if_wpi.c revision 1.62
1/* $NetBSD: if_wpi.c,v 1.62 2014/07/05 17:39:21 jakllsch Exp $ */ 2 3/*- 4 * Copyright (c) 2006, 2007 5 * Damien Bergamini <damien.bergamini@free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20#include <sys/cdefs.h> 21__KERNEL_RCSID(0, "$NetBSD: if_wpi.c,v 1.62 2014/07/05 17:39:21 jakllsch Exp $"); 22 23/* 24 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 25 */ 26 27 28#include <sys/param.h> 29#include <sys/sockio.h> 30#include <sys/sysctl.h> 31#include <sys/mbuf.h> 32#include <sys/kernel.h> 33#include <sys/socket.h> 34#include <sys/systm.h> 35#include <sys/malloc.h> 36#include <sys/mutex.h> 37#include <sys/once.h> 38#include <sys/conf.h> 39#include <sys/kauth.h> 40#include <sys/callout.h> 41#include <sys/proc.h> 42 43#include <sys/bus.h> 44#include <machine/endian.h> 45#include <sys/intr.h> 46 47#include <dev/pci/pcireg.h> 48#include <dev/pci/pcivar.h> 49#include <dev/pci/pcidevs.h> 50 51#include <net/bpf.h> 52#include <net/if.h> 53#include <net/if_arp.h> 54#include <net/if_dl.h> 55#include <net/if_ether.h> 56#include <net/if_media.h> 57#include <net/if_types.h> 58 59#include <netinet/in.h> 60#include <netinet/in_systm.h> 61#include <netinet/in_var.h> 62#include <netinet/ip.h> 63 64#include <net80211/ieee80211_var.h> 65#include <net80211/ieee80211_amrr.h> 66#include <net80211/ieee80211_radiotap.h> 67 68#include <dev/firmload.h> 69 70#include <dev/pci/if_wpireg.h> 71#include <dev/pci/if_wpivar.h> 72 73static const char wpi_firmware_name[] = "iwlwifi-3945.ucode"; 74static once_t wpi_firmware_init; 75static kmutex_t wpi_firmware_mutex; 76static size_t wpi_firmware_users; 77static uint8_t *wpi_firmware_image; 78static size_t wpi_firmware_size; 79 80static int wpi_match(device_t, cfdata_t, void *); 81static void wpi_attach(device_t, device_t, void *); 82static int wpi_detach(device_t , int); 83static int wpi_dma_contig_alloc(bus_dma_tag_t, struct wpi_dma_info *, 84 void **, bus_size_t, bus_size_t, int); 85static void wpi_dma_contig_free(struct wpi_dma_info *); 86static int wpi_alloc_shared(struct wpi_softc *); 87static void wpi_free_shared(struct wpi_softc *); 88static int wpi_alloc_fwmem(struct wpi_softc *); 89static void wpi_free_fwmem(struct wpi_softc *); 90static struct wpi_rbuf *wpi_alloc_rbuf(struct wpi_softc *); 91static void wpi_free_rbuf(struct mbuf *, void *, size_t, void *); 92static int wpi_alloc_rpool(struct wpi_softc *); 93static void wpi_free_rpool(struct wpi_softc *); 94static int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 95static void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 96static void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 97static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, 98 int, int); 99static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 100static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 101static struct ieee80211_node * wpi_node_alloc(struct ieee80211_node_table *); 102static void wpi_newassoc(struct ieee80211_node *, int); 103static int wpi_media_change(struct ifnet *); 104static int wpi_newstate(struct ieee80211com *, enum ieee80211_state, int); 105static void wpi_fix_channel(struct ieee80211com *, struct mbuf *); 106static void wpi_mem_lock(struct wpi_softc *); 107static void wpi_mem_unlock(struct wpi_softc *); 108static uint32_t wpi_mem_read(struct wpi_softc *, uint16_t); 109static void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t); 110static void wpi_mem_write_region_4(struct wpi_softc *, uint16_t, 111 const uint32_t *, int); 112static int wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int); 113static int wpi_load_microcode(struct wpi_softc *, const uint8_t *, int); 114static int wpi_cache_firmware(struct wpi_softc *); 115static void wpi_release_firmware(void); 116static int wpi_load_firmware(struct wpi_softc *); 117static void wpi_calib_timeout(void *); 118static void wpi_iter_func(void *, struct ieee80211_node *); 119static void wpi_power_calibration(struct wpi_softc *, int); 120static void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *, 121 struct wpi_rx_data *); 122static void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *); 123static void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *); 124static void wpi_notif_intr(struct wpi_softc *); 125static int wpi_intr(void *); 126static void wpi_read_eeprom(struct wpi_softc *); 127static void wpi_read_eeprom_channels(struct wpi_softc *, int); 128static void wpi_read_eeprom_group(struct wpi_softc *, int); 129static uint8_t wpi_plcp_signal(int); 130static int wpi_tx_data(struct wpi_softc *, struct mbuf *, 131 struct ieee80211_node *, int); 132static void wpi_start(struct ifnet *); 133static void wpi_watchdog(struct ifnet *); 134static int wpi_ioctl(struct ifnet *, u_long, void *); 135static int wpi_cmd(struct wpi_softc *, int, const void *, int, int); 136static int wpi_wme_update(struct ieee80211com *); 137static int wpi_mrr_setup(struct wpi_softc *); 138static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 139static void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *); 140static int wpi_set_txpower(struct wpi_softc *, 141 struct ieee80211_channel *, int); 142static int wpi_get_power_index(struct wpi_softc *, 143 struct wpi_power_group *, struct ieee80211_channel *, int); 144static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 145static int wpi_auth(struct wpi_softc *); 146static int wpi_scan(struct wpi_softc *, uint16_t); 147static int wpi_config(struct wpi_softc *); 148static void wpi_stop_master(struct wpi_softc *); 149static int wpi_power_up(struct wpi_softc *); 150static int wpi_reset(struct wpi_softc *); 151static void wpi_hw_config(struct wpi_softc *); 152static int wpi_init(struct ifnet *); 153static void wpi_stop(struct ifnet *, int); 154static bool wpi_resume(device_t, const pmf_qual_t *); 155static int wpi_getrfkill(struct wpi_softc *); 156static void wpi_sysctlattach(struct wpi_softc *); 157 158#ifdef WPI_DEBUG 159#define DPRINTF(x) do { if (wpi_debug > 0) printf x; } while (0) 160#define DPRINTFN(n, x) do { if (wpi_debug >= (n)) printf x; } while (0) 161int wpi_debug = 1; 162#else 163#define DPRINTF(x) 164#define DPRINTFN(n, x) 165#endif 166 167CFATTACH_DECL_NEW(wpi, sizeof (struct wpi_softc), wpi_match, wpi_attach, 168 wpi_detach, NULL); 169 170static int 171wpi_match(device_t parent, cfdata_t match __unused, void *aux) 172{ 173 struct pci_attach_args *pa = aux; 174 175 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 176 return 0; 177 178 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_1 || 179 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_2) 180 return 1; 181 182 return 0; 183} 184 185/* Base Address Register */ 186#define WPI_PCI_BAR0 0x10 187 188static int 189wpi_attach_once(void) 190{ 191 192 mutex_init(&wpi_firmware_mutex, MUTEX_DEFAULT, IPL_NONE); 193 return 0; 194} 195 196static void 197wpi_attach(device_t parent __unused, device_t self, void *aux) 198{ 199 struct wpi_softc *sc = device_private(self); 200 struct ieee80211com *ic = &sc->sc_ic; 201 struct ifnet *ifp = &sc->sc_ec.ec_if; 202 struct pci_attach_args *pa = aux; 203 const char *intrstr; 204 bus_space_tag_t memt; 205 bus_space_handle_t memh; 206 pci_intr_handle_t ih; 207 pcireg_t data; 208 int ac, error; 209 char intrbuf[PCI_INTRSTR_LEN]; 210 211 RUN_ONCE(&wpi_firmware_init, wpi_attach_once); 212 sc->fw_used = false; 213 214 sc->sc_dev = self; 215 sc->sc_pct = pa->pa_pc; 216 sc->sc_pcitag = pa->pa_tag; 217 218 callout_init(&sc->calib_to, 0); 219 callout_setfunc(&sc->calib_to, wpi_calib_timeout, sc); 220 221 pci_aprint_devinfo(pa, NULL); 222 223 /* enable bus-mastering */ 224 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 225 data |= PCI_COMMAND_MASTER_ENABLE; 226 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 227 228 /* map the register window */ 229 error = pci_mapreg_map(pa, WPI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 230 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, NULL, &sc->sc_sz); 231 if (error != 0) { 232 aprint_error_dev(self, "could not map memory space\n"); 233 return; 234 } 235 236 sc->sc_st = memt; 237 sc->sc_sh = memh; 238 sc->sc_dmat = pa->pa_dmat; 239 240 if (pci_intr_map(pa, &ih) != 0) { 241 aprint_error_dev(self, "could not map interrupt\n"); 242 return; 243 } 244 245 intrstr = pci_intr_string(sc->sc_pct, ih, intrbuf, sizeof(intrbuf)); 246 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, wpi_intr, sc); 247 if (sc->sc_ih == NULL) { 248 aprint_error_dev(self, "could not establish interrupt"); 249 if (intrstr != NULL) 250 aprint_error(" at %s", intrstr); 251 aprint_error("\n"); 252 return; 253 } 254 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 255 256 /* 257 * Put adapter into a known state. 258 */ 259 if ((error = wpi_reset(sc)) != 0) { 260 aprint_error_dev(self, "could not reset adapter\n"); 261 return; 262 } 263 264 /* 265 * Allocate DMA memory for firmware transfers. 266 */ 267 if ((error = wpi_alloc_fwmem(sc)) != 0) { 268 aprint_error_dev(self, "could not allocate firmware memory\n"); 269 return; 270 } 271 272 /* 273 * Allocate shared page and Tx/Rx rings. 274 */ 275 if ((error = wpi_alloc_shared(sc)) != 0) { 276 aprint_error_dev(self, "could not allocate shared area\n"); 277 goto fail1; 278 } 279 280 if ((error = wpi_alloc_rpool(sc)) != 0) { 281 aprint_error_dev(self, "could not allocate Rx buffers\n"); 282 goto fail2; 283 } 284 285 for (ac = 0; ac < 4; ac++) { 286 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, 287 ac); 288 if (error != 0) { 289 aprint_error_dev(self, 290 "could not allocate Tx ring %d\n", ac); 291 goto fail3; 292 } 293 } 294 295 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4); 296 if (error != 0) { 297 aprint_error_dev(self, "could not allocate command ring\n"); 298 goto fail3; 299 } 300 301 error = wpi_alloc_rx_ring(sc, &sc->rxq); 302 if (error != 0) { 303 aprint_error_dev(self, "could not allocate Rx ring\n"); 304 goto fail4; 305 } 306 307 ic->ic_ifp = ifp; 308 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 309 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 310 ic->ic_state = IEEE80211_S_INIT; 311 312 /* set device capabilities */ 313 ic->ic_caps = 314 IEEE80211_C_WPA | /* 802.11i */ 315 IEEE80211_C_MONITOR | /* monitor mode supported */ 316 IEEE80211_C_TXPMGT | /* tx power management */ 317 IEEE80211_C_SHSLOT | /* short slot time supported */ 318 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 319 IEEE80211_C_WME; /* 802.11e */ 320 321 /* read supported channels and MAC address from EEPROM */ 322 wpi_read_eeprom(sc); 323 324 /* set supported .11a, .11b and .11g rates */ 325 ic->ic_sup_rates[IEEE80211_MODE_11A] = ieee80211_std_rateset_11a; 326 ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; 327 ic->ic_sup_rates[IEEE80211_MODE_11G] = ieee80211_std_rateset_11g; 328 329 /* IBSS channel undefined for now */ 330 ic->ic_ibss_chan = &ic->ic_channels[0]; 331 332 ifp->if_softc = sc; 333 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 334 ifp->if_init = wpi_init; 335 ifp->if_stop = wpi_stop; 336 ifp->if_ioctl = wpi_ioctl; 337 ifp->if_start = wpi_start; 338 ifp->if_watchdog = wpi_watchdog; 339 IFQ_SET_READY(&ifp->if_snd); 340 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 341 342 if_attach(ifp); 343 ieee80211_ifattach(ic); 344 /* override default methods */ 345 ic->ic_node_alloc = wpi_node_alloc; 346 ic->ic_newassoc = wpi_newassoc; 347 ic->ic_wme.wme_update = wpi_wme_update; 348 349 /* override state transition machine */ 350 sc->sc_newstate = ic->ic_newstate; 351 ic->ic_newstate = wpi_newstate; 352 ieee80211_media_init(ic, wpi_media_change, ieee80211_media_status); 353 354 sc->amrr.amrr_min_success_threshold = 1; 355 sc->amrr.amrr_max_success_threshold = 15; 356 357 wpi_sysctlattach(sc); 358 359 if (pmf_device_register(self, NULL, wpi_resume)) 360 pmf_class_network_register(self, ifp); 361 else 362 aprint_error_dev(self, "couldn't establish power handler\n"); 363 364 bpf_attach2(ifp, DLT_IEEE802_11_RADIO, 365 sizeof(struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 366 &sc->sc_drvbpf); 367 368 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 369 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 370 