if_wpi.c revision 1.18
1/* $NetBSD: if_wpi.c,v 1.18 2007/08/04 18:24:24 degroote Exp $ */ 2 3/*- 4 * Copyright (c) 2006, 2007 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__KERNEL_RCSID(0, "$NetBSD: if_wpi.c,v 1.18 2007/08/04 18:24:24 degroote Exp $"); 22 23/* 24 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 25 */ 26 27#include "bpfilter.h" 28 29#include <sys/param.h> 30#include <sys/sockio.h> 31#include <sys/sysctl.h> 32#include <sys/mbuf.h> 33#include <sys/kernel.h> 34#include <sys/socket.h> 35#include <sys/systm.h> 36#include <sys/malloc.h> 37#include <sys/conf.h> 38#include <sys/kauth.h> 39#include <sys/callout.h> 40 41#include <machine/bus.h> 42#include <machine/endian.h> 43#include <machine/intr.h> 44 45#include <dev/pci/pcireg.h> 46#include <dev/pci/pcivar.h> 47#include <dev/pci/pcidevs.h> 48 49#if NBPFILTER > 0 50#include <net/bpf.h> 51#endif 52#include <net/if.h> 53#include <net/if_arp.h> 54#include <net/if_dl.h> 55#include <net/if_ether.h> 56#include <net/if_media.h> 57#include <net/if_types.h> 58 59#include <net80211/ieee80211_var.h> 60#include <net80211/ieee80211_amrr.h> 61#include <net80211/ieee80211_radiotap.h> 62 63#include <netinet/in.h> 64#include <netinet/in_systm.h> 65#include <netinet/in_var.h> 66#include <netinet/ip.h> 67 68#include <dev/firmload.h> 69 70#include <dev/pci/if_wpireg.h> 71#include <dev/pci/if_wpivar.h> 72 73#ifdef WPI_DEBUG 74#define DPRINTF(x) if (wpi_debug > 0) printf x 75#define DPRINTFN(n, x) if (wpi_debug >= (n)) printf x 76int wpi_debug = 1; 77#else 78#define DPRINTF(x) 79#define DPRINTFN(n, x) 80#endif 81 82/* 83 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 84 */ 85static const struct ieee80211_rateset wpi_rateset_11a = 86 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 87 88static const struct ieee80211_rateset wpi_rateset_11b = 89 { 4, { 2, 4, 11, 22 } }; 90 91static const struct ieee80211_rateset wpi_rateset_11g = 92 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 93 94static int wpi_match(struct device *, struct cfdata *, void *); 95static void wpi_attach(struct device *, struct device *, void *); 96static int wpi_detach(struct device*, int); 97static void wpi_power(int, void *); 98static int wpi_dma_contig_alloc(bus_dma_tag_t, struct wpi_dma_info *, 99 void **, bus_size_t, bus_size_t, int); 100static void wpi_dma_contig_free(struct wpi_dma_info *); 101static int wpi_alloc_shared(struct wpi_softc *); 102static void wpi_free_shared(struct wpi_softc *); 103static int wpi_alloc_fwmem(struct wpi_softc *); 104static void wpi_free_fwmem(struct wpi_softc *); 105static struct wpi_rbuf *wpi_alloc_rbuf(struct wpi_softc *); 106static void wpi_free_rbuf(struct mbuf *, void *, size_t, void *); 107static int wpi_alloc_rpool(struct wpi_softc *); 108static void wpi_free_rpool(struct wpi_softc *); 109static int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 110static void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 111static void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 112static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, int, 113 int); 114static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 115static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 116static struct ieee80211_node * wpi_node_alloc(struct ieee80211_node_table *); 117static void wpi_newassoc(struct ieee80211_node *, int); 118static int wpi_media_change(struct ifnet *); 119static int wpi_newstate(struct ieee80211com *, enum ieee80211_state, int); 120static void wpi_mem_lock(struct wpi_softc *); 121static void wpi_mem_unlock(struct wpi_softc *); 122static uint32_t wpi_mem_read(struct wpi_softc *, uint16_t); 123static void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t); 124static void wpi_mem_write_region_4(struct wpi_softc *, uint16_t, 125 const uint32_t *, int); 126static int wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int); 127static int wpi_load_microcode(struct wpi_softc *, const uint8_t *, int); 128static int wpi_load_firmware(struct wpi_softc *); 129static void wpi_calib_timeout(void *); 130static void wpi_iter_func(void *, struct ieee80211_node *); 131static void wpi_power_calibration(struct wpi_softc *, int); 132static void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *, 133 struct wpi_rx_data *); 134static void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *); 135static void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *); 136static void wpi_notif_intr(struct wpi_softc *); 137static int wpi_intr(void *); 138static void wpi_read_eeprom(struct wpi_softc *); 139static void wpi_read_eeprom_channels(struct wpi_softc *, int); 140static void wpi_read_eeprom_group(struct wpi_softc *, int); 141static uint8_t wpi_plcp_signal(int); 142static int wpi_tx_data(struct wpi_softc *, struct mbuf *, 143 struct ieee80211_node *, int); 144static void wpi_start(struct ifnet *); 145static void wpi_watchdog(struct ifnet *); 146static int wpi_ioctl(struct ifnet *, u_long, void *); 147static int wpi_cmd(struct wpi_softc *, int, const void *, int, int); 148static int wpi_wme_update(struct ieee80211com *); 149static int wpi_mrr_setup(struct wpi_softc *); 150static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 151static void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *); 152static int wpi_set_txpower(struct wpi_softc *, 153 struct ieee80211_channel *, int); 154static int wpi_get_power_index(struct wpi_softc *, 155 struct wpi_power_group *, struct ieee80211_channel *, int); 156static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 157static int wpi_auth(struct wpi_softc *); 158static int wpi_scan(struct wpi_softc *, uint16_t); 159static int wpi_config(struct wpi_softc *); 160static void wpi_stop_master(struct wpi_softc *); 161static int wpi_power_up(struct wpi_softc *); 162static int wpi_reset(struct wpi_softc *); 163static void wpi_hw_config(struct wpi_softc *); 164static int wpi_init(struct ifnet *); 165static void wpi_stop(struct ifnet *, int); 166 167CFATTACH_DECL(wpi, sizeof (struct wpi_softc), wpi_match, wpi_attach, 168 wpi_detach, NULL); 169 170static int 171wpi_match(struct device *parent, struct cfdata *match __unused, void *aux) 172{ 173 struct pci_attach_args *pa = aux; 174 175 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 176 return 0; 177 178 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_1 || 179 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_2) 180 return 1; 181 182 return 0; 183} 184 185/* Base Address Register */ 186#define WPI_PCI_BAR0 0x10 187 188static void 189wpi_attach(struct device *parent __unused, struct device *self, void *aux) 190{ 191 struct wpi_softc *sc = (struct wpi_softc *)self; 192 struct ieee80211com *ic = &sc->sc_ic; 193 struct ifnet *ifp = &sc->sc_ec.ec_if; 194 struct pci_attach_args *pa = aux; 195 const char *intrstr; 196 char devinfo[256]; 197 bus_space_tag_t memt; 198 bus_space_handle_t memh; 199 pci_intr_handle_t ih; 200 pcireg_t data; 201 int error, ac, revision; 202 203 sc->sc_pct = pa->pa_pc; 204 sc->sc_pcitag = pa->pa_tag; 205 206 callout_init(&sc->calib_to, 0); 207 208 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 209 revision = PCI_REVISION(pa->pa_class); 210 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 211 212 /* clear device specific PCI configuration register 0x41 */ 213 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 214 data &= ~0x0000ff00; 215 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 216 217 /* enable bus-mastering */ 218 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 219 data |= PCI_COMMAND_MASTER_ENABLE; 220 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 221 222 /* map the register window */ 223 error = pci_mapreg_map(pa, WPI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 224 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, NULL, &sc->sc_sz); 225 if (error != 0) { 226 aprint_error("%s: could not map memory space\n", 227 sc->sc_dev.dv_xname); 228 return; 229 } 230 231 sc->sc_st = memt; 232 sc->sc_sh = memh; 233 sc->sc_dmat = pa->pa_dmat; 234 235 if (pci_intr_map(pa, &ih) != 0) { 236 aprint_error("%s: could not map interrupt\n", 237 sc->sc_dev.dv_xname); 238 return; 239 } 240 241 intrstr = pci_intr_string(sc->sc_pct, ih); 242 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, wpi_intr, sc); 243 if (sc->sc_ih == NULL) { 244 aprint_error("%s: could not establish interrupt", 245 sc->sc_dev.dv_xname); 246 if (intrstr != NULL) 247 aprint_error(" at %s", intrstr); 248 aprint_error("\n"); 249 return; 250 } 251 aprint_normal("%s: interrupting at %s\n", sc->sc_dev.dv_xname, intrstr); 252 253 if (wpi_reset(sc) != 0) { 254 aprint_error("%s: could not reset adapter\n", 255 sc->sc_dev.dv_xname); 256 return; 257 } 258 259 /* 260 * Allocate DMA memory for firmware transfers. 261 */ 262 if ((error = wpi_alloc_fwmem(sc)) != 0) { 263 aprint_error(": could not allocate firmware memory\n"); 264 return; 265 } 266 267 /* 268 * Allocate shared page and Tx/Rx rings. 269 */ 270 if ((error = wpi_alloc_shared(sc)) != 0) { 271 aprint_error("%s: could not allocate shared area\n", 272 sc->sc_dev.dv_xname); 273 goto fail1; 274 } 275 276 if ((error = wpi_alloc_rpool(sc)) != 0) { 277 aprint_error("%s: could not allocate Rx buffers\n", 278 sc->sc_dev.dv_xname); 279 goto fail2; 280 } 281 282 for (ac = 0; ac < 4; ac++) { 283 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, ac); 284 if (error != 0) { 285 aprint_error("%s: could not allocate Tx ring %d\n", 286 sc->sc_dev.dv_xname, ac); 287 goto fail3; 288 } 289 } 290 291 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4); 292 if (error != 0) { 293 aprint_error("%s: could not allocate command ring\n", 294 sc->sc_dev.dv_xname); 295 goto fail3; 296 } 297 298 error = wpi_alloc_tx_ring(sc, &sc->svcq, WPI_SVC_RING_COUNT, 5); 299 if (error != 0) { 300 aprint_error("%s: could not allocate service ring\n", 301 sc->sc_dev.dv_xname); 302 goto fail4; 303 } 304 305 if (wpi_alloc_rx_ring(sc, &sc->rxq) != 0) { 306 aprint_error("%s: could not allocate Rx ring\n", 307 sc->sc_dev.dv_xname); 308 goto fail5; 309 } 310 311 ic->ic_ifp = ifp; 312 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 313 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 314 ic->ic_state = IEEE80211_S_INIT; 315 316 /* set device capabilities */ 317 ic->ic_caps = 318 IEEE80211_C_IBSS | /* IBSS mode support */ 319 IEEE80211_C_WPA | /* 802.11i */ 320 IEEE80211_C_MONITOR | /* monitor mode supported */ 321 IEEE80211_C_TXPMGT | /* tx power management */ 322 IEEE80211_C_SHSLOT | /* short slot time supported */ 323 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 324 IEEE80211_C_WME; /* 802.11e */ 325 326 /* read supported channels and MAC address from EEPROM */ 327 wpi_read_eeprom(sc); 328 329 /* set supported .11a, .11b, .11g rates */ 330 ic->ic_sup_rates[IEEE80211_MODE_11A] = wpi_rateset_11a; 331 ic->ic_sup_rates[IEEE80211_MODE_11B] = wpi_rateset_11b; 332 ic->ic_sup_rates[IEEE80211_MODE_11G] = wpi_rateset_11g; 333 334 ic->ic_ibss_chan = &ic->ic_channels[0]; 335 336 ifp->if_softc = sc; 337 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 338 ifp->if_init = wpi_init; 339 ifp->if_stop = wpi_stop; 340 ifp->if_ioctl = wpi_ioctl; 341 ifp->if_start = wpi_start; 342 ifp->if_watchdog = wpi_watchdog; 343 IFQ_SET_READY(&ifp->if_snd); 344 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 345 346 if_attach(ifp); 347 ieee80211_ifattach(ic); 348 /* override default methods */ 349 ic->ic_node_alloc = wpi_node_alloc; 350 ic->ic_newassoc = wpi_newassoc; 351 ic->ic_wme.wme_update = wpi_wme_update; 352 353 /* override state transition