atw.c revision 1.64
1/* $NetBSD: atw.c,v 1.64 2004/07/15 07:26:17 dyoung Exp $ */ 2 3/*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39/* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43#include <sys/cdefs.h> 44__KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.64 2004/07/15 07:26:17 dyoung Exp $"); 45 46#include "bpfilter.h" 47 48#include <sys/param.h> 49#include <sys/systm.h> 50#include <sys/callout.h> 51#include <sys/mbuf.h> 52#include <sys/malloc.h> 53#include <sys/kernel.h> 54#include <sys/socket.h> 55#include <sys/ioctl.h> 56#include <sys/errno.h> 57#include <sys/device.h> 58#include <sys/time.h> 59 60#include <machine/endian.h> 61 62#include <uvm/uvm_extern.h> 63 64#include <net/if.h> 65#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_ether.h> 68 69#include <net80211/ieee80211_var.h> 70#include <net80211/ieee80211_compat.h> 71#include <net80211/ieee80211_radiotap.h> 72 73#if NBPFILTER > 0 74#include <net/bpf.h> 75#endif 76 77#include <machine/bus.h> 78#include <machine/intr.h> 79 80#include <dev/ic/atwreg.h> 81#include <dev/ic/rf3000reg.h> 82#include <dev/ic/si4136reg.h> 83#include <dev/ic/atwvar.h> 84#include <dev/ic/smc93cx6var.h> 85 86/* XXX TBD open questions 87 * 88 * 89 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 90 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 91 * handle this for me? 92 * 93 */ 94/* device attachment 95 * 96 * print TOFS[012] 97 * 98 * device initialization 99 * 100 * clear ATW_FRCTL_MAXPSP to disable max power saving 101 * set ATW_TXBR_ALCUPDATE to enable ALC 102 * set TOFS[012]? (hope not) 103 * disable rx/tx 104 * set ATW_PAR_SWR (software reset) 105 * wait for ATW_PAR_SWR clear 106 * disable interrupts 107 * ack status register 108 * enable interrupts 109 * 110 * rx/tx initialization 111 * 112 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 113 * allocate and init descriptor rings 114 * write ATW_PAR_DSL (descriptor skip length) 115 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 116 * write ATW_NAR_SQ for one/both transmit descriptor rings 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 119 * 120 * rx/tx end 121 * 122 * stop DMA 123 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 124 * flush tx w/ ATW_NAR_HF 125 * 126 * scan 127 * 128 * initialize rx/tx 129 * 130 * BSS join: (re)association response 131 * 132 * set ATW_FRCTL_AID 133 * 134 * optimizations ??? 135 * 136 */ 137 138#define ATW_REFSLAVE /* slavishly do what the reference driver does */ 139 140#define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 141#define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 142int atw_voodoo = VOODOO_DUR_11_ROUNDING; 143 144int atw_bbp_io_enable_delay = 20 * 1000; 145int atw_bbp_io_disable_delay = 2 * 1000; 146int atw_writewep_delay = 1000; 147int atw_beacon_len_adjust = 4; 148int atw_dwelltime = 200; 149int atw_xindiv2 = 0; 150 151#ifdef ATW_DEBUG 152int atw_debug = 0; 153 154#define ATW_DPRINTF(x) if (atw_debug > 0) printf x 155#define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 156#define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 157#define DPRINTF(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) printf x 158#define DPRINTF2(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 159#define DPRINTF3(sc, x) if ((sc)->sc_ic.ic_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 160 161static void atw_print_regs(struct atw_softc *, const char *); 162static void atw_dump_pkt(struct ifnet *, struct mbuf *); 163 164/* Note well: I never got atw_rf3000_read or atw_si4126_read to work. */ 165# ifdef ATW_BBPDEBUG 166static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 167static void atw_rf3000_print(struct atw_softc *); 168# endif /* ATW_BBPDEBUG */ 169 170# ifdef ATW_SYNDEBUG 171static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 172static void atw_si4126_print(struct atw_softc *); 173# endif /* ATW_SYNDEBUG */ 174 175#else 176#define ATW_DPRINTF(x) 177#define ATW_DPRINTF2(x) 178#define ATW_DPRINTF3(x) 179#define DPRINTF(sc, x) /* nothing */ 180#define DPRINTF2(sc, x) /* nothing */ 181#define DPRINTF3(sc, x) /* nothing */ 182#endif 183 184/* ifnet methods */ 185void atw_start(struct ifnet *); 186void atw_watchdog(struct ifnet *); 187int atw_ioctl(struct ifnet *, u_long, caddr_t); 188int atw_init(struct ifnet *); 189void atw_stop(struct ifnet *, int); 190 191/* Device attachment */ 192void atw_attach(struct atw_softc *); 193int atw_detach(struct atw_softc *); 194 195/* Rx/Tx process */ 196void atw_rxdrain(struct atw_softc *); 197void atw_txdrain(struct atw_softc *); 198int atw_add_rxbuf(struct atw_softc *, int); 199void atw_idle(struct atw_softc *, u_int32_t); 200 201/* Device (de)activation and power state */ 202int atw_enable(struct atw_softc *); 203void atw_disable(struct atw_softc *); 204void atw_power(int, void *); 205void atw_shutdown(void *); 206void atw_reset(struct atw_softc *); 207 208/* Interrupt handlers */ 209void atw_rxintr(struct atw_softc *); 210void atw_txintr(struct atw_softc *); 211void atw_linkintr(struct atw_softc *, u_int32_t); 212 213/* 802.11 state machine */ 214static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 215static int atw_tune(struct atw_softc *); 216static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 217 struct ieee80211_node *, int, int, u_int32_t); 218 219/* Device initialization */ 220static void atw_wcsr_init(struct atw_softc *); 221static void atw_cmdr_init(struct atw_softc *); 222static void atw_tofs2_init(struct atw_softc *); 223static void atw_txlmt_init(struct atw_softc *); 224static void atw_test1_init(struct atw_softc *); 225static void atw_rf_reset(struct atw_softc *); 226static void atw_cfp_init(struct atw_softc *); 227static void atw_tofs0_init(struct atw_softc *); 228static void atw_ifs_init(struct atw_softc *); 229static void atw_response_times_init(struct atw_softc *); 230static void atw_bbp_io_init(struct atw_softc *); 231 232/* RAM/ROM utilities */ 233static void atw_clear_sram(struct atw_softc *); 234static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 235static int atw_read_srom(struct atw_softc *); 236 237/* BSS setup */ 238static void atw_tsf(struct atw_softc *); 239static void atw_start_beacon(struct atw_softc *, int); 240static void atw_write_bssid(struct atw_softc *); 241static void atw_write_ssid(struct atw_softc *); 242static void atw_write_sup_rates(struct atw_softc *); 243static void atw_write_wep(struct atw_softc *); 244 245/* Media */ 246static int atw_media_change(struct ifnet *); 247static void atw_media_status(struct ifnet *, struct ifmediareq *); 248 249static void atw_filter_setup(struct atw_softc *); 250 251/* 802.11 utilities */ 252static void atw_frame_setdurs(struct atw_softc *, 253 struct atw_frame *, int, int); 254static struct ieee80211_node *atw_node_alloc(struct ieee80211com *); 255static void atw_node_free(struct ieee80211com *, 256 struct ieee80211_node *); 257static void atw_recv_beacon(struct ieee80211com *, struct mbuf *, 258 struct ieee80211_node *, int, int, 259 u_int32_t); 260static __inline uint32_t atw_last_even_tsft(uint32_t, uint32_t, 261 uint32_t); 262static __inline void atw_tsft(struct atw_softc *, uint32_t *, 263 uint32_t *); 264 265/* 266 * Tuner/transceiver/modem 267 */ 268static void atw_bbp_io_enable(struct atw_softc *, int); 269 270/* RFMD RF3000 Baseband Processor */ 271static int atw_rf3000_init(struct atw_softc *); 272static int atw_rf3000_tune(struct atw_softc *, u_int); 273static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 274 275/* Silicon Laboratories Si4126 RF/IF Synthesizer */ 276static void atw_si4126_tune(struct atw_softc *, u_int); 277static void atw_si4126_write(struct atw_softc *, u_int, u_int); 278 279const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 280const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 281 282const char *atw_tx_state[] = { 283 "STOPPED", 284 "RUNNING - read descriptor", 285 "RUNNING - transmitting", 286 "RUNNING - filling fifo", /* XXX */ 287 "SUSPENDED", 288 "RUNNING -- write descriptor", 289 "RUNNING -- write last descriptor", 290 "RUNNING - fifo full" 291}; 292 293const char *atw_rx_state[] = { 294 "STOPPED", 295 "RUNNING - read descriptor", 296 "RUNNING - check this packet, pre-fetch next", 297 "RUNNING - wait for reception", 298 "SUSPENDED", 299 "RUNNING - write descriptor", 300 "RUNNING - flush fifo", 301 "RUNNING - fifo drain" 302}; 303 304int 305atw_activate(struct device *self, enum devact act) 306{ 307 struct atw_softc *sc = (struct atw_softc *)self; 308 int rv = 0, s; 309 310 s = splnet(); 311 switch (act) { 312 case DVACT_ACTIVATE: 313 rv = EOPNOTSUPP; 314 break; 315 316 case DVACT_DEACTIVATE: 317 if_deactivate(&sc->sc_ic.ic_if); 318 break; 319 } 320 splx(s); 321 return rv; 322} 323 324/* 325 * atw_enable: 326 * 327 * Enable the ADM8211 chip. 328 */ 329int 330atw_enable(struct atw_softc *sc) 331{ 332 333 if (ATW_IS_ENABLED(sc) == 0) { 334 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 335 printf("%s: device enable failed\n", 336 sc->sc_dev.dv_xname); 337 return (EIO); 338 } 339 sc->sc_flags |= ATWF_ENABLED; 340 } 341 return (0); 342} 343 344/* 345 * atw_disable: 346 * 347 * Disable the ADM8211 chip. 348 */ 349void 350atw_disable(struct atw_softc *sc) 351{ 352 if (!ATW_IS_ENABLED(sc)) 353 return; 354 if (sc->sc_disable != NULL) 355 (*sc->sc_disable)(sc); 356 sc->sc_flags &= ~ATWF_ENABLED; 357} 358 359/* Returns -1 on failure. */ 360static int 361atw_read_srom(struct atw_softc *sc) 362{ 363 struct seeprom_descriptor sd; 364 u_int32_t reg; 365 366 (void)memset(&sd, 0, sizeof(sd)); 367 368 reg = ATW_READ(sc, ATW_TEST0); 369 370 if ((reg & (ATW_TEST0_EPNE|ATW_TEST0_EPSNM)) != 0) { 371 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 372 return -1; 373 } 374 375 switch (reg & ATW_TEST0_EPTYP_MASK) { 376 case ATW_TEST0_EPTYP_93c66: 377 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 378 sc->sc_sromsz = 512; 379 sd.sd_chip = C56_66; 380 break; 381 case ATW_TEST0_EPTYP_93c46: 382 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 383 sc->sc_sromsz = 128; 384 sd.sd_chip = C46; 385 break; 386 default: 387 printf("%s: unknown SROM type %d\n", sc->sc_dev.dv_xname, 388 MASK_AND_RSHIFT(reg, ATW_TEST0_EPTYP_MASK)); 389 return -1; 390 } 391 392 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 393 394 if (sc->sc_srom == NULL) { 395 printf("%s: unable to allocate SROM buffer\n", 396 sc->sc_dev.dv_xname); 397 return -1; 398 } 399 400 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 401 402 /* ADM8211 has a single 32-bit register for controlling the 403 * 93cx6 SROM. Bit SRS enables the serial port. There is no 404 * "ready" bit. The ADM8211 input/output sense is the reverse 405 * of read_seeprom's. 406 */ 407 sd.sd_tag = sc->sc_st; 408 sd.sd_bsh = sc->sc_sh; 409 sd.sd_regsize = 4; 410 sd.sd_control_offset = ATW_SPR; 411 sd.sd_status_offset = ATW_SPR; 412 sd.sd_dataout_offset = ATW_SPR; 413 sd.sd_CK = ATW_SPR_SCLK; 414 sd.sd_CS = ATW_SPR_SCS; 415 sd.sd_DI = ATW_SPR_SDO; 416 sd.sd_DO = ATW_SPR_SDI; 417 sd.sd_MS = ATW_SPR_SRS; 418 sd.sd_RDY = 0; 419 420 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 421 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 422 free(sc->sc_srom, M_DEVBUF); 423 return -1; 424 } 425#ifdef ATW_DEBUG 426 { 427 int i; 428 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 429 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 430 if (((i % 8) == 0) && (i != 0)) { 431 ATW_DPRINTF(("\n\t")); 432 } 433 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 434 } 435 ATW_DPRINTF(("\n")); 436 } 437#endif /* ATW_DEBUG */ 438 return 0; 439} 440 441#ifdef ATW_DEBUG 442static void 443atw_print_regs(struct atw_softc *sc, const char *where) 444{ 445#define PRINTREG(sc, reg) \ 446 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 447 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 448 449 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 450 451 PRINTREG(sc, ATW_PAR); 452 PRINTREG(sc, ATW_FRCTL); 453 PRINTREG(sc, ATW_TDR); 454 PRINTREG(sc, ATW_WTDP); 455 PRINTREG(sc, ATW_RDR); 456 PRINTREG(sc, ATW_WRDP); 457 PRINTREG(sc, ATW_RDB); 458 PRINTREG(sc, ATW_CSR3A); 459 PRINTREG(sc, ATW_TDBD); 460 PRINTREG(sc, ATW_TDBP); 461 PRINTREG(sc, ATW_STSR); 462 PRINTREG(sc, ATW_CSR5A); 463 PRINTREG(sc, ATW_NAR); 464 PRINTREG(sc, ATW_CSR6A); 465 PRINTREG(sc, ATW_IER); 466 PRINTREG(sc, ATW_CSR7A); 467 PRINTREG(sc, ATW_LPC); 468 PRINTREG(sc, ATW_TEST1); 469 PRINTREG(sc, ATW_SPR); 470 PRINTREG(sc, ATW_TEST0); 471 PRINTREG(sc, ATW_WCSR); 472 PRINTREG(sc, ATW_WPDR); 473 PRINTREG(sc, ATW_GPTMR); 474 PRINTREG(sc, ATW_GPIO); 475 PRINTREG(sc, ATW_BBPCTL); 476 PRINTREG(sc, ATW_SYNCTL); 477 PRINTREG(sc, ATW_PLCPHD); 478 PRINTREG(sc, ATW_MMIWADDR); 479 PRINTREG(sc, ATW_MMIRADDR1); 480 PRINTREG(sc, ATW_MMIRADDR2); 481 PRINTREG(sc, ATW_TXBR); 482 PRINTREG(sc, ATW_CSR15A); 483 PRINTREG(sc, ATW_ALCSTAT); 484 PRINTREG(sc, ATW_TOFS2); 485 PRINTREG(sc, ATW_CMDR); 486 PRINTREG(sc, ATW_PCIC); 487 PRINTREG(sc, ATW_PMCSR); 488 PRINTREG(sc, ATW_PAR0); 489 PRINTREG(sc, ATW_PAR1); 490 PRINTREG(sc, ATW_MAR0); 491 PRINTREG(sc, ATW_MAR1); 492 PRINTREG(sc, ATW_ATIMDA0); 493 PRINTREG(sc, ATW_ABDA1); 494 PRINTREG(sc, ATW_BSSID0); 495 PRINTREG(sc, ATW_TXLMT); 496 PRINTREG(sc, ATW_MIBCNT); 497 PRINTREG(sc, ATW_BCNT); 498 PRINTREG(sc, ATW_TSFTH); 499 PRINTREG(sc, ATW_TSC); 500 PRINTREG(sc, ATW_SYNRF); 501 PRINTREG(sc, ATW_BPLI); 502 PRINTREG(sc, ATW_CAP0); 503 PRINTREG(sc, ATW_CAP1); 504 PRINTREG(sc, ATW_RMD); 505 PRINTREG(sc, ATW_CFPP); 506 PRINTREG(sc, ATW_TOFS0); 507 PRINTREG(sc, ATW_TOFS1); 508 PRINTREG(sc, ATW_IFST); 509 PRINTREG(sc, ATW_RSPT); 510 PRINTREG(sc, ATW_TSFTL); 511 PRINTREG(sc, ATW_WEPCTL); 512 PRINTREG(sc, ATW_WESK); 513 PRINTREG(sc, ATW_WEPCNT); 514 PRINTREG(sc, ATW_MACTEST); 515 PRINTREG(sc, ATW_FER); 516 PRINTREG(sc, ATW_FEMR); 517 PRINTREG(sc, ATW_FPSR); 518 PRINTREG(sc, ATW_FFER); 519#undef PRINTREG 520} 521#endif /* ATW_DEBUG */ 522 523/* 524 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 525 */ 526void 527atw_attach(struct atw_softc *sc) 528{ 529 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 