sc->sc_rxtap.wr_ihdr.it_present = htole32(WPI_RX_RADIOTAP_PRESENT); 371 372 sc->sc_txtap_len = sizeof sc->sc_txtapu; 373 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 374 sc->sc_txtap.wt_ihdr.it_present = htole32(WPI_TX_RADIOTAP_PRESENT); 375 376 ieee80211_announce(ic); 377 378 return; 379 380 /* free allocated memory if something failed during attachment */ 381fail4: wpi_free_tx_ring(sc, &sc->cmdq); 382fail3: while (--ac >= 0) 383 wpi_free_tx_ring(sc, &sc->txq[ac]); 384 wpi_free_rpool(sc); 385fail2: wpi_free_shared(sc); 386fail1: wpi_free_fwmem(sc); 387} 388 389static int 390wpi_detach(device_t self, int flags __unused) 391{ 392 struct wpi_softc *sc = device_private(self); 393 struct ifnet *ifp = sc->sc_ic.ic_ifp; 394 int ac; 395 396 wpi_stop(ifp, 1); 397 398 if (ifp != NULL) 399 bpf_detach(ifp); 400 ieee80211_ifdetach(&sc->sc_ic); 401 if (ifp != NULL) 402 if_detach(ifp); 403 404 for (ac = 0; ac < 4; ac++) 405 wpi_free_tx_ring(sc, &sc->txq[ac]); 406 wpi_free_tx_ring(sc, &sc->cmdq); 407 wpi_free_rx_ring(sc, &sc->rxq); 408 wpi_free_rpool(sc); 409 wpi_free_shared(sc); 410 411 if (sc->sc_ih != NULL) { 412 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 413 sc->sc_ih = NULL; 414 } 415 416 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 417 418 if (sc->fw_used) { 419 sc->fw_used = false; 420 wpi_release_firmware(); 421 } 422 423 return 0; 424} 425 426static int 427wpi_dma_contig_alloc(bus_dma_tag_t tag, struct wpi_dma_info *dma, void **kvap, 428 bus_size_t size, bus_size_t alignment, int flags) 429{ 430 int nsegs, error; 431 432 dma->tag = tag; 433 dma->size = size; 434 435 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 436 if (error != 0) 437 goto fail; 438 439 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 440 flags); 441 if (error != 0) 442 goto fail; 443 444 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 445 if (error != 0) 446 goto fail; 447 448 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, flags); 449 if (error != 0) 450 goto fail; 451 452 memset(dma->vaddr, 0, size); 453 454 dma->paddr = dma->map->dm_segs[0].ds_addr; 455 if (kvap != NULL) 456 *kvap = dma->vaddr; 457 458 return 0; 459 460fail: wpi_dma_contig_free(dma); 461 return error; 462} 463 464static void 465wpi_dma_contig_free(struct wpi_dma_info *dma) 466{ 467 if (dma->map != NULL) { 468 if (dma->vaddr != NULL) { 469 bus_dmamap_unload(dma->tag, dma->map); 470 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 471 bus_dmamem_free(dma->tag, &dma->seg, 1); 472 dma->vaddr = NULL; 473 } 474 bus_dmamap_destroy(dma->tag, dma->map); 475 dma->map = NULL; 476 } 477} 478 479/* 480 * Allocate a shared page between host and NIC. 481 */ 482static int 483wpi_alloc_shared(struct wpi_softc *sc) 484{ 485 int error; 486 487 /* must be aligned on a 4K-page boundary */ 488 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 489 (void **)&sc->shared, sizeof (struct wpi_shared), WPI_BUF_ALIGN, 490 BUS_DMA_NOWAIT); 491 if (error != 0) 492 aprint_error_dev(sc->sc_dev, 493 "could not allocate shared area DMA memory\n"); 494 495 return error; 496} 497 498static void 499wpi_free_shared(struct wpi_softc *sc) 500{ 501 wpi_dma_contig_free(&sc->shared_dma); 502} 503 504/* 505 * Allocate DMA-safe memory for firmware transfer. 506 */ 507static int 508wpi_alloc_fwmem(struct wpi_softc *sc) 509{ 510 int error; 511 512 /* allocate enough contiguous space to store text and data */ 513 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 514 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ, 0, 515 BUS_DMA_NOWAIT); 516 517 if (error != 0) 518 aprint_error_dev(sc->sc_dev, 519 "could not allocate firmware transfer area DMA memory\n"); 520 return error; 521} 522 523static void 524wpi_free_fwmem(struct wpi_softc *sc) 525{ 526 wpi_dma_contig_free(&sc->fw_dma); 527} 528 529static struct wpi_rbuf * 530wpi_alloc_rbuf(struct wpi_softc *sc) 531{ 532 struct wpi_rbuf *rbuf; 533 534 mutex_enter(&sc->rxq.freelist_mtx); 535 rbuf = SLIST_FIRST(&sc->rxq.freelist); 536 if (rbuf != NULL) { 537 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 538 sc->rxq.nb_free_entries --; 539 } 540 mutex_exit(&sc->rxq.freelist_mtx); 541 542 return rbuf; 543} 544 545/* 546 * This is called automatically by the network stack when the mbuf to which our 547 * Rx buffer is attached is freed. 548 */ 549static void 550wpi_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 551{ 552 struct wpi_rbuf *rbuf = arg; 553 struct wpi_softc *sc = rbuf->sc; 554 555 /* put the buffer back in the free list */ 556 557 mutex_enter(&sc->rxq.freelist_mtx); 558 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 559 mutex_exit(&sc->rxq.freelist_mtx); 560 /* No need to protect this with a mutex, see wpi_rx_intr */ 561 sc->rxq.nb_free_entries ++; 562 563 if (__predict_true(m != NULL)) 564 pool_cache_put(mb_cache, m); 565} 566 567static int 568wpi_alloc_rpool(struct wpi_softc *sc) 569{ 570 struct wpi_rx_ring *ring = &sc->rxq; 571 int i, error; 572 573 /* allocate a big chunk of DMA'able memory.. */ 574 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 575 WPI_RBUF_COUNT * WPI_RBUF_SIZE, WPI_BUF_ALIGN, BUS_DMA_NOWAIT); 576 if (error != 0) { 577 aprint_normal_dev(sc->sc_dev, 578 "could not allocate Rx buffers DMA memory\n"); 579 return error; 580 } 581 582 /* ..and split it into 3KB chunks */ 583 mutex_init(&ring->freelist_mtx, MUTEX_DEFAULT, IPL_NET); 584 SLIST_INIT(&ring->freelist); 585 for (i = 0; i < WPI_RBUF_COUNT; i++) { 586 struct wpi_rbuf *rbuf = &ring->rbuf[i]; 587 588 rbuf->sc = sc; /* backpointer for callbacks */ 589 rbuf->vaddr = (char *)ring->buf_dma.vaddr + i * WPI_RBUF_SIZE; 590 rbuf->paddr = ring->buf_dma.paddr + i * WPI_RBUF_SIZE; 591 592 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 593 } 594 595 ring->nb_free_entries = WPI_RBUF_COUNT; 596 return 0; 597} 598 599static void 600wpi_free_rpool(struct wpi_softc *sc) 601{ 602 wpi_dma_contig_free(&sc->rxq.buf_dma); 603} 604 605static int 606wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 607{ 608 int i, error; 609 610 ring->cur = 0; 611 612 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 613 (void **)&ring->desc, WPI_RX_RING_COUNT * sizeof (uint32_t), 614 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 615 if (error != 0) { 616 aprint_error_dev(sc->sc_dev, 617 "could not allocate rx ring DMA memory\n"); 618 goto fail; 619 } 620 621 /* 622 * Setup Rx buffers. 623 */ 624 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 625 struct wpi_rx_data *data = &ring->data[i]; 626 struct wpi_rbuf *rbuf; 627 628 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 629 if (data->m == NULL) { 630 aprint_error_dev(sc->sc_dev, 631 "could not allocate rx mbuf\n"); 632 error = ENOMEM; 633 goto fail; 634 } 635 if ((rbuf = wpi_alloc_rbuf(sc)) == NULL) { 636 m_freem(data->m); 637 data->m = NULL; 638 aprint_error_dev(sc->sc_dev, 639 "could not allocate rx cluster\n"); 640 error = ENOMEM; 641 goto fail; 642 } 643 /* attach Rx buffer to mbuf */ 644 MEXTADD(data->m, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 645 rbuf); 646 data->m->m_flags |= M_EXT_RW; 647 648 ring->desc[i] = htole32(rbuf->paddr); 649 } 650 651 return 0; 652 653fail: wpi_free_rx_ring(sc, ring); 654 return error; 655} 656 657static void 658wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 659{ 660 int ntries; 661 662 wpi_mem_lock(sc); 663 664 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 665 for (ntries = 0; ntries < 100; ntries++) { 666 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 667 break; 668 DELAY(10); 669 } 670#ifdef WPI_DEBUG 671 if (ntries == 100 && wpi_debug > 0) 672 aprint_error_dev(sc->sc_dev, "timeout resetting Rx ring\n"); 673#endif 674 wpi_mem_unlock(sc); 675 676 ring->cur = 0; 677} 678 679static void 680wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 681{ 682 int i; 683 684 wpi_dma_contig_free(&ring->desc_dma); 685 686 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 687 if (ring->data[i].m != NULL) 688 m_freem(ring->data[i].m); 689 } 690} 691 692static int 693wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count, 694 int qid) 695{ 696 int i, error; 697 698 ring->qid = qid; 699 ring->count = count; 700 ring->queued = 0; 701 ring->cur = 0; 702 703 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 704 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc), 705 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 706 if (error != 0) { 707 aprint_error_dev(sc->sc_dev, 708 "could not allocate tx ring DMA memory\n"); 709 goto fail; 710 } 711 712 /* update shared page with ring's base address */ 713 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 714 715 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 716 (void **)&ring->cmd, count * sizeof (struct wpi_tx_cmd), 4, 717 BUS_DMA_NOWAIT); 718 if (error != 0) { 719 aprint_error_dev(sc->sc_dev, 720 "could not allocate tx cmd DMA memory\n"); 721 goto fail; 722 } 723 724 ring->data = malloc(count * sizeof (struct wpi_tx_data), M_DEVBUF, 725 M_NOWAIT | M_ZERO); 726 if (ring->data == NULL) { 727 aprint_error_dev(sc->sc_dev, 728 "could not allocate tx data slots\n"); 729 goto fail; 730 } 731 732 for (i = 0; i < count; i++) { 733 struct wpi_tx_data *data = &ring->data[i]; 734 735 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 736 WPI_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 737 &data->map); 738 if (error != 0) { 739 aprint_error_dev(sc->sc_dev, 740 "could not create tx buf DMA map\n"); 741 goto fail; 742 } 743 } 744 745 return 0; 746 747fail: wpi_free_tx_ring(sc, ring); 748 return error; 749} 750 751static void 752wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 753{ 754 int i, ntries; 755 756 wpi_mem_lock(sc); 757 758 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 759 for (ntries = 0; ntries < 100; ntries++) { 760 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 761 break; 762 DELAY(10); 763 } 764#ifdef WPI_DEBUG 765 if (ntries == 100 && wpi_debug > 0) { 766 aprint_error_dev(sc->sc_dev, "timeout resetting Tx ring %d\n", 767 ring->qid); 768 } 769#endif 770 wpi_mem_unlock(sc); 771 772 for (i = 0; i < ring->count; i++) { 773 struct wpi_tx_data *data = &ring->data[i]; 774 775 if (data->m != NULL) { 776 bus_dmamap_unload(sc->sc_dmat, data->map); 777 m_freem(data->m); 778 data->m = NULL; 779 } 780 } 781 782 ring->queued = 0; 783 ring->cur = 0; 784} 785 786static void 787wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 788{ 789 int i; 790 791 wpi_dma_contig_free(&ring->desc_dma); 792 wpi_dma_contig_free(&ring->cmd_dma); 793 794 if (ring->data != NULL) { 795 for (i = 0; i < ring->count; i++) { 796 struct wpi_tx_data *data = &ring->data[i]; 797 798 if (data->m != NULL) { 799 bus_dmamap_unload(sc->sc_dmat, data->map); 800 m_freem(data->m); 801 } 802 } 803 free(ring->data, M_DEVBUF); 804 } 805} 806 807/*ARGUSED*/ 808static struct ieee80211_node * 809wpi_node_alloc(struct ieee80211_node_table *nt __unused) 810{ 811 struct wpi_node *wn; 812 813 wn = malloc(sizeof (struct wpi_node), M_80211_NODE, M_NOWAIT | M_ZERO); 814 815 return (struct ieee80211_node *)wn; 816} 817 818static void 819wpi_newassoc(struct ieee80211_node *ni, int isnew) 820{ 821 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 822 int i; 823 824 ieee80211_amrr_node_init(&sc->amrr, &((struct wpi_node *)ni)->amn); 825 826 /* set rate to some reasonable initial value */ 827 for (i = ni->ni_rates.rs_nrates - 1; 828 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 829 i--); 830 ni->ni_txrate = i; 831} 832 833static int 834wpi_media_change(struct ifnet *ifp) 835{ 836 int error; 837 838 error = ieee80211_media_change(ifp); 839 if (error != ENETRESET) 840 return error; 841 842 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 843 wpi_init(ifp); 844 845 return 0; 846} 847 848static int 849wpi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 850{ 851 struct ifnet *ifp = ic->ic_ifp; 852 struct wpi_softc *sc = ifp->if_softc; 853 struct ieee80211_node *ni; 854 int error; 855 856 callout_stop(&sc->calib_to); 857 858 switch (nstate) { 859 case IEEE80211_S_SCAN: 860 861 if (sc->is_scanning) 862 break; 863 864 sc->is_scanning = true; 865 ieee80211_node_table_reset(&ic->ic_scan); 866 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 