machine */ 354 sc->sc_newstate = ic->ic_newstate; 355 ic->ic_newstate = wpi_newstate; 356 ieee80211_media_init(ic, wpi_media_change, ieee80211_media_status); 357 358 sc->amrr.amrr_min_success_threshold = 1; 359 sc->amrr.amrr_max_success_threshold = 15; 360 361 /* set powerhook */ 362 sc->powerhook = powerhook_establish(sc->sc_dev.dv_xname, wpi_power, sc); 363 364#if NBPFILTER > 0 365 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 366 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 367 &sc->sc_drvbpf); 368 369 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 370 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 371 sc->sc_rxtap.wr_ihdr.it_present = htole32(WPI_RX_RADIOTAP_PRESENT); 372 373 sc->sc_txtap_len = sizeof sc->sc_txtapu; 374 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 375 sc->sc_txtap.wt_ihdr.it_present = htole32(WPI_TX_RADIOTAP_PRESENT); 376#endif 377 378 ieee80211_announce(ic); 379 380 return; 381 382fail5: wpi_free_tx_ring(sc, &sc->svcq); 383fail4: wpi_free_tx_ring(sc, &sc->cmdq); 384fail3: while (--ac >= 0) 385 wpi_free_tx_ring(sc, &sc->txq[ac]); 386 wpi_free_rpool(sc); 387fail2: wpi_free_shared(sc); 388fail1: wpi_free_fwmem(sc); 389} 390 391static int 392wpi_detach(struct device* self, int flags __unused) 393{ 394 struct wpi_softc *sc = (struct wpi_softc *)self; 395 struct ifnet *ifp = sc->sc_ic.ic_ifp; 396 int ac; 397 398 wpi_stop(ifp, 1); 399 400#if NBPFILTER > 0 401 if (ifp != NULL) 402 bpfdetach(ifp); 403#endif 404 ieee80211_ifdetach(&sc->sc_ic); 405 if (ifp != NULL) 406 if_detach(ifp); 407 408 for (ac = 0; ac < 4; ac++) 409 wpi_free_tx_ring(sc, &sc->txq[ac]); 410 wpi_free_tx_ring(sc, &sc->cmdq); 411 wpi_free_tx_ring(sc, &sc->svcq); 412 wpi_free_rx_ring(sc, &sc->rxq); 413 wpi_free_rpool(sc); 414 wpi_free_shared(sc); 415 416 if (sc->sc_ih != NULL) { 417 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 418 sc->sc_ih = NULL; 419 } 420 421 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 422 423 return 0; 424} 425 426static void 427wpi_power(int why, void *arg) 428{ 429 struct wpi_softc *sc = arg; 430 struct ifnet *ifp; 431 pcireg_t data; 432 int s; 433 434 if (why != PWR_RESUME) 435 return; 436 437 /* clear device specific PCI configuration register 0x41 */ 438 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 439 data &= ~0x0000ff00; 440 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 441 442 s = splnet(); 443 ifp = sc->sc_ic.ic_ifp; 444 if (ifp->if_flags & IFF_UP) { 445 ifp->if_init(ifp); 446 if (ifp->if_flags & IFF_RUNNING) 447 ifp->if_start(ifp); 448 } 449 splx(s); 450} 451 452static int 453wpi_dma_contig_alloc(bus_dma_tag_t tag, struct wpi_dma_info *dma, 454 void **kvap, bus_size_t size, bus_size_t alignment, int flags) 455{ 456 int nsegs, error; 457 458 dma->tag = tag; 459 dma->size = size; 460 461 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 462 if (error != 0) 463 goto fail; 464 465 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 466 flags); 467 if (error != 0) 468 goto fail; 469 470 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 471 if (error != 0) 472 goto fail; 473 474 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, flags); 475 if (error != 0) 476 goto fail; 477 478 memset(dma->vaddr, 0, size); 479 480 dma->paddr = dma->map->dm_segs[0].ds_addr; 481 if (kvap != NULL) 482 *kvap = dma->vaddr; 483 484 return 0; 485 486fail: wpi_dma_contig_free(dma); 487 return error; 488} 489 490static void 491wpi_dma_contig_free(struct wpi_dma_info *dma) 492{ 493 if (dma->map != NULL) { 494 if (dma->vaddr != NULL) { 495 bus_dmamap_unload(dma->tag, dma->map); 496 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 497 bus_dmamem_free(dma->tag, &dma->seg, 1); 498 dma->vaddr = NULL; 499 } 500 bus_dmamap_destroy(dma->tag, dma->map); 501 dma->map = NULL; 502 } 503} 504 505/* 506 * Allocate a shared page between host and NIC. 507 */ 508static int 509wpi_alloc_shared(struct wpi_softc *sc) 510{ 511 int error; 512 /* must be aligned on a 4K-page boundary */ 513 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 514 (void **)&sc->shared, sizeof (struct wpi_shared), 515 WPI_BUF_ALIGN,BUS_DMA_NOWAIT); 516 if (error != 0) 517 aprint_error( 518 "%s: could not allocate shared area DMA memory\n", 519 sc->sc_dev.dv_xname); 520 521 return error; 522} 523 524static void 525wpi_free_shared(struct wpi_softc *sc) 526{ 527 wpi_dma_contig_free(&sc->shared_dma); 528} 529 530/* 531 * Allocate DMA-safe memory for firmware transfer. 532 */ 533static int 534wpi_alloc_fwmem(struct wpi_softc *sc) 535{ 536 int error; 537 /* allocate enough contiguous space to store text and data */ 538 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 539 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ, 0, 540 BUS_DMA_NOWAIT); 541 542 if (error != 0) 543 aprint_error( 544 "%s: could not allocate firmware transfer area" 545 "DMA memory\n", sc->sc_dev.dv_xname); 546 return error; 547} 548 549static void 550wpi_free_fwmem(struct wpi_softc *sc) 551{ 552 wpi_dma_contig_free(&sc->fw_dma); 553} 554 555 556static struct wpi_rbuf * 557wpi_alloc_rbuf(struct wpi_softc *sc) 558{ 559 struct wpi_rbuf *rbuf; 560 561 rbuf = SLIST_FIRST(&sc->rxq.freelist); 562 if (rbuf == NULL) 563 return NULL; 564 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 565 sc->rxq.nb_free_entries --; 566 567 return rbuf; 568} 569 570/* 571 * This is called automatically by the network stack when the mbuf to which our 572 * Rx buffer is attached is freed. 573 */ 574static void 575wpi_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 576{ 577 struct wpi_rbuf *rbuf = arg; 578 struct wpi_softc *sc = rbuf->sc; 579 int s; 580 581 /* put the buffer back in the free list */ 582 583 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 584 sc->rxq.nb_free_entries ++; 585 586 if (__predict_true(m != NULL)) { 587 s = splvm(); 588 pool_cache_put(&mbpool_cache, m); 589 splx(s); 590 } 591} 592 593static int 594wpi_alloc_rpool(struct wpi_softc *sc) 595{ 596 struct wpi_rx_ring *ring = &sc->rxq; 597 struct wpi_rbuf *rbuf; 598 int i, error; 599 600 /* allocate a big chunk of DMA'able memory.. */ 601 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 602 WPI_RBUF_COUNT * WPI_RBUF_SIZE, WPI_BUF_ALIGN, BUS_DMA_NOWAIT); 603 if (error != 0) { 604 aprint_normal("%s: could not allocate Rx buffers DMA memory\n", 605 sc->sc_dev.dv_xname); 606 return error; 607 } 608 609 /* ..and split it into 3KB chunks */ 610 SLIST_INIT(&ring->freelist); 611 for (i = 0; i < WPI_RBUF_COUNT; i++) { 612 rbuf = &ring->rbuf[i]; 613 rbuf->sc = sc; /* backpointer for callbacks */ 614 rbuf->vaddr = (char *)ring->buf_dma.vaddr + i * WPI_RBUF_SIZE; 615 rbuf->paddr = ring->buf_dma.paddr + i * WPI_RBUF_SIZE; 616 617 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 618 } 619 620 ring->nb_free_entries = WPI_RBUF_COUNT; 621 return 0; 622} 623 624static void 625wpi_free_rpool(struct wpi_softc *sc) 626{ 627 wpi_dma_contig_free(&sc->rxq.buf_dma); 628} 629 630static int 631wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 632{ 633 struct wpi_rx_data *data; 634 struct wpi_rbuf *rbuf; 635 int i, error; 636 637 ring->cur = 0; 638 639 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 640 (void **)&ring->desc, 641 WPI_RX_RING_COUNT * sizeof (struct wpi_rx_desc), 642 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 643 if (error != 0) { 644 aprint_error("%s: could not allocate rx ring DMA memory\n", 645 sc->sc_dev.dv_xname); 646 goto fail; 647 } 648 649 /* 650 * Setup Rx buffers. 651 */ 652 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 653 data = &ring->data[i]; 654 655 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 656 if (data->m == NULL) { 657 aprint_error("%s: could not allocate rx mbuf\n", 658 sc->sc_dev.dv_xname); 659 error = ENOMEM; 660 goto fail; 661 } 662 if ((rbuf = wpi_alloc_rbuf(sc)) == NULL) { 663 m_freem(data->m); 664 data->m = NULL; 665 aprint_error("%s: could not allocate rx cluster\n", 666 sc->sc_dev.dv_xname); 667 error = ENOMEM; 668 goto fail; 669 } 670 /* attach Rx buffer to mbuf */ 671 MEXTADD(data->m, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 672 rbuf); 673 data->m->m_flags |= M_EXT_RW; 674 675 ring->desc[i] = htole32(rbuf->paddr); 676 } 677 678 return 0; 679 680fail: wpi_free_rx_ring(sc, ring); 681 return error; 682} 683 684static void 685wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 686{ 687 int ntries; 688 689 wpi_mem_lock(sc); 690 691 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 692 for (ntries = 0; ntries < 100; ntries++) { 693 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 694 break; 695 DELAY(10); 696 } 697#ifdef WPI_DEBUG 698 if (ntries == 100 && wpi_debug > 0) 699 aprint_error("%s: timeout resetting Rx ring\n", 700 sc->sc_dev.dv_xname); 701#endif 702 wpi_mem_unlock(sc); 703 704 ring->cur = 0; 705} 706 707static void 708wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 709{ 710 int i; 711 712 wpi_dma_contig_free(&ring->desc_dma); 713 714 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 715 if (ring->data[i].m != NULL) 716 m_freem(ring->data[i].m); 717 } 718} 719 720static int 721wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count, 722 int qid) 723{ 724 struct wpi_tx_data *data; 725 int i, error; 726 727 ring->qid = qid; 728 ring->count = count; 729 ring->queued = 0; 730 ring->cur = 0; 731 732 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 733 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc), 734 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 735 if (error != 0) { 736 aprint_error("%s: could not allocate tx ring DMA memory\n", 737 sc->sc_dev.dv_xname); 738 goto fail; 739 } 740 741 /* update shared page with ring's base address */ 742 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 743 744 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 745 (void **)&ring->cmd, 746 count * sizeof (struct wpi_tx_cmd), 4, BUS_DMA_NOWAIT); 747 if (error != 0) { 748 aprint_error("%s: could not allocate tx cmd DMA memory\n", 749 sc->sc_dev.dv_xname); 750 goto fail; 751 } 752 753 ring->data = malloc(count * sizeof (struct wpi_tx_data), M_DEVBUF, 754 M_NOWAIT); 755 if (ring->data == NULL) { 756 aprint_error("%s: could not allocate tx data slots\n", 757 sc->sc_dev.dv_xname); 758 goto fail; 759 } 760 761 memset(ring->data, 0, count * sizeof (struct wpi_tx_data)); 762 763 for (i = 0; i < count; i++) { 764 data = &ring->data[i]; 765 766 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 767 WPI_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 768 &data->map); 769 if (error != 0) { 770 aprint_error("%s: could not create tx buf DMA map\n", 771 sc->sc_dev.dv_xname); 772 goto fail; 773 } 774 } 775 776 return 0; 777 778fail: wpi_free_tx_ring(sc, ring); 779 return error; 780} 781 782static void 783wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 784{ 785 struct wpi_tx_data *data; 786 int i, ntries; 787 788 wpi_mem_lock(sc); 789 790 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 791 for (ntries = 0; ntries < 100; ntries++) { 792 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 793 break; 794 DELAY(10); 795 } 796#ifdef WPI_DEBUG 797 if (ntries == 100 && wpi_debug > 0) { 798 aprint_error("%s: timeout resetting Tx ring %d\n", 799 sc->sc_dev.dv_xname, ring->qid); 800 } 801#endif 802 wpi_mem_unlock(sc); 803 804 for (i = 0; i < ring->count; i++) { 805 data = &ring->data[i]; 806 807 if (data->m != NULL) { 808 bus_dmamap_unload(sc->sc_dmat, data->map); 809 m_freem(data->m); 810 data->m = NULL; 811 } 812 } 813 814 ring->queued = 0; 815 ring->cur = 0; 816} 817 818static void 819wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 820{ 821 struct wpi_tx_data *data; 822 int i; 823 824 wpi_dma_contig_free(&ring->desc_dma); 825 wpi_dma_contig_free(&ring->cmd_dma); 826 827 if (ring->data != NULL) { 828 for (i = 0; i < ring->count; i++) { 829 data = &ring->data[i]; 830 831 if (data->m != NULL) { 832 bus_dmamap_unload(sc->sc_dmat, data->map); 833 m_freem(data->m); 834 } 835 } 836 free(ring->data, M_DEVBUF); 837 } 838} 839 840/*ARGUSED*/ 841static struct ieee80211_node * 842wpi_node_alloc(struct ieee80211_node_table *nt __unused) 843{ 844 struct wpi_node *wn; 845 846 wn = malloc(sizeof (struct wpi_node), M_DEVBUF, M_NOWAIT); 847 848 if (wn != NULL) 849 memset(wn, 0, sizeof (struct wpi_node)); 850 return (struct ieee80211_node *)wn; 851} 852 853static void 854wpi_newassoc(struct ieee80211_node *ni, int isnew) 855{ 856 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 857 int i; 858 859 ieee80211_amrr_node_init(&sc->amrr, &((struct wpi_node *)ni)->amn); 860 861 /* set rate to some reasonable initial value */ 862 for (i = ni->ni_rates.rs_nrates - 1; 863 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 864 i--); 865 ni->ni_txrate = i; 866} 867 868static int 869wpi_media_change(struct ifnet *ifp) 870{ 871 int error; 872 873 error = ieee80211_media_change(ifp); 874 if (error != ENETRESET) 875 return error; 876 877 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 878 wpi_init(ifp); 879 880 return 0; 881} 882 883static int 884wpi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 885{ 886 struct ifnet *ifp = ic->ic_ifp; 887 struct wpi_softc *sc = ifp->if_softc; 888 struct ieee80211_node *ni; 889 int error; 890 891 callout_stop(&sc->calib_to); 892 893 switch (nstate) { 894 case IEEE80211_S_SCAN: 895 ieee80211_node_table_reset(&ic->ic_scan); 896 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 897 898 /* make the link LED blink while we're scanning */ 899 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 900 901 if ((error = wpi_scan(sc, IEEE80211_CHAN_G)) != 0) { 902 aprint_error("%s: could not initiate scan\n", 903 sc->sc_dev.dv_xname); 904 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 905 return error; 906 } 907 908 ic->ic_state = nstate; 909 return 0; 910 911 case IEEE80211_S_ASSOC: 912 if (ic->ic_state != IEEE80211_S_RUN) 913 break; 914 /* FALLTHROUGH */ 915 case IEEE80211_S_AUTH: 916 sc->config.associd = 0; 917 sc->config.filter &= ~htole32(WPI_FILTER_BSS); 918 if ((error = wpi_auth(sc)) != 0) { 919 aprint_error("%s: could not send authentication request\n", 920 sc->sc_dev.dv_xname); 921 return error; 922 } 923 break; 924 925 case IEEE80211_S_RUN: 926 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 927 /* link LED blinks while monitoring */ 928 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 929 break; 930 } 931 932 ni = ic->ic_bss; 933 934 if (ic->ic_opmode != IEEE80211_M_STA) { 935 (void) wpi_auth(sc); /* XXX */ 936 wpi_setup_beacon(sc, ni); 937 } 938 939 wpi_enable_tsf(sc, ni); 940 941 /* update adapter's configuration */ 942 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 943 /* short preamble/slot time are negotiated when associating */ 944 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE | 945 WPI_CONFIG_SHSLOT); 946 if (ic->ic_flags & IEEE80211_F_SHSLOT) 947 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 948 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 949 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 950 sc->config.filter |= htole32(WPI_FILTER_BSS); 951 if (ic->ic_opmode != IEEE80211_M_STA) 952 sc->config.filter |= htole32(WPI_FILTER_BEACON); 953 954/* XXX put somewhere HC_QOS_SUPPORT_ASSOC + HC_IBSS_START */ 955 956 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 957 sc->config.flags)); 958 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 959 sizeof (struct wpi_config), 1); 960 if (error != 0) { 961 aprint_error("%s: could not update configuration\n", 962 sc->sc_dev.dv_xname); 963 return error; 964 } 965 966 /* configuration has changed, set Tx power accordingly */ 967 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 968 aprint_error("%s: could not set Tx power\n", 969 sc->sc_dev.dv_xname); 970 return error; 971 } 972 973 if (ic->ic_opmode == IEEE80211_M_STA) { 974 /* fake a join to init the tx rate */ 975 wpi_newassoc(ni, 1); 976 } 977 978 /* start periodic calibration timer */ 979 sc->calib_cnt = 0; 980 callout_reset(&sc->calib_to, hz/2, wpi_calib_timeout, sc); 981 982 /* link LED always on while associated */ 983 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 984 break; 985 986 case IEEE80211_S_INIT: 987 break; 988 } 989 990 return sc->sc_newstate(ic, nstate, arg); 991} 992 993/* 994 * Grab exclusive access to NIC memory. 995 */ 996static void 997wpi_mem_lock(struct wpi_softc *sc) 998{ 999 uint32_t tmp; 1000 int ntries; 1001 1002 tmp = WPI_READ(sc, WPI_GPIO_CTL); 1003 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 1004 1005 /* spin until we actually get the lock */ 1006 for (ntries = 0; ntries < 1000; ntries++) { 1007 if ((WPI_READ(sc, WPI_GPIO_CTL) & 1008 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 1009 break; 1010 DELAY(10); 1011 } 1012 if (ntries == 1000) 1013 aprint_error("%s: could not lock memory\n", sc->sc_dev.dv_xname); 1014} 1015 1016/* 1017 * Release lock on NIC memory. 1018 */ 1019static void 1020wpi_mem_unlock(struct wpi_softc *sc) 1021{ 1022 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 1023 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 1024} 1025 1026static uint32_t 1027wpi_mem_read(struct wpi_softc *sc, uint16_t addr) 1028{ 1029 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 1030 return WPI_READ(sc, WPI_READ_MEM_DATA); 1031} 1032 1033static void 1034wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data) 1035{ 1036 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 1037 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 1038} 1039 1040static void 1041wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr, 1042 const uint32_t *data, int wlen) 1043{ 1044 for (; wlen > 0; wlen--, data++, addr += 4) 1045 wpi_mem_write(sc, addr, *data); 1046} 1047 1048 1049/* 1050 * Read `len' bytes from the EEPROM. We access the EEPROM through the MAC 1051 * instead of using the traditional bit-bang method. 1052 */ 1053static int 1054wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int len) 1055{ 1056 uint8_t *out = data; 1057 uint32_t val; 1058 int ntries; 1059 1060 wpi_mem_lock(sc); 1061 for (; len > 0; len -= 2, addr++) { 1062 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 1063 1064 for (ntries = 0; ntries < 10; ntries++) { 1065 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & 1066 WPI_EEPROM_READY) 1067 break; 1068 DELAY(5); 1069 } 1070 if (ntries == 10) { 1071 aprint_error("%s: could not read EEPROM\n", 1072 sc->sc_dev.dv_xname); 1073 return ETIMEDOUT; 1074 } 1075 *out++ = val >> 16; 1076 if (len > 1) 1077 *out++ = val >> 24; 1078 } 1079 wpi_mem_unlock(sc); 1080 1081 return 0; 1082} 1083 1084/* 1085 * The firmware boot code is small and is intended to be copied directly into 1086 * the NIC internal memory. 1087 */ 1088int 1089wpi_load_microcode(struct wpi_softc *sc, const uint8_t *ucode, int size) 1090{ 1091 int ntries; 1092 1093 size /= sizeof (uint32_t); 1094 1095 wpi_mem_lock(sc); 1096 1097 /* copy microcode image into NIC memory */ 1098 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, 1099 (const uint32_t *)ucode, size); 1100 1101 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 1102 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 1103 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 1104 1105 /* run microcode */ 1106 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 1107 1108 /* wait for transfer to complete */ 1109 for (ntries = 0; ntries < 1000; ntries++) { 1110 if (!(wpi_mem_read(sc, WPI_MEM_UCODE_CTL) & WPI_UC_RUN)) 1111 break; 1112 DELAY(10); 1113 } 1114 if (ntries == 1000) { 1115 wpi_mem_unlock(sc); 1116 printf("%s: could not load boot firmware\n", 1117 sc->sc_dev.dv_xname); 1118 return ETIMEDOUT; 1119 } 1120 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_ENABLE); 1121 1122 wpi_mem_unlock(sc); 1123 1124 return 0; 1125} 1126 1127static int 1128wpi_load_firmware(struct wpi_softc *sc) 1129{ 1130 struct wpi_dma_info *dma = &sc->fw_dma; 1131 struct wpi_firmware_hdr hdr; 1132 const uint8_t *init_text, *init_data, *main_text, *main_data; 1133 const uint8_t *boot_text; 1134 uint32_t init_textsz, init_datasz, main_textsz, main_datasz; 1135 uint32_t boot_textsz; 1136 firmware_handle_t fw; 1137 u_char *dfw; 1138 size_t size; 1139 int error; 1140 1141 /* load firmware image from disk */ 1142 if ((error = firmware_open("if_wpi","iwlwifi-3945.ucode", &fw) != 0)) { 1143 aprint_error("%s: could not read firmware file\n", 1144 sc->sc_dev.dv_xname); 1145 goto fail1; 1146 } 1147 1148 size = firmware_get_size(fw); 1149 1150 /* extract firmware header information */ 1151 if (size < sizeof (struct wpi_firmware_hdr)) { 1152 aprint_error("%s: truncated firmware header: %zu bytes\n", 1153 sc->sc_dev.dv_xname, size); 1154 error = EINVAL; 1155 goto fail2; 1156 } 1157 1158 if ((error = firmware_read(fw, 0, &hdr, 1159 sizeof (struct wpi_firmware_hdr))) != 0) { 1160 aprint_error("%s: can't get firmware header\n", 1161 sc->sc_dev.dv_xname); 1162 goto fail2; 1163 } 1164 1165 main_textsz = le32toh(hdr.main_textsz); 1166 main_datasz = le32toh(hdr.main_datasz); 1167 init_textsz = le32toh(hdr.init_textsz); 1168 init_datasz = le32toh(hdr.init_datasz); 1169 boot_textsz = le32toh(hdr.boot_textsz); 1170 1171 /* sanity-check firmware segments sizes */ 1172 if (main_textsz > WPI_FW_MAIN_TEXT_MAXSZ || 1173 main_datasz > WPI_FW_MAIN_DATA_MAXSZ || 1174 init_textsz > WPI_FW_INIT_TEXT_MAXSZ || 1175 init_datasz > WPI_FW_INIT_DATA_MAXSZ || 1176 boot_textsz > WPI_FW_BOOT_TEXT_MAXSZ || 1177 (boot_textsz & 3) != 0) { 1178 printf("%s: invalid firmware header\n", sc->sc_dev.dv_xname); 1179 error = EINVAL; 1180 goto fail2; 1181 } 1182 1183 /* check that all firmware segments are present */ 1184 if (size < sizeof (struct wpi_firmware_hdr) + main_textsz + 1185 main_datasz + init_textsz + init_datasz + boot_textsz) { 1186 aprint_error("%s: firmware file too short: %zu bytes\n", 1187 sc->sc_dev.dv_xname, size); 1188 error = EINVAL; 1189 goto fail2; 1190 } 1191 1192 dfw = firmware_malloc(size); 1193 if (dfw == NULL) { 1194 aprint_error("%s: not enough memory to stock firmware\n", 1195 sc->sc_dev.dv_xname); 1196 error = ENOMEM; 1197 goto fail2; 1198 } 1199 1200 if ((error = firmware_read(fw, 0, dfw, size)) != 0) { 1201 aprint_error("%s: can't get firmware\n", 1202 sc->sc_dev.dv_xname); 1203 goto fail2; 1204 } 1205 1206 /* get pointers to firmware segments */ 1207 main_text = dfw + sizeof (struct wpi_firmware_hdr); 1208 main_data = main_text + main_textsz; 1209 init_text = main_data + main_datasz; 1210 init_data = init_text + init_textsz; 1211 boot_text = init_data + init_datasz; 1212 1213 /* copy initialization images into pre-allocated DMA-safe memory */ 1214 memcpy(dma->vaddr, init_data, init_datasz); 1215 memcpy((char*)dma->vaddr + WPI_FW_INIT_DATA_MAXSZ, init_text, init_textsz); 1216 1217 /* tell adapter where to find initialization images */ 1218 wpi_mem_lock(sc); 1219 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1220 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, init_datasz); 1221 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1222 dma->paddr + WPI_FW_INIT_DATA_MAXSZ); 1223 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, init_textsz); 1224 wpi_mem_unlock(sc); 