530 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 531 }; 532 struct ieee80211com *ic = &sc->sc_ic; 533 struct ifnet *ifp = &ic->ic_if; 534 int country_code, error, i, nrate; 535 u_int32_t reg; 536 static const char *type_strings[] = {"Intersil (not supported)", 537 "RFMD", "Marvel (not supported)"}; 538 539 sc->sc_txth = atw_txthresh_tab_lo; 540 541 SIMPLEQ_INIT(&sc->sc_txfreeq); 542 SIMPLEQ_INIT(&sc->sc_txdirtyq); 543 544#ifdef ATW_DEBUG 545 atw_print_regs(sc, "atw_attach"); 546#endif /* ATW_DEBUG */ 547 548 /* 549 * Allocate the control data structures, and create and load the 550 * DMA map for it. 551 */ 552 if ((error = bus_dmamem_alloc(sc->sc_dmat, 553 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 554 1, &sc->sc_cdnseg, 0)) != 0) { 555 printf("%s: unable to allocate control data, error = %d\n", 556 sc->sc_dev.dv_xname, error); 557 goto fail_0; 558 } 559 560 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 561 sizeof(struct atw_control_data), (caddr_t *)&sc->sc_control_data, 562 BUS_DMA_COHERENT)) != 0) { 563 printf("%s: unable to map control data, error = %d\n", 564 sc->sc_dev.dv_xname, error); 565 goto fail_1; 566 } 567 568 if ((error = bus_dmamap_create(sc->sc_dmat, 569 sizeof(struct atw_control_data), 1, 570 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 571 printf("%s: unable to create control data DMA map, " 572 "error = %d\n", sc->sc_dev.dv_xname, error); 573 goto fail_2; 574 } 575 576 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 577 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 578 0)) != 0) { 579 printf("%s: unable to load control data DMA map, error = %d\n", 580 sc->sc_dev.dv_xname, error); 581 goto fail_3; 582 } 583 584 /* 585 * Create the transmit buffer DMA maps. 586 */ 587 sc->sc_ntxsegs = ATW_NTXSEGS; 588 for (i = 0; i < ATW_TXQUEUELEN; i++) { 589 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 590 sc->sc_ntxsegs, MCLBYTES, 0, 0, 591 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 592 printf("%s: unable to create tx DMA map %d, " 593 "error = %d\n", sc->sc_dev.dv_xname, i, error); 594 goto fail_4; 595 } 596 } 597 598 /* 599 * Create the receive buffer DMA maps. 600 */ 601 for (i = 0; i < ATW_NRXDESC; i++) { 602 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 603 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 604 printf("%s: unable to create rx DMA map %d, " 605 "error = %d\n", sc->sc_dev.dv_xname, i, error); 606 goto fail_5; 607 } 608 } 609 for (i = 0; i < ATW_NRXDESC; i++) { 610 sc->sc_rxsoft[i].rxs_mbuf = NULL; 611 } 612 613 /* Reset the chip to a known state. */ 614 atw_reset(sc); 615 616 if (atw_read_srom(sc) == -1) 617 return; 618 619 sc->sc_rftype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 620 ATW_SR_RFTYPE_MASK); 621 622 sc->sc_bbptype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 623 ATW_SR_BBPTYPE_MASK); 624 625 if (sc->sc_rftype > sizeof(type_strings)/sizeof(type_strings[0])) { 626 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 627 return; 628 } 629 if (sc->sc_bbptype > sizeof(type_strings)/sizeof(type_strings[0])) { 630 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 631 return; 632 } 633 634 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 635 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 636 637 /* XXX There exists a Linux driver which seems to use RFType = 0 for 638 * MARVEL. My bug, or theirs? 639 */ 640 641 reg = LSHIFT(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 642 643 switch (sc->sc_rftype) { 644 case ATW_RFTYPE_INTERSIL: 645 reg |= ATW_SYNCTL_CS1; 646 break; 647 case ATW_RFTYPE_RFMD: 648 reg |= ATW_SYNCTL_CS0; 649 break; 650 case ATW_RFTYPE_MARVEL: 651 break; 652 } 653 654 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 655 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 656 657 reg = LSHIFT(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 658 659 switch (sc->sc_bbptype) { 660 case ATW_BBPTYPE_INTERSIL: 661 reg |= ATW_BBPCTL_TWI; 662 break; 663 case ATW_BBPTYPE_RFMD: 664 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 665 ATW_BBPCTL_CCA_ACTLO; 666 break; 667 case ATW_BBPTYPE_MARVEL: 668 break; 669 case ATW_C_BBPTYPE_RFMD: 670 printf("%s: ADM8211C MAC/RFMD BBP not supported yet.\n", 671 sc->sc_dev.dv_xname); 672 break; 673 } 674 675 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 676 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 677 678 /* 679 * From this point forward, the attachment cannot fail. A failure 680 * before this point releases all resources that may have been 681 * allocated. 682 */ 683 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 684 685 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 686 htole16(sc->sc_srom[ATW_SR_MAC00]), 687 htole16(sc->sc_srom[ATW_SR_MAC01]), 688 htole16(sc->sc_srom[ATW_SR_MAC10]))); 689 690 country_code = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 691 ATW_SR_CTRY_MASK); 692 693#define ADD_CHANNEL(_ic, _chan) do { \ 694 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 695 _ic->ic_channels[_chan].ic_freq = \ 696 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 697} while (0) 698 699 /* Find available channels */ 700 switch (country_code) { 701 case COUNTRY_MMK2: /* 1-14 */ 702 ADD_CHANNEL(ic, 14); 703 /*FALLTHROUGH*/ 704 case COUNTRY_ETSI: /* 1-13 */ 705 for (i = 1; i <= 13; i++) 706 ADD_CHANNEL(ic, i); 707 break; 708 case COUNTRY_FCC: /* 1-11 */ 709 case COUNTRY_IC: /* 1-11 */ 710 for (i = 1; i <= 11; i++) 711 ADD_CHANNEL(ic, i); 712 break; 713 case COUNTRY_MMK: /* 14 */ 714 ADD_CHANNEL(ic, 14); 715 break; 716 case COUNTRY_FRANCE: /* 10-13 */ 717 for (i = 10; i <= 13; i++) 718 ADD_CHANNEL(ic, i); 719 break; 720 default: /* assume channels 10-11 */ 721 case COUNTRY_SPAIN: /* 10-11 */ 722 for (i = 10; i <= 11; i++) 723 ADD_CHANNEL(ic, i); 724 break; 725 } 726 727 /* Read the MAC address. */ 728 reg = ATW_READ(sc, ATW_PAR0); 729 ic->ic_myaddr[0] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB0_MASK); 730 ic->ic_myaddr[1] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB1_MASK); 731 ic->ic_myaddr[2] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB2_MASK); 732 ic->ic_myaddr[3] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB3_MASK); 733 reg = ATW_READ(sc, ATW_PAR1); 734 ic->ic_myaddr[4] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB4_MASK); 735 ic->ic_myaddr[5] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB5_MASK); 736 737 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 738 printf(" could not get mac address, attach failed\n"); 739 return; 740 } 741 742 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 743 744 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 745 ifp->if_softc = sc; 746 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 747 IFF_NOTRAILERS; 748 ifp->if_ioctl = atw_ioctl; 749 ifp->if_start = atw_start; 750 ifp->if_watchdog = atw_watchdog; 751 ifp->if_init = atw_init; 752 ifp->if_stop = atw_stop; 753 IFQ_SET_READY(&ifp->if_snd); 754 755 ic->ic_phytype = IEEE80211_T_DS; 756 ic->ic_opmode = IEEE80211_M_STA; 757 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 758 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR | IEEE80211_C_WEP; 759 760 nrate = 0; 761 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 762 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 763 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 764 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 765 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 766 767 /* 768 * Call MI attach routines. 769 */ 770 771 if_attach(ifp); 772 ieee80211_ifattach(ifp); 773 774 sc->sc_newstate = ic->ic_newstate; 775 ic->ic_newstate = atw_newstate; 776 777 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 778 ic->ic_recv_mgmt = atw_recv_mgmt; 779 780 sc->sc_node_free = ic->ic_node_free; 781 ic->ic_node_free = atw_node_free; 782 783 sc->sc_node_alloc = ic->ic_node_alloc; 784 ic->ic_node_alloc = atw_node_alloc; 785 786 /* possibly we should fill in our own sc_send_prresp, since 787 * the ADM8211 is probably sending probe responses in ad hoc 788 * mode. 789 */ 790 791 /* complete initialization */ 792 ieee80211_media_init(ifp, atw_media_change, atw_media_status); 793 callout_init(&sc->sc_scan_ch); 794 795#if NBPFILTER > 0 796 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 797 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 798#endif 799 800 /* 801 * Make sure the interface is shutdown during reboot. 802 */ 803 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 804 if (sc->sc_sdhook == NULL) 805 printf("%s: WARNING: unable to establish shutdown hook\n", 806 sc->sc_dev.dv_xname); 807 808 /* 809 * Add a suspend hook to make sure we come back up after a 810 * resume. 811 */ 812 sc->sc_powerhook = powerhook_establish(atw_power, sc); 813 if (sc->sc_powerhook == NULL) 814 printf("%s: WARNING: unable to establish power hook\n", 815 sc->sc_dev.dv_xname); 816 817 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 818 sc->sc_rxtap.ar_ihdr.it_len = sizeof(sc->sc_rxtapu); 819 sc->sc_rxtap.ar_ihdr.it_present = ATW_RX_RADIOTAP_PRESENT; 820 821 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 822 sc->sc_txtap.at_ihdr.it_len = sizeof(sc->sc_txtapu); 823 sc->sc_txtap.at_ihdr.it_present = ATW_TX_RADIOTAP_PRESENT; 824 825 return; 826 827 /* 828 * Free any resources we've allocated during the failed attach 829 * attempt. Do this in reverse order and fall through. 830 */ 831 fail_5: 832 for (i = 0; i < ATW_NRXDESC; i++) { 833 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 834 continue; 835 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 836 } 837 fail_4: 838 for (i = 0; i < ATW_TXQUEUELEN; i++) { 839 if (sc->sc_txsoft[i].txs_dmamap == NULL) 840 continue; 841 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 842 } 843 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 844 fail_3: 845 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 846 fail_2: 847 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 848 sizeof(struct atw_control_data)); 849 fail_1: 850 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 851 fail_0: 852 return; 853} 854 855static struct ieee80211_node * 856atw_node_alloc(struct ieee80211com *ic) 857{ 858 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 859 struct ieee80211_node *ni = (*sc->sc_node_alloc)(ic); 860 861 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 862 return ni; 863} 864 865static void 866atw_node_free(struct ieee80211com *ic, struct ieee80211_node *ni) 867{ 868 struct atw_softc *sc = (struct atw_softc *)ic->ic_if.if_softc; 869 870 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 871 ether_sprintf(ni->ni_bssid))); 872 (*sc->sc_node_free)(ic, ni); 873} 874 875/* 876 * atw_reset: 877 * 878 * Perform a soft reset on the ADM8211. 879 */ 880void 881atw_reset(struct atw_softc *sc) 882{ 883 int i; 884 uint32_t lpc; 885 886 ATW_WRITE(sc, ATW_NAR, 0x0); 887 DELAY(20 * 1000); 888 889 /* Reference driver has a cryptic remark indicating that this might 890 * power-on the chip. I know that it turns off power-saving.... 891 */ 892 ATW_WRITE(sc, ATW_FRCTL, 0x0); 893 894 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 895 896 for (i = 0; i < 50; i++) { 897 if (ATW_READ(sc, ATW_PAR) == 0) 898 break; 899 DELAY(1000); 900 } 901 902 /* ... and then pause 100ms longer for good measure. */ 903 DELAY(100 * 1000); 904 905 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 906 907 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 908 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 909 910 /* 911 * Initialize the PCI Access Register. 912 */ 913 sc->sc_busmode = ATW_PAR_PBL_8DW; 914 915 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 916 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 917 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 918 919 /* Turn off maximum power saving, etc. 920 * 921 * XXX Following example of reference driver, should I set 922 * an AID of 1? It didn't seem to help.... 923 */ 924 ATW_WRITE(sc, ATW_FRCTL, 0x0); 925 926 DELAY(100 * 1000); 927 928 /* Recall EEPROM. */ 929 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 930 931 DELAY(10 * 1000); 932 933 lpc = ATW_READ(sc, ATW_LPC); 934 935 DPRINTF(sc, ("%s: ATW_LPC %#08x\n", __func__, lpc)); 936 937 /* A reset seems to affect the SRAM contents, so put them into 938 * a known state. 