1/* $NetBSD: malo.c,v 1.20 2021/12/24 21:57:49 riastradh Exp $ */ 2/* $OpenBSD: malo.c,v 1.92 2010/08/27 17:08:00 jsg Exp $ */ 3 4/* 5 * Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org> 6 * Copyright (c) 2006 Marcus Glocker <mglocker@openbsd.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__KERNEL_RCSID(0, "$NetBSD: malo.c,v 1.20 2021/12/24 21:57:49 riastradh Exp $"); 23 24#include <sys/param.h> 25#include <sys/types.h> 26 27#include <sys/device.h> 28#include <sys/kernel.h> 29#include <sys/malloc.h> 30#include <sys/mbuf.h> 31#include <sys/proc.h> 32#include <sys/socket.h> 33#include <sys/sockio.h> 34#include <sys/systm.h> 35#include <sys/bus.h> 36 37#include <machine/endian.h> 38#include <machine/intr.h> 39 40#include <net/if.h> 41#include <net/if_media.h> 42#include <net/if_ether.h> 43 44#include <net/bpf.h> 45 46#include <netinet/in.h> 47#include <netinet/in_systm.h> 48 49#include <net80211/ieee80211_var.h> 50#include <net80211/ieee80211_radiotap.h> 51 52#include <dev/firmload.h> 53 54#include <dev/ic/malovar.h> 55#include <dev/ic/maloreg.h> 56 57#ifdef MALO_DEBUG 58int malo_d = 2; 59#define DPRINTF(l, x...) do { if ((l) <= malo_d) printf(x); } while (0) 60#else 61#define DPRINTF(l, x...) 62#endif 63 64/* internal structures and defines */ 65struct malo_node { 66 struct ieee80211_node ni; 67}; 68 69struct malo_rx_data { 70 bus_dmamap_t map; 71 struct mbuf *m; 72}; 73 74struct malo_tx_data { 75 bus_dmamap_t map; 76 struct mbuf *m; 77 uint32_t softstat; 78 struct ieee80211_node *ni; 79}; 80 81/* RX descriptor used by HW */ 82struct malo_rx_desc { 83 uint8_t rxctrl; 84 uint8_t rssi; 85 uint8_t status; 86 uint8_t channel; 87 uint16_t len; 88 uint8_t reserved1; /* actually unused */ 89 uint8_t datarate; 90 uint32_t physdata; /* DMA address of data */ 91 uint32_t physnext; /* DMA address of next control block */ 92 uint16_t qosctrl; 93 uint16_t reserved2; 94} __packed; 95 96/* TX descriptor used by HW */ 97struct malo_tx_desc { 98 uint32_t status; 99#define MALO_TXD_STATUS_IDLE 0x00000000 100#define MALO_TXD_STATUS_USED 0x00000001 101#define MALO_TXD_STATUS_OK 0x00000001 102#define MALO_TXD_STATUS_OK_RETRY 0x00000002 103#define MALO_TXD_STATUS_OK_MORE_RETRY 0x00000004 104#define MALO_TXD_STATUS_MULTICAST_TX 0x00000008 105#define MALO_TXD_STATUS_BROADCAST_TX 0x00000010 106#define MALO_TXD_STATUS_FAILED_LINK_ERROR 0x00000020 107#define MALO_TXD_STATUS_FAILED_EXCEED_LIMIT 0x00000040 108#define MALO_TXD_STATUS_FAILED_XRETRY MALO_TXD_STATUS_FAILED_EXCEED_LIMIT 109#define MALO_TXD_STATUS_FAILED_AGING 0x00000080 110#define MALO_TXD_STATUS_FW_OWNED 0x80000000 111 uint8_t datarate; 112 uint8_t txpriority; 113 uint16_t qosctrl; 114 uint32_t physdata; /* DMA address of data */ 115 uint16_t len; 116 uint8_t destaddr[6]; 117 uint32_t physnext; /* DMA address of next control block */ 118 uint32_t reserved1; /* SAP packet info ??? */ 119 uint32_t reserved2; 120} __packed; 121 122#define MALO_RX_RING_COUNT 256 123#define MALO_TX_RING_COUNT 256 124#define MALO_MAX_SCATTER 8 /* XXX unknown, wild guess */ 125#define MALO_CMD_TIMEOUT 50 /* MALO_CMD_TIMEOUT * 100us */ 126 127/* 128 * Firmware commands 129 */ 130#define MALO_CMD_GET_HW_SPEC 0x0003 131#define MALO_CMD_SET_RADIO 0x001c 132#define MALO_CMD_SET_AID 0x010d 133#define MALO_CMD_SET_TXPOWER 0x001e 134#define MALO_CMD_SET_ANTENNA 0x0020 135#define MALO_CMD_SET_PRESCAN 0x0107 136#define MALO_CMD_SET_POSTSCAN 0x0108 137#define MALO_CMD_SET_RATE 0x0110 138#define MALO_CMD_SET_CHANNEL 0x010a 139#define MALO_CMD_SET_RTS 0x0113 140#define MALO_CMD_SET_SLOT 0x0114 141#define MALO_CMD_RESPONSE 0x8000 142 143#define MALO_CMD_RESULT_OK 0x0000 /* everything is fine */ 144#define MALO_CMD_RESULT_ERROR 0x0001 /* general error */ 145#define MALO_CMD_RESULT_NOSUPPORT 0x0002 /* command not valid */ 146#define MALO_CMD_RESULT_PENDING 0x0003 /* will be processed */ 147#define MALO_CMD_RESULT_BUSY 0x0004 /* command ignored */ 148#define MALO_CMD_RESULT_PARTIALDATA 0x0005 /* buffer too small */ 149 150struct malo_cmdheader { 151 uint16_t cmd; 152 uint16_t size; /* size of the command, incl. header */ 153 uint16_t seqnum; /* seems not to matter that much */ 154 uint16_t result; /* set to 0 on request */ 155 /* following the data payload, up to 256 bytes */ 156}; 157 158struct malo_hw_spec { 159 uint16_t HwVersion; 160 uint16_t NumOfWCB; 161 uint16_t NumOfMCastAdr; 162 uint8_t PermanentAddress[6]; 163 uint16_t RegionCode; 164 uint16_t NumberOfAntenna; 165 uint32_t FWReleaseNumber; 166 uint32_t WcbBase0; 167 uint32_t RxPdWrPtr; 168 uint32_t RxPdRdPtr; 169 uint32_t CookiePtr; 170 uint32_t WcbBase1; 171 uint32_t WcbBase2; 172 uint32_t WcbBase3; 173} __packed; 174 175struct malo_cmd_radio { 176 uint16_t action; 177 uint16_t preamble_mode; 178 uint16_t enable; 179} __packed; 180 181struct malo_cmd_aid { 182 uint16_t associd; 183 uint8_t macaddr[6]; 184 uint32_t gprotection; 185 uint8_t aprates[14]; 186} __packed; 187 188struct malo_cmd_txpower { 189 uint16_t action; 190 uint16_t supportpowerlvl; 191 uint16_t currentpowerlvl; 192 uint16_t reserved; 193 uint16_t powerlvllist[8]; 194} __packed; 195 196struct malo_cmd_antenna { 197 uint16_t action; 198 uint16_t mode; 199} __packed; 200 201struct malo_cmd_postscan { 202 uint32_t isibss; 203 uint8_t bssid[6]; 204} __packed; 205 206struct malo_cmd_channel { 207 uint16_t action; 208 uint8_t channel; 209} __packed; 210 211struct malo_cmd_rate { 212 uint8_t dataratetype; 213 uint8_t rateindex; 214 uint8_t aprates[14]; 215} __packed; 216 217struct malo_cmd_rts { 218 uint16_t action; 219 uint32_t threshold; 220} __packed; 221 222struct malo_cmd_slot { 223 uint16_t action; 224 uint8_t slot; 225} __packed; 226 227#define malo_mem_write4(sc, off, x) \ 228 bus_space_write_4((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 229#define malo_mem_write2(sc, off, x) \ 230 bus_space_write_2((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 231#define malo_mem_write1(sc, off, x) \ 232 bus_space_write_1((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 233 234#define malo_mem_read4(sc, off) \ 235 bus_space_read_4((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off)) 236#define malo_mem_read1(sc, off) \ 237 bus_space_read_1((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off)) 238 239#define malo_ctl_write4(sc, off, x) \ 240 bus_space_write_4((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off), (x)) 241#define malo_ctl_read4(sc, off) \ 242 bus_space_read_4((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off)) 243#define malo_ctl_read1(sc, off) \ 244 bus_space_read_1((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off)) 245 246#define malo_ctl_barrier(sc, t) \ 247 bus_space_barrier((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, 0x0c00, 0xff, (t)) 248 249static int malo_alloc_cmd(struct malo_softc *sc); 250static void malo_free_cmd(struct malo_softc *sc); 251static void malo_send_cmd(struct malo_softc *sc, bus_addr_t addr); 252static int malo_send_cmd_dma(struct malo_softc *sc, bus_addr_t addr); 253static int malo_alloc_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring, 254 int count); 255static void malo_reset_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring); 256static void malo_free_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring); 257static int malo_alloc_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring, 258 int count); 259static void malo_reset_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring); 260static void malo_free_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring); 261static int malo_ioctl(struct ifnet *ifp, u_long cmd, void* data); 262static void malo_start(struct ifnet *ifp); 263static void malo_watchdog(struct ifnet *ifp); 264static int malo_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, 265 int arg); 266static void malo_newassoc(struct ieee80211_node *ni, int isnew); 267static struct ieee80211_node * 268 malo_node_alloc(struct ieee80211_node_table *nt); 269static int malo_media_change(struct ifnet *ifp); 270static void malo_media_status(struct ifnet *ifp, struct ifmediareq *imr); 271static int malo_chip2rate(int chip_rate); 272static int malo_fix2rate(int fix_rate); 273static void