atw.c revision 1.87
1/* $NetBSD: atw.c,v 1.87 2005/06/26 04:37:25 dyoung Exp $ */ 2 3/*- 4 * Copyright (c) 1998, 1999, 2000, 2002, 2003, 2004 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by David Young, by Jason R. Thorpe, and by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39/* 40 * Device driver for the ADMtek ADM8211 802.11 MAC/BBP. 41 */ 42 43#include <sys/cdefs.h> 44__KERNEL_RCSID(0, "$NetBSD: atw.c,v 1.87 2005/06/26 04:37:25 dyoung Exp $"); 45 46#include "bpfilter.h" 47 48#include <sys/param.h> 49#include <sys/systm.h> 50#include <sys/callout.h> 51#include <sys/mbuf.h> 52#include <sys/malloc.h> 53#include <sys/kernel.h> 54#include <sys/socket.h> 55#include <sys/ioctl.h> 56#include <sys/errno.h> 57#include <sys/device.h> 58#include <sys/time.h> 59 60#include <machine/endian.h> 61 62#include <uvm/uvm_extern.h> 63 64#include <net/if.h> 65#include <net/if_dl.h> 66#include <net/if_media.h> 67#include <net/if_ether.h> 68 69#include <net80211/ieee80211_netbsd.h> 70#include <net80211/ieee80211_var.h> 71#include <net80211/ieee80211_radiotap.h> 72 73#if NBPFILTER > 0 74#include <net/bpf.h> 75#endif 76 77#include <machine/bus.h> 78#include <machine/intr.h> 79 80#include <dev/ic/atwreg.h> 81#include <dev/ic/rf3000reg.h> 82#include <dev/ic/si4136reg.h> 83#include <dev/ic/atwvar.h> 84#include <dev/ic/smc93cx6var.h> 85 86/* XXX TBD open questions 87 * 88 * 89 * When should I set DSSS PAD in reg 0x15 of RF3000? In 1-2Mbps 90 * modes only, or all modes (5.5-11 Mbps CCK modes, too?) Does the MAC 91 * handle this for me? 92 * 93 */ 94/* device attachment 95 * 96 * print TOFS[012] 97 * 98 * device initialization 99 * 100 * clear ATW_FRCTL_MAXPSP to disable max power saving 101 * set ATW_TXBR_ALCUPDATE to enable ALC 102 * set TOFS[012]? (hope not) 103 * disable rx/tx 104 * set ATW_PAR_SWR (software reset) 105 * wait for ATW_PAR_SWR clear 106 * disable interrupts 107 * ack status register 108 * enable interrupts 109 * 110 * rx/tx initialization 111 * 112 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 113 * allocate and init descriptor rings 114 * write ATW_PAR_DSL (descriptor skip length) 115 * write descriptor base addrs: ATW_TDBD, ATW_TDBP, write ATW_RDB 116 * write ATW_NAR_SQ for one/both transmit descriptor rings 117 * write ATW_NAR_SQ for one/both transmit descriptor rings 118 * enable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 119 * 120 * rx/tx end 121 * 122 * stop DMA 123 * disable rx/tx w/ ATW_NAR_SR, ATW_NAR_ST 124 * flush tx w/ ATW_NAR_HF 125 * 126 * scan 127 * 128 * initialize rx/tx 129 * 130 * BSS join: (re)association response 131 * 132 * set ATW_FRCTL_AID 133 * 134 * optimizations ??? 135 * 136 */ 137 138#define ATW_REFSLAVE /* slavishly do what the reference driver does */ 139 140#define VOODOO_DUR_11_ROUNDING 0x01 /* necessary */ 141#define VOODOO_DUR_2_4_SPECIALCASE 0x02 /* NOT necessary */ 142int atw_voodoo = VOODOO_DUR_11_ROUNDING; 143 144int atw_pseudo_milli = 1; 145int atw_magic_delay1 = 100 * 1000; 146int atw_magic_delay2 = 100 * 1000; 147/* more magic multi-millisecond delays (units: microseconds) */ 148int atw_nar_delay = 20 * 1000; 149int atw_magic_delay4 = 10 * 1000; 150int atw_rf_delay1 = 10 * 1000; 151int atw_rf_delay2 = 5 * 1000; 152int atw_plcphd_delay = 2 * 1000; 153int atw_bbp_io_enable_delay = 20 * 1000; 154int atw_bbp_io_disable_delay = 2 * 1000; 155int atw_writewep_delay = 1000; 156int atw_beacon_len_adjust = 4; 157int atw_dwelltime = 200; 158int atw_xindiv2 = 0; 159 160#ifdef ATW_DEBUG 161int atw_debug = 0; 162 163#define ATW_DPRINTF(x) if (atw_debug > 0) printf x 164#define ATW_DPRINTF2(x) if (atw_debug > 1) printf x 165#define ATW_DPRINTF3(x) if (atw_debug > 2) printf x 166#define DPRINTF(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) printf x 167#define DPRINTF2(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF2(x) 168#define DPRINTF3(sc, x) if ((sc)->sc_if.if_flags & IFF_DEBUG) ATW_DPRINTF3(x) 169 170static void atw_dump_pkt(struct ifnet *, struct mbuf *); 171static void atw_print_regs(struct atw_softc *, const char *); 172 173/* Note well: I never got atw_rf3000_read or atw_si4126_read to work. */ 174# ifdef ATW_BBPDEBUG 175static void atw_rf3000_print(struct atw_softc *); 176static int atw_rf3000_read(struct atw_softc *sc, u_int, u_int *); 177# endif /* ATW_BBPDEBUG */ 178 179# ifdef ATW_SYNDEBUG 180static void atw_si4126_print(struct atw_softc *); 181static int atw_si4126_read(struct atw_softc *, u_int, u_int *); 182# endif /* ATW_SYNDEBUG */ 183 184#else 185#define ATW_DPRINTF(x) 186#define ATW_DPRINTF2(x) 187#define ATW_DPRINTF3(x) 188#define DPRINTF(sc, x) /* nothing */ 189#define DPRINTF2(sc, x) /* nothing */ 190#define DPRINTF3(sc, x) /* nothing */ 191#endif 192 193/* ifnet methods */ 194int atw_init(struct ifnet *); 195int atw_ioctl(struct ifnet *, u_long, caddr_t); 196void atw_start(struct ifnet *); 197void atw_stop(struct ifnet *, int); 198void atw_watchdog(struct ifnet *); 199 200/* Device attachment */ 201void atw_attach(struct atw_softc *); 202int atw_detach(struct atw_softc *); 203 204/* Rx/Tx process */ 205int atw_add_rxbuf(struct atw_softc *, int); 206void atw_idle(struct atw_softc *, u_int32_t); 207void atw_rxdrain(struct atw_softc *); 208void atw_txdrain(struct atw_softc *); 209 210/* Device (de)activation and power state */ 211void atw_disable(struct atw_softc *); 212int atw_enable(struct atw_softc *); 213void atw_power(int, void *); 214void atw_reset(struct atw_softc *); 215void atw_shutdown(void *); 216 217/* Interrupt handlers */ 218void atw_linkintr(struct atw_softc *, u_int32_t); 219void atw_rxintr(struct atw_softc *); 220void atw_txintr(struct atw_softc *); 221 222/* 802.11 state machine */ 223static int atw_newstate(struct ieee80211com *, enum ieee80211_state, int); 224static void atw_next_scan(void *); 225static void atw_recv_mgmt(struct ieee80211com *, struct mbuf *, 226 struct ieee80211_node *, int, int, u_int32_t); 227static int atw_tune(struct atw_softc *); 228 229/* Device initialization */ 230static void atw_bbp_io_init(struct atw_softc *); 231static void atw_cfp_init(struct atw_softc *); 232static void atw_cmdr_init(struct atw_softc *); 233static void atw_ifs_init(struct atw_softc *); 234static void atw_nar_init(struct atw_softc *); 235static void atw_response_times_init(struct atw_softc *); 236static void atw_rf_reset(struct atw_softc *); 237static void atw_test1_init(struct atw_softc *); 238static void atw_tofs0_init(struct atw_softc *); 239static void atw_tofs2_init(struct atw_softc *); 240static void atw_txlmt_init(struct atw_softc *); 241static void atw_wcsr_init(struct atw_softc *); 242 243/* Key management */ 244static int atw_key_alloc(struct ieee80211com *, const struct ieee80211_key *); 245static int atw_key_delete(struct ieee80211com *, const struct ieee80211_key *); 246static int atw_key_set(struct ieee80211com *, const struct ieee80211_key *, 247 const u_int8_t[IEEE80211_ADDR_LEN]); 248static void atw_key_update_begin(struct ieee80211com *); 249static void atw_key_update_end(struct ieee80211com *); 250 251/* RAM/ROM utilities */ 252static void atw_clear_sram(struct atw_softc *); 253static void atw_write_sram(struct atw_softc *, u_int, u_int8_t *, u_int); 254static int atw_read_srom(struct atw_softc *); 255 256/* BSS setup */ 257static void atw_predict_beacon(struct atw_softc *); 258static void atw_start_beacon(struct atw_softc *, int); 259static void atw_write_bssid(struct atw_softc *); 260static void atw_write_ssid(struct atw_softc *); 261static void atw_write_sup_rates(struct atw_softc *); 262static void atw_write_wep(struct atw_softc *); 263 264/* Media */ 265static int atw_media_change(struct ifnet *); 266static void atw_media_status(struct ifnet *, struct ifmediareq *); 267 268static void atw_filter_setup(struct atw_softc *); 269 270/* 802.11 utilities */ 271static void atw_frame_setdurs(struct atw_softc *, 272 struct atw_frame *, int, int); 273static uint64_t atw_get_tsft(struct atw_softc *); 274static __inline uint32_t atw_last_even_tsft(uint32_t, uint32_t, 275 uint32_t); 276static struct ieee80211_node *atw_node_alloc(struct ieee80211_node_table *); 277static void atw_node_free(struct ieee80211_node *); 278static void atw_change_ibss(struct atw_softc *); 279 280/* 281 * Tuner/transceiver/modem 282 */ 283static void atw_bbp_io_enable(struct atw_softc *, int); 284 285/* RFMD RF3000 Baseband Processor */ 286static int atw_rf3000_init(struct atw_softc *); 287static int atw_rf3000_tune(struct atw_softc *, u_int); 288static int atw_rf3000_write(struct atw_softc *, u_int, u_int); 289 290/* Silicon Laboratories Si4126 RF/IF Synthesizer */ 291static void atw_si4126_tune(struct atw_softc *, u_int); 292static void atw_si4126_write(struct atw_softc *, u_int, u_int); 293 294const struct atw_txthresh_tab atw_txthresh_tab_lo[] = ATW_TXTHRESH_TAB_LO_RATE; 295const struct atw_txthresh_tab atw_txthresh_tab_hi[] = ATW_TXTHRESH_TAB_HI_RATE; 296 297const char *atw_tx_state[] = { 298 "STOPPED", 299 "RUNNING - read descriptor", 300 "RUNNING - transmitting", 301 "RUNNING - filling fifo", /* XXX */ 302 "SUSPENDED", 303 "RUNNING -- write descriptor", 304 "RUNNING -- write last descriptor", 305 "RUNNING - fifo full" 306}; 307 308const char *atw_rx_state[] = { 309 "STOPPED", 310 "RUNNING - read descriptor", 311 "RUNNING - check this packet, pre-fetch next", 312 "RUNNING - wait for reception", 313 "SUSPENDED", 314 "RUNNING - write descriptor", 315 "RUNNING - flush fifo", 316 "RUNNING - fifo drain" 317}; 318 319int 320atw_activate(struct device *self, enum devact act) 321{ 322 struct atw_softc *sc = (struct atw_softc *)self; 323 int rv = 0, s; 324 325 s = splnet(); 326 switch (act) { 327 case DVACT_ACTIVATE: 328 rv = EOPNOTSUPP; 329 break; 330 331 case DVACT_DEACTIVATE: 332 if_deactivate(&sc->sc_if); 333 break; 334 } 335 splx(s); 336 return rv; 337} 338 339/* 340 * atw_enable: 341 * 342 * Enable the ADM8211 chip. 343 */ 344int 345atw_enable(struct atw_softc *sc) 346{ 347 348 if (ATW_IS_ENABLED(sc) == 0) { 349 if (sc->sc_enable != NULL && (*sc->sc_enable)(sc) != 0) { 350 printf("%s: device enable failed\n", 351 sc->sc_dev.dv_xname); 352 return (EIO); 353 } 354 sc->sc_flags |= ATWF_ENABLED; 355 } 356 return (0); 357} 358 359/* 360 * atw_disable: 361 * 362 * Disable the ADM8211 chip. 363 */ 364void 365atw_disable(struct atw_softc *sc) 366{ 367 if (!ATW_IS_ENABLED(sc)) 368 return; 369 if (sc->sc_disable != NULL) 370 (*sc->sc_disable)(sc); 371 sc->sc_flags &= ~ATWF_ENABLED; 372} 373 374/* Returns -1 on failure. */ 375static int 376atw_read_srom(struct atw_softc *sc) 377{ 378 struct seeprom_descriptor sd; 379 uint32_t test0, fail_bits; 380 381 (void)memset(&sd, 0, sizeof(sd)); 382 383 test0 = ATW_READ(sc, ATW_TEST0); 384 385 switch (sc->sc_rev) { 386 case ATW_REVISION_BA: 387 case ATW_REVISION_CA: 388 fail_bits = ATW_TEST0_EPNE; 389 break; 390 default: 391 fail_bits = ATW_TEST0_EPNE|ATW_TEST0_EPSNM; 392 break; 393 } 394 if ((test0 & fail_bits) != 0) { 395 printf("%s: bad or missing/bad SROM\n", sc->sc_dev.dv_xname); 396 return -1; 397 } 398 399 switch (test0 & ATW_TEST0_EPTYP_MASK) { 400 case ATW_TEST0_EPTYP_93c66: 401 ATW_DPRINTF(("%s: 93c66 SROM\n", sc->sc_dev.dv_xname)); 402 sc->sc_sromsz = 512; 403 sd.sd_chip = C56_66; 404 break; 405 case ATW_TEST0_EPTYP_93c46: 406 ATW_DPRINTF(("%s: 93c46 SROM\n", sc->sc_dev.dv_xname)); 407 sc->sc_sromsz = 128; 408 sd.sd_chip = C46; 409 break; 410 default: 411 printf("%s: unknown SROM type %d\n", sc->sc_dev.dv_xname, 412 MASK_AND_RSHIFT(test0, ATW_TEST0_EPTYP_MASK)); 413 return -1; 414 } 415 416 sc->sc_srom = malloc(sc->sc_sromsz, M_DEVBUF, M_NOWAIT); 417 418 if (sc->sc_srom == NULL) { 419 printf("%s: unable to allocate SROM buffer\n", 420 sc->sc_dev.dv_xname); 421 return -1; 422 } 423 424 (void)memset(sc->sc_srom, 0, sc->sc_sromsz); 425 426 /* ADM8211 has a single 32-bit register for controlling the 427 * 93cx6 SROM. Bit SRS enables the serial port. There is no 428 * "ready" bit. The ADM8211 input/output sense is the reverse 429 * of read_seeprom's. 430 */ 431 sd.sd_tag = sc->sc_st; 432 sd.sd_bsh = sc->sc_sh; 433 sd.sd_regsize = 4; 434 sd.sd_control_offset = ATW_SPR; 435 sd.sd_status_offset = ATW_SPR; 436 sd.sd_dataout_offset = ATW_SPR; 437 sd.sd_CK = ATW_SPR_SCLK; 438 sd.sd_CS = ATW_SPR_SCS; 439 sd.sd_DI = ATW_SPR_SDO; 440 sd.sd_DO = ATW_SPR_SDI; 441 sd.sd_MS = ATW_SPR_SRS; 442 sd.sd_RDY = 0; 443 444 if (!read_seeprom(&sd, sc->sc_srom, 0, sc->sc_sromsz/2)) { 445 printf("%s: could not read SROM\n", sc->sc_dev.dv_xname); 446 free(sc->sc_srom, M_DEVBUF); 447 return -1; 448 } 449#ifdef ATW_DEBUG 450 { 451 int i; 452 ATW_DPRINTF(("\nSerial EEPROM:\n\t")); 453 for (i = 0; i < sc->sc_sromsz/2; i = i + 1) { 454 if (((i % 8) == 0) && (i != 0)) { 455 ATW_DPRINTF(("\n\t")); 456 } 457 ATW_DPRINTF((" 0x%x", sc->sc_srom[i])); 458 } 459 ATW_DPRINTF(("\n")); 460 } 461#endif /* ATW_DEBUG */ 462 return 0; 463} 464 465#ifdef ATW_DEBUG 466static void 467atw_print_regs(struct atw_softc *sc, const char *where) 468{ 469#define PRINTREG(sc, reg) \ 470 ATW_DPRINTF2(("%s: reg[ " #reg " / %03x ] = %08x\n", \ 471 sc->sc_dev.dv_xname, reg, ATW_READ(sc, reg))) 472 473 ATW_DPRINTF2(("%s: %s\n", sc->sc_dev.dv_xname, where)); 474 475 PRINTREG(sc, ATW_PAR); 476 PRINTREG(sc, ATW_FRCTL); 477 PRINTREG(sc, ATW_TDR); 478 PRINTREG(sc, ATW_WTDP); 479 PRINTREG(sc, ATW_RDR); 480 PRINTREG(sc, ATW_WRDP); 481 PRINTREG(sc, ATW_RDB); 482 PRINTREG(sc, ATW_CSR3A); 483 PRINTREG(sc, ATW_TDBD); 484 PRINTREG(sc, ATW_TDBP); 485 PRINTREG(sc, ATW_STSR); 486 PRINTREG(sc, ATW_CSR5A); 487 PRINTREG(sc, ATW_NAR); 488 PRINTREG(sc, ATW_CSR6A); 489 PRINTREG(sc, ATW_IER); 490 PRINTREG(sc, ATW_CSR7A); 491 PRINTREG(sc, ATW_LPC); 492 PRINTREG(sc, ATW_TEST1); 493 PRINTREG(sc, ATW_SPR); 494 PRINTREG(sc, ATW_TEST0); 495 PRINTREG(sc, ATW_WCSR); 496 PRINTREG(sc, ATW_WPDR); 497 PRINTREG(sc, ATW_GPTMR); 498 PRINTREG(sc, ATW_GPIO); 499 PRINTREG(sc, ATW_BBPCTL); 500 PRINTREG(sc, ATW_SYNCTL); 501 PRINTREG(sc, ATW_PLCPHD); 502 PRINTREG(sc, ATW_MMIWADDR); 503 PRINTREG(sc, ATW_MMIRADDR1); 504 PRINTREG(sc, ATW_MMIRADDR2); 505 PRINTREG(sc, ATW_TXBR); 506 PRINTREG(sc, ATW_CSR15A); 507 PRINTREG(sc, ATW_ALCSTAT); 508 PRINTREG(sc, ATW_TOFS2); 509 PRINTREG(sc, ATW_CMDR); 510 PRINTREG(sc, ATW_PCIC); 511 PRINTREG(sc, ATW_PMCSR); 512 PRINTREG(sc, ATW_PAR0); 513 PRINTREG(sc, ATW_PAR1); 514 PRINTREG(sc, ATW_MAR0); 515 PRINTREG(sc, ATW_MAR1); 516 PRINTREG(sc, ATW_ATIMDA0); 517 PRINTREG(sc, ATW_ABDA1); 