939 */ 940 atw_clear_sram(sc); 941 942 memset(sc->sc_bssid, 0xff, sizeof(sc->sc_bssid)); 943} 944 945static void 946atw_clear_sram(struct atw_softc *sc) 947{ 948 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 949 /* XXX not for revision 0x20. */ 950 atw_write_sram(sc, 0, sc->sc_sram, sizeof(sc->sc_sram)); 951} 952 953/* TBD atw_init 954 * 955 * set MAC based on ic->ic_bss->myaddr 956 * write WEP keys 957 * set TX rate 958 */ 959 960/* Tell the ADM8211 to raise ATW_INTR_LINKOFF if 7 beacon intervals pass 961 * without receiving a beacon with the preferred BSSID & SSID. 962 * atw_write_bssid & atw_write_ssid set the BSSID & SSID. 963 */ 964static void 965atw_wcsr_init(struct atw_softc *sc) 966{ 967 uint32_t wcsr; 968 969 wcsr = ATW_READ(sc, ATW_WCSR); 970 wcsr &= ~(ATW_WCSR_BLN_MASK|ATW_WCSR_LSOE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 971 wcsr |= LSHIFT(7, ATW_WCSR_BLN_MASK); 972 ATW_WRITE(sc, ATW_WCSR, wcsr); /* XXX resets wake-up status bits */ 973 974 DPRINTF(sc, ("%s: %s reg[WCSR] = %08x\n", 975 sc->sc_dev.dv_xname, __func__, ATW_READ(sc, ATW_WCSR))); 976} 977 978/* Turn off power management. Set Rx store-and-forward mode. */ 979static void 980atw_cmdr_init(struct atw_softc *sc) 981{ 982 uint32_t cmdr; 983 cmdr = ATW_READ(sc, ATW_CMDR); 984 cmdr &= ~ATW_CMDR_APM; 985 cmdr |= ATW_CMDR_RTE; 986 cmdr &= ~ATW_CMDR_DRT_MASK; 987 cmdr |= ATW_CMDR_DRT_SF; 988 989 ATW_WRITE(sc, ATW_CMDR, cmdr); 990} 991 992static void 993atw_tofs2_init(struct atw_softc *sc) 994{ 995 uint32_t tofs2; 996 /* XXX this magic can probably be figured out from the RFMD docs */ 997#ifndef ATW_REFSLAVE 998 tofs2 = LSHIFT(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 999 LSHIFT(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1000 LSHIFT(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1001 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1002 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1003 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1004 LSHIFT(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1005 LSHIFT(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1006#else 1007 /* XXX new magic from reference driver source */ 1008 tofs2 = LSHIFT(8, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1009 LSHIFT(8, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1010 LSHIFT(1, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1011 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1012 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1013 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1014 LSHIFT(1, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1015 LSHIFT(8, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1016#endif 1017 ATW_WRITE(sc, ATW_TOFS2, tofs2); 1018} 1019 1020static void 1021atw_nar_init(struct atw_softc *sc) 1022{ 1023 ATW_WRITE(sc, ATW_NAR, ATW_NAR_SF|ATW_NAR_PB); 1024} 1025 1026static void 1027atw_txlmt_init(struct atw_softc *sc) 1028{ 1029 ATW_WRITE(sc, ATW_TXLMT, LSHIFT(512, ATW_TXLMT_MTMLT_MASK) | 1030 LSHIFT(1, ATW_TXLMT_SRTYLIM_MASK)); 1031} 1032 1033static void 1034atw_test1_init(struct atw_softc *sc) 1035{ 1036 uint32_t test1; 1037 1038 test1 = ATW_READ(sc, ATW_TEST1); 1039 test1 &= ~(ATW_TEST1_DBGREAD_MASK|ATW_TEST1_CONTROL); 1040 /* XXX magic 0x1 */ 1041 test1 |= LSHIFT(0x1, ATW_TEST1_DBGREAD_MASK) | ATW_TEST1_CONTROL; 1042 ATW_WRITE(sc, ATW_TEST1, test1); 1043} 1044 1045static void 1046atw_rf_reset(struct atw_softc *sc) 1047{ 1048 /* XXX this resets an Intersil RF front-end? */ 1049 /* TBD condition on Intersil RFType? */ 1050 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 1051 DELAY(10 * 1000); 1052 ATW_WRITE(sc, ATW_SYNRF, 0); 1053 DELAY(5 * 1000); 1054} 1055 1056/* Set 16 TU max duration for the contention-free period (CFP). */ 1057static void 1058atw_cfp_init(struct atw_softc *sc) 1059{ 1060 uint32_t cfpp; 1061 1062 cfpp = ATW_READ(sc, ATW_CFPP); 1063 cfpp &= ~ATW_CFPP_CFPMD; 1064 cfpp |= LSHIFT(16, ATW_CFPP_CFPMD); 1065 ATW_WRITE(sc, ATW_CFPP, cfpp); 1066} 1067 1068static void 1069atw_tofs0_init(struct atw_softc *sc) 1070{ 1071 /* XXX I guess that the Cardbus clock is 22MHz? 1072 * I am assuming that the role of ATW_TOFS0_USCNT is 1073 * to divide the bus clock to get a 1MHz clock---the datasheet is not 1074 * very clear on this point. It says in the datasheet that it is 1075 * possible for the ADM8211 to accomodate bus speeds between 22MHz 1076 * and 33MHz; maybe this is the way? I see a binary-only driver write 1077 * these values. These values are also the power-on default. 1078 */ 1079 ATW_WRITE(sc, ATW_TOFS0, 1080 LSHIFT(22, ATW_TOFS0_USCNT_MASK) | 1081 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 1082} 1083 1084/* Initialize interframe spacing: 802.11b slot time, SIFS, DIFS, EIFS. */ 1085static void 1086atw_ifs_init(struct atw_softc *sc) 1087{ 1088 uint32_t ifst; 1089 /* XXX EIFS=0x64, SIFS=110 are used by the reference driver. 1090 * Go figure. 1091 */ 1092 ifst = LSHIFT(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 1093 LSHIFT(22 * 5 /* IEEE80211_DUR_DS_SIFS */ /* # of 22MHz cycles */, 1094 ATW_IFST_SIFS_MASK) | 1095 LSHIFT(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1096 LSHIFT(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1097 1098 ATW_WRITE(sc, ATW_IFST, ifst); 1099} 1100 1101static void 1102atw_response_times_init(struct atw_softc *sc) 1103{ 1104 /* XXX More magic. Relates to ACK timing? The datasheet seems to 1105 * indicate that the MAC expects at least SIFS + MIRT microseconds 1106 * to pass after it transmits a frame that requires a response; 1107 * it waits at most SIFS + MART microseconds for the response. 1108 * Surely this is not the ACK timeout? 1109 */ 1110 ATW_WRITE(sc, ATW_RSPT, LSHIFT(0xffff, ATW_RSPT_MART_MASK) | 1111 LSHIFT(0xff, ATW_RSPT_MIRT_MASK)); 1112} 1113 1114/* Set up the MMI read/write addresses for the baseband. The Tx/Rx 1115 * engines read and write baseband registers after Rx and before 1116 * Tx, respectively. 1117 */ 1118static void 1119atw_bbp_io_init(struct atw_softc *sc) 1120{ 1121 switch (sc->sc_bbptype) { 1122 case ATW_BBPTYPE_INTERSIL: 1123 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1124 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1125 ATW_WRITE(sc, ATW_MMIRADDR2, ATW_MMIRADDR2_INTERSIL); 1126 break; 1127 case ATW_BBPTYPE_MARVEL: 1128 /* TBD find out the Marvel settings. */ 1129 break; 1130 case ATW_BBPTYPE_RFMD: 1131 default: 1132 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1133 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1134 ATW_WRITE(sc, ATW_MMIRADDR2, ATW_MMIRADDR2_RFMD); 1135 break; 1136 } 1137 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1138} 1139 1140/* 1141 * atw_init: [ ifnet interface function ] 1142 * 1143 * Initialize the interface. Must be called at splnet(). 1144 */ 1145int 1146atw_init(struct ifnet *ifp) 1147{ 1148 struct atw_softc *sc = ifp->if_softc; 1149 struct ieee80211com *ic = &sc->sc_ic; 1150 struct atw_txsoft *txs; 1151 struct atw_rxsoft *rxs; 1152 int i, error = 0; 1153 1154 if ((error = atw_enable(sc)) != 0) 1155 goto out; 1156 1157 /* 1158 * Cancel any pending I/O. This also resets. 1159 */ 1160 atw_stop(ifp, 0); 1161 1162 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1163 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 1164 __func__, ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan), 1165 ic->ic_bss->ni_chan->ic_freq, ic->ic_bss->ni_chan->ic_flags)); 1166 1167 atw_wcsr_init(sc); 1168 1169 atw_cmdr_init(sc); 1170 1171 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 1172 * 1173 * XXX Set transmit power for ATIM, RTS, Beacon. 1174 */ 1175 ATW_WRITE(sc, ATW_PLCPHD, LSHIFT(10, ATW_PLCPHD_SIGNAL_MASK) | 1176 LSHIFT(0xb0, ATW_PLCPHD_SERVICE_MASK)); 1177 1178 atw_tofs2_init(sc); 1179 1180 atw_nar_init(sc); 1181 1182 atw_txlmt_init(sc); 1183 1184 atw_test1_init(sc); 1185 1186 atw_rf_reset(sc); 1187 1188 atw_cfp_init(sc); 1189 1190 atw_tofs0_init(sc); 1191 1192 atw_ifs_init(sc); 1193 1194 /* XXX Fall asleep after one second of inactivity. 1195 * XXX A frame may only dribble in for 65536us. 1196 */ 1197 ATW_WRITE(sc, ATW_RMD, 1198 LSHIFT(1, ATW_RMD_PCNT) | LSHIFT(0xffff, ATW_RMD_RMRD_MASK)); 1199 1200 atw_response_times_init(sc); 1201 1202 atw_bbp_io_init(sc); 1203 1204 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1205 1206 if ((error = atw_rf3000_init(sc)) != 0) 1207 goto out; 1208 1209 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1210 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1211 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1212 1213 /* 1214 * Initialize the transmit descriptor ring. 1215 */ 1216 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1217 for (i = 0; i < ATW_NTXDESC; i++) { 1218 sc->sc_txdescs[i].at_ctl = 0; 1219 /* no transmit chaining */ 1220 sc->sc_txdescs[i].at_flags = 0 /* ATW_TXFLAG_TCH */; 1221 sc->sc_txdescs[i].at_buf2 = 1222 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1223 } 1224 /* use ring mode */ 1225 sc->sc_txdescs[ATW_NTXDESC - 1].at_flags |= htole32(ATW_TXFLAG_TER); 1226 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1227 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1228 sc->sc_txfree = ATW_NTXDESC; 1229 sc->sc_txnext = 0; 1230 1231 /* 1232 * Initialize the transmit job descriptors. 1233 */ 1234 SIMPLEQ_INIT(&sc->sc_txfreeq); 1235 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1236 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1237 txs = &sc->sc_txsoft[i]; 1238 txs->txs_mbuf = NULL; 1239 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1240 } 1241 1242 /* 1243 * Initialize the receive descriptor and receive job 1244 * descriptor rings. 1245 */ 1246 for (i = 0; i < ATW_NRXDESC; i++) { 1247 rxs = &sc->sc_rxsoft[i]; 1248 if (rxs->rxs_mbuf == NULL) { 1249 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1250 printf("%s: unable to allocate or map rx " 1251 "buffer %d, error = %d\n", 1252 sc->sc_dev.dv_xname, i, error); 1253 /* 1254 * XXX Should attempt to run with fewer receive 1255 * XXX buffers instead of just failing. 1256 */ 1257 atw_rxdrain(sc); 1258 goto out; 1259 } 1260 } else 1261 ATW_INIT_RXDESC(sc, i); 1262 } 1263 sc->sc_rxptr = 0; 1264 1265 /* 1266 * Initialize the interrupt mask and enable interrupts. 1267 */ 1268 /* normal interrupts */ 1269 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1270 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1271 1272 /* abnormal interrupts */ 1273 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1274 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1275 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1276 1277 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1278 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1279 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1280 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1281 ATW_INTR_TRT; 1282 1283 sc->sc_linkint_mask &= sc->sc_inten; 1284 sc->sc_rxint_mask &= sc->sc_inten; 1285 sc->sc_txint_mask &= sc->sc_inten; 1286 1287 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1288 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1289 1290 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1291 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1292 1293 /* 1294 * Give the transmit and receive rings to the ADM8211. 1295 */ 1296 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1297 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1298 1299 sc->sc_txthresh = 0; 1300 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1301 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1302 1303 /* common 802.11 configuration */ 1304 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1305 switch (ic->ic_opmode) { 1306 case IEEE80211_M_STA: 1307 break; 1308 case IEEE80211_M_AHDEMO: /* XXX */ 1309 case IEEE80211_M_IBSS: 1310 ic->ic_flags |= IEEE80211_F_IBSSON; 1311 /*FALLTHROUGH*/ 1312 case IEEE80211_M_HOSTAP: /* XXX */ 1313 break; 1314 case IEEE80211_M_MONITOR: /* XXX */ 1315 break; 1316 } 1317 1318 switch (ic->ic_opmode) { 1319 case IEEE80211_M_AHDEMO: 1320 case IEEE80211_M_HOSTAP: 1321 ic->ic_bss->ni_intval = ic->ic_lintval; 1322 ic->ic_bss->ni_rssi = 0; 1323 ic->ic_bss->ni_rstamp = 0; 1324 break; 1325 default: /* XXX */ 1326 break; 1327 } 1328 1329 sc->sc_wepctl = 0; 1330 1331 atw_write_ssid(sc); 1332 atw_write_sup_rates(sc); 1333 if (ic->ic_caps & IEEE80211_C_WEP) 1334 atw_write_wep(sc); 1335 1336 ic->ic_state = IEEE80211_S_INIT; 1337 1338 /* 1339 * Set the receive filter. This will start the transmit and 1340 * receive processes. 1341 */ 1342 atw_filter_setup(sc); 1343 1344 /* 1345 * Start the receive process. 1346 */ 1347 ATW_WRITE(sc, ATW_RDR, 0x1); 1348 1349 /* 1350 * Note that the interface is now running. 1351 */ 1352 ifp->if_flags |= IFF_RUNNING; 1353 ifp->if_flags &= ~IFF_OACTIVE; 1354 1355 /* send no beacons, yet. */ 1356 atw_start_beacon(sc, 0); 1357 1358 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1359 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1360 else 1361 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1362 out: 1363 if (error) { 1364 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1365 ifp->if_timer = 0; 1366 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1367 } 1368#ifdef ATW_DEBUG 1369 atw_print_regs(sc, "end of init"); 1370#endif /* ATW_DEBUG */ 1371 1372 return (error); 1373} 1374 1375/* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1376 * 0: MAC control of RF3000/Si4126. 1377 * 1378 * Applies power, or selects RF front-end? Sets reset condition. 1379 * 1380 * TBD support non-RFMD BBP, non-SiLabs synth. 1381 */ 1382static void 1383atw_bbp_io_enable(struct atw_softc *sc, int enable) 1384{ 1385 if (enable) { 1386 ATW_WRITE(sc, ATW_SYNRF, 1387 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1388 DELAY(atw_bbp_io_enable_delay); 1389 } else { 1390 ATW_WRITE(sc, ATW_SYNRF, 0); 1391 DELAY(atw_bbp_io_disable_delay); /* shorter for some reason */ 1392 } 1393} 1394 1395static int 1396atw_tune(struct atw_softc *sc) 1397{ 1398 int rc; 1399 u_int chan; 1400 struct ieee80211com *ic = &sc->sc_ic; 1401 1402 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1403 if (chan == IEEE80211_CHAN_ANY) 1404 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1405 1406 if (chan == sc->sc_cur_chan) 1407 return 0; 1408 1409 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1410 sc->sc_cur_chan, chan)); 1411 1412 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1413 1414 atw_si4126_tune(sc, chan); 1415 if ((rc = atw_rf3000_tune(sc, chan)) != 0) 1416 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1417 chan); 1418 1419 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1420 DELAY(20 * 1000); 1421 ATW_WRITE(sc, ATW_RDR, 0x1); 1422 1423 if (rc == 0) 1424 sc->sc_cur_chan = chan; 1425 1426 return rc; 1427} 1428 1429#ifdef ATW_SYNDEBUG 1430static void 1431atw_si4126_print(struct atw_softc *sc) 1432{ 1433 struct ifnet *ifp = &sc->sc_ic.ic_if; 1434 u_int addr, val; 1435 1436 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1437 return; 1438 1439 for (addr = 0; addr <= 8; addr++) { 1440 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1441 if (atw_si4126_read(sc, addr, &val) == 0) { 1442 printf("<unknown> (quitting print-out)\n"); 1443 break; 1444 } 1445 printf("%05x\n", val); 1446 } 1447} 1448#endif /* ATW_SYNDEBUG */ 1449 1450/* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1451 * 1452 * The RF/IF synthesizer produces two reference frequencies for 1453 * the RF2948B transceiver. The first frequency the RF2948B requires 1454 * is two times the so-called "intermediate frequency" (IF). Since 1455 * a SAW filter on the radio fixes the IF at 374MHz, I program the 1456 * Si4126 to generate IF LO = 374MHz x 2 = 748MHz. The second 1457 * frequency required by the transceiver is the radio frequency 1458 * (RF). This is a superheterodyne transceiver; for f(chan) the 1459 * center frequency of the channel we are tuning, RF = f(chan) - 1460 * IF. 1461 * 1462 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1463 * of XIN than the 2-25MHz mentioned by the datasheet, even *without* 1464 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1465 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1466 */ 1467static void 1468atw_si4126_tune(struct atw_softc *sc, u_int chan) 1469{ 1470 u_int mhz; 1471 u_int R; 1472 u_int32_t gpio; 1473 u_int16_t gain; 1474 1475#ifdef ATW_SYNDEBUG 1476 atw_si4126_print(sc); 1477#endif /* ATW_SYNDEBUG */ 1478 1479 if (chan == 14) 1480 mhz = 2484; 1481 else 1482 mhz = 2412 + 5 * (chan - 1); 1483 1484 /* Tune IF to 748MHz to suit the IF LO input of the 1485 * RF2494B, which is 2 x IF. No need to set an IF divider 1486 * because an IF in 526MHz - 952MHz is allowed. 