malo_next_scan(void *arg); 274static void malo_tx_intr(struct malo_softc *sc); 275static int malo_tx_data(struct malo_softc *sc, struct mbuf *m0, 276 struct ieee80211_node *ni); 277static void malo_tx_setup_desc(struct malo_softc *sc, struct malo_tx_desc *desc, 278 int len, int rate, const bus_dma_segment_t *segs, int nsegs); 279static void malo_rx_intr(struct malo_softc *sc); 280static int malo_load_bootimg(struct malo_softc *sc); 281static int malo_load_firmware(struct malo_softc *sc); 282 283static int malo_set_slot(struct malo_softc *sc); 284static void malo_update_slot(struct ifnet* ifp); 285#ifdef MALO_DEBUG 286static void malo_hexdump(void *buf, int len); 287#endif 288static const char *malo_cmd_string(uint16_t cmd); 289static const char *malo_cmd_string_result(uint16_t result); 290static int malo_cmd_get_spec(struct malo_softc *sc); 291static int malo_cmd_set_prescan(struct malo_softc *sc); 292static int malo_cmd_set_postscan(struct malo_softc *sc, uint8_t *macaddr, 293 uint8_t ibsson); 294static int malo_cmd_set_channel(struct malo_softc *sc, struct ieee80211_channel *chan); 295static int malo_cmd_set_antenna(struct malo_softc *sc, uint16_t antenna_type); 296static int malo_cmd_set_radio(struct malo_softc *sc, uint16_t mode, 297 uint16_t preamble); 298static int malo_cmd_set_aid(struct malo_softc *sc, uint8_t *bssid, 299 uint16_t associd); 300static int malo_cmd_set_txpower(struct malo_softc *sc, unsigned int powerlevel); 301static int malo_cmd_set_rts(struct malo_softc *sc, uint32_t threshold); 302static int malo_cmd_set_slot(struct malo_softc *sc, uint8_t slot); 303static int malo_cmd_set_rate(struct malo_softc *sc, uint8_t rate); 304static void malo_cmd_response(struct malo_softc *sc); 305 306int 307malo_intr(void *arg) 308{ 309 struct malo_softc *sc = arg; 310 uint32_t status; 311 312 status = malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 313 if (status == 0xffffffff || status == 0) 314 /* not for us */ 315 return (0); 316 317 /* disable interrupts */ 318 malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 319 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 320 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0); 321 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0); 322 323 softint_schedule(sc->sc_soft_ih); 324 return (1); 325} 326 327void 328malo_softintr(void *arg) 329{ 330 struct malo_softc *sc = arg; 331 uint32_t status; 332 333 status = malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 334 if (status == 0xffffffff || status == 0) 335 goto out; /* not for us */ 336 337 if (status & MALO_A2HRIC_BIT_TX_DONE) 338 malo_tx_intr(sc); 339 if (status & MALO_A2HRIC_BIT_RX_RDY) 340 malo_rx_intr(sc); 341 if (status & MALO_A2HRIC_BIT_OPC_DONE) { 342 /* XXX cmd done interrupt handling doesn't work yet */ 343 DPRINTF(1, "%s: got cmd done interrupt\n", 344 device_xname(sc->sc_dev)); 345 //malo_cmd_response(sc); 346 } 347 348 if (status & ~0x7) { 349 DPRINTF(1, "%s: unknown interrupt %x\n", 350 device_xname(sc->sc_dev), status); 351 } 352 353 /* just ack the interrupt */ 354 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 355 356out: 357 /* enable interrupts */ 358 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0x1f); 359 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 360 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0x1f); 361 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 362} 363 364int 365malo_attach(struct malo_softc *sc) 366{ 367 struct ieee80211com *ic = &sc->sc_ic; 368 struct ifnet *ifp = &sc->sc_if; 369 int i; 370 371 /* initialize channel scanning timer */ 372 callout_init(&sc->sc_scan_to, 0); 373 callout_setfunc(&sc->sc_scan_to, malo_next_scan, sc); 374 375 /* allocate DMA structures */ 376 malo_alloc_cmd(sc); 377 malo_alloc_rx_ring(sc, &sc->sc_rxring, MALO_RX_RING_COUNT); 378 malo_alloc_tx_ring(sc, &sc->sc_txring, MALO_TX_RING_COUNT); 379 380 /* setup interface */ 381 ifp->if_softc = sc; 382 ifp->if_init = malo_init; 383 ifp->if_stop = malo_stop; 384 ifp->if_ioctl = malo_ioctl; 385 ifp->if_start = malo_start; 386 ifp->if_watchdog = malo_watchdog; 387 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 388 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 389 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 390 IFQ_SET_READY(&ifp->if_snd); 391 392 /* set supported rates */ 393 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 394 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 395 sc->sc_last_txrate = -1; 396 397 /* set channels */ 398 for (i = 1; i <= 14; i++) { 399 ic->ic_channels[i].ic_freq = 400 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 401 ic->ic_channels[i].ic_flags = 402 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 403 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 404 } 405 406 /* OpenBSD supports IEEE80211_C_RSN too */ 407 /* set the rest */ 408 ic->ic_ifp = ifp; 409 ic->ic_caps = 410 IEEE80211_C_IBSS | 411 IEEE80211_C_MONITOR | 412 IEEE80211_C_SHPREAMBLE | 413 IEEE80211_C_SHSLOT | 414 IEEE80211_C_WEP | 415 IEEE80211_C_WPA; 416 ic->ic_opmode = IEEE80211_M_STA; 417 ic->ic_state = IEEE80211_S_INIT; 418 for (i = 0; i < 6; i++) 419 ic->ic_myaddr[i] = malo_ctl_read1(sc, 0xa528 + i); 420 421 /* show our mac address */ 422 aprint_normal_dev(sc->sc_dev, "address %s\n", 423 ether_sprintf(ic->ic_myaddr)); 424 425 /* attach interface */ 426 if_initialize(ifp); 427 ieee80211_ifattach(ic); 428 /* Use common softint-based if_input */ 429 ifp->if_percpuq = if_percpuq_create(ifp); 430 if_register(ifp); 431 432 /* post attach vector functions */ 433 sc->sc_newstate = ic->ic_newstate; 434 ic->ic_newstate = malo_newstate; 435 ic->ic_newassoc = malo_newassoc; 436 ic->ic_node_alloc = malo_node_alloc; 437 ic->ic_updateslot = malo_update_slot; 438 439 ieee80211_media_init(ic, malo_media_change, malo_media_status); 440 441 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 442 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 443 &sc->sc_drvbpf); 444 445 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 446 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 447 sc->sc_rxtap.wr_ihdr.it_present = htole32(MALO_RX_RADIOTAP_PRESENT); 448 449 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 450 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 451 sc->sc_txtap.wt_ihdr.it_present = htole32(MALO_TX_RADIOTAP_PRESENT); 452 453 ieee80211_announce(ic); 454 455 return (0); 456} 457 458int 459malo_detach(void *arg) 460{ 461 struct malo_softc *sc = arg; 462 struct ieee80211com *ic = &sc->sc_ic; 463 struct ifnet *ifp = &sc->sc_if; 464 465 malo_stop(ifp, 1); 466 /* remove channel scanning timer */ 467 callout_destroy(&sc->sc_scan_to); 468 ieee80211_ifdetach(ic); 469 if_detach(ifp); 470 malo_free_cmd(sc); 471 malo_free_rx_ring(sc, &sc->sc_rxring); 472 malo_free_tx_ring(sc, &sc->sc_txring); 473 474 return (0); 475} 476 477static int 478malo_alloc_cmd(struct malo_softc *sc) 479{ 480 int error, nsegs; 481 482 error = bus_dmamap_create(sc->sc_dmat, PAGE_SIZE, 1, 483 PAGE_SIZE, 0, BUS_DMA_ALLOCNOW, &sc->sc_cmd_dmam); 484 if (error != 0) { 485 aprint_error_dev(sc->sc_dev, "can not create DMA tag\n"); 486 return (-1); 487 } 488 489 error = bus_dmamem_alloc(sc->sc_dmat, PAGE_SIZE, PAGE_SIZE, 490 0, &sc->sc_cmd_dmas, 1, &nsegs, BUS_DMA_WAITOK); 491 if (error != 0) { 492 aprint_error_dev(sc->sc_dev, "error alloc dma memory\n"); 493 return (-1); 494 } 495 496 error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cmd_dmas, nsegs, 497 PAGE_SIZE, (void **)&sc->sc_cmd_mem, BUS_DMA_WAITOK); 498 if (error != 0) { 499 aprint_error_dev(sc->sc_dev, "error map dma memory\n"); 500 return (-1); 501 } 502 503 error = bus_dmamap_load(sc->sc_dmat, sc->sc_cmd_dmam, 504 sc->sc_cmd_mem, PAGE_SIZE, NULL, BUS_DMA_NOWAIT); 505 if (error != 0) { 506 aprint_error_dev(sc->sc_dev, "error load dma memory\n"); 507 bus_dmamem_free(sc->sc_dmat, &sc->sc_cmd_dmas, nsegs); 508 return (-1); 509 } 510 511 sc->sc_cookie = sc->sc_cmd_mem; 512 *sc->sc_cookie = htole32(0xaa55aa55); 513 sc->sc_cmd_mem = ((char*)sc->sc_cmd_mem) + sizeof(uint32_t); 514 sc->sc_cookie_dmaaddr = sc->sc_cmd_dmam->dm_segs[0].ds_addr; 515 sc->sc_cmd_dmaaddr = sc->sc_cmd_dmam->dm_segs[0].ds_addr + 516 