867 868 /* make the link LED blink while we're scanning */ 869 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 870 871 if ((error = wpi_scan(sc, IEEE80211_CHAN_G)) != 0) { 872 aprint_error_dev(sc->sc_dev, 873 "could not initiate scan\n"); 874 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 875 return error; 876 } 877 ic->ic_state = nstate; 878 return 0; 879 880 case IEEE80211_S_ASSOC: 881 if (ic->ic_state != IEEE80211_S_RUN) 882 break; 883 /* FALLTHROUGH */ 884 case IEEE80211_S_AUTH: 885 /* reset state to handle reassociations correctly */ 886 sc->config.associd = 0; 887 sc->config.filter &= ~htole32(WPI_FILTER_BSS); 888 889 if ((error = wpi_auth(sc)) != 0) { 890 aprint_error_dev(sc->sc_dev, 891 "could not send authentication request\n"); 892 return error; 893 } 894 break; 895 896 case IEEE80211_S_RUN: 897 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 898 /* link LED blinks while monitoring */ 899 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 900 break; 901 } 902 ni = ic->ic_bss; 903 904 if (ic->ic_opmode != IEEE80211_M_STA) { 905 (void) wpi_auth(sc); /* XXX */ 906 wpi_setup_beacon(sc, ni); 907 } 908 909 wpi_enable_tsf(sc, ni); 910 911 /* update adapter's configuration */ 912 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 913 /* short preamble/slot time are negotiated when associating */ 914 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE | 915 WPI_CONFIG_SHSLOT); 916 if (ic->ic_flags & IEEE80211_F_SHSLOT) 917 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 918 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 919 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 920 sc->config.filter |= htole32(WPI_FILTER_BSS); 921 if (ic->ic_opmode != IEEE80211_M_STA) 922 sc->config.filter |= htole32(WPI_FILTER_BEACON); 923 924/* XXX put somewhere HC_QOS_SUPPORT_ASSOC + HC_IBSS_START */ 925 926 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 927 sc->config.flags)); 928 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 929 sizeof (struct wpi_config), 1); 930 if (error != 0) { 931 aprint_error_dev(sc->sc_dev, 932 "could not update configuration\n"); 933 return error; 934 } 935 936 /* configuration has changed, set Tx power accordingly */ 937 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 938 aprint_error_dev(sc->sc_dev, 939 "could not set Tx power\n"); 940 return error; 941 } 942 943 if (ic->ic_opmode == IEEE80211_M_STA) { 944 /* fake a join to init the tx rate */ 945 wpi_newassoc(ni, 1); 946 } 947 948 /* start periodic calibration timer */ 949 sc->calib_cnt = 0; 950 callout_schedule(&sc->calib_to, hz/2); 951 952 /* link LED always on while associated */ 953 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 954 break; 955 956 case IEEE80211_S_INIT: 957 sc->is_scanning = false; 958 break; 959 } 960 961 return sc->sc_newstate(ic, nstate, arg); 962} 963 964/* 965 * XXX: Hack to set the current channel to the value advertised in beacons or 966 * probe responses. Only used during AP detection. 967 * XXX: Duplicated from if_iwi.c 968 */ 969static void 970wpi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 971{ 972 struct ieee80211_frame *wh; 973 uint8_t subtype; 974 uint8_t *frm, *efrm; 975 976 wh = mtod(m, struct ieee80211_frame *); 977 978 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 979 return; 980 981 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 982 983 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 984 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 985 return; 986 987 frm = (uint8_t *)(wh + 1); 988 efrm = mtod(m, uint8_t *) + m->m_len; 989 990 frm += 12; /* skip tstamp, bintval and capinfo fields */ 991 while (frm < efrm) { 992 if (*frm == IEEE80211_ELEMID_DSPARMS) 993#if IEEE80211_CHAN_MAX < 255 994 if (frm[2] <= IEEE80211_CHAN_MAX) 995#endif 996 ic->ic_curchan = &ic->ic_channels[frm[2]]; 997 998 frm += frm[1] + 2; 999 } 1000} 1001 1002/* 1003 * Grab exclusive access to NIC memory. 1004 */ 1005static void 1006wpi_mem_lock(struct wpi_softc *sc) 1007{ 1008 uint32_t tmp; 1009 int ntries; 1010 1011 tmp = WPI_READ(sc, WPI_GPIO_CTL); 1012 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 1013 1014 /* spin until we actually get the lock */ 1015 for (ntries = 0; ntries < 1000; ntries++) { 1016 if ((WPI_READ(sc, WPI_GPIO_CTL) & 1017 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 1018 break; 1019 DELAY(10); 1020 } 1021 if (ntries == 1000) 1022 aprint_error_dev(sc->sc_dev, "could not lock memory\n"); 1023} 1024 1025/* 1026 * Release lock on NIC memory. 1027 */ 1028static void 1029wpi_mem_unlock(struct wpi_softc *sc) 1030{ 1031 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 1032 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 1033} 1034 1035static uint32_t 1036wpi_mem_read(struct wpi_softc *sc, uint16_t addr) 1037{ 1038 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 1039 return WPI_READ(sc, WPI_READ_MEM_DATA); 1040} 1041 1042static void 1043wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data) 1044{ 1045 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 1046 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 1047} 1048 1049static void 1050wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr, 1051 const uint32_t *data, int wlen) 1052{ 1053 for (; wlen > 0; wlen--, data++, addr += 4) 1054 wpi_mem_write(sc, addr, *data); 1055} 1056 1057/* 1058 * Read `len' bytes from the EEPROM. We access the EEPROM through the MAC 1059 * instead of using the traditional bit-bang method. 1060 */ 1061static int 1062wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int len) 1063{ 1064 uint8_t *out = data; 1065 uint32_t val; 1066 int ntries; 1067 1068 wpi_mem_lock(sc); 1069 for (; len > 0; len -= 2, addr++) { 1070 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 1071 1072 for (ntries = 0; ntries < 10; ntries++) { 1073 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & 1074 WPI_EEPROM_READY) 1075 break; 1076 DELAY(5); 1077 } 1078 if (ntries == 10) { 1079 aprint_error_dev(sc->sc_dev, "could not read EEPROM\n"); 1080 return ETIMEDOUT; 1081 } 1082 *out++ = val >> 16; 1083 if (len > 1) 1084 *out++ = val >> 24; 1085 } 1086 wpi_mem_unlock(sc); 1087 1088 return 0; 1089} 1090 1091/* 1092 * The firmware boot code is small and is intended to be copied directly into 1093 * the NIC internal memory. 1094 */ 1095int 1096wpi_load_microcode(struct wpi_softc *sc, const uint8_t *ucode, int size) 1097{ 1098 int ntries; 1099 1100 size /= sizeof (uint32_t); 1101 1102 wpi_mem_lock(sc); 1103 1104 /* copy microcode image into NIC memory */ 1105 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, 1106 (const uint32_t *)ucode, size); 1107 1108 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 1109 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 1110 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 1111 1112 /* run microcode */ 1113 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 1114 1115 /* wait for transfer to complete */ 1116 for (ntries = 0; ntries < 1000; ntries++) { 1117 if (!(wpi_mem_read(sc, WPI_MEM_UCODE_CTL) & WPI_UC_RUN)) 1118 break; 1119 DELAY(10); 1120 } 1121 if (ntries == 1000) { 1122 wpi_mem_unlock(sc); 1123 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1124 return ETIMEDOUT; 1125 } 1126 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_ENABLE); 1127 1128 wpi_mem_unlock(sc); 1129 1130 return 0; 1131} 1132 1133static int 1134wpi_cache_firmware(struct wpi_softc *sc) 1135{ 1136 const char *const fwname = wpi_firmware_name; 1137 firmware_handle_t fw; 1138 int error; 1139 1140 /* sc is used here only to report error messages. */ 1141 1142 mutex_enter(&wpi_firmware_mutex); 1143 1144 if (wpi_firmware_users == SIZE_MAX) { 1145 mutex_exit(&wpi_firmware_mutex); 1146 return ENFILE; /* Too many of something in the system... */ 1147 } 1148 if (wpi_firmware_users++) { 1149 KASSERT(wpi_firmware_image != NULL); 1150 KASSERT(wpi_firmware_size > 0); 1151 mutex_exit(&wpi_firmware_mutex); 1152 return 0; /* Already good to go. */ 1153 } 1154 1155 KASSERT(wpi_firmware_image == NULL); 1156 KASSERT(wpi_firmware_size == 0); 1157 1158 /* load firmware image from disk */ 1159 if ((error = firmware_open("if_wpi", fwname, &fw)) != 0) { 1160 aprint_error_dev(sc->sc_dev, 1161 "could not open firmware file %s: %d\n", fwname, error); 1162 goto fail0; 1163 } 1164 1165 wpi_firmware_size = firmware_get_size(fw); 1166 1167 if (wpi_firmware_size > sizeof (struct wpi_firmware_hdr) + 1168 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ + 1169 WPI_FW_INIT_TEXT_MAXSZ + WPI_FW_INIT_DATA_MAXSZ + 1170 WPI_FW_BOOT_TEXT_MAXSZ) { 1171 aprint_error_dev(sc->sc_dev, 1172 "firmware file %s too large: %zu bytes\n", 1173 fwname, wpi_firmware_size); 1174 error = EFBIG; 1175 goto fail1; 1176 } 1177 1178 if (wpi_firmware_size < sizeof (struct wpi_firmware_hdr)) { 1179 aprint_error_dev(sc->sc_dev, 1180 "firmware file %s too small: %zu bytes\n", 1181 fwname, wpi_firmware_size); 1182 error = EINVAL; 1183 goto fail1; 1184 } 1185 1186 wpi_firmware_image = firmware_malloc(wpi_firmware_size); 1187 if (wpi_firmware_image == NULL) { 1188 aprint_error_dev(sc->sc_dev, 1189 "not enough memory for firmware file %s\n", fwname); 1190 error = ENOMEM; 1191 goto fail1; 1192 } 1193 1194 error = firmware_read(fw, 0, wpi_firmware_image, wpi_firmware_size); 1195 if (error != 0) { 1196 aprint_error_dev(sc->sc_dev, 1197 "error reading firmware file %s: %d\n", fwname, error); 1198 goto fail2; 1199 } 1200 1201 /* Success! */ 1202 firmware_close(fw); 1203 mutex_exit(&wpi_firmware_mutex); 1204 return 0; 1205 1206fail2: 1207 firmware_free(wpi_firmware_image, wpi_firmware_size); 1208 wpi_firmware_image = NULL; 1209fail1: 1210 wpi_firmware_size = 0; 1211 firmware_close(fw); 1212fail0: 1213 KASSERT(wpi_firmware_users == 1); 1214 wpi_firmware_users = 0; 1215 KASSERT(wpi_firmware_image == NULL); 1216 KASSERT(wpi_firmware_size == 0); 1217 1218 mutex_exit(&wpi_firmware_mutex); 1219 return error; 1220} 1221 1222static void 1223wpi_release_firmware(void) 1224{ 1225 1226 mutex_enter(&wpi_firmware_mutex); 1227 1228 KASSERT(wpi_firmware_users > 0); 1229 KASSERT(wpi_firmware_image != NULL); 1230 KASSERT(wpi_firmware_size != 0); 1231 1232 if (--wpi_firmware_users == 0) { 1233 firmware_free(wpi_firmware_image, wpi_firmware_size); 1234 wpi_firmware_image = NULL; 1235 wpi_firmware_size = 0; 1236 } 1237 1238 mutex_exit(&wpi_firmware_mutex); 1239} 1240 1241static int 1242wpi_load_firmware(struct wpi_softc *sc) 1243{ 1244 struct wpi_dma_info *dma = &sc->fw_dma; 1245 struct wpi_firmware_hdr hdr; 1246 const uint8_t *init_text, *init_data, *main_text, *main_data; 1247 const uint8_t *boot_text; 1248 uint32_t init_textsz, init_datasz, main_textsz, main_datasz; 1249 uint32_t boot_textsz; 1250 size_t size; 1251 int error; 1252 1253 if (!sc->fw_used) { 1254 if ((error = wpi_cache_firmware(sc)) != 0) 1255 return error; 1256 sc->fw_used = true; 1257 } 1258 1259 KASSERT(sc->fw_used); 1260 KASSERT(wpi_firmware_image != NULL); 1261 KASSERT(wpi_firmware_size > sizeof(hdr)); 1262 1263 memcpy(&hdr, wpi_firmware_image, sizeof(hdr)); 1264 1265 main_textsz = le32toh(hdr.main_textsz); 1266 main_datasz = le32toh(hdr.main_datasz); 1267 init_textsz = le32toh(hdr.init_textsz); 1268 init_datasz = le32toh(hdr.init_datasz); 1269 boot_textsz = le32toh(hdr.boot_textsz); 1270 1271 /* sanity-check firmware segments sizes */ 1272 if (main_textsz > WPI_FW_MAIN_TEXT_MAXSZ || 1273 main_datasz > WPI_FW_MAIN_DATA_MAXSZ || 1274 init_textsz > WPI_FW_INIT_TEXT_MAXSZ || 1275 init_datasz > WPI_FW_INIT_DATA_MAXSZ || 1276 boot_textsz > WPI_FW_BOOT_TEXT_MAXSZ || 1277 (boot_textsz & 3) != 0) { 1278 aprint_error_dev(sc->sc_dev, "invalid firmware header\n"); 1279 error = EINVAL; 1280 goto free_firmware; 1281 } 1282 1283 /* check that all firmware segments are present */ 1284 size = sizeof (struct wpi_firmware_hdr) + main_textsz + 1285 main_datasz + init_textsz + init_datasz + boot_textsz; 1286 if (wpi_firmware_size < size) { 1287 aprint_error_dev(sc->sc_dev, 1288 "firmware file truncated: %zu bytes, expected %zu bytes\n", 1289 wpi_firmware_size, size); 1290 error = EINVAL; 1291 goto free_firmware; 1292 } 1293 1294 /* get pointers to firmware segments */ 