 DPRINTF(("Trying to disassociate from %6D channel %u\n", 3039 assoc->bssid, ":", assoc->chan)); 3040 return iwi_cmd(sc, IWI_CMD_ASSOCIATE, assoc, sizeof *assoc); 3041} 3042 3043static void 3044iwi_init(void *priv) 3045{ 3046 struct iwi_softc *sc = priv; 3047 IWI_LOCK_DECL; 3048 3049 IWI_LOCK(sc); 3050 iwi_init_locked(sc, 0); 3051 IWI_UNLOCK(sc); 3052} 3053 3054/* 3055 * release dma resources for the firmware 3056 */ 3057static void 3058iwi_release_fw_dma(struct iwi_softc *sc) 3059{ 3060 if (sc->fw_flags & IWI_FW_HAVE_PHY) 3061 bus_dmamap_unload(sc->fw_dmat, sc->fw_map); 3062 if (sc->fw_flags & IWI_FW_HAVE_MAP) 3063 bus_dmamem_free(sc->fw_dmat, sc->fw_virtaddr, sc->fw_map); 3064 if (sc->fw_flags & IWI_FW_HAVE_DMAT) 3065 bus_dma_tag_destroy(sc->fw_dmat); 3066 3067 sc->fw_flags = 0; 3068 sc->fw_dma_size = 0; 3069 sc->fw_dmat = NULL; 3070 sc->fw_map = NULL; 3071 sc->fw_physaddr = 0; 3072 sc->fw_virtaddr = NULL; 3073} 3074 3075/* 3076 * allocate the dma descriptor for the firmware. 3077 * Return 0 on success, 1 on error. 3078 * Must be called unlocked, protected by IWI_FLAG_FW_LOADING. 3079 */ 3080static int 3081iwi_init_fw_dma(struct iwi_softc *sc, int size) 3082{ 3083 if (sc->fw_dma_size >= size) 3084 return 0; 3085 if (bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, 3086 BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, 3087 size, 1, size, 0, NULL, NULL, &sc->fw_dmat) != 0) { 3088 device_printf(sc->sc_dev, 3089 "could not create firmware DMA tag\n"); 3090 goto error; 3091 } 3092 sc->fw_flags |= IWI_FW_HAVE_DMAT; 3093 if (bus_dmamem_alloc(sc->fw_dmat, &sc->fw_virtaddr, 0, 3094 &sc->fw_map) != 0) { 3095 device_printf(sc->sc_dev, 3096 "could not allocate firmware DMA memory\n"); 3097 goto error; 3098 } 3099 sc->fw_flags |= IWI_FW_HAVE_MAP; 3100 if (bus_dmamap_load(sc->fw_dmat, sc->fw_map, sc->fw_virtaddr, 3101 size, iwi_dma_map_addr, &sc->fw_physaddr, 0) != 0) { 3102 device_printf(sc->sc_dev, "could not load firmware DMA map\n"); 3103 goto error; 3104 } 3105 sc->fw_flags |= IWI_FW_HAVE_PHY; 3106 sc->fw_dma_size = size; 3107 return 0; 3108 3109error: 3110 iwi_release_fw_dma(sc); 3111 return 1; 3112} 3113 3114static void 3115iwi_init_locked(void *priv, int force) 3116{ 3117 struct iwi_softc *sc = priv; 3118 struct ieee80211com *ic = &sc->sc_ic; 3119 struct ifnet *ifp = ic->ic_ifp; 3120 struct iwi_rx_data *data; 3121 int i; 3122 IWI_LOCK_DECL; 3123 3124 IWI_LOCK_ASSERT(sc); 3125 if (sc->fw_state == IWI_FW_LOADING) { 3126 device_printf(sc->sc_dev, "%s: already loading\n", __func__); 3127 return; /* XXX: condvar? */ 3128 } 3129 3130 iwi_stop(sc); 3131 IWI_STATE_BEGIN(sc, IWI_FW_LOADING); 3132 3133 if (iwi_reset(sc) != 0) { 3134 