1487 * 1488 * XIN is 44.000MHz, so divide it by two to get allowable 1489 * range of 2-25MHz. SiLabs tells me that this is not 1490 * strictly necessary. 1491 */ 1492 1493 if (atw_xindiv2) 1494 R = 44; 1495 else 1496 R = 88; 1497 1498 /* Power-up RF, IF synthesizers. */ 1499 atw_si4126_write(sc, SI4126_POWER, 1500 SI4126_POWER_PDIB|SI4126_POWER_PDRB); 1501 1502 /* set LPWR, too? */ 1503 atw_si4126_write(sc, SI4126_MAIN, 1504 (atw_xindiv2) ? SI4126_MAIN_XINDIV2 : 0); 1505 1506 /* Set the phase-locked loop gain. If RF2 N > 2047, then 1507 * set KP2 to 1. 1508 * 1509 * REFDIF This is different from the reference driver, which 1510 * always sets SI4126_GAIN to 0. 1511 */ 1512 gain = LSHIFT(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1513 1514 atw_si4126_write(sc, SI4126_GAIN, gain); 1515 1516 /* XIN = 44MHz. 1517 * 1518 * If XINDIV2 = 1, IF = N/(2 * R) * XIN. I choose N = 1496, 1519 * R = 44 so that 1496/(2 * 44) * 44MHz = 748MHz. 1520 * 1521 * If XINDIV2 = 0, IF = N/R * XIN. I choose N = 1496, R = 88 1522 * so that 1496/88 * 44MHz = 748MHz. 1523 */ 1524 atw_si4126_write(sc, SI4126_IFN, 1496); 1525 1526 atw_si4126_write(sc, SI4126_IFR, R); 1527 1528#ifndef ATW_REFSLAVE 1529 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1530 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1531 * which has no RF1! 1532 */ 1533 atw_si4126_write(sc, SI4126_RF1R, R); 1534 1535 atw_si4126_write(sc, SI4126_RF1N, mhz - 374); 1536#endif 1537 1538 /* N/R * XIN = RF. XIN = 44MHz. We desire RF = mhz - IF, 1539 * where IF = 374MHz. Let's divide XIN to 1MHz. So R = 44. 1540 * Now let's multiply it to mhz. So mhz - IF = N. 1541 */ 1542 atw_si4126_write(sc, SI4126_RF2R, R); 1543 1544 atw_si4126_write(sc, SI4126_RF2N, mhz - 374); 1545 1546 /* wait 100us from power-up for RF, IF to settle */ 1547 DELAY(100); 1548 1549 gpio = ATW_READ(sc, ATW_GPIO); 1550 gpio &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1551 gpio |= LSHIFT(1, ATW_GPIO_EN_MASK); 1552 1553 if ((sc->sc_if.if_flags & IFF_LINK1) != 0 && chan != 14) { 1554 /* Set a Prism RF front-end to a special mode for channel 14? 1555 * 1556 * Apparently the SMC2635W needs this, although I don't think 1557 * it has a Prism RF. 1558 */ 1559 gpio |= LSHIFT(1, ATW_GPIO_O_MASK); 1560 } 1561 ATW_WRITE(sc, ATW_GPIO, gpio); 1562 1563#ifdef ATW_SYNDEBUG 1564 atw_si4126_print(sc); 1565#endif /* ATW_SYNDEBUG */ 1566} 1567 1568/* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1569 * diversity. 1570 * 1571 * !!! 1572 * !!! Call this w/ Tx/Rx suspended, atw_idle(, ATW_NAR_ST|ATW_NAR_SR). 1573 * !!! 1574 */ 1575static int 1576atw_rf3000_init(struct atw_softc *sc) 1577{ 1578 int rc = 0; 1579 1580 atw_bbp_io_enable(sc, 1); 1581 1582 /* CCA is acquisition sensitive */ 1583 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1584 LSHIFT(RF3000_CCACTL_MODE_BOTH, RF3000_CCACTL_MODE_MASK)); 1585 1586 if (rc != 0) 1587 goto out; 1588 1589 /* enable diversity */ 1590 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1591 1592 if (rc != 0) 1593 goto out; 1594 1595 /* sensible setting from a binary-only driver */ 1596 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1597 LSHIFT(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1598 1599 if (rc != 0) 1600 goto out; 1601 1602 /* magic from a binary-only driver */ 1603 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1604 LSHIFT(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1605 1606 if (rc != 0) 1607 goto out; 1608 1609 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1610 1611 if (rc != 0) 1612 goto out; 1613 1614 /* XXX Reference driver remarks that Abocom sets this to 50. 1615 * Meaning 0x50, I think.... 50 = 0x32, which would set a bit 1616 * in the "reserved" area of register RF3000_OPTIONS1. 1617 * 1618 * EEPROMs for the ADM8211B contain a setting for this register. 1619 */ 1620 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1621 1622 if (rc != 0) 1623 goto out; 1624 1625 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1626 1627 if (rc != 0) 1628 goto out; 1629 1630out: 1631 atw_bbp_io_enable(sc, 0); 1632 return rc; 1633} 1634 1635#ifdef ATW_BBPDEBUG 1636static void 1637atw_rf3000_print(struct atw_softc *sc) 1638{ 1639 struct ifnet *ifp = &sc->sc_ic.ic_if; 1640 u_int addr, val; 1641 1642 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1643 return; 1644 1645 for (addr = 0x01; addr <= 0x15; addr++) { 1646 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1647 if (atw_rf3000_read(sc, addr, &val) != 0) { 1648 printf("<unknown> (quitting print-out)\n"); 1649 break; 1650 } 1651 printf("%08x\n", val); 1652 } 1653} 1654#endif /* ATW_BBPDEBUG */ 1655 1656/* Set the power settings on the BBP for channel `chan'. */ 1657static int 1658atw_rf3000_tune(struct atw_softc *sc, u_int chan) 1659{ 1660 int rc = 0; 1661 u_int32_t reg; 1662 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1663 1664 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1665 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1666 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1667 1668 /* odd channels: LSB, even channels: MSB */ 1669 if (chan % 2 == 1) { 1670 txpower &= 0xFF; 1671 lpf_cutoff &= 0xFF; 1672 lna_gs_thresh &= 0xFF; 1673 } else { 1674 txpower >>= 8; 1675 lpf_cutoff >>= 8; 1676 lna_gs_thresh >>= 8; 1677 } 1678 1679#ifdef ATW_BBPDEBUG 1680 atw_rf3000_print(sc); 1681#endif /* ATW_BBPDEBUG */ 1682 1683 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1684 "lna_gs_thresh %02x\n", 1685 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1686 1687 atw_bbp_io_enable(sc, 1); 1688 1689 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1690 LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1691 goto out; 1692 1693 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1694 goto out; 1695 1696 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1697 goto out; 1698 1699 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1700 1701 if (rc != 0) 1702 goto out; 1703 1704 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1705 1706 if (rc != 0) 1707 goto out; 1708 1709#ifdef ATW_BBPDEBUG 1710 atw_rf3000_print(sc); 1711#endif /* ATW_BBPDEBUG */ 1712 1713out: 1714 atw_bbp_io_enable(sc, 0); 1715 1716 /* set beacon, rts, atim transmit power */ 1717 reg = ATW_READ(sc, ATW_PLCPHD); 1718 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1719 reg |= LSHIFT(LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK), 1720 ATW_PLCPHD_SERVICE_MASK); 1721 ATW_WRITE(sc, ATW_PLCPHD, reg); 1722 DELAY(2 * 1000); 1723 1724 return rc; 1725} 1726 1727/* Write a register on the RF3000 baseband processor using the 1728 * registers provided by the ADM8211 for this purpose. 1729 * 1730 * Return 0 on success. 1731 */ 1732static int 1733atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1734{ 1735 u_int32_t reg; 1736 int i; 1737 1738 reg = sc->sc_bbpctl_wr | 1739 LSHIFT(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1740 LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1741 1742 for (i = 10; --i >= 0; ) { 1743 ATW_WRITE(sc, ATW_BBPCTL, reg); 1744 DELAY(2000); 1745 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1746 break; 1747 } 1748 1749 if (i < 0) { 1750 printf("%s: BBPCTL still busy\n", sc->sc_dev.dv_xname); 1751 return ETIMEDOUT; 1752 } 1753 return 0; 1754} 1755 1756/* Read a register on the RF3000 baseband processor using the registers 1757 * the ADM8211 provides for this purpose. 1758 * 1759 * The 7-bit register address is addr. Record the 8-bit data in the register 1760 * in *val. 1761 * 1762 * Return 0 on success. 1763 * 1764 * XXX This does not seem to work. The ADM8211 must require more or 1765 * different magic to read the chip than to write it. Possibly some 1766 * of the magic I have derived from a binary-only driver concerns 1767 * the "chip address" (see the RF3000 manual). 1768 */ 1769#ifdef ATW_BBPDEBUG 1770static int 1771atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1772{ 1773 u_int32_t reg; 1774 int i; 1775 1776 for (i = 1000; --i >= 0; ) { 1777 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1778 break; 1779 DELAY(100); 1780 } 1781 1782 if (i < 0) { 1783 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1784 sc->sc_dev.dv_xname); 1785 return ETIMEDOUT; 1786 } 1787 1788 reg = sc->sc_bbpctl_rd | LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1789 1790 ATW_WRITE(sc, ATW_BBPCTL, reg); 1791 1792 for (i = 1000; --i >= 0; ) { 1793 DELAY(100); 1794 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1795 break; 1796 } 1797 1798 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1799 1800 if (i < 0) { 1801 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1802 sc->sc_dev.dv_xname, reg); 1803 return ETIMEDOUT; 1804 } 1805 if (val != NULL) 1806 *val = MASK_AND_RSHIFT(reg, ATW_BBPCTL_DATA_MASK); 1807 return 0; 1808} 1809#endif /* ATW_BBPDEBUG */ 1810 1811/* Write a register on the Si4126 RF/IF synthesizer using the registers 1812 * provided by the ADM8211 for that purpose. 1813 * 1814 * val is 18 bits of data, and val is the 4-bit address of the register. 1815 * 1816 * Return 0 on success. 1817 */ 1818static void 1819atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1820{ 1821 uint32_t bits, mask, reg; 1822 const int nbits = 22; 1823 1824 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1825 KASSERT((val & ~PRESHIFT(SI4126_TWI_DATA_MASK)) == 0); 1826 1827 bits = LSHIFT(val, SI4126_TWI_DATA_MASK) | 1828 LSHIFT(addr, SI4126_TWI_ADDR_MASK); 1829 1830 reg = ATW_SYNRF_SELSYN; 1831 /* reference driver: reset Si4126 serial bus to initial 1832 * conditions? 1833 */ 1834 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1835 ATW_WRITE(sc, ATW_SYNRF, reg); 1836 1837 for (mask = BIT(nbits - 1); mask != 0; mask >>= 1) { 1838 if ((bits & mask) != 0) 1839 reg |= ATW_SYNRF_SYNDATA; 1840 else 1841 reg &= ~ATW_SYNRF_SYNDATA; 1842 ATW_WRITE(sc, ATW_SYNRF, reg); 1843 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_SYNCLK); 1844 ATW_WRITE(sc, ATW_SYNRF, reg); 1845 } 1846 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1847 ATW_WRITE(sc, ATW_SYNRF, 0x0); 1848} 1849 1850/* Read 18-bit data from the 4-bit address addr in Si4126 1851 * RF synthesizer and write the data to *val. Return 0 on success. 1852 * 1853 * XXX This does not seem to work. The ADM8211 must require more or 1854 * different magic to read the chip than to write it. 1855 */ 1856#ifdef ATW_SYNDEBUG 1857static int 1858atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1859{ 1860 u_int32_t reg; 1861 int i; 1862 1863 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1864 1865 for (i = 1000; --i >= 0; ) { 1866 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1867 break; 1868 DELAY(100); 1869 } 1870 1871 if (i < 0) { 1872 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1873 sc->sc_dev.dv_xname); 1874 return ETIMEDOUT; 1875 } 1876 1877 reg = sc->sc_synctl_rd | LSHIFT(addr, ATW_SYNCTL_DATA_MASK); 1878 1879 ATW_WRITE(sc, ATW_SYNCTL, reg); 1880 1881 for (i = 1000; --i >= 0; ) { 1882 DELAY(100); 1883 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1884 break; 1885 } 1886 1887 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1888 1889 if (i < 0) { 1890 printf("%s: atw_si4126_read wrote %#08x, SYNCTL still busy\n", 1891 sc->sc_dev.dv_xname, reg); 1892 return ETIMEDOUT; 1893 } 1894 if (val != NULL) 1895 *val = MASK_AND_RSHIFT(ATW_READ(sc, ATW_SYNCTL), 1896 ATW_SYNCTL_DATA_MASK); 1897 return 0; 1898} 1899#endif /* ATW_SYNDEBUG */ 1900 1901/* XXX is the endianness correct? test. */ 1902#define atw_calchash(addr) \ 1903 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & BITS(5, 0)) 1904 1905/* 1906 * atw_filter_setup: 1907 * 1908 * Set the ADM8211's receive filter. 1909 */ 1910static void 1911atw_filter_setup(struct atw_softc *sc) 1912{ 1913 struct ieee80211com *ic = &sc->sc_ic; 1914 struct ethercom *ec = &ic->ic_ec; 1915 struct ifnet *ifp = &sc->sc_ic.ic_if; 1916 int hash; 1917 u_int32_t hashes[2]; 1918 struct ether_multi *enm; 1919 struct ether_multistep step; 1920 1921 /* According to comments in tlp_al981_filter_setup 1922 * (dev/ic/tulip.c) the ADMtek AL981 does not like for its 1923 * multicast filter to be set while it is running. Hopefully 1924 * the ADM8211 is not the same! 1925 */ 1926 if ((ifp->if_flags & IFF_RUNNING) != 0) 1927 atw_idle(sc, ATW_NAR_SR); 1928 1929 sc->sc_opmode &= ~(ATW_NAR_PR|ATW_NAR_MM); 1930 1931 /* XXX in scan mode, do not filter packets. Maybe this is 1932 * unnecessary. 1933 */ 1934 if (ic->ic_state == IEEE80211_S_SCAN || 1935 (ifp->if_flags & IFF_PROMISC) != 0) { 1936 sc->sc_opmode |= ATW_NAR_PR; 1937 goto allmulti; 1938 } 1939 1940 hashes[0] = hashes[1] = 0x0; 1941 1942 /* 1943 * Program the 64-bit multicast hash filter. 