518 PRINTREG(sc, ATW_BSSID0); 519 PRINTREG(sc, ATW_TXLMT); 520 PRINTREG(sc, ATW_MIBCNT); 521 PRINTREG(sc, ATW_BCNT); 522 PRINTREG(sc, ATW_TSFTH); 523 PRINTREG(sc, ATW_TSC); 524 PRINTREG(sc, ATW_SYNRF); 525 PRINTREG(sc, ATW_BPLI); 526 PRINTREG(sc, ATW_CAP0); 527 PRINTREG(sc, ATW_CAP1); 528 PRINTREG(sc, ATW_RMD); 529 PRINTREG(sc, ATW_CFPP); 530 PRINTREG(sc, ATW_TOFS0); 531 PRINTREG(sc, ATW_TOFS1); 532 PRINTREG(sc, ATW_IFST); 533 PRINTREG(sc, ATW_RSPT); 534 PRINTREG(sc, ATW_TSFTL); 535 PRINTREG(sc, ATW_WEPCTL); 536 PRINTREG(sc, ATW_WESK); 537 PRINTREG(sc, ATW_WEPCNT); 538 PRINTREG(sc, ATW_MACTEST); 539 PRINTREG(sc, ATW_FER); 540 PRINTREG(sc, ATW_FEMR); 541 PRINTREG(sc, ATW_FPSR); 542 PRINTREG(sc, ATW_FFER); 543#undef PRINTREG 544} 545#endif /* ATW_DEBUG */ 546 547/* 548 * Finish attaching an ADMtek ADM8211 MAC. Called by bus-specific front-end. 549 */ 550void 551atw_attach(struct atw_softc *sc) 552{ 553 static const u_int8_t empty_macaddr[IEEE80211_ADDR_LEN] = { 554 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 555 }; 556 struct ieee80211com *ic = &sc->sc_ic; 557 struct ifnet *ifp = &sc->sc_if; 558 int country_code, error, i, nrate, srom_major; 559 u_int32_t reg; 560 static const char *type_strings[] = {"Intersil (not supported)", 561 "RFMD", "Marvel (not supported)"}; 562 563 sc->sc_txth = atw_txthresh_tab_lo; 564 565 SIMPLEQ_INIT(&sc->sc_txfreeq); 566 SIMPLEQ_INIT(&sc->sc_txdirtyq); 567 568#ifdef ATW_DEBUG 569 atw_print_regs(sc, "atw_attach"); 570#endif /* ATW_DEBUG */ 571 572 /* 573 * Allocate the control data structures, and create and load the 574 * DMA map for it. 575 */ 576 if ((error = bus_dmamem_alloc(sc->sc_dmat, 577 sizeof(struct atw_control_data), PAGE_SIZE, 0, &sc->sc_cdseg, 578 1, &sc->sc_cdnseg, 0)) != 0) { 579 printf("%s: unable to allocate control data, error = %d\n", 580 sc->sc_dev.dv_xname, error); 581 goto fail_0; 582 } 583 584 if ((error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg, 585 sizeof(struct atw_control_data), (caddr_t *)&sc->sc_control_data, 586 BUS_DMA_COHERENT)) != 0) { 587 printf("%s: unable to map control data, error = %d\n", 588 sc->sc_dev.dv_xname, error); 589 goto fail_1; 590 } 591 592 if ((error = bus_dmamap_create(sc->sc_dmat, 593 sizeof(struct atw_control_data), 1, 594 sizeof(struct atw_control_data), 0, 0, &sc->sc_cddmamap)) != 0) { 595 printf("%s: unable to create control data DMA map, " 596 "error = %d\n", sc->sc_dev.dv_xname, error); 597 goto fail_2; 598 } 599 600 if ((error = bus_dmamap_load(sc->sc_dmat, sc->sc_cddmamap, 601 sc->sc_control_data, sizeof(struct atw_control_data), NULL, 602 0)) != 0) { 603 printf("%s: unable to load control data DMA map, error = %d\n", 604 sc->sc_dev.dv_xname, error); 605 goto fail_3; 606 } 607 608 /* 609 * Create the transmit buffer DMA maps. 610 */ 611 sc->sc_ntxsegs = ATW_NTXSEGS; 612 for (i = 0; i < ATW_TXQUEUELEN; i++) { 613 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 614 sc->sc_ntxsegs, MCLBYTES, 0, 0, 615 &sc->sc_txsoft[i].txs_dmamap)) != 0) { 616 printf("%s: unable to create tx DMA map %d, " 617 "error = %d\n", sc->sc_dev.dv_xname, i, error); 618 goto fail_4; 619 } 620 } 621 622 /* 623 * Create the receive buffer DMA maps. 624 */ 625 for (i = 0; i < ATW_NRXDESC; i++) { 626 if ((error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, 627 MCLBYTES, 0, 0, &sc->sc_rxsoft[i].rxs_dmamap)) != 0) { 628 printf("%s: unable to create rx DMA map %d, " 629 "error = %d\n", sc->sc_dev.dv_xname, i, error); 630 goto fail_5; 631 } 632 } 633 for (i = 0; i < ATW_NRXDESC; i++) { 634 sc->sc_rxsoft[i].rxs_mbuf = NULL; 635 } 636 637 switch (sc->sc_rev) { 638 case ATW_REVISION_AB: 639 case ATW_REVISION_AF: 640 sc->sc_sramlen = ATW_SRAM_A_SIZE; 641 break; 642 case ATW_REVISION_BA: 643 case ATW_REVISION_CA: 644 sc->sc_sramlen = ATW_SRAM_B_SIZE; 645 break; 646 } 647 648 /* Reset the chip to a known state. */ 649 atw_reset(sc); 650 651 if (atw_read_srom(sc) == -1) 652 return; 653 654 sc->sc_rftype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 655 ATW_SR_RFTYPE_MASK); 656 657 sc->sc_bbptype = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CSR20], 658 ATW_SR_BBPTYPE_MASK); 659 660 if (sc->sc_rftype > sizeof(type_strings)/sizeof(type_strings[0])) { 661 printf("%s: unknown RF\n", sc->sc_dev.dv_xname); 662 return; 663 } 664 if (sc->sc_bbptype > sizeof(type_strings)/sizeof(type_strings[0])) { 665 printf("%s: unknown BBP\n", sc->sc_dev.dv_xname); 666 return; 667 } 668 669 printf("%s: %s RF, %s BBP", sc->sc_dev.dv_xname, 670 type_strings[sc->sc_rftype], type_strings[sc->sc_bbptype]); 671 672 /* XXX There exists a Linux driver which seems to use RFType = 0 for 673 * MARVEL. My bug, or theirs? 674 */ 675 676 reg = LSHIFT(sc->sc_rftype, ATW_SYNCTL_RFTYPE_MASK); 677 678 switch (sc->sc_rftype) { 679 case ATW_RFTYPE_INTERSIL: 680 reg |= ATW_SYNCTL_CS1; 681 break; 682 case ATW_RFTYPE_RFMD: 683 reg |= ATW_SYNCTL_CS0; 684 break; 685 case ATW_RFTYPE_MARVEL: 686 break; 687 } 688 689 sc->sc_synctl_rd = reg | ATW_SYNCTL_RD; 690 sc->sc_synctl_wr = reg | ATW_SYNCTL_WR; 691 692 reg = LSHIFT(sc->sc_bbptype, ATW_BBPCTL_TYPE_MASK); 693 694 switch (sc->sc_bbptype) { 695 case ATW_BBPTYPE_INTERSIL: 696 reg |= ATW_BBPCTL_TWI; 697 break; 698 case ATW_BBPTYPE_RFMD: 699 reg |= ATW_BBPCTL_RF3KADDR_ADDR | ATW_BBPCTL_NEGEDGE_DO | 700 ATW_BBPCTL_CCA_ACTLO; 701 break; 702 case ATW_BBPTYPE_MARVEL: 703 break; 704 case ATW_C_BBPTYPE_RFMD: 705 printf("%s: ADM8211C MAC/RFMD BBP not supported yet.\n", 706 sc->sc_dev.dv_xname); 707 break; 708 } 709 710 sc->sc_bbpctl_wr = reg | ATW_BBPCTL_WR; 711 sc->sc_bbpctl_rd = reg | ATW_BBPCTL_RD; 712 713 /* 714 * From this point forward, the attachment cannot fail. A failure 715 * before this point releases all resources that may have been 716 * allocated. 717 */ 718 sc->sc_flags |= ATWF_ATTACHED /* | ATWF_RTSCTS */; 719 720 ATW_DPRINTF((" SROM MAC %04x%04x%04x", 721 htole16(sc->sc_srom[ATW_SR_MAC00]), 722 htole16(sc->sc_srom[ATW_SR_MAC01]), 723 htole16(sc->sc_srom[ATW_SR_MAC10]))); 724 725 srom_major = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_FORMAT_VERSION], 726 ATW_SR_MAJOR_MASK); 727 728 if (srom_major < 2) 729 sc->sc_rf3000_options1 = 0; 730 else if (sc->sc_rev == ATW_REVISION_BA) { 731 sc->sc_rf3000_options1 = 732 MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CR28_CR03], 733 ATW_SR_CR28_MASK); 734 } else 735 sc->sc_rf3000_options1 = 0; 736 737 sc->sc_rf3000_options2 = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 738 ATW_SR_CR29_MASK); 739 740 country_code = MASK_AND_RSHIFT(sc->sc_srom[ATW_SR_CTRY_CR29], 741 ATW_SR_CTRY_MASK); 742 743#define ADD_CHANNEL(_ic, _chan) do { \ 744 _ic->ic_channels[_chan].ic_flags = IEEE80211_CHAN_B; \ 745 _ic->ic_channels[_chan].ic_freq = \ 746 ieee80211_ieee2mhz(_chan, _ic->ic_channels[_chan].ic_flags);\ 747} while (0) 748 749 /* Find available channels */ 750 switch (country_code) { 751 case COUNTRY_MMK2: /* 1-14 */ 752 ADD_CHANNEL(ic, 14); 753 /*FALLTHROUGH*/ 754 case COUNTRY_ETSI: /* 1-13 */ 755 for (i = 1; i <= 13; i++) 756 ADD_CHANNEL(ic, i); 757 break; 758 case COUNTRY_FCC: /* 1-11 */ 759 case COUNTRY_IC: /* 1-11 */ 760 for (i = 1; i <= 11; i++) 761 ADD_CHANNEL(ic, i); 762 break; 763 case COUNTRY_MMK: /* 14 */ 764 ADD_CHANNEL(ic, 14); 765 break; 766 case COUNTRY_FRANCE: /* 10-13 */ 767 for (i = 10; i <= 13; i++) 768 ADD_CHANNEL(ic, i); 769 break; 770 default: /* assume channels 10-11 */ 771 case COUNTRY_SPAIN: /* 10-11 */ 772 for (i = 10; i <= 11; i++) 773 ADD_CHANNEL(ic, i); 774 break; 775 } 776 777 /* Read the MAC address. */ 778 reg = ATW_READ(sc, ATW_PAR0); 779 ic->ic_myaddr[0] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB0_MASK); 780 ic->ic_myaddr[1] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB1_MASK); 781 ic->ic_myaddr[2] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB2_MASK); 782 ic->ic_myaddr[3] = MASK_AND_RSHIFT(reg, ATW_PAR0_PAB3_MASK); 783 reg = ATW_READ(sc, ATW_PAR1); 784 ic->ic_myaddr[4] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB4_MASK); 785 ic->ic_myaddr[5] = MASK_AND_RSHIFT(reg, ATW_PAR1_PAB5_MASK); 786 787 if (IEEE80211_ADDR_EQ(ic->ic_myaddr, empty_macaddr)) { 788 printf(" could not get mac address, attach failed\n"); 789 return; 790 } 791 792 printf(" 802.11 address %s\n", ether_sprintf(ic->ic_myaddr)); 793 794 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 795 ifp->if_softc = sc; 796 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST | 797 IFF_NOTRAILERS; 798 ifp->if_ioctl = atw_ioctl; 799 ifp->if_start = atw_start; 800 ifp->if_watchdog = atw_watchdog; 801 ifp->if_init = atw_init; 802 ifp->if_stop = atw_stop; 803 IFQ_SET_READY(&ifp->if_snd); 804 805 ic->ic_ifp = ifp; 806 ic->ic_phytype = IEEE80211_T_DS; 807 ic->ic_opmode = IEEE80211_M_STA; 808 ic->ic_caps = IEEE80211_C_PMGT | IEEE80211_C_IBSS | 809 IEEE80211_C_HOSTAP | IEEE80211_C_MONITOR; 810 811 nrate = 0; 812 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 2; 813 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 4; 814 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 11; 815 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_rates[nrate++] = 22; 816 ic->ic_sup_rates[IEEE80211_MODE_11B].rs_nrates = nrate; 817 818 /* 819 * Call MI attach routines. 820 */ 821 822 if_attach(ifp); 823 ieee80211_ifattach(ic); 824 825 sc->sc_newstate = ic->ic_newstate; 826 ic->ic_newstate = atw_newstate; 827 828 sc->sc_recv_mgmt = ic->ic_recv_mgmt; 829 ic->ic_recv_mgmt = atw_recv_mgmt; 830 831 sc->sc_node_free = ic->ic_node_free; 832 ic->ic_node_free = atw_node_free; 833 834 sc->sc_node_alloc = ic->ic_node_alloc; 835 ic->ic_node_alloc = atw_node_alloc; 836 837 ic->ic_crypto.cs_key_alloc = atw_key_alloc; 838 ic->ic_crypto.cs_key_delete = atw_key_delete; 839 ic->ic_crypto.cs_key_set = atw_key_set; 840 ic->ic_crypto.cs_key_update_begin = atw_key_update_begin; 841 ic->ic_crypto.cs_key_update_end = atw_key_update_end; 842 843 /* possibly we should fill in our own sc_send_prresp, since 844 * the ADM8211 is probably sending probe responses in ad hoc 845 * mode. 846 */ 847 848 /* complete initialization */ 849 ieee80211_media_init(ic, atw_media_change, atw_media_status); 850 callout_init(&sc->sc_scan_ch); 851 852#if NBPFILTER > 0 853 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 854 sizeof(struct ieee80211_frame) + 64, &sc->sc_radiobpf); 855#endif 856 857 /* 858 * Make sure the interface is shutdown during reboot. 859 */ 860 sc->sc_sdhook = shutdownhook_establish(atw_shutdown, sc); 861 if (sc->sc_sdhook == NULL) 862 printf("%s: WARNING: unable to establish shutdown hook\n", 863 sc->sc_dev.dv_xname); 864 865 /* 866 * Add a suspend hook to make sure we come back up after a 867 * resume. 868 */ 869 sc->sc_powerhook = powerhook_establish(atw_power, sc); 870 if (sc->sc_powerhook == NULL) 871 printf("%s: WARNING: unable to establish power hook\n", 872 sc->sc_dev.dv_xname); 873 874 memset(&sc->sc_rxtapu, 0, sizeof(sc->sc_rxtapu)); 875 sc->sc_rxtap.ar_ihdr.it_len = sizeof(sc->sc_rxtapu); 876 sc->sc_rxtap.ar_ihdr.it_present = ATW_RX_RADIOTAP_PRESENT; 877 878 memset(&sc->sc_txtapu, 0, sizeof(sc->sc_txtapu)); 879 sc->sc_txtap.at_ihdr.it_len = sizeof(sc->sc_txtapu); 880 sc->sc_txtap.at_ihdr.it_present = ATW_TX_RADIOTAP_PRESENT; 881 882 return; 883 884 /* 885 * Free any resources we've allocated during the failed attach 886 * attempt. Do this in reverse order and fall through. 887 */ 888 fail_5: 889 for (i = 0; i < ATW_NRXDESC; i++) { 890 if (sc->sc_rxsoft[i].rxs_dmamap == NULL) 891 continue; 892 bus_dmamap_destroy(sc->sc_dmat, sc->sc_rxsoft[i].rxs_dmamap); 893 } 894 fail_4: 895 for (i = 0; i < ATW_TXQUEUELEN; i++) { 896 if (sc->sc_txsoft[i].txs_dmamap == NULL) 897 continue; 898 bus_dmamap_destroy(sc->sc_dmat, sc->sc_txsoft[i].txs_dmamap); 899 } 900 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 901 fail_3: 902 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 903 fail_2: 904 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 905 sizeof(struct atw_control_data)); 906 fail_1: 907 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 908 fail_0: 909 return; 910} 911 912static struct ieee80211_node * 913atw_node_alloc(struct ieee80211_node_table *nt) 914{ 915 struct atw_softc *sc = (struct atw_softc *)nt->nt_ic->ic_ifp->if_softc; 916 struct ieee80211_node *ni = (*sc->sc_node_alloc)(nt); 917 918 DPRINTF(sc, ("%s: alloc node %p\n", sc->sc_dev.dv_xname, ni)); 919 return ni; 920} 921 922static void 923atw_node_free(struct ieee80211_node *ni) 924{ 925 struct atw_softc *sc = (struct atw_softc *)ni->ni_ic->ic_ifp->if_softc; 926 927 DPRINTF(sc, ("%s: freeing node %p %s\n", sc->sc_dev.dv_xname, ni, 928 ether_sprintf(ni->ni_bssid))); 929 (*sc->sc_node_free)(ni); 930} 931 932 933static void 934atw_test1_reset(struct atw_softc *sc) 935{ 936 switch (sc->sc_rev) { 937 case ATW_REVISION_BA: 938 if (1 /* XXX condition on transceiver type */) { 939 ATW_SET(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MONITOR); 940 } 941 break; 942 case ATW_REVISION_CA: 943 ATW_CLR(sc, ATW_TEST1, ATW_TEST1_TESTMODE_MASK); 944 break; 945 default: 946 break; 947 } 948} 949 950/* 951 * atw_reset: 952 * 953 * Perform a soft reset on the ADM8211. 954 */ 955void 956atw_reset(struct atw_softc *sc) 957{ 958 int i; 959 uint32_t lpc; 960 961 ATW_WRITE(sc, ATW_NAR, 0x0); 962 DELAY(atw_nar_delay); 963 964 /* Reference driver has a cryptic remark indicating that this might 965 * power-on the chip. I know that it turns off power-saving.... 966 */ 967 ATW_WRITE(sc, ATW_FRCTL, 0x0); 968 969 ATW_WRITE(sc, ATW_PAR, ATW_PAR_SWR); 970 971 for (i = 0; i < 50000 / atw_pseudo_milli; i++) { 972 if (ATW_READ(sc, ATW_PAR) == 0) 973 break; 974 DELAY(atw_pseudo_milli); 975 } 976 977 /* ... and then pause 100ms longer for good measure. */ 978 DELAY(atw_magic_delay1); 979 980 DPRINTF2(sc, ("%s: atw_reset %d iterations\n", sc->sc_dev.dv_xname, i)); 981 982 if (ATW_ISSET(sc, ATW_PAR, ATW_PAR_SWR)) 983 printf("%s: reset failed to complete\n", sc->sc_dev.dv_xname); 984 985 atw_test1_reset(sc); 986 /* 987 * Initialize the PCI Access Register. 988 */ 989 sc->sc_busmode = ATW_PAR_PBL_8DW; 990 991 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 992 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 993 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 994 995 /* Turn off maximum power saving, etc. 996 * 997 * XXX Following example of reference driver, should I set 998 * an AID of 1? It didn't seem to help.... 999 */ 1000 ATW_WRITE(sc, ATW_FRCTL, 0x0); 1001 1002 DELAY(atw_magic_delay2); 1003 1004 /* Recall EEPROM. */ 1005 ATW_SET(sc, ATW_TEST0, ATW_TEST0_EPRLD); 1006 1007 DELAY(atw_magic_delay4); 1008 1009 lpc = ATW_READ(sc, ATW_LPC); 1010 1011 DPRINTF(sc, ("%s: ATW_LPC %#08x\n", __func__, lpc)); 1012 1013 /* A reset seems to affect the SRAM contents, so put them into 1014 * a known state. 