malo.c revision 1.17
1/* $NetBSD: malo.c,v 1.17 2019/11/10 21:16:35 chs Exp $ */ 2/* $OpenBSD: malo.c,v 1.92 2010/08/27 17:08:00 jsg Exp $ */ 3 4/* 5 * Copyright (c) 2006 Claudio Jeker <claudio@openbsd.org> 6 * Copyright (c) 2006 Marcus Glocker <mglocker@openbsd.org> 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21#include <sys/cdefs.h> 22__KERNEL_RCSID(0, "$NetBSD: malo.c,v 1.17 2019/11/10 21:16:35 chs Exp $"); 23 24#include <sys/param.h> 25#include <sys/types.h> 26 27#include <sys/device.h> 28#include <sys/kernel.h> 29#include <sys/malloc.h> 30#include <sys/mbuf.h> 31#include <sys/proc.h> 32#include <sys/socket.h> 33#include <sys/sockio.h> 34#include <sys/systm.h> 35#include <sys/bus.h> 36 37#include <machine/endian.h> 38#include <machine/intr.h> 39 40#include <net/if.h> 41#include <net/if_media.h> 42#include <net/if_ether.h> 43 44#include <net/bpf.h> 45 46#include <netinet/in.h> 47#include <netinet/in_systm.h> 48 49#include <net80211/ieee80211_var.h> 50#include <net80211/ieee80211_radiotap.h> 51 52#include <dev/firmload.h> 53 54#include <dev/ic/malovar.h> 55#include <dev/ic/maloreg.h> 56 57#ifdef MALO_DEBUG 58int malo_d = 2; 59#define DPRINTF(l, x...) do { if ((l) <= malo_d) printf(x); } while (0) 60#else 61#define DPRINTF(l, x...) 62#endif 63 64/* internal structures and defines */ 65struct malo_node { 66 struct ieee80211_node ni; 67}; 68 69struct malo_rx_data { 70 bus_dmamap_t map; 71 struct mbuf *m; 72}; 73 74struct malo_tx_data { 75 bus_dmamap_t map; 76 struct mbuf *m; 77 uint32_t softstat; 78 struct ieee80211_node *ni; 79}; 80 81/* RX descriptor used by HW */ 82struct malo_rx_desc { 83 uint8_t rxctrl; 84 uint8_t rssi; 85 uint8_t status; 86 uint8_t channel; 87 uint16_t len; 88 uint8_t reserved1; /* actually unused */ 89 uint8_t datarate; 90 uint32_t physdata; /* DMA address of data */ 91 uint32_t physnext; /* DMA address of next control block */ 92 uint16_t qosctrl; 93 uint16_t reserved2; 94} __packed; 95 96/* TX descriptor used by HW */ 97struct malo_tx_desc { 98 uint32_t status; 99#define MALO_TXD_STATUS_IDLE 0x00000000 100#define MALO_TXD_STATUS_USED 0x00000001 101#define MALO_TXD_STATUS_OK 0x00000001 102#define MALO_TXD_STATUS_OK_RETRY 0x00000002 103#define MALO_TXD_STATUS_OK_MORE_RETRY 0x00000004 104#define MALO_TXD_STATUS_MULTICAST_TX 0x00000008 105#define MALO_TXD_STATUS_BROADCAST_TX 0x00000010 106#define MALO_TXD_STATUS_FAILED_LINK_ERROR 0x00000020 107#define MALO_TXD_STATUS_FAILED_EXCEED_LIMIT 0x00000040 108#define MALO_TXD_STATUS_FAILED_XRETRY MALO_TXD_STATUS_FAILED_EXCEED_LIMIT 109#define MALO_TXD_STATUS_FAILED_AGING 0x00000080 110#define MALO_TXD_STATUS_FW_OWNED 0x80000000 111 uint8_t datarate; 112 uint8_t txpriority; 113 uint16_t qosctrl; 114 uint32_t physdata; /* DMA address of data */ 115 uint16_t len; 116 uint8_t destaddr[6]; 117 uint32_t physnext; /* DMA address of next control block */ 118 uint32_t reserved1; /* SAP packet info ??? */ 119 uint32_t reserved2; 120} __packed; 121 122#define MALO_RX_RING_COUNT 256 123#define MALO_TX_RING_COUNT 256 124#define MALO_MAX_SCATTER 8 /* XXX unknown, wild guess */ 125#define MALO_CMD_TIMEOUT 50 /* MALO_CMD_TIMEOUT * 100us */ 126 127/* 128 * Firmware commands 129 */ 130#define MALO_CMD_GET_HW_SPEC 0x0003 131#define MALO_CMD_SET_RADIO 0x001c 132#define MALO_CMD_SET_AID 0x010d 133#define MALO_CMD_SET_TXPOWER 0x001e 134#define MALO_CMD_SET_ANTENNA 0x0020 135#define MALO_CMD_SET_PRESCAN 0x0107 136#define MALO_CMD_SET_POSTSCAN 0x0108 137#define MALO_CMD_SET_RATE 0x0110 138#define MALO_CMD_SET_CHANNEL 0x010a 139#define MALO_CMD_SET_RTS 0x0113 140#define MALO_CMD_SET_SLOT 0x0114 141#define MALO_CMD_RESPONSE 0x8000 142 143#define MALO_CMD_RESULT_OK 0x0000 /* everything is fine */ 144#define MALO_CMD_RESULT_ERROR 0x0001 /* general error */ 145#define MALO_CMD_RESULT_NOSUPPORT 0x0002 /* command not valid */ 146#define MALO_CMD_RESULT_PENDING 0x0003 /* will be processed */ 147#define MALO_CMD_RESULT_BUSY 0x0004 /* command ignored */ 148#define MALO_CMD_RESULT_PARTIALDATA 0x0005 /* buffer too small */ 149 150struct malo_cmdheader { 151 uint16_t cmd; 152 uint16_t size; /* size of the command, incl. header */ 153 uint16_t seqnum; /* seems not to matter that much */ 154 uint16_t result; /* set to 0 on request */ 155 /* following the data payload, up to 256 bytes */ 156}; 157 158struct malo_hw_spec { 159 uint16_t HwVersion; 160 uint16_t NumOfWCB; 161 uint16_t NumOfMCastAdr; 162 uint8_t PermanentAddress[6]; 163 uint16_t RegionCode; 164 uint16_t NumberOfAntenna; 165 uint32_t FWReleaseNumber; 166 uint32_t WcbBase0; 167 uint32_t RxPdWrPtr; 168 uint32_t RxPdRdPtr; 169 uint32_t CookiePtr; 170 uint32_t WcbBase1; 171 uint32_t WcbBase2; 172 uint32_t WcbBase3; 173} __packed; 174 175struct malo_cmd_radio { 176 uint16_t action; 177 uint16_t preamble_mode; 178 uint16_t enable; 179} __packed; 180 181struct malo_cmd_aid { 182 uint16_t associd; 183 uint8_t macaddr[6]; 184 uint32_t gprotection; 185 uint8_t aprates[14]; 186} __packed; 187 188struct malo_cmd_txpower { 189 uint16_t action; 190 uint16_t supportpowerlvl; 191 uint16_t currentpowerlvl; 192 uint16_t reserved; 193 uint16_t powerlvllist[8]; 194} __packed; 195 196struct malo_cmd_antenna { 197 uint16_t action; 198 uint16_t mode; 199} __packed; 200 201struct malo_cmd_postscan { 202 uint32_t isibss; 203 uint8_t bssid[6]; 204} __packed; 205 206struct malo_cmd_channel { 207 uint16_t action; 208 uint8_t channel; 209} __packed; 210 211struct malo_cmd_rate { 212 uint8_t dataratetype; 213 uint8_t rateindex; 214 uint8_t aprates[14]; 215} __packed; 216 217struct malo_cmd_rts { 218 uint16_t action; 219 uint32_t threshold; 220} __packed; 221 222struct malo_cmd_slot { 223 uint16_t action; 224 uint8_t slot; 225} __packed; 226 227#define malo_mem_write4(sc, off, x) \ 228 bus_space_write_4((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 229#define malo_mem_write2(sc, off, x) \ 230 bus_space_write_2((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 231#define malo_mem_write1(sc, off, x) \ 232 bus_space_write_1((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off), (x)) 233 234#define malo_mem_read4(sc, off) \ 235 bus_space_read_4((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off)) 236#define malo_mem_read1(sc, off) \ 237 bus_space_read_1((sc)->sc_mem1_bt, (sc)->sc_mem1_bh, (off)) 238 239#define malo_ctl_write4(sc, off, x) \ 240 bus_space_write_4((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off), (x)) 241#define malo_ctl_read4(sc, off) \ 242 bus_space_read_4((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off)) 243#define malo_ctl_read1(sc, off) \ 244 bus_space_read_1((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, (off)) 245 246#define malo_ctl_barrier(sc, t) \ 247 bus_space_barrier((sc)->sc_mem2_bt, (sc)->sc_mem2_bh, 0x0c00, 0xff, (t)) 248 249static int malo_alloc_cmd(struct malo_softc *sc); 250static void malo_free_cmd(struct malo_softc *sc); 251static void malo_send_cmd(struct malo_softc *sc, bus_addr_t addr); 252static int malo_send_cmd_dma(struct malo_softc *sc, bus_addr_t addr); 253static int malo_alloc_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring, 254 int count); 255static void malo_reset_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring); 256static void malo_free_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring); 257static int malo_alloc_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring, 258 int count); 259static void malo_reset_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring); 260static void malo_free_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring); 261static int malo_ioctl(struct ifnet *ifp, u_long cmd, void* data); 262static void malo_start(struct ifnet *ifp); 263static void malo_watchdog(struct ifnet *ifp); 264static int malo_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, 265 int arg); 266static void malo_newassoc(struct ieee80211_node *ni, int isnew); 267static struct ieee80211_node * 268 malo_node_alloc(struct ieee80211_node_table *nt); 269static int malo_media_change(struct ifnet *ifp); 270static void malo_media_status(struct ifnet *ifp, struct ifmediareq *imr); 271static int malo_chip2rate(int chip_rate); 272static int malo_fix2rate(int fix_rate); 273static void