device_printf(sc->sc_dev, "could not reset adapter\n"); 3135 goto fail; 3136 } 3137 3138 IWI_UNLOCK(sc); 3139 if (iwi_get_firmware(sc)) { 3140 IWI_LOCK(sc); 3141 goto fail; 3142 } 3143 3144 /* allocate DMA memory for mapping firmware image */ 3145 i = sc->fw_fw.size; 3146 if (sc->fw_boot.size > i) 3147 i = sc->fw_boot.size; 3148 /* XXX do we dma the ucode as well ? */ 3149 if (sc->fw_uc.size > i) 3150 i = sc->fw_uc.size; 3151 if (iwi_init_fw_dma(sc, i)) { 3152 IWI_LOCK(sc); 3153 goto fail; 3154 } 3155 IWI_LOCK(sc); 3156 3157 if (iwi_load_firmware(sc, &sc->fw_boot) != 0) { 3158 device_printf(sc->sc_dev, 3159 "could not load boot firmware %s\n", sc->fw_boot.name); 3160 goto fail; 3161 } 3162 3163 if (iwi_load_ucode(sc, &sc->fw_uc) != 0) { 3164 device_printf(sc->sc_dev, 3165 "could not load microcode %s\n", sc->fw_uc.name); 3166 goto fail; 3167 } 3168 3169 iwi_stop_master(sc); 3170 3171 CSR_WRITE_4(sc, IWI_CSR_CMD_BASE, sc->cmdq.physaddr); 3172 CSR_WRITE_4(sc, IWI_CSR_CMD_SIZE, sc->cmdq.count); 3173 CSR_WRITE_4(sc, IWI_CSR_CMD_WIDX, sc->cmdq.cur); 3174 3175 CSR_WRITE_4(sc, IWI_CSR_TX1_BASE, sc->txq[0].physaddr); 3176 CSR_WRITE_4(sc, IWI_CSR_TX1_SIZE, sc->txq[0].count); 3177 CSR_WRITE_4(sc, IWI_CSR_TX1_WIDX, sc->txq[0].cur); 3178 3179 CSR_WRITE_4(sc, IWI_CSR_TX2_BASE, sc->txq[1].physaddr); 3180 CSR_WRITE_4(sc, IWI_CSR_TX2_SIZE, sc->txq[1].count); 3181 CSR_WRITE_4(sc, IWI_CSR_TX2_WIDX, sc->txq[1].cur); 3182 3183 CSR_WRITE_4(sc, IWI_CSR_TX3_BASE, sc->txq[2].physaddr); 3184 CSR_WRITE_4(sc, IWI_CSR_TX3_SIZE, sc->txq[2].count); 3185 CSR_WRITE_4(sc, IWI_CSR_TX3_WIDX, sc->txq[2].cur); 3186 3187 CSR_WRITE_4(sc, IWI_CSR_TX4_BASE, sc->txq[3].physaddr); 3188 CSR_WRITE_4(sc, IWI_CSR_TX4_SIZE, sc->txq[3].count); 3189 CSR_WRITE_4(sc, IWI_CSR_TX4_WIDX, sc->txq[3].cur); 3190 3191 for (i = 0; i < sc->rxq.count; i++) { 3192 data = &sc->rxq.data[i]; 3193 CSR_WRITE_4(sc, data->reg, data->physaddr); 3194 } 3195 3196 CSR_WRITE_4(sc, IWI_CSR_RX_WIDX, sc->rxq.count - 1); 3197 3198 if (iwi_load_firmware(sc, &sc->fw_fw) != 0) { 3199 device_printf(sc->sc_dev, 3200 "could not load main firmware %s\n", sc->fw_fw.name); 3201 goto fail; 3202 } 3203 sc->flags |= IWI_FLAG_FW_INITED; 3204 3205 if (iwi_config(sc) != 0) { 3206 device_printf(sc->sc_dev, "device configuration failed\n"); 3207 goto fail; 3208 } 3209 3210 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3211 /* 3212 * NB: When restarting the adapter clock the state 3213 * machine regardless of the roaming mode; otherwise 3214 * we need to notify user apps so they can manually 3215 * get us going again. 