1295 main_text = wpi_firmware_image + sizeof (struct wpi_firmware_hdr); 1296 main_data = main_text + main_textsz; 1297 init_text = main_data + main_datasz; 1298 init_data = init_text + init_textsz; 1299 boot_text = init_data + init_datasz; 1300 1301 /* copy initialization images into pre-allocated DMA-safe memory */ 1302 memcpy(dma->vaddr, init_data, init_datasz); 1303 memcpy((char *)dma->vaddr + WPI_FW_INIT_DATA_MAXSZ, init_text, 1304 init_textsz); 1305 1306 /* tell adapter where to find initialization images */ 1307 wpi_mem_lock(sc); 1308 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1309 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, init_datasz); 1310 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1311 dma->paddr + WPI_FW_INIT_DATA_MAXSZ); 1312 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, init_textsz); 1313 wpi_mem_unlock(sc); 1314 1315 /* load firmware boot code */ 1316 if ((error = wpi_load_microcode(sc, boot_text, boot_textsz)) != 0) { 1317 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1318 return error; 1319 } 1320 1321 /* now press "execute" ;-) */ 1322 WPI_WRITE(sc, WPI_RESET, 0); 1323 1324 /* wait at most one second for first alive notification */ 1325 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1326 /* this isn't what was supposed to happen.. */ 1327 aprint_error_dev(sc->sc_dev, 1328 "timeout waiting for adapter to initialize\n"); 1329 } 1330 1331 /* copy runtime images into pre-allocated DMA-safe memory */ 1332 memcpy(dma->vaddr, main_data, main_datasz); 1333 memcpy((char *)dma->vaddr + WPI_FW_MAIN_DATA_MAXSZ, main_text, 1334 main_textsz); 1335 1336 /* tell adapter where to find runtime images */ 1337 wpi_mem_lock(sc); 1338 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1339 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, main_datasz); 1340 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1341 dma->paddr + WPI_FW_MAIN_DATA_MAXSZ); 1342 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, WPI_FW_UPDATED | main_textsz); 1343 wpi_mem_unlock(sc); 1344 1345 /* wait at most one second for second alive notification */ 1346 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1347 /* this isn't what was supposed to happen.. */ 1348 aprint_error_dev(sc->sc_dev, 1349 "timeout waiting for adapter to initialize\n"); 1350 } 1351 1352 return error; 1353 1354free_firmware: 1355 sc->fw_used = false; 1356 wpi_release_firmware(); 1357 return error; 1358} 1359 1360static void 1361wpi_calib_timeout(void *arg) 1362{ 1363 struct wpi_softc *sc = arg; 1364 struct ieee80211com *ic = &sc->sc_ic; 1365 int temp, s; 1366 1367 /* automatic rate control triggered every 500ms */ 1368 if (ic->ic_fixed_rate == -1) { 1369 s = splnet(); 1370 if (ic->ic_opmode == IEEE80211_M_STA) 1371 wpi_iter_func(sc, ic->ic_bss); 1372 else 1373 ieee80211_iterate_nodes(&ic->ic_sta, wpi_iter_func, sc); 1374 splx(s); 1375 } 1376 1377 /* update sensor data */ 1378 temp = (int)WPI_READ(sc, WPI_TEMPERATURE); 1379 1380 /* automatic power calibration every 60s */ 1381 if (++sc->calib_cnt >= 120) { 1382 wpi_power_calibration(sc, temp); 1383 sc->calib_cnt = 0; 1384 } 1385 1386 callout_schedule(&sc->calib_to, hz/2); 1387} 1388 1389static void 1390wpi_iter_func(void *arg, struct ieee80211_node *ni) 1391{ 1392 struct wpi_softc *sc = arg; 1393 struct wpi_node *wn = (struct wpi_node *)ni; 1394 1395 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1396} 1397 1398/* 1399 * This function is called periodically (every 60 seconds) to adjust output 1400 * power to temperature changes. 1401 */ 1402void 1403wpi_power_calibration(struct wpi_softc *sc, int temp) 1404{ 1405 /* sanity-check read value */ 1406 if (temp < -260 || temp > 25) { 1407 /* this can't be correct, ignore */ 1408 DPRINTF(("out-of-range temperature reported: %d\n", temp)); 1409 return; 1410 } 1411 1412 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 1413 1414 /* adjust Tx power if need be */ 1415 if (abs(temp - sc->temp) <= 6) 1416 return; 1417 1418 sc->temp = temp; 1419 1420 if (wpi_set_txpower(sc, sc->sc_ic.ic_bss->ni_chan, 1) != 0) { 1421 /* just warn, too bad for the automatic calibration... */ 1422 aprint_error_dev(sc->sc_dev, "could not adjust Tx power\n"); 1423 } 1424} 1425 1426static void 1427wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1428 struct wpi_rx_data *data) 1429{ 1430 struct ieee80211com *ic = &sc->sc_ic; 1431 struct ifnet *ifp = ic->ic_ifp; 1432 struct wpi_rx_ring *ring = &sc->rxq; 1433 struct wpi_rx_stat *stat; 1434 struct wpi_rx_head *head; 1435 struct wpi_rx_tail *tail; 1436 struct wpi_rbuf *rbuf; 1437 struct ieee80211_frame *wh; 1438 struct ieee80211_node *ni; 1439 struct mbuf *m, *mnew; 1440 int data_off; 1441 1442 stat = (struct wpi_rx_stat *)(desc + 1); 1443 1444 if (stat->len > WPI_STAT_MAXLEN) { 1445 aprint_error_dev(sc->sc_dev, "invalid rx statistic header\n"); 1446 ifp->if_ierrors++; 1447 return; 1448 } 1449 1450 head = (struct wpi_rx_head *)((char *)(stat + 1) + stat->len); 1451 tail = (struct wpi_rx_tail *)((char *)(head + 1) + le16toh(head->len)); 1452 1453 DPRINTFN(4, ("rx intr: idx=%d len=%d stat len=%d rssi=%d rate=%x " 1454 "chan=%d tstamp=%" PRIu64 "\n", ring->cur, le32toh(desc->len), 1455 le16toh(head->len), (int8_t)stat->rssi, head->rate, head->chan, 1456 le64toh(tail->tstamp))); 1457 1458 /* 1459 * Discard Rx frames with bad CRC early (XXX we may want to pass them 1460 * to radiotap in monitor mode). 1461 */ 1462 if ((le32toh(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1463 DPRINTF(("rx tail flags error %x\n", 1464 le32toh(tail->flags))); 1465 ifp->if_ierrors++; 1466 return; 1467 } 1468 1469 /* Compute where are the useful datas */ 1470 data_off = (char*)(head + 1) - mtod(data->m, char*); 1471 1472 /* 1473 * If the number of free entry is too low 1474 * just dup the data->m socket and reuse the same rbuf entry 1475 * Note that thi test is not protected by a mutex because the 1476 * only path that causes nb_free_entries to decrease is through 1477 * this interrupt routine, which is not re-entrent. 1478 * What may not be obvious is that the safe path is if that test 1479 * evaluates as true, so nb_free_entries can grow any time. 1480 */ 1481 if (sc->rxq.nb_free_entries <= WPI_RBUF_LOW_LIMIT) { 1482 1483 /* Prepare the mbuf for the m_dup */ 1484 data->m->m_pkthdr.len = data->m->m_len = le16toh(head->len); 1485 data->m->m_data = (char*) data->m->m_data + data_off; 1486 1487 m = m_dup(data->m,0,M_COPYALL,M_DONTWAIT); 1488 1489 /* Restore the m_data pointer for future use */ 1490 data->m->m_data = (char*) data->m->m_data - data_off; 1491 1492 if (m == NULL) { 1493 ifp->if_ierrors++; 1494 return; 1495 } 1496 } else { 1497 1498 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1499 if (mnew == NULL) { 1500 ifp->if_ierrors++; 1501 return; 1502 } 1503 1504 rbuf = wpi_alloc_rbuf(sc); 1505 KASSERT(rbuf != NULL); 1506 1507 /* attach Rx buffer to mbuf */ 1508 MEXTADD(mnew, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 1509 rbuf); 1510 mnew->m_flags |= M_EXT_RW; 1511 1512 m = data->m; 1513 data->m = mnew; 1514 1515 /* update Rx descriptor */ 1516 ring->desc[ring->cur] = htole32(rbuf->paddr); 1517 1518 m->m_data = (char*)m->m_data + data_off; 1519 m->m_pkthdr.len = m->m_len = le16toh(head->len); 1520 } 1521 1522 /* finalize mbuf */ 1523 m->m_pkthdr.rcvif = ifp; 1524 1525 if (ic->ic_state == IEEE80211_S_SCAN) 1526 wpi_fix_channel(ic, m); 1527 1528 if (sc->sc_drvbpf != NULL) { 1529 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1530 1531 tap->wr_flags = 0; 1532 tap->wr_chan_freq = 1533 htole16(ic->ic_channels[head->chan].ic_freq); 1534 tap->wr_chan_flags = 1535 htole16(ic->ic_channels[head->chan].ic_flags); 1536 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1537 tap->wr_dbm_antnoise = (int8_t)le16toh(stat->noise); 1538 tap->wr_tsft = tail->tstamp; 1539 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf; 1540 switch (head->rate) { 1541 /* CCK rates */ 1542 case 10: tap->wr_rate = 2; break; 1543 case 20: tap->wr_rate = 4; break; 1544 case 55: tap->wr_rate = 11; break; 1545 case 110: tap->wr_rate = 22; break; 1546 /* OFDM rates */ 1547 case 0xd: tap->wr_rate = 12; break; 1548 case 0xf: tap->wr_rate = 18; break; 1549 case 0x5: tap->wr_rate = 24; break; 1550 case 0x7: tap->wr_rate = 36; break; 1551 case 0x9: tap->wr_rate = 48; break; 1552 case 0xb: tap->wr_rate = 72; break; 1553 case 0x1: tap->wr_rate = 96; break; 1554 case 0x3: tap->wr_rate = 108; break; 1555 /* unknown rate: should not happen */ 1556 default: tap->wr_rate = 0; 1557 } 1558 if (le16toh(head->flags) & 0x4) 1559 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1560 1561 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1562 } 1563 1564 /* grab a reference to the source node */ 1565 wh = mtod(m, struct ieee80211_frame *); 1566 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1567 1568 /* send the frame to the 802.11 layer */ 1569 ieee80211_input(ic, m, ni, stat->rssi, 0); 1570 1571 /* release node reference */ 1572 ieee80211_free_node(ni); 1573} 1574 1575static void 1576wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1577{ 1578 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1579 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1580 struct wpi_tx_data *data = &ring->data[desc->idx]; 1581 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1582 struct wpi_node *wn = (struct wpi_node *)data->ni; 1583 1584 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1585 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1586 stat->nkill, stat->rate, le32toh(stat->duration), 1587 le32toh(stat->status))); 1588 1589 /* 1590 * Update rate control statistics for the node. 1591 * XXX we should not count mgmt frames since they're always sent at 1592 * the lowest available bit-rate. 1593 */ 1594 wn->amn.amn_txcnt++; 1595 if (stat->ntries > 0) { 1596 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1597 wn->amn.amn_retrycnt++; 1598 } 1599 1600 if ((le32toh(stat->status) & 0xff) != 1) 1601 ifp->if_oerrors++; 1602 else 1603 ifp->if_opackets++; 1604 1605 bus_dmamap_unload(sc->sc_dmat, data->map); 1606 m_freem(data->m); 1607 data->m = NULL; 1608 ieee80211_free_node(data->ni); 1609 data->ni = NULL; 1610 1611 ring->queued--; 1612 1613 sc->sc_tx_timer = 0; 1614 ifp->if_flags &= ~IFF_OACTIVE; 1615 wpi_start(ifp); 1616} 1617 1618static void 1619wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1620{ 1621 struct wpi_tx_ring *ring = &sc->cmdq; 1622 struct wpi_tx_data *data; 1623 1624 if ((desc->qid & 7) != 4) 1625 return; /* not a command ack */ 1626 1627 data = &ring->data[desc->idx]; 1628 1629 /* if the command was mapped in a mbuf, free it */ 1630 if (data->m != NULL) { 1631 bus_dmamap_unload(sc->sc_dmat, data->map); 1632 m_freem(data->m); 1633 data->m = NULL; 1634 } 1635 1636 wakeup(&ring->cmd[desc->idx]); 1637} 1638 1639static void 1640wpi_notif_intr(struct wpi_softc *sc) 1641{ 1642 struct ieee80211com *ic = &sc->sc_ic; 1643 struct ifnet *ifp = ic->ic_ifp; 1644 uint32_t hw; 1645 1646 hw = le32toh(sc->shared->next); 1647 while (sc->rxq.cur != hw) { 1648 struct wpi_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1649 struct wpi_rx_desc *desc = mtod(data->m, struct wpi_rx_desc *); 1650 1651 DPRINTFN(4, ("rx notification qid=%x idx=%d flags=%x type=%d " 1652 "len=%d\n", desc->qid, desc->idx, desc->flags, 1653 desc->type, le32toh(desc->len))); 1654 1655 if (!