malo_next_scan(void *arg); 274static void malo_tx_intr(struct malo_softc *sc); 275static int malo_tx_data(struct malo_softc *sc, struct mbuf *m0, 276 struct ieee80211_node *ni); 277static void malo_tx_setup_desc(struct malo_softc *sc, struct malo_tx_desc *desc, 278 int len, int rate, const bus_dma_segment_t *segs, int nsegs); 279static void malo_rx_intr(struct malo_softc *sc); 280static int malo_load_bootimg(struct malo_softc *sc); 281static int malo_load_firmware(struct malo_softc *sc); 282 283static int malo_set_slot(struct malo_softc *sc); 284static void malo_update_slot(struct ifnet* ifp); 285#ifdef MALO_DEBUG 286static void malo_hexdump(void *buf, int len); 287#endif 288static const char *malo_cmd_string(uint16_t cmd); 289static const char *malo_cmd_string_result(uint16_t result); 290static int malo_cmd_get_spec(struct malo_softc *sc); 291static int malo_cmd_set_prescan(struct malo_softc *sc); 292static int malo_cmd_set_postscan(struct malo_softc *sc, uint8_t *macaddr, 293 uint8_t ibsson); 294static int malo_cmd_set_channel(struct malo_softc *sc, struct ieee80211_channel *chan); 295static int malo_cmd_set_antenna(struct malo_softc *sc, uint16_t antenna_type); 296static int malo_cmd_set_radio(struct malo_softc *sc, uint16_t mode, 297 uint16_t preamble); 298static int malo_cmd_set_aid(struct malo_softc *sc, uint8_t *bssid, 299 uint16_t associd); 300static int malo_cmd_set_txpower(struct malo_softc *sc, unsigned int powerlevel); 301static int malo_cmd_set_rts(struct malo_softc *sc, uint32_t threshold); 302static int malo_cmd_set_slot(struct malo_softc *sc, uint8_t slot); 303static int malo_cmd_set_rate(struct malo_softc *sc, uint8_t rate); 304static void malo_cmd_response(struct malo_softc *sc); 305 306int 307malo_intr(void *arg) 308{ 309 struct malo_softc *sc = arg; 310 uint32_t status; 311 312 status = malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 313 if (status == 0xffffffff || status == 0) 314 /* not for us */ 315 return (0); 316 317 /* disable interrupts */ 318 malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 319 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 320 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0); 321 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0); 322 323 softint_schedule(sc->sc_soft_ih); 324 return (1); 325} 326 327void 328malo_softintr(void *arg) 329{ 330 struct malo_softc *sc = arg; 331 uint32_t status; 332 333 status = malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 334 if (status == 0xffffffff || status == 0) 335 goto out; /* not for us */ 336 337 if (status & MALO_A2HRIC_BIT_TX_DONE) 338 malo_tx_intr(sc); 339 if (status & MALO_A2HRIC_BIT_RX_RDY) 340 malo_rx_intr(sc); 341 if (status & MALO_A2HRIC_BIT_OPC_DONE) { 342 /* XXX cmd done interrupt handling doesn't work yet */ 343 DPRINTF(1, "%s: got cmd done interrupt\n", 344 device_xname(sc->sc_dev)); 345 //malo_cmd_response(sc); 346 } 347 348 if (status & ~0x7) { 349 DPRINTF(1, "%s: unknown interrupt %x\n", 350 device_xname(sc->sc_dev), status); 351 } 352 353 /* just ack the interrupt */ 354 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 355 356out: 357 /* enable interrupts */ 358 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0x1f); 359 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 360 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0x1f); 361 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 362} 363 364int 365malo_attach(struct malo_softc *sc) 366{ 367 struct ieee80211com *ic = &sc->sc_ic; 368 struct ifnet *ifp = &sc->sc_if; 369 int i, rv; 370 371 /* initialize channel scanning timer */ 372 callout_init(&sc->sc_scan_to, 0); 373 callout_setfunc(&sc->sc_scan_to, malo_next_scan, sc); 374 375 /* allocate DMA structures */ 376 malo_alloc_cmd(sc); 377 malo_alloc_rx_ring(sc, &sc->sc_rxring, MALO_RX_RING_COUNT); 378 malo_alloc_tx_ring(sc, &sc->sc_txring, MALO_TX_RING_COUNT); 379 380 /* setup interface */ 381 ifp->if_softc = sc; 382 ifp->if_init = malo_init; 383 ifp->if_stop = malo_stop; 384 ifp->if_ioctl = malo_ioctl; 385 ifp->if_start = malo_start; 386 ifp->if_watchdog = malo_watchdog; 387 ifp->if_flags = IFF_SIMPLEX | IFF_BROADCAST | IFF_MULTICAST; 388 memcpy(ifp->if_xname, device_xname(sc->sc_dev), IFNAMSIZ); 389 IFQ_SET_MAXLEN(&ifp->if_snd, IFQ_MAXLEN); 390 IFQ_SET_READY(&ifp->if_snd); 391 392 /* set supported rates */ 393 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 394 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 395 sc->sc_last_txrate = -1; 396 397 /* set channels */ 398 for (i = 1; i <= 14; i++) { 399 ic->ic_channels[i].ic_freq = 400 ieee80211_ieee2mhz(i, IEEE80211_CHAN_2GHZ); 401 ic->ic_channels[i].ic_flags = 402 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 403 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 404 } 405 406 /* OpenBSD supports IEEE80211_C_RSN too */ 407 /* set the rest */ 408 ic->ic_ifp = ifp; 409 ic->ic_caps = 410 IEEE80211_C_IBSS | 411 IEEE80211_C_MONITOR | 412 IEEE80211_C_SHPREAMBLE | 413 IEEE80211_C_SHSLOT | 414 IEEE80211_C_WEP | 415 IEEE80211_C_WPA; 416 ic->ic_opmode = IEEE80211_M_STA; 417 ic->ic_state = IEEE80211_S_INIT; 418 for (i = 0; i < 6; i++) 419 ic->ic_myaddr[i] = malo_ctl_read1(sc, 0xa528 + i); 420 421 /* show our mac address */ 422 aprint_normal(", address %s\n", ether_sprintf(ic->ic_myaddr)); 423 424 /* attach interface */ 425 rv = if_initialize(ifp); 426 if (rv != 0) { 427 aprint_error_dev(sc->sc_dev, "if_initialize failed(%d)\n", rv); 428 malo_free_tx_ring(sc, &sc->sc_txring); 429 malo_free_rx_ring(sc, &sc->sc_rxring); 430 malo_free_cmd(sc); 431 callout_destroy(&sc->sc_scan_to); 432 433 return rv; /* Error */ 434 } 435 ieee80211_ifattach(ic); 436 /* Use common softint-based if_input */ 437 ifp->if_percpuq = if_percpuq_create(ifp); 438 if_register(ifp); 439 440 /* post attach vector functions */ 441 sc->sc_newstate = ic->ic_newstate; 442 ic->ic_newstate = malo_newstate; 443 ic->ic_newassoc = malo_newassoc; 444 ic->ic_node_alloc = malo_node_alloc; 445 ic->ic_updateslot = malo_update_slot; 446 447 ieee80211_media_init(ic, malo_media_change, malo_media_status); 448 449 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 450 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 451 &sc->sc_drvbpf); 452 453 sc->sc_rxtap_len = sizeof(sc->sc_rxtapu); 454 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 455 sc->sc_rxtap.wr_ihdr.it_present = htole32(MALO_RX_RADIOTAP_PRESENT); 456 457 sc->sc_txtap_len = sizeof(sc->sc_txtapu); 458 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 459 sc->sc_txtap.wt_ihdr.it_present = htole32(MALO_TX_RADIOTAP_PRESENT); 460 461 ieee80211_announce(ic); 462 463 return (0); 464} 465 466int 467malo_detach(void *arg) 468{ 469 struct malo_softc *sc = arg; 470 struct ieee80211com *ic = &sc->sc_ic; 471 struct ifnet *ifp = &sc->sc_if; 472 473 malo_stop(ifp, 1); 474 /* remove channel scanning timer */ 475 callout_destroy(&sc->sc_scan_to); 476 ieee80211_ifdetach(ic); 477 if_detach(ifp); 478 malo_free_cmd(sc); 479 malo_free_rx_ring(sc, &sc->sc_rxring); 480 malo_free_tx_ring(sc, &sc->sc_txring); 481 482 return (0); 483} 484 485static int 486malo_alloc_cmd(struct malo_softc *sc) 487{ 488 int error, nsegs; 489 490 error = bus_dmamap_create(sc->sc_dmat, PAGE_SIZE, 1, 491 PAGE_SIZE, 0, BUS_DMA_ALLOCNOW, &sc->sc_cmd_dmam); 492 if (error != 0) { 493 aprint_error_dev(sc->sc_dev, "can not create DMA tag\n"); 494 return (-1); 495 } 496 497 error = bus_dmamem_alloc(sc->sc_dmat, PAGE_SIZE, PAGE_SIZE, 498 0, &sc->sc_cmd_dmas, 1, &nsegs, BUS_DMA_WAITOK); 499 if (error != 0) { 500 aprint_error_dev(sc->sc_dev, "error alloc dma memory\n"); 501 return (-1); 502 } 503 504 error = bus_dmamem_map(sc->sc_dmat, &sc->sc_cmd_dmas, nsegs, 505 PAGE_SIZE, (void **)&sc->sc_cmd_mem, BUS_DMA_WAITOK); 506 if (error != 0) { 507 aprint_error_dev(sc->sc_dev, "error map dma memory\n"); 508 return (-1); 509 } 510 511 error = bus_dmamap_load(sc->sc_dmat, sc->sc_cmd_dmam, 512 sc->sc_cmd_mem, PAGE_SIZE, NULL, BUS_DMA_NOWAIT); 513 if (error != 0) { 514 aprint_error_dev(sc->sc_dev, "error load dma memory\n"); 515 bus_dmamem_free(sc->sc_dmat, &sc->sc_cmd_dmas, nsegs); 516 return (-1); 517 } 518 519 sc->sc_cookie = sc->sc_cmd_mem; 520 *sc->sc_cookie = htole32(0xaa55aa55); 521 