3216 */ 3217 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL || force) 3218 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3219 } else 3220 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3221 3222 callout_reset(&sc->sc_wdtimer, hz, iwi_watchdog, sc); 3223 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 3224 ifp->if_drv_flags |= IFF_DRV_RUNNING; 3225 3226 IWI_STATE_END(sc, IWI_FW_LOADING); 3227 return; 3228 3229fail: ifp->if_flags &= ~IFF_UP; 3230 IWI_STATE_END(sc, IWI_FW_LOADING); 3231 iwi_stop(sc); 3232 iwi_put_firmware(sc); 3233} 3234 3235static void 3236iwi_stop(void *priv) 3237{ 3238 struct iwi_softc *sc = priv; 3239 struct ieee80211com *ic = &sc->sc_ic; 3240 struct ifnet *ifp = ic->ic_ifp; 3241 3242 IWI_LOCK_ASSERT(sc); 3243 if (sc->sc_softled) { 3244 callout_stop(&sc->sc_ledtimer); 3245 sc->sc_blinking = 0; 3246 } 3247 3248 callout_stop(&sc->sc_wdtimer); 3249 iwi_stop_master(sc); 3250 3251 CSR_WRITE_4(sc, IWI_CSR_RST, IWI_RST_SOFT_RESET); 3252 3253 /* reset rings */ 3254 iwi_reset_cmd_ring(sc, &sc->cmdq); 3255 iwi_reset_tx_ring(sc, &sc->txq[0]); 3256 iwi_reset_tx_ring(sc, &sc->txq[1]); 3257 iwi_reset_tx_ring(sc, &sc->txq[2]); 3258 iwi_reset_tx_ring(sc, &sc->txq[3]); 3259 iwi_reset_rx_ring(sc, &sc->rxq); 3260 3261 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 3262 3263 memset(sc->sc_cmd, 0, sizeof(sc->sc_cmd)); 3264 sc->sc_tx_timer = 0; 3265 sc->sc_rfkill_timer = 0; 3266 sc->sc_state_timer = 0; 3267 sc->sc_busy_timer = 0; 3268 sc->flags &= ~(IWI_FLAG_BUSY | IWI_FLAG_ASSOCIATED); 3269 sc->fw_state = IWI_FW_IDLE; 3270 wakeup(sc); 3271 3272 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3273} 3274 3275static void 3276iwi_restart(void *arg, int npending) 3277{ 3278 struct iwi_softc *sc = arg; 3279 IWI_LOCK_DECL; 3280 3281 IWI_LOCK(sc); 3282 iwi_init_locked(sc, 1); /* NB: force state machine */ 3283 IWI_UNLOCK(sc); 3284} 3285 3286/* 3287 * Return whether or not the radio is enabled in hardware 3288 * (i.e. the rfkill switch is "off"). 3289 */ 3290static int 3291iwi_getrfkill(struct iwi_softc *sc) 3292{ 3293 return (CSR_READ_4(sc, IWI_CSR_IO) & IWI_IO_RADIO_ENABLED) == 0; 3294} 3295 3296static void 3297iwi_radio_on(void *arg, int pending) 3298{ 3299 struct iwi_softc *sc = arg; 3300 3301 device_printf(sc->sc_dev, "radio turned on\n"); 3302 iwi_init(sc); 3303} 3304 3305static void 3306iwi_radio_off(void *arg, int pending) 3307{ 3308 struct iwi_softc *sc = arg; 3309 IWI_LOCK_DECL; 3310 3311 device_printf(sc->sc_dev, "radio turned off\n"); 3312 IWI_LOCK(sc); 3313 iwi_stop(sc); 3314 sc->sc_rfkill_timer = 2; 3315 IWI_UNLOCK(sc); 3316} 3317 3318static int 3319iwi_sysctl_stats(SYSCTL_HANDLER_ARGS) 3320{ 3321 struct iwi_softc *sc = arg1; 3322 uint32_t size, buf[128]; 3323 3324 if (!