(desc->qid & 0x80)) /* reply to a command */ 1656 wpi_cmd_intr(sc, desc); 1657 1658 switch (desc->type) { 1659 case WPI_RX_DONE: 1660 /* a 802.11 frame was received */ 1661 wpi_rx_intr(sc, desc, data); 1662 break; 1663 1664 case WPI_TX_DONE: 1665 /* a 802.11 frame has been transmitted */ 1666 wpi_tx_intr(sc, desc); 1667 break; 1668 1669 case WPI_UC_READY: 1670 { 1671 struct wpi_ucode_info *uc = 1672 (struct wpi_ucode_info *)(desc + 1); 1673 1674 /* the microcontroller is ready */ 1675 DPRINTF(("microcode alive notification version %x " 1676 "alive %x\n", le32toh(uc->version), 1677 le32toh(uc->valid))); 1678 1679 if (le32toh(uc->valid) != 1) { 1680 aprint_error_dev(sc->sc_dev, 1681 "microcontroller initialization failed\n"); 1682 } 1683 break; 1684 } 1685 case WPI_STATE_CHANGED: 1686 { 1687 uint32_t *status = (uint32_t *)(desc + 1); 1688 1689 /* enabled/disabled notification */ 1690 DPRINTF(("state changed to %x\n", le32toh(*status))); 1691 1692 if (le32toh(*status) & 1) { 1693 /* the radio button has to be pushed */ 1694 aprint_error_dev(sc->sc_dev, 1695 "Radio transmitter is off\n"); 1696 /* turn the interface down */ 1697 ifp->if_flags &= ~IFF_UP; 1698 wpi_stop(ifp, 1); 1699 return; /* no further processing */ 1700 } 1701 break; 1702 } 1703 case WPI_START_SCAN: 1704 { 1705 struct wpi_start_scan *scan = 1706 (struct wpi_start_scan *)(desc + 1); 1707 1708 DPRINTFN(2, ("scanning channel %d status %x\n", 1709 scan->chan, le32toh(scan->status))); 1710 1711 /* fix current channel */ 1712 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1713 break; 1714 } 1715 case WPI_STOP_SCAN: 1716 { 1717 struct wpi_stop_scan *scan = 1718 (struct wpi_stop_scan *)(desc + 1); 1719 1720 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1721 scan->nchan, scan->status, scan->chan)); 1722 1723 if (scan->status == 1 && scan->chan <= 14) { 1724 /* 1725 * We just finished scanning 802.11g channels, 1726 * start scanning 802.11a ones. 1727 */ 1728 if (wpi_scan(sc, IEEE80211_CHAN_A) == 0) 1729 break; 1730 } 1731 sc->is_scanning = false; 1732 ieee80211_end_scan(ic); 1733 break; 1734 } 1735 } 1736 1737 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 1738 } 1739 1740 /* tell the firmware what we have processed */ 1741 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1742 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7); 1743} 1744 1745static int 1746wpi_intr(void *arg) 1747{ 1748 struct wpi_softc *sc = arg; 1749 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1750 uint32_t r; 1751 1752 r = WPI_READ(sc, WPI_INTR); 1753 if (r == 0 || r == 0xffffffff) 1754 return 0; /* not for us */ 1755 1756 DPRINTFN(6, ("interrupt reg %x\n", r)); 1757 1758 /* disable interrupts */ 1759 WPI_WRITE(sc, WPI_MASK, 0); 1760 /* ack interrupts */ 1761 WPI_WRITE(sc, WPI_INTR, r); 1762 1763 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1764 /* SYSTEM FAILURE, SYSTEM FAILURE */ 1765 aprint_error_dev(sc->sc_dev, "fatal firmware error\n"); 1766 ifp->if_flags &= ~IFF_UP; 1767 wpi_stop(ifp, 1); 1768 return 1; 1769 } 1770 1771 if (r & WPI_RX_INTR) 1772 wpi_notif_intr(sc); 1773 1774 if (r & WPI_ALIVE_INTR) /* firmware initialized */ 1775 wakeup(sc); 1776 1777 /* re-enable interrupts */ 1778 if (ifp->if_flags & IFF_UP) 1779 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1780 1781 return 1; 1782} 1783 1784static uint8_t 1785wpi_plcp_signal(int rate) 1786{ 1787 switch (rate) { 1788 /* CCK rates (returned values are device-dependent) */ 1789 case 2: return 10; 1790 case 4: return 20; 1791 case 11: return 55; 1792 case 22: return 110; 1793 1794 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1795 /* R1-R4, (u)ral is R4-R1 */ 1796 case 12: return 0xd; 1797 case 18: return 0xf; 1798 case 24: return 0x5; 1799 case 36: return 0x7; 1800 case 48: return 0x9; 1801 case 72: return 0xb; 1802 case 96: return 0x1; 1803 case 108: return 0x3; 1804 1805 /* unsupported rates (should not get there) */ 1806 default: return 0; 1807 } 1808} 1809 1810/* quickly determine if a given rate is CCK or OFDM */ 1811#define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1812 1813static int 1814wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1815 int ac) 1816{ 1817 struct ieee80211com *ic = &sc->sc_ic; 1818 struct wpi_tx_ring *ring = &sc->txq[ac]; 1819 struct wpi_tx_desc *desc; 1820 struct wpi_tx_data *data; 1821 struct wpi_tx_cmd *cmd; 1822 struct wpi_cmd_data *tx; 1823 struct ieee80211_frame *wh; 1824 struct ieee80211_key *k; 1825 const struct chanAccParams *cap; 1826 struct mbuf *mnew; 1827 int i, rate, error, hdrlen, noack = 0; 1828 1829 desc = &ring->desc[ring->cur]; 1830 data = &ring->data[ring->cur]; 1831 1832 wh = mtod(m0, struct ieee80211_frame *); 1833 1834 if (ieee80211_has_qos(wh)) { 1835 cap = &ic->ic_wme.wme_chanParams; 1836 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1837 } 1838 1839 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1840 k = ieee80211_crypto_encap(ic, ni, m0); 1841 if (k == NULL) { 1842 m_freem(m0); 1843 return ENOBUFS; 1844 } 1845 1846 /* packet header may have moved, reset our local pointer */ 1847 wh = mtod(m0, struct ieee80211_frame *); 1848 } 1849 1850 hdrlen = ieee80211_anyhdrsize(wh); 1851 1852 /* pickup a rate */ 1853 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1854 IEEE80211_FC0_TYPE_MGT) { 1855 /* mgmt frames are sent at the lowest available bit-rate */ 1856 rate = ni->ni_rates.rs_rates[0]; 1857 } else { 1858 if (ic->ic_fixed_rate != -1) { 1859 rate = ic->ic_sup_rates[ic->ic_curmode]. 1860 rs_rates[ic->ic_fixed_rate]; 1861 } else 1862 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1863 } 1864 rate &= IEEE80211_RATE_VAL; 1865 1866 if (sc->sc_drvbpf != NULL) { 1867 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 1868 1869 tap->wt_flags = 0; 1870 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1871 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1872 tap->wt_rate = rate; 1873 tap->wt_hwqueue = ac; 1874 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1875 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1876 1877 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1878 } 1879 1880 cmd = &ring->cmd[ring->cur]; 1881 cmd->code = WPI_CMD_TX_DATA; 1882 cmd->flags = 0; 1883 cmd->qid = ring->qid; 1884 cmd->idx = ring->cur; 1885 1886 tx = (struct wpi_cmd_data *)cmd->data; 1887 /* no need to zero tx, all fields are reinitialized here */ 1888 tx->flags = 0; 1889 1890 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1891 tx->flags |= htole32(WPI_TX_NEED_ACK); 1892 } else if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 1893 tx->flags |= htole32(WPI_TX_NEED_RTS | WPI_TX_FULL_TXOP); 1894 1895 tx->flags |= htole32(WPI_TX_AUTO_SEQ); 1896 1897 /* retrieve destination node's id */ 1898 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? WPI_ID_BROADCAST : 1899 WPI_ID_BSS; 1900 1901 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1902 IEEE80211_FC0_TYPE_MGT) { 1903 /* tell h/w to set timestamp in probe responses */ 1904 if ((wh->i_fc[0] & 1905 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1906 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1907 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP); 1908 1909 if (((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1910 IEEE80211_FC0_SUBTYPE_ASSOC_REQ) || 1911 ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1912 IEEE80211_FC0_SUBTYPE_REASSOC_REQ)) 1913 tx->timeout = htole16(3); 1914 else 1915 tx->timeout = htole16(2); 1916 } else 1917 tx->timeout = htole16(0); 1918 1919 tx->rate = wpi_plcp_signal(rate); 1920 1921 /* be very persistant at sending frames out */ 1922 tx->rts_ntries = 7; 1923 tx->data_ntries = 15; 1924 1925 tx->ofdm_mask = 0xff; 1926 tx->cck_mask = 0x0f; 1927 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 1928 1929 tx->len = htole16(m0->m_pkthdr.len); 1930 1931 /* save and trim IEEE802.11 header */ 1932 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 1933 m_adj(m0, hdrlen); 1934 1935 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1936 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1937 if (error != 0 && error != EFBIG) { 1938 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", 1939 error); 1940 m_freem(m0); 1941 return error; 1942 } 1943 if (error != 0) { 1944 /* too many fragments, linearize */ 1945 1946 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1947 if (mnew == NULL) { 1948 m_freem(m0); 1949 return ENOMEM; 1950 } 1951 M_COPY_PKTHDR(mnew, m0); 1952 if (m0->m_pkthdr.len > MHLEN) { 1953 MCLGET(mnew, M_DONTWAIT); 1954 if (!(mnew->m_flags & M_EXT)) { 1955 m_freem(m0); 1956 m_freem(mnew); 1957 return ENOMEM; 1958 } 1959 } 1960 1961 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 1962 m_freem(m0); 1963 mnew->m_len = mnew->m_pkthdr.len; 1964 m0 = mnew; 1965 1966 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1967 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1968 if (error != 0) { 1969 aprint_error_dev(sc->sc_dev, 1970 "could not map mbuf (error %d)\n", error); 1971 m_freem(m0); 1972 return error; 1973 } 1974 } 1975 1976 data->m = m0; 1977 data->ni = ni; 1978 1979 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 1980 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 1981 1982 /* first scatter/gather segment is used by the tx data command */ 1983 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 1984 (1 + data->map->dm_nsegs) << 24); 1985 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1986 ring->cur * sizeof (struct wpi_tx_cmd)); 1987 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data) + 1988 ((hdrlen + 3) & ~3)); 1989 for (i = 1; i <= data->map->dm_nsegs; i++) { 1990 desc->segs[i].addr = 1991 htole32(data->map->dm_segs[i - 1].ds_addr); 1992 desc->segs[i].len = 1993 htole32(data->map->dm_segs[i - 1].ds_len); 1994 } 1995 1996 ring->queued++; 1997 1998 /* kick ring */ 1999 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 2000 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2001 2002 return 0; 2003} 2004 2005static void 2006wpi_start(struct ifnet *ifp) 2007{ 2008 struct wpi_softc *sc = ifp->if_softc; 2009 struct ieee80211com *ic = &sc->sc_ic; 2010 struct ieee80211_node *ni; 2011 struct ether_header *eh; 2012 struct mbuf *m0; 2013 int ac; 2014 2015 /* 2016 * net80211 may still try to send management frames even if the 2017 * IFF_RUNNING flag is not set... 2018 */ 2019 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2020 return; 2021 2022 for (;;) { 2023 IF_DEQUEUE(&ic->ic_mgtq, m0); 2024 if (m0 != NULL) { 2025 2026 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 2027 m0->m_pkthdr.rcvif = NULL; 2028 2029 /* management frames go into ring 0 */ 2030 if (sc->txq[0].queued > sc->txq[0].count - 8) { 2031 ifp->if_oerrors++; 2032 continue; 2033 } 2034 bpf_mtap3(ic->ic_rawbpf, m0); 2035 if (wpi_tx_data(sc, m0, ni, 0) != 0) { 2036 ifp->if_oerrors++; 2037 break; 2038 } 2039 } else { 2040 if (ic->ic_state != IEEE80211_S_RUN) 2041 break; 2042 IFQ_POLL(&ifp->if_snd, m0); 2043 if (m0 == NULL) 2044 break; 2045 2046 if (m0->m_len < sizeof (*eh) && 2047 (m0 = m_pullup(m0, sizeof (*eh))) == NULL) { 2048 ifp->if_oerrors++; 2049 continue; 2050 } 2051 eh = mtod(m0, struct ether_header *); 2052 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2053 if (ni == NULL) { 2054 m_freem(m0); 2055 ifp->if_oerrors++; 2056 continue; 2057 } 2058 2059 /* classify mbuf so we can find which tx ring to use */ 2060 if (ieee80211_classify(ic, m0, ni) != 0) { 2061 m_freem(m0); 2062 ieee80211_free_node(ni); 2063 ifp->if_oerrors++; 2064 continue; 2065 } 2066 2067 /* no QoS encapsulation for EAPOL frames */ 2068 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 2069 M_WME_GETAC(m0) : WME_AC_BE; 2070 2071 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 2072 /* there is no place left in this ring */ 2073 ifp->if_flags |= IFF_OACTIVE; 2074 break; 2075 } 2076 IFQ_DEQUEUE(&ifp->if_snd, m0); 2077 bpf_mtap(ifp, m0); 2078 m0 = ieee80211_encap(ic, m0, ni); 2079 if (m0 == NULL) { 2080 ieee80211_free_node(ni); 2081 ifp->if_oerrors++; 2082 continue; 2083 } 2084 bpf_mtap3(ic->ic_rawbpf, m0); 2085 if (wpi_tx_data(sc, m0, ni, ac) != 0) { 2086 ieee80211_free_node(ni); 2087 ifp->if_oerrors++; 2088 break; 2089 } 2090 } 2091 2092 sc->sc_tx_timer = 5; 2093 ifp->if_timer = 1; 2094 } 2095} 2096 2097static void 2098wpi_watchdog(struct ifnet *ifp) 2099{ 2100 struct wpi_softc *sc = ifp->if_softc; 2101 2102 ifp->if_timer = 0; 2103 2104 if (sc->sc_tx_timer > 0) { 2105 if (--sc->sc_tx_timer == 0) { 2106 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2107 ifp->if_flags &= ~IFF_UP; 2108 wpi_stop(ifp, 1); 2109 ifp->if_oerrors++; 2110 return; 2111 } 2112 ifp->if_timer = 1; 2113 } 2114 2115 ieee80211_watchdog(&sc->sc_ic); 2116} 2117 2118static int 2119wpi_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2120{ 2121#define IS_RUNNING(ifp) \ 2122 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 2123 2124 struct wpi_softc *sc = ifp->if_softc; 2125 struct ieee80211com *ic = &sc->sc_ic; 2126 int s, error = 0; 2127 2128 s = splnet(); 2129 2130 switch (cmd) { 2131 case SIOCSIFFLAGS: 2132 if ((error = ifioctl_common(ifp, cmd, data)) != 0) 2133 break; 2134 if (ifp->if_flags & IFF_UP) { 2135 if (!