1225 1226 /* load firmware boot code */ 1227 if ((error = wpi_load_microcode(sc, boot_text, boot_textsz)) != 0) { 1228 printf("%s: could not load boot firmware\n", 1229 sc->sc_dev.dv_xname); 1230 goto fail3; 1231 } 1232 1233 /* now press "execute" ;-) */ 1234 WPI_WRITE(sc, WPI_RESET, 0); 1235 1236 /* ..and wait at most one second for adapter to initialize */ 1237 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1238 /* this isn't what was supposed to happen.. */ 1239 aprint_error("%s: timeout waiting for adapter to initialize\n", 1240 sc->sc_dev.dv_xname); 1241 } 1242 1243 /* copy runtime images into pre-allocated DMA-safe memory */ 1244 memcpy(dma->vaddr, main_data, main_datasz); 1245 memcpy((char*)dma->vaddr + WPI_FW_MAIN_DATA_MAXSZ, main_text, main_textsz); 1246 1247 /* tell adapter where to find runtime images */ 1248 wpi_mem_lock(sc); 1249 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1250 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, main_datasz); 1251 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1252 dma->paddr + WPI_FW_MAIN_DATA_MAXSZ); 1253 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, WPI_FW_UPDATED | main_textsz); 1254 wpi_mem_unlock(sc); 1255 1256 /* wait at most one second for second alive notification */ 1257 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1258 /* this isn't what was supposed to happen.. */ 1259 printf("%s: timeout waiting for adapter to initialize\n", 1260 sc->sc_dev.dv_xname); 1261 } 1262 1263 1264fail3: firmware_free(dfw,size); 1265fail2: firmware_close(fw); 1266fail1: return error; 1267} 1268 1269static void 1270wpi_calib_timeout(void *arg) 1271{ 1272 struct wpi_softc *sc = arg; 1273 struct ieee80211com *ic = &sc->sc_ic; 1274 int temp, s; 1275 1276 /* automatic rate control triggered every 500ms */ 1277 if (ic->ic_fixed_rate == -1) { 1278 s = splnet(); 1279 if (ic->ic_opmode == IEEE80211_M_STA) 1280 wpi_iter_func(sc, ic->ic_bss); 1281 else 1282 ieee80211_iterate_nodes(&ic->ic_sta, wpi_iter_func, sc); 1283 splx(s); 1284 } 1285 1286 /* update sensor data */ 1287 temp = (int)WPI_READ(sc, WPI_TEMPERATURE); 1288 1289 /* automatic power calibration every 60s */ 1290 if (++sc->calib_cnt >= 120) { 1291 wpi_power_calibration(sc, temp); 1292 sc->calib_cnt = 0; 1293 } 1294 1295 callout_reset(&sc->calib_to, hz/2, wpi_calib_timeout, sc); 1296} 1297 1298static void 1299wpi_iter_func(void *arg, struct ieee80211_node *ni) 1300{ 1301 struct wpi_softc *sc = arg; 1302 struct wpi_node *wn = (struct wpi_node *)ni; 1303 1304 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1305} 1306 1307/* 1308 * This function is called periodically (every 60 seconds) to adjust output 1309 * power to temperature changes. 1310 */ 1311void 1312wpi_power_calibration(struct wpi_softc *sc, int temp) 1313{ 1314 /* sanity-check read value */ 1315 if (temp < -260 || temp > 25) { 1316 /* this can't be correct, ignore */ 1317 DPRINTF(("out-of-range temperature reported: %d\n", temp)); 1318 return; 1319 } 1320 1321 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 1322 1323 /* adjust Tx power if need be */ 1324 if (abs(temp - sc->temp) <= 6) 1325 return; 1326 1327 sc->temp = temp; 1328 1329 if (wpi_set_txpower(sc, sc->sc_ic.ic_bss->ni_chan, 1) != 0) { 1330 /* just warn, too bad for the automatic calibration... */ 1331 aprint_error("%s: could not adjust Tx power\n", 1332 sc->sc_dev.dv_xname); 1333 } 1334} 1335 1336static void 1337wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1338 struct wpi_rx_data *data) 1339{ 1340 struct ieee80211com *ic = &sc->sc_ic; 1341 struct ifnet *ifp = ic->ic_ifp; 1342 struct wpi_rx_ring *ring = &sc->rxq; 1343 struct wpi_rx_stat *stat; 1344 struct wpi_rx_head *head; 1345 struct wpi_rx_tail *tail; 1346 struct wpi_rbuf *rbuf; 1347 struct ieee80211_frame *wh; 1348 struct ieee80211_node *ni; 1349 struct mbuf *m, *mnew; 1350 1351 stat = (struct wpi_rx_stat *)(desc + 1); 1352 1353 if (stat->len > WPI_STAT_MAXLEN) { 1354 aprint_error("%s: invalid rx statistic header\n", 1355 sc->sc_dev.dv_xname); 1356 ifp->if_ierrors++; 1357 return; 1358 } 1359 1360 head = (struct wpi_rx_head *)((char *)(stat + 1) + stat->len); 1361 tail = (struct wpi_rx_tail *)((char *)(head + 1) + le16toh(head->len)); 1362 1363 DPRINTFN(4, ("rx intr: idx=%d len=%d stat len=%d rssi=%d rate=%x " 1364 "chan=%d tstamp=%" PRId64 "\n", ring->cur, le32toh(desc->len), 1365 le16toh(head->len), (int8_t)stat->rssi, head->rate, head->chan, 1366 le64toh(tail->tstamp))); 1367 1368 /* 1369 * Discard Rx frames with bad CRC early (XXX we may want to pass them 1370 * to radiotap in monitor mode). 1371 */ 1372 if ((le32toh(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1373 DPRINTF(("rx tail flags error %x\n", le32toh(tail->flags))); 1374 ifp->if_ierrors++; 1375 return; 1376 } 1377 1378 1379 1380 /* 1381 * If the number of free entry is too low 1382 * just dup the data->m socket and reuse the same rbuf entry 1383 */ 1384 if (sc->rxq.nb_free_entries <= WPI_RBUF_LOW_LIMIT) { 1385 1386 /* Set length before calling m_dup */ 1387 data->m->m_pkthdr.len = data->m->m_len = le16toh(head->len); 1388 1389 m = m_dup(data->m,0,M_COPYALL,M_DONTWAIT); 1390 } else { 1391 1392 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1393 if (mnew == NULL) { 1394 ifp->if_ierrors++; 1395 return; 1396 } 1397 1398 rbuf = wpi_alloc_rbuf(sc); 1399 KASSERT(rbuf != NULL); 1400 1401 /* attach Rx buffer to mbuf */ 1402 MEXTADD(mnew, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 1403 rbuf); 1404 mnew->m_flags |= M_EXT_RW; 1405 1406 m = data->m; 1407 data->m = mnew; 1408 1409 /* update Rx descriptor */ 1410 ring->desc[ring->cur] = htole32(rbuf->paddr); 1411 } 1412 1413 /* finalize mbuf */ 1414 m->m_pkthdr.rcvif = ifp; 1415 m->m_data = (void *)(head + 1); 1416 m->m_pkthdr.len = m->m_len = le16toh(head->len); 1417 1418#if NBPFILTER > 0 1419 if (sc->sc_drvbpf != NULL) { 1420 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1421 1422 tap->wr_flags = 0; 1423 tap->wr_chan_freq = 1424 htole16(ic->ic_channels[head->chan].ic_freq); 1425 tap->wr_chan_flags = 1426 htole16(ic->ic_channels[head->chan].ic_flags); 1427 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1428 tap->wr_dbm_antnoise = (int8_t)le16toh(stat->noise); 1429 tap->wr_tsft = tail->tstamp; 1430 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf; 1431 switch (head->rate) { 1432 /* CCK rates */ 1433 case 10: tap->wr_rate = 2; break; 1434 case 20: tap->wr_rate = 4; break; 1435 case 55: tap->wr_rate = 11; break; 1436 case 110: tap->wr_rate = 22; break; 1437 /* OFDM rates */ 1438 case 0xd: tap->wr_rate = 12; break; 1439 case 0xf: tap->wr_rate = 18; break; 1440 case 0x5: tap->wr_rate = 24; break; 1441 case 0x7: tap->wr_rate = 36; break; 1442 case 0x9: tap->wr_rate = 48; break; 1443 case 0xb: tap->wr_rate = 72; break; 1444 case 0x1: tap->wr_rate = 96; break; 1445 case 0x3: tap->wr_rate = 108; break; 1446 /* unknown rate: should not happen */ 1447 default: tap->wr_rate = 0; 1448 } 1449 if (le16toh(head->flags) & 0x4) 1450 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1451 1452 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1453 } 1454#endif 1455 1456 /* grab a reference to the source node */ 1457 wh = mtod(m, struct ieee80211_frame *); 1458 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1459 1460 /* send the frame to the 802.11 layer */ 1461 ieee80211_input(ic, m, ni, stat->rssi, 0); 1462 1463 /* release node reference */ 1464 ieee80211_free_node(ni); 1465} 1466 1467static void 1468wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1469{ 1470 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1471 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1472 struct wpi_tx_data *txdata = &ring->data[desc->idx]; 1473 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1474 struct wpi_node *wn = (struct wpi_node *)txdata->ni; 1475 1476 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1477 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1478 stat->nkill, stat->rate, le32toh(stat->duration), 1479 le32toh(stat->status))); 1480 1481 /* 1482 * Update rate control statistics for the node. 1483 * XXX we should not count mgmt frames since they're always sent at 1484 * the lowest available bit-rate. 1485 */ 1486 wn->amn.amn_txcnt++; 1487 if (stat->ntries > 0) { 1488 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1489 wn->amn.amn_retrycnt++; 1490 } 1491 1492 if ((le32toh(stat->status) & 0xff) != 1) 1493 ifp->if_oerrors++; 1494 else 1495 ifp->if_opackets++; 1496 1497 bus_dmamap_unload(sc->sc_dmat, txdata->map); 1498 m_freem(txdata->m); 1499 txdata->m = NULL; 1500 ieee80211_free_node(txdata->ni); 1501 txdata->ni = NULL; 1502 1503 ring->queued--; 1504 1505 sc->sc_tx_timer = 0; 1506 ifp->if_flags &= ~IFF_OACTIVE; 1507 wpi_start(ifp); 1508} 1509 1510static void 1511wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1512{ 1513 struct wpi_tx_ring *ring = &sc->cmdq; 1514 struct wpi_tx_data *data; 1515 1516 if ((desc->qid & 7) != 4) 1517 return; /* not a command ack */ 1518 1519 data = &ring->data[desc->idx]; 1520 1521 /* if the command was mapped in a mbuf, free it */ 1522 if (data->m != NULL) { 1523 bus_dmamap_unload(sc->sc_dmat, data->map); 1524 m_freem(data->m); 1525 data->m = NULL; 1526 } 1527 1528 wakeup(&ring->cmd[desc->idx]); 1529} 1530 1531static void 1532wpi_notif_intr(struct wpi_softc *sc) 1533{ 1534 struct ieee80211com *ic = &sc->sc_ic; 1535 struct ifnet *ifp = ic->ic_ifp; 1536 struct wpi_rx_desc *desc; 1537 struct wpi_rx_data *data; 1538 uint32_t hw; 1539 1540 hw = le32toh(sc->shared->next); 1541 while (sc->rxq.cur != hw) { 1542 data = &sc->rxq.data[sc->rxq.cur]; 1543 1544 desc = mtod(data->m, struct wpi_rx_desc *); 1545 1546 DPRINTFN(4, ("rx notification qid=%x idx=%d flags=%x type=%d " 1547 "len=%d\n", desc->qid, desc->idx, desc->flags, 1548 desc->type, le32toh(desc->len))); 1549 1550 if (!