sc->sc_cmd_mem = ((char*)sc->sc_cmd_mem) + sizeof(uint32_t); 522 sc->sc_cookie_dmaaddr = sc->sc_cmd_dmam->dm_segs[0].ds_addr; 523 sc->sc_cmd_dmaaddr = sc->sc_cmd_dmam->dm_segs[0].ds_addr + 524 sizeof(uint32_t); 525 526 return (0); 527} 528 529static void 530malo_free_cmd(struct malo_softc *sc) 531{ 532 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 533 BUS_DMASYNC_POSTWRITE); 534 bus_dmamap_unload(sc->sc_dmat, sc->sc_cmd_dmam); 535 bus_dmamem_unmap(sc->sc_dmat, sc->sc_cookie, PAGE_SIZE); 536 bus_dmamem_free(sc->sc_dmat, &sc->sc_cmd_dmas, 1); 537} 538 539static void 540malo_send_cmd(struct malo_softc *sc, bus_addr_t addr) 541{ 542 malo_ctl_write4(sc, MALO_REG_GEN_PTR, (uint32_t)addr); 543 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 544 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, 2); /* CPU_TRANSFER_CMD */ 545 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 546} 547 548static int 549malo_send_cmd_dma(struct malo_softc *sc, bus_addr_t addr) 550{ 551 int i; 552 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 553 554 malo_send_cmd(sc, addr); 555 556 for (i = 0; i < MALO_CMD_TIMEOUT; i++) { 557 delay(100); 558 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 559 BUS_DMASYNC_POSTWRITE | BUS_DMASYNC_POSTREAD); 560 if (hdr->cmd & htole16(0x8000)) 561 break; 562 } 563 if (i == MALO_CMD_TIMEOUT) { 564 aprint_error_dev(sc->sc_dev, "timeout while waiting for cmd response!\n"); 565 return (ETIMEDOUT); 566 } 567 568 malo_cmd_response(sc); 569 570 return (0); 571} 572 573static int 574malo_alloc_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring, int count) 575{ 576 struct malo_rx_desc *desc; 577 struct malo_rx_data *data; 578 int i, nsegs, error; 579 580 ring->count = count; 581 ring->cur = ring->next = 0; 582 583 error = bus_dmamap_create(sc->sc_dmat, 584 count * sizeof(struct malo_rx_desc), 1, 585 count * sizeof(struct malo_rx_desc), 0, 586 BUS_DMA_NOWAIT, &ring->map); 587 if (error != 0) { 588 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 589 goto fail; 590 } 591 592 error = bus_dmamem_alloc(sc->sc_dmat, 593 count * sizeof(struct malo_rx_desc), 594 PAGE_SIZE, 0, &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 595 596 if (error != 0) { 597 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 598 goto fail; 599 } 600 601 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 602 count * sizeof(struct malo_rx_desc), (void **)&ring->desc, 603 BUS_DMA_NOWAIT); 604 if (error != 0) { 605 aprint_error_dev(sc->sc_dev, "can't map desc DMA memory\n"); 606 goto fail; 607 } 608 609 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 610 count * sizeof(struct malo_rx_desc), NULL, BUS_DMA_NOWAIT); 611 if (error != 0) { 612 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 613 goto fail; 614 } 615 616 ring->physaddr = ring->map->dm_segs->ds_addr; 617 618 ring->data = malloc(count * sizeof (struct malo_rx_data), M_DEVBUF, 619 M_WAITOK); 620 621 /* 622 * Pre-allocate Rx buffers and populate Rx ring. 623 */ 624 memset(ring->data, 0, count * sizeof (struct malo_rx_data)); 625 for (i = 0; i < count; i++) { 626 desc = &ring->desc[i]; 627 data = &ring->data[i]; 628 629 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 1, MCLBYTES, 630 0, BUS_DMA_NOWAIT, &data->map); 631 if (error != 0) { 632 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 633 goto fail; 634 } 635 636 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 637 if (data->m == NULL) { 638 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf\n"); 639 error = ENOMEM; 640 goto fail; 641 } 642 643 MCLGET(data->m, M_DONTWAIT); 644 if (!(data->m->m_flags & M_EXT)) { 645 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf cluster\n"); 646 error = ENOMEM; 647 goto fail; 648 } 649 650 error = bus_dmamap_load(sc->sc_dmat, data->map, 651 mtod(data->m, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 652 if (error != 0) { 653 aprint_error_dev(sc->sc_dev, "could not load rx buf DMA map"); 654 goto fail; 655 } 656 657 desc->status = 1; 658 desc->physdata = htole32(data->map->dm_segs->ds_addr); 659 desc->physnext = htole32(ring->physaddr + 660 (i + 1) % count * sizeof(struct malo_rx_desc)); 661 } 662 663 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 664 BUS_DMASYNC_PREWRITE); 665 666 return (0); 667 668fail: malo_free_rx_ring(sc, ring); 669 return (error); 670} 671 672static void 673malo_reset_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring) 674{ 675 int i; 676 677 for (i = 0; i < ring->count; i++) 678 ring->desc[i].status = 0; 679 680 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 681 BUS_DMASYNC_PREWRITE); 682 683 ring->cur = ring->next = 0; 684} 685 686static void 687malo_free_rx_ring(struct malo_softc *sc, struct malo_rx_ring *ring) 688{ 689 struct malo_rx_data *data; 690 int i; 691 692 if (ring->desc != NULL) { 693 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 694 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 695 bus_dmamap_unload(sc->sc_dmat, ring->map); 696 bus_dmamem_unmap(sc->sc_dmat, ring->desc, 697 ring->count * sizeof(struct malo_rx_desc)); 698 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 699 } 700 701 if (ring->data != NULL) { 702 for (i = 0; i < ring->count; i++) { 703 data = &ring->data[i]; 704 705 if (data->m != NULL) { 706 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 707 data->map->dm_mapsize, 708 BUS_DMASYNC_POSTREAD); 709 bus_dmamap_unload(sc->sc_dmat, data->map); 710 m_freem(data->m); 711 } 712 713 if (data->map != NULL) 714 bus_dmamap_destroy(sc->sc_dmat, data->map); 715 } 716 free(ring->data, M_DEVBUF); 717 } 718} 719 720static int 721malo_alloc_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring, 722 int count) 723{ 724 int i, nsegs, error; 725 726 ring->count = count; 727 ring->queued = 0; 728 ring->cur = ring->next = ring->stat = 0; 729 730 error = bus_dmamap_create(sc->sc_dmat, 731 count * sizeof(struct malo_tx_desc), 1, 732 count * sizeof(struct malo_tx_desc), 0, BUS_DMA_NOWAIT, &ring->map); 733 if (error != 0) { 734 aprint_error_dev(sc->sc_dev, "could not create desc DMA map\n"); 735 goto fail; 736 } 737 738 error = bus_dmamem_alloc(sc->sc_dmat, 739 count * sizeof(struct malo_tx_desc), PAGE_SIZE, 0, 740 &ring->seg, 1, &nsegs, BUS_DMA_NOWAIT); 741 if (error != 0) { 742 aprint_error_dev(sc->sc_dev, "could not allocate DMA memory\n"); 743 goto fail; 744 } 745 746 error = bus_dmamem_map(sc->sc_dmat, &ring->seg, nsegs, 747 count * sizeof(struct malo_tx_desc), (void **)&ring->desc, 748 BUS_DMA_NOWAIT); 749 if (error != 0) { 750 aprint_error_dev(sc->sc_dev, "can't map desc DMA memory\n"); 751 goto fail; 752 } 753 754 error = bus_dmamap_load(sc->sc_dmat, ring->map, ring->desc, 755 count * sizeof(struct malo_tx_desc), NULL, BUS_DMA_NOWAIT); 756 if (error != 0) { 757 aprint_error_dev(sc->sc_dev, "could not load desc DMA map\n"); 758 goto fail; 759 } 760 761 ring->physaddr = ring->map->dm_segs->ds_addr; 762 763 ring->data = malloc(count * sizeof(struct malo_tx_data), M_DEVBUF, 764 M_WAITOK | M_ZERO); 765 766 for (i = 0; i < count; i++) { 767 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 768 MALO_MAX_SCATTER, MCLBYTES, 0, BUS_DMA_NOWAIT, 769 &ring->data[i].map); 770 if (error != 0) { 771 aprint_error_dev(sc->sc_dev, "could not create DMA map\n"); 772 goto fail; 773 } 774 ring->desc[i].physnext = htole32(ring->physaddr + 775 (i + 1) % count * sizeof(struct malo_tx_desc)); 776 } 777 778 return (0); 779 780fail: malo_free_tx_ring(sc, ring); 781 return (error); 782} 783 784static void 785malo_reset_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring) 786{ 787 struct malo_tx_desc *desc; 788 struct malo_tx_data *data; 789 int i; 790 791 for (i = 0; i < ring->count; i++) { 792 desc = &ring->desc[i]; 793 data = &ring->data[i]; 794 795 if (data->m != NULL) { 796 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 797 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 798 bus_dmamap_unload(sc->sc_dmat, data->map); 799 m_freem(data->m); 800 data->m = NULL; 801 } 802 803 /* 804 * The node has already been freed at that point so don't call 805 * ieee80211_release_node() here. 806 */ 807 data->ni = NULL; 808 809 desc->status = 0; 810 } 811 812 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, ring->map->dm_mapsize, 