if_iwn.c revision 1.17
1 /* $NetBSD: if_iwn.c,v 1.17 2008/08/18 21:19:22 cube Exp $ */ 2 3 /*- 4 * Copyright (c) 2007 5 * Damien Bergamini <damien.bergamini (at) free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __KERNEL_RCSID(0, "$NetBSD: if_iwn.c,v 1.17 2008/08/18 21:19:22 cube Exp $"); 22 23 24 /* 25 * Driver for Intel Wireless WiFi Link 4965AGN 802.11 network adapters. 26 */ 27 28 #include "bpfilter.h" 29 30 #include <sys/param.h> 31 #include <sys/sockio.h> 32 #include <sys/sysctl.h> 33 #include <sys/mbuf.h> 34 #include <sys/kernel.h> 35 #include <sys/socket.h> 36 #include <sys/systm.h> 37 #include <sys/malloc.h> 38 #include <sys/mutex.h> 39 #include <sys/conf.h> 40 #include <sys/kauth.h> 41 #include <sys/callout.h> 42 43 #include <machine/bus.h> 44 #include <machine/endian.h> 45 #include <machine/intr.h> 46 47 #include <dev/pci/pcireg.h> 48 #include <dev/pci/pcivar.h> 49 #include <dev/pci/pcidevs.h> 50 51 #if NBPFILTER > 0 52 #include <net/bpf.h> 53 #endif 54 #include <net/if.h> 55 #include <net/if_arp.h> 56 #include <net/if_dl.h> 57 #include <net/if_media.h> 58 #include <net/if_types.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_systm.h> 62 #include <netinet/in_var.h> 63 #include <net/if_ether.h> 64 #include <netinet/ip.h> 65 66 #include <net80211/ieee80211_var.h> 67 #include <net80211/ieee80211_amrr.h> 68 #include <net80211/ieee80211_radiotap.h> 69 70 #include <dev/firmload.h> 71 72 #include <dev/pci/if_iwnreg.h> 73 #include <dev/pci/if_iwnvar.h> 74 75 #if 0 76 static const struct pci_matchid iwn_devices[] = { 77 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_4965AGN_1 }, 78 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_PRO_WL_4965AGN_2 } 79 }; 80 #endif 81 82 /* 83 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 84 */ 85 static const struct ieee80211_rateset iwn_rateset_11a = 86 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 87 88 static const struct ieee80211_rateset iwn_rateset_11b = 89 { 4, { 2, 4, 11, 22 } }; 90 91 static const struct ieee80211_rateset iwn_rateset_11g = 92 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 93 94 95 #define EDCA_NUM_AC 4 96 static int iwn_match(device_t , struct cfdata *, void *); 97 static void iwn_attach(device_t , device_t, void *); 98 static int iwn_detach(device_t, int); 99 100 static void iwn_radiotap_attach(struct iwn_softc *); 101 static int iwn_dma_contig_alloc(bus_dma_tag_t, struct iwn_dma_info *, 102 void **, bus_size_t, bus_size_t, int); 103 static void iwn_dma_contig_free(struct iwn_dma_info *); 104 static int iwn_alloc_shared(struct iwn_softc *); 105 static void iwn_free_shared(struct iwn_softc *); 106 static int iwn_alloc_kw(struct iwn_softc *); 107 static void iwn_free_kw(struct iwn_softc *); 108 static int iwn_alloc_fwmem(struct iwn_softc *); 109 static void iwn_free_fwmem(struct iwn_softc *); 110 static struct iwn_rbuf *iwn_alloc_rbuf(struct iwn_softc *); 111 static void iwn_free_rbuf(struct mbuf *, void *, size_t, void *); 112 static int iwn_alloc_rpool(struct iwn_softc *); 113 static void iwn_free_rpool(struct iwn_softc *); 114 static int iwn_alloc_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 115 static void iwn_reset_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 116 static void iwn_free_rx_ring(struct iwn_softc *, struct iwn_rx_ring *); 117 static int iwn_alloc_tx_ring(struct iwn_softc *, struct iwn_tx_ring *, 118 int, int); 119 static void iwn_reset_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 120 static void iwn_free_tx_ring(struct iwn_softc *, struct iwn_tx_ring *); 121 static struct ieee80211_node *iwn_node_alloc(struct ieee80211_node_table *); 122 static void iwn_newassoc(struct ieee80211_node *, int); 123 static int iwn_media_change(struct ifnet *); 124 static int iwn_newstate(struct ieee80211com *, enum ieee80211_state, int); 125 static void iwn_mem_lock(struct iwn_softc *); 126 static void iwn_mem_unlock(struct iwn_softc *); 127 static uint32_t iwn_mem_read(struct iwn_softc *, uint32_t); 128 static void iwn_mem_write(struct iwn_softc *, uint32_t, uint32_t); 129 static void iwn_mem_write_region_4(struct iwn_softc *, uint32_t, 130 const uint32_t *, int); 131 static int iwn_eeprom_lock(struct