(ifp->if_flags & IFF_RUNNING)) 2136 wpi_init(ifp); 2137 } else { 2138 if (ifp->if_flags & IFF_RUNNING) 2139 wpi_stop(ifp, 1); 2140 } 2141 break; 2142 2143 case SIOCADDMULTI: 2144 case SIOCDELMULTI: 2145 /* XXX no h/w multicast filter? --dyoung */ 2146 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2147 /* setup multicast filter, etc */ 2148 error = 0; 2149 } 2150 break; 2151 2152 default: 2153 error = ieee80211_ioctl(ic, cmd, data); 2154 } 2155 2156 if (error == ENETRESET) { 2157 if (IS_RUNNING(ifp) && 2158 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2159 wpi_init(ifp); 2160 error = 0; 2161 } 2162 2163 splx(s); 2164 return error; 2165 2166#undef IS_RUNNING 2167} 2168 2169/* 2170 * Extract various information from EEPROM. 2171 */ 2172static void 2173wpi_read_eeprom(struct wpi_softc *sc) 2174{ 2175 struct ieee80211com *ic = &sc->sc_ic; 2176 char domain[4]; 2177 int i; 2178 2179 wpi_read_prom_data(sc, WPI_EEPROM_CAPABILITIES, &sc->cap, 1); 2180 wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev, 2); 2181 wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1); 2182 2183 DPRINTF(("cap=%x rev=%x type=%x\n", sc->cap, le16toh(sc->rev), 2184 sc->type)); 2185 2186 /* read and print regulatory domain */ 2187 wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, domain, 4); 2188 aprint_normal_dev(sc->sc_dev, "%.4s", domain); 2189 2190 /* read and print MAC address */ 2191 wpi_read_prom_data(sc, WPI_EEPROM_MAC, ic->ic_myaddr, 6); 2192 aprint_normal(", address %s\n", ether_sprintf(ic->ic_myaddr)); 2193 2194 /* read the list of authorized channels */ 2195 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++) 2196 wpi_read_eeprom_channels(sc, i); 2197 2198 /* read the list of power groups */ 2199 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++) 2200 wpi_read_eeprom_group(sc, i); 2201} 2202 2203static void 2204wpi_read_eeprom_channels(struct wpi_softc *sc, int n) 2205{ 2206 struct ieee80211com *ic = &sc->sc_ic; 2207 const struct wpi_chan_band *band = &wpi_bands[n]; 2208 struct wpi_eeprom_chan channels[WPI_MAX_CHAN_PER_BAND]; 2209 int chan, i; 2210 2211 wpi_read_prom_data(sc, band->addr, channels, 2212 band->nchan * sizeof (struct wpi_eeprom_chan)); 2213 2214 for (i = 0; i < band->nchan; i++) { 2215 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) 2216 continue; 2217 2218 chan = band->chan[i]; 2219 2220 if (n == 0) { /* 2GHz band */ 2221 ic->ic_channels[chan].ic_freq = 2222 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 2223 ic->ic_channels[chan].ic_flags = 2224 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 2225 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 2226 2227 } else { /* 5GHz band */ 2228 /* 2229 * Some 3945ABG adapters support channels 7, 8, 11 2230 * and 12 in the 2GHz *and* 5GHz bands. 2231 * Because of limitations in our net80211(9) stack, 2232 * we can't support these channels in 5GHz band. 2233 */ 2234 if (chan <= 14) 2235 continue; 2236 2237 ic->ic_channels[chan].ic_freq = 2238 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 2239 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 2240 } 2241 2242 /* is active scan allowed on this channel? */ 2243 if (!(channels[i].flags & WPI_EEPROM_CHAN_ACTIVE)) { 2244 ic->ic_channels[chan].ic_flags |= 2245 IEEE80211_CHAN_PASSIVE; 2246 } 2247 2248 /* save maximum allowed power for this channel */ 2249 sc->maxpwr[chan] = channels[i].maxpwr; 2250 2251 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 2252 chan, channels[i].flags, sc->maxpwr[chan])); 2253 } 2254} 2255 2256static void 2257wpi_read_eeprom_group(struct wpi_softc *sc, int n) 2258{ 2259 struct wpi_power_group *group = &sc->groups[n]; 2260 struct wpi_eeprom_group rgroup; 2261 int i; 2262 2263 wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, &rgroup, 2264 sizeof rgroup); 2265 2266 /* save power group information */ 2267 group->chan = rgroup.chan; 2268 group->maxpwr = rgroup.maxpwr; 2269 /* temperature at which the samples were taken */ 2270 group->temp = (int16_t)le16toh(rgroup.temp); 2271 2272 DPRINTF(("power group %d: chan=%d maxpwr=%d temp=%d\n", n, 2273 group->chan, group->maxpwr, group->temp)); 2274 2275 for (i = 0; i < WPI_SAMPLES_COUNT; i++) { 2276 group->samples[i].index = rgroup.samples[i].index; 2277 group->samples[i].power = rgroup.samples[i].power; 2278 2279 DPRINTF(("\tsample %d: index=%d power=%d\n", i, 2280 group->samples[i].index, group->samples[i].power)); 2281 } 2282} 2283 2284/* 2285 * Send a command to the firmware. 2286 */ 2287static int 2288wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async) 2289{ 2290 struct wpi_tx_ring *ring = &sc->cmdq; 2291 struct wpi_tx_desc *desc; 2292 struct wpi_tx_cmd *cmd; 2293 2294 KASSERT(size <= sizeof cmd->data); 2295 2296 desc = &ring->desc[ring->cur]; 2297 cmd = &ring->cmd[ring->cur]; 2298 2299 cmd->code = code; 2300 cmd->flags = 0; 2301 cmd->qid = ring->qid; 2302 cmd->idx = ring->cur; 2303 memcpy(cmd->data, buf, size); 2304 2305 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24); 2306 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2307 ring->cur * sizeof (struct wpi_tx_cmd)); 2308 desc->segs[0].len = htole32(4 + size); 2309 2310 /* kick cmd ring */ 2311 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2312 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2313 2314 return async ? 0 : tsleep(cmd, PCATCH, "wpicmd", hz); 2315} 2316 2317static int 2318wpi_wme_update(struct ieee80211com *ic) 2319{ 2320#define WPI_EXP2(v) htole16((1 << (v)) - 1) 2321#define WPI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2322 struct wpi_softc *sc = ic->ic_ifp->if_softc; 2323 const struct wmeParams *wmep; 2324 struct wpi_wme_setup wme; 2325 int ac; 2326 2327 /* don't override default WME values if WME is not actually enabled */ 2328 if (!(ic->ic_flags & IEEE80211_F_WME)) 2329 return 0; 2330 2331 wme.flags = 0; 2332 for (ac = 0; ac < WME_NUM_AC; ac++) { 2333 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2334 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2335 wme.ac[ac].cwmin = WPI_EXP2(wmep->wmep_logcwmin); 2336 wme.ac[ac].cwmax = WPI_EXP2(wmep->wmep_logcwmax); 2337 wme.ac[ac].txop = WPI_USEC(wmep->wmep_txopLimit); 2338 2339 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2340 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2341 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2342 } 2343 2344 return wpi_cmd(sc, WPI_CMD_SET_WME, &wme, sizeof wme, 1); 2345#undef WPI_USEC 2346#undef WPI_EXP2 2347} 2348 2349/* 2350 * Configure h/w multi-rate retries. 2351 */ 2352static int 2353wpi_mrr_setup(struct wpi_softc *sc) 2354{ 2355 struct ieee80211com *ic = &sc->sc_ic; 2356 struct wpi_mrr_setup mrr; 2357 int i, error; 2358 2359 /* CCK rates (not used with 802.11a) */ 2360 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 2361 mrr.rates[i].flags = 0; 2362 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2363 /* fallback to the immediate lower CCK rate (if any) */ 2364 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 2365 /* try one time at this rate before falling back to "next" */ 2366 mrr.rates[i].ntries = 1; 2367 } 2368 2369 /* OFDM rates (not used with 802.11b) */ 2370 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 2371 mrr.rates[i].flags = 0; 2372 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2373 /* fallback to the immediate lower rate (if any) */ 2374 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */ 2375 mrr.rates[i].next = (i == WPI_OFDM6) ? 2376 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 2377 WPI_OFDM6 : WPI_CCK2) : 2378 i - 1; 2379 /* try one time at this rate before falling back to "next" */ 2380 mrr.rates[i].ntries = 1; 2381 } 2382 2383 /* setup MRR for control frames */ 2384 mrr.which = htole32(WPI_MRR_CTL); 2385 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2386 if (error != 0) { 2387 aprint_error_dev(sc->sc_dev, 2388 "could not setup MRR for control frames\n"); 2389 return error; 2390 } 2391 2392 /* setup MRR for data frames */ 2393 mrr.which = htole32(WPI_MRR_DATA); 2394 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2395 if (error != 0) { 2396 aprint_error_dev(sc->sc_dev, 2397 "could not setup MRR for data frames\n"); 2398 return error; 2399 } 2400 2401 return 0; 2402} 2403 2404static void 2405wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2406{ 2407 struct wpi_cmd_led led; 2408 2409 led.which = which; 2410 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2411 led.off = off; 2412 led.on = on; 2413 2414 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 2415} 2416 2417static void 2418wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni) 2419{ 2420 struct wpi_cmd_tsf tsf; 2421 uint64_t val, mod; 2422 2423 memset(&tsf, 0, sizeof tsf); 2424 memcpy(&tsf.tstamp, ni->ni_tstamp.data, sizeof (uint64_t)); 2425 tsf.bintval = htole16(ni->ni_intval); 2426 tsf.lintval = htole16(10); 2427 2428 /* compute remaining time until next beacon */ 2429 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 2430 mod = le64toh(tsf.tstamp) % val; 2431 tsf.binitval = htole32((uint32_t)(val - mod)); 2432 2433 DPRINTF(("TSF bintval=%u tstamp=%" PRIu64 ", init=%u\n", 2434 ni->ni_intval, le64toh(tsf.tstamp), (uint32_t)(val - mod))); 2435 2436 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2437 aprint_error_dev(sc->sc_dev, "could not enable TSF\n"); 2438} 2439 2440/* 2441 * Update Tx power to match what is defined for channel `c'. 2442 */ 2443static int 2444wpi_set_txpower(struct wpi_softc *sc, struct ieee80211_channel *c, int async) 2445{ 2446 struct ieee80211com *ic = &sc->sc_ic; 2447 struct wpi_power_group *group; 2448 struct wpi_cmd_txpower txpower; 2449 u_int chan; 2450 int i; 2451 2452 /* get channel number */ 2453 chan = ieee80211_chan2ieee(ic, c); 2454 2455 /* find the power group to which this channel belongs */ 2456 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2457 for (group = &sc->groups[1]; group < &sc->groups[4]; group++) 2458 if (chan <= group->chan) 2459 break; 2460 } else 2461 group = &sc->groups[0]; 2462 2463 memset(&txpower, 0, sizeof txpower); 2464 txpower.band = IEEE80211_IS_CHAN_5GHZ(c) ? 0 : 1; 2465 txpower.chan = htole16(chan); 2466 2467 /* set Tx power for all OFDM and CCK rates */ 2468 for (i = 0; i <= 11 ; i++) { 2469 /* retrieve Tx power for this channel/rate combination */ 2470 int idx = wpi_get_power_index(sc, group, c, 2471 wpi_ridx_to_rate[i]); 2472 2473 txpower.rates[i].plcp = wpi_ridx_to_plcp[i]; 2474 2475 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2476 txpower.rates[i].rf_gain = wpi_rf_gain_5ghz[idx]; 2477 txpower.rates[i].dsp_gain = wpi_dsp_gain_5ghz[idx]; 2478 } else { 2479 txpower.rates[i].rf_gain = wpi_rf_gain_2ghz[idx]; 2480 txpower.rates[i].dsp_gain = wpi_dsp_gain_2ghz[idx]; 2481 } 2482 DPRINTF(("chan %d/rate %d: power index %d\n", chan, 2483 wpi_ridx_to_rate[i], idx)); 2484 } 2485 2486 return wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, async); 2487} 2488 2489/* 2490 * Determine Tx power index for a given channel/rate combination. 2491 * This takes into account the regulatory information from EEPROM and the 2492 * current temperature. 