1944 */ 1945 ETHER_FIRST_MULTI(step, ec, enm); 1946 while (enm != NULL) { 1947 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 1948 ETHER_ADDR_LEN) != 0) 1949 goto allmulti; 1950 1951 hash = atw_calchash(enm->enm_addrlo); 1952 hashes[hash >> 5] |= 1 << (hash & 0x1f); 1953 ETHER_NEXT_MULTI(step, enm); 1954 } 1955 ifp->if_flags &= ~IFF_ALLMULTI; 1956 goto setit; 1957 1958allmulti: 1959 ifp->if_flags |= IFF_ALLMULTI; 1960 hashes[0] = hashes[1] = 0xffffffff; 1961 1962setit: 1963 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 1964 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 1965 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1966 DELAY(20 * 1000); 1967 1968 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 1969 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 1970} 1971 1972/* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 1973 * a beacon's BSSID and SSID against the preferred BSSID and SSID 1974 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 1975 * no beacon with the preferred BSSID and SSID in the number of 1976 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 1977 */ 1978static void 1979atw_write_bssid(struct atw_softc *sc) 1980{ 1981 struct ieee80211com *ic = &sc->sc_ic; 1982 u_int8_t *bssid; 1983 1984 bssid = ic->ic_bss->ni_bssid; 1985 1986 ATW_WRITE(sc, ATW_BSSID0, 1987 LSHIFT(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 1988 LSHIFT(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 1989 LSHIFT(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 1990 LSHIFT(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 1991 1992 ATW_WRITE(sc, ATW_ABDA1, 1993 (ATW_READ(sc, ATW_ABDA1) & 1994 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 1995 LSHIFT(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 1996 LSHIFT(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 1997 1998 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 1999 ether_sprintf(sc->sc_bssid))); 2000 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 2001 2002 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 2003} 2004 2005/* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 2006 * 16-bit word. 2007 */ 2008static void 2009atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 2010{ 2011 u_int i; 2012 u_int8_t *ptr; 2013 2014 memcpy(&sc->sc_sram[ofs], buf, buflen); 2015 2016 if (ofs % 2 != 0) { 2017 ofs--; 2018 buflen++; 2019 } 2020 2021 if (buflen % 2 != 0) 2022 buflen++; 2023 2024 assert(buflen + ofs <= ATW_SRAM_SIZE); 2025 2026 ptr = &sc->sc_sram[ofs]; 2027 2028 for (i = 0; i < buflen; i += 2) { 2029 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 2030 LSHIFT((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 2031 DELAY(atw_writewep_delay); 2032 2033 ATW_WRITE(sc, ATW_WESK, 2034 LSHIFT((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 2035 DELAY(atw_writewep_delay); 2036 } 2037 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 2038 2039 if (sc->sc_if.if_flags & IFF_DEBUG) { 2040 int n_octets = 0; 2041 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2042 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2043 for (i = 0; i < buflen; i++) { 2044 printf(" %02x", ptr[i]); 2045 if (++n_octets % 24 == 0) 2046 printf("\n"); 2047 } 2048 if (n_octets % 24 != 0) 2049 printf("\n"); 2050 } 2051} 2052 2053/* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2054static void 2055atw_write_wep(struct atw_softc *sc) 2056{ 2057 struct ieee80211com *ic = &sc->sc_ic; 2058 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2059 u_int8_t buf[IEEE80211_WEP_NKID] 2060 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2061 u_int32_t reg; 2062 int i; 2063 2064 sc->sc_wepctl = 0; 2065 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2066 2067 if ((ic->ic_flags & IEEE80211_F_WEPON) == 0) 2068 return; 2069 2070 memset(&buf[0][0], 0, sizeof(buf)); 2071 2072 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2073 if (ic->ic_nw_keys[i].wk_len > 5) { 2074 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2075 } else if (ic->ic_nw_keys[i].wk_len != 0) { 2076 buf[i][1] = ATW_WEP_ENABLED; 2077 } else { 2078 buf[i][1] = 0; 2079 continue; 2080 } 2081 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2082 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2083 ic->ic_nw_keys[i].wk_len - 1); 2084 } 2085 2086 reg = ATW_READ(sc, ATW_MACTEST); 2087 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2088 reg &= ~ATW_MACTEST_KEYID_MASK; 2089 reg |= LSHIFT(ic->ic_wep_txkey, ATW_MACTEST_KEYID_MASK); 2090 ATW_WRITE(sc, ATW_MACTEST, reg); 2091 2092 /* RX bypass WEP if revision != 0x20. (I assume revision != 0x20 2093 * throughout.) 2094 */ 2095 sc->sc_wepctl = ATW_WEPCTL_WEPENABLE | ATW_WEPCTL_WEPRXBYP; 2096 if (sc->sc_if.if_flags & IFF_LINK2) 2097 sc->sc_wepctl &= ~ATW_WEPCTL_WEPRXBYP; 2098 2099 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2100 sizeof(buf)); 2101} 2102 2103const struct timeval atw_beacon_mininterval = {1, 0}; /* 1s */ 2104 2105static void 2106atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2107 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2108{ 2109 struct atw_softc *sc = (struct atw_softc*)ic->ic_softc; 2110 2111 switch (subtype) { 2112 case IEEE80211_FC0_SUBTYPE_PROBE_REQ: 2113 /* do nothing: hardware answers probe request */ 2114 break; 2115 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2116 case IEEE80211_FC0_SUBTYPE_BEACON: 2117 atw_recv_beacon(ic, m, ni, subtype, rssi, rstamp); 2118 break; 2119 default: 2120 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2121 break; 2122 } 2123 return; 2124} 2125 2126/* In ad hoc mode, atw_recv_beacon is responsible for the coalescence 2127 * of IBSSs with like SSID/channel but different BSSID. It joins the 2128 * oldest IBSS (i.e., with greatest TSF time), since that is the WECA 2129 * convention. Possibly the ADMtek chip does this for us; I will have 2130 * to test to find out. 2131 * 2132 * XXX we should add the duration field of the received beacon to 2133 * the TSF time it contains before comparing it with the ADM8211's 2134 * TSF. 2135 */ 2136static void 2137atw_recv_beacon(struct ieee80211com *ic, struct mbuf *m0, 2138 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2139{ 2140 struct atw_softc *sc; 2141 struct ieee80211_frame *wh; 2142 uint32_t tsftl, tsfth; 2143 uint32_t bcn_tsftl, bcn_tsfth; 2144 int do_print = 0; 2145 union { 2146 uint32_t words[2]; 2147 uint8_t tstamp[8]; 2148 } u; 2149 2150 sc = (struct atw_softc*)ic->ic_if.if_softc; 2151 2152 if (ic->ic_if.if_flags & IFF_LINK0) { 2153 do_print = (ic->ic_if.if_flags & IFF_DEBUG) 2154 ? 1 : ratecheck(&sc->sc_last_beacon, 2155 &atw_beacon_mininterval); 2156 } 2157 2158 wh = mtod(m0, struct ieee80211_frame *); 2159 2160 (*sc->sc_recv_mgmt)(ic, m0, ni, subtype, rssi, rstamp); 2161 2162 if (ic->ic_state != IEEE80211_S_RUN) 2163 return; 2164 2165 if ((ni = ieee80211_lookup_node(ic, wh->i_addr2, 2166 ic->ic_bss->ni_chan)) == NULL) { 2167 if (do_print) 2168 printf("%s: atw_recv_beacon: no node %s\n", 2169 sc->sc_dev.dv_xname, ether_sprintf(wh->i_addr2)); 2170 return; 2171 } 2172 2173 if (ieee80211_match_bss(ic, ni) != 0) 2174 return; 2175 2176 if (memcmp(ni->ni_bssid, ic->ic_bss->ni_bssid, IEEE80211_ADDR_LEN) == 0) 2177 return; 2178 2179 if (do_print) 2180 printf("%s: atw_recv_beacon: bssid mismatch %s\n", 2181 sc->sc_dev.dv_xname, ether_sprintf(ni->ni_bssid)); 2182 2183 if (ic->ic_opmode != IEEE80211_M_IBSS) 2184 return; 2185 2186 atw_tsft(sc, &tsfth, &tsftl); 2187 2188 (void)memcpy(&u, &ic->ic_bss->ni_tstamp[0], sizeof(u)); 2189 bcn_tsftl = le32toh(u.words[0]); 2190 bcn_tsfth = le32toh(u.words[1]); 2191 2192 if (do_print) 2193 printf("%s: my tsft %" PRIu64 " beacon tsft %" PRIu64 "\n", 2194 sc->sc_dev.dv_xname, ((uint64_t)tsfth << 32) | tsftl, 2195 ((uint64_t)bcn_tsfth << 32) | bcn_tsftl); 2196 2197 /* we are faster, let the other guy catch up */ 2198 if (bcn_tsfth < tsfth) 2199 return; 2200 else if (bcn_tsfth == tsfth && bcn_tsftl < tsftl) 2201 return; 2202 2203 if (do_print) 2204 printf("%s: sync TSF with %s\n", sc->sc_dev.dv_xname, 2205 ether_sprintf(wh->i_addr2)); 2206 2207 ic->ic_flags &= ~IEEE80211_F_SIBSS; 2208 2209 atw_tsf(sc); 2210 2211 /* negotiate rates with new IBSS */ 2212 ieee80211_fix_rate(ic, ni, IEEE80211_F_DOFRATE | 2213 IEEE80211_F_DONEGO | IEEE80211_F_DODEL); 2214 if (ni->ni_rates.rs_nrates == 0) { 2215 printf("%s: rates mismatch, BSSID %s\n", sc->sc_dev.dv_xname, 2216 ether_sprintf(ni->ni_bssid)); 2217 return; 2218 } 2219 2220 if (do_print) { 2221 printf("%s: sync BSSID %s -> ", sc->sc_dev.dv_xname, 2222 ether_sprintf(ic->ic_bss->ni_bssid)); 2223 printf("%s ", ether_sprintf(ni->ni_bssid)); 2224 printf("(from %s)\n", ether_sprintf(wh->i_addr2)); 2225 } 2226 2227 (*ic->ic_node_copy)(ic, ic->ic_bss, ni); 2228 2229 atw_write_bssid(sc); 2230 atw_start_beacon(sc, 1); 2231} 2232 2233/* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2234 * In ad hoc mode, the SSID is written to the beacons sent by the 2235 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2236 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2237 * indications. 2238 */ 2239static void 2240atw_write_ssid(struct atw_softc *sc) 2241{ 2242 struct ieee80211com *ic = &sc->sc_ic; 2243 /* 34 bytes are reserved in ADM8211 SRAM for the SSID, but 2244 * it only expects the element length, not its ID. 2245 */ 2246 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2247 2248 memset(buf, 0, sizeof(buf)); 2249 buf[0] = ic->ic_bss->ni_esslen; 2250 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2251 2252 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, 2253 roundup(1 + ic->ic_bss->ni_esslen, 2)); 2254} 2255 2256/* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2257 * In ad hoc mode, the supported rates are written to beacons sent by the 2258 * ADM8211. 2259 */ 2260static void 2261atw_write_sup_rates(struct atw_softc *sc) 2262{ 2263 struct ieee80211com *ic = &sc->sc_ic; 2264 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2265 * supported rates 2266 */ 2267 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2268 2269 memset(buf, 0, sizeof(buf)); 2270 2271 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2272 2273 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2274 ic->ic_bss->ni_rates.rs_nrates); 2275 2276 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2277} 2278 2279/* Start/stop sending beacons. */ 2280void 2281atw_start_beacon(struct atw_softc *sc, int start) 2282{ 2283 struct ieee80211com *ic = &sc->sc_ic; 2284 uint16_t chan; 2285 uint32_t bcnt, bpli, cap0, cap1, capinfo; 2286 size_t len; 2287 2288 if (ATW_IS_ENABLED(sc) == 0) 2289 return; 2290 2291 /* start beacons */ 2292 len = sizeof(struct ieee80211_frame) + 2293 8 /* timestamp */ + 2 /* beacon interval */ + 2294 2 /* capability info */ + 2295 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2296 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2297 3 /* DS parameters */ + 2298 IEEE80211_CRC_LEN; 2299 2300 bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2301 cap0 = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 2302 cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2303 2304 ATW_WRITE(sc, ATW_BCNT, bcnt); 2305 ATW_WRITE(sc, ATW_CAP1, cap1); 2306 2307 if (!start) 2308 return; 2309 2310 /* TBD use ni_capinfo */ 2311 2312 capinfo = 0; 2313 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2314 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2315 if (ic->ic_flags & IEEE80211_F_WEPON) 2316 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2317 2318 switch (ic->ic_opmode) { 2319 case IEEE80211_M_IBSS: 2320 len += 4; /* IBSS parameters */ 2321 capinfo |= IEEE80211_CAPINFO_IBSS; 2322 break; 2323 case IEEE80211_M_HOSTAP: 2324 /* XXX 6-byte minimum TIM */ 2325 len += atw_beacon_len_adjust; 2326 capinfo |= IEEE80211_CAPINFO_ESS; 2327 break; 2328 default: 2329 return; 2330 } 2331 2332 /* set listen interval 2333 * XXX do software units agree w/ hardware? 2334 */ 2335 bpli = LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2336 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, ATW_BPLI_LI_MASK); 2337 2338 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 2339 2340 bcnt |= LSHIFT(len, ATW_BCNT_BCNT_MASK); 2341 cap0 |= LSHIFT(chan, ATW_CAP0_CHN_MASK); 2342 cap1 |= LSHIFT(capinfo, ATW_CAP1_CAPI_MASK); 2343 2344 ATW_WRITE(sc, ATW_BCNT, bcnt); 2345 ATW_WRITE(sc, ATW_BPLI, bpli); 2346 ATW_WRITE(sc, ATW_CAP0, cap0); 2347 ATW_WRITE(sc, ATW_CAP1, cap1); 2348 2349 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2350 sc->sc_dev.dv_xname, bcnt)); 2351 2352 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2353 sc->sc_dev.dv_xname, cap1)); 2354} 2355 2356/* Return the 32 lsb of the last TSFT divisible by ival. */ 2357static __inline uint32_t 2358atw_last_even_tsft(uint32_t tsfth, uint32_t tsftl, uint32_t ival) 2359{ 2360 /* Following the reference driver's lead, I compute 2361 * 2362 * (uint32_t)((((uint64_t)tsfth << 32) | tsftl) % ival) 2363 * 2364 * without using 64-bit arithmetic, using the following 2365 * relationship: 2366 * 2367 * (0x100000000 * H + L) % m 2368 * = ((0x100000000 % m) * H + L) % m 2369 * = (((0xffffffff + 1) % m) * H + L) % m 2370 * = ((0xffffffff % m + 1 % m) * H + L) % m 2371 * = ((0xffffffff % m + 1) * H + L) % m 2372 */ 2373 return ((0xFFFFFFFF % ival + 1) * tsfth + tsftl) % ival; 2374} 2375 2376static __inline void 2377atw_tsft(struct atw_softc *sc, uint32_t *tsfth, uint32_t *tsftl) 2378{ 2379 int i; 2380 for (i = 0; i < 2; i++) { 2381 *tsfth = ATW_READ(sc, ATW_TSFTH); 2382 *tsftl = ATW_READ(sc, ATW_TSFTL); 2383 if (ATW_READ(sc, ATW_TSFTH) == *tsfth) 2384 break; 2385 } 2386} 2387 2388/* If we've created an IBSS, write the TSF time in the ADM8211 to 2389 * the ieee80211com. 2390 * 2391 * Predict the next target beacon transmission time (TBTT) and 2392 * write it to the ADM8211. 2393 */ 2394static void 2395atw_tsf(struct atw_softc *sc) 2396{ 2397#define TBTTOFS 20 /* TU */ 2398 2399 struct ieee80211com *ic = &sc->sc_ic; 2400 uint32_t ival, past_even, tbtt, tsfth, tsftl; 2401 union { 2402 uint32_t words[2]; 2403 uint8_t tstamp[8]; 2404 } u; 2405 2406 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2407 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2408 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2409 atw_tsft(sc, &tsfth, &tsftl); 2410 u.words[0] = htole32(tsftl); 2411 u.words[1] = htole32(tsfth); 2412 (void)memcpy(&ic->ic_bss->ni_tstamp[0], &u, 2413 sizeof(ic->ic_bss->ni_tstamp)); 2414 } else { 2415 (void)memcpy(&u, &ic->ic_bss->ni_tstamp[0], sizeof(u)); 2416 tsftl = le32toh(u.words[0]); 2417 tsfth = le32toh(u.words[1]); 2418 } 2419 2420 ival = ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2421 2422 /* We sent/received the last beacon `past' microseconds 2423 * after the interval divided the TSF timer. 