sizeof(uint32_t); 517 518 return (0); 519} 520 521static void 522malo_free_cmd(struct malo_softc *sc) 523{ 524 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 525 BUS_DMASYNC_POSTWRITE); 526 bus_dmamap_unload(sc->sc_dmat, sc->sc_cmd_dmam); 527 bus_dmamem_unmap(sc->sc_dmat, sc->sc_cookie, PAGE_SIZE); 528 bus_dmamem_free(sc->sc_dmat, &sc->sc_cmd_dmas, 1); 529} 530 531static void 532malo_send_cmd(struct malo_softc *sc, bus_addr_t addr) 533{ 534 malo_ctl_write4(sc, MALO_REG_GEN_PTR, (uint32_t)addr); 535 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 536 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, 2); /* CPU_TRANSFER_CMD */ 537 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 538} 539 540static int 541malo_send_cmd_dma(struct malo_softc *sc, bus_addr_t addr) 542{ 543 int i; 544 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 545 546 malo_send_cmd(sc, addr); 547 548 for (i = 0; i < MALO_CMD_TIMEOUT; i++) { 549 delay(100); 550 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 551 BUS_DMASYNC_POSTWRITE | BUS_DMASYNC_POSTREAD); 552 if (hdr->cmd & htole16(0x8000)) 553 break; 554 } 555 if (i == MALO_CMD_TIMEOUT) { 556 aprint_error_dev(sc->sc_dev, "timeout while waiting for cmd response!\n"); 557 return (ETIMEDOUT); 558 } 559 560 malo_cmd_response(sc); 561 562 return (0); 563} 564 565static int 566malo_alloc_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring, int count) 567{ 568 struct malo_rx_desc *desc; 569 struct malo_rx_data *data; 570 int i, nsegs, error; 571 572 ring->count = count; 573 ring->cur = ring->next = 0; 574 575 error = bus_dmamap_create(sc->sc_dmat, 576 count * sizeof(struct malo_rx_desc), 1, 577 count * sizeof(struct malo_rx_desc), 0, 578 BUS_DMA_NOWAIT, &ring->map); 579 if (error != 0) { 580 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 581 goto fail; 582 } 583 584 error = bus_dmamem_alloc(sc->sc_dmat, 585 count * sizeof(struct malo_rx_desc), 586 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 587 588 if (error != 0) { 589 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 590 goto fail; 591 } 592 593 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 594 count * sizeof(struct malo_rx_desc), (void **)&ring->desc, 595 BUS_DMA_NOWAIT); 596 if (error != 0) { 597 aprint_error_dev(sc->sc_dev, "can't map desc DMA memory\n"); 598 goto fail; 599 } 600 601 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 602 count * sizeof(struct malo_rx_desc), NULL, BUS_DMA_NOWAIT); 603 if (error != 0) { 604 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 605 goto fail; 606 } 607 608 ring->physaddr = ring->map->dm_segs->ds_addr; 609 610 ring->data = malloc(count * sizeof (struct malo_rx_data), M_DEVBUF, 611 M_WAITOK); 612 613 /* 614 * Pre-allocate Rx buffers and populate Rx ring. 615 */ 616 memset(ring->data, 0, count * sizeof (struct malo_rx_data)); 617 for (i = 0; i < count; i++) { 618 desc = &ring->desc[i]; 619 data = &ring->data[i]; 620 621 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 622 0, BUS_DMA_NOWAIT, &data->map); 623 if (error != 0) { 624 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 625 goto fail; 626 } 627 628 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 629 if (data->m == NULL) { 630 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf\n"); 631 error = ENOMEM; 632 goto fail; 633 } 634 635 MCLGET(data->m, M_DONTWAIT); 636 if (!(data->m->m_flags & M_EXT)) { 637 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf cluster\n"); 638 error = ENOMEM; 639 goto fail; 640 } 641 642 error = bus_dmamap_load(sc->sc_dmat, data->map, 643 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 644 if (error != 0) { 645 aprint_error_dev(sc->sc_dev, "could not load rx buf DMA map"); 646 goto fail; 647 } 648 649 desc->status = 1; 650 desc->physdata = htole32(data->map->dm_segs->ds_addr); 651 desc->physnext = htole32(ring->physaddr + 652 (i + 1) % count * sizeof(struct malo_rx_desc)); 653 } 654 655 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 656 BUS_DMASYNC_PREWRITE); 657 658 return (0); 659 660fail: malo_free_rx_ring(sc, ring); 661 return (error); 662} 663 664static void 665malo_reset_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring) 666{ 667 int i; 668 669 for (i = 0; i < ring->count; i++) 670 ring->desc[i].status = 0; 671 672 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 673 BUS_DMASYNC_PREWRITE); 674 675 ring->cur = ring->next = 0; 676} 677 678static void 679malo_free_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring) 680{ 681 struct malo_rx_data *data; 682 int i; 683 684 if (ring->desc != NULL) { 685 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 686 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 687 bus_dmamap_unload(sc->sc_dmat, ring->map); 688 bus_dmamem_unmap(sc->sc_dmat, ring->desc, 689 ring->count * sizeof(struct malo_rx_desc)); 690 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 691 } 692 693 if (ring->data != NULL) { 694 for (i = 0; i < ring->count; i++) { 695 data = &ring->data[i]; 696 697 if (data->m != NULL) { 698 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 699 data->map->dm_mapsize, 700 BUS_DMASYNC_POSTREAD); 701 bus_dmamap_unload(sc->sc_dmat, data->map); 702 m_freem(data->m); 703 } 704 705 if (data->map != NULL) 706 bus_dmamap_destroy(sc->sc_dmat, data->map); 707 } 708 free(ring->data, M_DEVBUF); 709 } 710} 711 712static int 713malo_alloc_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring, 714 int count) 715{ 716 int i, nsegs, error; 717 718 ring->count = count; 719 ring->queued = 0; 720 ring->cur = ring->next = ring->stat = 0; 721 722 error = bus_dmamap_create(sc->sc_dmat, 723 count * sizeof(struct malo_tx_desc), 1, 724 count * sizeof(struct malo_tx_desc), 0, BUS_DMA_NOWAIT, &ring->map); 725 if (error != 0) { 726 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 727 goto fail; 728 } 729 730 error = bus_dmamem_alloc(sc->sc_dmat, 731 count * sizeof(struct malo_tx_desc), PAGE_SIZE, 0, 732 &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 733 if (error != 0) { 734 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 735 goto fail; 736 } 737 738 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 739 count * sizeof(struct malo_tx_desc), (void **)&ring->desc, 740 BUS_DMA_NOWAIT); 741 if (error != 0) { 742 aprint_error_dev(sc->sc_dev, "can't map desc DMA memory\n"); 743 goto fail; 744 } 745 746 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 747 count * sizeof(struct malo_tx_desc), NULL, BUS_DMA_NOWAIT); 748 if (error != 0) { 749 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 750 goto fail; 751 } 752 753 ring->physaddr = ring->map->dm_segs->ds_addr; 754 755 ring->data = malloc(count * sizeof(struct malo_tx_data), M_DEVBUF, 756 M_WAITOK | M_ZERO); 757 758 for (i = 0; i < count; i++) { 759 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 760 MALO_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 761 &ring->data[i].map); 762 if (error != 0) { 763 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 764 goto fail; 765 } 766 ring->desc[i].physnext = htole32(ring->physaddr + 767 (i + 1) % count * sizeof(struct malo_tx_desc)); 768 } 769 770 return (0); 771 772fail: malo_free_tx_ring(sc, ring); 773 return (error); 774} 775 776static void 777malo_reset_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring) 778{ 779 struct malo_tx_desc *desc; 780 struct malo_tx_data *data; 781 int i; 782 783 for (i = 0; i < ring->count; i++) { 784 desc = &ring->desc[i]; 785 data = &ring->data[i]; 786 787 if (data->m != NULL) { 788 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 789 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 790 bus_dmamap_unload(sc->sc_dmat, data->map); 791 m_freem(data->m); 792 data->m = NULL; 793 } 794 795 /* 796 * The node has already been freed at that point so don't call 797 * ieee80211_release_node() here. 798 */ 799 data->ni = NULL; 800 801 desc->status = 0; 802 } 803 804 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 805 BUS_DMASYNC_PREWRITE); 806 807 ring->queued = 0; 808 ring->cur = ring->next = ring->stat = 0; 809} 810 811static void 812malo_free_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring) 813{ 814 struct