1015 */ 1016 atw_clear_sram(sc); 1017 1018 memset(sc->sc_bssid, 0xff, sizeof(sc->sc_bssid)); 1019} 1020 1021static void 1022atw_clear_sram(struct atw_softc *sc) 1023{ 1024 memset(sc->sc_sram, 0, sizeof(sc->sc_sram)); 1025 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 1026 /* XXX not for revision 0x20. */ 1027 atw_write_sram(sc, 0, sc->sc_sram, sc->sc_sramlen); 1028} 1029 1030/* TBD atw_init 1031 * 1032 * set MAC based on ic->ic_bss->myaddr 1033 * write WEP keys 1034 * set TX rate 1035 */ 1036 1037/* Tell the ADM8211 to raise ATW_INTR_LINKOFF if 7 beacon intervals pass 1038 * without receiving a beacon with the preferred BSSID & SSID. 1039 * atw_write_bssid & atw_write_ssid set the BSSID & SSID. 1040 */ 1041static void 1042atw_wcsr_init(struct atw_softc *sc) 1043{ 1044 uint32_t wcsr; 1045 1046 wcsr = ATW_READ(sc, ATW_WCSR); 1047 wcsr &= ~(ATW_WCSR_BLN_MASK|ATW_WCSR_LSOE|ATW_WCSR_MPRE|ATW_WCSR_LSOE); 1048 wcsr |= LSHIFT(7, ATW_WCSR_BLN_MASK); 1049 ATW_WRITE(sc, ATW_WCSR, wcsr); /* XXX resets wake-up status bits */ 1050 1051 DPRINTF(sc, ("%s: %s reg[WCSR] = %08x\n", 1052 sc->sc_dev.dv_xname, __func__, ATW_READ(sc, ATW_WCSR))); 1053} 1054 1055/* Turn off power management. Set Rx store-and-forward mode. */ 1056static void 1057atw_cmdr_init(struct atw_softc *sc) 1058{ 1059 uint32_t cmdr; 1060 cmdr = ATW_READ(sc, ATW_CMDR); 1061 cmdr &= ~ATW_CMDR_APM; 1062 cmdr |= ATW_CMDR_RTE; 1063 cmdr &= ~ATW_CMDR_DRT_MASK; 1064 cmdr |= ATW_CMDR_DRT_SF; 1065 1066 ATW_WRITE(sc, ATW_CMDR, cmdr); 1067} 1068 1069static void 1070atw_tofs2_init(struct atw_softc *sc) 1071{ 1072 uint32_t tofs2; 1073 /* XXX this magic can probably be figured out from the RFMD docs */ 1074#ifndef ATW_REFSLAVE 1075 tofs2 = LSHIFT(4, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1076 LSHIFT(13, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1077 LSHIFT(8, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1078 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1079 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1080 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1081 LSHIFT(4, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1082 LSHIFT(5, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1083#else 1084 /* XXX new magic from reference driver source */ 1085 tofs2 = LSHIFT(8, ATW_TOFS2_PWR1UP_MASK) | /* 8 ms = 4 * 2 ms */ 1086 LSHIFT(8, ATW_TOFS2_PWR0PAPE_MASK) | /* 13 us */ 1087 LSHIFT(1, ATW_TOFS2_PWR1PAPE_MASK) | /* 8 us */ 1088 LSHIFT(5, ATW_TOFS2_PWR0TRSW_MASK) | /* 5 us */ 1089 LSHIFT(12, ATW_TOFS2_PWR1TRSW_MASK) | /* 12 us */ 1090 LSHIFT(13, ATW_TOFS2_PWR0PE2_MASK) | /* 13 us */ 1091 LSHIFT(1, ATW_TOFS2_PWR1PE2_MASK) | /* 4 us */ 1092 LSHIFT(8, ATW_TOFS2_PWR0TXPE_MASK); /* 5 us */ 1093#endif 1094 ATW_WRITE(sc, ATW_TOFS2, tofs2); 1095} 1096 1097static void 1098atw_nar_init(struct atw_softc *sc) 1099{ 1100 ATW_WRITE(sc, ATW_NAR, ATW_NAR_SF|ATW_NAR_PB); 1101} 1102 1103static void 1104atw_txlmt_init(struct atw_softc *sc) 1105{ 1106 ATW_WRITE(sc, ATW_TXLMT, LSHIFT(512, ATW_TXLMT_MTMLT_MASK) | 1107 LSHIFT(1, ATW_TXLMT_SRTYLIM_MASK)); 1108} 1109 1110static void 1111atw_test1_init(struct atw_softc *sc) 1112{ 1113 uint32_t test1; 1114 1115 test1 = ATW_READ(sc, ATW_TEST1); 1116 test1 &= ~(ATW_TEST1_DBGREAD_MASK|ATW_TEST1_CONTROL); 1117 /* XXX magic 0x1 */ 1118 test1 |= LSHIFT(0x1, ATW_TEST1_DBGREAD_MASK) | ATW_TEST1_CONTROL; 1119 ATW_WRITE(sc, ATW_TEST1, test1); 1120} 1121 1122static void 1123atw_rf_reset(struct atw_softc *sc) 1124{ 1125 /* XXX this resets an Intersil RF front-end? */ 1126 /* TBD condition on Intersil RFType? */ 1127 ATW_WRITE(sc, ATW_SYNRF, ATW_SYNRF_INTERSIL_EN); 1128 DELAY(atw_rf_delay1); 1129 ATW_WRITE(sc, ATW_SYNRF, 0); 1130 DELAY(atw_rf_delay2); 1131} 1132 1133/* Set 16 TU max duration for the contention-free period (CFP). */ 1134static void 1135atw_cfp_init(struct atw_softc *sc) 1136{ 1137 uint32_t cfpp; 1138 1139 cfpp = ATW_READ(sc, ATW_CFPP); 1140 cfpp &= ~ATW_CFPP_CFPMD; 1141 cfpp |= LSHIFT(16, ATW_CFPP_CFPMD); 1142 ATW_WRITE(sc, ATW_CFPP, cfpp); 1143} 1144 1145static void 1146atw_tofs0_init(struct atw_softc *sc) 1147{ 1148 /* XXX I guess that the Cardbus clock is 22MHz? 1149 * I am assuming that the role of ATW_TOFS0_USCNT is 1150 * to divide the bus clock to get a 1MHz clock---the datasheet is not 1151 * very clear on this point. It says in the datasheet that it is 1152 * possible for the ADM8211 to accomodate bus speeds between 22MHz 1153 * and 33MHz; maybe this is the way? I see a binary-only driver write 1154 * these values. These values are also the power-on default. 1155 */ 1156 ATW_WRITE(sc, ATW_TOFS0, 1157 LSHIFT(22, ATW_TOFS0_USCNT_MASK) | 1158 ATW_TOFS0_TUCNT_MASK /* set all bits in TUCNT */); 1159} 1160 1161/* Initialize interframe spacing: 802.11b slot time, SIFS, DIFS, EIFS. */ 1162static void 1163atw_ifs_init(struct atw_softc *sc) 1164{ 1165 uint32_t ifst; 1166 /* XXX EIFS=0x64, SIFS=110 are used by the reference driver. 1167 * Go figure. 1168 */ 1169 ifst = LSHIFT(IEEE80211_DUR_DS_SLOT, ATW_IFST_SLOT_MASK) | 1170 LSHIFT(22 * 5 /* IEEE80211_DUR_DS_SIFS */ /* # of 22MHz cycles */, 1171 ATW_IFST_SIFS_MASK) | 1172 LSHIFT(IEEE80211_DUR_DS_DIFS, ATW_IFST_DIFS_MASK) | 1173 LSHIFT(0x64 /* IEEE80211_DUR_DS_EIFS */, ATW_IFST_EIFS_MASK); 1174 1175 ATW_WRITE(sc, ATW_IFST, ifst); 1176} 1177 1178static void 1179atw_response_times_init(struct atw_softc *sc) 1180{ 1181 /* XXX More magic. Relates to ACK timing? The datasheet seems to 1182 * indicate that the MAC expects at least SIFS + MIRT microseconds 1183 * to pass after it transmits a frame that requires a response; 1184 * it waits at most SIFS + MART microseconds for the response. 1185 * Surely this is not the ACK timeout? 1186 */ 1187 ATW_WRITE(sc, ATW_RSPT, LSHIFT(0xffff, ATW_RSPT_MART_MASK) | 1188 LSHIFT(0xff, ATW_RSPT_MIRT_MASK)); 1189} 1190 1191/* Set up the MMI read/write addresses for the baseband. The Tx/Rx 1192 * engines read and write baseband registers after Rx and before 1193 * Tx, respectively. 1194 */ 1195static void 1196atw_bbp_io_init(struct atw_softc *sc) 1197{ 1198 uint32_t mmiraddr2; 1199 1200 /* XXX The reference driver does this, but is it *really* 1201 * necessary? 1202 */ 1203 switch (sc->sc_rev) { 1204 case ATW_REVISION_AB: 1205 case ATW_REVISION_AF: 1206 mmiraddr2 = 0x0; 1207 break; 1208 default: 1209 mmiraddr2 = ATW_READ(sc, ATW_MMIRADDR2); 1210 mmiraddr2 &= 1211 ~(ATW_MMIRADDR2_PROREXT|ATW_MMIRADDR2_PRORLEN_MASK); 1212 break; 1213 } 1214 1215 switch (sc->sc_bbptype) { 1216 case ATW_BBPTYPE_INTERSIL: 1217 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_INTERSIL); 1218 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_INTERSIL); 1219 mmiraddr2 |= ATW_MMIRADDR2_INTERSIL; 1220 break; 1221 case ATW_BBPTYPE_MARVEL: 1222 /* TBD find out the Marvel settings. */ 1223 break; 1224 case ATW_BBPTYPE_RFMD: 1225 default: 1226 ATW_WRITE(sc, ATW_MMIWADDR, ATW_MMIWADDR_RFMD); 1227 ATW_WRITE(sc, ATW_MMIRADDR1, ATW_MMIRADDR1_RFMD); 1228 mmiraddr2 |= ATW_MMIRADDR2_RFMD; 1229 break; 1230 } 1231 ATW_WRITE(sc, ATW_MMIRADDR2, mmiraddr2); 1232 ATW_WRITE(sc, ATW_MACTEST, ATW_MACTEST_MMI_USETXCLK); 1233} 1234 1235/* 1236 * atw_init: [ ifnet interface function ] 1237 * 1238 * Initialize the interface. Must be called at splnet(). 1239 */ 1240int 1241atw_init(struct ifnet *ifp) 1242{ 1243 struct atw_softc *sc = ifp->if_softc; 1244 struct ieee80211com *ic = &sc->sc_ic; 1245 struct atw_txsoft *txs; 1246 struct atw_rxsoft *rxs; 1247 int i, error = 0; 1248 1249 if ((error = atw_enable(sc)) != 0) 1250 goto out; 1251 1252 /* 1253 * Cancel any pending I/O. This also resets. 1254 */ 1255 atw_stop(ifp, 0); 1256 1257 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 1258 DPRINTF(sc, ("%s: channel %d freq %d flags 0x%04x\n", 1259 __func__, ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan), 1260 ic->ic_bss->ni_chan->ic_freq, ic->ic_bss->ni_chan->ic_flags)); 1261 1262 atw_wcsr_init(sc); 1263 1264 atw_cmdr_init(sc); 1265 1266 /* Set data rate for PLCP Signal field, 1Mbps = 10 x 100Kb/s. 1267 * 1268 * XXX Set transmit power for ATIM, RTS, Beacon. 1269 */ 1270 ATW_WRITE(sc, ATW_PLCPHD, LSHIFT(10, ATW_PLCPHD_SIGNAL_MASK) | 1271 LSHIFT(0xb0, ATW_PLCPHD_SERVICE_MASK)); 1272 1273 atw_tofs2_init(sc); 1274 1275 atw_nar_init(sc); 1276 1277 atw_txlmt_init(sc); 1278 1279 atw_test1_init(sc); 1280 1281 atw_rf_reset(sc); 1282 1283 atw_cfp_init(sc); 1284 1285 atw_tofs0_init(sc); 1286 1287 atw_ifs_init(sc); 1288 1289 /* XXX Fall asleep after one second of inactivity. 1290 * XXX A frame may only dribble in for 65536us. 1291 */ 1292 ATW_WRITE(sc, ATW_RMD, 1293 LSHIFT(1, ATW_RMD_PCNT) | LSHIFT(0xffff, ATW_RMD_RMRD_MASK)); 1294 1295 atw_response_times_init(sc); 1296 1297 atw_bbp_io_init(sc); 1298 1299 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1300 1301 if ((error = atw_rf3000_init(sc)) != 0) 1302 goto out; 1303 1304 ATW_WRITE(sc, ATW_PAR, sc->sc_busmode); 1305 DPRINTF(sc, ("%s: ATW_PAR %08x busmode %08x\n", sc->sc_dev.dv_xname, 1306 ATW_READ(sc, ATW_PAR), sc->sc_busmode)); 1307 1308 /* 1309 * Initialize the transmit descriptor ring. 1310 */ 1311 memset(sc->sc_txdescs, 0, sizeof(sc->sc_txdescs)); 1312 for (i = 0; i < ATW_NTXDESC; i++) { 1313 sc->sc_txdescs[i].at_ctl = 0; 1314 /* no transmit chaining */ 1315 sc->sc_txdescs[i].at_flags = 0 /* ATW_TXFLAG_TCH */; 1316 sc->sc_txdescs[i].at_buf2 = 1317 htole32(ATW_CDTXADDR(sc, ATW_NEXTTX(i))); 1318 } 1319 /* use ring mode */ 1320 sc->sc_txdescs[ATW_NTXDESC - 1].at_flags |= htole32(ATW_TXFLAG_TER); 1321 ATW_CDTXSYNC(sc, 0, ATW_NTXDESC, 1322 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 1323 sc->sc_txfree = ATW_NTXDESC; 1324 sc->sc_txnext = 0; 1325 1326 /* 1327 * Initialize the transmit job descriptors. 1328 */ 1329 SIMPLEQ_INIT(&sc->sc_txfreeq); 1330 SIMPLEQ_INIT(&sc->sc_txdirtyq); 1331 for (i = 0; i < ATW_TXQUEUELEN; i++) { 1332 txs = &sc->sc_txsoft[i]; 1333 txs->txs_mbuf = NULL; 1334 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 1335 } 1336 1337 /* 1338 * Initialize the receive descriptor and receive job 1339 * descriptor rings. 1340 */ 1341 for (i = 0; i < ATW_NRXDESC; i++) { 1342 rxs = &sc->sc_rxsoft[i]; 1343 if (rxs->rxs_mbuf == NULL) { 1344 if ((error = atw_add_rxbuf(sc, i)) != 0) { 1345 printf("%s: unable to allocate or map rx " 1346 "buffer %d, error = %d\n", 1347 sc->sc_dev.dv_xname, i, error); 1348 /* 1349 * XXX Should attempt to run with fewer receive 1350 * XXX buffers instead of just failing. 1351 */ 1352 atw_rxdrain(sc); 1353 goto out; 1354 } 1355 } else 1356 ATW_INIT_RXDESC(sc, i); 1357 } 1358 sc->sc_rxptr = 0; 1359 1360 /* 1361 * Initialize the interrupt mask and enable interrupts. 1362 */ 1363 /* normal interrupts */ 1364 sc->sc_inten = ATW_INTR_TCI | ATW_INTR_TDU | ATW_INTR_RCI | 1365 ATW_INTR_NISS | ATW_INTR_LINKON | ATW_INTR_BCNTC; 1366 1367 /* abnormal interrupts */ 1368 sc->sc_inten |= ATW_INTR_TPS | ATW_INTR_TLT | ATW_INTR_TRT | 1369 ATW_INTR_TUF | ATW_INTR_RDU | ATW_INTR_RPS | ATW_INTR_AISS | 1370 ATW_INTR_FBE | ATW_INTR_LINKOFF | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1371 1372 sc->sc_linkint_mask = ATW_INTR_LINKON | ATW_INTR_LINKOFF | 1373 ATW_INTR_BCNTC | ATW_INTR_TSFTF | ATW_INTR_TSCZ; 1374 sc->sc_rxint_mask = ATW_INTR_RCI | ATW_INTR_RDU; 1375 sc->sc_txint_mask = ATW_INTR_TCI | ATW_INTR_TUF | ATW_INTR_TLT | 1376 ATW_INTR_TRT; 1377 1378 sc->sc_linkint_mask &= sc->sc_inten; 1379 sc->sc_rxint_mask &= sc->sc_inten; 1380 sc->sc_txint_mask &= sc->sc_inten; 1381 1382 ATW_WRITE(sc, ATW_IER, sc->sc_inten); 1383 ATW_WRITE(sc, ATW_STSR, 0xffffffff); 1384 1385 DPRINTF(sc, ("%s: ATW_IER %08x, inten %08x\n", 1386 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_IER), sc->sc_inten)); 1387 1388 /* 1389 * Give the transmit and receive rings to the ADM8211. 1390 */ 1391 ATW_WRITE(sc, ATW_RDB, ATW_CDRXADDR(sc, sc->sc_rxptr)); 1392 ATW_WRITE(sc, ATW_TDBD, ATW_CDTXADDR(sc, sc->sc_txnext)); 1393 1394 sc->sc_txthresh = 0; 1395 sc->sc_opmode = ATW_NAR_SR | ATW_NAR_ST | 1396 sc->sc_txth[sc->sc_txthresh].txth_opmode; 1397 1398 /* common 802.11 configuration */ 1399 ic->ic_flags &= ~IEEE80211_F_IBSSON; 1400 switch (ic->ic_opmode) { 1401 case IEEE80211_M_STA: 1402 break; 1403 case IEEE80211_M_AHDEMO: /* XXX */ 1404 case IEEE80211_M_IBSS: 1405 ic->ic_flags |= IEEE80211_F_IBSSON; 1406 /*FALLTHROUGH*/ 1407 case IEEE80211_M_HOSTAP: /* XXX */ 1408 break; 1409 case IEEE80211_M_MONITOR: /* XXX */ 1410 break; 1411 } 1412 1413 switch (ic->ic_opmode) { 1414 case IEEE80211_M_AHDEMO: 1415 case IEEE80211_M_HOSTAP: 1416#ifndef IEEE80211_NO_HOSTAP 1417 ic->ic_bss->ni_intval = ic->ic_lintval; 1418 ic->ic_bss->ni_rssi = 0; 1419 ic->ic_bss->ni_rstamp = 0; 1420#endif /* !IEEE80211_NO_HOSTAP */ 1421 break; 1422 default: /* XXX */ 1423 break; 1424 } 1425 1426 sc->sc_wepctl = 0; 1427 1428 atw_write_ssid(sc); 1429 atw_write_sup_rates(sc); 1430 if (ic->ic_caps & IEEE80211_C_WEP) 1431 atw_write_wep(sc); 1432 1433 ic->ic_state = IEEE80211_S_INIT; 1434 1435 /* 1436 * Set the receive filter. This will start the transmit and 1437 * receive processes. 1438 */ 1439 atw_filter_setup(sc); 1440 1441 /* 1442 * Start the receive process. 1443 */ 1444 ATW_WRITE(sc, ATW_RDR, 0x1); 1445 1446 /* 1447 * Note that the interface is now running. 1448 */ 1449 ifp->if_flags |= IFF_RUNNING; 1450 ifp->if_flags &= ~IFF_OACTIVE; 1451 1452 /* send no beacons, yet. */ 1453 atw_start_beacon(sc, 0); 1454 1455 if (ic->ic_opmode == IEEE80211_M_MONITOR) 1456 error = ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 1457 else 1458 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 1459 out: 1460 if (error) { 1461 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1462 ifp->if_timer = 0; 1463 printf("%s: interface not running\n", sc->sc_dev.dv_xname); 1464 } 1465#ifdef ATW_DEBUG 1466 atw_print_regs(sc, "end of init"); 1467#endif /* ATW_DEBUG */ 1468 1469 return (error); 1470} 1471 1472/* enable == 1: host control of RF3000/Si4126 through ATW_SYNCTL. 1473 * 0: MAC control of RF3000/Si4126. 1474 * 1475 * Applies power, or selects RF front-end? Sets reset condition. 