813 BUS_DMASYNC_PREWRITE); 814 815 ring->queued = 0; 816 ring->cur = ring->next = ring->stat = 0; 817} 818 819static void 820malo_free_tx_ring(struct malo_softc *sc, struct malo_tx_ring *ring) 821{ 822 struct malo_tx_data *data; 823 int i; 824 825 if (ring->desc != NULL) { 826 bus_dmamap_sync(sc->sc_dmat, ring->map, 0, 827 ring->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 828 bus_dmamap_unload(sc->sc_dmat, ring->map); 829 bus_dmamem_unmap(sc->sc_dmat, ring->desc, 830 ring->count * sizeof(struct malo_tx_desc)); 831 bus_dmamem_free(sc->sc_dmat, &ring->seg, 1); 832 } 833 834 if (ring->data != NULL) { 835 for (i = 0; i < ring->count; i++) { 836 data = &ring->data[i]; 837 838 if (data->m != NULL) { 839 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 840 data->map->dm_mapsize, 841 BUS_DMASYNC_POSTWRITE); 842 bus_dmamap_unload(sc->sc_dmat, data->map); 843 m_freem(data->m); 844 } 845 846 /* 847 * The node has already been freed at that point so 848 * don't call ieee80211_release_node() here. 849 */ 850 data->ni = NULL; 851 852 if (data->map != NULL) 853 bus_dmamap_destroy(sc->sc_dmat, data->map); 854 } 855 free(ring->data, M_DEVBUF); 856 } 857} 858 859int 860malo_init(struct ifnet *ifp) 861{ 862 struct malo_softc *sc = ifp->if_softc; 863 struct ieee80211com *ic = &sc->sc_ic; 864 int error; 865 866 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 867 868 /* if interface already runs stop it first */ 869 if (ifp->if_flags & IFF_RUNNING) 870 malo_stop(ifp, 1); 871 872 /* power on cardbus socket */ 873 if (sc->sc_enable) 874 sc->sc_enable(sc); 875 876 /* disable interrupts */ 877 malo_ctl_read4(sc, MALO_REG_A2H_INTERRUPT_CAUSE); 878 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_CAUSE, 0); 879 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0); 880 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0); 881 882 /* load firmware */ 883 if ((error = malo_load_bootimg(sc))) 884 goto fail; 885 if ((error = malo_load_firmware(sc))) 886 goto fail; 887 888 /* enable interrupts */ 889 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_MASK, 0x1f); 890 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 891 malo_ctl_write4(sc, MALO_REG_A2H_INTERRUPT_STATUS_MASK, 0x1f); 892 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 893 894 if ((error = malo_cmd_get_spec(sc))) 895 goto fail; 896 897 /* select default channel */ 898 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 899 900 /* initialize hardware */ 901 if ((error = malo_cmd_set_channel(sc, ic->ic_bss->ni_chan))) { 902 aprint_error_dev(sc->sc_dev, "setting channel failed!\n"); 903 goto fail; 904 } 905 if ((error = malo_cmd_set_antenna(sc, 1))) { 906 aprint_error_dev(sc->sc_dev, "setting RX antenna failed!\n"); 907 goto fail; 908 } 909 if ((error = malo_cmd_set_antenna(sc, 2))) { 910 aprint_error_dev(sc->sc_dev, "setting TX antenna failed!\n"); 911 goto fail; 912 } 913 if ((error = malo_cmd_set_radio(sc, 1, 5))) { 914 aprint_error_dev(sc->sc_dev, "turn radio on failed!\n"); 915 goto fail; 916 } 917 if ((error = malo_cmd_set_txpower(sc, 100))) { 918 aprint_error_dev(sc->sc_dev, "setting TX power failed!\n"); 919 goto fail; 920 } 921 if ((error = malo_cmd_set_rts(sc, IEEE80211_RTS_MAX))) { 922 aprint_error_dev(sc->sc_dev, "setting RTS failed!\n"); 923 goto fail; 924 } 925 926 ifp->if_flags |= IFF_RUNNING; 927 928 if (ic->ic_opmode != IEEE80211_M_MONITOR) 929 /* start background scanning */ 930 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 931 else 932 /* in monitor mode change directly into run state */ 933 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 934 935 return (0); 936 937fail: 938 /* reset adapter */ 939 DPRINTF(1, "%s: malo_init failed, resetting card\n", 940 device_xname(sc->sc_dev)); 941 malo_stop(ifp, 1); 942 return (error); 943} 944 945static int 946malo_ioctl(struct ifnet *ifp, u_long cmd, void* data) 947{ 948 struct malo_softc *sc = ifp->if_softc; 949 struct ieee80211com *ic = &sc->sc_ic; 950 int s, error = 0; 951 952 s = splnet(); 953 954 switch (cmd) { 955 case SIOCSIFFLAGS: 956 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 957 break; 958 if (ifp->if_flags & IFF_UP) { 959 if ((ifp->if_flags & IFF_RUNNING) == 0) 960 malo_init(ifp); 961 } else { 962 if (ifp->if_flags & IFF_RUNNING) 963 malo_stop(ifp, 1); 964 } 965 break; 966 case SIOCADDMULTI: 967 case SIOCDELMULTI: 968 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 969 /* setup multicast filter, etc */ 970 error = 0; 971 } 972 break; 973 case SIOCS80211CHANNEL: 974 /* allow fast channel switching in monitor mode */ 975 error = ieee80211_ioctl(ic, cmd, data); 976 if (error == ENETRESET && 977 ic->ic_opmode == IEEE80211_M_MONITOR) { 978 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 979 (IFF_UP | IFF_RUNNING)) { 980 ic->ic_bss->ni_chan = ic->ic_ibss_chan; 981 malo_cmd_set_channel(sc, ic->ic_bss->ni_chan); 982 } 983 error = 0; 984 } 985 break; 986 default: 987 error = ieee80211_ioctl(ic, cmd, data); 988 break; 989 } 990 991 if (error == ENETRESET) { 992 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == 993 (IFF_UP | IFF_RUNNING)) 994 malo_init(ifp); 995 error = 0; 996 } 997 998 splx(s); 999 1000 return (error); 1001} 1002 1003static void 1004malo_start(struct ifnet *ifp) 1005{ 1006 struct malo_softc *sc = ifp->if_softc; 1007 struct ieee80211com *ic = &sc->sc_ic; 1008 struct mbuf *m0; 1009 struct ether_header *eh; 1010 struct ieee80211_node *ni = NULL; 1011 1012 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1013 1014 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1015 return; 1016 1017 for (;;) { 1018 IF_POLL(&ic->ic_mgtq, m0); 1019 if (m0 != NULL) { 1020 if (sc->sc_txring.queued >= MALO_TX_RING_COUNT) { 1021 ifp->if_flags |= IFF_OACTIVE; 1022 break; 1023 } 1024 IF_DEQUEUE(&ic->ic_mgtq, m0); 1025 1026 ni = M_GETCTX(m0, struct ieee80211_node *); 1027 M_CLEARCTX(m0); 1028 1029 bpf_mtap3(ic->ic_rawbpf, m0, BPF_D_OUT); 1030 1031 if (malo_tx_data(sc, m0, ni) != 0) 1032 break; 1033 } else { 1034 if (ic->ic_state != IEEE80211_S_RUN) 1035 break; 1036 IFQ_POLL(&ifp->if_snd, m0); 1037 if (m0 == NULL) 1038 break; 1039 if (sc->sc_txring.queued >= MALO_TX_RING_COUNT - 1) { 1040 ifp->if_flags |= IFF_OACTIVE; 1041 break; 1042 } 1043 1044 if (m0->m_len < sizeof (*eh) && 1045 (m0 = m_pullup(m0, sizeof (*eh))) == NULL) { 1046 ifp->if_oerrors++; 1047 continue; 1048 } 1049 eh = mtod(m0, struct ether_header *); 1050 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1051 if (ni == NULL) { 1052 m_freem(m0); 1053 ifp->if_oerrors++; 1054 continue; 1055 } 1056 1057 // XXX must I call ieee_classify at this point ? 1058 1059 IFQ_DEQUEUE(&ifp->if_snd, m0); 1060 bpf_mtap(ifp, m0, BPF_D_OUT); 1061 1062 m0 = ieee80211_encap(ic, m0, ni); 1063 if (m0 == NULL) 1064 continue; 1065 bpf_mtap3(ic->ic_rawbpf, m0, BPF_D_OUT); 1066 1067 if (malo_tx_data(sc, m0, ni) != 0) { 1068 ieee80211_free_node(ni); 1069 ifp->if_oerrors++; 1070 break; 1071 } 1072 } 1073 } 1074} 1075 1076void 1077malo_stop(struct ifnet* ifp, int disable) 1078{ 1079 struct malo_softc *sc = ifp->if_softc; 1080 struct ieee80211com *ic = &sc->sc_ic; 1081 1082 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 1083 1084 /* reset adapter */ 1085 if (ifp->if_flags & IFF_RUNNING) 1086 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, (1 << 15)); 1087 1088 /* device is not running anymore */ 1089 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 1090 1091 /* change back to initial state */ 1092 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 1093 1094 /* reset RX / TX rings */ 1095 malo_reset_tx_ring(sc, &sc->sc_txring); 1096 malo_reset_rx_ring(sc, &sc->sc_rxring); 1097 1098 /* set initial rate */ 1099 sc->sc_last_txrate = -1; 1100 1101 /* power off cardbus socket */ 1102 if (sc->sc_disable) 1103 sc->sc_disable(sc); 1104} 1105 1106static void 1107malo_watchdog(struct ifnet *ifp) 1108{ 1109 1110} 1111 1112static int 1113malo_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 1114{ 1115 struct ifnet *ifp = ic->ic_ifp; 1116 struct malo_softc *sc = ifp->if_softc; 1117 enum ieee80211_state ostate; 1118 int rate; 1119 1120 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1121 1122 ostate = ic->ic_state; 