malo_tx_data *data; 815 int i; 816 817 if (ring->desc != NULL) { 818 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 819 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 820 bus_dmamap_unload(sc->sc_dmat, ring->map); 821 bus_dmamem_unmap(sc->sc_dmat, ring->desc, 822 ring->count * sizeof(struct malo_tx_desc)); 823 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 824 } 825 826 if (ring->data != NULL) { 827 for (i = 0; i < ring->count; i++) { 828 data = &ring->data[i]; 829 830 if (data->m != NULL) { 831 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 832 data->map->dm_mapsize, 833 BUS_DMASYNC_POSTWRITE); 834 bus_dmamap_unload(sc->sc_dmat, data->map); 835 m_freem(data->m); 836 } 837 838 /* 839 * The node has already been freed at that point so 840 * don't call ieee80211_release_node() here. 841 */ 842 data->ni = NULL; 843 844 if (data->map != NULL) 845 bus_dmamap_destroy(sc->sc_dmat, data->map); 846 } 847 free(ring->data, M_DEVBUF); 848 } 849} 850 851int 852malo_init(struct ifnet *ifp) 853{ 854 struct malo_softc *sc = ifp->if_softc; 855 struct ieee80211com *ic = &sc->sc_ic; 856 int error; 857 858 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 859 860 /* if interface already runs stop it first */ 861 if (ifp->if_flags & IFF_RUNNING) 862 malo_stop(ifp, 1); 863 864 /* power on cardbus socket */ 865 if (sc->sc_enable) 866 sc->sc_enable(sc); 867 868 /* disable interrupts */ 869 malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 870 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 871 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0); 872 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0); 873 874 /* load firmware */ 875 if ((error = malo_load_bootimg(sc))) 876 goto fail; 877 if ((error = malo_load_firmware(sc))) 878 goto fail; 879 880 /* enable interrupts */ 881 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0x1f); 882 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 883 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0x1f); 884 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 885 886 if ((error = malo_cmd_get_spec(sc))) 887 goto fail; 888 889 /* select default channel */ 890 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 891 892 /* initialize hardware */ 893 if ((error = malo_cmd_set_channel(sc, ic->ic_bss->ni_chan))) { 894 aprint_error_dev(sc->sc_dev, "setting channel failed!\n"); 895 goto fail; 896 } 897 if ((error = malo_cmd_set_antenna(sc, 1))) { 898 aprint_error_dev(sc->sc_dev, "setting RX antenna failed!\n"); 899 goto fail; 900 } 901 if ((error = malo_cmd_set_antenna(sc, 2))) { 902 aprint_error_dev(sc->sc_dev, "setting TX antenna failed!\n"); 903 goto fail; 904 } 905 if ((error = malo_cmd_set_radio(sc, 1, 5))) { 906 aprint_error_dev(sc->sc_dev, "turn radio on failed!\n"); 907 goto fail; 908 } 909 if ((error = malo_cmd_set_txpower(sc, 100))) { 910 aprint_error_dev(sc->sc_dev, "setting TX power failed!\n"); 911 goto fail; 912 } 913 if ((error = malo_cmd_set_rts(sc, IEEE80211_RTS_MAX))) { 914 aprint_error_dev(sc->sc_dev, "setting RTS failed!\n"); 915 goto fail; 916 } 917 918 ifp->if_flags |= IFF_RUNNING; 919 920 if (ic->ic_opmode != IEEE80211_M_MONITOR) 921 /* start background scanning */ 922 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 923 else 924 /* in monitor mode change directly into run state */ 925 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 926 927 return (0); 928 929fail: 930 /* reset adapter */ 931 DPRINTF(1, "%s: malo_init failed, resetting card\n", 932 device_xname(sc->sc_dev)); 933 malo_stop(ifp, 1); 934 return (error); 935} 936 937static int 938malo_ioctl(struct ifnet *ifp, u_long cmd, void* data) 939{ 940 struct malo_softc *sc = ifp->if_softc; 941 struct ieee80211com *ic = &sc->sc_ic; 942 int s, error = 0; 943 944 s = splnet(); 945 946 switch (cmd) { 947 case SIOCSIFFLAGS: 948 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 949 break; 950 if (ifp->if_flags & IFF_UP) { 951 if ((ifp->if_flags & IFF_RUNNING) == 0) 952 malo_init(ifp); 953 } else { 954 if (ifp->if_flags & IFF_RUNNING) 955 malo_stop(ifp, 1); 956 } 957 break; 958 case SIOCADDMULTI: 959 case SIOCDELMULTI: 960 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 961 /* setup multicast filter, etc */ 962 error = 0; 963 } 964 break; 965 case SIOCS80211CHANNEL: 966 /* allow fast channel switching in monitor mode */ 967 error = ieee80211_ioctl(ic, cmd, data); 968 if (error == ENETRESET && 969 ic->ic_opmode == IEEE80211_M_MONITOR) { 970 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 971 (IFF_UP | IFF_RUNNING)) { 972 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 973 malo_cmd_set_channel(sc, ic->ic_bss->ni_chan); 974 } 975 error = 0; 976 } 977 break; 978 default: 979 error = ieee80211_ioctl(ic, cmd, data); 980 break; 981 } 982 983 if (error == ENETRESET) { 984 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 985 (IFF_UP | IFF_RUNNING)) 986 malo_init(ifp); 987 error = 0; 988 } 989 990 splx(s); 991 992 return (error); 993} 994 995static void 996malo_start(struct ifnet *ifp) 997{ 998 struct malo_softc *sc = ifp->if_softc; 999 struct ieee80211com *ic = &sc->sc_ic; 1000 struct mbuf *m0; 1001 struct ether_header *eh; 1002 struct ieee80211_node *ni = NULL; 1003 1004 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1005 1006 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1007 return; 1008 1009 for (;;) { 1010 IF_POLL(&ic->ic_mgtq, m0); 1011 if (m0 != NULL) { 1012 if (sc->sc_txring.queued >= MALO_TX_RING_COUNT) { 1013 ifp->if_flags |= IFF_OACTIVE; 1014 break; 1015 } 1016 IF_DEQUEUE(&ic->ic_mgtq, m0); 1017 1018 ni = M_GETCTX(m0, struct ieee80211_node *); 1019 M_CLEARCTX(m0); 1020 1021 bpf_mtap3(ic->ic_rawbpf, m0, BPF_D_OUT); 1022 1023 if (malo_tx_data(sc, m0, ni) != 0) 1024 break; 1025 } else { 1026 if (ic->ic_state != IEEE80211_S_RUN) 1027 break; 1028 IFQ_POLL(&ifp->if_snd, m0); 1029 if (m0 == NULL) 1030 break; 1031 if (sc->sc_txring.queued >= MALO_TX_RING_COUNT - 1) { 1032 ifp->if_flags |= IFF_OACTIVE; 1033 break; 1034 } 1035 1036 if (m0->m_len < sizeof (*eh) && 1037 (m0 = m_pullup(m0, sizeof (*eh))) == NULL) { 1038 if_statinc(ifp, if_oerrors); 1039 continue; 1040 } 1041 eh = mtod(m0, struct ether_header *); 1042 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1043 if (ni == NULL) { 1044 m_freem(m0); 1045 if_statinc(ifp, if_oerrors); 1046 continue; 1047 } 1048 1049 // XXX must I call ieee_classify at this point ? 1050 1051 IFQ_DEQUEUE(&ifp->if_snd, m0); 1052 bpf_mtap(ifp, m0, BPF_D_OUT); 1053 1054 m0 = ieee80211_encap(ic, m0, ni); 1055 if (m0 == NULL) 1056 continue; 1057 bpf_mtap3(ic->ic_rawbpf, m0, BPF_D_OUT); 1058 1059 if (malo_tx_data(sc, m0, ni) != 0) { 1060 ieee80211_free_node(ni); 1061 if_statinc(ifp, if_oerrors); 1062 break; 1063 } 1064 } 1065 } 1066} 1067 1068void 1069malo_stop(struct ifnet* ifp, int disable) 1070{ 1071 struct malo_softc *sc = ifp->if_softc; 1072 struct ieee80211com *ic = &sc->sc_ic; 1073 1074 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 1075 1076 /* reset adapter */ 1077 if (ifp->if_flags & IFF_RUNNING) 1078 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, (1 << 15)); 1079 1080 /* device is not running anymore */ 1081 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1082 1083 /* change back to initial state */ 1084 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 1085 1086 /* reset RX / TX rings */ 1087 malo_reset_tx_ring(sc, &sc->sc_txring); 1088 malo_reset_rx_ring(sc, &sc->sc_rxring); 1089 1090 /* set initial rate */ 1091 sc->sc_last_txrate = -1; 1092 1093 /* power off cardbus socket */ 1094 if (sc->sc_disable) 1095 sc->sc_disable(sc); 1096} 1097 1098static void 1099malo_watchdog(struct ifnet *ifp) 1100{ 1101 1102} 1103 1104static int 1105malo_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1106{ 1107 struct ifnet *ifp = ic->ic_ifp; 1108 struct malo_softc *sc = ifp->if_softc; 1109 enum ieee80211_state ostate; 1110 int rate; 1111 1112 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1113 1114 ostate = ic->ic_state; 1115 callout_stop(&sc->sc_scan_to); 1116 1117 switch (nstate) { 1118 case IEEE80211_S_INIT: 1119 DPRINTF(1, "%s: newstate INIT\n", device_xname(sc->sc_dev)); 1120 break; 1121 case IEEE80211_S_SCAN: 