1476 * 1477 * TBD support non-RFMD BBP, non-SiLabs synth. 1478 */ 1479static void 1480atw_bbp_io_enable(struct atw_softc *sc, int enable) 1481{ 1482 if (enable) { 1483 ATW_WRITE(sc, ATW_SYNRF, 1484 ATW_SYNRF_SELRF|ATW_SYNRF_PE1|ATW_SYNRF_PHYRST); 1485 DELAY(atw_bbp_io_enable_delay); 1486 } else { 1487 ATW_WRITE(sc, ATW_SYNRF, 0); 1488 DELAY(atw_bbp_io_disable_delay); /* shorter for some reason */ 1489 } 1490} 1491 1492static int 1493atw_tune(struct atw_softc *sc) 1494{ 1495 int rc; 1496 u_int chan; 1497 struct ieee80211com *ic = &sc->sc_ic; 1498 1499 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 1500 if (chan == IEEE80211_CHAN_ANY) 1501 panic("%s: chan == IEEE80211_CHAN_ANY\n", __func__); 1502 1503 if (chan == sc->sc_cur_chan) 1504 return 0; 1505 1506 DPRINTF(sc, ("%s: chan %d -> %d\n", sc->sc_dev.dv_xname, 1507 sc->sc_cur_chan, chan)); 1508 1509 atw_idle(sc, ATW_NAR_SR|ATW_NAR_ST); 1510 1511 atw_si4126_tune(sc, chan); 1512 if ((rc = atw_rf3000_tune(sc, chan)) != 0) 1513 printf("%s: failed to tune channel %d\n", sc->sc_dev.dv_xname, 1514 chan); 1515 1516 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 1517 DELAY(atw_nar_delay); 1518 ATW_WRITE(sc, ATW_RDR, 0x1); 1519 1520 if (rc == 0) 1521 sc->sc_cur_chan = chan; 1522 1523 return rc; 1524} 1525 1526#ifdef ATW_SYNDEBUG 1527static void 1528atw_si4126_print(struct atw_softc *sc) 1529{ 1530 struct ifnet *ifp = &sc->sc_if; 1531 u_int addr, val; 1532 1533 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1534 return; 1535 1536 for (addr = 0; addr <= 8; addr++) { 1537 printf("%s: synth[%d] = ", sc->sc_dev.dv_xname, addr); 1538 if (atw_si4126_read(sc, addr, &val) == 0) { 1539 printf("<unknown> (quitting print-out)\n"); 1540 break; 1541 } 1542 printf("%05x\n", val); 1543 } 1544} 1545#endif /* ATW_SYNDEBUG */ 1546 1547/* Tune to channel chan by adjusting the Si4126 RF/IF synthesizer. 1548 * 1549 * The RF/IF synthesizer produces two reference frequencies for 1550 * the RF2948B transceiver. The first frequency the RF2948B requires 1551 * is two times the so-called "intermediate frequency" (IF). Since 1552 * a SAW filter on the radio fixes the IF at 374MHz, I program the 1553 * Si4126 to generate IF LO = 374MHz x 2 = 748MHz. The second 1554 * frequency required by the transceiver is the radio frequency 1555 * (RF). This is a superheterodyne transceiver; for f(chan) the 1556 * center frequency of the channel we are tuning, RF = f(chan) - 1557 * IF. 1558 * 1559 * XXX I am told by SiLabs that the Si4126 will accept a broader range 1560 * of XIN than the 2-25MHz mentioned by the datasheet, even *without* 1561 * XINDIV2 = 1. I've tried this (it is necessary to double R) and it 1562 * works, but I have still programmed for XINDIV2 = 1 to be safe. 1563 */ 1564static void 1565atw_si4126_tune(struct atw_softc *sc, u_int chan) 1566{ 1567 u_int mhz; 1568 u_int R; 1569 u_int32_t gpio; 1570 u_int16_t gain; 1571 1572#ifdef ATW_SYNDEBUG 1573 atw_si4126_print(sc); 1574#endif /* ATW_SYNDEBUG */ 1575 1576 if (chan == 14) 1577 mhz = 2484; 1578 else 1579 mhz = 2412 + 5 * (chan - 1); 1580 1581 /* Tune IF to 748MHz to suit the IF LO input of the 1582 * RF2494B, which is 2 x IF. No need to set an IF divider 1583 * because an IF in 526MHz - 952MHz is allowed. 1584 * 1585 * XIN is 44.000MHz, so divide it by two to get allowable 1586 * range of 2-25MHz. SiLabs tells me that this is not 1587 * strictly necessary. 1588 */ 1589 1590 if (atw_xindiv2) 1591 R = 44; 1592 else 1593 R = 88; 1594 1595 /* Power-up RF, IF synthesizers. */ 1596 atw_si4126_write(sc, SI4126_POWER, 1597 SI4126_POWER_PDIB|SI4126_POWER_PDRB); 1598 1599 /* set LPWR, too? */ 1600 atw_si4126_write(sc, SI4126_MAIN, 1601 (atw_xindiv2) ? SI4126_MAIN_XINDIV2 : 0); 1602 1603 /* Set the phase-locked loop gain. If RF2 N > 2047, then 1604 * set KP2 to 1. 1605 * 1606 * REFDIF This is different from the reference driver, which 1607 * always sets SI4126_GAIN to 0. 1608 */ 1609 gain = LSHIFT(((mhz - 374) > 2047) ? 1 : 0, SI4126_GAIN_KP2_MASK); 1610 1611 atw_si4126_write(sc, SI4126_GAIN, gain); 1612 1613 /* XIN = 44MHz. 1614 * 1615 * If XINDIV2 = 1, IF = N/(2 * R) * XIN. I choose N = 1496, 1616 * R = 44 so that 1496/(2 * 44) * 44MHz = 748MHz. 1617 * 1618 * If XINDIV2 = 0, IF = N/R * XIN. I choose N = 1496, R = 88 1619 * so that 1496/88 * 44MHz = 748MHz. 1620 */ 1621 atw_si4126_write(sc, SI4126_IFN, 1496); 1622 1623 atw_si4126_write(sc, SI4126_IFR, R); 1624 1625#ifndef ATW_REFSLAVE 1626 /* Set RF1 arbitrarily. DO NOT configure RF1 after RF2, because 1627 * then RF1 becomes the active RF synthesizer, even on the Si4126, 1628 * which has no RF1! 1629 */ 1630 atw_si4126_write(sc, SI4126_RF1R, R); 1631 1632 atw_si4126_write(sc, SI4126_RF1N, mhz - 374); 1633#endif 1634 1635 /* N/R * XIN = RF. XIN = 44MHz. We desire RF = mhz - IF, 1636 * where IF = 374MHz. Let's divide XIN to 1MHz. So R = 44. 1637 * Now let's multiply it to mhz. So mhz - IF = N. 1638 */ 1639 atw_si4126_write(sc, SI4126_RF2R, R); 1640 1641 atw_si4126_write(sc, SI4126_RF2N, mhz - 374); 1642 1643 /* wait 100us from power-up for RF, IF to settle */ 1644 DELAY(100); 1645 1646 gpio = ATW_READ(sc, ATW_GPIO); 1647 gpio &= ~(ATW_GPIO_EN_MASK|ATW_GPIO_O_MASK|ATW_GPIO_I_MASK); 1648 gpio |= LSHIFT(1, ATW_GPIO_EN_MASK); 1649 1650 if ((sc->sc_if.if_flags & IFF_LINK1) != 0 && chan != 14) { 1651 /* Set a Prism RF front-end to a special mode for channel 14? 1652 * 1653 * Apparently the SMC2635W needs this, although I don't think 1654 * it has a Prism RF. 1655 */ 1656 gpio |= LSHIFT(1, ATW_GPIO_O_MASK); 1657 } 1658 ATW_WRITE(sc, ATW_GPIO, gpio); 1659 1660#ifdef ATW_SYNDEBUG 1661 atw_si4126_print(sc); 1662#endif /* ATW_SYNDEBUG */ 1663} 1664 1665/* Baseline initialization of RF3000 BBP: set CCA mode and enable antenna 1666 * diversity. 1667 * 1668 * !!! 1669 * !!! Call this w/ Tx/Rx suspended, atw_idle(, ATW_NAR_ST|ATW_NAR_SR). 1670 * !!! 1671 */ 1672static int 1673atw_rf3000_init(struct atw_softc *sc) 1674{ 1675 int rc = 0; 1676 1677 atw_bbp_io_enable(sc, 1); 1678 1679 /* CCA is acquisition sensitive */ 1680 rc = atw_rf3000_write(sc, RF3000_CCACTL, 1681 LSHIFT(RF3000_CCACTL_MODE_BOTH, RF3000_CCACTL_MODE_MASK)); 1682 1683 if (rc != 0) 1684 goto out; 1685 1686 /* enable diversity */ 1687 rc = atw_rf3000_write(sc, RF3000_DIVCTL, RF3000_DIVCTL_ENABLE); 1688 1689 if (rc != 0) 1690 goto out; 1691 1692 /* sensible setting from a binary-only driver */ 1693 rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1694 LSHIFT(0x1d, RF3000_GAINCTL_TXVGC_MASK)); 1695 1696 if (rc != 0) 1697 goto out; 1698 1699 /* magic from a binary-only driver */ 1700 rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, 1701 LSHIFT(0x38, RF3000_LOGAINCAL_CAL_MASK)); 1702 1703 if (rc != 0) 1704 goto out; 1705 1706 rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, RF3000_HIGAINCAL_DSSSPAD); 1707 1708 if (rc != 0) 1709 goto out; 1710 1711 /* XXX Reference driver remarks that Abocom sets this to 50. 1712 * Meaning 0x50, I think.... 50 = 0x32, which would set a bit 1713 * in the "reserved" area of register RF3000_OPTIONS1. 1714 */ 1715 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, sc->sc_rf3000_options1); 1716 1717 if (rc != 0) 1718 goto out; 1719 1720 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, sc->sc_rf3000_options2); 1721 1722 if (rc != 0) 1723 goto out; 1724 1725out: 1726 atw_bbp_io_enable(sc, 0); 1727 return rc; 1728} 1729 1730#ifdef ATW_BBPDEBUG 1731static void 1732atw_rf3000_print(struct atw_softc *sc) 1733{ 1734 struct ifnet *ifp = &sc->sc_if; 1735 u_int addr, val; 1736 1737 if (atw_debug < 3 || (ifp->if_flags & IFF_DEBUG) == 0) 1738 return; 1739 1740 for (addr = 0x01; addr <= 0x15; addr++) { 1741 printf("%s: bbp[%d] = \n", sc->sc_dev.dv_xname, addr); 1742 if (atw_rf3000_read(sc, addr, &val) != 0) { 1743 printf("<unknown> (quitting print-out)\n"); 1744 break; 1745 } 1746 printf("%08x\n", val); 1747 } 1748} 1749#endif /* ATW_BBPDEBUG */ 1750 1751/* Set the power settings on the BBP for channel `chan'. */ 1752static int 1753atw_rf3000_tune(struct atw_softc *sc, u_int chan) 1754{ 1755 int rc = 0; 1756 u_int32_t reg; 1757 u_int16_t txpower, lpf_cutoff, lna_gs_thresh; 1758 1759 txpower = sc->sc_srom[ATW_SR_TXPOWER(chan)]; 1760 lpf_cutoff = sc->sc_srom[ATW_SR_LPF_CUTOFF(chan)]; 1761 lna_gs_thresh = sc->sc_srom[ATW_SR_LNA_GS_THRESH(chan)]; 1762 1763 /* odd channels: LSB, even channels: MSB */ 1764 if (chan % 2 == 1) { 1765 txpower &= 0xFF; 1766 lpf_cutoff &= 0xFF; 1767 lna_gs_thresh &= 0xFF; 1768 } else { 1769 txpower >>= 8; 1770 lpf_cutoff >>= 8; 1771 lna_gs_thresh >>= 8; 1772 } 1773 1774#ifdef ATW_BBPDEBUG 1775 atw_rf3000_print(sc); 1776#endif /* ATW_BBPDEBUG */ 1777 1778 DPRINTF(sc, ("%s: chan %d txpower %02x, lpf_cutoff %02x, " 1779 "lna_gs_thresh %02x\n", 1780 sc->sc_dev.dv_xname, chan, txpower, lpf_cutoff, lna_gs_thresh)); 1781 1782 atw_bbp_io_enable(sc, 1); 1783 1784 if ((rc = atw_rf3000_write(sc, RF3000_GAINCTL, 1785 LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK))) != 0) 1786 goto out; 1787 1788 if ((rc = atw_rf3000_write(sc, RF3000_LOGAINCAL, lpf_cutoff)) != 0) 1789 goto out; 1790 1791 if ((rc = atw_rf3000_write(sc, RF3000_HIGAINCAL, lna_gs_thresh)) != 0) 1792 goto out; 1793 1794 rc = atw_rf3000_write(sc, RF3000_OPTIONS1, 0x0); 1795 1796 if (rc != 0) 1797 goto out; 1798 1799 rc = atw_rf3000_write(sc, RF3000_OPTIONS2, RF3000_OPTIONS2_LNAGS_DELAY); 1800 1801 if (rc != 0) 1802 goto out; 1803 1804#ifdef ATW_BBPDEBUG 1805 atw_rf3000_print(sc); 1806#endif /* ATW_BBPDEBUG */ 1807 1808out: 1809 atw_bbp_io_enable(sc, 0); 1810 1811 /* set beacon, rts, atim transmit power */ 1812 reg = ATW_READ(sc, ATW_PLCPHD); 1813 reg &= ~ATW_PLCPHD_SERVICE_MASK; 1814 reg |= LSHIFT(LSHIFT(txpower, RF3000_GAINCTL_TXVGC_MASK), 1815 ATW_PLCPHD_SERVICE_MASK); 1816 ATW_WRITE(sc, ATW_PLCPHD, reg); 1817 DELAY(atw_plcphd_delay); 1818 1819 return rc; 1820} 1821 1822/* Write a register on the RF3000 baseband processor using the 1823 * registers provided by the ADM8211 for this purpose. 1824 * 1825 * Return 0 on success. 1826 */ 1827static int 1828atw_rf3000_write(struct atw_softc *sc, u_int addr, u_int val) 1829{ 1830 u_int32_t reg; 1831 int i; 1832 1833 reg = sc->sc_bbpctl_wr | 1834 LSHIFT(val & 0xff, ATW_BBPCTL_DATA_MASK) | 1835 LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1836 1837 for (i = 20000 / atw_pseudo_milli; --i >= 0; ) { 1838 ATW_WRITE(sc, ATW_BBPCTL, reg); 1839 DELAY(2 * atw_pseudo_milli); 1840 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_WR) == 0) 1841 break; 1842 } 1843 1844 if (i < 0) { 1845 printf("%s: BBPCTL still busy\n", sc->sc_dev.dv_xname); 1846 return ETIMEDOUT; 1847 } 1848 return 0; 1849} 1850 1851/* Read a register on the RF3000 baseband processor using the registers 1852 * the ADM8211 provides for this purpose. 1853 * 1854 * The 7-bit register address is addr. Record the 8-bit data in the register 1855 * in *val. 1856 * 1857 * Return 0 on success. 1858 * 1859 * XXX This does not seem to work. The ADM8211 must require more or 1860 * different magic to read the chip than to write it. Possibly some 1861 * of the magic I have derived from a binary-only driver concerns 1862 * the "chip address" (see the RF3000 manual). 1863 */ 1864#ifdef ATW_BBPDEBUG 1865static int 1866atw_rf3000_read(struct atw_softc *sc, u_int addr, u_int *val) 1867{ 1868 u_int32_t reg; 1869 int i; 1870 1871 for (i = 1000; --i >= 0; ) { 1872 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD|ATW_BBPCTL_WR) == 0) 1873 break; 1874 DELAY(100); 1875 } 1876 1877 if (i < 0) { 1878 printf("%s: start atw_rf3000_read, BBPCTL busy\n", 1879 sc->sc_dev.dv_xname); 1880 return ETIMEDOUT; 1881 } 1882 1883 reg = sc->sc_bbpctl_rd | LSHIFT(addr & 0x7f, ATW_BBPCTL_ADDR_MASK); 1884 1885 ATW_WRITE(sc, ATW_BBPCTL, reg); 1886 1887 for (i = 1000; --i >= 0; ) { 1888 DELAY(100); 1889 if (ATW_ISSET(sc, ATW_BBPCTL, ATW_BBPCTL_RD) == 0) 1890 break; 1891 } 1892 1893 ATW_CLR(sc, ATW_BBPCTL, ATW_BBPCTL_RD); 1894 1895 if (i < 0) { 1896 printf("%s: atw_rf3000_read wrote %08x; BBPCTL still busy\n", 1897 sc->sc_dev.dv_xname, reg); 1898 return ETIMEDOUT; 1899 } 1900 if (val != NULL) 1901 *val = MASK_AND_RSHIFT(reg, ATW_BBPCTL_DATA_MASK); 1902 return 0; 1903} 1904#endif /* ATW_BBPDEBUG */ 1905 1906/* Write a register on the Si4126 RF/IF synthesizer using the registers 1907 * provided by the ADM8211 for that purpose. 1908 * 1909 * val is 18 bits of data, and val is the 4-bit address of the register. 1910 * 1911 * Return 0 on success. 1912 */ 1913static void 1914atw_si4126_write(struct atw_softc *sc, u_int addr, u_int val) 1915{ 1916 uint32_t bits, mask, reg; 1917 const int nbits = 22; 1918 1919 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1920 KASSERT((val & ~PRESHIFT(SI4126_TWI_DATA_MASK)) == 0); 1921 1922 bits = LSHIFT(val, SI4126_TWI_DATA_MASK) | 1923 LSHIFT(addr, SI4126_TWI_ADDR_MASK); 1924 1925 reg = ATW_SYNRF_SELSYN; 1926 /* reference driver: reset Si4126 serial bus to initial 1927 * conditions? 1928 */ 1929 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1930 ATW_WRITE(sc, ATW_SYNRF, reg); 1931 1932 for (mask = BIT(nbits - 1); mask != 0; mask >>= 1) { 1933 if ((bits & mask) != 0) 1934 reg |= ATW_SYNRF_SYNDATA; 1935 else 1936 reg &= ~ATW_SYNRF_SYNDATA; 1937 ATW_WRITE(sc, ATW_SYNRF, reg); 1938 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_SYNCLK); 1939 ATW_WRITE(sc, ATW_SYNRF, reg); 1940 } 1941 ATW_WRITE(sc, ATW_SYNRF, reg | ATW_SYNRF_LEIF); 1942 ATW_WRITE(sc, ATW_SYNRF, 0x0); 1943} 1944 1945/* Read 18-bit data from the 4-bit address addr in Si4126 1946 * RF synthesizer and write the data to *val. Return 0 on success. 1947 * 1948 * XXX This does not seem to work. The ADM8211 must require more or 1949 * different magic to read the chip than to write it. 1950 */ 1951#ifdef ATW_SYNDEBUG 1952static int 1953atw_si4126_read(struct atw_softc *sc, u_int addr, u_int *val) 1954{ 1955 u_int32_t reg; 1956 int i; 1957 1958 KASSERT((addr & ~PRESHIFT(SI4126_TWI_ADDR_MASK)) == 0); 1959 1960 for (i = 1000; --i >= 0; ) { 1961 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD|ATW_SYNCTL_WR) == 0) 1962 break; 1963 DELAY(100); 1964 } 1965 1966 if (i < 0) { 1967 printf("%s: start atw_si4126_read, SYNCTL busy\n", 1968 sc->sc_dev.dv_xname); 1969 return ETIMEDOUT; 1970 } 1971 1972 reg = sc->sc_synctl_rd | LSHIFT(addr, ATW_SYNCTL_DATA_MASK); 1973 1974 ATW_WRITE(sc, ATW_SYNCTL, reg); 1975 1976 for (i = 1000; --i >= 0; ) { 1977 DELAY(100); 1978 if (ATW_ISSET(sc, ATW_SYNCTL, ATW_SYNCTL_RD) == 0) 1979 break; 1980 } 1981 1982 ATW_CLR(sc, ATW_SYNCTL, ATW_SYNCTL_RD); 1983 1984 if (i < 0) { 1985 printf("%s: atw_si4126_read wrote %#08x, SYNCTL still busy\n", 1986 sc->sc_dev.dv_xname, reg); 1987 return ETIMEDOUT; 1988 } 1989 if (val != NULL) 1990 *val = MASK_AND_RSHIFT(ATW_READ(sc, ATW_SYNCTL), 1991 ATW_SYNCTL_DATA_MASK); 1992 return 0; 1993} 1994#endif /* ATW_SYNDEBUG */ 1995 1996/* XXX is the endianness correct? test. */ 1997#define atw_calchash(addr) \ 1998 (ether_crc32_le((addr), IEEE80211_ADDR_LEN) & BITS(5, 0)) 1999 2000/* 2001 * atw_filter_setup: 2002 * 2003 * Set the ADM8211's receive filter. 