2424 */ 2425 past_even = tsftl - atw_last_even_tsft(tsfth, tsftl, ival); 2426 2427 /* Skip ten beacons so that the TBTT cannot pass before 2428 * we've programmed it. Ten is an arbitrary number. 2429 */ 2430 tbtt = past_even + ival * 10; 2431 2432 ATW_WRITE(sc, ATW_TOFS1, 2433 LSHIFT(1, ATW_TOFS1_TSFTOFSR_MASK) | 2434 LSHIFT(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2435 LSHIFT(MASK_AND_RSHIFT(tbtt - TBTTOFS * IEEE80211_DUR_TU, 2436 ATW_TBTTPRE_MASK), ATW_TOFS1_TBTTPRE_MASK)); 2437#undef TBTTOFS 2438} 2439 2440static void 2441atw_next_scan(void *arg) 2442{ 2443 struct atw_softc *sc = arg; 2444 struct ieee80211com *ic = &sc->sc_ic; 2445 struct ifnet *ifp = &ic->ic_if; 2446 int s; 2447 2448 /* don't call atw_start w/o network interrupts blocked */ 2449 s = splnet(); 2450 if (ic->ic_state == IEEE80211_S_SCAN) 2451 ieee80211_next_scan(ifp); 2452 splx(s); 2453} 2454 2455/* Synchronize the hardware state with the software state. */ 2456static int 2457atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2458{ 2459 struct ifnet *ifp = &ic->ic_if; 2460 struct atw_softc *sc = ifp->if_softc; 2461 enum ieee80211_state ostate; 2462 int error; 2463 2464 ostate = ic->ic_state; 2465 2466 if (nstate == IEEE80211_S_INIT) { 2467 callout_stop(&sc->sc_scan_ch); 2468 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2469 atw_start_beacon(sc, 0); 2470 return (*sc->sc_newstate)(ic, nstate, arg); 2471 } 2472 2473 if ((error = atw_tune(sc)) != 0) 2474 return error; 2475 2476 switch (nstate) { 2477 case IEEE80211_S_ASSOC: 2478 break; 2479 case IEEE80211_S_INIT: 2480 panic("%s: unexpected state IEEE80211_S_INIT\n", __func__); 2481 break; 2482 case IEEE80211_S_SCAN: 2483 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2484 atw_next_scan, sc); 2485 2486 break; 2487 case IEEE80211_S_RUN: 2488 if (ic->ic_opmode == IEEE80211_M_STA) 2489 break; 2490 /*FALLTHROUGH*/ 2491 case IEEE80211_S_AUTH: 2492 atw_write_bssid(sc); 2493 atw_write_ssid(sc); 2494 atw_write_sup_rates(sc); 2495 2496 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2497 ic->ic_opmode == IEEE80211_M_MONITOR) 2498 break; 2499 2500 /* set listen interval 2501 * XXX do software units agree w/ hardware? 2502 */ 2503 ATW_WRITE(sc, ATW_BPLI, 2504 LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2505 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, 2506 ATW_BPLI_LI_MASK)); 2507 2508 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", 2509 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_BPLI))); 2510 2511 atw_tsf(sc); 2512 break; 2513 } 2514 2515 if (nstate != IEEE80211_S_SCAN) 2516 callout_stop(&sc->sc_scan_ch); 2517 2518 if (nstate == IEEE80211_S_RUN && 2519 (ic->ic_opmode == IEEE80211_M_HOSTAP || 2520 ic->ic_opmode == IEEE80211_M_IBSS)) 2521 atw_start_beacon(sc, 1); 2522 else 2523 atw_start_beacon(sc, 0); 2524 2525 error = (*sc->sc_newstate)(ic, nstate, arg); 2526 2527 if (ostate == IEEE80211_S_INIT && nstate == IEEE80211_S_SCAN) 2528 atw_write_bssid(sc); 2529 2530 return error; 2531} 2532 2533/* 2534 * atw_add_rxbuf: 2535 * 2536 * Add a receive buffer to the indicated descriptor. 2537 */ 2538int 2539atw_add_rxbuf(struct atw_softc *sc, int idx) 2540{ 2541 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2542 struct mbuf *m; 2543 int error; 2544 2545 MGETHDR(m, M_DONTWAIT, MT_DATA); 2546 if (m == NULL) 2547 return (ENOBUFS); 2548 2549 MCLGET(m, M_DONTWAIT); 2550 if ((m->m_flags & M_EXT) == 0) { 2551 m_freem(m); 2552 return (ENOBUFS); 2553 } 2554 2555 if (rxs->rxs_mbuf != NULL) 2556 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2557 2558 rxs->rxs_mbuf = m; 2559 2560 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2561 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2562 BUS_DMA_READ|BUS_DMA_NOWAIT); 2563 if (error) { 2564 printf("%s: can't load rx DMA map %d, error = %d\n", 2565 sc->sc_dev.dv_xname, idx, error); 2566 panic("atw_add_rxbuf"); /* XXX */ 2567 } 2568 2569 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2570 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2571 2572 ATW_INIT_RXDESC(sc, idx); 2573 2574 return (0); 2575} 2576 2577/* 2578 * Release any queued transmit buffers. 2579 */ 2580void 2581atw_txdrain(struct atw_softc *sc) 2582{ 2583 struct atw_txsoft *txs; 2584 2585 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2586 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2587 if (txs->txs_mbuf != NULL) { 2588 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2589 m_freem(txs->txs_mbuf); 2590 txs->txs_mbuf = NULL; 2591 } 2592 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2593 } 2594 sc->sc_tx_timer = 0; 2595} 2596 2597/* 2598 * atw_stop: [ ifnet interface function ] 2599 * 2600 * Stop transmission on the interface. 2601 */ 2602void 2603atw_stop(struct ifnet *ifp, int disable) 2604{ 2605 struct atw_softc *sc = ifp->if_softc; 2606 struct ieee80211com *ic = &sc->sc_ic; 2607 2608 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2609 2610 /* Disable interrupts. */ 2611 ATW_WRITE(sc, ATW_IER, 0); 2612 2613 /* Stop the transmit and receive processes. */ 2614 sc->sc_opmode = 0; 2615 ATW_WRITE(sc, ATW_NAR, 0); 2616 DELAY(20 * 1000); 2617 ATW_WRITE(sc, ATW_TDBD, 0); 2618 ATW_WRITE(sc, ATW_TDBP, 0); 2619 ATW_WRITE(sc, ATW_RDB, 0); 2620 2621 atw_txdrain(sc); 2622 2623 if (disable) { 2624 atw_rxdrain(sc); 2625 atw_disable(sc); 2626 } 2627 2628 /* 2629 * Mark the interface down and cancel the watchdog timer. 2630 */ 2631 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2632 ifp->if_timer = 0; 2633 2634 if (!disable) 2635 atw_reset(sc); 2636} 2637 2638/* 2639 * atw_rxdrain: 2640 * 2641 * Drain the receive queue. 2642 */ 2643void 2644atw_rxdrain(struct atw_softc *sc) 2645{ 2646 struct atw_rxsoft *rxs; 2647 int i; 2648 2649 for (i = 0; i < ATW_NRXDESC; i++) { 2650 rxs = &sc->sc_rxsoft[i]; 2651 if (rxs->rxs_mbuf == NULL) 2652 continue; 2653 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2654 m_freem(rxs->rxs_mbuf); 2655 rxs->rxs_mbuf = NULL; 2656 } 2657} 2658 2659/* 2660 * atw_detach: 2661 * 2662 * Detach an ADM8211 interface. 2663 */ 2664int 2665atw_detach(struct atw_softc *sc) 2666{ 2667 struct ifnet *ifp = &sc->sc_ic.ic_if; 2668 struct atw_rxsoft *rxs; 2669 struct atw_txsoft *txs; 2670 int i; 2671 2672 /* 2673 * Succeed now if there isn't any work to do. 2674 */ 2675 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2676 return (0); 2677 2678 ieee80211_ifdetach(ifp); 2679 if_detach(ifp); 2680 2681 for (i = 0; i < ATW_NRXDESC; i++) { 2682 rxs = &sc->sc_rxsoft[i]; 2683 if (rxs->rxs_mbuf != NULL) { 2684 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2685 m_freem(rxs->rxs_mbuf); 2686 rxs->rxs_mbuf = NULL; 2687 } 2688 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2689 } 2690 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2691 txs = &sc->sc_txsoft[i]; 2692 if (txs->txs_mbuf != NULL) { 2693 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2694 m_freem(txs->txs_mbuf); 2695 txs->txs_mbuf = NULL; 2696 } 2697 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2698 } 2699 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2700 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2701 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 2702 sizeof(struct atw_control_data)); 2703 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2704 2705 shutdownhook_disestablish(sc->sc_sdhook); 2706 powerhook_disestablish(sc->sc_powerhook); 2707 2708 if (sc->sc_srom) 2709 free(sc->sc_srom, M_DEVBUF); 2710 2711 return (0); 2712} 2713 2714/* atw_shutdown: make sure the interface is stopped at reboot time. */ 2715void 2716atw_shutdown(void *arg) 2717{ 2718 struct atw_softc *sc = arg; 2719 2720 atw_stop(&sc->sc_ic.ic_if, 1); 2721} 2722 2723int 2724atw_intr(void *arg) 2725{ 2726 struct atw_softc *sc = arg; 2727 struct ifnet *ifp = &sc->sc_ic.ic_if; 2728 u_int32_t status, rxstatus, txstatus, linkstatus; 2729 int handled = 0, txthresh; 2730 2731#ifdef DEBUG 2732 if (ATW_IS_ENABLED(sc) == 0) 2733 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2734#endif 2735 2736 /* 2737 * If the interface isn't running, the interrupt couldn't 2738 * possibly have come from us. 2739 */ 2740 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2741 (sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 2742 return (0); 2743 2744 for (;;) { 2745 status = ATW_READ(sc, ATW_STSR); 2746 2747 if (status) 2748 ATW_WRITE(sc, ATW_STSR, status); 2749 2750#ifdef ATW_DEBUG 2751#define PRINTINTR(flag) do { \ 2752 if ((status & flag) != 0) { \ 2753 printf("%s" #flag, delim); \ 2754 delim = ","; \ 2755 } \ 2756} while (0) 2757 2758 if (atw_debug > 1 && status) { 2759 const char *delim = "<"; 2760 2761 printf("%s: reg[STSR] = %x", 2762 sc->sc_dev.dv_xname, status); 2763 2764 PRINTINTR(ATW_INTR_FBE); 2765 PRINTINTR(ATW_INTR_LINKOFF); 2766 PRINTINTR(ATW_INTR_LINKON); 2767 PRINTINTR(ATW_INTR_RCI); 2768 PRINTINTR(ATW_INTR_RDU); 2769 PRINTINTR(ATW_INTR_REIS); 2770 PRINTINTR(ATW_INTR_RPS); 2771 PRINTINTR(ATW_INTR_TCI); 2772 PRINTINTR(ATW_INTR_TDU); 2773 PRINTINTR(ATW_INTR_TLT); 2774 PRINTINTR(ATW_INTR_TPS); 2775 PRINTINTR(ATW_INTR_TRT); 2776 PRINTINTR(ATW_INTR_TUF); 2777 PRINTINTR(ATW_INTR_BCNTC); 2778 PRINTINTR(ATW_INTR_ATIME); 2779 PRINTINTR(ATW_INTR_TBTT); 2780 PRINTINTR(ATW_INTR_TSCZ); 2781 PRINTINTR(ATW_INTR_TSFTF); 2782 printf(">\n"); 2783 } 2784#undef PRINTINTR 2785#endif /* ATW_DEBUG */ 2786 2787 if ((status & sc->sc_inten) == 0) 2788 break; 2789 2790 handled = 1; 2791 2792 rxstatus = status & sc->sc_rxint_mask; 2793 txstatus = status & sc->sc_txint_mask; 2794 linkstatus = status & sc->sc_linkint_mask; 2795 2796 if (linkstatus) { 2797 atw_linkintr(sc, linkstatus); 2798 } 2799 2800 if (rxstatus) { 2801 /* Grab any new packets. */ 2802 atw_rxintr(sc); 2803 2804 if (rxstatus & ATW_INTR_RDU) { 2805 printf("%s: receive ring overrun\n", 2806 sc->sc_dev.dv_xname); 2807 /* Get the receive process going again. */ 2808 ATW_WRITE(sc, ATW_RDR, 0x1); 2809 break; 2810 } 2811 } 2812 2813 if (txstatus) { 2814 /* Sweep up transmit descriptors. */ 2815 atw_txintr(sc); 2816 2817 if (txstatus & ATW_INTR_TLT) 2818 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2819 sc->sc_dev.dv_xname)); 2820 2821 if (txstatus & ATW_INTR_TRT) 2822 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2823 sc->sc_dev.dv_xname)); 2824 2825 /* If Tx under-run, increase our transmit threshold 2826 * if another is available. 2827 */ 2828 txthresh = sc->sc_txthresh + 1; 2829 if ((txstatus & ATW_INTR_TUF) && 2830 sc->sc_txth[txthresh].txth_name != NULL) { 2831 /* Idle the transmit process. */ 2832 atw_idle(sc, ATW_NAR_ST); 2833 2834 sc->sc_txthresh = txthresh; 2835 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2836 sc->sc_opmode |= 2837 sc->sc_txth[txthresh].txth_opmode; 2838 printf("%s: transmit underrun; new " 2839 "threshold: %s\n", sc->sc_dev.dv_xname, 2840 sc->sc_txth[txthresh].txth_name); 2841 2842 /* Set the new threshold and restart 2843 * the transmit process. 2844 */ 2845 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2846 DELAY(20 * 1000); 2847 ATW_WRITE(sc, ATW_RDR, 0x1); 2848 /* XXX Log every Nth underrun from 2849 * XXX now on? 2850 */ 2851 } 2852 } 2853 2854 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2855 if (status & ATW_INTR_TPS) 2856 printf("%s: transmit process stopped\n", 2857 sc->sc_dev.dv_xname); 2858 if (status & ATW_INTR_RPS) 2859 printf("%s: receive process stopped\n", 2860 sc->sc_dev.dv_xname); 2861 (void)atw_init(ifp); 2862 break; 2863 } 2864 2865 if (status & ATW_INTR_FBE) { 2866 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2867 (void)atw_init(ifp); 2868 break; 2869 } 2870 2871 /* 2872 * Not handled: 2873 * 2874 * Transmit buffer unavailable -- normal 2875 * condition, nothing to do, really. 2876 * 2877 * Early receive interrupt -- not available on 2878 * all chips, we just use RI. We also only 2879 * use single-segment receive DMA, so this 2880 * is mostly useless. 2881 * 2882 * TBD others 2883 */ 2884 } 2885 2886 /* Try to get more packets going. */ 2887 atw_start(ifp); 2888 2889 return (handled); 2890} 2891 2892/* 2893 * atw_idle: 2894 * 2895 * Cause the transmit and/or receive processes to go idle. 2896 * 2897 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2898 * process in STSR if I clear SR or ST after the process has already 2899 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2900 * do not seem to be too reliable. Perhaps I have the sense of the 2901 * Rx bits switched with the Tx bits? 2902 */ 2903void 2904atw_idle(struct atw_softc *sc, u_int32_t bits) 2905{ 2906 u_int32_t ackmask = 0, opmode, stsr, test0; 2907 int i, s; 2908 2909 s = splnet(); 2910 2911 opmode = sc->sc_opmode & ~bits; 2912 2913 if (bits & ATW_NAR_SR) 2914 ackmask |= ATW_INTR_RPS; 2915 2916 if (bits & ATW_NAR_ST) { 2917 ackmask |= ATW_INTR_TPS; 2918 /* set ATW_NAR_HF to flush TX FIFO. */ 2919 opmode |= ATW_NAR_HF; 2920 } 2921 2922 ATW_WRITE(sc, ATW_NAR, opmode); 2923 DELAY(20 * 1000); 2924 2925 for (i = 0; i < 10; i++) { 2926 stsr = ATW_READ(sc, ATW_STSR); 2927 if ((stsr & ackmask) == ackmask) 2928 break; 2929 DELAY(1000); 2930 } 2931 2932 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 2933 2934 if ((stsr & ackmask) == ackmask) 2935 goto out; 2936 2937 test0 = ATW_READ(sc, ATW_TEST0); 2938 2939 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 2940 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 2941 printf("%s: transmit process not idle [%s]\n", 2942 sc->sc_dev.dv_xname, 2943 atw_tx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_TS_MASK)]); 2944 printf("%s: bits %08x test0 %08x stsr %08x\n", 2945 sc->sc_dev.dv_xname, bits, test0, stsr); 2946 } 2947 2948 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 2949 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 2950 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 2951 sc->sc_dev.dv_xname, 2952 atw_rx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_RS_MASK)])); 2953 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 2954 sc->sc_dev.dv_xname, bits, test0, stsr)); 2955 } 2956out: 2957 if ((bits & ATW_NAR_ST) != 0) 2958 atw_txdrain(sc); 2959 splx(s); 2960 return; 2961} 2962 2963/* 2964 * atw_linkintr: 2965 * 2966 * Helper; handle link-status interrupts. 