1122 DPRINTF(1, "%s: newstate SCAN\n", device_xname(sc->sc_dev)); 1123 if (ostate == IEEE80211_S_INIT) { 1124 if (malo_cmd_set_prescan(sc) != 0) { 1125 DPRINTF(1, "%s: can't set prescan\n", 1126 device_xname(sc->sc_dev)); 1127 } 1128 } else { 1129 malo_cmd_set_channel(sc, ic->ic_curchan); 1130 } 1131 callout_schedule(&sc->sc_scan_to, hz/2); 1132 break; 1133 case IEEE80211_S_AUTH: 1134 DPRINTF(1, "%s: newstate AUTH\n", device_xname(sc->sc_dev)); 1135 malo_cmd_set_postscan(sc, ic->ic_myaddr, 1); 1136 malo_cmd_set_channel(sc, ic->ic_curchan); 1137 break; 1138 case IEEE80211_S_ASSOC: 1139 DPRINTF(1, "%s: newstate ASSOC\n", device_xname(sc->sc_dev)); 1140 malo_cmd_set_channel(sc, ic->ic_curchan); 1141 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1142 malo_cmd_set_radio(sc, 1, 3); /* short preamble */ 1143 else 1144 malo_cmd_set_radio(sc, 1, 1); /* long preamble */ 1145 1146 malo_cmd_set_aid(sc, ic->ic_bss->ni_bssid, 1147 ic->ic_bss->ni_associd); 1148 1149 if (ic->ic_fixed_rate == -1) 1150 /* automatic rate adaption */ 1151 malo_cmd_set_rate(sc, 0); 1152 else { 1153 /* fixed rate */ 1154 rate = malo_fix2rate(ic->ic_fixed_rate); 1155 malo_cmd_set_rate(sc, rate); 1156 } 1157 1158 malo_set_slot(sc); 1159 break; 1160 case IEEE80211_S_RUN: 1161 DPRINTF(1, "%s: newstate RUN\n", device_xname(sc->sc_dev)); 1162 break; 1163 default: 1164 break; 1165 } 1166 1167 return (sc->sc_newstate(ic, nstate, arg)); 1168} 1169 1170static void 1171malo_newassoc(struct ieee80211_node *ni, int isnew) 1172{ 1173} 1174 1175static struct ieee80211_node * 1176malo_node_alloc(struct ieee80211_node_table *nt) 1177{ 1178 struct malo_node *wn; 1179 1180 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1181 if (wn == NULL) 1182 return (NULL); 1183 1184 return ((struct ieee80211_node *)wn); 1185} 1186 1187static int 1188malo_media_change(struct ifnet *ifp) 1189{ 1190 int error; 1191 1192 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 1193 1194 error = ieee80211_media_change(ifp); 1195 if (error != ENETRESET) 1196 return (error); 1197 1198 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1199 malo_init(ifp); 1200 1201 return (0); 1202} 1203 1204static void 1205malo_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1206{ 1207 struct malo_softc *sc = ifp->if_softc; 1208 struct ieee80211com *ic = &sc->sc_ic; 1209 1210 imr->ifm_status = IFM_AVALID; 1211 imr->ifm_active = IFM_IEEE80211; 1212 if (ic->ic_state == IEEE80211_S_RUN) 1213 imr->ifm_status |= IFM_ACTIVE; 1214 1215 /* report last TX rate used by chip */ 1216 imr->ifm_active |= ieee80211_rate2media(ic, sc->sc_last_txrate, 1217 ic->ic_curmode); 1218 1219 switch (ic->ic_opmode) { 1220 case IEEE80211_M_STA: 1221 break; 1222 case IEEE80211_M_IBSS: 1223 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1224 break; 1225 case IEEE80211_M_AHDEMO: 1226 break; 1227 case IEEE80211_M_HOSTAP: 1228 break; 1229 case IEEE80211_M_MONITOR: 1230 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1231 break; 1232 default: 1233 break; 1234 } 1235 1236 switch (ic->ic_curmode) { 1237 case IEEE80211_MODE_11B: 1238 imr->ifm_active |= IFM_IEEE80211_11B; 1239 break; 1240 case IEEE80211_MODE_11G: 1241 imr->ifm_active |= IFM_IEEE80211_11G; 1242 break; 1243 } 1244} 1245 1246static int 1247malo_chip2rate(int chip_rate) 1248{ 1249 switch (chip_rate) { 1250 /* CCK rates */ 1251 case 0: return (2); 1252 case 1: return (4); 1253 case 2: return (11); 1254 case 3: return (22); 1255 1256 /* OFDM rates */ 1257 case 4: return (0); /* reserved */ 1258 case 5: return (12); 1259 case 6: return (18); 1260 case 7: return (24); 1261 case 8: return (36); 1262 case 9: return (48); 1263 case 10: return (72); 1264 case 11: return (96); 1265 case 12: return (108); 1266 1267 /* no rate select yet or unknown rate */ 1268 default: return (-1); 1269 } 1270} 1271 1272static int 1273malo_fix2rate(int fix_rate) 1274{ 1275 switch (fix_rate) { 1276 /* CCK rates */ 1277 case 0: return (2); 1278 case 1: return (4); 1279 case 2: return (11); 1280 case 3: return (22); 1281 1282 /* OFDM rates */ 1283 case 4: return (12); 1284 case 5: return (18); 1285 case 6: return (24); 1286 case 7: return (36); 1287 case 8: return (48); 1288 case 9: return (72); 1289 case 10: return (96); 1290 case 11: return (108); 1291 1292 /* unknown rate: should not happen */ 1293 default: return (0); 1294 } 1295} 1296 1297static void 1298malo_next_scan(void *arg) 1299{ 1300 struct malo_softc *sc = arg; 1301 struct ieee80211com *ic = &sc->sc_ic; 1302 int s; 1303 1304 DPRINTF(1, "%s: %s\n", sc->sc_if.if_xname, __func__); 1305 1306 s = splnet(); 1307 1308 if (ic->ic_state == IEEE80211_S_SCAN) 1309 ieee80211_next_scan(ic); 1310 1311 splx(s); 1312} 1313 1314static void 1315malo_tx_intr(struct malo_softc *sc) 1316{ 1317 struct ifnet *ifp = &sc->sc_if; 1318 struct malo_tx_desc *desc; 1319 struct malo_tx_data *data; 1320 struct malo_node *rn; 1321 int stat, s; 1322 1323 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1324 1325 s = splnet(); 1326 1327 stat = sc->sc_txring.stat; 1328 for (;;) { 1329 desc = &sc->sc_txring.desc[sc->sc_txring.stat]; 1330 data = &sc->sc_txring.data[sc->sc_txring.stat]; 1331 rn = (struct malo_node *)data->ni; 1332 1333 /* check if TX descriptor is not owned by FW anymore */ 1334 if ((le32toh(desc->status) & MALO_TXD_STATUS_FW_OWNED) || 1335 !(le32toh(data->softstat) & MALO_TXD_STATUS_FAILED_AGING)) 1336 break; 1337 1338 /* if no frame has been sent, ignore */ 1339 if (rn == NULL) 1340 goto next; 1341 1342 /* check TX state */ 1343 switch (le32toh(desc->status) & MALO_TXD_STATUS_USED) { 1344 case MALO_TXD_STATUS_OK: 1345 DPRINTF(2, "%s: data frame was sent successfully\n", 1346 device_xname(sc->sc_dev)); 1347 if_statinc(ifp, if_opackets); 1348 break; 1349 default: 1350 DPRINTF(1, "%s: data frame sending error\n", 1351 device_xname(sc->sc_dev)); 1352 if_statinc(ifp, if_oerrors); 1353 break; 1354 } 1355 1356 /* save last used TX rate */ 1357 sc->sc_last_txrate = malo_chip2rate(desc->datarate); 1358 1359 /* cleanup TX data and TX descriptor */ 1360 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1361 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1362 bus_dmamap_unload(sc->sc_dmat, data->map); 1363 m_freem(data->m); 1364 ieee80211_free_node(data->ni); 1365 data->m = NULL; 1366 data->ni = NULL; 1367 data->softstat &= htole32(~0x80); 1368 desc->status = 0; 1369 desc->len = 0; 1370 1371 DPRINTF(2, "%s: tx done idx=%u\n", 1372 device_xname(sc->sc_dev), sc->sc_txring.stat); 1373 1374 sc->sc_txring.queued--; 1375next: 1376 if (++sc->sc_txring.stat >= sc->sc_txring.count) 1377 sc->sc_txring.stat = 0; 1378 if (sc->sc_txring.stat == stat) 1379 break; 1380 } 1381 1382 sc->sc_tx_timer = 0; 1383 ifp->if_flags &= ~IFF_OACTIVE; 1384 malo_start(ifp); 1385 1386 splx(s); 1387} 1388 1389static int 1390malo_tx_data(struct malo_softc *sc, struct mbuf *m0, 1391 struct ieee80211_node *ni) 1392{ 1393 struct ieee80211com *ic = &sc->sc_ic; 1394 struct ifnet *ifp = &sc->sc_if; 1395 struct malo_tx_desc *desc; 1396 struct malo_tx_data *data; 1397 struct ieee80211_frame *wh; 1398 struct ieee80211_key *k; 1399 struct mbuf *mnew; 1400 int error; 1401 1402 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1403 1404 desc = &sc->sc_txring.desc[sc->sc_txring.cur]; 1405 data = &sc->sc_txring.data[sc->sc_txring.cur]; 1406 1407 if (m0->m_len < sizeof(struct ieee80211_frame)) { 1408 m0 = m_pullup(m0, sizeof(struct ieee80211_frame)); 1409 if (m0 == NULL) { 1410 if_statinc(ifp, if_ierrors); 1411 return (ENOBUFS); 1412 } 1413 } 1414 wh = mtod(m0, struct ieee80211_frame *); 1415 1416 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1417 k = ieee80211_crypto_encap(ic, ni, m0); 1418 if (k == NULL) { 1419 m_freem(m0); 1420 return ENOBUFS; 1421 } 1422 1423 /* packet header may have moved, reset our local pointer */ 1424 wh = mtod(m0, struct ieee80211_frame *); 1425 } 1426 1427 if (sc->sc_drvbpf != NULL) { 1428 struct malo_tx_radiotap_hdr *tap = &sc->sc_txtap; 1429 1430 tap->wt_flags = 0; 1431 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1432 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1433 tap->wt_rate = sc->sc_last_txrate; 1434 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1435 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1436 1437 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0, BPF_D_OUT); 1438 } 1439 1440 /* 1441 * inject FW specific fields into the 802.11 frame 1442 * 1443 * 2 bytes FW len (inject) 1444 * 24 bytes 802.11 frame header 1445 * 6 bytes addr4 (inject) 1446 * n bytes 802.11 frame body 1447 * 1448 * For now copy all into a new mcluster. 