2493 */ 2494static int 2495wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group, 2496 struct ieee80211_channel *c, int rate) 2497{ 2498/* fixed-point arithmetic division using a n-bit fractional part */ 2499#define fdivround(a, b, n) \ 2500 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 2501 2502/* linear interpolation */ 2503#define interpolate(x, x1, y1, x2, y2, n) \ 2504 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 2505 2506 struct ieee80211com *ic = &sc->sc_ic; 2507 struct wpi_power_sample *sample; 2508 int pwr, idx; 2509 u_int chan; 2510 2511 /* get channel number */ 2512 chan = ieee80211_chan2ieee(ic, c); 2513 2514 /* default power is group's maximum power - 3dB */ 2515 pwr = group->maxpwr / 2; 2516 2517 /* decrease power for highest OFDM rates to reduce distortion */ 2518 switch (rate) { 2519 case 72: /* 36Mb/s */ 2520 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5; 2521 break; 2522 case 96: /* 48Mb/s */ 2523 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10; 2524 break; 2525 case 108: /* 54Mb/s */ 2526 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12; 2527 break; 2528 } 2529 2530 /* never exceed channel's maximum allowed Tx power */ 2531 pwr = min(pwr, sc->maxpwr[chan]); 2532 2533 /* retrieve power index into gain tables from samples */ 2534 for (sample = group->samples; sample < &group->samples[3]; sample++) 2535 if (pwr > sample[1].power) 2536 break; 2537 /* fixed-point linear interpolation using a 19-bit fractional part */ 2538 idx = interpolate(pwr, sample[0].power, sample[0].index, 2539 sample[1].power, sample[1].index, 19); 2540 2541 /*- 2542 * Adjust power index based on current temperature: 2543 * - if cooler than factory-calibrated: decrease output power 2544 * - if warmer than factory-calibrated: increase output power 2545 */ 2546 idx -= (sc->temp - group->temp) * 11 / 100; 2547 2548 /* decrease power for CCK rates (-5dB) */ 2549 if (!WPI_RATE_IS_OFDM(rate)) 2550 idx += 10; 2551 2552 /* keep power index in a valid range */ 2553 if (idx < 0) 2554 return 0; 2555 if (idx > WPI_MAX_PWR_INDEX) 2556 return WPI_MAX_PWR_INDEX; 2557 return idx; 2558 2559#undef interpolate 2560#undef fdivround 2561} 2562 2563/* 2564 * Build a beacon frame that the firmware will broadcast periodically in 2565 * IBSS or HostAP modes. 2566 */ 2567static int 2568wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 2569{ 2570 struct ieee80211com *ic = &sc->sc_ic; 2571 struct wpi_tx_ring *ring = &sc->cmdq; 2572 struct wpi_tx_desc *desc; 2573 struct wpi_tx_data *data; 2574 struct wpi_tx_cmd *cmd; 2575 struct wpi_cmd_beacon *bcn; 2576 struct ieee80211_beacon_offsets bo; 2577 struct mbuf *m0; 2578 int error; 2579 2580 desc = &ring->desc[ring->cur]; 2581 data = &ring->data[ring->cur]; 2582 2583 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2584 if (m0 == NULL) { 2585 aprint_error_dev(sc->sc_dev, 2586 "could not allocate beacon frame\n"); 2587 return ENOMEM; 2588 } 2589 2590 cmd = &ring->cmd[ring->cur]; 2591 cmd->code = WPI_CMD_SET_BEACON; 2592 cmd->flags = 0; 2593 cmd->qid = ring->qid; 2594 cmd->idx = ring->cur; 2595 2596 bcn = (struct wpi_cmd_beacon *)cmd->data; 2597 memset(bcn, 0, sizeof (struct wpi_cmd_beacon)); 2598 bcn->id = WPI_ID_BROADCAST; 2599 bcn->ofdm_mask = 0xff; 2600 bcn->cck_mask = 0x0f; 2601 bcn->lifetime = htole32(WPI_LIFETIME_INFINITE); 2602 bcn->len = htole16(m0->m_pkthdr.len); 2603 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2604 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2605 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 2606 2607 /* save and trim IEEE802.11 header */ 2608 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (void *)&bcn->wh); 2609 m_adj(m0, sizeof (struct ieee80211_frame)); 2610 2611 /* assume beacon frame is contiguous */ 2612 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2613 BUS_DMA_READ | BUS_DMA_NOWAIT); 2614 if (error != 0) { 2615 aprint_error_dev(sc->sc_dev, "could not map beacon\n"); 2616 m_freem(m0); 2617 return error; 2618 } 2619 2620 data->m = m0; 2621 2622 /* first scatter/gather segment is used by the beacon command */ 2623 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24); 2624 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2625 ring->cur * sizeof (struct wpi_tx_cmd)); 2626 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon)); 2627 desc->segs[1].addr = htole32(data->map->dm_segs[0].ds_addr); 2628 desc->segs[1].len = htole32(data->map->dm_segs[0].ds_len); 2629 2630 /* kick cmd ring */ 2631 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2632 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2633 2634 return 0; 2635} 2636 2637static int 2638wpi_auth(struct wpi_softc *sc) 2639{ 2640 struct ieee80211com *ic = &sc->sc_ic; 2641 struct ieee80211_node *ni = ic->ic_bss; 2642 struct wpi_node_info node; 2643 int error; 2644 2645 /* update adapter's configuration */ 2646 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 2647 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2648 sc->config.flags = htole32(WPI_CONFIG_TSF); 2649 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2650 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2651 WPI_CONFIG_24GHZ); 2652 } 2653 switch (ic->ic_curmode) { 2654 case IEEE80211_MODE_11A: 2655 sc->config.cck_mask = 0; 2656 sc->config.ofdm_mask = 0x15; 2657 break; 2658 case IEEE80211_MODE_11B: 2659 sc->config.cck_mask = 0x03; 2660 sc->config.ofdm_mask = 0; 2661 break; 2662 default: /* assume 802.11b/g */ 2663 sc->config.cck_mask = 0x0f; 2664 sc->config.ofdm_mask = 0x15; 2665 } 2666 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 2667 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 2668 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2669 sizeof (struct wpi_config), 1); 2670 if (error != 0) { 2671 aprint_error_dev(sc->sc_dev, "could not configure\n"); 2672 return error; 2673 } 2674 2675 /* configuration has changed, set Tx power accordingly */ 2676 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 2677 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 2678 return error; 2679 } 2680 2681 /* add default node */ 2682 memset(&node, 0, sizeof node); 2683 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid); 2684 node.id = WPI_ID_BSS; 2685 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2686 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2687 node.action = htole32(WPI_ACTION_SET_RATE); 2688 node.antenna = WPI_ANTENNA_BOTH; 2689 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 2690 if (error != 0) { 2691 aprint_error_dev(sc->sc_dev, "could not add BSS node\n"); 2692 return error; 2693 } 2694 2695 return 0; 2696} 2697 2698/* 2699 * Send a scan request to the firmware. Since this command is huge, we map it 2700 * into a mbuf instead of using the pre-allocated set of commands. 2701 */ 2702static int 2703wpi_scan(struct wpi_softc *sc, uint16_t flags) 2704{ 2705 struct ieee80211com *ic = &sc->sc_ic; 2706 struct wpi_tx_ring *ring = &sc->cmdq; 2707 struct wpi_tx_desc *desc; 2708 struct wpi_tx_data *data; 2709 struct wpi_tx_cmd *cmd; 2710 struct wpi_scan_hdr *hdr; 2711 struct wpi_scan_chan *chan; 2712 struct ieee80211_frame *wh; 2713 struct ieee80211_rateset *rs; 2714 struct ieee80211_channel *c; 2715 enum ieee80211_phymode mode; 2716 uint8_t *frm; 2717 int pktlen, error, nrates; 2718 2719 desc = &ring->desc[ring->cur]; 2720 data = &ring->data[ring->cur]; 2721 2722 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 2723 if (data->m == NULL) { 2724 aprint_error_dev(sc->sc_dev, 2725 "could not allocate mbuf for scan command\n"); 2726 return ENOMEM; 2727 } 2728 MCLGET(data->m, M_DONTWAIT); 2729 if (!(data->m->m_flags & M_EXT)) { 2730 m_freem(data->m); 2731 data->m = NULL; 2732 aprint_error_dev(sc->sc_dev, 2733 "could not allocate mbuf for scan command\n"); 2734 return ENOMEM; 2735 } 2736 2737 cmd = mtod(data->m, struct wpi_tx_cmd *); 2738 cmd->code = WPI_CMD_SCAN; 2739 cmd->flags = 0; 2740 cmd->qid = ring->qid; 2741 cmd->idx = ring->cur; 2742 2743 hdr = (struct wpi_scan_hdr *)cmd->data; 2744 memset(hdr, 0, sizeof (struct wpi_scan_hdr)); 2745 hdr->cmd.flags = htole32(WPI_TX_AUTO_SEQ); 2746 hdr->cmd.id = WPI_ID_BROADCAST; 2747 hdr->cmd.lifetime = htole32(WPI_LIFETIME_INFINITE); 2748 /* 2749 * Move to the next channel if no packets are received within 5 msecs 2750 * after sending the probe request (this helps to reduce the duration 2751 * of active scans). 2752 */ 2753 hdr->quiet = htole16(5); /* timeout in milliseconds */ 2754 hdr->plcp_threshold = htole16(1); /* min # of packets */ 2755 2756 if (flags & IEEE80211_CHAN_A) { 2757 hdr->crc_threshold = htole16(1); 2758 /* send probe requests at 6Mbps */ 2759 hdr->cmd.rate = wpi_plcp_signal(12); 2760 } else { 2761 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO); 2762 /* send probe requests at 1Mbps */ 2763 hdr->cmd.rate = wpi_plcp_signal(2); 2764 } 2765 2766 /* for directed scans, firmware inserts the essid IE itself */ 2767 hdr->essid[0].id = IEEE80211_ELEMID_SSID; 2768 hdr->essid[0].len = ic->ic_des_esslen; 2769 memcpy(hdr->essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 2770 2771 /* 2772 * Build a probe request frame. Most of the following code is a 2773 * copy & paste of what is done in net80211. 2774 */ 2775 wh = (struct ieee80211_frame *)(hdr + 1); 2776 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2777 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2778 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2779 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2780 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2781 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2782 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2783 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2784 2785 frm = (uint8_t *)(wh + 1); 2786 2787 /* add empty essid IE (firmware generates it for directed scans) */ 2788 *frm++ = IEEE80211_ELEMID_SSID; 2789 *frm++ = 0; 2790 2791 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 2792 rs = &ic->ic_sup_rates[mode]; 2793 2794 /* add supported rates IE */ 2795 *frm++ = IEEE80211_ELEMID_RATES; 2796 nrates = rs->rs_nrates; 2797 if (nrates > IEEE80211_RATE_SIZE) 2798 nrates = IEEE80211_RATE_SIZE; 2799 *frm++ = nrates; 2800 memcpy(frm, rs->rs_rates, nrates); 2801 frm += nrates; 2802 2803 /* add supported xrates IE */ 2804 if (rs->rs_nrates > IEEE80211_RATE_SIZE) { 2805 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 2806 *frm++ = IEEE80211_ELEMID_XRATES; 2807 *frm++ = nrates; 2808 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 2809 frm += nrates; 2810 } 2811 2812 /* setup length of probe request */ 2813 hdr->cmd.len = htole16(frm - (uint8_t *)wh); 2814 2815 chan = (struct wpi_scan_chan *)frm; 2816 for (c = &ic->ic_channels[1]; 2817 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 2818 if ((c->ic_flags & flags) != flags) 2819 continue; 2820 2821 chan->chan = ieee80211_chan2ieee(ic, c); 2822 chan->flags = 0; 2823 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 2824 chan->flags |= WPI_CHAN_ACTIVE; 2825 if (ic->ic_des_esslen != 0) 2826 chan->flags |= WPI_CHAN_DIRECT; 2827 } 2828 chan->dsp_gain = 0x6e; 2829 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2830 chan->rf_gain = 0x3b; 2831 chan->active = htole16(10); 2832 chan->passive = htole16(110); 2833 } else { 2834 chan->rf_gain = 0x28; 2835 chan->active = htole16(20); 2836 chan->passive = htole16(120); 2837 } 2838 hdr->nchan++; 2839 chan++; 2840 2841 frm += sizeof (struct wpi_scan_chan); 2842 } 2843 2844 hdr->len = htole16(frm - (uint8_t *)hdr); 2845 pktlen = frm - (uint8_t *)cmd; 2846 2847 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, NULL, 2848 BUS_DMA_NOWAIT); 2849 if (error != 0) { 2850 aprint_error_dev(sc->sc_dev, "could not map scan command\n"); 2851 m_freem(data->m); 2852 data->m = NULL; 2853 return error; 2854 } 2855 2856 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2857 desc->segs[0].addr = htole32(data->map->dm_segs[0].ds_addr); 2858 desc->segs[0].len = htole32(data->map->dm_segs[0].ds_len); 2859 2860 /* kick cmd ring */ 2861 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2862 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2863 2864 return 0; /* will be notified async. of failure/success */ 2865} 2866 2867static int 2868wpi_config(struct wpi_softc *sc) 2869{ 2870 struct ieee80211com *ic = &sc->sc_ic; 2871 struct ifnet *ifp = ic->ic_ifp; 2872 struct wpi_power power; 2873 struct wpi_bluetooth bluetooth; 2874 struct wpi_node_info node; 2875 int error; 2876 2877 memset(&power, 0, sizeof power); 2878 power.flags = htole32(WPI_POWER_CAM | 0x8); 2879 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0); 2880 if (error != 0) { 2881 aprint_error_dev(sc->sc_dev, "could not set power mode\n"); 2882 return error; 2883 } 2884 2885 /* configure bluetooth coexistence */ 2886 memset(&bluetooth, 0, sizeof bluetooth); 2887 bluetooth.flags = 3; 2888 bluetooth.lead = 0xaa; 2889 bluetooth.kill = 1; 2890 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 2891 0); 2892 if (error != 0) { 2893 aprint_error_dev(sc->sc_dev, 2894 "could not configure