2967 */ 2968void 2969atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 2970{ 2971 struct ieee80211com *ic = &sc->sc_ic; 2972 2973 if (ic->ic_state != IEEE80211_S_RUN) 2974 return; 2975 2976 if (linkstatus & ATW_INTR_LINKON) { 2977 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 2978 sc->sc_rescan_timer = 0; 2979 } else if (linkstatus & ATW_INTR_LINKOFF) { 2980 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 2981 if (ic->ic_opmode != IEEE80211_M_STA) 2982 return; 2983 sc->sc_rescan_timer = 3; 2984 ic->ic_if.if_timer = 1; 2985 } 2986} 2987 2988/* 2989 * atw_rxintr: 2990 * 2991 * Helper; handle receive interrupts. 2992 */ 2993void 2994atw_rxintr(struct atw_softc *sc) 2995{ 2996 static int rate_tbl[] = {2, 4, 11, 22, 44}; 2997 struct ieee80211com *ic = &sc->sc_ic; 2998 struct ieee80211_node *ni; 2999 struct ieee80211_frame *wh; 3000 struct ifnet *ifp = &ic->ic_if; 3001 struct atw_rxsoft *rxs; 3002 struct mbuf *m; 3003 u_int32_t rxstat; 3004 int i, len, rate, rate0; 3005 u_int32_t rssi; 3006 3007 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 3008 rxs = &sc->sc_rxsoft[i]; 3009 3010 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3011 3012 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 3013 rssi = le32toh(sc->sc_rxdescs[i].ar_rssi); 3014 rate0 = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_RXDR_MASK); 3015 3016 if (rxstat & ATW_RXSTAT_OWN) 3017 break; /* We have processed all receive buffers. */ 3018 3019 DPRINTF3(sc, 3020 ("%s: rx stat %08x rssi %08x buf1 %08x buf2 %08x\n", 3021 sc->sc_dev.dv_xname, 3022 le32toh(sc->sc_rxdescs[i].ar_stat), 3023 le32toh(sc->sc_rxdescs[i].ar_rssi), 3024 le32toh(sc->sc_rxdescs[i].ar_buf1), 3025 le32toh(sc->sc_rxdescs[i].ar_buf2))); 3026 3027 /* 3028 * Make sure the packet fits in one buffer. This should 3029 * always be the case. 3030 */ 3031 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 3032 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 3033 printf("%s: incoming packet spilled, resetting\n", 3034 sc->sc_dev.dv_xname); 3035 (void)atw_init(ifp); 3036 return; 3037 } 3038 3039 /* 3040 * If an error occurred, update stats, clear the status 3041 * word, and leave the packet buffer in place. It will 3042 * simply be reused the next time the ring comes around. 3043 * If 802.1Q VLAN MTU is enabled, ignore the Frame Too Long 3044 * error. 3045 */ 3046 3047 if ((rxstat & ATW_RXSTAT_ES) != 0 && 3048 ((sc->sc_ic.ic_ec.ec_capenable & ETHERCAP_VLAN_MTU) == 0 || 3049 (rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_SFDE | 3050 ATW_RXSTAT_SIGE | ATW_RXSTAT_CRC16E | 3051 ATW_RXSTAT_RXTOE | ATW_RXSTAT_CRC32E | 3052 ATW_RXSTAT_ICVE)) != 0)) { 3053#define PRINTERR(bit, str) \ 3054 if (rxstat & (bit)) \ 3055 printf("%s: receive error: %s\n", \ 3056 sc->sc_dev.dv_xname, str) 3057 ifp->if_ierrors++; 3058 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 3059 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 3060 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 3061 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 3062 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3063 PRINTERR(ATW_RXSTAT_CRC32E, "FCS error"); 3064 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3065#undef PRINTERR 3066 ATW_INIT_RXDESC(sc, i); 3067 continue; 3068 } 3069 3070 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3071 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3072 3073 /* 3074 * No errors; receive the packet. Note the ADM8211 3075 * includes the CRC in promiscuous mode. 3076 */ 3077 len = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_FL_MASK); 3078 3079 /* 3080 * Allocate a new mbuf cluster. If that fails, we are 3081 * out of memory, and must drop the packet and recycle 3082 * the buffer that's already attached to this descriptor. 3083 */ 3084 m = rxs->rxs_mbuf; 3085 if (atw_add_rxbuf(sc, i) != 0) { 3086 ifp->if_ierrors++; 3087 ATW_INIT_RXDESC(sc, i); 3088 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3089 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3090 continue; 3091 } 3092 3093 ifp->if_ipackets++; 3094 if (sc->sc_opmode & ATW_NAR_PR) 3095 m->m_flags |= M_HASFCS; 3096 m->m_pkthdr.rcvif = ifp; 3097 m->m_pkthdr.len = m->m_len = MIN(m->m_ext.ext_size, len); 3098 3099 if (rate0 >= sizeof(rate_tbl) / sizeof(rate_tbl[0])) 3100 rate = 0; 3101 else 3102 rate = rate_tbl[rate0]; 3103 3104 #if NBPFILTER > 0 3105 /* Pass this up to any BPF listeners. */ 3106 if (sc->sc_radiobpf != NULL) { 3107 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3108 3109 tap->ar_rate = rate; 3110 tap->ar_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3111 tap->ar_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3112 3113 /* TBD verify units are dB */ 3114 tap->ar_antsignal = (int)rssi; 3115 /* TBD tap->ar_flags */ 3116 3117 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3118 tap->ar_ihdr.it_len, m); 3119 } 3120 #endif /* NPBFILTER > 0 */ 3121 3122 wh = mtod(m, struct ieee80211_frame *); 3123 ni = ieee80211_find_rxnode(ic, wh); 3124 ieee80211_input(ifp, m, ni, (int)rssi, 0); 3125 /* 3126 * The frame may have caused the node to be marked for 3127 * reclamation (e.g. in response to a DEAUTH message) 3128 * so use free_node here instead of unref_node. 3129 */ 3130 if (ni == ic->ic_bss) 3131 ieee80211_unref_node(&ni); 3132 else 3133 ieee80211_free_node(ic, ni); 3134 } 3135 3136 /* Update the receive pointer. */ 3137 sc->sc_rxptr = i; 3138} 3139 3140/* 3141 * atw_txintr: 3142 * 3143 * Helper; handle transmit interrupts. 3144 */ 3145void 3146atw_txintr(struct atw_softc *sc) 3147{ 3148#define TXSTAT_ERRMASK (ATW_TXSTAT_TUF | ATW_TXSTAT_TLT | ATW_TXSTAT_TRT | \ 3149 ATW_TXSTAT_TRO | ATW_TXSTAT_SOFBR) 3150#define TXSTAT_FMT "\20\31ATW_TXSTAT_SOFBR\32ATW_TXSTAT_TRO\33ATW_TXSTAT_TUF" \ 3151 "\34ATW_TXSTAT_TRT\35ATW_TXSTAT_TLT" 3152 3153 static char txstat_buf[sizeof("ffffffff<>" TXSTAT_FMT)]; 3154 struct ifnet *ifp = &sc->sc_ic.ic_if; 3155 struct atw_txsoft *txs; 3156 u_int32_t txstat; 3157 3158 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3159 sc->sc_dev.dv_xname, sc->sc_flags)); 3160 3161 ifp->if_flags &= ~IFF_OACTIVE; 3162 3163 /* 3164 * Go through our Tx list and free mbufs for those 3165 * frames that have been transmitted. 3166 */ 3167 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3168 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 1, 3169 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3170 3171#ifdef ATW_DEBUG 3172 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3173 int i; 3174 printf(" txsoft %p transmit chain:\n", txs); 3175 ATW_CDTXSYNC(sc, txs->txs_firstdesc, 3176 txs->txs_ndescs - 1, 3177 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3178 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3179 printf(" descriptor %d:\n", i); 3180 printf(" at_status: 0x%08x\n", 3181 le32toh(sc->sc_txdescs[i].at_stat)); 3182 printf(" at_flags: 0x%08x\n", 3183 le32toh(sc->sc_txdescs[i].at_flags)); 3184 printf(" at_buf1: 0x%08x\n", 3185 le32toh(sc->sc_txdescs[i].at_buf1)); 3186 printf(" at_buf2: 0x%08x\n", 3187 le32toh(sc->sc_txdescs[i].at_buf2)); 3188 if (i == txs->txs_lastdesc) 3189 break; 3190 } 3191 } 3192#endif 3193 3194 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3195 if (txstat & ATW_TXSTAT_OWN) 3196 break; 3197 3198 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3199 3200 sc->sc_txfree += txs->txs_ndescs; 3201 3202 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3203 0, txs->txs_dmamap->dm_mapsize, 3204 BUS_DMASYNC_POSTWRITE); 3205 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3206 m_freem(txs->txs_mbuf); 3207 txs->txs_mbuf = NULL; 3208 3209 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3210 3211 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3212 (txstat & TXSTAT_ERRMASK) != 0) { 3213 bitmask_snprintf(txstat & TXSTAT_ERRMASK, TXSTAT_FMT, 3214 txstat_buf, sizeof(txstat_buf)); 3215 printf("%s: txstat %s %d\n", sc->sc_dev.dv_xname, 3216 txstat_buf, 3217 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK)); 3218 } 3219 3220 /* 3221 * Check for errors and collisions. 3222 */ 3223 if (txstat & ATW_TXSTAT_TUF) 3224 sc->sc_stats.ts_tx_tuf++; 3225 if (txstat & ATW_TXSTAT_TLT) 3226 sc->sc_stats.ts_tx_tlt++; 3227 if (txstat & ATW_TXSTAT_TRT) 3228 sc->sc_stats.ts_tx_trt++; 3229 if (txstat & ATW_TXSTAT_TRO) 3230 sc->sc_stats.ts_tx_tro++; 3231 if (txstat & ATW_TXSTAT_SOFBR) { 3232 sc->sc_stats.ts_tx_sofbr++; 3233 } 3234 3235 if ((txstat & ATW_TXSTAT_ES) == 0) 3236 ifp->if_collisions += 3237 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK); 3238 else 3239 ifp->if_oerrors++; 3240 3241 ifp->if_opackets++; 3242 } 3243 3244 /* 3245 * If there are no more pending transmissions, cancel the watchdog 3246 * timer. 3247 */ 3248 if (txs == NULL) 3249 sc->sc_tx_timer = 0; 3250#undef TXSTAT_ERRMASK 3251#undef TXSTAT_FMT 3252} 3253 3254/* 3255 * atw_watchdog: [ifnet interface function] 3256 * 3257 * Watchdog timer handler. 3258 */ 3259void 3260atw_watchdog(struct ifnet *ifp) 3261{ 3262 struct atw_softc *sc = ifp->if_softc; 3263 struct ieee80211com *ic = &sc->sc_ic; 3264 3265 ifp->if_timer = 0; 3266 if (ATW_IS_ENABLED(sc) == 0) 3267 return; 3268 3269 if (sc->sc_rescan_timer) { 3270 if (--sc->sc_rescan_timer == 0) 3271 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3272 } 3273 if (sc->sc_tx_timer) { 3274 if (--sc->sc_tx_timer == 0 && 3275 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3276 printf("%s: transmit timeout\n", ifp->if_xname); 3277 ifp->if_oerrors++; 3278 (void)atw_init(ifp); 3279 atw_start(ifp); 3280 } 3281 } 3282 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3283 ifp->if_timer = 1; 3284 ieee80211_watchdog(ifp); 3285} 3286 3287/* Compute the 802.11 Duration field and the PLCP Length fields for 3288 * a len-byte frame (HEADER + PAYLOAD + FCS) sent at rate * 500Kbps. 3289 * Write the fields to the ADM8211 Tx header, frm. 3290 * 3291 * TBD use the fragmentation threshold to find the right duration for 3292 * the first & last fragments. 3293 * 3294 * TBD make certain of the duration fields applied by the ADM8211 to each 3295 * fragment. I think that the ADM8211 knows how to subtract the CTS 3296 * duration when ATW_HDRCTL_RTSCTS is clear; that is why I add it regardless. 3297 * I also think that the ADM8211 does *some* arithmetic for us, because 3298 * otherwise I think we would have to set a first duration for CTS/first 3299 * fragment, a second duration for fragments between the first and the 3300 * last, and a third duration for the last fragment. 3301 * 3302 * TBD make certain that duration fields reflect addition of FCS/WEP 3303 * and correct duration arithmetic as necessary. 3304 */ 3305static void 3306atw_frame_setdurs(struct atw_softc *sc, struct atw_frame *frm, int rate, 3307 int len) 3308{ 3309 int remainder; 3310 3311 /* deal also with encrypted fragments */ 3312 if (frm->atw_hdrctl & htole16(ATW_HDRCTL_WEP)) { 3313 DPRINTF2(sc, ("%s: atw_frame_setdurs len += 8\n", 3314 sc->sc_dev.dv_xname)); 3315 len += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 3316 IEEE80211_WEP_CRCLEN; 3317 } 3318 3319 /* 802.11 Duration Field for CTS/Data/ACK sequence minus FCS & WEP 3320 * duration (XXX added by MAC?). 3321 */ 3322 frm->atw_head_dur = (16 * (len - IEEE80211_CRC_LEN)) / rate; 3323 remainder = (16 * (len - IEEE80211_CRC_LEN)) % rate; 3324 3325 if (rate <= 4) 3326 /* 1-2Mbps WLAN: send ACK/CTS at 1Mbps */ 3327 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3328 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3329 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3330 IEEE80211_DUR_DS_SLOW_CTS + IEEE80211_DUR_DS_SLOW_ACK; 3331 else 3332 /* 5-11Mbps WLAN: send ACK/CTS at 2Mbps */ 3333 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3334 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3335 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3336 IEEE80211_DUR_DS_FAST_CTS + IEEE80211_DUR_DS_FAST_ACK; 3337 3338 /* lengthen duration if long preamble */ 3339 if ((sc->sc_flags & ATWF_SHORT_PREAMBLE) == 0) 3340 frm->atw_head_dur += 3341 3 * (IEEE80211_DUR_DS_LONG_PREAMBLE - 3342 IEEE80211_DUR_DS_SHORT_PREAMBLE) + 3343 3 * (IEEE80211_DUR_DS_SLOW_PLCPHDR - 3344 IEEE80211_DUR_DS_FAST_PLCPHDR); 3345 3346 if (remainder != 0) 3347 frm->atw_head_dur++; 3348 3349 if ((atw_voodoo & VOODOO_DUR_2_4_SPECIALCASE) && 3350 (rate == 2 || rate == 4)) { 3351 /* derived from Linux: how could this be right? */ 3352 frm->atw_head_plcplen = frm->atw_head_dur; 3353 } else { 3354 frm->atw_head_plcplen = (16 * len) / rate; 3355 remainder = (80 * len) % (rate * 5); 3356 3357 if (remainder != 0) { 3358 frm->atw_head_plcplen++; 3359 3360 /* XXX magic */ 3361 if ((atw_voodoo & VOODOO_DUR_11_ROUNDING) && 3362 rate == 22 && remainder <= 30) 3363 frm->atw_head_plcplen |= 0x8000; 3364 } 3365 } 3366 frm->atw_tail_plcplen = frm->atw_head_plcplen = 3367 htole16(frm->atw_head_plcplen); 3368 frm->atw_tail_dur = frm->atw_head_dur = htole16(frm->atw_head_dur); 3369} 3370 3371#ifdef ATW_DEBUG 3372static void 3373atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3374{ 3375 struct atw_softc *sc = ifp->if_softc; 3376 struct mbuf *m; 3377 int i, noctets = 0; 3378 3379 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3380 m0->m_pkthdr.len); 3381 3382 for (m = m0; m; m = m->m_next) { 3383 if (m->m_len == 0) 3384 continue; 3385 for (i = 0; i < m->m_len; i++) { 3386 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3387 if (++noctets % 24 == 0) 3388 printf("\n"); 3389 } 3390 } 3391 printf("%s%s: %d bytes emitted\n", 3392 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3393} 3394#endif /* ATW_DEBUG */ 3395 3396/* 3397 * atw_start: [ifnet interface function] 3398 * 3399 * Start packet transmission on the interface. 