1123 callout_stop(&sc->sc_scan_to); 1124 1125 switch (nstate) { 1126 case IEEE80211_S_INIT: 1127 DPRINTF(1, "%s: newstate INIT\n", device_xname(sc->sc_dev)); 1128 break; 1129 case IEEE80211_S_SCAN: 1130 DPRINTF(1, "%s: newstate SCAN\n", device_xname(sc->sc_dev)); 1131 if (ostate == IEEE80211_S_INIT) { 1132 if (malo_cmd_set_prescan(sc) != 0) { 1133 DPRINTF(1, "%s: can't set prescan\n", 1134 device_xname(sc->sc_dev)); 1135 } 1136 } else { 1137 malo_cmd_set_channel(sc, ic->ic_curchan); 1138 } 1139 callout_schedule(&sc->sc_scan_to, hz/2); 1140 break; 1141 case IEEE80211_S_AUTH: 1142 DPRINTF(1, "%s: newstate AUTH\n", device_xname(sc->sc_dev)); 1143 malo_cmd_set_postscan(sc, ic->ic_myaddr, 1); 1144 malo_cmd_set_channel(sc, ic->ic_curchan); 1145 break; 1146 case IEEE80211_S_ASSOC: 1147 DPRINTF(1, "%s: newstate ASSOC\n", device_xname(sc->sc_dev)); 1148 malo_cmd_set_channel(sc, ic->ic_curchan); 1149 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 1150 malo_cmd_set_radio(sc, 1, 3); /* short preamble */ 1151 else 1152 malo_cmd_set_radio(sc, 1, 1); /* long preamble */ 1153 1154 malo_cmd_set_aid(sc, ic->ic_bss->ni_bssid, 1155 ic->ic_bss->ni_associd); 1156 1157 if (ic->ic_fixed_rate == -1) 1158 /* automatic rate adaption */ 1159 malo_cmd_set_rate(sc, 0); 1160 else { 1161 /* fixed rate */ 1162 rate = malo_fix2rate(ic->ic_fixed_rate); 1163 malo_cmd_set_rate(sc, rate); 1164 } 1165 1166 malo_set_slot(sc); 1167 break; 1168 case IEEE80211_S_RUN: 1169 DPRINTF(1, "%s: newstate RUN\n", device_xname(sc->sc_dev)); 1170 break; 1171 default: 1172 break; 1173 } 1174 1175 return (sc->sc_newstate(ic, nstate, arg)); 1176} 1177 1178static void 1179malo_newassoc(struct ieee80211_node *ni, int isnew) 1180{ 1181} 1182 1183static struct ieee80211_node * 1184malo_node_alloc(struct ieee80211_node_table *nt) 1185{ 1186 struct malo_node *wn; 1187 1188 wn = malloc(sizeof(*wn), M_DEVBUF, M_NOWAIT | M_ZERO); 1189 if (wn == NULL) 1190 return (NULL); 1191 1192 return ((struct ieee80211_node *)wn); 1193} 1194 1195static int 1196malo_media_change(struct ifnet *ifp) 1197{ 1198 int error; 1199 1200 DPRINTF(1, "%s: %s\n", ifp->if_xname, __func__); 1201 1202 error = ieee80211_media_change(ifp); 1203 if (error != ENETRESET) 1204 return (error); 1205 1206 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 1207 malo_init(ifp); 1208 1209 return (0); 1210} 1211 1212static void 1213malo_media_status(struct ifnet *ifp, struct ifmediareq *imr) 1214{ 1215 struct malo_softc *sc = ifp->if_softc; 1216 struct ieee80211com *ic = &sc->sc_ic; 1217 1218 imr->ifm_status = IFM_AVALID; 1219 imr->ifm_active = IFM_IEEE80211; 1220 if (ic->ic_state == IEEE80211_S_RUN) 1221 imr->ifm_status |= IFM_ACTIVE; 1222 1223 /* report last TX rate used by chip */ 1224 imr->ifm_active |= ieee80211_rate2media(ic, sc->sc_last_txrate, 1225 ic->ic_curmode); 1226 1227 switch (ic->ic_opmode) { 1228 case IEEE80211_M_STA: 1229 break; 1230 case IEEE80211_M_IBSS: 1231 imr->ifm_active |= IFM_IEEE80211_ADHOC; 1232 break; 1233 case IEEE80211_M_AHDEMO: 1234 break; 1235 case IEEE80211_M_HOSTAP: 1236 break; 1237 case IEEE80211_M_MONITOR: 1238 imr->ifm_active |= IFM_IEEE80211_MONITOR; 1239 break; 1240 default: 1241 break; 1242 } 1243 1244 switch (ic->ic_curmode) { 1245 case IEEE80211_MODE_11B: 1246 imr->ifm_active |= IFM_IEEE80211_11B; 1247 break; 1248 case IEEE80211_MODE_11G: 1249 imr->ifm_active |= IFM_IEEE80211_11G; 1250 break; 1251 } 1252} 1253 1254static int 1255malo_chip2rate(int chip_rate) 1256{ 1257 switch (chip_rate) { 1258 /* CCK rates */ 1259 case 0: return (2); 1260 case 1: return (4); 1261 case 2: return (11); 1262 case 3: return (22); 1263 1264 /* OFDM rates */ 1265 case 4: return (0); /* reserved */ 1266 case 5: return (12); 1267 case 6: return (18); 1268 case 7: return (24); 1269 case 8: return (36); 1270 case 9: return (48); 1271 case 10: return (72); 1272 case 11: return (96); 1273 case 12: return (108); 1274 1275 /* no rate select yet or unknown rate */ 1276 default: return (-1); 1277 } 1278} 1279 1280static int 1281malo_fix2rate(int fix_rate) 1282{ 1283 switch (fix_rate) { 1284 /* CCK rates */ 1285 case 0: return (2); 1286 case 1: return (4); 1287 case 2: return (11); 1288 case 3: return (22); 1289 1290 /* OFDM rates */ 1291 case 4: return (12); 1292 case 5: return (18); 1293 case 6: return (24); 1294 case 7: return (36); 1295 case 8: return (48); 1296 case 9: return (72); 1297 case 10: return (96); 1298 case 11: return (108); 1299 1300 /* unknown rate: should not happen */ 1301 default: return (0); 1302 } 1303} 1304 1305static void 1306malo_next_scan(void *arg) 1307{ 1308 struct malo_softc *sc = arg; 1309 struct ieee80211com *ic = &sc->sc_ic; 1310 int s; 1311 1312 DPRINTF(1, "%s: %s\n", sc->sc_if.if_xname, __func__); 1313 1314 s = splnet(); 1315 1316 if (ic->ic_state == IEEE80211_S_SCAN) 1317 ieee80211_next_scan(ic); 1318 1319 splx(s); 1320} 1321 1322static void 1323malo_tx_intr(struct malo_softc *sc) 1324{ 1325 struct ifnet *ifp = &sc->sc_if; 1326 struct malo_tx_desc *desc; 1327 struct malo_tx_data *data; 1328 struct malo_node *rn; 1329 int stat, s; 1330 1331 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1332 1333 s = splnet(); 1334 1335 stat = sc->sc_txring.stat; 1336 for (;;) { 1337 desc = &sc->sc_txring.desc[sc->sc_txring.stat]; 1338 data = &sc->sc_txring.data[sc->sc_txring.stat]; 1339 rn = (struct malo_node *)data->ni; 1340 1341 /* check if TX descriptor is not owned by FW anymore */ 1342 if ((le32toh(desc->status) & MALO_TXD_STATUS_FW_OWNED) || 1343 !(le32toh(data->softstat) & MALO_TXD_STATUS_FAILED_AGING)) 1344 break; 1345 1346 /* if no frame has been sent, ignore */ 1347 if (rn == NULL) 1348 goto next; 1349 1350 /* check TX state */ 1351 switch (le32toh(desc->status) & MALO_TXD_STATUS_USED) { 1352 case MALO_TXD_STATUS_OK: 1353 DPRINTF(2, "%s: data frame was sent successfully\n", 1354 device_xname(sc->sc_dev)); 1355 ifp->if_opackets++; 1356 break; 1357 default: 1358 DPRINTF(1, "%s: data frame sending error\n", 1359 device_xname(sc->sc_dev)); 1360 ifp->if_oerrors++; 1361 break; 1362 } 1363 1364 /* save last used TX rate */ 1365 sc->sc_last_txrate = malo_chip2rate(desc->datarate); 1366 1367 /* cleanup TX data and TX descriptor */ 1368 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1369 data->map->dm_mapsize, BUS_DMASYNC_POSTWRITE); 1370 bus_dmamap_unload(sc->sc_dmat, data->map); 1371 m_freem(data->m); 1372 ieee80211_free_node(data->ni); 1373 data->m = NULL; 1374 data->ni = NULL; 1375 data->softstat &= htole32(~0x80); 1376 desc->status = 0; 1377 desc->len = 0; 1378 1379 DPRINTF(2, "%s: tx done idx=%u\n", 1380 device_xname(sc->sc_dev), sc->sc_txring.stat); 1381 1382 sc->sc_txring.queued--; 1383next: 1384 if (++sc->sc_txring.stat >= sc->sc_txring.count) 1385 sc->sc_txring.stat = 0; 1386 if (sc->sc_txring.stat == stat) 1387 break; 1388 } 1389 1390 sc->sc_tx_timer = 0; 1391 ifp->if_flags &= ~IFF_OACTIVE; 1392 malo_start(ifp); 1393 1394 splx(s); 1395} 1396 1397static int 1398malo_tx_data(struct malo_softc *sc, struct mbuf *m0, 1399 struct ieee80211_node *ni) 1400{ 1401 struct ieee80211com *ic = &sc->sc_ic; 1402 struct ifnet *ifp = &sc->sc_if; 1403 struct malo_tx_desc *desc; 1404 struct malo_tx_data *data; 1405 struct ieee80211_frame *wh; 1406 struct ieee80211_key *k; 1407 struct mbuf *mnew; 1408 int error; 1409 1410 DPRINTF(2, "%s: %s\n", device_xname(sc->sc_dev), __func__); 1411 1412 desc = &sc->sc_txring.desc[sc->sc_txring.cur]; 1413 data = &sc->sc_txring.data[sc->sc_txring.cur]; 1414 1415 if (m0->m_len < sizeof(struct ieee80211_frame)) { 1416 m0 = m_pullup(m0, sizeof(struct ieee80211_frame)); 1417 if (m0 == NULL) { 1418 ifp->if_ierrors++; 1419 return (ENOBUFS); 1420 } 1421 } 1422 wh = mtod(m0, struct ieee80211_frame *); 1423 1424 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1425 k = ieee80211_crypto_encap(ic, ni, m0); 1426 if (k == NULL) { 1427 m_freem(m0); 1428 return ENOBUFS; 1429 } 1430 1431 /* packet header may have moved, reset our local pointer */ 1432 wh = mtod(m0, struct ieee80211_frame *); 1433 } 1434 1435 if (sc->sc_drvbpf != NULL) { 1436 struct malo_tx_radiotap_hdr *tap = &sc->sc_txtap; 1437 1438 tap->wt_flags = 0; 1439 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1440 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1441 tap->wt_rate = sc->sc_last_txrate; 1442 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1443 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1444 1445 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0, BPF_D_OUT); 1446 } 1447 1448 /* 1449 * inject FW specific fields into the 802.11 frame 1450 * 1451 * 2 bytes FW len (inject) 1452 * 24 bytes 802.11 frame header 1453 * 6 bytes addr4 (inject) 1454 * n bytes 802.11 frame body 1455 * 1456 * For now copy all into a new mcluster. 