(sc->flags & IWI_FLAG_FW_INITED)) { 3325 memset(buf, 0, sizeof buf); 3326 return SYSCTL_OUT(req, buf, sizeof buf); 3327 } 3328 3329 size = min(CSR_READ_4(sc, IWI_CSR_TABLE0_SIZE), 128 - 1); 3330 CSR_READ_REGION_4(sc, IWI_CSR_TABLE0_BASE, &buf[1], size); 3331 3332 return SYSCTL_OUT(req, buf, sizeof buf); 3333} 3334 3335static int 3336iwi_sysctl_radio(SYSCTL_HANDLER_ARGS) 3337{ 3338 struct iwi_softc *sc = arg1; 3339 int val = !iwi_getrfkill(sc); 3340 3341 return SYSCTL_OUT(req, &val, sizeof val); 3342} 3343 3344/* 3345 * Add sysctl knobs. 3346 */ 3347static void 3348iwi_sysctlattach(struct iwi_softc *sc) 3349{ 3350 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 3351 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 3352 3353 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "radio", 3354 CTLTYPE_INT | CTLFLAG_RD, sc, 0, iwi_sysctl_radio, "I", 3355 "radio transmitter switch state (0=off, 1=on)"); 3356 3357 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "stats", 3358 CTLTYPE_OPAQUE | CTLFLAG_RD, sc, 0, iwi_sysctl_stats, "S", 3359 "statistics"); 3360 3361 sc->bluetooth = 0; 3362 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "bluetooth", 3363 CTLFLAG_RW, &sc->bluetooth, 0, "bluetooth coexistence"); 3364 3365 sc->antenna = IWI_ANTENNA_AUTO; 3366 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, "antenna", 3367 CTLFLAG_RW, &sc->antenna, 0, "antenna (0=auto)"); 3368} 3369 3370/* 3371 * LED support. 3372 * 3373 * Different cards have different capabilities. Some have three 3374 * led's while others have only one. The linux ipw driver defines 3375 * led's for link state (associated or not), band (11a, 11g, 11b), 3376 * and for link activity. We use one led and vary the blink rate 3377 * according to the tx/rx traffic a la the ath driver. 3378 */ 3379 3380static __inline uint32_t 3381iwi_toggle_event(uint32_t r) 3382{ 3383 return r &~ (IWI_RST_STANDBY | IWI_RST_GATE_ODMA | 3384 IWI_RST_GATE_IDMA | IWI_RST_GATE_ADMA); 3385} 3386 3387static uint32_t 3388iwi_read_event(struct iwi_softc *sc) 3389{ 3390 return MEM_READ_4(sc, IWI_MEM_EEPROM_EVENT); 3391} 3392 3393static void 3394iwi_write_event(struct iwi_softc *sc, uint32_t v) 3395{ 3396 MEM_WRITE_4(sc, IWI_MEM_EEPROM_EVENT, v); 3397} 3398 3399static void 3400iwi_led_done(void *arg) 3401{ 3402 struct iwi_softc *sc = arg; 3403 3404 sc->sc_blinking = 0; 3405} 3406 3407/* 3408 * Turn the activity LED off: flip the pin and then set a timer so no 3409 * update will happen for the specified duration. 3410 */ 3411static void 3412iwi_led_off(void *arg) 3413{ 3414 struct iwi_softc *sc = arg; 3415 uint32_t v; 3416 3417 v = iwi_read_event(sc); 3418 v &= ~sc->sc_ledpin; 3419 iwi_write_event(sc, iwi_toggle_event(v)); 3420 callout_reset(&sc->sc_ledtimer, sc->sc_ledoff, iwi_led_done, sc); 3421} 3422 3423/* 3424 * Blink the LED according to the specified on/off times. 