2004 */ 2005static void 2006atw_filter_setup(struct atw_softc *sc) 2007{ 2008 struct ieee80211com *ic = &sc->sc_ic; 2009 struct ethercom *ec = &sc->sc_ec; 2010 struct ifnet *ifp = &sc->sc_if; 2011 int hash; 2012 u_int32_t hashes[2]; 2013 struct ether_multi *enm; 2014 struct ether_multistep step; 2015 2016 /* According to comments in tlp_al981_filter_setup 2017 * (dev/ic/tulip.c) the ADMtek AL981 does not like for its 2018 * multicast filter to be set while it is running. Hopefully 2019 * the ADM8211 is not the same! 2020 */ 2021 if ((ifp->if_flags & IFF_RUNNING) != 0) 2022 atw_idle(sc, ATW_NAR_SR); 2023 2024 sc->sc_opmode &= ~(ATW_NAR_PR|ATW_NAR_MM); 2025 2026 /* XXX in scan mode, do not filter packets. Maybe this is 2027 * unnecessary. 2028 */ 2029 if (ic->ic_state == IEEE80211_S_SCAN || 2030 (ifp->if_flags & IFF_PROMISC) != 0) { 2031 sc->sc_opmode |= ATW_NAR_PR; 2032 goto allmulti; 2033 } 2034 2035 hashes[0] = hashes[1] = 0x0; 2036 2037 /* 2038 * Program the 64-bit multicast hash filter. 2039 */ 2040 ETHER_FIRST_MULTI(step, ec, enm); 2041 while (enm != NULL) { 2042 if (memcmp(enm->enm_addrlo, enm->enm_addrhi, 2043 ETHER_ADDR_LEN) != 0) 2044 goto allmulti; 2045 2046 hash = atw_calchash(enm->enm_addrlo); 2047 hashes[hash >> 5] |= 1 << (hash & 0x1f); 2048 ETHER_NEXT_MULTI(step, enm); 2049 sc->sc_opmode |= ATW_NAR_MM; 2050 } 2051 ifp->if_flags &= ~IFF_ALLMULTI; 2052 goto setit; 2053 2054allmulti: 2055 sc->sc_opmode |= ATW_NAR_MM; 2056 ifp->if_flags |= IFF_ALLMULTI; 2057 hashes[0] = hashes[1] = 0xffffffff; 2058 2059setit: 2060 ATW_WRITE(sc, ATW_MAR0, hashes[0]); 2061 ATW_WRITE(sc, ATW_MAR1, hashes[1]); 2062 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2063 DELAY(atw_nar_delay); 2064 2065 DPRINTF(sc, ("%s: ATW_NAR %08x opmode %08x\n", sc->sc_dev.dv_xname, 2066 ATW_READ(sc, ATW_NAR), sc->sc_opmode)); 2067} 2068 2069/* Tell the ADM8211 our preferred BSSID. The ADM8211 must match 2070 * a beacon's BSSID and SSID against the preferred BSSID and SSID 2071 * before it will raise ATW_INTR_LINKON. When the ADM8211 receives 2072 * no beacon with the preferred BSSID and SSID in the number of 2073 * beacon intervals given in ATW_BPLI, then it raises ATW_INTR_LINKOFF. 2074 */ 2075static void 2076atw_write_bssid(struct atw_softc *sc) 2077{ 2078 struct ieee80211com *ic = &sc->sc_ic; 2079 u_int8_t *bssid; 2080 2081 bssid = ic->ic_bss->ni_bssid; 2082 2083 ATW_WRITE(sc, ATW_BSSID0, 2084 LSHIFT(bssid[0], ATW_BSSID0_BSSIDB0_MASK) | 2085 LSHIFT(bssid[1], ATW_BSSID0_BSSIDB1_MASK) | 2086 LSHIFT(bssid[2], ATW_BSSID0_BSSIDB2_MASK) | 2087 LSHIFT(bssid[3], ATW_BSSID0_BSSIDB3_MASK)); 2088 2089 ATW_WRITE(sc, ATW_ABDA1, 2090 (ATW_READ(sc, ATW_ABDA1) & 2091 ~(ATW_ABDA1_BSSIDB4_MASK|ATW_ABDA1_BSSIDB5_MASK)) | 2092 LSHIFT(bssid[4], ATW_ABDA1_BSSIDB4_MASK) | 2093 LSHIFT(bssid[5], ATW_ABDA1_BSSIDB5_MASK)); 2094 2095 DPRINTF(sc, ("%s: BSSID %s -> ", sc->sc_dev.dv_xname, 2096 ether_sprintf(sc->sc_bssid))); 2097 DPRINTF(sc, ("%s\n", ether_sprintf(bssid))); 2098 2099 memcpy(sc->sc_bssid, bssid, sizeof(sc->sc_bssid)); 2100} 2101 2102/* Write buflen bytes from buf to SRAM starting at the SRAM's ofs'th 2103 * 16-bit word. 2104 */ 2105static void 2106atw_write_sram(struct atw_softc *sc, u_int ofs, u_int8_t *buf, u_int buflen) 2107{ 2108 u_int i; 2109 u_int8_t *ptr; 2110 2111 memcpy(&sc->sc_sram[ofs], buf, buflen); 2112 2113 KASSERT(ofs % 2 == 0 && buflen % 2 == 0); 2114 2115 KASSERT(buflen + ofs <= sc->sc_sramlen); 2116 2117 ptr = &sc->sc_sram[ofs]; 2118 2119 for (i = 0; i < buflen; i += 2) { 2120 ATW_WRITE(sc, ATW_WEPCTL, ATW_WEPCTL_WR | 2121 LSHIFT((ofs + i) / 2, ATW_WEPCTL_TBLADD_MASK)); 2122 DELAY(atw_writewep_delay); 2123 2124 ATW_WRITE(sc, ATW_WESK, 2125 LSHIFT((ptr[i + 1] << 8) | ptr[i], ATW_WESK_DATA_MASK)); 2126 DELAY(atw_writewep_delay); 2127 } 2128 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); /* restore WEP condition */ 2129 2130 if (sc->sc_if.if_flags & IFF_DEBUG) { 2131 int n_octets = 0; 2132 printf("%s: wrote %d bytes at 0x%x wepctl 0x%08x\n", 2133 sc->sc_dev.dv_xname, buflen, ofs, sc->sc_wepctl); 2134 for (i = 0; i < buflen; i++) { 2135 printf(" %02x", ptr[i]); 2136 if (++n_octets % 24 == 0) 2137 printf("\n"); 2138 } 2139 if (n_octets % 24 != 0) 2140 printf("\n"); 2141 } 2142} 2143 2144static int 2145atw_key_alloc(struct ieee80211com *ic, const struct ieee80211_key *k) 2146{ 2147 int keyix; 2148#ifdef ATW_DEBUG 2149 struct atw_softc *sc = ic->ic_ifp->if_softc; 2150#endif 2151 2152 if (&ic->ic_nw_keys[0] <= k && k < &ic->ic_nw_keys[IEEE80211_WEP_NKID]) 2153 keyix = k - ic->ic_nw_keys; 2154 else 2155 keyix = IEEE80211_KEYIX_NONE; 2156 2157 DPRINTF(sc, ("%s: alloc key %u\n", __func__, keyix)); 2158 2159 return keyix; 2160} 2161 2162static int 2163atw_key_delete(struct ieee80211com *ic, const struct ieee80211_key *k) 2164{ 2165 struct atw_softc *sc = ic->ic_ifp->if_softc; 2166 u_int keyix = k->wk_keyix; 2167 2168 DPRINTF(sc, ("%s: delete key %u\n", __func__, keyix)); 2169 2170 if (keyix >= IEEE80211_WEP_NKID) 2171 return 0; 2172 if (k->wk_keylen != 0) 2173 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2174 2175 return 1; 2176} 2177 2178static int 2179atw_key_set(struct ieee80211com *ic, const struct ieee80211_key *k, 2180 const u_int8_t mac[IEEE80211_ADDR_LEN]) 2181{ 2182 struct atw_softc *sc = ic->ic_ifp->if_softc; 2183 2184 DPRINTF(sc, ("%s: set key %u\n", __func__, k->wk_keyix)); 2185 2186 if (k->wk_keyix >= IEEE80211_WEP_NKID) 2187 return 0; 2188 2189 sc->sc_flags &= ~ATWF_WEP_SRAM_VALID; 2190 2191 return 1; 2192} 2193 2194static void 2195atw_key_update_begin(struct ieee80211com *ic) 2196{ 2197#ifdef ATW_DEBUG 2198 struct ifnet *ifp = ic->ic_ifp; 2199 struct atw_softc *sc = ifp->if_softc; 2200#endif 2201 2202 DPRINTF(sc, ("%s:\n", __func__)); 2203} 2204 2205static void 2206atw_key_update_end(struct ieee80211com *ic) 2207{ 2208 struct ifnet *ifp = ic->ic_ifp; 2209 struct atw_softc *sc = ifp->if_softc; 2210 2211 DPRINTF(sc, ("%s:\n", __func__)); 2212 2213 if ((sc->sc_flags & ATWF_WEP_SRAM_VALID) != 0) 2214 return; 2215 atw_write_wep(sc); 2216} 2217 2218/* Write WEP keys from the ieee80211com to the ADM8211's SRAM. */ 2219static void 2220atw_write_wep(struct atw_softc *sc) 2221{ 2222 struct ieee80211com *ic = &sc->sc_ic; 2223 /* SRAM shared-key record format: key0 flags key1 ... key12 */ 2224 u_int8_t buf[IEEE80211_WEP_NKID] 2225 [1 /* key[0] */ + 1 /* flags */ + 12 /* key[1 .. 12] */]; 2226 u_int32_t reg; 2227 int i; 2228 2229 sc->sc_wepctl = 0; 2230 ATW_WRITE(sc, ATW_WEPCTL, sc->sc_wepctl); 2231 2232 memset(&buf[0][0], 0, sizeof(buf)); 2233 2234 for (i = 0; i < IEEE80211_WEP_NKID; i++) { 2235 if (ic->ic_nw_keys[i].wk_keylen > 5) { 2236 buf[i][1] = ATW_WEP_ENABLED | ATW_WEP_104BIT; 2237 } else if (ic->ic_nw_keys[i].wk_keylen != 0) { 2238 buf[i][1] = ATW_WEP_ENABLED; 2239 } else { 2240 buf[i][1] = 0; 2241 continue; 2242 } 2243 buf[i][0] = ic->ic_nw_keys[i].wk_key[0]; 2244 memcpy(&buf[i][2], &ic->ic_nw_keys[i].wk_key[1], 2245 ic->ic_nw_keys[i].wk_keylen - 1); 2246 } 2247 2248 reg = ATW_READ(sc, ATW_MACTEST); 2249 reg |= ATW_MACTEST_MMI_USETXCLK | ATW_MACTEST_FORCE_KEYID; 2250 reg &= ~ATW_MACTEST_KEYID_MASK; 2251 reg |= LSHIFT(ic->ic_def_txkey, ATW_MACTEST_KEYID_MASK); 2252 ATW_WRITE(sc, ATW_MACTEST, reg); 2253 2254 if ((ic->ic_flags & IEEE80211_F_PRIVACY) != 0) 2255 sc->sc_wepctl |= ATW_WEPCTL_WEPENABLE; 2256 2257 switch (sc->sc_rev) { 2258 case ATW_REVISION_AB: 2259 case ATW_REVISION_AF: 2260 /* Bypass WEP on Rx. */ 2261 sc->sc_wepctl |= ATW_WEPCTL_WEPRXBYP; 2262 break; 2263 default: 2264 break; 2265 } 2266 2267 atw_write_sram(sc, ATW_SRAM_ADDR_SHARED_KEY, (u_int8_t*)&buf[0][0], 2268 sizeof(buf)); 2269 2270 sc->sc_flags |= ATWF_WEP_SRAM_VALID; 2271} 2272 2273static void 2274atw_change_ibss(struct atw_softc *sc) 2275{ 2276 atw_predict_beacon(sc); 2277 atw_write_bssid(sc); 2278 atw_start_beacon(sc, 1); 2279} 2280 2281static void 2282atw_recv_mgmt(struct ieee80211com *ic, struct mbuf *m, 2283 struct ieee80211_node *ni, int subtype, int rssi, u_int32_t rstamp) 2284{ 2285 struct atw_softc *sc = (struct atw_softc *)ic->ic_ifp->if_softc; 2286 2287 /* The ADM8211A answers probe requests. TBD ADM8211B/C. */ 2288 if (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ) 2289 return; 2290 2291 (*sc->sc_recv_mgmt)(ic, m, ni, subtype, rssi, rstamp); 2292 2293 switch (subtype) { 2294 case IEEE80211_FC0_SUBTYPE_PROBE_RESP: 2295 case IEEE80211_FC0_SUBTYPE_BEACON: 2296 if (ic->ic_opmode != IEEE80211_M_IBSS || 2297 ic->ic_state != IEEE80211_S_RUN) 2298 break; 2299 if (le64toh(ni->ni_tstamp.tsf) >= atw_get_tsft(sc) && 2300 ieee80211_ibss_merge(ic, ni) == ENETRESET) 2301 atw_change_ibss(sc); 2302 break; 2303 default: 2304 break; 2305 } 2306 return; 2307} 2308 2309/* Write the SSID in the ieee80211com to the SRAM on the ADM8211. 2310 * In ad hoc mode, the SSID is written to the beacons sent by the 2311 * ADM8211. In both ad hoc and infrastructure mode, beacons received 2312 * with matching SSID affect ATW_INTR_LINKON/ATW_INTR_LINKOFF 2313 * indications. 2314 */ 2315static void 2316atw_write_ssid(struct atw_softc *sc) 2317{ 2318 struct ieee80211com *ic = &sc->sc_ic; 2319 /* 34 bytes are reserved in ADM8211 SRAM for the SSID, but 2320 * it only expects the element length, not its ID. 2321 */ 2322 u_int8_t buf[roundup(1 /* length */ + IEEE80211_NWID_LEN, 2)]; 2323 2324 memset(buf, 0, sizeof(buf)); 2325 buf[0] = ic->ic_bss->ni_esslen; 2326 memcpy(&buf[1], ic->ic_bss->ni_essid, ic->ic_bss->ni_esslen); 2327 2328 atw_write_sram(sc, ATW_SRAM_ADDR_SSID, buf, 2329 roundup(1 + ic->ic_bss->ni_esslen, 2)); 2330} 2331 2332/* Write the supported rates in the ieee80211com to the SRAM of the ADM8211. 2333 * In ad hoc mode, the supported rates are written to beacons sent by the 2334 * ADM8211. 2335 */ 2336static void 2337atw_write_sup_rates(struct atw_softc *sc) 2338{ 2339 struct ieee80211com *ic = &sc->sc_ic; 2340 /* 14 bytes are probably (XXX) reserved in the ADM8211 SRAM for 2341 * supported rates 2342 */ 2343 u_int8_t buf[roundup(1 /* length */ + IEEE80211_RATE_SIZE, 2)]; 2344 2345 memset(buf, 0, sizeof(buf)); 2346 2347 buf[0] = ic->ic_bss->ni_rates.rs_nrates; 2348 2349 memcpy(&buf[1], ic->ic_bss->ni_rates.rs_rates, 2350 ic->ic_bss->ni_rates.rs_nrates); 2351 2352 atw_write_sram(sc, ATW_SRAM_ADDR_SUPRATES, buf, sizeof(buf)); 2353} 2354 2355/* Start/stop sending beacons. */ 2356void 2357atw_start_beacon(struct atw_softc *sc, int start) 2358{ 2359 struct ieee80211com *ic = &sc->sc_ic; 2360 uint16_t chan; 2361 uint32_t bcnt, bpli, cap0, cap1, capinfo; 2362 size_t len; 2363 2364 if (ATW_IS_ENABLED(sc) == 0) 2365 return; 2366 2367 /* start beacons */ 2368 len = sizeof(struct ieee80211_frame) + 2369 8 /* timestamp */ + 2 /* beacon interval */ + 2370 2 /* capability info */ + 2371 2 + ic->ic_bss->ni_esslen /* SSID element */ + 2372 2 + ic->ic_bss->ni_rates.rs_nrates /* rates element */ + 2373 3 /* DS parameters */ + 2374 IEEE80211_CRC_LEN; 2375 2376 bcnt = ATW_READ(sc, ATW_BCNT) & ~ATW_BCNT_BCNT_MASK; 2377 cap0 = ATW_READ(sc, ATW_CAP0) & ~ATW_CAP0_CHN_MASK; 2378 cap1 = ATW_READ(sc, ATW_CAP1) & ~ATW_CAP1_CAPI_MASK; 2379 2380 ATW_WRITE(sc, ATW_BCNT, bcnt); 2381 ATW_WRITE(sc, ATW_CAP1, cap1); 2382 2383 if (!start) 2384 return; 2385 2386 /* TBD use ni_capinfo */ 2387 2388 capinfo = 0; 2389 if (sc->sc_flags & ATWF_SHORT_PREAMBLE) 2390 capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE; 2391 if (ic->ic_flags & IEEE80211_F_PRIVACY) 2392 capinfo |= IEEE80211_CAPINFO_PRIVACY; 2393 2394 switch (ic->ic_opmode) { 2395 case IEEE80211_M_IBSS: 2396 len += 4; /* IBSS parameters */ 2397 capinfo |= IEEE80211_CAPINFO_IBSS; 2398 break; 2399 case IEEE80211_M_HOSTAP: 2400 /* XXX 6-byte minimum TIM */ 2401 len += atw_beacon_len_adjust; 2402 capinfo |= IEEE80211_CAPINFO_ESS; 2403 break; 2404 default: 2405 return; 2406 } 2407 2408 /* set listen interval 2409 * XXX do software units agree w/ hardware? 2410 */ 2411 bpli = LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2412 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, ATW_BPLI_LI_MASK); 2413 2414 chan = ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan); 2415 2416 bcnt |= LSHIFT(len, ATW_BCNT_BCNT_MASK); 2417 cap0 |= LSHIFT(chan, ATW_CAP0_CHN_MASK); 2418 cap1 |= LSHIFT(capinfo, ATW_CAP1_CAPI_MASK); 2419 2420 ATW_WRITE(sc, ATW_BCNT, bcnt); 2421 ATW_WRITE(sc, ATW_BPLI, bpli); 2422 ATW_WRITE(sc, ATW_CAP0, cap0); 2423 ATW_WRITE(sc, ATW_CAP1, cap1); 2424 2425 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_BCNT] = %08x\n", 2426 sc->sc_dev.dv_xname, bcnt)); 2427 2428 DPRINTF(sc, ("%s: atw_start_beacon reg[ATW_CAP1] = %08x\n", 2429 sc->sc_dev.dv_xname, cap1)); 2430} 2431 2432/* Return the 32 lsb of the last TSFT divisible by ival. */ 2433static __inline uint32_t 2434atw_last_even_tsft(uint32_t tsfth, uint32_t tsftl, uint32_t ival) 2435{ 2436 /* Following the reference driver's lead, I compute 2437 * 2438 * (uint32_t)((((uint64_t)tsfth << 32) | tsftl) % ival) 2439 * 2440 * without using 64-bit arithmetic, using the following 2441 * relationship: 2442 * 2443 * (0x100000000 * H + L) % m 2444 * = ((0x100000000 % m) * H + L) % m 2445 * = (((0xffffffff + 1) % m) * H + L) % m 2446 * = ((0xffffffff % m + 1 % m) * H + L) % m 2447 * = ((0xffffffff % m + 1) * H + L) % m 2448 */ 2449 return ((0xFFFFFFFF % ival + 1) * tsfth + tsftl) % ival; 2450} 2451 2452static uint64_t 2453atw_get_tsft(struct atw_softc *sc) 2454{ 2455 int i; 2456 uint32_t tsfth, tsftl; 2457 for (i = 0; i < 2; i++) { 2458 tsfth = ATW_READ(sc, ATW_TSFTH); 2459 tsftl = ATW_READ(sc, ATW_TSFTL); 2460 if (ATW_READ(sc, ATW_TSFTH) == tsfth) 2461 break; 2462 } 2463 return ((uint64_t)tsfth << 32) | tsftl; 2464} 2465 2466/* If we've created an IBSS, write the TSF time in the ADM8211 to 2467 * the ieee80211com. 2468 * 2469 * Predict the next target beacon transmission time (TBTT) and 2470 * write it to the ADM8211. 