(desc->qid & 0x80)) /* reply to a command */ 1551 wpi_cmd_intr(sc, desc); 1552 1553 switch (desc->type) { 1554 case WPI_RX_DONE: 1555 /* a 802.11 frame was received */ 1556 wpi_rx_intr(sc, desc, data); 1557 break; 1558 1559 case WPI_TX_DONE: 1560 /* a 802.11 frame has been transmitted */ 1561 wpi_tx_intr(sc, desc); 1562 break; 1563 1564 case WPI_UC_READY: 1565 { 1566 struct wpi_ucode_info *uc = 1567 (struct wpi_ucode_info *)(desc + 1); 1568 1569 /* the microcontroller is ready */ 1570 DPRINTF(("microcode alive notification version %x " 1571 "alive %x\n", le32toh(uc->version), 1572 le32toh(uc->valid))); 1573 1574 if (le32toh(uc->valid) != 1) { 1575 aprint_error("%s: microcontroller " 1576 "initialization failed\n", 1577 sc->sc_dev.dv_xname); 1578 } 1579 break; 1580 } 1581 case WPI_STATE_CHANGED: 1582 { 1583 uint32_t *status = (uint32_t *)(desc + 1); 1584 1585 /* enabled/disabled notification */ 1586 DPRINTF(("state changed to %x\n", le32toh(*status))); 1587 1588 if (le32toh(*status) & 1) { 1589 /* the radio button has to be pushed */ 1590 aprint_error("%s: Radio transmitter is off\n", 1591 sc->sc_dev.dv_xname); 1592 /* turn the interface down */ 1593 ifp->if_flags &= ~IFF_UP; 1594 wpi_stop(ifp, 1); 1595 return; /* no further processing */ 1596 } 1597 break; 1598 } 1599 case WPI_START_SCAN: 1600 { 1601 struct wpi_start_scan *scan = 1602 (struct wpi_start_scan *)(desc + 1); 1603 1604 DPRINTFN(2, ("scanning channel %d status %x\n", 1605 scan->chan, le32toh(scan->status))); 1606 1607 /* fix current channel */ 1608 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1609 break; 1610 } 1611 case WPI_STOP_SCAN: 1612 { 1613 struct wpi_stop_scan *scan = 1614 (struct wpi_stop_scan *)(desc + 1); 1615 1616 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1617 scan->nchan, scan->status, scan->chan)); 1618 1619 if (scan->status == 1 && scan->chan <= 14) { 1620 /* 1621 * We just finished scanning 802.11g channels, 1622 * start scanning 802.11a ones. 1623 */ 1624 if (wpi_scan(sc, IEEE80211_CHAN_A) == 0) 1625 break; 1626 } 1627 ieee80211_end_scan(ic); 1628 break; 1629 } 1630 } 1631 1632 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 1633 } 1634 1635 /* tell the firmware what we have processed */ 1636 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1637 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7); 1638} 1639 1640static int 1641wpi_intr(void *arg) 1642{ 1643 struct wpi_softc *sc = arg; 1644 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1645 uint32_t r; 1646 1647 r = WPI_READ(sc, WPI_INTR); 1648 if (r == 0 || r == 0xffffffff) 1649 return 0; /* not for us */ 1650 1651 DPRINTFN(5, ("interrupt reg %x\n", r)); 1652 1653 /* disable interrupts */ 1654 WPI_WRITE(sc, WPI_MASK, 0); 1655 /* ack interrupts */ 1656 WPI_WRITE(sc, WPI_INTR, r); 1657 1658 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1659 aprint_error("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 1660 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1661 wpi_stop(sc->sc_ic.ic_ifp, 1); 1662 return 1; 1663 } 1664 1665 if (r & WPI_RX_INTR) 1666 wpi_notif_intr(sc); 1667 1668 if (r & WPI_ALIVE_INTR) /* firmware initialized */ 1669 wakeup(sc); 1670 1671 /* re-enable interrupts */ 1672 if (ifp->if_flags & IFF_UP) 1673 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1674 1675 return 1; 1676} 1677 1678static uint8_t 1679wpi_plcp_signal(int rate) 1680{ 1681 switch (rate) { 1682 /* CCK rates (returned values are device-dependent) */ 1683 case 2: return 10; 1684 case 4: return 20; 1685 case 11: return 55; 1686 case 22: return 110; 1687 1688 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1689 /* R1-R4, (u)ral is R4-R1 */ 1690 case 12: return 0xd; 1691 case 18: return 0xf; 1692 case 24: return 0x5; 1693 case 36: return 0x7; 1694 case 48: return 0x9; 1695 case 72: return 0xb; 1696 case 96: return 0x1; 1697 case 108: return 0x3; 1698 1699 /* unsupported rates (should not get there) */ 1700 default: return 0; 1701 } 1702} 1703 1704/* quickly determine if a given rate is CCK or OFDM */ 1705#define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1706 1707static int 1708wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1709 int ac) 1710{ 1711 struct ieee80211com *ic = &sc->sc_ic; 1712 struct wpi_tx_ring *ring = &sc->txq[ac]; 1713 struct wpi_tx_desc *desc; 1714 struct wpi_tx_data *data; 1715 struct wpi_tx_cmd *cmd; 1716 struct wpi_cmd_data *tx; 1717 struct ieee80211_frame *wh; 1718 struct ieee80211_key *k; 1719 const struct chanAccParams *cap; 1720 struct mbuf *mnew; 1721 int i, error, rate, hdrlen, noack = 0; 1722 1723 desc = &ring->desc[ring->cur]; 1724 data = &ring->data[ring->cur]; 1725 1726 wh = mtod(m0, struct ieee80211_frame *); 1727 1728 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1729 hdrlen = sizeof (struct ieee80211_qosframe); 1730 cap = &ic->ic_wme.wme_chanParams; 1731 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1732 } else 1733 hdrlen = sizeof (struct ieee80211_frame); 1734 1735 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1736 k = ieee80211_crypto_encap(ic, ni, m0); 1737 if (k == NULL) { 1738 m_freem(m0); 1739 return ENOBUFS; 1740 } 1741 1742 /* packet header may have moved, reset our local pointer */ 1743 wh = mtod(m0, struct ieee80211_frame *); 1744 } 1745 1746 /* pickup a rate */ 1747 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1748 IEEE80211_FC0_TYPE_MGT) { 1749 /* mgmt frames are sent at the lowest available bit-rate */ 1750 rate = ni->ni_rates.rs_rates[0]; 1751 } else { 1752 if (ic->ic_fixed_rate != -1) { 1753 rate = ic->ic_sup_rates[ic->ic_curmode]. 1754 rs_rates[ic->ic_fixed_rate]; 1755 } else 1756 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1757 } 1758 rate &= IEEE80211_RATE_VAL; 1759 1760 1761#if NBPFILTER > 0 1762 if (sc->sc_drvbpf != NULL) { 1763 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 1764 1765 tap->wt_flags = 0; 1766 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1767 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1768 tap->wt_rate = rate; 1769 tap->wt_hwqueue = ac; 1770 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1771 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1772 1773 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1774 } 1775#endif 1776 1777 cmd = &ring->cmd[ring->cur]; 1778 cmd->code = WPI_CMD_TX_DATA; 1779 cmd->flags = 0; 1780 cmd->qid = ring->qid; 1781 cmd->idx = ring->cur; 1782 1783 tx = (struct wpi_cmd_data *)cmd->data; 1784 tx->flags = 0; 1785 1786 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1787 tx->flags |= htole32(WPI_TX_NEED_ACK); 1788 } else if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 1789 tx->flags |= htole32(WPI_TX_NEED_RTS | WPI_TX_FULL_TXOP); 1790 1791 tx->flags |= htole32(WPI_TX_AUTO_SEQ); 1792 1793 /* retrieve destination node's id */ 1794 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? WPI_ID_BROADCAST : 1795 WPI_ID_BSS; 1796 1797 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1798 IEEE80211_FC0_TYPE_MGT) { 1799 /* tell h/w to set timestamp in probe responses */ 1800 if ((wh->i_fc[0] & 1801 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1802 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1803 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP); 1804 1805 if (((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1806 IEEE80211_FC0_SUBTYPE_ASSOC_REQ) || 1807 ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1808 IEEE80211_FC0_SUBTYPE_REASSOC_REQ)) 1809 tx->timeout = htole16(3); 1810 else 1811 tx->timeout = htole16(2); 1812 } else 1813 tx->timeout = htole16(0); 1814 1815 tx->rate = wpi_plcp_signal(rate); 1816 1817 /* be very persistant at sending frames out */ 1818 tx->rts_ntries = 7; 1819 tx->data_ntries = 15; 1820 1821 tx->ofdm_mask = 0xff; 1822 tx->cck_mask = 0xf; 1823 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 1824 1825 tx->len = htole16(m0->m_pkthdr.len); 1826 1827 /* save and trim IEEE802.11 header */ 1828 m_copydata(m0, 0, hdrlen, (void *)&tx->wh); 1829 m_adj(m0, hdrlen); 1830 1831 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1832 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1833 if (error != 0 && error != EFBIG) { 1834 aprint_error("%s: could not map mbuf (error %d)\n", 1835 sc->sc_dev.dv_xname, error); 1836 m_freem(m0); 1837 return error; 1838 } 1839 if (error != 0) { 1840 /* too many fragments, linearize */ 1841 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1842 if (mnew == NULL) { 1843 m_freem(m0); 1844 return ENOMEM; 1845 } 1846 1847 M_COPY_PKTHDR(mnew, m0); 1848 if (m0->m_pkthdr.len > MHLEN) { 1849 MCLGET(mnew, M_DONTWAIT); 1850 if (!(mnew->m_flags & M_EXT)) { 1851 m_freem(m0); 1852 m_freem(mnew); 1853 return ENOMEM; 1854 } 1855 } 1856 1857 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 1858 m_freem(m0); 1859 mnew->m_len = mnew->m_pkthdr.len; 1860 m0 = mnew; 1861 1862 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1863 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1864 if (error != 0) { 1865 aprint_error("%s: could not map mbuf (error %d)\n", 1866 sc->sc_dev.dv_xname, error); 1867 m_freem(m0); 1868 return error; 1869 } 1870 } 1871 1872 data->m = m0; 1873 data->ni = ni; 1874 1875 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 1876 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 1877 1878 /* first scatter/gather segment is used by the tx data command */ 1879 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 1880 (1 + data->map->dm_nsegs) << 24); 1881 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1882 ring->cur * sizeof (struct wpi_tx_cmd)); 1883 /*XXX The next line might be wrong. I don't use hdrlen*/ 1884 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data)); 1885 1886 for (i = 1; i <= data->map->dm_nsegs; i++) { 1887 desc->segs[i].addr = 1888 htole32(data->map->dm_segs[i - 1].ds_addr); 1889 desc->segs[i].len = 1890 htole32(data->map->dm_segs[i - 1].ds_len); 1891 } 1892 1893 ring->queued++; 1894 1895 /* kick ring */ 1896 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 1897 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 1898 1899 return 0; 1900} 1901 1902static void 1903wpi_start(struct ifnet *ifp) 1904{ 1905 struct wpi_softc *sc = ifp->if_softc; 1906 struct ieee80211com *ic = &sc->sc_ic; 1907 struct ieee80211_node *ni; 1908 struct ether_header *eh; 1909 struct mbuf *m0; 1910 int ac; 1911 1912 /* 1913 * net80211 may still try to send management frames even if the 1914 * IFF_RUNNING flag is not set... 1915 */ 1916 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 1917 return; 1918 1919 for (;;) { 1920 IF_POLL(&ic->ic_mgtq, m0); 1921 if (m0 != NULL) { 1922 IF_DEQUEUE(&ic->ic_mgtq, m0); 1923 1924 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 1925 m0->m_pkthdr.rcvif = NULL; 1926 1927 /* management frames go into ring 0 */ 1928 if (sc->txq[0].queued > sc->txq[0].count - 8) { 1929 ifp->if_oerrors++; 1930 continue; 1931 } 1932#if NBPFILTER > 0 1933 if (ic->ic_rawbpf != NULL) 1934 bpf_mtap(ic->ic_rawbpf, m0); 1935#endif 1936 if (wpi_tx_data(sc, m0, ni, 0) != 0) { 1937 ifp->if_oerrors++; 1938 break; 1939 } 1940 } else { 1941 if (ic->ic_state != IEEE80211_S_RUN) 1942 break; 1943 IFQ_POLL(&ifp->if_snd, m0); 1944 if (m0 == NULL) 1945 break; 1946 1947 if (m0->m_len < sizeof (*eh) && 1948 (m0 = m_pullup(m0, sizeof (*eh))) != NULL) { 1949 ifp->if_oerrors++; 1950 continue; 1951 } 1952 eh = mtod(m0, struct ether_header *); 1953 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 1954 if (ni == NULL) { 1955 m_freem(m0); 1956 ifp->if_oerrors++; 1957 continue; 1958 } 1959 1960 /* classify mbuf so we can find which tx ring to use */ 1961 if (ieee80211_classify(ic, m0, ni) != 0) { 1962 m_freem(m0); 1963 ieee80211_free_node(ni); 1964 ifp->if_oerrors++; 1965 continue; 1966 } 1967 1968 /* no QoS encapsulation for EAPOL frames */ 1969 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 1970 M_WME_GETAC(m0) : WME_AC_BE; 1971 1972 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 1973 /* there is no place left in this ring */ 1974 ifp->if_flags |= IFF_OACTIVE; 1975 break; 1976 } 1977 IFQ_DEQUEUE(&ifp->if_snd, m0); 1978#if NBPFILTER > 0 1979 if (ifp->if_bpf != NULL) 1980 bpf_mtap(ifp->if_bpf, m0); 1981#endif 1982 m0 = ieee80211_encap(ic, m0, ni); 1983 if (m0 == NULL) { 1984 ieee80211_free_node(ni); 1985 ifp->if_oerrors++; 1986 continue; 1987 } 1988#if NBPFILTER > 0 1989 if (ic->ic_rawbpf != NULL) 1990 bpf_mtap(ic->ic_rawbpf, m0); 1991#endif 1992 if (wpi_tx_data(sc, m0, ni, ac) != 0) { 1993 ieee80211_free_node(ni); 1994 ifp->if_oerrors++; 1995 break; 1996 } 1997 } 1998 1999 sc->sc_tx_timer = 5; 2000 ifp->if_timer = 1; 2001 } 2002} 2003 2004static void 2005wpi_watchdog(struct ifnet *ifp) 2006{ 2007 struct wpi_softc *sc = ifp->if_softc; 2008 2009 ifp->if_timer = 0; 2010 2011 if (sc->sc_tx_timer > 0) { 2012 if (--sc->sc_tx_timer == 0) { 2013 aprint_error("%s: device timeout\n", 2014 sc->sc_dev.dv_xname); 2015 ifp->if_oerrors++; 2016 ifp->if_flags &= ~IFF_UP; 2017 wpi_stop(ifp, 1); 2018 return; 2019 } 2020 ifp->if_timer = 1; 2021 } 2022 2023 ieee80211_watchdog(&sc->sc_ic); 2024} 2025 2026static int 2027wpi_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2028{ 2029#define IS_RUNNING(ifp) \ 2030 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 2031 2032 struct wpi_softc *sc = ifp->if_softc; 2033 struct ieee80211com *ic = &sc->sc_ic; 2034 struct ifreq *ifr = (struct ifreq *)data; 2035 int s, error = 0; 2036 2037 s = splnet(); 2038 2039 switch (cmd) { 2040 case SIOCSIFFLAGS: 2041 if (ifp->if_flags & IFF_UP) { 2042 if (!