1449 */ 1450 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1451 if (mnew == NULL) 1452 return (ENOBUFS); 1453 MCLGET(mnew, M_DONTWAIT); 1454 if (!(mnew->m_flags & M_EXT)) { 1455 m_free(mnew); 1456 return (ENOBUFS); 1457 } 1458 1459 *mtod(mnew, uint16_t *) = htole16(m0->m_pkthdr.len - 24); /* FW len */ 1460 memmove(mtod(mnew, char*) + 2, wh, sizeof(*wh)); 1461 memset(mtod(mnew, char*) + 26, 0, 6); 1462 m_copydata(m0, sizeof(*wh), m0->m_pkthdr.len - sizeof(*wh), 1463 mtod(mnew, char*) + 32); 1464 mnew->m_pkthdr.len = mnew->m_len = m0->m_pkthdr.len + 8; 1465 m_freem(m0); 1466 m0 = mnew; 1467 1468 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1469 BUS_DMA_NOWAIT); 1470 if (error != 0) { 1471 aprint_error_dev(sc->sc_dev, "can't map mbuf (error %d)\n", error); 1472 m_freem(m0); 1473 return (error); 1474 } 1475 1476 data->m = m0; 1477 data->ni = ni; 1478 data->softstat |= htole32(0x80); 1479 1480 malo_tx_setup_desc(sc, desc, m0->m_pkthdr.len, 1, 1481 data->map->dm_segs, data->map->dm_nsegs); 1482 1483 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1484 BUS_DMASYNC_PREWRITE); 1485 bus_dmamap_sync(sc->sc_dmat, sc->sc_txring.map, 1486 sc->sc_txring.cur * sizeof(struct malo_tx_desc), 1487 sizeof(struct malo_tx_desc), BUS_DMASYNC_PREWRITE); 1488 1489 DPRINTF(2, "%s: sending frame, pktlen=%u, idx=%u\n", 1490 device_xname(sc->sc_dev), m0->m_pkthdr.len, sc->sc_txring.cur); 1491 1492 sc->sc_txring.queued++; 1493 sc->sc_txring.cur = (sc->sc_txring.cur + 1) % MALO_TX_RING_COUNT; 1494 1495 /* kick data TX */ 1496 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, 1); 1497 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 1498 1499 return (0); 1500} 1501 1502static void 1503malo_tx_setup_desc(struct malo_softc *sc, struct malo_tx_desc *desc, 1504 int len, int rate, const bus_dma_segment_t *segs, int nsegs) 1505{ 1506 desc->len = htole16(segs[0].ds_len); 1507 desc->datarate = rate; /* 0 = mgmt frame, 1 = data frame */ 1508 desc->physdata = htole32(segs[0].ds_addr); 1509 desc->status = htole32(MALO_TXD_STATUS_OK | MALO_TXD_STATUS_FW_OWNED); 1510} 1511 1512static void 1513malo_rx_intr(struct malo_softc *sc) 1514{ 1515 struct ieee80211com *ic = &sc->sc_ic; 1516 struct ifnet *ifp = &sc->sc_if; 1517 struct malo_rx_desc *desc; 1518 struct malo_rx_data *data; 1519 struct ieee80211_frame *wh; 1520 struct ieee80211_node *ni; 1521 struct mbuf *mnew, *m; 1522 uint32_t rxRdPtr, rxWrPtr; 1523 int error, i, s; 1524 1525 rxRdPtr = malo_mem_read4(sc, sc->sc_RxPdRdPtr); 1526 rxWrPtr = malo_mem_read4(sc, sc->sc_RxPdWrPtr); 1527 1528 for (i = 0; i < MALO_RX_RING_COUNT && rxRdPtr != rxWrPtr; i++) { 1529 desc = &sc->sc_rxring.desc[sc->sc_rxring.cur]; 1530 data = &sc->sc_rxring.data[sc->sc_rxring.cur]; 1531 1532 bus_dmamap_sync(sc->sc_dmat, sc->sc_rxring.map, 1533 sc->sc_rxring.cur * sizeof(struct malo_rx_desc), 1534 sizeof(struct malo_rx_desc), BUS_DMASYNC_POSTREAD); 1535 1536 DPRINTF(3, "%s: rx intr idx=%d, rxctrl=0x%02x, rssi=%d, " 1537 "status=0x%02x, channel=%d, len=%d, res1=%02x, rate=%d, " 1538 "physdata=0x%04x, physnext=0x%04x, qosctrl=%02x, res2=%d\n", 1539 device_xname(sc->sc_dev), 1540 sc->sc_rxring.cur, desc->rxctrl, desc->rssi, desc->status, 1541 desc->channel, le16toh(desc->len), desc->reserved1, 1542 desc->datarate, le32toh(desc->physdata), 1543 le32toh(desc->physnext), desc->qosctrl, desc->reserved2); 1544 1545 if ((desc->rxctrl & 0x80) == 0) 1546 break; 1547 1548 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1549 if (mnew == NULL) { 1550 if_statinc(ifp, if_ierrors); 1551 goto skip; 1552 } 1553 1554 MCLGET(mnew, M_DONTWAIT); 1555 if (!(mnew->m_flags & M_EXT)) { 1556 m_freem(mnew); 1557 if_statinc(ifp, if_ierrors); 1558 goto skip; 1559 } 1560 1561 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1562 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1563 bus_dmamap_unload(sc->sc_dmat, data->map); 1564 1565 error = bus_dmamap_load(sc->sc_dmat, data->map, 1566 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1567 if (error != 0) { 1568 m_freem(mnew); 1569 1570 error = bus_dmamap_load(sc->sc_dmat, data->map, 1571 mtod(data->m, void *), MCLBYTES, NULL, 1572 BUS_DMA_NOWAIT); 1573 if (error != 0) { 1574 panic("%s: could not load old rx mbuf", 1575 device_xname(sc->sc_dev)); 1576 } 1577 if_statinc(ifp, if_ierrors); 1578 goto skip; 1579 } 1580 1581 /* 1582 * New mbuf mbuf successfully loaded 1583 */ 1584 m = data->m; 1585 data->m = mnew; 1586 desc->physdata = htole32(data->map->dm_segs->ds_addr); 1587 1588 /* finalize mbuf */ 1589 m_set_rcvif(m, ifp); 1590 m->m_pkthdr.len = m->m_len = le16toh(desc->len); 1591 1592 /* 1593 * cut out FW specific fields from the 802.11 frame 1594 * 1595 * 2 bytes FW len (cut out) 1596 * 24 bytes 802.11 frame header 1597 * 6 bytes addr4 (cut out) 1598 * n bytes 802.11 frame data 1599 */ 1600 memmove(m->m_data +6, m->m_data, 26); 1601 m_adj(m, 8); 1602 1603 s = splnet(); 1604 1605 if (sc->sc_drvbpf != NULL) { 1606 struct malo_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1607 1608 tap->wr_flags = 0; 1609 tap->wr_chan_freq = 1610 htole16(ic->ic_bss->ni_chan->ic_freq); 1611 tap->wr_chan_flags = 1612 htole16(ic->ic_bss->ni_chan->ic_flags); 1613 1614 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m, 1615 BPF_D_IN); 1616 } 1617 1618 wh = mtod(m, struct ieee80211_frame *); 1619 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1620 1621 /* send the frame to the 802.11 layer */ 1622 ieee80211_input(ic, m, ni, desc->rssi, 0); 1623 1624 /* node is no longer needed */ 1625 ieee80211_free_node(ni); 1626 1627 splx(s); 1628 1629skip: 1630 desc->rxctrl = 0; 1631 rxRdPtr = le32toh(desc->physnext); 1632 1633 bus_dmamap_sync(sc->sc_dmat, sc->sc_rxring.map, 1634 sc->sc_rxring.cur * sizeof(struct malo_rx_desc), 1635 sizeof(struct malo_rx_desc), BUS_DMASYNC_PREWRITE); 1636 1637 sc->sc_rxring.cur = (sc->sc_rxring.cur + 1) % 1638 MALO_RX_RING_COUNT; 1639 } 1640 1641 malo_mem_write4(sc, sc->sc_RxPdRdPtr, rxRdPtr); 1642} 1643 1644static int 1645malo_get_firmware(struct malo_softc *sc, const char *name, 1646 uint8_t** firmware_image, size_t* size) 1647{ 1648 firmware_handle_t fw; 1649 int error; 1650 1651 1652 /* load firmware image from disk */ 1653 if ((error = firmware_open("malo", name, &fw)) != 0) { 1654 aprint_error_dev(sc->sc_dev, "could not read firmware file\n"); 1655 return error; 1656 } 1657 1658 *size = firmware_get_size(fw); 1659 1660 *firmware_image = firmware_malloc(*size); 1661 if (*firmware_image == NULL) { 1662 aprint_error_dev(sc->sc_dev, "not enough memory to stock firmware\n"); 1663 error = ENOMEM; 1664 goto fail1; 1665 } 1666 1667 if ((error = firmware_read(fw, 0, *firmware_image, *size)) != 0) { 1668 aprint_error_dev(sc->sc_dev, "can't get firmware\n"); 1669 goto fail2; 1670 } 1671 1672 firmware_close(fw); 1673 1674 return 0; 1675fail2: 1676 firmware_free(*firmware_image, *size); 1677fail1: 1678 firmware_close(fw); 1679 return error; 1680} 1681 1682static int 1683malo_load_bootimg(struct malo_softc *sc) 1684{ 1685 const char *name = "malo8335-h"; 1686 uint8_t *ucode; 1687 size_t size; 1688 int error, i; 1689 1690 /* load boot firmware */ 1691 if ((error = malo_get_firmware(sc, name, &ucode, &size)) != 0) { 1692 aprint_error_dev(sc->sc_dev, "error %d, could not read firmware %s\n", 1693 error, name); 1694 return (EIO); 1695 } 1696 1697 /* 1698 * It seems we are putting this code directly onto the stack of 1699 * the ARM cpu. I don't know why we need to instruct the DMA 1700 * engine to move the code. This is a big riddle without docu. 1701 */ 1702 DPRINTF(1, "%s: loading boot firmware\n", device_xname(sc->sc_dev)); 1703 malo_mem_write2(sc, 0xbef8, 0x001); 1704 malo_mem_write2(sc, 0xbefa, size); 1705 malo_mem_write4(sc, 0xbefc, 0); 1706 1707 bus_space_write_region_1(sc->sc_mem1_bt, sc->sc_mem1_bh, 0xbf00, 1708 ucode, size); 1709 1710 firmware_free(ucode, size); 1711 1712 /* 1713 * we loaded the firmware into card memory now tell the CPU 1714 * to fetch the code and execute it. The memory mapped via the 1715 * first bar is internaly mapped to 0xc0000000. 