1457 */ 1458 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1459 if (mnew == NULL) 1460 return (ENOBUFS); 1461 MCLGET(mnew, M_DONTWAIT); 1462 if (!(mnew->m_flags & M_EXT)) { 1463 m_free(mnew); 1464 return (ENOBUFS); 1465 } 1466 1467 *mtod(mnew, uint16_t *) = htole16(m0->m_pkthdr.len - 24); /* FW len */ 1468 memmove(mtod(mnew, char*) + 2, wh, sizeof(*wh)); 1469 memset(mtod(mnew, char*) + 26, 0, 6); 1470 m_copydata(m0, sizeof(*wh), m0->m_pkthdr.len - sizeof(*wh), 1471 mtod(mnew, char*) + 32); 1472 mnew->m_pkthdr.len = mnew->m_len = m0->m_pkthdr.len + 8; 1473 m_freem(m0); 1474 m0 = mnew; 1475 1476 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1477 BUS_DMA_NOWAIT); 1478 if (error != 0) { 1479 aprint_error_dev(sc->sc_dev, "can't map mbuf (error %d)\n", error); 1480 m_freem(m0); 1481 return (error); 1482 } 1483 1484 data->m = m0; 1485 data->ni = ni; 1486 data->softstat |= htole32(0x80); 1487 1488 malo_tx_setup_desc(sc, desc, m0->m_pkthdr.len, 1, 1489 data->map->dm_segs, data->map->dm_nsegs); 1490 1491 bus_dmamap_sync(sc->sc_dmat, data->map, 0, data->map->dm_mapsize, 1492 BUS_DMASYNC_PREWRITE); 1493 bus_dmamap_sync(sc->sc_dmat, sc->sc_txring.map, 1494 sc->sc_txring.cur * sizeof(struct malo_tx_desc), 1495 sizeof(struct malo_tx_desc), BUS_DMASYNC_PREWRITE); 1496 1497 DPRINTF(2, "%s: sending frame, pktlen=%u, idx=%u\n", 1498 device_xname(sc->sc_dev), m0->m_pkthdr.len, sc->sc_txring.cur); 1499 1500 sc->sc_txring.queued++; 1501 sc->sc_txring.cur = (sc->sc_txring.cur + 1) % MALO_TX_RING_COUNT; 1502 1503 /* kick data TX */ 1504 malo_ctl_write4(sc, MALO_REG_H2A_INTERRUPT_EVENTS, 1); 1505 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE); 1506 1507 return (0); 1508} 1509 1510static void 1511malo_tx_setup_desc(struct malo_softc *sc, struct malo_tx_desc *desc, 1512 int len, int rate, const bus_dma_segment_t *segs, int nsegs) 1513{ 1514 desc->len = htole16(segs[0].ds_len); 1515 desc->datarate = rate; /* 0 = mgmt frame, 1 = data frame */ 1516 desc->physdata = htole32(segs[0].ds_addr); 1517 desc->status = htole32(MALO_TXD_STATUS_OK | MALO_TXD_STATUS_FW_OWNED); 1518} 1519 1520static void 1521malo_rx_intr(struct malo_softc *sc) 1522{ 1523 struct ieee80211com *ic = &sc->sc_ic; 1524 struct ifnet *ifp = &sc->sc_if; 1525 struct malo_rx_desc *desc; 1526 struct malo_rx_data *data; 1527 struct ieee80211_frame *wh; 1528 struct ieee80211_node *ni; 1529 struct mbuf *mnew, *m; 1530 uint32_t rxRdPtr, rxWrPtr; 1531 int error, i, s; 1532 1533 rxRdPtr = malo_mem_read4(sc, sc->sc_RxPdRdPtr); 1534 rxWrPtr = malo_mem_read4(sc, sc->sc_RxPdWrPtr); 1535 1536 for (i = 0; i < MALO_RX_RING_COUNT && rxRdPtr != rxWrPtr; i++) { 1537 desc = &sc->sc_rxring.desc[sc->sc_rxring.cur]; 1538 data = &sc->sc_rxring.data[sc->sc_rxring.cur]; 1539 1540 bus_dmamap_sync(sc->sc_dmat, sc->sc_rxring.map, 1541 sc->sc_rxring.cur * sizeof(struct malo_rx_desc), 1542 sizeof(struct malo_rx_desc), BUS_DMASYNC_POSTREAD); 1543 1544 DPRINTF(3, "%s: rx intr idx=%d, rxctrl=0x%02x, rssi=%d, " 1545 "status=0x%02x, channel=%d, len=%d, res1=%02x, rate=%d, " 1546 "physdata=0x%04x, physnext=0x%04x, qosctrl=%02x, res2=%d\n", 1547 device_xname(sc->sc_dev), 1548 sc->sc_rxring.cur, desc->rxctrl, desc->rssi, desc->status, 1549 desc->channel, le16toh(desc->len), desc->reserved1, 1550 desc->datarate, le32toh(desc->physdata), 1551 le32toh(desc->physnext), desc->qosctrl, desc->reserved2); 1552 1553 if ((desc->rxctrl & 0x80) == 0) 1554 break; 1555 1556 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1557 if (mnew == NULL) { 1558 ifp->if_ierrors++; 1559 goto skip; 1560 } 1561 1562 MCLGET(mnew, M_DONTWAIT); 1563 if (!(mnew->m_flags & M_EXT)) { 1564 m_freem(mnew); 1565 ifp->if_ierrors++; 1566 goto skip; 1567 } 1568 1569 bus_dmamap_sync(sc->sc_dmat, data->map, 0, 1570 data->map->dm_mapsize, BUS_DMASYNC_POSTREAD); 1571 bus_dmamap_unload(sc->sc_dmat, data->map); 1572 1573 error = bus_dmamap_load(sc->sc_dmat, data->map, 1574 mtod(mnew, void *), MCLBYTES, NULL, BUS_DMA_NOWAIT); 1575 if (error != 0) { 1576 m_freem(mnew); 1577 1578 error = bus_dmamap_load(sc->sc_dmat, data->map, 1579 mtod(data->m, void *), MCLBYTES, NULL, 1580 BUS_DMA_NOWAIT); 1581 if (error != 0) { 1582 panic("%s: could not load old rx mbuf", 1583 device_xname(sc->sc_dev)); 1584 } 1585 ifp->if_ierrors++; 1586 goto skip; 1587 } 1588 1589 /* 1590 * New mbuf mbuf successfully loaded 1591 */ 1592 m = data->m; 1593 data->m = mnew; 1594 desc->physdata = htole32(data->map->dm_segs->ds_addr); 1595 1596 /* finalize mbuf */ 1597 m_set_rcvif(m, ifp); 1598 m->m_pkthdr.len = m->m_len = le16toh(desc->len); 1599 1600 /* 1601 * cut out FW specific fields from the 802.11 frame 1602 * 1603 * 2 bytes FW len (cut out) 1604 * 24 bytes 802.11 frame header 1605 * 6 bytes addr4 (cut out) 1606 * n bytes 802.11 frame data 1607 */ 1608 memmove(m->m_data +6, m->m_data, 26); 1609 m_adj(m, 8); 1610 1611 s = splnet(); 1612 1613 if (sc->sc_drvbpf != NULL) { 1614 struct malo_rx_radiotap_hdr *tap = &sc->sc_rxtap; 1615 1616 tap->wr_flags = 0; 1617 tap->wr_chan_freq = 1618 htole16(ic->ic_bss->ni_chan->ic_freq); 1619 tap->wr_chan_flags = 1620 htole16(ic->ic_bss->ni_chan->ic_flags); 1621 1622 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m, 1623 BPF_D_IN); 1624 } 1625 1626 wh = mtod(m, struct ieee80211_frame *); 1627 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1628 1629 /* send the frame to the 802.11 layer */ 1630 ieee80211_input(ic, m, ni, desc->rssi, 0); 1631 1632 /* node is no longer needed */ 1633 ieee80211_free_node(ni); 1634 1635 splx(s); 1636 1637skip: 1638 desc->rxctrl = 0; 1639 rxRdPtr = le32toh(desc->physnext); 1640 1641 bus_dmamap_sync(sc->sc_dmat, sc->sc_rxring.map, 1642 sc->sc_rxring.cur * sizeof(struct malo_rx_desc), 1643 sizeof(struct malo_rx_desc), BUS_DMASYNC_PREWRITE); 1644 1645 sc->sc_rxring.cur = (sc->sc_rxring.cur + 1) % 1646 MALO_RX_RING_COUNT; 1647 } 1648 1649 malo_mem_write4(sc, sc->sc_RxPdRdPtr, rxRdPtr); 1650} 1651 1652static int 1653malo_get_firmware(struct malo_softc *sc, const char *name, 1654 uint8_t** firmware_image, size_t* size) 1655{ 1656 firmware_handle_t fw; 1657 int error; 1658 1659 1660 /* load firmware image from disk */ 1661 if ((error = firmware_open("malo", name, &fw)) != 0) { 1662 aprint_error_dev(sc->sc_dev, "could not read firmware file\n"); 1663 return error; 1664 } 1665 1666 *size = firmware_get_size(fw); 1667 1668 *firmware_image = firmware_malloc(*size); 1669 if (*firmware_image == NULL) { 1670 aprint_error_dev(sc->sc_dev, "not enough memory to stock firmware\n"); 1671 error = ENOMEM; 1672 goto fail1; 1673 } 1674 1675 if ((error = firmware_read(fw, 0, *firmware_image, *size)) != 0) { 1676 aprint_error_dev(sc->sc_dev, "can't get firmware\n"); 1677 goto fail2; 1678 } 1679 1680 firmware_close(fw); 1681 1682 return 0; 1683fail2: 1684 firmware_free(*firmware_image, *size); 1685fail1: 1686 firmware_close(fw); 1687 return error; 1688} 1689 1690static int 1691malo_load_bootimg(struct malo_softc *sc) 1692{ 1693 const char *name = "malo8335-h"; 1694 uint8_t *ucode; 1695 size_t size; 1696 int error, i; 1697 1698 /* load boot firmware */ 1699 if ((error = malo_get_firmware(sc, name, &ucode, &size)) != 0) { 1700 aprint_error_dev(sc->sc_dev, "error %d, could not read firmware %s\n", 1701 error, name); 1702 return (EIO); 1703 } 1704 1705 /* 1706 * It seems we are putting this code directly onto the stack of 1707 * the ARM cpu. I don't know why we need to instruct the DMA 1708 * engine to move the code. This is a big riddle without docu. 1709 */ 1710 DPRINTF(1, "%s: loading boot firmware\n", device_xname(sc->sc_dev)); 1711 malo_mem_write2(sc, 0xbef8, 0x001); 1712 malo_mem_write2(sc, 0xbefa, size); 1713 malo_mem_write4(sc, 0xbefc, 0); 1714 1715 bus_space_write_region_1(sc->sc_mem1_bt, sc->sc_mem1_bh, 0xbf00, 1716 ucode, size); 1717 1718 firmware_free(ucode, size); 1719 1720 /* 1721 * we loaded the firmware into card memory now tell the CPU 1722 * to fetch the code and execute it. The memory mapped via the 1723 * first bar is internaly mapped to 0xc0000000. 