(ifp->if_flags & IFF_RUNNING)) 2043 wpi_init(ifp); 2044 } else { 2045 if (ifp->if_flags & IFF_RUNNING) 2046 wpi_stop(ifp, 1); 2047 } 2048 break; 2049 2050 case SIOCADDMULTI: 2051 case SIOCDELMULTI: 2052 error = (cmd == SIOCADDMULTI) ? 2053 ether_addmulti(ifr, &sc->sc_ec) : 2054 ether_delmulti(ifr, &sc->sc_ec); 2055 if (error == ENETRESET) { 2056 /* setup multicast filter, etc */ 2057 error = 0; 2058 } 2059 break; 2060 2061 default: 2062 error = ieee80211_ioctl(ic, cmd, data); 2063 } 2064 2065 if (error == ENETRESET) { 2066 if (IS_RUNNING(ifp) && 2067 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2068 wpi_init(ifp); 2069 error = 0; 2070 } 2071 2072 splx(s); 2073 return error; 2074 2075#undef IS_RUNNING 2076} 2077 2078/* 2079 * Extract various information from EEPROM. 2080 */ 2081static void 2082wpi_read_eeprom(struct wpi_softc *sc) 2083{ 2084 struct ieee80211com *ic = &sc->sc_ic; 2085 char domain[4]; 2086 int i; 2087 2088 wpi_read_prom_data(sc, WPI_EEPROM_CAPABILITIES, &sc->cap, 1); 2089 wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev, 2); 2090 wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1); 2091 2092 DPRINTF(("cap=%x rev=%x type=%x\n", sc->cap, le16toh(sc->rev), 2093 sc->type)); 2094 2095 /* read and print regulatory domain */ 2096 wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, domain, 4); 2097 aprint_normal(", %.4s", domain); 2098 2099 /* read and print MAC address */ 2100 wpi_read_prom_data(sc, WPI_EEPROM_MAC, ic->ic_myaddr, 6); 2101 aprint_normal(", address %s\n", ether_sprintf(ic->ic_myaddr)); 2102 2103 /* read the list of authorized channels */ 2104 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++) 2105 wpi_read_eeprom_channels(sc, i); 2106 2107 /* read the list of power groups */ 2108 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++) 2109 wpi_read_eeprom_group(sc, i); 2110} 2111 2112static void 2113wpi_read_eeprom_channels(struct wpi_softc *sc, int n) 2114{ 2115 struct ieee80211com *ic = &sc->sc_ic; 2116 const struct wpi_chan_band *band = &wpi_bands[n]; 2117 struct wpi_eeprom_chan channels[WPI_MAX_CHAN_PER_BAND]; 2118 int chan, i; 2119 2120 wpi_read_prom_data(sc, band->addr, channels, 2121 band->nchan * sizeof (struct wpi_eeprom_chan)); 2122 2123 for (i = 0; i < band->nchan; i++) { 2124 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) 2125 continue; 2126 2127 chan = band->chan[i]; 2128 2129 if (n == 0) { /* 2GHz band */ 2130 ic->ic_channels[chan].ic_freq = 2131 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 2132 ic->ic_channels[chan].ic_flags = 2133 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 2134 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 2135 2136 } else { /* 5GHz band */ 2137 /* 2138 * Some 3945abg adapters support channels 7, 8, 11 2139 * and 12 in the 2GHz *and* 5GHz bands. 2140 * Because of limitations in our net80211(9) stack, 2141 * we can't support these channels in 5GHz band. 2142 */ 2143 if (chan <= 14) 2144 continue; 2145 2146 ic->ic_channels[chan].ic_freq = 2147 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 2148 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 2149 } 2150 2151 /* is active scan allowed on this channel? */ 2152 if (!(channels[i].flags & WPI_EEPROM_CHAN_ACTIVE)) { 2153 ic->ic_channels[chan].ic_flags |= 2154 IEEE80211_CHAN_PASSIVE; 2155 } 2156 2157 /* save maximum allowed power for this channel */ 2158 sc->maxpwr[chan] = channels[i].maxpwr; 2159 2160 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 2161 chan, channels[i].flags, sc->maxpwr[chan])); 2162 } 2163} 2164 2165static void 2166wpi_read_eeprom_group(struct wpi_softc *sc, int n) 2167{ 2168 struct wpi_power_group *group = &sc->groups[n]; 2169 struct wpi_eeprom_group rgroup; 2170 int i; 2171 2172 wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, &rgroup, 2173 sizeof rgroup); 2174 2175 /* save power group information */ 2176 group->chan = rgroup.chan; 2177 group->maxpwr = rgroup.maxpwr; 2178 /* temperature at which the samples were taken */ 2179 group->temp = (int16_t)le16toh(rgroup.temp); 2180 2181 DPRINTF(("power group %d: chan=%d maxpwr=%d temp=%d\n", n, 2182 group->chan, group->maxpwr, group->temp)); 2183 2184 for (i = 0; i < WPI_SAMPLES_COUNT; i++) { 2185 group->samples[i].index = rgroup.samples[i].index; 2186 group->samples[i].power = rgroup.samples[i].power; 2187 2188 DPRINTF(("\tsample %d: index=%d power=%d\n", i, 2189 group->samples[i].index, group->samples[i].power)); 2190 } 2191} 2192 2193/* 2194 * Send a command to the firmware. 2195 */ 2196static int 2197wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async) 2198{ 2199 struct wpi_tx_ring *ring = &sc->cmdq; 2200 struct wpi_tx_desc *desc; 2201 struct wpi_tx_cmd *cmd; 2202 2203 KASSERT(size <= sizeof cmd->data); 2204 2205 desc = &ring->desc[ring->cur]; 2206 cmd = &ring->cmd[ring->cur]; 2207 2208 cmd->code = code; 2209 cmd->flags = 0; 2210 cmd->qid = ring->qid; 2211 cmd->idx = ring->cur; 2212 memcpy(cmd->data, buf, size); 2213 2214 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24); 2215 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2216 ring->cur * sizeof (struct wpi_tx_cmd)); 2217 desc->segs[0].len = htole32(4 + size); 2218 2219 /* kick cmd ring */ 2220 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2221 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2222 2223 return async ? 0 : tsleep(cmd, PCATCH, "wpicmd", hz); 2224} 2225 2226static int 2227wpi_wme_update(struct ieee80211com *ic) 2228{ 2229#define WPI_EXP2(v) htole16((1 << (v)) - 1) 2230#define WPI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2231 struct wpi_softc *sc = ic->ic_ifp->if_softc; 2232 const struct wmeParams *wmep; 2233 struct wpi_wme_setup wme; 2234 int ac; 2235 2236 /* don't override default WME values if WME is not actually enabled */ 2237 if (!(ic->ic_flags & IEEE80211_F_WME)) 2238 return 0; 2239 2240 wme.flags = 0; 2241 for (ac = 0; ac < WME_NUM_AC; ac++) { 2242 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2243 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2244 wme.ac[ac].cwmin = WPI_EXP2(wmep->wmep_logcwmin); 2245 wme.ac[ac].cwmax = WPI_EXP2(wmep->wmep_logcwmax); 2246 wme.ac[ac].txop = WPI_USEC(wmep->wmep_txopLimit); 2247 2248 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2249 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2250 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2251 } 2252 2253 return wpi_cmd(sc, WPI_CMD_SET_WME, &wme, sizeof wme, 1); 2254#undef WPI_USEC 2255#undef WPI_EXP2 2256} 2257 2258/* 2259 * Configure h/w multi-rate retries. 2260 */ 2261static int 2262wpi_mrr_setup(struct wpi_softc *sc) 2263{ 2264 struct ieee80211com *ic = &sc->sc_ic; 2265 struct wpi_mrr_setup mrr; 2266 int i, error; 2267 2268 /* CCK rates (not used with 802.11a) */ 2269 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 2270 mrr.rates[i].flags = 0; 2271 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2272 /* fallback to the immediate lower CCK rate (if any) */ 2273 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 2274 /* try one time at this rate before falling back to "next" */ 2275 mrr.rates[i].ntries = 1; 2276 } 2277 2278 /* OFDM rates (not used with 802.11b) */ 2279 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 2280 mrr.rates[i].flags = 0; 2281 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2282 /* fallback to the immediate lower rate (if any) */ 2283 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */ 2284 mrr.rates[i].next = (i == WPI_OFDM6) ? 2285 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 2286 WPI_OFDM6 : WPI_CCK2) : 2287 i - 1; 2288 /* try one time at this rate before falling back to "next" */ 2289 mrr.rates[i].ntries = 1; 2290 } 2291 2292 /* setup MRR for control frames */ 2293 mrr.which = htole32(WPI_MRR_CTL); 2294 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2295 if (error != 0) { 2296 aprint_error("%s: could not setup MRR for control frames\n", 2297 sc->sc_dev.dv_xname); 2298 return error; 2299 } 2300 2301 /* setup MRR for data frames */ 2302 mrr.which = htole32(WPI_MRR_DATA); 2303 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2304 if (error != 0) { 2305 aprint_error("%s: could not setup MRR for data frames\n", 2306 sc->sc_dev.dv_xname); 2307 return error; 2308 } 2309 2310 return 0; 2311} 2312 2313static void 2314wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2315{ 2316 struct wpi_cmd_led led; 2317 2318 led.which = which; 2319 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2320 led.off = off; 2321 led.on = on; 2322 2323 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 2324} 2325 2326static void 2327wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni) 2328{ 2329 struct wpi_cmd_tsf tsf; 2330 uint64_t val, mod; 2331 2332 memset(&tsf, 0, sizeof tsf); 2333 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8); 2334 tsf.bintval = htole16(ni->ni_intval); 2335 tsf.lintval = htole16(10); 2336 2337 /* compute remaining time until next beacon */ 2338 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 2339 mod = le64toh(tsf.tstamp) % val; 2340 tsf.binitval = htole32((uint32_t)(val - mod)); 2341 2342 DPRINTF(("TSF bintval=%u tstamp=%" PRId64 ", init=%u\n", 2343 ni->ni_intval, le64toh(tsf.tstamp), (uint32_t)(val - mod))); 2344 2345 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2346 aprint_error("%s: could not enable TSF\n", sc->sc_dev.dv_xname); 2347} 2348 2349/* 2350 * Update Tx power to match what is defined for channel `c'. 2351 */ 2352static int 2353wpi_set_txpower(struct wpi_softc *sc, struct ieee80211_channel *c, int async) 2354{ 2355 struct ieee80211com *ic = &sc->sc_ic; 2356 struct wpi_power_group *group; 2357 struct wpi_cmd_txpower txpower; 2358 u_int chan; 2359 int i; 2360 2361 /* get channel number */ 2362 chan = ieee80211_chan2ieee(ic, c); 2363 2364 /* find the power group to which this channel belongs */ 2365 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2366 for (group = &sc->groups[1]; group < &sc->groups[4]; group++) 2367 if (chan <= group->chan) 2368 break; 2369 } else 2370 group = &sc->groups[0]; 2371 2372 memset(&txpower, 0, sizeof txpower); 2373 txpower.band = IEEE80211_IS_CHAN_5GHZ(c) ? 0 : 1; 2374 txpower.chan = htole16(chan); 2375 2376 /* set Tx power for all OFDM and CCK rates */ 2377 for (i = 0; i <= 11 ; i++) { 2378 /* retrieve Tx power for this channel/rate combination */ 2379 int idx = wpi_get_power_index(sc, group, c, 2380 wpi_ridx_to_rate[i]); 2381 2382 txpower.rates[i].plcp = wpi_ridx_to_plcp[i]; 2383 2384 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2385 txpower.rates[i].rf_gain = wpi_rf_gain_5ghz[idx]; 2386 txpower.rates[i].dsp_gain = wpi_dsp_gain_5ghz[idx]; 2387 } else { 2388 txpower.rates[i].rf_gain = wpi_rf_gain_2ghz[idx]; 2389 txpower.rates[i].dsp_gain = wpi_dsp_gain_2ghz[idx]; 2390 } 2391 DPRINTF(("chan %d/rate %d: power index %d\n", chan, 2392 wpi_ridx_to_rate[i], idx)); 2393 } 2394 2395 return wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, async); 2396} 2397 2398/* 2399 * Determine Tx power index for a given channel/rate combination. 2400 * This takes into account the regulatory information from EEPROM and the 2401 * current temperature. 