1716 */ 1717 malo_send_cmd(sc, 0xc000bef8); 1718 1719 /* wait for the device to go into FW loading mode */ 1720 for (i = 0; i < 10; i++) { 1721 delay(50); 1722 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_READ); 1723 if (malo_ctl_read4(sc, 0x0c14) == 0x5) 1724 break; 1725 } 1726 if (i == 10) { 1727 aprint_error_dev(sc->sc_dev, "timeout at boot firmware load!\n"); 1728 return (ETIMEDOUT); 1729 } 1730 1731 /* tell the card we're done and... */ 1732 malo_mem_write2(sc, 0xbef8, 0x001); 1733 malo_mem_write2(sc, 0xbefa, 0); 1734 malo_mem_write4(sc, 0xbefc, 0); 1735 malo_send_cmd(sc, 0xc000bef8); 1736 1737 DPRINTF(1, "%s: boot firmware loaded\n", device_xname(sc->sc_dev)); 1738 1739 return (0); 1740} 1741 1742 1743static int 1744malo_load_firmware(struct malo_softc *sc) 1745{ 1746 struct malo_cmdheader *hdr; 1747 const char *name = "malo8335-m"; 1748 void *data; 1749 uint8_t *ucode; 1750 size_t size, count, bsize; 1751 int i, sn, error; 1752 1753 /* load real firmware now */ 1754 if ((error = malo_get_firmware(sc, name, &ucode, &size)) != 0) { 1755 aprint_error_dev(sc->sc_dev, "error %d, could not read firmware %s\n", 1756 error, name); 1757 return (EIO); 1758 } 1759 1760 DPRINTF(1, "%s: uploading firmware\n", device_xname(sc->sc_dev)); 1761 1762 hdr = sc->sc_cmd_mem; 1763 data = hdr + 1; 1764 sn = 1; 1765 for (count = 0; count < size; count += bsize) { 1766 bsize = MIN(256, size - count); 1767 1768 hdr->cmd = htole16(0x0001); 1769 hdr->size = htole16(bsize); 1770 hdr->seqnum = htole16(sn++); 1771 hdr->result = 0; 1772 1773 memcpy(data, ucode + count, bsize); 1774 1775 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1776 BUS_DMASYNC_PREWRITE); 1777 malo_send_cmd(sc, sc->sc_cmd_dmaaddr); 1778 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1779 BUS_DMASYNC_POSTWRITE); 1780 delay(500); 1781 } 1782 firmware_free(ucode, size); 1783 1784 DPRINTF(1, "%s: firmware upload finished\n", device_xname(sc->sc_dev)); 1785 1786 /* 1787 * send a command with size 0 to tell that the firmware has been 1788 * uploaded 1789 */ 1790 hdr->cmd = htole16(0x0001); 1791 hdr->size = 0; 1792 hdr->seqnum = htole16(sn++); 1793 hdr->result = 0; 1794 1795 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1796 BUS_DMASYNC_PREWRITE); 1797 malo_send_cmd(sc, sc->sc_cmd_dmaaddr); 1798 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1799 BUS_DMASYNC_POSTWRITE); 1800 delay(100); 1801 1802 DPRINTF(1, "%s: loading firmware\n", device_xname(sc->sc_dev)); 1803 1804 /* wait until firmware has been loaded */ 1805 for (i = 0; i < 200; i++) { 1806 malo_ctl_write4(sc, 0x0c10, 0x5a); 1807 delay(500); 1808 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE | 1809 BUS_SPACE_BARRIER_READ); 1810 if (malo_ctl_read4(sc, 0x0c14) == 0xf0f1f2f4) 1811 break; 1812 } 1813 if (i == 200) { 1814 aprint_error_dev(sc->sc_dev, "timeout at firmware load!\n"); 1815 return (ETIMEDOUT); 1816 } 1817 1818 DPRINTF(1, "%s: firmware loaded\n", device_xname(sc->sc_dev)); 1819 1820 return (0); 1821} 1822 1823static int 1824malo_set_slot(struct malo_softc *sc) 1825{ 1826 struct ieee80211com *ic = &sc->sc_ic; 1827 1828 if (ic->ic_flags & IEEE80211_F_SHSLOT) { 1829 /* set short slot */ 1830 if (malo_cmd_set_slot(sc, 1)) { 1831 aprint_error_dev(sc->sc_dev, "setting short slot failed\n"); 1832 return (ENXIO); 1833 } 1834 } else { 1835 /* set long slot */ 1836 if (malo_cmd_set_slot(sc, 0)) { 1837 aprint_error_dev(sc->sc_dev, "setting long slot failed\n"); 1838 return (ENXIO); 1839 } 1840 } 1841 1842 return (0); 1843} 1844 1845static void 1846malo_update_slot(struct ifnet* ifp) 1847{ 1848 struct malo_softc *sc = ifp->if_softc; 1849 struct ieee80211com *ic = &sc->sc_ic; 1850 1851 malo_set_slot(sc); 1852 1853 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1854 /* TODO */ 1855 } 1856} 1857 1858#ifdef MALO_DEBUG 1859static void 1860malo_hexdump(void *buf, int len) 1861{ 1862 u_char b[16]; 1863 int i, j, l; 1864 1865 for (i = 0; i < len; i += l) { 1866 printf("%4i:", i); 1867 l = uimin(sizeof(b), len - i); 1868 memcpy(b, (char*)buf + i, l); 1869 1870 for (j = 0; j < sizeof(b); j++) { 1871 if (j % 2 == 0) 1872 printf(" "); 1873 if (j % 8 == 0) 1874 printf(" "); 1875 if (j < l) 1876 printf("%02x", (int)b[j]); 1877 else 1878 printf(" "); 1879 } 1880 printf(" |"); 1881 for (j = 0; j < l; j++) { 1882 if (b[j] >= 0x20 && b[j] <= 0x7e) 1883 printf("%c", b[j]); 1884 else 1885 printf("."); 1886 } 1887 printf("|\n"); 1888 } 1889} 1890#endif 1891 1892static const char * 1893malo_cmd_string(uint16_t cmd) 1894{ 1895 int i; 1896 static char cmd_buf[16]; 1897 static const struct { 1898 uint16_t cmd_code; 1899 const char *cmd_string; 1900 } cmds[] = { 1901 { MALO_CMD_GET_HW_SPEC, "GetHwSpecifications" }, 1902 { MALO_CMD_SET_RADIO, "SetRadio" }, 1903 { MALO_CMD_SET_AID, "SetAid" }, 1904 { MALO_CMD_SET_TXPOWER, "SetTxPower" }, 1905 { MALO_CMD_SET_ANTENNA, "SetAntenna" }, 1906 { MALO_CMD_SET_PRESCAN, "SetPrescan" }, 1907 { MALO_CMD_SET_POSTSCAN, "SetPostscan" }, 1908 { MALO_CMD_SET_RATE, "SetRate" }, 1909 { MALO_CMD_SET_CHANNEL, "SetChannel" }, 1910 { MALO_CMD_SET_RTS, "SetRTS" }, 1911 { MALO_CMD_SET_SLOT, "SetSlot" }, 1912 }; 1913 1914 for (i = 0; i < sizeof(cmds) / sizeof(cmds[0]); i++) 1915 if ((le16toh(cmd) & 0x7fff) == cmds[i].cmd_code) 1916 return (cmds[i].cmd_string); 1917 1918 snprintf(cmd_buf, sizeof(cmd_buf), "unknown %#x", cmd); 1919 return (cmd_buf); 1920} 1921 1922static const char * 1923malo_cmd_string_result(uint16_t result) 1924{ 1925 int i; 1926 static const struct { 1927 uint16_t result_code; 1928 const char *result_string; 1929 } results[] = { 1930 { MALO_CMD_RESULT_OK, "OK" }, 1931 { MALO_CMD_RESULT_ERROR, "general error" }, 1932 { MALO_CMD_RESULT_NOSUPPORT, "not supported" }, 1933 { MALO_CMD_RESULT_PENDING, "pending" }, 1934 { MALO_CMD_RESULT_BUSY, "ignored" }, 1935 { MALO_CMD_RESULT_PARTIALDATA, "incomplete" }, 1936 }; 1937 1938 for (i = 0; i < sizeof(results) / sizeof(results[0]); i++) 1939 if (le16toh(result) == results[i].result_code) 1940 return (results[i].result_string); 1941 1942 return ("unknown"); 1943} 1944 1945static int 1946malo_cmd_get_spec(struct malo_softc *sc) 1947{ 1948 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 1949 struct malo_hw_spec *spec; 1950 1951 hdr->cmd = htole16(MALO_CMD_GET_HW_SPEC); 1952 hdr->size = htole16(sizeof(*hdr) + sizeof(*spec)); 1953 hdr->seqnum = htole16(42); /* the one and only */ 1954 hdr->result = 0; 1955 spec = (struct malo_hw_spec *)(hdr + 1); 1956 1957 memset(spec, 0, sizeof(*spec)); 1958 memset(spec->PermanentAddress, 0xff, ETHER_ADDR_LEN); 1959 spec->CookiePtr = htole32(sc->sc_cookie_dmaaddr); 1960 1961 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1962 BUS_DMASYNC_PREWRITE|BUS_DMASYNC_PREREAD); 1963 1964 if (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr) != 0) 1965 return (ETIMEDOUT); 1966 1967 /* get the data from the buffer */ 1968 DPRINTF(1, "%s: get_hw_spec: V%x R%x, #WCB %d, #Mcast %d, Regcode %d, " 1969 "#Ant %d\n", device_xname(sc->sc_dev), htole16(spec->HwVersion), 1970 htole32(spec->FWReleaseNumber), htole16(spec->NumOfWCB), 1971 htole16(spec->NumOfMCastAdr), htole16(spec->RegionCode), 1972 htole16(spec->NumberOfAntenna)); 1973 1974 /* tell the DMA engine where our rings are */ 1975 malo_mem_write4(sc, le32toh(spec->RxPdRdPtr) & 0xffff, 1976 sc->sc_rxring.physaddr); 1977 malo_mem_write4(sc, le32toh(spec->RxPdWrPtr) & 0xffff, 1978 sc->sc_rxring.physaddr); 1979 malo_mem_write4(sc, le32toh(spec->WcbBase0) & 0xffff, 1980 sc->sc_txring.physaddr); 1981 1982 /* save DMA RX pointers for later use */ 1983 sc->sc_RxPdRdPtr = le32toh(spec->RxPdRdPtr) & 0xffff; 1984 sc->sc_RxPdWrPtr = le32toh(spec->RxPdWrPtr) & 0xffff; 1985 1986 return (0); 1987} 1988 1989static int 1990malo_cmd_set_prescan(struct malo_softc *sc) 1991{ 1992 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 1993 1994 hdr->cmd = htole16(MALO_CMD_SET_PRESCAN); 1995 hdr->size = htole16(sizeof(*hdr)); 1996 hdr->seqnum = 1; 1997 