1724 */ 1725 malo_send_cmd(sc, 0xc000bef8); 1726 1727 /* wait for the device to go into FW loading mode */ 1728 for (i = 0; i < 10; i++) { 1729 delay(50); 1730 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_READ); 1731 if (malo_ctl_read4(sc, 0x0c14) == 0x5) 1732 break; 1733 } 1734 if (i == 10) { 1735 aprint_error_dev(sc->sc_dev, "timeout at boot firmware load!\n"); 1736 return (ETIMEDOUT); 1737 } 1738 1739 /* tell the card we're done and... */ 1740 malo_mem_write2(sc, 0xbef8, 0x001); 1741 malo_mem_write2(sc, 0xbefa, 0); 1742 malo_mem_write4(sc, 0xbefc, 0); 1743 malo_send_cmd(sc, 0xc000bef8); 1744 1745 DPRINTF(1, "%s: boot firmware loaded\n", device_xname(sc->sc_dev)); 1746 1747 return (0); 1748} 1749 1750 1751static int 1752malo_load_firmware(struct malo_softc *sc) 1753{ 1754 struct malo_cmdheader *hdr; 1755 const char *name = "malo8335-m"; 1756 void *data; 1757 uint8_t *ucode; 1758 size_t size, count, bsize; 1759 int i, sn, error; 1760 1761 /* load real firmware now */ 1762 if ((error = malo_get_firmware(sc, name, &ucode, &size)) != 0) { 1763 aprint_error_dev(sc->sc_dev, "error %d, could not read firmware %s\n", 1764 error, name); 1765 return (EIO); 1766 } 1767 1768 DPRINTF(1, "%s: uploading firmware\n", device_xname(sc->sc_dev)); 1769 1770 hdr = sc->sc_cmd_mem; 1771 data = hdr + 1; 1772 sn = 1; 1773 for (count = 0; count < size; count += bsize) { 1774 bsize = MIN(256, size - count); 1775 1776 hdr->cmd = htole16(0x0001); 1777 hdr->size = htole16(bsize); 1778 hdr->seqnum = htole16(sn++); 1779 hdr->result = 0; 1780 1781 memcpy(data, ucode + count, bsize); 1782 1783 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1784 BUS_DMASYNC_PREWRITE); 1785 malo_send_cmd(sc, sc->sc_cmd_dmaaddr); 1786 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1787 BUS_DMASYNC_POSTWRITE); 1788 delay(500); 1789 } 1790 firmware_free(ucode, size); 1791 1792 DPRINTF(1, "%s: firmware upload finished\n", device_xname(sc->sc_dev)); 1793 1794 /* 1795 * send a command with size 0 to tell that the firmware has been 1796 * uploaded 1797 */ 1798 hdr->cmd = htole16(0x0001); 1799 hdr->size = 0; 1800 hdr->seqnum = htole16(sn++); 1801 hdr->result = 0; 1802 1803 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1804 BUS_DMASYNC_PREWRITE); 1805 malo_send_cmd(sc, sc->sc_cmd_dmaaddr); 1806 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1807 BUS_DMASYNC_POSTWRITE); 1808 delay(100); 1809 1810 DPRINTF(1, "%s: loading firmware\n", device_xname(sc->sc_dev)); 1811 1812 /* wait until firmware has been loaded */ 1813 for (i = 0; i < 200; i++) { 1814 malo_ctl_write4(sc, 0x0c10, 0x5a); 1815 delay(500); 1816 malo_ctl_barrier(sc, BUS_SPACE_BARRIER_WRITE | 1817 BUS_SPACE_BARRIER_READ); 1818 if (malo_ctl_read4(sc, 0x0c14) == 0xf0f1f2f4) 1819 break; 1820 } 1821 if (i == 200) { 1822 aprint_error_dev(sc->sc_dev, "timeout at firmware load!\n"); 1823 return (ETIMEDOUT); 1824 } 1825 1826 DPRINTF(1, "%s: firmware loaded\n", device_xname(sc->sc_dev)); 1827 1828 return (0); 1829} 1830 1831static int 1832malo_set_slot(struct malo_softc *sc) 1833{ 1834 struct ieee80211com *ic = &sc->sc_ic; 1835 1836 if (ic->ic_flags & IEEE80211_F_SHSLOT) { 1837 /* set short slot */ 1838 if (malo_cmd_set_slot(sc, 1)) { 1839 aprint_error_dev(sc->sc_dev, "setting short slot failed\n"); 1840 return (ENXIO); 1841 } 1842 } else { 1843 /* set long slot */ 1844 if (malo_cmd_set_slot(sc, 0)) { 1845 aprint_error_dev(sc->sc_dev, "setting long slot failed\n"); 1846 return (ENXIO); 1847 } 1848 } 1849 1850 return (0); 1851} 1852 1853static void 1854malo_update_slot(struct ifnet* ifp) 1855{ 1856 struct malo_softc *sc = ifp->if_softc; 1857 struct ieee80211com *ic = &sc->sc_ic; 1858 1859 malo_set_slot(sc); 1860 1861 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 1862 /* TODO */ 1863 } 1864} 1865 1866#ifdef MALO_DEBUG 1867static void 1868malo_hexdump(void *buf, int len) 1869{ 1870 u_char b[16]; 1871 int i, j, l; 1872 1873 for (i = 0; i < len; i += l) { 1874 printf("%4i:", i); 1875 l = uimin(sizeof(b), len - i); 1876 memcpy(b, (char*)buf + i, l); 1877 1878 for (j = 0; j < sizeof(b); j++) { 1879 if (j % 2 == 0) 1880 printf(" "); 1881 if (j % 8 == 0) 1882 printf(" "); 1883 if (j < l) 1884 printf("%02x", (int)b[j]); 1885 else 1886 printf(" "); 1887 } 1888 printf(" |"); 1889 for (j = 0; j < l; j++) { 1890 if (b[j] >= 0x20 && b[j] <= 0x7e) 1891 printf("%c", b[j]); 1892 else 1893 printf("."); 1894 } 1895 printf("|\n"); 1896 } 1897} 1898#endif 1899 1900static const char * 1901malo_cmd_string(uint16_t cmd) 1902{ 1903 int i; 1904 static char cmd_buf[16]; 1905 static const struct { 1906 uint16_t cmd_code; 1907 const char *cmd_string; 1908 } cmds[] = { 1909 { MALO_CMD_GET_HW_SPEC, "GetHwSpecifications" }, 1910 { MALO_CMD_SET_RADIO, "SetRadio" }, 1911 { MALO_CMD_SET_AID, "SetAid" }, 1912 { MALO_CMD_SET_TXPOWER, "SetTxPower" }, 1913 { MALO_CMD_SET_ANTENNA, "SetAntenna" }, 1914 { MALO_CMD_SET_PRESCAN, "SetPrescan" }, 1915 { MALO_CMD_SET_POSTSCAN, "SetPostscan" }, 1916 { MALO_CMD_SET_RATE, "SetRate" }, 1917 { MALO_CMD_SET_CHANNEL, "SetChannel" }, 1918 { MALO_CMD_SET_RTS, "SetRTS" }, 1919 { MALO_CMD_SET_SLOT, "SetSlot" }, 1920 }; 1921 1922 for (i = 0; i < sizeof(cmds) / sizeof(cmds[0]); i++) 1923 if ((le16toh(cmd) & 0x7fff) == cmds[i].cmd_code) 1924 return (cmds[i].cmd_string); 1925 1926 snprintf(cmd_buf, sizeof(cmd_buf), "unknown %#x", cmd); 1927 return (cmd_buf); 1928} 1929 1930static const char * 1931malo_cmd_string_result(uint16_t result) 1932{ 1933 int i; 1934 static const struct { 1935 uint16_t result_code; 1936 const char *result_string; 1937 } results[] = { 1938 { MALO_CMD_RESULT_OK, "OK" }, 1939 { MALO_CMD_RESULT_ERROR, "general error" }, 1940 { MALO_CMD_RESULT_NOSUPPORT, "not supported" }, 1941 { MALO_CMD_RESULT_PENDING, "pending" }, 1942 { MALO_CMD_RESULT_BUSY, "ignored" }, 1943 { MALO_CMD_RESULT_PARTIALDATA, "incomplete" }, 1944 }; 1945 1946 for (i = 0; i < sizeof(results) / sizeof(results[0]); i++) 1947 if (le16toh(result) == results[i].result_code) 1948 return (results[i].result_string); 1949 1950 return ("unknown"); 1951} 1952 1953static int 1954malo_cmd_get_spec(struct malo_softc *sc) 1955{ 1956 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 1957 struct malo_hw_spec *spec; 1958 1959 hdr->cmd = htole16(MALO_CMD_GET_HW_SPEC); 1960 hdr->size = htole16(sizeof(*hdr) + sizeof(*spec)); 1961 hdr->seqnum = htole16(42); /* the one and only */ 1962 hdr->result = 0; 1963 spec = (struct malo_hw_spec *)(hdr + 1); 1964 1965 memset(spec, 0, sizeof(*spec)); 1966 memset(spec->PermanentAddress, 0xff, ETHER_ADDR_LEN); 1967 spec->CookiePtr = htole32(sc->sc_cookie_dmaaddr); 1968 1969 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 1970 BUS_DMASYNC_PREWRITE|BUS_DMASYNC_PREREAD); 1971 1972 if (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr) != 0) 1973 return (ETIMEDOUT); 1974 1975 /* get the data from the buffer */ 1976 DPRINTF(1, "%s: get_hw_spec: V%x R%x, #WCB %d, #Mcast %d, Regcode %d, " 1977 "#Ant %d\n", device_xname(sc->sc_dev), htole16(spec->HwVersion), 1978 htole32(spec->FWReleaseNumber), htole16(spec->NumOfWCB), 1979 htole16(spec->NumOfMCastAdr), htole16(spec->RegionCode), 1980 htole16(spec->NumberOfAntenna)); 1981 1982 /* tell the DMA engine where our rings are */ 1983 malo_mem_write4(sc, le32toh(spec->RxPdRdPtr) & 0xffff, 1984 sc->sc_rxring.physaddr); 1985 malo_mem_write4(sc, le32toh(spec->RxPdWrPtr) & 0xffff, 1986 sc->sc_rxring.physaddr); 1987 malo_mem_write4(sc, le32toh(spec->WcbBase0) & 0xffff, 1988 sc->sc_txring.physaddr); 1989 1990 /* save DMA RX pointers for later use */ 1991 sc->sc_RxPdRdPtr = le32toh(spec->RxPdRdPtr) & 0xffff; 1992 sc->sc_RxPdWrPtr = le32toh(spec->RxPdWrPtr) & 0xffff; 1993 1994 return (0); 1995} 1996 1997static int 1998malo_cmd_set_prescan(struct malo_softc *sc) 1999{ 2000 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2001 2002 hdr->cmd = htole16(MALO_CMD_SET_PRESCAN); 2003 hdr->size = htole16(sizeof(*hdr)); 