2402 */ 2403static int 2404wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group, 2405 struct ieee80211_channel *c, int rate) 2406{ 2407/* fixed-point arithmetic division using a n-bit fractional part */ 2408#define fdivround(a, b, n) \ 2409 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 2410 2411/* linear interpolation */ 2412#define interpolate(x, x1, y1, x2, y2, n) \ 2413 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 2414 2415 struct ieee80211com *ic = &sc->sc_ic; 2416 struct wpi_power_sample *sample; 2417 int pwr, idx; 2418 u_int chan; 2419 2420 /* get channel number */ 2421 chan = ieee80211_chan2ieee(ic, c); 2422 2423 /* default power is group's maximum power - 3dB */ 2424 pwr = group->maxpwr / 2; 2425 2426 /* decrease power for highest OFDM rates to reduce distortion */ 2427 switch (rate) { 2428 case 72: /* 36Mb/s */ 2429 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5; 2430 break; 2431 case 96: /* 48Mb/s */ 2432 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10; 2433 break; 2434 case 108: /* 54Mb/s */ 2435 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12; 2436 break; 2437 } 2438 2439 /* never exceed channel's maximum allowed Tx power */ 2440 pwr = min(pwr, sc->maxpwr[chan]); 2441 2442 /* retrieve power index into gain tables from samples */ 2443 for (sample = group->samples; sample < &group->samples[3]; sample++) 2444 if (pwr > sample[1].power) 2445 break; 2446 /* fixed-point linear interpolation using a 19-bit fractional part */ 2447 idx = interpolate(pwr, sample[0].power, sample[0].index, 2448 sample[1].power, sample[1].index, 19); 2449 2450 /* 2451 * Adjust power index based on current temperature: 2452 * - if cooler than factory-calibrated: decrease output power 2453 * - if warmer than factory-calibrated: increase output power 2454 */ 2455 idx -= (sc->temp - group->temp) * 11 / 100; 2456 2457 /* decrease power for CCK rates (-5dB) */ 2458 if (!WPI_RATE_IS_OFDM(rate)) 2459 idx += 10; 2460 2461 /* keep power index in a valid range */ 2462 if (idx < 0) 2463 return 0; 2464 if (idx > WPI_MAX_PWR_INDEX) 2465 return WPI_MAX_PWR_INDEX; 2466 return idx; 2467 2468#undef interpolate 2469#undef fdivround 2470} 2471 2472/* 2473 * Build a beacon frame that the firmware will broadcast periodically in 2474 * IBSS or HostAP modes. 2475 */ 2476static int 2477wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 2478{ 2479 struct ieee80211com *ic = &sc->sc_ic; 2480 struct wpi_tx_ring *ring = &sc->cmdq; 2481 struct wpi_tx_desc *desc; 2482 struct wpi_tx_data *data; 2483 struct wpi_tx_cmd *cmd; 2484 struct wpi_cmd_beacon *bcn; 2485 struct ieee80211_beacon_offsets bo; 2486 struct mbuf *m0; 2487 int error; 2488 2489 desc = &ring->desc[ring->cur]; 2490 data = &ring->data[ring->cur]; 2491 2492 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2493 if (m0 == NULL) { 2494 aprint_error("%s: could not allocate beacon frame\n", 2495 sc->sc_dev.dv_xname); 2496 return ENOMEM; 2497 } 2498 2499 cmd = &ring->cmd[ring->cur]; 2500 cmd->code = WPI_CMD_SET_BEACON; 2501 cmd->flags = 0; 2502 cmd->qid = ring->qid; 2503 cmd->idx = ring->cur; 2504 2505 bcn = (struct wpi_cmd_beacon *)cmd->data; 2506 memset(bcn, 0, sizeof (struct wpi_cmd_beacon)); 2507 bcn->id = WPI_ID_BROADCAST; 2508 bcn->ofdm_mask = 0xff; 2509 bcn->cck_mask = 0x0f; 2510 bcn->lifetime = htole32(WPI_LIFETIME_INFINITE); 2511 bcn->len = htole16(m0->m_pkthdr.len); 2512 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2513 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2514 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 2515 2516 /* save and trim IEEE802.11 header */ 2517 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (void *)&bcn->wh); 2518 m_adj(m0, sizeof (struct ieee80211_frame)); 2519 2520 /* assume beacon frame is contiguous */ 2521 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2522 BUS_DMA_READ | BUS_DMA_NOWAIT); 2523 if (error) { 2524 aprint_error("%s: could not map beacon\n", sc->sc_dev.dv_xname); 2525 m_freem(m0); 2526 return error; 2527 } 2528 2529 data->m = m0; 2530 2531 /* first scatter/gather segment is used by the beacon command */ 2532 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24); 2533 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2534 ring->cur * sizeof (struct wpi_tx_cmd)); 2535 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon)); 2536 desc->segs[1].addr = htole32(data->map->dm_segs[0].ds_addr); 2537 desc->segs[1].len = htole32(data->map->dm_segs[0].ds_len); 2538 2539 /* kick cmd ring */ 2540 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2541 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2542 2543 return 0; 2544} 2545 2546static int 2547wpi_auth(struct wpi_softc *sc) 2548{ 2549 struct ieee80211com *ic = &sc->sc_ic; 2550 struct ieee80211_node *ni = ic->ic_bss; 2551 struct wpi_node_info node; 2552 int error; 2553 2554 /* update adapter's configuration */ 2555 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 2556 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2557 sc->config.flags = htole32(WPI_CONFIG_TSF); 2558 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2559 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2560 WPI_CONFIG_24GHZ); 2561 } 2562 switch (ic->ic_curmode) { 2563 case IEEE80211_MODE_11A: 2564 sc->config.cck_mask = 0; 2565 sc->config.ofdm_mask = 0x15; 2566 break; 2567 case IEEE80211_MODE_11B: 2568 sc->config.cck_mask = 0x03; 2569 sc->config.ofdm_mask = 0; 2570 break; 2571 default: /* assume 802.11b/g */ 2572 sc->config.cck_mask = 0x0f; 2573 sc->config.ofdm_mask = 0x15; 2574 } 2575 2576 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 2577 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 2578 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2579 sizeof (struct wpi_config), 1); 2580 if (error != 0) { 2581 aprint_error("%s: could not configure\n", sc->sc_dev.dv_xname); 2582 return error; 2583 } 2584 2585 /* configuration has changed, set Tx power accordingly */ 2586 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 2587 aprint_error("%s: could not set Tx power\n", sc->sc_dev.dv_xname); 2588 return error; 2589 } 2590 2591 /* add default node */ 2592 memset(&node, 0, sizeof node); 2593 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid); 2594 node.id = WPI_ID_BSS; 2595 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2596 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2597 node.action = htole32(WPI_ACTION_SET_RATE); 2598 node.antenna = WPI_ANTENNA_BOTH; 2599 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 2600 if (error != 0) { 2601 aprint_error("%s: could not add BSS node\n", sc->sc_dev.dv_xname); 2602 return error; 2603 } 2604 2605 return 0; 2606} 2607 2608/* 2609 * Send a scan request to the firmware. Since this command is huge, we map it 2610 * into a mbuf instead of using the pre-allocated set of commands. 2611 */ 2612static int 2613wpi_scan(struct wpi_softc *sc, uint16_t flags) 2614{ 2615 struct ieee80211com *ic = &sc->sc_ic; 2616 struct wpi_tx_ring *ring = &sc->cmdq; 2617 struct wpi_tx_desc *desc; 2618 struct wpi_tx_data *data; 2619 struct wpi_tx_cmd *cmd; 2620 struct wpi_scan_hdr *hdr; 2621 struct wpi_scan_chan *chan; 2622 struct ieee80211_frame *wh; 2623 struct ieee80211_rateset *rs; 2624 struct ieee80211_channel *c; 2625 enum ieee80211_phymode mode; 2626 uint8_t *frm; 2627 int nrates, pktlen, error; 2628 2629 desc = &ring->desc[ring->cur]; 2630 data = &ring->data[ring->cur]; 2631 2632 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 2633 if (data->m == NULL) { 2634 aprint_error("%s: could not allocate mbuf for scan command\n", 2635 sc->sc_dev.dv_xname); 2636 return ENOMEM; 2637 } 2638 2639 MCLGET(data->m, M_DONTWAIT); 2640 if (!(data->m->m_flags & M_EXT)) { 2641 m_freem(data->m); 2642 data->m = NULL; 2643 aprint_error("%s: could not allocate mbuf for scan command\n", 2644 sc->sc_dev.dv_xname); 2645 return ENOMEM; 2646 } 2647 2648 cmd = mtod(data->m, struct wpi_tx_cmd *); 2649 cmd->code = WPI_CMD_SCAN; 2650 cmd->flags = 0; 2651 cmd->qid = ring->qid; 2652 cmd->idx = ring->cur; 2653 2654 hdr = (struct wpi_scan_hdr *)cmd->data; 2655 memset(hdr, 0, sizeof (struct wpi_scan_hdr)); 2656 hdr->txflags = htole32(WPI_TX_AUTO_SEQ); 2657 hdr->id = WPI_ID_BROADCAST; 2658 hdr->lifetime = htole32(WPI_LIFETIME_INFINITE); 2659 2660 /* 2661 * Move to the next channel if no packets are received within 5 msecs 2662 * after sending the probe request (this helps to reduce the duration 2663 * of active scans). 2664 */ 2665 hdr->quiet = htole16(5); /* timeout in milliseconds */ 2666 hdr->plcp_threshold = htole16(1); /* min # of packets */ 2667 2668 if (flags & IEEE80211_CHAN_A) { 2669 hdr->crc_threshold = htole16(1); 2670 /* send probe requests at 6Mbps */ 2671 hdr->rate = wpi_plcp_signal(12); 2672 } else { 2673 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO); 2674 /* send probe requests at 1Mbps */ 2675 hdr->rate = wpi_plcp_signal(2); 2676 } 2677 2678 /* for directed scans, firmware inserts the essid IE itself */ 2679 hdr->essid[0].id = IEEE80211_ELEMID_SSID; 2680 hdr->essid[0].len = ic->ic_des_esslen; 2681 memcpy(hdr->essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 2682 2683 /* 2684 * Build a probe request frame. Most of the following code is a 2685 * copy & paste of what is done in net80211. 2686 */ 2687 wh = (struct ieee80211_frame *)(hdr + 1); 2688 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2689 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2690 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2691 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2692 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2693 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2694 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2695 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2696 2697 frm = (uint8_t *)(wh + 1); 2698 2699 /* add empty essid IE (firmware generates it for directed scans) */ 2700 *frm++ = IEEE80211_ELEMID_SSID; 2701 *frm++ = 0; 2702 2703 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 2704 rs = &ic->ic_sup_rates[mode]; 2705 2706 /* add supported rates IE */ 2707 *frm++ = IEEE80211_ELEMID_RATES; 2708 nrates = rs->rs_nrates; 2709 if (nrates > IEEE80211_RATE_SIZE) 2710 nrates = IEEE80211_RATE_SIZE; 2711 *frm++ = nrates; 2712 memcpy(frm, rs->rs_rates, nrates); 2713 frm += nrates; 2714 2715 /* add supported xrates IE */ 2716 if (rs->rs_nrates > IEEE80211_RATE_SIZE) { 2717 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 2718 *frm++ = IEEE80211_ELEMID_XRATES; 2719 *frm++ = nrates; 2720 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 2721 frm += nrates; 2722 } 2723 2724 /* setup length of probe request */ 2725 hdr->paylen = htole16(frm - (uint8_t *)wh); 2726 2727 chan = (struct wpi_scan_chan *)frm; 2728 for (c = &ic->ic_channels[1]; 2729 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 2730 if ((c->ic_flags & flags) != flags) 2731 continue; 2732 2733 chan->chan = ieee80211_chan2ieee(ic, c); 2734 chan->flags = 0; 2735 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 2736 chan->flags |= WPI_CHAN_ACTIVE; 2737 if (ic->ic_des_esslen != 0) 2738 chan->flags |= WPI_CHAN_DIRECT; 2739 } 2740 chan->dsp_gain = 0x6e; 2741 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2742 chan->rf_gain = 0x3b; 2743 chan->active = htole16(10); 2744 chan->passive = htole16(110); 2745 } else { 2746 chan->rf_gain = 0x28; 2747 chan->active = htole16(20); 2748 chan->passive = htole16(120); 2749 } 2750 hdr->nchan++; 2751 chan++; 2752 2753 frm += sizeof (struct wpi_scan_chan); 2754 } 2755 hdr->len = htole16(frm - (uint8_t *)hdr); 2756 pktlen = frm - (uint8_t *)cmd; 2757 2758 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, 2759 NULL, BUS_DMA_NOWAIT); 2760 if (error) { 2761 aprint_error("%s: could not map scan command\n", 2762 sc->sc_dev.dv_xname); 2763 m_freem(data->m); 2764 data->m = NULL; 2765 return error; 2766 } 2767 2768 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2769 desc->segs[0].addr = htole32(data->map->dm_segs[0].ds_addr); 2770 desc->segs[0].len = htole32(data->map->dm_segs[0].ds_len); 2771 2772 /* kick cmd ring */ 2773 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2774 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2775 2776 return 0; /* will be notified async. of failure/success */ 2777} 2778 2779static int 2780wpi_config(struct wpi_softc *sc) 2781{ 2782 struct ieee80211com *ic = &sc->sc_ic; 2783 struct ifnet *ifp = ic->ic_ifp; 2784 struct wpi_power power; 2785 struct wpi_bluetooth bluetooth; 2786 struct wpi_node_info node; 2787 int error; 2788 2789 memset(&power, 0, sizeof power); 2790 power.flags = htole32(WPI_POWER_CAM | 0x8); 2791 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0); 2792 if (error != 0) { 2793 aprint_error("%s: could not set power mode\n", 2794 sc->sc_dev.dv_xname); 2795 return error; 2796 } 2797 2798 /* configure bluetooth coexistence */ 2799 memset(&bluetooth, 0, sizeof bluetooth); 2800 bluetooth.flags = 3; 2801 bluetooth.lead = 0xaa; 2802 bluetooth.kill = 1; 2803 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 2804 0); 2805 if (error != 0) { 2806 aprint_error( 2807 "%s: could not configure bluetooth coexistence\n", 2808 sc->sc_dev.dv_xname); 2809 return error; 2810 } 2811 2812 /* configure adapter */ 2813 memset(&sc->config, 0, sizeof (struct wpi_config)); 2814 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2815 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 2816 /*set default channel*/ 2817 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 2818 sc->config.flags = htole32(WPI_CONFIG_TSF); 2819 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 2820 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2821 WPI_CONFIG_24GHZ); 2822 } 2823 sc->config.filter = 0; 2824 switch (ic->ic_opmode) { 2825 case IEEE80211_M_STA: 2826 sc->config.mode = WPI_MODE_STA; 2827 sc->config.filter |= htole32(WPI_FILTER_MULTICAST); 2828 break; 2829 case IEEE80211_M_IBSS: 2830 case IEEE80211_M_AHDEMO: 2831 sc->config.mode = WPI_MODE_IBSS; 2832 break; 2833 case IEEE80211_M_HOSTAP: 2834 sc->config.mode = WPI_MODE_HOSTAP; 2835 break; 2836 case IEEE80211_M_MONITOR: 2837 sc->config.mode = WPI_MODE_MONITOR; 2838 sc->config.filter |= htole32(WPI_FILTER_MULTICAST | 2839 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2840 break; 2841 } 2842 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 2843 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 2844 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2845 sizeof (struct wpi_config), 0); 2846 if (error != 0) { 2847 aprint_error("%s: configure command failed\n", 2848 sc->sc_dev.dv_xname); 2849 return error; 2850 } 2851 2852 /* configuration has changed, set Tx power accordingly */ 2853 if ((error = wpi_set_txpower(sc, ic->ic_ibss_chan, 0)) != 0) { 2854 aprint_error("%s: could not set Tx power\n", sc->sc_dev.dv_xname); 2855 return error; 2856 } 2857 2858 /* add broadcast node */ 2859 memset(&node, 0, sizeof node); 2860 IEEE80211_ADDR_COPY(node.bssid, etherbroadcastaddr); 2861 node.id = WPI_ID_BROADCAST; 2862 node.rate = wpi_plcp_signal(2); 2863 node.action = htole32(WPI_ACTION_SET_RATE); 2864 node.antenna = WPI_ANTENNA_BOTH; 2865 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0); 2866 if (error != 0) { 2867 aprint_error("%s: could not add broadcast node\n", 2868 sc->sc_dev.dv_xname); 2869 return error; 2870 } 2871 2872 if ((error = wpi_mrr_setup(sc)) != 0) { 2873 aprint_error("%s: could not setup MRR\n", sc->sc_dev.dv_xname); 2874 return error; 2875 } 2876 2877 return 0; 2878} 2879 2880static void 2881wpi_stop_master(struct wpi_softc *sc) 2882{ 2883 uint32_t tmp; 2884 int ntries; 2885 2886 tmp = WPI_READ(sc, WPI_RESET); 2887 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER); 2888 2889 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2890 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 2891 return; /* already asleep */ 2892 2893 for (ntries = 0; ntries < 100; ntries++) { 2894 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 2895 break; 2896 DELAY(10); 2897 } 2898 if (ntries == 100) { 2899 aprint_error("%s: timeout waiting for master\n", 2900 sc->sc_dev.dv_xname); 2901 } 2902} 2903 2904static int 2905wpi_power_up(struct wpi_softc *sc) 2906{ 2907 uint32_t tmp; 2908 int ntries; 2909 2910 wpi_mem_lock(sc); 2911 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 2912 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 2913 wpi_mem_unlock(sc); 2914 2915 for (ntries = 0; ntries < 5000; ntries++) { 2916 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 2917 break; 2918 DELAY(10); 2919 } 2920 if (ntries == 5000) { 2921 aprint_error("%s: timeout waiting for NIC to power up\n", 2922 sc->sc_dev.dv_xname); 2923 return ETIMEDOUT; 2924 } 2925 return 0; 2926} 2927 2928static int 2929wpi_reset(struct wpi_softc *sc) 2930{ 2931 uint32_t tmp; 2932 int ntries; 2933 2934 /* clear any pending interrupts */ 2935 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 2936 2937 tmp = WPI_READ(sc, WPI_PLL_CTL); 2938 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 2939 2940 tmp = WPI_READ(sc, WPI_CHICKEN); 2941 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 2942 2943 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2944 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 2945 2946 /* wait for clock stabilization */ 2947 for (ntries = 0; ntries < 1000; ntries++) { 2948 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 2949 break; 2950 DELAY(10); 2951 } 2952 if (ntries == 1000) { 2953 aprint_error("%s: timeout waiting for clock stabilization\n", 2954 sc->sc_dev.dv_xname); 2955 return ETIMEDOUT; 2956 } 2957 2958 /* initialize EEPROM */ 2959 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 2960 if ((tmp & WPI_EEPROM_VERSION) == 0) { 2961 aprint_error("%s: EEPROM not found\n", sc->sc_dev.dv_xname); 2962 return EIO; 2963 } 2964 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 2965 2966 return 0; 2967} 2968 2969static void 2970wpi_hw_config(struct wpi_softc *sc) 2971{ 2972 uint32_t rev, hw; 2973 2974 /* voodoo from the reference driver */ 2975 hw = WPI_READ(sc, WPI_HWCONFIG); 2976 2977 rev = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 2978 rev = PCI_REVISION(rev); 2979 if ((rev & 0xc0) == 0x40) 2980 hw |= WPI_HW_ALM_MB; 2981 else if (!(rev & 0x80)) 2982 hw |= WPI_HW_ALM_MM; 2983 2984 if (sc->cap == 0x80) 2985 hw |= WPI_HW_SKU_MRC; 2986 2987 hw &= ~WPI_HW_REV_D; 2988 if ((le16toh(sc->rev) & 0xf0) == 0xd0) 2989 hw |= WPI_HW_REV_D; 2990 2991 if (sc->type > 1) 2992 hw |= WPI_HW_TYPE_B; 2993 2994 DPRINTF(("setting h/w config %x\n", hw)); 2995 WPI_WRITE(sc, WPI_HWCONFIG, hw); 2996} 2997 2998static int 2999wpi_init(struct ifnet *ifp) 3000{ 3001 struct wpi_softc *sc = ifp->if_softc; 3002 struct ieee80211com *ic = &sc->sc_ic; 3003 uint32_t tmp; 3004 int qid, ntries, error; 3005 3006 wpi_stop(ifp,1); 3007 (void)wpi_reset(sc); 3008 3009 wpi_mem_lock(sc); 3010 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 3011 DELAY(20); 3012 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 3013 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 3014 wpi_mem_unlock(sc); 3015 3016 (void)wpi_power_up(sc); 3017 wpi_hw_config(sc); 3018 3019 /* init Rx ring */ 3020 wpi_mem_lock(sc); 3021 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr); 3022 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr + 3023 offsetof(struct wpi_shared, next)); 3024 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7); 3025 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 3026 wpi_mem_unlock(sc); 3027 3028 /* init Tx rings */ 3029 wpi_mem_lock(sc); 3030 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 3031 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 3032 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 3033 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 3034 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 3035 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 3036 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 3037 3038 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr); 3039 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 3040 3041 for (qid = 0; qid < 6; qid++) { 3042 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 3043 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 3044 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 3045 } 3046 wpi_mem_unlock(sc); 3047 3048 /* clear "radio off" and "disable command" bits (reversed logic) */ 3049 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3050 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 3051 3052 /* clear any pending interrupts */ 3053 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3054 /* enable interrupts */ 3055 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 3056 3057 /* not sure why/if this is necessary... */ 3058 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3059 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3060 3061 if ((error = wpi_load_firmware(sc)) != 0) { 3062 aprint_error("%s: could not load firmware\n", sc->sc_dev.dv_xname); 3063 goto fail1; 3064 } 3065 3066 /* wait for thermal sensors to calibrate */ 3067 for (ntries = 0; ntries < 1000; ntries++) { 3068 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0) 3069 break; 3070 DELAY(10); 3071 } 3072 if (ntries == 1000) { 3073 aprint_error("%s: timeout waiting for thermal sensors calibration\n", 3074 sc->sc_dev.dv_xname); 3075 error = ETIMEDOUT; 3076 goto fail1; 3077 } 3078 3079 DPRINTF(("temperature %d\n", sc->temp)); 3080 3081 if ((error = wpi_config(sc)) != 0) { 3082 aprint_error("%s: could not configure device\n", 3083 sc->sc_dev.dv_xname); 3084 goto fail1; 3085 } 3086 3087 ifp->if_flags &= ~IFF_OACTIVE; 3088 ifp->if_flags |= IFF_RUNNING; 3089 3090 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3091 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3092 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3093 } 3094 else 3095 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3096 3097 return 0; 3098 3099fail1: wpi_stop(ifp, 1); 3100 return error; 3101} 3102 3103 3104static void 3105wpi_stop(struct ifnet *ifp, int disable) 3106{ 3107 struct wpi_softc *sc = ifp->if_softc; 3108 struct ieee80211com *ic = &sc->sc_ic; 3109 uint32_t tmp; 3110 int ac; 3111 3112 ifp->if_timer = sc->sc_tx_timer = 0; 3113 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3114 3115 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3116 3117 /* disable interrupts */ 3118 WPI_WRITE(sc, WPI_MASK, 0); 3119 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 3120 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 3121 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 3122 3123 wpi_mem_lock(sc); 3124 wpi_mem_write(sc, WPI_MEM_MODE, 0); 3125 wpi_mem_unlock(sc); 3126 3127 /* reset all Tx rings */ 3128 for (ac = 0; ac < 4; ac++) 3129 wpi_reset_tx_ring(sc, &sc->txq[ac]); 3130 wpi_reset_tx_ring(sc, &sc->cmdq); 3131 wpi_reset_tx_ring(sc, &sc->svcq); 3132 3133 /* reset Rx ring */ 3134 wpi_reset_rx_ring(sc, &sc->rxq); 3135 3136 wpi_mem_lock(sc); 3137 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 3138 wpi_mem_unlock(sc); 3139 3140 DELAY(5); 3141 3142 wpi_stop_master(sc); 3143 3144 tmp = WPI_READ(sc, WPI_RESET); 3145 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 3146} 3147