3400 */ 3401void 3402atw_start(struct ifnet *ifp) 3403{ 3404 struct atw_softc *sc = ifp->if_softc; 3405 struct ieee80211com *ic = &sc->sc_ic; 3406 struct ieee80211_node *ni; 3407 struct ieee80211_frame *wh; 3408 struct atw_frame *hh; 3409 struct mbuf *m0, *m; 3410 struct atw_txsoft *txs, *last_txs; 3411 struct atw_txdesc *txd; 3412 int do_encrypt, rate; 3413 bus_dmamap_t dmamap; 3414 int ctl, error, firsttx, nexttx, lasttx = -1, first, ofree, seg; 3415 3416 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3417 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3418 3419 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3420 return; 3421 3422 /* 3423 * Remember the previous number of free descriptors and 3424 * the first descriptor we'll use. 3425 */ 3426 ofree = sc->sc_txfree; 3427 firsttx = sc->sc_txnext; 3428 3429 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3430 sc->sc_dev.dv_xname, ofree, firsttx)); 3431 3432 /* 3433 * Loop through the send queue, setting up transmit descriptors 3434 * until we drain the queue, or use up all available transmit 3435 * descriptors. 3436 */ 3437 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3438 sc->sc_txfree != 0) { 3439 3440 /* 3441 * Grab a packet off the management queue, if it 3442 * is not empty. Otherwise, from the data queue. 3443 */ 3444 IF_DEQUEUE(&ic->ic_mgtq, m0); 3445 if (m0 != NULL) { 3446 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3447 m0->m_pkthdr.rcvif = NULL; 3448 } else { 3449 /* send no data packets until we are associated */ 3450 if (ic->ic_state != IEEE80211_S_RUN) 3451 break; 3452 IFQ_DEQUEUE(&ifp->if_snd, m0); 3453 if (m0 == NULL) 3454 break; 3455#if NBPFILTER > 0 3456 if (ifp->if_bpf != NULL) 3457 bpf_mtap(ifp->if_bpf, m0); 3458#endif /* NBPFILTER > 0 */ 3459 if ((m0 = ieee80211_encap(ifp, m0, &ni)) == NULL) { 3460 ifp->if_oerrors++; 3461 break; 3462 } 3463 } 3464 3465 rate = MAX(ieee80211_get_rate(ic), 2); 3466 3467#if NBPFILTER > 0 3468 /* 3469 * Pass the packet to any BPF listeners. 3470 */ 3471 if (ic->ic_rawbpf != NULL) 3472 bpf_mtap((caddr_t)ic->ic_rawbpf, m0); 3473 3474 if (sc->sc_radiobpf != NULL) { 3475 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3476 3477 tap->at_rate = rate; 3478 tap->at_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3479 tap->at_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3480 3481 /* TBD tap->at_flags */ 3482 3483 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3484 tap->at_ihdr.it_len, m0); 3485 } 3486#endif /* NBPFILTER > 0 */ 3487 3488 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3489 3490 if (ni != NULL && ni != ic->ic_bss) 3491 ieee80211_free_node(ic, ni); 3492 3493 if (m0 == NULL) { 3494 ifp->if_oerrors++; 3495 break; 3496 } 3497 3498 /* just to make sure. */ 3499 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3500 3501 if (m0 == NULL) { 3502 ifp->if_oerrors++; 3503 break; 3504 } 3505 3506 hh = mtod(m0, struct atw_frame *); 3507 wh = &hh->atw_ihdr; 3508 3509 do_encrypt = ((wh->i_fc[1] & IEEE80211_FC1_WEP) != 0) ? 1 : 0; 3510 3511 /* Copy everything we need from the 802.11 header: 3512 * Frame Control; address 1, address 3, or addresses 3513 * 3 and 4. NIC fills in BSSID, SA. 3514 */ 3515 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3516 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3517 panic("%s: illegal WDS frame", 3518 sc->sc_dev.dv_xname); 3519 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3520 } else 3521 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3522 3523 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3524 3525 /* initialize remaining Tx parameters */ 3526 memset(&hh->u, 0, sizeof(hh->u)); 3527 3528 hh->atw_rate = rate * 5; 3529 /* XXX this could be incorrect if M_FCS. _encap should 3530 * probably strip FCS just in case it sticks around in 3531 * bridged packets. 3532 */ 3533 hh->atw_service = IEEE80211_PLCP_SERVICE; /* XXX guess */ 3534 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3535 sizeof(struct atw_frame)); 3536 3537 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3538 hh->atw_rtylmt = 3; 3539 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3540 if (do_encrypt) { 3541 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3542 hh->atw_keyid = ic->ic_wep_txkey; 3543 } 3544 3545 /* TBD 4-addr frames */ 3546 atw_frame_setdurs(sc, hh, rate, 3547 m0->m_pkthdr.len - sizeof(struct atw_frame) + 3548 sizeof(struct ieee80211_frame) + IEEE80211_CRC_LEN); 3549 3550 /* never fragment multicast frames */ 3551 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3552 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3553 } else if (sc->sc_flags & ATWF_RTSCTS) { 3554 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3555 } 3556 3557#ifdef ATW_DEBUG 3558 hh->atw_fragnum = 0; 3559 3560 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3561 printf("%s: dst = %s, rate = 0x%02x, " 3562 "service = 0x%02x, paylen = 0x%04x\n", 3563 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3564 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3565 3566 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3567 "dur1 = 0x%04x, dur2 = 0x%04x, " 3568 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3569 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3570 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3571 hh->atw_tail_dur, hh->atw_head_dur); 3572 3573 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3574 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3575 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3576 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3577 3578 printf("%s: keyid = %d\n", 3579 sc->sc_dev.dv_xname, hh->atw_keyid); 3580 3581 atw_dump_pkt(ifp, m0); 3582 } 3583#endif /* ATW_DEBUG */ 3584 3585 dmamap = txs->txs_dmamap; 3586 3587 /* 3588 * Load the DMA map. Copy and try (once) again if the packet 3589 * didn't fit in the alloted number of segments. 3590 */ 3591 for (first = 1; 3592 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3593 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3594 first = 0) { 3595 MGETHDR(m, M_DONTWAIT, MT_DATA); 3596 if (m == NULL) { 3597 printf("%s: unable to allocate Tx mbuf\n", 3598 sc->sc_dev.dv_xname); 3599 break; 3600 } 3601 if (m0->m_pkthdr.len > MHLEN) { 3602 MCLGET(m, M_DONTWAIT); 3603 if ((m->m_flags & M_EXT) == 0) { 3604 printf("%s: unable to allocate Tx " 3605 "cluster\n", sc->sc_dev.dv_xname); 3606 m_freem(m); 3607 break; 3608 } 3609 } 3610 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, caddr_t)); 3611 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3612 m_freem(m0); 3613 m0 = m; 3614 m = NULL; 3615 } 3616 if (error != 0) { 3617 printf("%s: unable to load Tx buffer, " 3618 "error = %d\n", sc->sc_dev.dv_xname, error); 3619 m_freem(m0); 3620 break; 3621 } 3622 3623 /* 3624 * Ensure we have enough descriptors free to describe 3625 * the packet. 3626 */ 3627 if (dmamap->dm_nsegs > sc->sc_txfree) { 3628 /* 3629 * Not enough free descriptors to transmit 3630 * this packet. Unload the DMA map and 3631 * drop the packet. Notify the upper layer 3632 * that there are no more slots left. 3633 * 3634 * XXX We could allocate an mbuf and copy, but 3635 * XXX it is worth it? 3636 */ 3637 ifp->if_flags |= IFF_OACTIVE; 3638 bus_dmamap_unload(sc->sc_dmat, dmamap); 3639 m_freem(m0); 3640 break; 3641 } 3642 3643 /* 3644 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3645 */ 3646 3647 /* Sync the DMA map. */ 3648 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3649 BUS_DMASYNC_PREWRITE); 3650 3651 /* XXX arbitrary retry limit; 8 because I have seen it in 3652 * use already and maybe 0 means "no tries" ! 3653 */ 3654 ctl = htole32(LSHIFT(8, ATW_TXCTL_TL_MASK)); 3655 3656 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3657 sc->sc_dev.dv_xname, rate * 5)); 3658 ctl |= htole32(LSHIFT(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3659 3660 /* 3661 * Initialize the transmit descriptors. 3662 */ 3663 for (nexttx = sc->sc_txnext, seg = 0; 3664 seg < dmamap->dm_nsegs; 3665 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3666 /* 3667 * If this is the first descriptor we're 3668 * enqueueing, don't set the OWN bit just 3669 * yet. That could cause a race condition. 3670 * We'll do it below. 3671 */ 3672 txd = &sc->sc_txdescs[nexttx]; 3673 txd->at_ctl = ctl | 3674 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3675 3676 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3677 txd->at_flags = 3678 htole32(LSHIFT(dmamap->dm_segs[seg].ds_len, 3679 ATW_TXFLAG_TBS1_MASK)) | 3680 ((nexttx == (ATW_NTXDESC - 1)) 3681 ? htole32(ATW_TXFLAG_TER) : 0); 3682 lasttx = nexttx; 3683 } 3684 3685 IASSERT(lasttx != -1, ("bad lastx")); 3686 /* Set `first segment' and `last segment' appropriately. */ 3687 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3688 htole32(ATW_TXFLAG_FS); 3689 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3690 3691#ifdef ATW_DEBUG 3692 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3693 printf(" txsoft %p transmit chain:\n", txs); 3694 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3695 printf(" descriptor %d:\n", seg); 3696 printf(" at_ctl: 0x%08x\n", 3697 le32toh(sc->sc_txdescs[seg].at_ctl)); 3698 printf(" at_flags: 0x%08x\n", 3699 le32toh(sc->sc_txdescs[seg].at_flags)); 3700 printf(" at_buf1: 0x%08x\n", 3701 le32toh(sc->sc_txdescs[seg].at_buf1)); 3702 printf(" at_buf2: 0x%08x\n", 3703 le32toh(sc->sc_txdescs[seg].at_buf2)); 3704 if (seg == lasttx) 3705 break; 3706 } 3707 } 3708#endif 3709 3710 /* Sync the descriptors we're using. */ 3711 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3712 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3713 3714 /* 3715 * Store a pointer to the packet so we can free it later, 3716 * and remember what txdirty will be once the packet is 3717 * done. 3718 */ 3719 txs->txs_mbuf = m0; 3720 txs->txs_firstdesc = sc->sc_txnext; 3721 txs->txs_lastdesc = lasttx; 3722 txs->txs_ndescs = dmamap->dm_nsegs; 3723 3724 /* Advance the tx pointer. */ 3725 sc->sc_txfree -= dmamap->dm_nsegs; 3726 sc->sc_txnext = nexttx; 3727 3728 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3729 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3730 3731 last_txs = txs; 3732 } 3733 3734 if (txs == NULL || sc->sc_txfree == 0) { 3735 /* No more slots left; notify upper layer. */ 3736 ifp->if_flags |= IFF_OACTIVE; 3737 } 3738 3739 if (sc->sc_txfree != ofree) { 3740 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3741 sc->sc_dev.dv_xname, lasttx, firsttx)); 3742 /* 3743 * Cause a transmit interrupt to happen on the 3744 * last packet we enqueued. 3745 */ 3746 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3747 ATW_CDTXSYNC(sc, lasttx, 1, 3748 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3749 3750 /* 3751 * The entire packet chain is set up. Give the 3752 * first descriptor to the chip now. 3753 */ 3754 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3755 ATW_CDTXSYNC(sc, firsttx, 1, 3756 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3757 3758 /* Wake up the transmitter. */ 3759 ATW_WRITE(sc, ATW_TDR, 0x1); 3760 3761 /* Set a watchdog timer in case the chip flakes out. */ 3762 sc->sc_tx_timer = 5; 3763 ifp->if_timer = 1; 3764 } 3765} 3766 3767/* 3768 * atw_power: 3769 * 3770 * Power management (suspend/resume) hook. 3771 */ 3772void 3773atw_power(int why, void *arg) 3774{ 3775 struct atw_softc *sc = arg; 3776 struct ifnet *ifp = &sc->sc_ic.ic_if; 3777 int s; 3778 3779 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3780 3781 s = splnet(); 3782 switch (why) { 3783 case PWR_STANDBY: 3784 /* XXX do nothing. */ 3785 break; 3786 case PWR_SUSPEND: 3787 atw_stop(ifp, 0); 3788 if (sc->sc_power != NULL) 3789 (*sc->sc_power)(sc, why); 3790 break; 3791 case PWR_RESUME: 3792 if (ifp->if_flags & IFF_UP) { 3793 if (sc->sc_power != NULL) 3794 (*sc->sc_power)(sc, why); 3795 atw_init(ifp); 3796 } 3797 break; 3798 case PWR_SOFTSUSPEND: 3799 case PWR_SOFTSTANDBY: 3800 case PWR_SOFTRESUME: 3801 break; 3802 } 3803 splx(s); 3804} 3805 3806/* 3807 * atw_ioctl: [ifnet interface function] 3808 * 3809 * Handle control requests from the operator. 3810 */ 3811int 3812atw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3813{ 3814 struct atw_softc *sc = ifp->if_softc; 3815 struct ifreq *ifr = (struct ifreq *)data; 3816 int s, error = 0; 3817 3818 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3819 if ((sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 3820 return ENXIO; 3821 3822 s = splnet(); 3823 3824 switch (cmd) { 3825 case SIOCSIFFLAGS: 3826 if (ifp->if_flags & IFF_UP) { 3827 if (ATW_IS_ENABLED(sc)) { 3828 /* 3829 * To avoid rescanning another access point, 3830 * do not call atw_init() here. Instead, 3831 * only reflect media settings. 3832 */ 3833 atw_filter_setup(sc); 3834 } else 3835 error = atw_init(ifp); 3836 } else if (ATW_IS_ENABLED(sc)) 3837 atw_stop(ifp, 1); 3838 break; 3839 case SIOCADDMULTI: 3840 case SIOCDELMULTI: 3841 error = (cmd == SIOCADDMULTI) ? 3842 ether_addmulti(ifr, &sc->sc_ic.ic_ec) : 3843 ether_delmulti(ifr, &sc->sc_ic.ic_ec); 3844 if (error == ENETRESET) { 3845 if (ATW_IS_ENABLED(sc)) 3846 atw_filter_setup(sc); /* do not rescan */ 3847 error = 0; 3848 } 3849 break; 3850 default: 3851 error = ieee80211_ioctl(ifp, cmd, data); 3852 if (error == ENETRESET) { 3853 if (ATW_IS_ENABLED(sc)) 3854 error = atw_init(ifp); 3855 else 3856 error = 0; 3857 } 3858 break; 3859 } 3860 3861 /* Try to get more packets going. */ 3862 if (ATW_IS_ENABLED(sc)) 3863 atw_start(ifp); 3864 3865 splx(s); 3866 return (error); 3867} 3868 3869static int 3870atw_media_change(struct ifnet *ifp) 3871{ 3872 int error; 3873 3874 error = ieee80211_media_change(ifp); 3875 if (error == ENETRESET) { 3876 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 3877 (IFF_RUNNING|IFF_UP)) 3878 atw_init(ifp); /* XXX lose error */ 3879 error = 0; 3880 } 3881 return error; 3882} 3883 3884static void 3885atw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 3886{ 3887 struct atw_softc *sc = ifp->if_softc; 3888 3889 if (ATW_IS_ENABLED(sc) == 0) { 3890 imr->ifm_active = IFM_IEEE80211 | IFM_NONE; 3891 imr->ifm_status = 0; 3892 return; 3893 } 3894 ieee80211_media_status(ifp, imr); 3895} 3896