bluetooth coexistence\n"); 2895 return error; 2896 } 2897 2898 /* configure adapter */ 2899 memset(&sc->config, 0, sizeof (struct wpi_config)); 2900 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 2901 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 2902 /* set default channel */ 2903 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 2904 sc->config.flags = htole32(WPI_CONFIG_TSF); 2905 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 2906 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2907 WPI_CONFIG_24GHZ); 2908 } 2909 sc->config.filter = 0; 2910 switch (ic->ic_opmode) { 2911 case IEEE80211_M_STA: 2912 sc->config.mode = WPI_MODE_STA; 2913 sc->config.filter |= htole32(WPI_FILTER_MULTICAST); 2914 break; 2915 case IEEE80211_M_IBSS: 2916 case IEEE80211_M_AHDEMO: 2917 sc->config.mode = WPI_MODE_IBSS; 2918 break; 2919 case IEEE80211_M_HOSTAP: 2920 sc->config.mode = WPI_MODE_HOSTAP; 2921 break; 2922 case IEEE80211_M_MONITOR: 2923 sc->config.mode = WPI_MODE_MONITOR; 2924 sc->config.filter |= htole32(WPI_FILTER_MULTICAST | 2925 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2926 break; 2927 } 2928 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 2929 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 2930 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2931 sizeof (struct wpi_config), 0); 2932 if (error != 0) { 2933 aprint_error_dev(sc->sc_dev, "configure command failed\n"); 2934 return error; 2935 } 2936 2937 /* configuration has changed, set Tx power accordingly */ 2938 if ((error = wpi_set_txpower(sc, ic->ic_ibss_chan, 0)) != 0) { 2939 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 2940 return error; 2941 } 2942 2943 /* add broadcast node */ 2944 memset(&node, 0, sizeof node); 2945 IEEE80211_ADDR_COPY(node.bssid, etherbroadcastaddr); 2946 node.id = WPI_ID_BROADCAST; 2947 node.rate = wpi_plcp_signal(2); 2948 node.action = htole32(WPI_ACTION_SET_RATE); 2949 node.antenna = WPI_ANTENNA_BOTH; 2950 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0); 2951 if (error != 0) { 2952 aprint_error_dev(sc->sc_dev, "could not add broadcast node\n"); 2953 return error; 2954 } 2955 2956 if ((error = wpi_mrr_setup(sc)) != 0) { 2957 aprint_error_dev(sc->sc_dev, "could not setup MRR\n"); 2958 return error; 2959 } 2960 2961 return 0; 2962} 2963 2964static void 2965wpi_stop_master(struct wpi_softc *sc) 2966{ 2967 uint32_t tmp; 2968 int ntries; 2969 2970 tmp = WPI_READ(sc, WPI_RESET); 2971 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER); 2972 2973 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2974 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 2975 return; /* already asleep */ 2976 2977 for (ntries = 0; ntries < 100; ntries++) { 2978 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 2979 break; 2980 DELAY(10); 2981 } 2982 if (ntries == 100) { 2983 aprint_error_dev(sc->sc_dev, "timeout waiting for master\n"); 2984 } 2985} 2986 2987static int 2988wpi_power_up(struct wpi_softc *sc) 2989{ 2990 uint32_t tmp; 2991 int ntries; 2992 2993 wpi_mem_lock(sc); 2994 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 2995 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 2996 wpi_mem_unlock(sc); 2997 2998 for (ntries = 0; ntries < 5000; ntries++) { 2999 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 3000 break; 3001 DELAY(10); 3002 } 3003 if (ntries == 5000) { 3004 aprint_error_dev(sc->sc_dev, 3005 "timeout waiting for NIC to power up\n"); 3006 return ETIMEDOUT; 3007 } 3008 return 0; 3009} 3010 3011static int 3012wpi_reset(struct wpi_softc *sc) 3013{ 3014 uint32_t tmp; 3015 int ntries; 3016 3017 /* clear any pending interrupts */ 3018 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3019 3020 tmp = WPI_READ(sc, WPI_PLL_CTL); 3021 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 3022 3023 tmp = WPI_READ(sc, WPI_CHICKEN); 3024 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 3025 3026 tmp = WPI_READ(sc, WPI_GPIO_CTL); 3027 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 3028 3029 /* wait for clock stabilization */ 3030 for (ntries = 0; ntries < 1000; ntries++) { 3031 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 3032 break; 3033 DELAY(10); 3034 } 3035 if (ntries == 1000) { 3036 aprint_error_dev(sc->sc_dev, 3037 "timeout waiting for clock stabilization\n"); 3038 return ETIMEDOUT; 3039 } 3040 3041 /* initialize EEPROM */ 3042 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 3043 if ((tmp & WPI_EEPROM_VERSION) == 0) { 3044 aprint_error_dev(sc->sc_dev, "EEPROM not found\n"); 3045 return EIO; 3046 } 3047 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 3048 3049 return 0; 3050} 3051 3052static void 3053wpi_hw_config(struct wpi_softc *sc) 3054{ 3055 uint32_t rev, hw; 3056 3057 /* voodoo from the reference driver */ 3058 hw = WPI_READ(sc, WPI_HWCONFIG); 3059 3060 rev = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 3061 rev = PCI_REVISION(rev); 3062 if ((rev & 0xc0) == 0x40) 3063 hw |= WPI_HW_ALM_MB; 3064 else if (!(rev & 0x80)) 3065 hw |= WPI_HW_ALM_MM; 3066 3067 if (sc->cap == 0x80) 3068 hw |= WPI_HW_SKU_MRC; 3069 3070 hw &= ~WPI_HW_REV_D; 3071 if ((le16toh(sc->rev) & 0xf0) == 0xd0) 3072 hw |= WPI_HW_REV_D; 3073 3074 if (sc->type > 1) 3075 hw |= WPI_HW_TYPE_B; 3076 3077 DPRINTF(("setting h/w config %x\n", hw)); 3078 WPI_WRITE(sc, WPI_HWCONFIG, hw); 3079} 3080 3081static int 3082wpi_init(struct ifnet *ifp) 3083{ 3084 struct wpi_softc *sc = ifp->if_softc; 3085 struct ieee80211com *ic = &sc->sc_ic; 3086 uint32_t tmp; 3087 int qid, ntries, error; 3088 3089 wpi_stop(ifp,1); 3090 (void)wpi_reset(sc); 3091 3092 wpi_mem_lock(sc); 3093 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 3094 DELAY(20); 3095 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 3096 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 3097 wpi_mem_unlock(sc); 3098 3099 (void)wpi_power_up(sc); 3100 wpi_hw_config(sc); 3101 3102 /* init Rx ring */ 3103 wpi_mem_lock(sc); 3104 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr); 3105 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr + 3106 offsetof(struct wpi_shared, next)); 3107 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7); 3108 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 3109 wpi_mem_unlock(sc); 3110 3111 /* init Tx rings */ 3112 wpi_mem_lock(sc); 3113 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 3114 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 3115 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 3116 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 3117 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 3118 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 3119 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 3120 3121 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr); 3122 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 3123 3124 for (qid = 0; qid < 6; qid++) { 3125 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 3126 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 3127 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 3128 } 3129 wpi_mem_unlock(sc); 3130 3131 /* clear "radio off" and "disable command" bits (reversed logic) */ 3132 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3133 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 3134 3135 /* clear any pending interrupts */ 3136 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3137 /* enable interrupts */ 3138 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 3139 3140 /* not sure why/if this is necessary... */ 3141 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3142 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3143 3144 if ((error = wpi_load_firmware(sc)) != 0) 3145 /* wpi_load_firmware prints error messages for us. */ 3146 goto fail1; 3147 3148 /* Check the status of the radio switch */ 3149 if (wpi_getrfkill(sc)) { 3150 aprint_error_dev(sc->sc_dev, 3151 "radio is disabled by hardware switch\n"); 3152 error = EBUSY; 3153 goto fail1; 3154 } 3155 3156 /* wait for thermal sensors to calibrate */ 3157 for (ntries = 0; ntries < 1000; ntries++) { 3158 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0) 3159 break; 3160 DELAY(10); 3161 } 3162 if (ntries == 1000) { 3163 aprint_error_dev(sc->sc_dev, 3164 "timeout waiting for thermal sensors calibration\n"); 3165 error = ETIMEDOUT; 3166 goto fail1; 3167 } 3168 DPRINTF(("temperature %d\n", sc->temp)); 3169 3170 if ((error = wpi_config(sc)) != 0) { 3171 aprint_error_dev(sc->sc_dev, "could not configure device\n"); 3172 goto fail1; 3173 } 3174 3175 ifp->if_flags &= ~IFF_OACTIVE; 3176 ifp->if_flags |= IFF_RUNNING; 3177 3178 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3179 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3180 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3181 } 3182 else 3183 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3184 3185 return 0; 3186 3187fail1: wpi_stop(ifp, 1); 3188 return error; 3189} 3190 3191static void 3192wpi_stop(struct ifnet *ifp, int disable) 3193{ 3194 struct wpi_softc *sc = ifp->if_softc; 3195 struct ieee80211com *ic = &sc->sc_ic; 3196 uint32_t tmp; 3197 int ac; 3198 3199 ifp->if_timer = sc->sc_tx_timer = 0; 3200 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3201 3202 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3203 3204 /* disable interrupts */ 3205 WPI_WRITE(sc, WPI_MASK, 0); 3206 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 3207 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 3208 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 3209 3210 wpi_mem_lock(sc); 3211 wpi_mem_write(sc, WPI_MEM_MODE, 0); 3212 wpi_mem_unlock(sc); 3213 3214 /* reset all Tx rings */ 3215 for (ac = 0; ac < 4; ac++) 3216 wpi_reset_tx_ring(sc, &sc->txq[ac]); 3217 wpi_reset_tx_ring(sc, &sc->cmdq); 3218 3219 /* reset Rx ring */ 3220 wpi_reset_rx_ring(sc, &sc->rxq); 3221 3222 wpi_mem_lock(sc); 3223 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 3224 wpi_mem_unlock(sc); 3225 3226 DELAY(5); 3227 3228 wpi_stop_master(sc); 3229 3230 tmp = WPI_READ(sc, WPI_RESET); 3231 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 3232} 3233 3234static bool 3235wpi_resume(device_t dv, const pmf_qual_t *qual) 3236{ 3237 struct wpi_softc *sc = device_private(dv); 3238 3239 (void)wpi_reset(sc); 3240 3241 return true; 3242} 3243 3244/* 3245 * Return whether or not the radio is enabled in hardware 3246 * (i.e. the rfkill switch is "off"). 3247 */ 3248static int 3249wpi_getrfkill(struct wpi_softc *sc) 3250{ 3251 uint32_t tmp; 3252 3253 wpi_mem_lock(sc); 3254 tmp = wpi_mem_read(sc, WPI_MEM_RFKILL); 3255 wpi_mem_unlock(sc); 3256 3257 return !(tmp & 0x01); 3258} 3259 3260static int 3261wpi_sysctl_radio(SYSCTLFN_ARGS) 3262{ 3263 struct sysctlnode node; 3264 struct wpi_softc *sc; 3265 int val, error; 3266 3267 node = *rnode; 3268 sc = (struct wpi_softc *)node.sysctl_data; 3269 3270 val = !wpi_getrfkill(sc); 3271 3272 node.sysctl_data = &val; 3273 error = sysctl_lookup(SYSCTLFN_CALL(&node)); 3274 3275 if (error || newp == NULL) 3276 return error; 3277 3278 return 0; 3279} 3280 3281static void 3282wpi_sysctlattach(struct wpi_softc *sc) 3283{ 3284 int rc; 3285 const struct sysctlnode *rnode; 3286 const struct sysctlnode *cnode; 3287 3288 struct sysctllog **clog = &sc->sc_sysctllog; 3289 3290 if ((rc = sysctl_createv(clog, 0, NULL, &rnode, 3291 CTLFLAG_PERMANENT, CTLTYPE_NODE, device_xname(sc->sc_dev), 3292 SYSCTL_DESCR("wpi controls and statistics"), 3293 NULL, 0, NULL, 0, CTL_HW, CTL_CREATE, CTL_EOL)) != 0) 3294 goto err; 3295 3296 if ((rc = sysctl_createv(clog, 0, &rnode, &cnode, 3297 CTLFLAG_PERMANENT, CTLTYPE_INT, "radio", 3298 SYSCTL_DESCR("radio transmitter switch state (0=off, 1=on)"), 3299 wpi_sysctl_radio, 0, (void *)sc, 0, CTL_CREATE, CTL_EOL)) != 0) 3300 goto err; 3301 3302#ifdef WPI_DEBUG 3303 /* control debugging printfs */ 3304 if ((rc = sysctl_createv(clog, 0, &rnode, &cnode, 3305 CTLFLAG_PERMANENT|CTLFLAG_READWRITE, CTLTYPE_INT, 3306 "debug", SYSCTL_DESCR("Enable debugging output"), 3307 NULL, 0, &wpi_debug, 0, CTL_CREATE, CTL_EOL)) != 0) 3308 goto err; 3309#endif 3310 3311 return; 3312err: 3313 aprint_error("%s: sysctl_createv failed (rc = %d)\n", __func__, rc); 3314} 3315