3425 */ 3426static void 3427iwi_led_blink(struct iwi_softc *sc, int on, int off) 3428{ 3429 uint32_t v; 3430 3431 v = iwi_read_event(sc); 3432 v |= sc->sc_ledpin; 3433 iwi_write_event(sc, iwi_toggle_event(v)); 3434 sc->sc_blinking = 1; 3435 sc->sc_ledoff = off; 3436 callout_reset(&sc->sc_ledtimer, on, iwi_led_off, sc); 3437} 3438 3439static void 3440iwi_led_event(struct iwi_softc *sc, int event) 3441{ 3442#define N(a) (sizeof(a)/sizeof(a[0])) 3443 /* NB: on/off times from the Atheros NDIS driver, w/ permission */ 3444 static const struct { 3445 u_int rate; /* tx/rx iwi rate */ 3446 u_int16_t timeOn; /* LED on time (ms) */ 3447 u_int16_t timeOff; /* LED off time (ms) */ 3448 } blinkrates[] = { 3449 { IWI_RATE_OFDM54, 40, 10 }, 3450 { IWI_RATE_OFDM48, 44, 11 }, 3451 { IWI_RATE_OFDM36, 50, 13 }, 3452 { IWI_RATE_OFDM24, 57, 14 }, 3453 { IWI_RATE_OFDM18, 67, 16 }, 3454 { IWI_RATE_OFDM12, 80, 20 }, 3455 { IWI_RATE_DS11, 100, 25 }, 3456 { IWI_RATE_OFDM9, 133, 34 }, 3457 { IWI_RATE_OFDM6, 160, 40 }, 3458 { IWI_RATE_DS5, 200, 50 }, 3459 { 6, 240, 58 }, /* XXX 3Mb/s if it existed */ 3460 { IWI_RATE_DS2, 267, 66 }, 3461 { IWI_RATE_DS1, 400, 100 }, 3462 { 0, 500, 130 }, /* unknown rate/polling */ 3463 }; 3464 uint32_t txrate; 3465 int j = 0; /* XXX silence compiler */ 3466 3467 sc->sc_ledevent = ticks; /* time of last event */ 3468 if (sc->sc_blinking) /* don't interrupt active blink */ 3469 return; 3470 switch (event) { 3471 case IWI_LED_POLL: 3472 j = N(blinkrates)-1; 3473 break; 3474 case IWI_LED_TX: 3475 /* read current transmission rate from adapter */ 3476 txrate = CSR_READ_4(sc, IWI_CSR_CURRENT_TX_RATE); 3477 if (blinkrates[sc->sc_txrix].rate != txrate) { 3478 for (j = 0; j < N(blinkrates)-1; j++) 3479 if (blinkrates[j].rate == txrate) 3480 break; 3481 sc->sc_txrix = j; 3482 } else 3483 j = sc->sc_txrix; 3484 break; 3485 case IWI_LED_RX: 3486 if (blinkrates[sc->sc_rxrix].rate != sc->sc_rxrate) { 3487 for (j = 0; j < N(blinkrates)-1; j++) 3488 if (blinkrates[j].rate == sc->sc_rxrate) 3489 break; 3490 sc->sc_rxrix = j; 3491 } else 3492 j = sc->sc_rxrix; 3493 break; 3494 } 3495 /* XXX beware of overflow */ 3496 iwi_led_blink(sc, (blinkrates[j].timeOn * hz) / 1000, 3497 (blinkrates[j].timeOff * hz) / 1000); 3498#undef N 3499} 3500 3501static int 3502iwi_sysctl_softled(SYSCTL_HANDLER_ARGS) 3503{ 3504 struct iwi_softc *sc = arg1; 3505 int softled = sc->sc_softled; 3506 int error; 3507 3508 error = sysctl_handle_int(oidp, &softled, 0, req); 3509 if (error || !req->newptr) 3510 return error; 3511 softled = (softled != 0); 3512 if (softled != sc->sc_softled) { 3513 if (softled) { 3514 uint32_t v = iwi_read_event(sc); 3515 v &= ~sc->sc_ledpin; 3516 iwi_write_event(sc, iwi_toggle_event(v)); 3517 } 3518 sc->sc_softled = softled; 3519 } 3520 return 0; 3521} 3522 3523static void 3524iwi_ledattach(struct iwi_softc *sc) 3525{ 3526 struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev); 3527 struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev); 3528 3529 sc->sc_blinking = 0; 3530 sc->sc_ledstate = 1; 3531 sc->sc_ledidle = (2700*hz)/1000; /* 2.7sec */ 3532 callout_init_mtx(&sc->sc_ledtimer, &sc->sc_mtx, 0); 3533 3534 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3535 "softled", CTLTYPE_INT | CTLFLAG_RW, sc, 0, 3536 iwi_sysctl_softled, "I", "enable/disable software LED support"); 3537 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3538 "ledpin", CTLFLAG_RW, &sc->sc_ledpin, 0, 3539 "pin setting to turn activity LED on"); 3540 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3541 "ledidle", CTLFLAG_RW, &sc->sc_ledidle, 0, 3542 "idle time for inactivity LED (ticks)"); 3543 /* XXX for debugging */ 3544 SYSCTL_ADD_INT(ctx, SYSCTL_CHILDREN(tree), OID_AUTO, 3545 "nictype", CTLFLAG_RD, &sc->sc_nictype, 0, 3546 "NIC type from EEPROM"); 3547 3548 sc->sc_ledpin = IWI_RST_LED_ACTIVITY; 3549 sc->sc_softled = 1; 3550 3551 sc->sc_nictype = (iwi_read_prom_word(sc, IWI_EEPROM_NIC) >> 8) & 0xff; 3552 if (sc->sc_nictype == 1) { 3553 /* 3554 * NB: led's are reversed. 3555 */ 3556 sc->sc_ledpin = IWI_RST_LED_ASSOCIATED; 3557 } 3558} 3559 3560static void 3561iwi_ops(void *arg, int npending) 3562{ 3563 struct iwi_softc *sc = arg; 3564 struct ieee80211com *ic = &sc->sc_ic; 3565 IWI_LOCK_DECL; 3566 int cmd; 3567 3568again: 3569 IWI_CMD_LOCK(sc); 3570 cmd = sc->sc_cmd[sc->sc_cmd_cur]; 3571 if (cmd == 0) { 3572 /* No more commands to process */ 3573 IWI_CMD_UNLOCK(sc); 3574 return; 3575 } 3576 sc->sc_cmd[sc->sc_cmd_cur] = 0; /* free the slot */ 3577 sc->sc_cmd_cur = (sc->sc_cmd_cur + 1) % IWI_CMD_MAXOPS; 3578 IWI_CMD_UNLOCK(sc); 3579 3580 IWI_LOCK(sc); 3581 while (sc->fw_state != IWI_FW_IDLE || (sc->flags & IWI_FLAG_BUSY)) { 3582 msleep(sc, &sc->sc_mtx, 0, "iwicmd", hz/10); 3583 } 3584 3585 if (!(sc->sc_ifp->if_drv_flags & IFF_DRV_RUNNING)) { 3586 IWI_UNLOCK(sc); 3587 return; 3588 } 3589 3590 switch (cmd) { 3591 case IWI_ASSOC: 3592 iwi_auth_and_assoc(sc); 3593 break; 3594 case IWI_DISASSOC: 3595 iwi_disassociate(sc, 0); 3596 break; 3597 case IWI_SET_WME: 3598 if (ic->ic_state == IEEE80211_S_RUN) 3599 (void) iwi_wme_setparams(sc); 3600 break; 3601 case IWI_SCAN_START: 3602 sc->flags |= IWI_FLAG_CHANNEL_SCAN; 3603 break; 3604 case IWI_SCAN_CURCHAN: 3605 case IWI_SCAN_ALLCHAN: 3606 if (!