2471 */ 2472static void 2473atw_predict_beacon(struct atw_softc *sc) 2474{ 2475#define TBTTOFS 20 /* TU */ 2476 2477 struct ieee80211com *ic = &sc->sc_ic; 2478 uint64_t tsft; 2479 uint32_t ival, past_even, tbtt, tsfth, tsftl; 2480 union { 2481 uint64_t word; 2482 uint8_t tstamp[8]; 2483 } u; 2484 2485 if ((ic->ic_opmode == IEEE80211_M_HOSTAP) || 2486 ((ic->ic_opmode == IEEE80211_M_IBSS) && 2487 (ic->ic_flags & IEEE80211_F_SIBSS))) { 2488 tsft = atw_get_tsft(sc); 2489 u.word = htole64(tsft); 2490 (void)memcpy(&ic->ic_bss->ni_tstamp, &u.tstamp[0], 2491 sizeof(ic->ic_bss->ni_tstamp)); 2492 } else 2493 tsft = le64toh(ic->ic_bss->ni_tstamp.tsf); 2494 2495 ival = ic->ic_bss->ni_intval * IEEE80211_DUR_TU; 2496 2497 tsftl = tsft & 0xFFFFFFFF; 2498 tsfth = tsft >> 32; 2499 2500 /* We sent/received the last beacon `past' microseconds 2501 * after the interval divided the TSF timer. 2502 */ 2503 past_even = tsftl - atw_last_even_tsft(tsfth, tsftl, ival); 2504 2505 /* Skip ten beacons so that the TBTT cannot pass before 2506 * we've programmed it. Ten is an arbitrary number. 2507 */ 2508 tbtt = past_even + ival * 10; 2509 2510 ATW_WRITE(sc, ATW_TOFS1, 2511 LSHIFT(1, ATW_TOFS1_TSFTOFSR_MASK) | 2512 LSHIFT(TBTTOFS, ATW_TOFS1_TBTTOFS_MASK) | 2513 LSHIFT(MASK_AND_RSHIFT(tbtt - TBTTOFS * IEEE80211_DUR_TU, 2514 ATW_TBTTPRE_MASK), ATW_TOFS1_TBTTPRE_MASK)); 2515#undef TBTTOFS 2516} 2517 2518static void 2519atw_next_scan(void *arg) 2520{ 2521 struct atw_softc *sc = arg; 2522 struct ieee80211com *ic = &sc->sc_ic; 2523 int s; 2524 2525 /* don't call atw_start w/o network interrupts blocked */ 2526 s = splnet(); 2527 if (ic->ic_state == IEEE80211_S_SCAN) 2528 ieee80211_next_scan(ic); 2529 splx(s); 2530} 2531 2532/* Synchronize the hardware state with the software state. */ 2533static int 2534atw_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 2535{ 2536 struct ifnet *ifp = ic->ic_ifp; 2537 struct atw_softc *sc = ifp->if_softc; 2538 enum ieee80211_state ostate; 2539 int error; 2540 2541 ostate = ic->ic_state; 2542 2543 if (nstate == IEEE80211_S_INIT) { 2544 callout_stop(&sc->sc_scan_ch); 2545 sc->sc_cur_chan = IEEE80211_CHAN_ANY; 2546 atw_start_beacon(sc, 0); 2547 return (*sc->sc_newstate)(ic, nstate, arg); 2548 } 2549 2550 if ((error = atw_tune(sc)) != 0) 2551 return error; 2552 2553 switch (nstate) { 2554 case IEEE80211_S_ASSOC: 2555 break; 2556 case IEEE80211_S_INIT: 2557 panic("%s: unexpected state IEEE80211_S_INIT\n", __func__); 2558 break; 2559 case IEEE80211_S_SCAN: 2560 callout_reset(&sc->sc_scan_ch, atw_dwelltime * hz / 1000, 2561 atw_next_scan, sc); 2562 2563 break; 2564 case IEEE80211_S_RUN: 2565 if (ic->ic_opmode == IEEE80211_M_STA) 2566 break; 2567 /*FALLTHROUGH*/ 2568 case IEEE80211_S_AUTH: 2569 atw_write_bssid(sc); 2570 atw_write_ssid(sc); 2571 atw_write_sup_rates(sc); 2572 2573 if (ic->ic_opmode == IEEE80211_M_AHDEMO || 2574 ic->ic_opmode == IEEE80211_M_MONITOR) 2575 break; 2576 2577 /* set listen interval 2578 * XXX do software units agree w/ hardware? 2579 */ 2580 ATW_WRITE(sc, ATW_BPLI, 2581 LSHIFT(ic->ic_bss->ni_intval, ATW_BPLI_BP_MASK) | 2582 LSHIFT(ic->ic_lintval / ic->ic_bss->ni_intval, 2583 ATW_BPLI_LI_MASK)); 2584 2585 DPRINTF(sc, ("%s: reg[ATW_BPLI] = %08x\n", 2586 sc->sc_dev.dv_xname, ATW_READ(sc, ATW_BPLI))); 2587 2588 atw_predict_beacon(sc); 2589 break; 2590 } 2591 2592 if (nstate != IEEE80211_S_SCAN) 2593 callout_stop(&sc->sc_scan_ch); 2594 2595 if (nstate == IEEE80211_S_RUN && 2596 (ic->ic_opmode == IEEE80211_M_HOSTAP || 2597 ic->ic_opmode == IEEE80211_M_IBSS)) 2598 atw_start_beacon(sc, 1); 2599 else 2600 atw_start_beacon(sc, 0); 2601 2602 error = (*sc->sc_newstate)(ic, nstate, arg); 2603 2604 if (ostate == IEEE80211_S_INIT && nstate == IEEE80211_S_SCAN) 2605 atw_write_bssid(sc); 2606 2607 return error; 2608} 2609 2610/* 2611 * atw_add_rxbuf: 2612 * 2613 * Add a receive buffer to the indicated descriptor. 2614 */ 2615int 2616atw_add_rxbuf(struct atw_softc *sc, int idx) 2617{ 2618 struct atw_rxsoft *rxs = &sc->sc_rxsoft[idx]; 2619 struct mbuf *m; 2620 int error; 2621 2622 MGETHDR(m, M_DONTWAIT, MT_DATA); 2623 if (m == NULL) 2624 return (ENOBUFS); 2625 2626 MCLGET(m, M_DONTWAIT); 2627 if ((m->m_flags & M_EXT) == 0) { 2628 m_freem(m); 2629 return (ENOBUFS); 2630 } 2631 2632 if (rxs->rxs_mbuf != NULL) 2633 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2634 2635 rxs->rxs_mbuf = m; 2636 2637 error = bus_dmamap_load(sc->sc_dmat, rxs->rxs_dmamap, 2638 m->m_ext.ext_buf, m->m_ext.ext_size, NULL, 2639 BUS_DMA_READ|BUS_DMA_NOWAIT); 2640 if (error) { 2641 printf("%s: can't load rx DMA map %d, error = %d\n", 2642 sc->sc_dev.dv_xname, idx, error); 2643 panic("atw_add_rxbuf"); /* XXX */ 2644 } 2645 2646 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 2647 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 2648 2649 ATW_INIT_RXDESC(sc, idx); 2650 2651 return (0); 2652} 2653 2654/* 2655 * Release any queued transmit buffers. 2656 */ 2657void 2658atw_txdrain(struct atw_softc *sc) 2659{ 2660 struct atw_txsoft *txs; 2661 2662 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 2663 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 2664 if (txs->txs_mbuf != NULL) { 2665 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2666 m_freem(txs->txs_mbuf); 2667 txs->txs_mbuf = NULL; 2668 } 2669 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 2670 } 2671 sc->sc_tx_timer = 0; 2672} 2673 2674/* 2675 * atw_stop: [ ifnet interface function ] 2676 * 2677 * Stop transmission on the interface. 2678 */ 2679void 2680atw_stop(struct ifnet *ifp, int disable) 2681{ 2682 struct atw_softc *sc = ifp->if_softc; 2683 struct ieee80211com *ic = &sc->sc_ic; 2684 2685 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 2686 2687 /* Disable interrupts. */ 2688 ATW_WRITE(sc, ATW_IER, 0); 2689 2690 /* Stop the transmit and receive processes. */ 2691 sc->sc_opmode = 0; 2692 ATW_WRITE(sc, ATW_NAR, 0); 2693 DELAY(atw_nar_delay); 2694 ATW_WRITE(sc, ATW_TDBD, 0); 2695 ATW_WRITE(sc, ATW_TDBP, 0); 2696 ATW_WRITE(sc, ATW_RDB, 0); 2697 2698 atw_txdrain(sc); 2699 2700 if (disable) { 2701 atw_rxdrain(sc); 2702 atw_disable(sc); 2703 } 2704 2705 /* 2706 * Mark the interface down and cancel the watchdog timer. 2707 */ 2708 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 2709 ifp->if_timer = 0; 2710 2711 if (!disable) 2712 atw_reset(sc); 2713} 2714 2715/* 2716 * atw_rxdrain: 2717 * 2718 * Drain the receive queue. 2719 */ 2720void 2721atw_rxdrain(struct atw_softc *sc) 2722{ 2723 struct atw_rxsoft *rxs; 2724 int i; 2725 2726 for (i = 0; i < ATW_NRXDESC; i++) { 2727 rxs = &sc->sc_rxsoft[i]; 2728 if (rxs->rxs_mbuf == NULL) 2729 continue; 2730 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2731 m_freem(rxs->rxs_mbuf); 2732 rxs->rxs_mbuf = NULL; 2733 } 2734} 2735 2736/* 2737 * atw_detach: 2738 * 2739 * Detach an ADM8211 interface. 2740 */ 2741int 2742atw_detach(struct atw_softc *sc) 2743{ 2744 struct ifnet *ifp = &sc->sc_if; 2745 struct atw_rxsoft *rxs; 2746 struct atw_txsoft *txs; 2747 int i; 2748 2749 /* 2750 * Succeed now if there isn't any work to do. 2751 */ 2752 if ((sc->sc_flags & ATWF_ATTACHED) == 0) 2753 return (0); 2754 2755 callout_stop(&sc->sc_scan_ch); 2756 2757 ieee80211_ifdetach(&sc->sc_ic); 2758 if_detach(ifp); 2759 2760 for (i = 0; i < ATW_NRXDESC; i++) { 2761 rxs = &sc->sc_rxsoft[i]; 2762 if (rxs->rxs_mbuf != NULL) { 2763 bus_dmamap_unload(sc->sc_dmat, rxs->rxs_dmamap); 2764 m_freem(rxs->rxs_mbuf); 2765 rxs->rxs_mbuf = NULL; 2766 } 2767 bus_dmamap_destroy(sc->sc_dmat, rxs->rxs_dmamap); 2768 } 2769 for (i = 0; i < ATW_TXQUEUELEN; i++) { 2770 txs = &sc->sc_txsoft[i]; 2771 if (txs->txs_mbuf != NULL) { 2772 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 2773 m_freem(txs->txs_mbuf); 2774 txs->txs_mbuf = NULL; 2775 } 2776 bus_dmamap_destroy(sc->sc_dmat, txs->txs_dmamap); 2777 } 2778 bus_dmamap_unload(sc->sc_dmat, sc->sc_cddmamap); 2779 bus_dmamap_destroy(sc->sc_dmat, sc->sc_cddmamap); 2780 bus_dmamem_unmap(sc->sc_dmat, (caddr_t)sc->sc_control_data, 2781 sizeof(struct atw_control_data)); 2782 bus_dmamem_free(sc->sc_dmat, &sc->sc_cdseg, sc->sc_cdnseg); 2783 2784 shutdownhook_disestablish(sc->sc_sdhook); 2785 powerhook_disestablish(sc->sc_powerhook); 2786 2787 if (sc->sc_srom) 2788 free(sc->sc_srom, M_DEVBUF); 2789 2790 return (0); 2791} 2792 2793/* atw_shutdown: make sure the interface is stopped at reboot time. */ 2794void 2795atw_shutdown(void *arg) 2796{ 2797 struct atw_softc *sc = arg; 2798 2799 atw_stop(&sc->sc_if, 1); 2800} 2801 2802int 2803atw_intr(void *arg) 2804{ 2805 struct atw_softc *sc = arg; 2806 struct ifnet *ifp = &sc->sc_if; 2807 u_int32_t status, rxstatus, txstatus, linkstatus; 2808 int handled = 0, txthresh; 2809 2810#ifdef DEBUG 2811 if (ATW_IS_ENABLED(sc) == 0) 2812 panic("%s: atw_intr: not enabled", sc->sc_dev.dv_xname); 2813#endif 2814 2815 /* 2816 * If the interface isn't running, the interrupt couldn't 2817 * possibly have come from us. 2818 */ 2819 if ((ifp->if_flags & IFF_RUNNING) == 0 || 2820 (sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 2821 return (0); 2822 2823 for (;;) { 2824 status = ATW_READ(sc, ATW_STSR); 2825 2826 if (status) 2827 ATW_WRITE(sc, ATW_STSR, status); 2828 2829#ifdef ATW_DEBUG 2830#define PRINTINTR(flag) do { \ 2831 if ((status & flag) != 0) { \ 2832 printf("%s" #flag, delim); \ 2833 delim = ","; \ 2834 } \ 2835} while (0) 2836 2837 if (atw_debug > 1 && status) { 2838 const char *delim = "<"; 2839 2840 printf("%s: reg[STSR] = %x", 2841 sc->sc_dev.dv_xname, status); 2842 2843 PRINTINTR(ATW_INTR_FBE); 2844 PRINTINTR(ATW_INTR_LINKOFF); 2845 PRINTINTR(ATW_INTR_LINKON); 2846 PRINTINTR(ATW_INTR_RCI); 2847 PRINTINTR(ATW_INTR_RDU); 2848 PRINTINTR(ATW_INTR_REIS); 2849 PRINTINTR(ATW_INTR_RPS); 2850 PRINTINTR(ATW_INTR_TCI); 2851 PRINTINTR(ATW_INTR_TDU); 2852 PRINTINTR(ATW_INTR_TLT); 2853 PRINTINTR(ATW_INTR_TPS); 2854 PRINTINTR(ATW_INTR_TRT); 2855 PRINTINTR(ATW_INTR_TUF); 2856 PRINTINTR(ATW_INTR_BCNTC); 2857 PRINTINTR(ATW_INTR_ATIME); 2858 PRINTINTR(ATW_INTR_TBTT); 2859 PRINTINTR(ATW_INTR_TSCZ); 2860 PRINTINTR(ATW_INTR_TSFTF); 2861 printf(">\n"); 2862 } 2863#undef PRINTINTR 2864#endif /* ATW_DEBUG */ 2865 2866 if ((status & sc->sc_inten) == 0) 2867 break; 2868 2869 handled = 1; 2870 2871 rxstatus = status & sc->sc_rxint_mask; 2872 txstatus = status & sc->sc_txint_mask; 2873 linkstatus = status & sc->sc_linkint_mask; 2874 2875 if (linkstatus) { 2876 atw_linkintr(sc, linkstatus); 2877 } 2878 2879 if (rxstatus) { 2880 /* Grab any new packets. */ 2881 atw_rxintr(sc); 2882 2883 if (rxstatus & ATW_INTR_RDU) { 2884 printf("%s: receive ring overrun\n", 2885 sc->sc_dev.dv_xname); 2886 /* Get the receive process going again. */ 2887 ATW_WRITE(sc, ATW_RDR, 0x1); 2888 break; 2889 } 2890 } 2891 2892 if (txstatus) { 2893 /* Sweep up transmit descriptors. */ 2894 atw_txintr(sc); 2895 2896 if (txstatus & ATW_INTR_TLT) 2897 DPRINTF(sc, ("%s: tx lifetime exceeded\n", 2898 sc->sc_dev.dv_xname)); 2899 2900 if (txstatus & ATW_INTR_TRT) 2901 DPRINTF(sc, ("%s: tx retry limit exceeded\n", 2902 sc->sc_dev.dv_xname)); 2903 2904 /* If Tx under-run, increase our transmit threshold 2905 * if another is available. 2906 */ 2907 txthresh = sc->sc_txthresh + 1; 2908 if ((txstatus & ATW_INTR_TUF) && 2909 sc->sc_txth[txthresh].txth_name != NULL) { 2910 /* Idle the transmit process. */ 2911 atw_idle(sc, ATW_NAR_ST); 2912 2913 sc->sc_txthresh = txthresh; 2914 sc->sc_opmode &= ~(ATW_NAR_TR_MASK|ATW_NAR_SF); 2915 sc->sc_opmode |= 2916 sc->sc_txth[txthresh].txth_opmode; 2917 printf("%s: transmit underrun; new " 2918 "threshold: %s\n", sc->sc_dev.dv_xname, 2919 sc->sc_txth[txthresh].txth_name); 2920 2921 /* Set the new threshold and restart 2922 * the transmit process. 2923 */ 2924 ATW_WRITE(sc, ATW_NAR, sc->sc_opmode); 2925 DELAY(atw_nar_delay); 2926 ATW_WRITE(sc, ATW_RDR, 0x1); 2927 /* XXX Log every Nth underrun from 2928 * XXX now on? 2929 */ 2930 } 2931 } 2932 2933 if (status & (ATW_INTR_TPS|ATW_INTR_RPS)) { 2934 if (status & ATW_INTR_TPS) 2935 printf("%s: transmit process stopped\n", 2936 sc->sc_dev.dv_xname); 2937 if (status & ATW_INTR_RPS) 2938 printf("%s: receive process stopped\n", 2939 sc->sc_dev.dv_xname); 2940 (void)atw_init(ifp); 2941 break; 2942 } 2943 2944 if (status & ATW_INTR_FBE) { 2945 printf("%s: fatal bus error\n", sc->sc_dev.dv_xname); 2946 (void)atw_init(ifp); 2947 break; 2948 } 2949 2950 /* 2951 * Not handled: 2952 * 2953 * Transmit buffer unavailable -- normal 2954 * condition, nothing to do, really. 2955 * 2956 * Early receive interrupt -- not available on 2957 * all chips, we just use RI. We also only 2958 * use single-segment receive DMA, so this 2959 * is mostly useless. 2960 * 2961 * TBD others 2962 */ 2963 } 2964 2965 /* Try to get more packets going. */ 2966 atw_start(ifp); 2967 2968 return (handled); 2969} 2970 2971/* 2972 * atw_idle: 2973 * 2974 * Cause the transmit and/or receive processes to go idle. 2975 * 2976 * XXX It seems that the ADM8211 will not signal the end of the Rx/Tx 2977 * process in STSR if I clear SR or ST after the process has already 2978 * ceased. Fair enough. But the Rx process status bits in ATW_TEST0 2979 * do not seem to be too reliable. Perhaps I have the sense of the 2980 * Rx bits switched with the Tx bits? 2981 */ 2982void 2983atw_idle(struct atw_softc *sc, u_int32_t bits) 2984{ 2985 u_int32_t ackmask = 0, opmode, stsr, test0; 2986 int i, s; 2987 2988 s = splnet(); 2989 2990 opmode = sc->sc_opmode & ~bits; 2991 2992 if (bits & ATW_NAR_SR) 2993 ackmask |= ATW_INTR_RPS; 2994 2995 if (bits & ATW_NAR_ST) { 2996 ackmask |= ATW_INTR_TPS; 2997 /* set ATW_NAR_HF to flush TX FIFO. */ 2998 opmode |= ATW_NAR_HF; 2999 } 3000 3001 ATW_WRITE(sc, ATW_NAR, opmode); 3002 DELAY(atw_nar_delay); 3003 3004 for (i = 0; i < 1000; i++) { 3005 stsr = ATW_READ(sc, ATW_STSR); 3006 if ((stsr & ackmask) == ackmask) 3007 break; 3008 DELAY(10); 3009 } 3010 3011 ATW_WRITE(sc, ATW_STSR, stsr & ackmask); 3012 3013 if ((stsr & ackmask) == ackmask) 3014 goto out; 3015 3016 test0 = ATW_READ(sc, ATW_TEST0); 3017 3018 if ((bits & ATW_NAR_ST) != 0 && (stsr & ATW_INTR_TPS) == 0 && 3019 (test0 & ATW_TEST0_TS_MASK) != ATW_TEST0_TS_STOPPED) { 3020 printf("%s: transmit process not idle [%s]\n", 3021 sc->sc_dev.dv_xname, 3022 atw_tx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_TS_MASK)]); 3023 printf("%s: bits %08x test0 %08x stsr %08x\n", 3024 sc->sc_dev.dv_xname, bits, test0, stsr); 3025 } 3026 3027 if ((bits & ATW_NAR_SR) != 0 && (stsr & ATW_INTR_RPS) == 0 && 3028 (test0 & ATW_TEST0_RS_MASK) != ATW_TEST0_RS_STOPPED) { 3029 DPRINTF2(sc, ("%s: receive process not idle [%s]\n", 3030 sc->sc_dev.dv_xname, 3031 atw_rx_state[MASK_AND_RSHIFT(test0, ATW_TEST0_RS_MASK)])); 3032 DPRINTF2(sc, ("%s: bits %08x test0 %08x stsr %08x\n", 3033 sc->sc_dev.dv_xname, bits, test0, stsr)); 3034 } 3035out: 3036 if ((bits & ATW_NAR_ST) != 0) 3037 atw_txdrain(sc); 3038 splx(s); 3039 return; 3040} 3041 3042/* 3043 * atw_linkintr: 3044 * 3045 * Helper; handle link-status interrupts. 