2004 hdr->seqnum = 1; 2005 hdr->result = 0; 2006 2007 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2008 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2009 2010 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2011} 2012 2013static int 2014malo_cmd_set_postscan(struct malo_softc *sc, uint8_t *macaddr, uint8_t ibsson) 2015{ 2016 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2017 struct malo_cmd_postscan *body; 2018 2019 hdr->cmd = htole16(MALO_CMD_SET_POSTSCAN); 2020 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2021 hdr->seqnum = 1; 2022 hdr->result = 0; 2023 body = (struct malo_cmd_postscan *)(hdr + 1); 2024 2025 memset(body, 0, sizeof(*body)); 2026 memcpy(&body->bssid, macaddr, ETHER_ADDR_LEN); 2027 body->isibss = htole32(ibsson); 2028 2029 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2030 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2031 2032 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2033} 2034 2035static int 2036malo_cmd_set_channel(struct malo_softc *sc, struct ieee80211_channel* chan) 2037{ 2038 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2039 struct ieee80211com *ic = &sc->sc_ic; 2040 struct malo_cmd_channel *body; 2041 uint8_t channel; 2042 2043 channel = ieee80211_chan2ieee(ic, chan); 2044 2045 hdr->cmd = htole16(MALO_CMD_SET_CHANNEL); 2046 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2047 hdr->seqnum = 1; 2048 hdr->result = 0; 2049 body = (struct malo_cmd_channel *)(hdr + 1); 2050 2051 memset(body, 0, sizeof(*body)); 2052 body->action = htole16(1); 2053 body->channel = channel; 2054 2055 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2056 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2057 2058 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2059} 2060 2061static int 2062malo_cmd_set_antenna(struct malo_softc *sc, uint16_t antenna) 2063{ 2064 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2065 struct malo_cmd_antenna *body; 2066 2067 hdr->cmd = htole16(MALO_CMD_SET_ANTENNA); 2068 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2069 hdr->seqnum = 1; 2070 hdr->result = 0; 2071 body = (struct malo_cmd_antenna *)(hdr + 1); 2072 2073 memset(body, 0, sizeof(*body)); 2074 body->action = htole16(antenna); 2075 if (antenna == 1) 2076 body->mode = htole16(0xffff); 2077 else 2078 body->mode = htole16(2); 2079 2080 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2081 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2082 2083 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2084} 2085 2086static int 2087malo_cmd_set_radio(struct malo_softc *sc, uint16_t enable, 2088 uint16_t preamble_mode) 2089{ 2090 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2091 struct malo_cmd_radio *body; 2092 2093 hdr->cmd = htole16(MALO_CMD_SET_RADIO); 2094 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2095 hdr->seqnum = 1; 2096 hdr->result = 0; 2097 body = (struct malo_cmd_radio *)(hdr + 1); 2098 2099 memset(body, 0, sizeof(*body)); 2100 body->action = htole16(1); 2101 body->preamble_mode = htole16(preamble_mode); 2102 body->enable = htole16(enable); 2103 2104 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2105 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2106 2107 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2108} 2109 2110static int 2111malo_cmd_set_aid(struct malo_softc *sc, uint8_t *bssid, uint16_t associd) 2112{ 2113 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2114 struct malo_cmd_aid *body; 2115 2116 hdr->cmd = htole16(MALO_CMD_SET_AID); 2117 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2118 hdr->seqnum = 1; 2119 hdr->result = 0; 2120 body = (struct malo_cmd_aid *)(hdr + 1); 2121 2122 memset(body, 0, sizeof(*body)); 2123 body->associd = htole16(associd); 2124 memcpy(&body->macaddr[0], bssid, IEEE80211_ADDR_LEN); 2125 2126 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2127 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2128 2129 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2130} 2131 2132static int 2133malo_cmd_set_txpower(struct malo_softc *sc, unsigned int powerlevel) 2134{ 2135 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2136 struct malo_cmd_txpower *body; 2137 2138 hdr->cmd = htole16(MALO_CMD_SET_TXPOWER); 2139 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2140 hdr->seqnum = 1; 2141 hdr->result = 0; 2142 body = (struct malo_cmd_txpower *)(hdr + 1); 2143 2144 memset(body, 0, sizeof(*body)); 2145 body->action = htole16(1); 2146 if (powerlevel < 30) 2147 body->supportpowerlvl = htole16(5); /* LOW */ 2148 else if (powerlevel < 60) 2149 body->supportpowerlvl = htole16(10); /* MEDIUM */ 2150 else 2151 body->supportpowerlvl = htole16(15); /* HIGH */ 2152 2153 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2154 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2155 2156 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2157} 2158 2159static int 2160malo_cmd_set_rts(struct malo_softc *sc, uint32_t threshold) 2161{ 2162 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2163 struct malo_cmd_rts *body; 2164 2165 hdr->cmd = htole16(MALO_CMD_SET_RTS); 2166 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2167 hdr->seqnum = 1; 2168 hdr->result = 0; 2169 body = (struct malo_cmd_rts *)(hdr + 1); 2170 2171 memset(body, 0, sizeof(*body)); 2172 body->action = htole16(1); 2173 body->threshold = htole32(threshold); 2174 2175 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2176 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2177 2178 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2179} 2180 2181static int 2182malo_cmd_set_slot(struct malo_softc *sc, uint8_t slot) 2183{ 2184 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2185 struct malo_cmd_slot *body; 2186 2187 hdr->cmd = htole16(MALO_CMD_SET_SLOT); 2188 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2189 hdr->seqnum = 1; 2190 hdr->result = 0; 2191 body = (struct malo_cmd_slot *)(hdr + 1); 2192 2193 memset(body, 0, sizeof(*body)); 2194 body->action = htole16(1); 2195 body->slot = slot; 2196 2197 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2198 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2199 2200 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2201} 2202 2203static int 2204malo_cmd_set_rate(struct malo_softc *sc, uint8_t rate) 2205{ 2206 struct ieee80211com *ic = &sc->sc_ic; 2207 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2208 struct malo_cmd_rate *body; 2209 int i; 2210 2211 hdr->cmd = htole16(MALO_CMD_SET_RATE); 2212 hdr->size = htole16(sizeof(*hdr) + sizeof(*body)); 2213 hdr->seqnum = 1; 2214 hdr->result = 0; 2215 body = (struct malo_cmd_rate *)(hdr + 1); 2216 2217 memset(body, 0,sizeof(*body)); 2218 2219 if (ic->ic_opmode == IEEE80211_M_HOSTAP) { 2220 /* TODO */ 2221 } else 2222 { 2223 body->aprates[0] = 2; 2224 body->aprates[1] = 4; 2225 body->aprates[2] = 11; 2226 body->aprates[3] = 22; 2227 if (ic->ic_curmode == IEEE80211_MODE_11G) { 2228 body->aprates[4] = 0; 2229 body->aprates[5] = 12; 2230 body->aprates[6] = 18; 2231 body->aprates[7] = 24; 2232 body->aprates[8] = 36; 2233 body->aprates[9] = 48; 2234 body->aprates[10] = 72; 2235 body->aprates[11] = 96; 2236 body->aprates[12] = 108; 2237 } 2238 } 2239 2240 if (rate != 0) { 2241 /* fixed rate */ 2242 for (i = 0; i < 13; i++) { 2243 if (body->aprates[i] == rate) { 2244 body->rateindex = i; 2245 body->dataratetype = 1; 2246 break; 2247 } 2248 } 2249 } 2250 2251 bus_dmamap_sync(sc->sc_dmat, sc->sc_cmd_dmam, 0, PAGE_SIZE, 2252 BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD); 2253 2254 return (malo_send_cmd_dma(sc, sc->sc_cmd_dmaaddr)); 2255} 2256 2257static void 2258malo_cmd_response(struct malo_softc *sc) 2259{ 2260 struct malo_cmdheader *hdr = sc->sc_cmd_mem; 2261 2262 if (le16toh(hdr->result) != MALO_CMD_RESULT_OK) { 2263 aprint_error_dev(sc->sc_dev, "firmware cmd %s failed with %s\n", 2264 malo_cmd_string(hdr->cmd), 2265 malo_cmd_string_result(hdr->result)); 2266 } 2267 2268#ifdef MALO_DEBUG 2269 aprint_error_dev(sc->sc_dev, "cmd answer for %s=%s\n", 2270 malo_cmd_string(hdr->cmd), 2271 malo_cmd_string_result(hdr->result)); 2272 2273 if (malo_d > 2) 2274 malo_hexdump(hdr, le16toh(hdr->size)); 2275#endif 2276} 2277