hdr->result = 0; 1998 1999 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2000 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2001 2002 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2003} 2004 2005static int 2006malo_cmd_set_postscan(struct malo_softc *sc, uint8_t *macaddr, uint8_t ibsson) 2007{ 2008 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2009 struct malo_cmd_postscan *body; 2010 2011 hdr->cmd = htole16(MALO_CMD_SET_POSTSCAN); 2012 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2013 hdr->seqnum = 1; 2014 hdr->result = 0; 2015 body = (struct malo_cmd_postscan *)(hdr + 1); 2016 2017 memset(body, 0, sizeof(*body)); 2018 memcpy(&body->bssid, macaddr, ETHER_ADDR_LEN); 2019 body->isibss = htole32(ibsson); 2020 2021 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2022 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2023 2024 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2025} 2026 2027static int 2028malo_cmd_set_channel(struct malo_softc *sc, struct ieee80211_channel* chan) 2029{ 2030 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2031 struct ieee80211com *ic = &sc->sc_ic; 2032 struct malo_cmd_channel *body; 2033 uint8_t channel; 2034 2035 channel = ieee80211_chan2ieee(ic, chan); 2036 2037 hdr->cmd = htole16(MALO_CMD_SET_CHANNEL); 2038 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2039 hdr->seqnum = 1; 2040 hdr->result = 0; 2041 body = (struct malo_cmd_channel *)(hdr + 1); 2042 2043 memset(body, 0, sizeof(*body)); 2044 body->action = htole16(1); 2045 body->channel = channel; 2046 2047 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2048 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2049 2050 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2051} 2052 2053static int 2054malo_cmd_set_antenna(struct malo_softc *sc, uint16_t antenna) 2055{ 2056 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2057 struct malo_cmd_antenna *body; 2058 2059 hdr->cmd = htole16(MALO_CMD_SET_ANTENNA); 2060 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2061 hdr->seqnum = 1; 2062 hdr->result = 0; 2063 body = (struct malo_cmd_antenna *)(hdr + 1); 2064 2065 memset(body, 0, sizeof(*body)); 2066 body->action = htole16(antenna); 2067 if (antenna == 1) 2068 body->mode = htole16(0xffff); 2069 else 2070 body->mode = htole16(2); 2071 2072 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2073 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2074 2075 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2076} 2077 2078static int 2079malo_cmd_set_radio(struct malo_softc *sc, uint16_t enable, 2080 uint16_t preamble_mode) 2081{ 2082 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2083 struct malo_cmd_radio *body; 2084 2085 hdr->cmd = htole16(MALO_CMD_SET_RADIO); 2086 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2087 hdr->seqnum = 1; 2088 hdr->result = 0; 2089 body = (struct malo_cmd_radio *)(hdr + 1); 2090 2091 memset(body, 0, sizeof(*body)); 2092 body->action = htole16(1); 2093 body->preamble_mode = htole16(preamble_mode); 2094 body->enable = htole16(enable); 2095 2096 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2097 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2098 2099 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2100} 2101 2102static int 2103malo_cmd_set_aid(struct malo_softc *sc, uint8_t *bssid, uint16_t associd) 2104{ 2105 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2106 struct malo_cmd_aid *body; 2107 2108 hdr->cmd = htole16(MALO_CMD_SET_AID); 2109 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2110 hdr->seqnum = 1; 2111 hdr->result = 0; 2112 body = (struct malo_cmd_aid *)(hdr + 1); 2113 2114 memset(body, 0, sizeof(*body)); 2115 body->associd = htole16(associd); 2116 memcpy(&body->macaddr[0], bssid, IEEE80211_ADDR_LEN); 2117 2118 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2119 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2120 2121 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2122} 2123 2124static int 2125malo_cmd_set_txpower(struct malo_softc *sc, unsigned int powerlevel) 2126{ 2127 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2128 struct malo_cmd_txpower *body; 2129 2130 hdr->cmd = htole16(MALO_CMD_SET_TXPOWER); 2131 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2132 hdr->seqnum = 1; 2133 hdr->result = 0; 2134 body = (struct malo_cmd_txpower *)(hdr + 1); 2135 2136 memset(body, 0, sizeof(*body)); 2137 body->action = htole16(1); 2138 if (powerlevel < 30) 2139 body->supportpowerlvl = htole16(5); /* LOW */ 2140 else if (powerlevel < 60) 2141 body->supportpowerlvl = htole16(10); /* MEDIUM */ 2142 else 2143 body->supportpowerlvl = htole16(15); /* HIGH */ 2144 2145 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2146 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2147 2148 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2149} 2150 2151static int 2152malo_cmd_set_rts(struct malo_softc *sc, uint32_t threshold) 2153{ 2154 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2155 struct malo_cmd_rts *body; 2156 2157 hdr->cmd = htole16(MALO_CMD_SET_RTS); 2158 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2159 hdr->seqnum = 1; 2160 hdr->result = 0; 2161 body = (struct malo_cmd_rts *)(hdr + 1); 2162 2163 memset(body, 0, sizeof(*body)); 2164 body->action = htole16(1); 2165 body->threshold = htole32(threshold); 2166 2167 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2168 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2169 2170 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2171} 2172 2173static int 2174malo_cmd_set_slot(struct malo_softc *sc, uint8_t slot) 2175{ 2176 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2177 struct malo_cmd_slot *body; 2178 2179 hdr->cmd = htole16(MALO_CMD_SET_SLOT); 2180 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2181 hdr->seqnum = 1; 2182 hdr->result = 0; 2183 body = (struct malo_cmd_slot *)(hdr + 1); 2184 2185 memset(body, 0, sizeof(*body)); 2186 body->action = htole16(1); 2187 body->slot = slot; 2188 2189 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2190 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2191 2192 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2193} 2194 2195static int 2196malo_cmd_set_rate(struct malo_softc *sc, uint8_t rate) 2197{ 2198 struct ieee80211com *ic = &sc->sc_ic; 2199 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2200 struct malo_cmd_rate *body; 2201 int i; 2202 2203 hdr->cmd = htole16(MALO_CMD_SET_RATE); 2204 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2205 hdr->seqnum = 1; 2206 hdr->result = 0; 2207 body = (struct malo_cmd_rate *)(hdr + 1); 2208 2209 memset(body, 0,sizeof(*body)); 2210 2211 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2212 /* TODO */ 2213 } else 2214 { 2215 body->aprates[0] = 2; 2216 body->aprates[1] = 4; 2217 body->aprates[2] = 11; 2218 body->aprates[3] = 22; 2219 if (ic->ic_curmode == IEEE80211_MODE_11G) { 2220 body->aprates[4] = 0; 2221 body->aprates[5] = 12; 2222 body->aprates[6] = 18; 2223 body->aprates[7] = 24; 2224 body->aprates[8] = 36; 2225 body->aprates[9] = 48; 2226 body->aprates[10] = 72; 2227 body->aprates[11] = 96; 2228 body->aprates[12] = 108; 2229 } 2230 } 2231 2232 if (rate != 0) { 2233 /* fixed rate */ 2234 for (i = 0; i < 13; i++) { 2235 if (body->aprates[i] == rate) { 2236 body->rateindex = i; 2237 body->dataratetype = 1; 2238 break; 2239 } 2240 } 2241 } 2242 2243 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2244 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2245 2246 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2247} 2248 2249static void 2250malo_cmd_response(struct malo_softc *sc) 2251{ 2252 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2253 2254 if (le16toh(hdr->result) != MALO_CMD_RESULT_OK) { 2255 aprint_error_dev(sc->sc_dev, "firmware cmd %s failed with %s\n", 2256 malo_cmd_string(hdr->cmd), 2257 malo_cmd_string_result(hdr->result)); 2258 } 2259 2260#ifdef MALO_DEBUG 2261 aprint_error_dev(sc->sc_dev, "cmd answer for %s=%s\n", 2262 malo_cmd_string(hdr->cmd), 2263 malo_cmd_string_result(hdr->result)); 2264 2265 if (malo_d > 2) 2266 malo_hexdump(hdr, le16toh(hdr->size)); 2267#endif 2268} 2269