3046 */ 3047void 3048atw_linkintr(struct atw_softc *sc, u_int32_t linkstatus) 3049{ 3050 struct ieee80211com *ic = &sc->sc_ic; 3051 3052 if (ic->ic_state != IEEE80211_S_RUN) 3053 return; 3054 3055 if (linkstatus & ATW_INTR_LINKON) { 3056 DPRINTF(sc, ("%s: link on\n", sc->sc_dev.dv_xname)); 3057 sc->sc_rescan_timer = 0; 3058 } else if (linkstatus & ATW_INTR_LINKOFF) { 3059 DPRINTF(sc, ("%s: link off\n", sc->sc_dev.dv_xname)); 3060 if (ic->ic_opmode != IEEE80211_M_STA) 3061 return; 3062 sc->sc_rescan_timer = 3; 3063 sc->sc_if.if_timer = 1; 3064 } 3065} 3066 3067static __inline int 3068atw_hw_decrypted(struct atw_softc *sc, struct ieee80211_frame_min *wh) 3069{ 3070 if ((sc->sc_ic.ic_flags & IEEE80211_F_PRIVACY) == 0) 3071 return 0; 3072 if ((wh->i_fc[1] & IEEE80211_FC1_WEP) == 0) 3073 return 0; 3074 return (sc->sc_wepctl & ATW_WEPCTL_WEPRXBYP) == 0; 3075} 3076 3077/* 3078 * atw_rxintr: 3079 * 3080 * Helper; handle receive interrupts. 3081 */ 3082void 3083atw_rxintr(struct atw_softc *sc) 3084{ 3085 static int rate_tbl[] = {2, 4, 11, 22, 44}; 3086 struct ieee80211com *ic = &sc->sc_ic; 3087 struct ieee80211_node *ni; 3088 struct ieee80211_frame_min *wh; 3089 struct ifnet *ifp = &sc->sc_if; 3090 struct atw_rxsoft *rxs; 3091 struct mbuf *m; 3092 u_int32_t rxstat; 3093 int i, len, rate, rate0; 3094 u_int32_t rssi, rssi0; 3095 3096 for (i = sc->sc_rxptr;; i = ATW_NEXTRX(i)) { 3097 rxs = &sc->sc_rxsoft[i]; 3098 3099 ATW_CDRXSYNC(sc, i, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3100 3101 rxstat = le32toh(sc->sc_rxdescs[i].ar_stat); 3102 rssi0 = le32toh(sc->sc_rxdescs[i].ar_rssi); 3103 rate0 = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_RXDR_MASK); 3104 3105 if (rxstat & ATW_RXSTAT_OWN) 3106 break; /* We have processed all receive buffers. */ 3107 3108 DPRINTF3(sc, 3109 ("%s: rx stat %08x rssi0 %08x buf1 %08x buf2 %08x\n", 3110 sc->sc_dev.dv_xname, 3111 rxstat, rssi0, 3112 le32toh(sc->sc_rxdescs[i].ar_buf1), 3113 le32toh(sc->sc_rxdescs[i].ar_buf2))); 3114 3115 /* 3116 * Make sure the packet fits in one buffer. This should 3117 * always be the case. 3118 */ 3119 if ((rxstat & (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) != 3120 (ATW_RXSTAT_FS|ATW_RXSTAT_LS)) { 3121 printf("%s: incoming packet spilled, resetting\n", 3122 sc->sc_dev.dv_xname); 3123 (void)atw_init(ifp); 3124 return; 3125 } 3126 3127 /* 3128 * If an error occurred, update stats, clear the status 3129 * word, and leave the packet buffer in place. It will 3130 * simply be reused the next time the ring comes around. 3131 * If 802.1Q VLAN MTU is enabled, ignore the Frame Too Long 3132 * error. 3133 */ 3134 3135 if ((rxstat & ATW_RXSTAT_ES) != 0 && 3136 ((sc->sc_ec.ec_capenable & ETHERCAP_VLAN_MTU) == 0 || 3137 (rxstat & (ATW_RXSTAT_DE | ATW_RXSTAT_SFDE | 3138 ATW_RXSTAT_SIGE | ATW_RXSTAT_CRC16E | 3139 ATW_RXSTAT_RXTOE | ATW_RXSTAT_CRC32E | 3140 ATW_RXSTAT_ICVE)) != 0)) { 3141#define PRINTERR(bit, str) \ 3142 if (rxstat & (bit)) \ 3143 printf("%s: receive error: %s\n", \ 3144 sc->sc_dev.dv_xname, str) 3145 ifp->if_ierrors++; 3146 PRINTERR(ATW_RXSTAT_DE, "descriptor error"); 3147 PRINTERR(ATW_RXSTAT_SFDE, "PLCP SFD error"); 3148 PRINTERR(ATW_RXSTAT_SIGE, "PLCP signal error"); 3149 PRINTERR(ATW_RXSTAT_CRC16E, "PLCP CRC16 error"); 3150 PRINTERR(ATW_RXSTAT_RXTOE, "time-out"); 3151 PRINTERR(ATW_RXSTAT_CRC32E, "FCS error"); 3152 PRINTERR(ATW_RXSTAT_ICVE, "WEP ICV error"); 3153#undef PRINTERR 3154 ATW_INIT_RXDESC(sc, i); 3155 continue; 3156 } 3157 3158 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3159 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_POSTREAD); 3160 3161 /* 3162 * No errors; receive the packet. Note the ADM8211 3163 * includes the CRC in promiscuous mode. 3164 */ 3165 len = MASK_AND_RSHIFT(rxstat, ATW_RXSTAT_FL_MASK); 3166 3167 /* 3168 * Allocate a new mbuf cluster. If that fails, we are 3169 * out of memory, and must drop the packet and recycle 3170 * the buffer that's already attached to this descriptor. 3171 */ 3172 m = rxs->rxs_mbuf; 3173 if (atw_add_rxbuf(sc, i) != 0) { 3174 ifp->if_ierrors++; 3175 ATW_INIT_RXDESC(sc, i); 3176 bus_dmamap_sync(sc->sc_dmat, rxs->rxs_dmamap, 0, 3177 rxs->rxs_dmamap->dm_mapsize, BUS_DMASYNC_PREREAD); 3178 continue; 3179 } 3180 3181 ifp->if_ipackets++; 3182 if (sc->sc_opmode & ATW_NAR_PR) 3183 len -= IEEE80211_CRC_LEN; 3184 m->m_pkthdr.rcvif = ifp; 3185 m->m_pkthdr.len = m->m_len = MIN(m->m_ext.ext_size, len); 3186 3187 if (rate0 >= sizeof(rate_tbl) / sizeof(rate_tbl[0])) 3188 rate = 0; 3189 else 3190 rate = rate_tbl[rate0]; 3191 3192 /* The RSSI comes straight from a register in the 3193 * baseband processor. I know that for the RF3000, 3194 * the RSSI register also contains the antenna-selection 3195 * bits. Mask those off. 3196 * 3197 * TBD Treat other basebands. 3198 */ 3199 if (sc->sc_bbptype == ATW_BBPTYPE_RFMD) 3200 rssi = rssi0 & RF3000_RSSI_MASK; 3201 else 3202 rssi = rssi0; 3203 3204 #if NBPFILTER > 0 3205 /* Pass this up to any BPF listeners. */ 3206 if (sc->sc_radiobpf != NULL) { 3207 struct atw_rx_radiotap_header *tap = &sc->sc_rxtap; 3208 3209 tap->ar_rate = rate; 3210 tap->ar_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3211 tap->ar_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3212 3213 /* TBD verify units are dB */ 3214 tap->ar_antsignal = (int)rssi; 3215 /* TBD tap->ar_flags */ 3216 3217 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3218 tap->ar_ihdr.it_len, m); 3219 } 3220 #endif /* NPBFILTER > 0 */ 3221 3222 wh = mtod(m, struct ieee80211_frame_min *); 3223 ni = ieee80211_find_rxnode(ic, wh); 3224 if (atw_hw_decrypted(sc, wh)) { 3225 wh->i_fc[1] &= ~IEEE80211_FC1_WEP; 3226 DPRINTF(sc, ("%s: hw decrypted\n", __func__)); 3227 } 3228 ieee80211_input(ic, m, ni, (int)rssi, 0); 3229 ieee80211_free_node(ni); 3230 } 3231 3232 /* Update the receive pointer. */ 3233 sc->sc_rxptr = i; 3234} 3235 3236/* 3237 * atw_txintr: 3238 * 3239 * Helper; handle transmit interrupts. 3240 */ 3241void 3242atw_txintr(struct atw_softc *sc) 3243{ 3244#define TXSTAT_ERRMASK (ATW_TXSTAT_TUF | ATW_TXSTAT_TLT | ATW_TXSTAT_TRT | \ 3245 ATW_TXSTAT_TRO | ATW_TXSTAT_SOFBR) 3246#define TXSTAT_FMT "\20\31ATW_TXSTAT_SOFBR\32ATW_TXSTAT_TRO\33ATW_TXSTAT_TUF" \ 3247 "\34ATW_TXSTAT_TRT\35ATW_TXSTAT_TLT" 3248 3249 static char txstat_buf[sizeof("ffffffff<>" TXSTAT_FMT)]; 3250 struct ifnet *ifp = &sc->sc_if; 3251 struct atw_txsoft *txs; 3252 u_int32_t txstat; 3253 3254 DPRINTF3(sc, ("%s: atw_txintr: sc_flags 0x%08x\n", 3255 sc->sc_dev.dv_xname, sc->sc_flags)); 3256 3257 ifp->if_flags &= ~IFF_OACTIVE; 3258 3259 /* 3260 * Go through our Tx list and free mbufs for those 3261 * frames that have been transmitted. 3262 */ 3263 while ((txs = SIMPLEQ_FIRST(&sc->sc_txdirtyq)) != NULL) { 3264 ATW_CDTXSYNC(sc, txs->txs_lastdesc, 1, 3265 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3266 3267#ifdef ATW_DEBUG 3268 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3269 int i; 3270 printf(" txsoft %p transmit chain:\n", txs); 3271 ATW_CDTXSYNC(sc, txs->txs_firstdesc, 3272 txs->txs_ndescs - 1, 3273 BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); 3274 for (i = txs->txs_firstdesc;; i = ATW_NEXTTX(i)) { 3275 printf(" descriptor %d:\n", i); 3276 printf(" at_status: 0x%08x\n", 3277 le32toh(sc->sc_txdescs[i].at_stat)); 3278 printf(" at_flags: 0x%08x\n", 3279 le32toh(sc->sc_txdescs[i].at_flags)); 3280 printf(" at_buf1: 0x%08x\n", 3281 le32toh(sc->sc_txdescs[i].at_buf1)); 3282 printf(" at_buf2: 0x%08x\n", 3283 le32toh(sc->sc_txdescs[i].at_buf2)); 3284 if (i == txs->txs_lastdesc) 3285 break; 3286 } 3287 } 3288#endif 3289 3290 txstat = le32toh(sc->sc_txdescs[txs->txs_lastdesc].at_stat); 3291 if (txstat & ATW_TXSTAT_OWN) 3292 break; 3293 3294 SIMPLEQ_REMOVE_HEAD(&sc->sc_txdirtyq, txs_q); 3295 3296 sc->sc_txfree += txs->txs_ndescs; 3297 3298 bus_dmamap_sync(sc->sc_dmat, txs->txs_dmamap, 3299 0, txs->txs_dmamap->dm_mapsize, 3300 BUS_DMASYNC_POSTWRITE); 3301 bus_dmamap_unload(sc->sc_dmat, txs->txs_dmamap); 3302 m_freem(txs->txs_mbuf); 3303 txs->txs_mbuf = NULL; 3304 3305 SIMPLEQ_INSERT_TAIL(&sc->sc_txfreeq, txs, txs_q); 3306 3307 if ((ifp->if_flags & IFF_DEBUG) != 0 && 3308 (txstat & TXSTAT_ERRMASK) != 0) { 3309 bitmask_snprintf(txstat & TXSTAT_ERRMASK, TXSTAT_FMT, 3310 txstat_buf, sizeof(txstat_buf)); 3311 printf("%s: txstat %s %d\n", sc->sc_dev.dv_xname, 3312 txstat_buf, 3313 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK)); 3314 } 3315 3316 /* 3317 * Check for errors and collisions. 3318 */ 3319 if (txstat & ATW_TXSTAT_TUF) 3320 sc->sc_stats.ts_tx_tuf++; 3321 if (txstat & ATW_TXSTAT_TLT) 3322 sc->sc_stats.ts_tx_tlt++; 3323 if (txstat & ATW_TXSTAT_TRT) 3324 sc->sc_stats.ts_tx_trt++; 3325 if (txstat & ATW_TXSTAT_TRO) 3326 sc->sc_stats.ts_tx_tro++; 3327 if (txstat & ATW_TXSTAT_SOFBR) { 3328 sc->sc_stats.ts_tx_sofbr++; 3329 } 3330 3331 if ((txstat & ATW_TXSTAT_ES) == 0) 3332 ifp->if_collisions += 3333 MASK_AND_RSHIFT(txstat, ATW_TXSTAT_ARC_MASK); 3334 else 3335 ifp->if_oerrors++; 3336 3337 ifp->if_opackets++; 3338 } 3339 3340 /* 3341 * If there are no more pending transmissions, cancel the watchdog 3342 * timer. 3343 */ 3344 if (txs == NULL) 3345 sc->sc_tx_timer = 0; 3346#undef TXSTAT_ERRMASK 3347#undef TXSTAT_FMT 3348} 3349 3350/* 3351 * atw_watchdog: [ifnet interface function] 3352 * 3353 * Watchdog timer handler. 3354 */ 3355void 3356atw_watchdog(struct ifnet *ifp) 3357{ 3358 struct atw_softc *sc = ifp->if_softc; 3359 struct ieee80211com *ic = &sc->sc_ic; 3360 3361 ifp->if_timer = 0; 3362 if (ATW_IS_ENABLED(sc) == 0) 3363 return; 3364 3365 if (sc->sc_rescan_timer) { 3366 if (--sc->sc_rescan_timer == 0) 3367 (void)ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3368 } 3369 if (sc->sc_tx_timer) { 3370 if (--sc->sc_tx_timer == 0 && 3371 !SIMPLEQ_EMPTY(&sc->sc_txdirtyq)) { 3372 printf("%s: transmit timeout\n", ifp->if_xname); 3373 ifp->if_oerrors++; 3374 (void)atw_init(ifp); 3375 atw_start(ifp); 3376 } 3377 } 3378 if (sc->sc_tx_timer != 0 || sc->sc_rescan_timer != 0) 3379 ifp->if_timer = 1; 3380 ieee80211_watchdog(ic); 3381} 3382 3383/* Compute the 802.11 Duration field and the PLCP Length fields for 3384 * a len-byte frame (HEADER + PAYLOAD + FCS) sent at rate * 500Kbps. 3385 * Write the fields to the ADM8211 Tx header, frm. 3386 * 3387 * TBD use the fragmentation threshold to find the right duration for 3388 * the first & last fragments. 3389 * 3390 * TBD make certain of the duration fields applied by the ADM8211 to each 3391 * fragment. I think that the ADM8211 knows how to subtract the CTS 3392 * duration when ATW_HDRCTL_RTSCTS is clear; that is why I add it regardless. 3393 * I also think that the ADM8211 does *some* arithmetic for us, because 3394 * otherwise I think we would have to set a first duration for CTS/first 3395 * fragment, a second duration for fragments between the first and the 3396 * last, and a third duration for the last fragment. 3397 * 3398 * TBD make certain that duration fields reflect addition of FCS/WEP 3399 * and correct duration arithmetic as necessary. 3400 */ 3401static void 3402atw_frame_setdurs(struct atw_softc *sc, struct atw_frame *frm, int rate, 3403 int len) 3404{ 3405 int remainder; 3406 3407 /* deal also with encrypted fragments */ 3408 if (frm->atw_hdrctl & htole16(ATW_HDRCTL_WEP)) { 3409 DPRINTF2(sc, ("%s: atw_frame_setdurs len += 8\n", 3410 sc->sc_dev.dv_xname)); 3411 len += IEEE80211_WEP_IVLEN + IEEE80211_WEP_KIDLEN + 3412 IEEE80211_WEP_CRCLEN; 3413 } 3414 3415 /* 802.11 Duration Field for CTS/Data/ACK sequence minus FCS & WEP 3416 * duration (XXX added by MAC?). 3417 */ 3418 frm->atw_head_dur = (16 * (len - IEEE80211_CRC_LEN)) / rate; 3419 remainder = (16 * (len - IEEE80211_CRC_LEN)) % rate; 3420 3421 if (rate <= 4) 3422 /* 1-2Mbps WLAN: send ACK/CTS at 1Mbps */ 3423 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3424 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3425 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3426 IEEE80211_DUR_DS_SLOW_CTS + IEEE80211_DUR_DS_SLOW_ACK; 3427 else 3428 /* 5-11Mbps WLAN: send ACK/CTS at 2Mbps */ 3429 frm->atw_head_dur += 3 * (IEEE80211_DUR_DS_SIFS + 3430 IEEE80211_DUR_DS_SHORT_PREAMBLE + 3431 IEEE80211_DUR_DS_FAST_PLCPHDR) + 3432 IEEE80211_DUR_DS_FAST_CTS + IEEE80211_DUR_DS_FAST_ACK; 3433 3434 /* lengthen duration if long preamble */ 3435 if ((sc->sc_flags & ATWF_SHORT_PREAMBLE) == 0) 3436 frm->atw_head_dur += 3437 3 * (IEEE80211_DUR_DS_LONG_PREAMBLE - 3438 IEEE80211_DUR_DS_SHORT_PREAMBLE) + 3439 3 * (IEEE80211_DUR_DS_SLOW_PLCPHDR - 3440 IEEE80211_DUR_DS_FAST_PLCPHDR); 3441 3442 if (remainder != 0) 3443 frm->atw_head_dur++; 3444 3445 if ((atw_voodoo & VOODOO_DUR_2_4_SPECIALCASE) && 3446 (rate == 2 || rate == 4)) { 3447 /* derived from Linux: how could this be right? */ 3448 frm->atw_head_plcplen = frm->atw_head_dur; 3449 } else { 3450 frm->atw_head_plcplen = (16 * len) / rate; 3451 remainder = (80 * len) % (rate * 5); 3452 3453 if (remainder != 0) { 3454 frm->atw_head_plcplen++; 3455 3456 /* XXX magic */ 3457 if ((atw_voodoo & VOODOO_DUR_11_ROUNDING) && 3458 rate == 22 && remainder <= 30) 3459 frm->atw_head_plcplen |= 0x8000; 3460 } 3461 } 3462 frm->atw_tail_plcplen = frm->atw_head_plcplen = 3463 htole16(frm->atw_head_plcplen); 3464 frm->atw_tail_dur = frm->atw_head_dur = htole16(frm->atw_head_dur); 3465} 3466 3467#ifdef ATW_DEBUG 3468static void 3469atw_dump_pkt(struct ifnet *ifp, struct mbuf *m0) 3470{ 3471 struct atw_softc *sc = ifp->if_softc; 3472 struct mbuf *m; 3473 int i, noctets = 0; 3474 3475 printf("%s: %d-byte packet\n", sc->sc_dev.dv_xname, 3476 m0->m_pkthdr.len); 3477 3478 for (m = m0; m; m = m->m_next) { 3479 if (m->m_len == 0) 3480 continue; 3481 for (i = 0; i < m->m_len; i++) { 3482 printf(" %02x", ((u_int8_t*)m->m_data)[i]); 3483 if (++noctets % 24 == 0) 3484 printf("\n"); 3485 } 3486 } 3487 printf("%s%s: %d bytes emitted\n", 3488 (noctets % 24 != 0) ? "\n" : "", sc->sc_dev.dv_xname, noctets); 3489} 3490#endif /* ATW_DEBUG */ 3491 3492/* 3493 * atw_start: [ifnet interface function] 3494 * 3495 * Start packet transmission on the interface. 