(sc->flags & IWI_FLAG_CHANNEL_SCAN)) { 3607 DPRINTF(("%s: ic_scan_curchan while not scanning\n", 3608 __func__)); 3609 goto done; 3610 } 3611 if (iwi_scanchan(sc, sc->sc_maxdwell, cmd)) 3612 ieee80211_cancel_scan(ic); 3613 3614 break; 3615 } 3616done: 3617 IWI_UNLOCK(sc); 3618 3619 /* Take another pass */ 3620 goto again; 3621} 3622 3623static int 3624iwi_queue_cmd(struct iwi_softc *sc, int cmd) 3625{ 3626 IWI_CMD_LOCK(sc); 3627 if (sc->sc_cmd[sc->sc_cmd_next] != 0) { 3628 IWI_CMD_UNLOCK(sc); 3629 DPRINTF(("%s: command %d dropped\n", __func__, cmd)); 3630 return (EBUSY); 3631 } 3632 3633 sc->sc_cmd[sc->sc_cmd_next] = cmd; 3634 sc->sc_cmd_next = (sc->sc_cmd_next + 1) % IWI_CMD_MAXOPS; 3635 taskqueue_enqueue(sc->sc_tq, &sc->sc_opstask); 3636 IWI_CMD_UNLOCK(sc); 3637 return (0); 3638} 3639 3640static void 3641iwi_scan_start(struct ieee80211com *ic) 3642{ 3643 struct ifnet *ifp = ic->ic_ifp; 3644 struct iwi_softc *sc = ifp->if_softc; 3645 3646 iwi_queue_cmd(sc, IWI_SCAN_START); 3647} 3648 3649static void 3650iwi_set_channel(struct ieee80211com *ic) 3651{ 3652 struct ifnet *ifp = ic->ic_ifp; 3653 struct iwi_softc *sc = ifp->if_softc; 3654 if (sc->fw_state == IWI_FW_IDLE) 3655 iwi_setcurchan(sc, ic->ic_curchan->ic_ieee); 3656} 3657 3658static void 3659iwi_scan_curchan(struct ieee80211com *ic, unsigned long maxdwell) 3660{ 3661 struct ifnet *ifp = ic->ic_ifp; 3662 struct iwi_softc *sc = ifp->if_softc; 3663 3664 sc->sc_maxdwell = maxdwell; 3665 iwi_queue_cmd(sc, IWI_SCAN_CURCHAN); 3666} 3667 3668#if 0 3669static void 3670iwi_scan_allchan(struct ieee80211com *ic, unsigned long maxdwell) 3671{ 3672 struct ifnet *ifp = ic->ic_ifp; 3673 struct iwi_softc *sc = ifp->if_softc; 3674 3675 sc->sc_maxdwell = maxdwell; 3676 iwi_queue_cmd(sc, IWI_SCAN_ALLCHAN); 3677} 3678#endif 3679 3680static void 3681iwi_scan_mindwell(struct ieee80211com *ic) 3682{ 3683 /* NB: don't try to abort scan; wait for firmware to finish */ 3684} 3685 3686static void 3687iwi_scan_end(struct ieee80211com *ic) 3688{ 3689 struct ifnet *ifp = ic->ic_ifp; 3690 struct iwi_softc *sc = ifp->if_softc; 3691 3692 taskqueue_enqueue(sc->sc_tq2, &sc->sc_scanaborttask); 3693} 3694 3695static void 3696iwi_assoc(struct ieee80211com *ic) 3697{ 3698 struct ifnet *ifp = ic->ic_ifp; 3699 struct iwi_softc *sc = ifp->if_softc; 3700 3701 /* The firmware will fail if we are already associated */ 3702 if (sc->flags & IWI_FLAG_ASSOCIATED) 3703 iwi_disassoc(ic); 3704 3705 iwi_queue_cmd(sc, IWI_ASSOC); 3706} 3707 3708static void 3709iwi_disassoc(struct ieee80211com *ic) 3710{ 3711 struct ifnet *ifp = ic->ic_ifp; 3712 struct iwi_softc *sc = ifp->if_softc; 3713 3714 iwi_queue_cmd(sc, IWI_DISASSOC); 3715} 3716