3496 */ 3497void 3498atw_start(struct ifnet *ifp) 3499{ 3500 struct atw_softc *sc = ifp->if_softc; 3501 struct ieee80211com *ic = &sc->sc_ic; 3502 struct ieee80211_node *ni; 3503 struct ieee80211_frame *wh; 3504 struct atw_frame *hh; 3505 struct mbuf *m0, *m; 3506 struct atw_txsoft *txs, *last_txs; 3507 struct atw_txdesc *txd; 3508 int do_encrypt, rate; 3509 bus_dmamap_t dmamap; 3510 int ctl, error, firsttx, nexttx, lasttx = -1, first, ofree, seg; 3511 3512 DPRINTF2(sc, ("%s: atw_start: sc_flags 0x%08x, if_flags 0x%08x\n", 3513 sc->sc_dev.dv_xname, sc->sc_flags, ifp->if_flags)); 3514 3515 if ((ifp->if_flags & (IFF_RUNNING|IFF_OACTIVE)) != IFF_RUNNING) 3516 return; 3517 3518 /* 3519 * Remember the previous number of free descriptors and 3520 * the first descriptor we'll use. 3521 */ 3522 ofree = sc->sc_txfree; 3523 firsttx = sc->sc_txnext; 3524 3525 DPRINTF2(sc, ("%s: atw_start: txfree %d, txnext %d\n", 3526 sc->sc_dev.dv_xname, ofree, firsttx)); 3527 3528 /* 3529 * Loop through the send queue, setting up transmit descriptors 3530 * until we drain the queue, or use up all available transmit 3531 * descriptors. 3532 */ 3533 while ((txs = SIMPLEQ_FIRST(&sc->sc_txfreeq)) != NULL && 3534 sc->sc_txfree != 0) { 3535 3536 /* 3537 * Grab a packet off the management queue, if it 3538 * is not empty. Otherwise, from the data queue. 3539 */ 3540 IF_DEQUEUE(&ic->ic_mgtq, m0); 3541 if (m0 != NULL) { 3542 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 3543 m0->m_pkthdr.rcvif = NULL; 3544 } else { 3545 /* send no data packets until we are associated */ 3546 if (ic->ic_state != IEEE80211_S_RUN) 3547 break; 3548 IFQ_DEQUEUE(&ifp->if_snd, m0); 3549 if (m0 == NULL) 3550 break; 3551#if NBPFILTER > 0 3552 if (ifp->if_bpf != NULL) 3553 bpf_mtap(ifp->if_bpf, m0); 3554#endif /* NBPFILTER > 0 */ 3555 ni = ieee80211_find_txnode(ic, 3556 mtod(m0, struct ether_header *)->ether_dhost); 3557 if (ni == NULL) { 3558 ifp->if_oerrors++; 3559 break; 3560 } 3561 if ((m0 = ieee80211_encap(ic, m0, ni)) == NULL) { 3562 ieee80211_free_node(ni); 3563 ifp->if_oerrors++; 3564 break; 3565 } 3566 } 3567 3568 rate = MAX(ieee80211_get_rate(ic), 2); 3569 3570#if NBPFILTER > 0 3571 /* 3572 * Pass the packet to any BPF listeners. 3573 */ 3574 if (ic->ic_rawbpf != NULL) 3575 bpf_mtap((caddr_t)ic->ic_rawbpf, m0); 3576 3577 if (sc->sc_radiobpf != NULL) { 3578 struct atw_tx_radiotap_header *tap = &sc->sc_txtap; 3579 3580 tap->at_rate = rate; 3581 tap->at_chan_freq = ic->ic_bss->ni_chan->ic_freq; 3582 tap->at_chan_flags = ic->ic_bss->ni_chan->ic_flags; 3583 3584 /* TBD tap->at_flags */ 3585 3586 bpf_mtap2(sc->sc_radiobpf, (caddr_t)tap, 3587 tap->at_ihdr.it_len, m0); 3588 } 3589#endif /* NBPFILTER > 0 */ 3590 3591 M_PREPEND(m0, offsetof(struct atw_frame, atw_ihdr), M_DONTWAIT); 3592 3593 if (ni != NULL) 3594 ieee80211_free_node(ni); 3595 3596 if (m0 == NULL) { 3597 ifp->if_oerrors++; 3598 break; 3599 } 3600 3601 /* just to make sure. */ 3602 m0 = m_pullup(m0, sizeof(struct atw_frame)); 3603 3604 if (m0 == NULL) { 3605 ifp->if_oerrors++; 3606 break; 3607 } 3608 3609 hh = mtod(m0, struct atw_frame *); 3610 wh = &hh->atw_ihdr; 3611 3612 do_encrypt = ((wh->i_fc[1] & IEEE80211_FC1_WEP) != 0) ? 1 : 0; 3613 3614 /* Copy everything we need from the 802.11 header: 3615 * Frame Control; address 1, address 3, or addresses 3616 * 3 and 4. NIC fills in BSSID, SA. 3617 */ 3618 if (wh->i_fc[1] & IEEE80211_FC1_DIR_TODS) { 3619 if (wh->i_fc[1] & IEEE80211_FC1_DIR_FROMDS) 3620 panic("%s: illegal WDS frame", 3621 sc->sc_dev.dv_xname); 3622 memcpy(hh->atw_dst, wh->i_addr3, IEEE80211_ADDR_LEN); 3623 } else 3624 memcpy(hh->atw_dst, wh->i_addr1, IEEE80211_ADDR_LEN); 3625 3626 *(u_int16_t*)hh->atw_fc = *(u_int16_t*)wh->i_fc; 3627 3628 /* initialize remaining Tx parameters */ 3629 memset(&hh->u, 0, sizeof(hh->u)); 3630 3631 hh->atw_rate = rate * 5; 3632 /* XXX this could be incorrect if M_FCS. _encap should 3633 * probably strip FCS just in case it sticks around in 3634 * bridged packets. 3635 */ 3636 hh->atw_service = 0x00; /* XXX guess */ 3637 hh->atw_paylen = htole16(m0->m_pkthdr.len - 3638 sizeof(struct atw_frame)); 3639 3640 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3641 hh->atw_rtylmt = 3; 3642 hh->atw_hdrctl = htole16(ATW_HDRCTL_UNKNOWN1); 3643 if (do_encrypt) { 3644 hh->atw_hdrctl |= htole16(ATW_HDRCTL_WEP); 3645 hh->atw_keyid = ic->ic_def_txkey; 3646 } 3647 3648 /* TBD 4-addr frames */ 3649 atw_frame_setdurs(sc, hh, rate, 3650 m0->m_pkthdr.len - sizeof(struct atw_frame) + 3651 sizeof(struct ieee80211_frame) + IEEE80211_CRC_LEN); 3652 3653 /* never fragment multicast frames */ 3654 if (IEEE80211_IS_MULTICAST(hh->atw_dst)) { 3655 hh->atw_fragthr = htole16(ATW_FRAGTHR_FRAGTHR_MASK); 3656 } else if (sc->sc_flags & ATWF_RTSCTS) { 3657 hh->atw_hdrctl |= htole16(ATW_HDRCTL_RTSCTS); 3658 } 3659 3660#ifdef ATW_DEBUG 3661 hh->atw_fragnum = 0; 3662 3663 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3664 printf("%s: dst = %s, rate = 0x%02x, " 3665 "service = 0x%02x, paylen = 0x%04x\n", 3666 sc->sc_dev.dv_xname, ether_sprintf(hh->atw_dst), 3667 hh->atw_rate, hh->atw_service, hh->atw_paylen); 3668 3669 printf("%s: fc[0] = 0x%02x, fc[1] = 0x%02x, " 3670 "dur1 = 0x%04x, dur2 = 0x%04x, " 3671 "dur3 = 0x%04x, rts_dur = 0x%04x\n", 3672 sc->sc_dev.dv_xname, hh->atw_fc[0], hh->atw_fc[1], 3673 hh->atw_tail_plcplen, hh->atw_head_plcplen, 3674 hh->atw_tail_dur, hh->atw_head_dur); 3675 3676 printf("%s: hdrctl = 0x%04x, fragthr = 0x%04x, " 3677 "fragnum = 0x%02x, rtylmt = 0x%04x\n", 3678 sc->sc_dev.dv_xname, hh->atw_hdrctl, 3679 hh->atw_fragthr, hh->atw_fragnum, hh->atw_rtylmt); 3680 3681 printf("%s: keyid = %d\n", 3682 sc->sc_dev.dv_xname, hh->atw_keyid); 3683 3684 atw_dump_pkt(ifp, m0); 3685 } 3686#endif /* ATW_DEBUG */ 3687 3688 dmamap = txs->txs_dmamap; 3689 3690 /* 3691 * Load the DMA map. Copy and try (once) again if the packet 3692 * didn't fit in the alloted number of segments. 3693 */ 3694 for (first = 1; 3695 (error = bus_dmamap_load_mbuf(sc->sc_dmat, dmamap, m0, 3696 BUS_DMA_WRITE|BUS_DMA_NOWAIT)) != 0 && first; 3697 first = 0) { 3698 MGETHDR(m, M_DONTWAIT, MT_DATA); 3699 if (m == NULL) { 3700 printf("%s: unable to allocate Tx mbuf\n", 3701 sc->sc_dev.dv_xname); 3702 break; 3703 } 3704 if (m0->m_pkthdr.len > MHLEN) { 3705 MCLGET(m, M_DONTWAIT); 3706 if ((m->m_flags & M_EXT) == 0) { 3707 printf("%s: unable to allocate Tx " 3708 "cluster\n", sc->sc_dev.dv_xname); 3709 m_freem(m); 3710 break; 3711 } 3712 } 3713 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(m, caddr_t)); 3714 m->m_pkthdr.len = m->m_len = m0->m_pkthdr.len; 3715 m_freem(m0); 3716 m0 = m; 3717 m = NULL; 3718 } 3719 if (error != 0) { 3720 printf("%s: unable to load Tx buffer, " 3721 "error = %d\n", sc->sc_dev.dv_xname, error); 3722 m_freem(m0); 3723 break; 3724 } 3725 3726 /* 3727 * Ensure we have enough descriptors free to describe 3728 * the packet. 3729 */ 3730 if (dmamap->dm_nsegs > sc->sc_txfree) { 3731 /* 3732 * Not enough free descriptors to transmit 3733 * this packet. Unload the DMA map and 3734 * drop the packet. Notify the upper layer 3735 * that there are no more slots left. 3736 * 3737 * XXX We could allocate an mbuf and copy, but 3738 * XXX it is worth it? 3739 */ 3740 ifp->if_flags |= IFF_OACTIVE; 3741 bus_dmamap_unload(sc->sc_dmat, dmamap); 3742 m_freem(m0); 3743 break; 3744 } 3745 3746 /* 3747 * WE ARE NOW COMMITTED TO TRANSMITTING THE PACKET. 3748 */ 3749 3750 /* Sync the DMA map. */ 3751 bus_dmamap_sync(sc->sc_dmat, dmamap, 0, dmamap->dm_mapsize, 3752 BUS_DMASYNC_PREWRITE); 3753 3754 /* XXX arbitrary retry limit; 8 because I have seen it in 3755 * use already and maybe 0 means "no tries" ! 3756 */ 3757 ctl = htole32(LSHIFT(8, ATW_TXCTL_TL_MASK)); 3758 3759 DPRINTF2(sc, ("%s: TXDR <- max(10, %d)\n", 3760 sc->sc_dev.dv_xname, rate * 5)); 3761 ctl |= htole32(LSHIFT(MAX(10, rate * 5), ATW_TXCTL_TXDR_MASK)); 3762 3763 /* 3764 * Initialize the transmit descriptors. 3765 */ 3766 for (nexttx = sc->sc_txnext, seg = 0; 3767 seg < dmamap->dm_nsegs; 3768 seg++, nexttx = ATW_NEXTTX(nexttx)) { 3769 /* 3770 * If this is the first descriptor we're 3771 * enqueueing, don't set the OWN bit just 3772 * yet. That could cause a race condition. 3773 * We'll do it below. 3774 */ 3775 txd = &sc->sc_txdescs[nexttx]; 3776 txd->at_ctl = ctl | 3777 ((nexttx == firsttx) ? 0 : htole32(ATW_TXCTL_OWN)); 3778 3779 txd->at_buf1 = htole32(dmamap->dm_segs[seg].ds_addr); 3780 txd->at_flags = 3781 htole32(LSHIFT(dmamap->dm_segs[seg].ds_len, 3782 ATW_TXFLAG_TBS1_MASK)) | 3783 ((nexttx == (ATW_NTXDESC - 1)) 3784 ? htole32(ATW_TXFLAG_TER) : 0); 3785 lasttx = nexttx; 3786 } 3787 3788 IASSERT(lasttx != -1, ("bad lastx")); 3789 /* Set `first segment' and `last segment' appropriately. */ 3790 sc->sc_txdescs[sc->sc_txnext].at_flags |= 3791 htole32(ATW_TXFLAG_FS); 3792 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_LS); 3793 3794#ifdef ATW_DEBUG 3795 if ((ifp->if_flags & IFF_DEBUG) != 0 && atw_debug > 2) { 3796 printf(" txsoft %p transmit chain:\n", txs); 3797 for (seg = sc->sc_txnext;; seg = ATW_NEXTTX(seg)) { 3798 printf(" descriptor %d:\n", seg); 3799 printf(" at_ctl: 0x%08x\n", 3800 le32toh(sc->sc_txdescs[seg].at_ctl)); 3801 printf(" at_flags: 0x%08x\n", 3802 le32toh(sc->sc_txdescs[seg].at_flags)); 3803 printf(" at_buf1: 0x%08x\n", 3804 le32toh(sc->sc_txdescs[seg].at_buf1)); 3805 printf(" at_buf2: 0x%08x\n", 3806 le32toh(sc->sc_txdescs[seg].at_buf2)); 3807 if (seg == lasttx) 3808 break; 3809 } 3810 } 3811#endif 3812 3813 /* Sync the descriptors we're using. */ 3814 ATW_CDTXSYNC(sc, sc->sc_txnext, dmamap->dm_nsegs, 3815 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3816 3817 /* 3818 * Store a pointer to the packet so we can free it later, 3819 * and remember what txdirty will be once the packet is 3820 * done. 3821 */ 3822 txs->txs_mbuf = m0; 3823 txs->txs_firstdesc = sc->sc_txnext; 3824 txs->txs_lastdesc = lasttx; 3825 txs->txs_ndescs = dmamap->dm_nsegs; 3826 3827 /* Advance the tx pointer. */ 3828 sc->sc_txfree -= dmamap->dm_nsegs; 3829 sc->sc_txnext = nexttx; 3830 3831 SIMPLEQ_REMOVE_HEAD(&sc->sc_txfreeq, txs_q); 3832 SIMPLEQ_INSERT_TAIL(&sc->sc_txdirtyq, txs, txs_q); 3833 3834 last_txs = txs; 3835 } 3836 3837 if (txs == NULL || sc->sc_txfree == 0) { 3838 /* No more slots left; notify upper layer. */ 3839 ifp->if_flags |= IFF_OACTIVE; 3840 } 3841 3842 if (sc->sc_txfree != ofree) { 3843 DPRINTF2(sc, ("%s: packets enqueued, IC on %d, OWN on %d\n", 3844 sc->sc_dev.dv_xname, lasttx, firsttx)); 3845 /* 3846 * Cause a transmit interrupt to happen on the 3847 * last packet we enqueued. 3848 */ 3849 sc->sc_txdescs[lasttx].at_flags |= htole32(ATW_TXFLAG_IC); 3850 ATW_CDTXSYNC(sc, lasttx, 1, 3851 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3852 3853 /* 3854 * The entire packet chain is set up. Give the 3855 * first descriptor to the chip now. 3856 */ 3857 sc->sc_txdescs[firsttx].at_ctl |= htole32(ATW_TXCTL_OWN); 3858 ATW_CDTXSYNC(sc, firsttx, 1, 3859 BUS_DMASYNC_PREREAD|BUS_DMASYNC_PREWRITE); 3860 3861 /* Wake up the transmitter. */ 3862 ATW_WRITE(sc, ATW_TDR, 0x1); 3863 3864 /* Set a watchdog timer in case the chip flakes out. */ 3865 sc->sc_tx_timer = 5; 3866 ifp->if_timer = 1; 3867 } 3868} 3869 3870/* 3871 * atw_power: 3872 * 3873 * Power management (suspend/resume) hook. 3874 */ 3875void 3876atw_power(int why, void *arg) 3877{ 3878 struct atw_softc *sc = arg; 3879 struct ifnet *ifp = &sc->sc_if; 3880 int s; 3881 3882 DPRINTF(sc, ("%s: atw_power(%d,)\n", sc->sc_dev.dv_xname, why)); 3883 3884 s = splnet(); 3885 switch (why) { 3886 case PWR_STANDBY: 3887 /* XXX do nothing. */ 3888 break; 3889 case PWR_SUSPEND: 3890 atw_stop(ifp, 0); 3891 if (sc->sc_power != NULL) 3892 (*sc->sc_power)(sc, why); 3893 break; 3894 case PWR_RESUME: 3895 if (ifp->if_flags & IFF_UP) { 3896 if (sc->sc_power != NULL) 3897 (*sc->sc_power)(sc, why); 3898 atw_init(ifp); 3899 } 3900 break; 3901 case PWR_SOFTSUSPEND: 3902 case PWR_SOFTSTANDBY: 3903 case PWR_SOFTRESUME: 3904 break; 3905 } 3906 splx(s); 3907} 3908 3909/* 3910 * atw_ioctl: [ifnet interface function] 3911 * 3912 * Handle control requests from the operator. 3913 */ 3914int 3915atw_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 3916{ 3917 struct atw_softc *sc = ifp->if_softc; 3918 struct ifreq *ifr = (struct ifreq *)data; 3919 int s, error = 0; 3920 3921 /* XXX monkey see, monkey do. comes from wi_ioctl. */ 3922 if ((sc->sc_dev.dv_flags & DVF_ACTIVE) == 0) 3923 return ENXIO; 3924 3925 s = splnet(); 3926 3927 switch (cmd) { 3928 case SIOCSIFFLAGS: 3929 if (ifp->if_flags & IFF_UP) { 3930 if (ATW_IS_ENABLED(sc)) { 3931 /* 3932 * To avoid rescanning another access point, 3933 * do not call atw_init() here. Instead, 3934 * only reflect media settings. 3935 */ 3936 atw_filter_setup(sc); 3937 } else 3938 error = atw_init(ifp); 3939 } else if (ATW_IS_ENABLED(sc)) 3940 atw_stop(ifp, 1); 3941 break; 3942 case SIOCADDMULTI: 3943 case SIOCDELMULTI: 3944 error = (cmd == SIOCADDMULTI) ? 3945 ether_addmulti(ifr, &sc->sc_ec) : 3946 ether_delmulti(ifr, &sc->sc_ec); 3947 if (error == ENETRESET) { 3948 if (ifp->if_flags & IFF_RUNNING) 3949 atw_filter_setup(sc); /* do not rescan */ 3950 error = 0; 3951 } 3952 break; 3953 default: 3954 error = ieee80211_ioctl(&sc->sc_ic, cmd, data); 3955 if (error == ENETRESET) { 3956 if (ATW_IS_ENABLED(sc)) 3957 error = atw_init(ifp); 3958 else 3959 error = 0; 3960 } 3961 break; 3962 } 3963 3964 /* Try to get more packets going. */ 3965 if (ATW_IS_ENABLED(sc)) 3966 atw_start(ifp); 3967 3968 splx(s); 3969 return (error); 3970} 3971 3972static int 3973atw_media_change(struct ifnet *ifp) 3974{ 3975 int error; 3976 3977 error = ieee80211_media_change(ifp); 3978 if (error == ENETRESET) { 3979 if ((ifp->if_flags & (IFF_RUNNING|IFF_UP)) == 3980 (IFF_RUNNING|IFF_UP)) 3981 atw_init(ifp); /* XXX lose error */ 3982 error = 0; 3983 } 3984 return error; 3985} 3986 3987static void 3988atw_media_status(struct ifnet *ifp, struct ifmediareq *imr) 3989{ 3990 struct atw_softc *sc = ifp->if_softc; 3991 3992 if (ATW_IS_ENABLED(sc) == 0) { 3993 imr->ifm_active = IFM_IEEE80211 | IFM_NONE; 3994 imr->ifm_status = 0; 3995 return; 3996 } 3997 ieee80211_media_status(ifp, imr); 3998} 3999