iwn_softc *); 132 static void iwn_eeprom_unlock(struct iwn_softc *); 133 static int iwn_read_prom_data(struct iwn_softc *, uint32_t, void *, int); 134 static int iwn_load_microcode(struct iwn_softc *, const uint8_t *, int); 135 static int iwn_load_firmware(struct iwn_softc *); 136 static void iwn_calib_timeout(void *); 137 static void iwn_iter_func(void *, struct ieee80211_node *); 138 static void iwn_ampdu_rx_start(struct iwn_softc *, struct iwn_rx_desc *); 139 static void iwn_rx_intr(struct iwn_softc *, struct iwn_rx_desc *, 140 struct iwn_rx_data *); 141 static void iwn_rx_statistics(struct iwn_softc *, struct iwn_rx_desc *); 142 static void iwn_tx_intr(struct iwn_softc *, struct iwn_rx_desc *); 143 static void iwn_cmd_intr(struct iwn_softc *, struct iwn_rx_desc *); 144 static void iwn_notif_intr(struct iwn_softc *); 145 static int iwn_intr(void *); 146 static void iwn_read_eeprom(struct iwn_softc *); 147 static void iwn_read_eeprom_channels(struct iwn_softc *, int); 148 static uint8_t iwn_plcp_signal(int); 149 static int iwn_tx_data(struct iwn_softc *, struct mbuf *, 150 struct ieee80211_node *, int); 151 static void iwn_start(struct ifnet *); 152 static void iwn_watchdog(struct ifnet *); 153 static int iwn_ioctl(struct ifnet *, u_long, void *); 154 static int iwn_cmd(struct iwn_softc *, int, const void *, int, int); 155 static int iwn_wme_update(struct ieee80211com *); 156 static int iwn_setup_node_mrr(struct iwn_softc *, uint8_t, int); 157 static void iwn_set_led(struct iwn_softc *, uint8_t, uint8_t, uint8_t); 158 static int iwn_set_critical_temp(struct iwn_softc *); 159 static void iwn_enable_tsf(struct iwn_softc *, struct ieee80211_node *); 160 static void iwn_power_calibration(struct iwn_softc *, int); 161 static int iwn_set_txpower(struct iwn_softc *, 162 struct ieee80211_channel *, int); 163 static int iwn_get_rssi(const struct iwn_rx_stat *); 164 static int iwn_get_noise(const struct iwn_rx_general_stats *); 165 static int iwn_get_temperature(struct iwn_softc *); 166 static int iwn_init_sensitivity(struct iwn_softc *); 167 static void iwn_compute_differential_gain(struct iwn_softc *, 168 const struct iwn_rx_general_stats *); 169 static void iwn_tune_sensitivity(struct iwn_softc *, 170 const struct iwn_rx_stats *); 171 static int iwn_send_sensitivity(struct iwn_softc *); 172 /*static int iwn_setup_beacon(struct iwn_softc *, struct ieee80211_node *);*/ 173 static int iwn_auth(struct iwn_softc *); 174 static int iwn_run(struct iwn_softc *); 175 static int iwn_scan(struct iwn_softc *, uint16_t); 176 static int iwn_config(struct iwn_softc *); 177 static void iwn_post_alive(struct iwn_softc *); 178 static void iwn_stop_master(struct iwn_softc *); 179 static int iwn_reset(struct iwn_softc *); 180 static void iwn_hw_config(struct iwn_softc *); 181 static int iwn_init(struct ifnet *); 182 static void iwn_stop(struct ifnet *, int); 183 static void iwn_fix_channel(struct ieee80211com *, struct mbuf *); 184 static bool iwn_resume(device_t PMF_FN_PROTO); 185 static int iwn_add_node(struct iwn_softc *sc, 186 struct ieee80211_node *ni, bool broadcast, bool async); 187 188 189 190 #define IWN_DEBUG 191 192 #ifdef IWN_DEBUG 193 #define DPRINTF(x) do { if (iwn_debug > 0) printf x; } while (0) 194 #define DPRINTFN(n, x) do { if (iwn_debug >= (n)) printf x; } while (0) 195 int iwn_debug = 0; 196 #else 197 #define DPRINTF(x) 198 #define DPRINTFN(n, x) 199 #endif 200 201 #ifdef IWN_DEBUG 202 static void iwn_print_power_group(struct iwn_softc *, int); 203 #endif 204 205 CFATTACH_DECL_NEW(iwn, sizeof(struct iwn_softc), iwn_match, iwn_attach, 206 iwn_detach, NULL); 207 208 static int 209 iwn_match(device_t parent, struct cfdata *match __unused, void *aux) 210 { 211 struct pci_attach_args *pa = aux; 212 213 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 214 return 0; 215 216 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_4965AGN_1 || 217 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_4965AGN_2) 218 return 1; 219 220 return 0; 221 } 222 223 /* Base Address Register */ 224 #define IWN_PCI_BAR0 0x10 225 226 static void 227 iwn_attach(device_t parent __unused, device_t self, void *aux) 228 { 229 struct iwn_softc *sc = device_private(self); 230 struct ieee80211com *ic = &sc->sc_ic; 231 struct ifnet *ifp = &sc->sc_ec.ec_if; 232 struct pci_attach_args *pa = aux; 233 const char *intrstr; 234 char devinfo[256]; 235 pci_intr_handle_t ih; 236 pcireg_t memtype, data; 237 int i, error, revision; 238 239 sc->sc_dev = self; 240 sc->sc_pct = pa->pa_pc; 241 sc->sc_pcitag = pa->pa_tag; 242 243 callout_init(&sc->calib_to, 0); 244 callout_setfunc(&sc->calib_to, iwn_calib_timeout, sc); 245 246 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 247 revision = PCI_REVISION(pa->pa_class); 248 aprint_normal(": %s (rev. 0x%2x)\n", devinfo, revision); 249 250 251 /* clear device specific PCI configuration register 0x41 */ 252 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 253 data &= ~0x0000ff00; 254 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 255 256 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 257 data |= PCI_COMMAND_MASTER_ENABLE; 258 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 259 260 /* enable bus-mastering */ 261 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 262 data |= PCI_COMMAND_MASTER_ENABLE; 263 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 264 265 /* map the register window */ 266 memtype = pci_mapreg_type(pa->pa_pc, pa->pa_tag, IWN_PCI_BAR0); 267 error = pci_mapreg_map(pa, IWN_PCI_BAR0, memtype, 0, &sc->sc_st, 268 &sc->sc_sh, NULL, &sc->sc_sz); 269 if (error != 0) { 270 aprint_error_dev(self, "could not map memory space\n"); 271 return; 272 } 273 274 sc->sc_dmat = pa->pa_dmat; 275 276 if (pci_intr_map(pa, &ih) != 0) { 277 aprint_error_dev(self, "could not map interrupt\n"); 278 return; 279 } 280 281 intrstr = pci_intr_string(sc->sc_pct, ih); 282 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, iwn_intr, sc); 283 284 if (sc->sc_ih == NULL) { 285 aprint_error_dev(self, "could not establish interrupt"); 286 if (intrstr != NULL) 287 aprint_error(" at %s", intrstr); 288 aprint_error("\n"); 289 return; 290 } 291 aprint_normal_dev(self, "interrupting at %s\n", intrstr); 292 293 if (iwn_reset(sc) != 0) { 294 aprint_error_dev(self, "could not reset adapter\n"); 295 return; 296 } 297 298 /* 299 * Allocate DMA memory for firmware transfers. 300 */ 301 if ((error = iwn_alloc_fwmem(sc)) != 0) { 302 aprint_error_dev(self, "could not allocate firmware memory\n"); 303 return; 304 } 305 306 /* 307 * Allocate a "keep warm" page. 308 */ 309 if ((error = iwn_alloc_kw(sc)) != 0) { 310 aprint_error_dev(self, "could not allocate keep warm page\n"); 311 goto fail1; 312 } 313 314 /* 315 * Allocate shared area (communication area). 316 */ 317 if ((error = iwn_alloc_shared(sc)) != 0) { 318 aprint_error_dev(self, "could not allocate shared area\n"); 319 goto fail2; 320 } 321 322 /* 323 * Allocate Rx buffers and Tx/Rx rings. 324 */ 325 if ((error = iwn_alloc_rpool(sc)) != 0) { 326 aprint_error_dev(self, "could not allocate Rx buffers\n"); 327 goto fail3; 328 } 329 330 for (i = 0; i < IWN_NTXQUEUES; i++) { 331 struct iwn_tx_ring *txq = &sc->txq[i]; 332 error = iwn_alloc_tx_ring(sc, txq, IWN_TX_RING_COUNT, i); 333 if (error != 0) { 334 aprint_error_dev(self, "could not allocate Tx ring %d\n", i); 335 goto fail4; 336 } 337 } 338 339 if (iwn_alloc_rx_ring(sc, &sc->rxq) != 0) { 340 aprint_error_dev(self, "could not allocate Rx ring\n"); 341 goto fail4; 342 } 343 344 345 ic->ic_ifp = ifp; 346 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 347 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 348 ic->ic_state = IEEE80211_S_INIT; 349 350 /* set device capabilities */ 351 ic->ic_caps = 352 IEEE80211_C_IBSS | /* IBSS mode support */ 353 IEEE80211_C_WPA | /* 802.11i */ 354 IEEE80211_C_MONITOR | /* monitor mode supported */ 355 IEEE80211_C_TXPMGT | /* tx power management */ 356 IEEE80211_C_SHSLOT | /* short slot time supported */ 357 IEEE80211_C_SHPREAMBLE| /* short preamble supported */ 358 IEEE80211_C_WME; /* 802.11e */ 359 360 /* read supported channels and MAC address from EEPROM */ 361 iwn_read_eeprom(sc); 362 363 /* set supported .11a, .11b and .11g rates */ 364 ic->ic_sup_rates[IEEE80211_MODE_11A] = iwn_rateset_11a; 365 ic->ic_sup_rates[IEEE80211_MODE_11B] = iwn_rateset_11b; 366 ic->ic_sup_rates[IEEE80211_MODE_11G] = iwn_rateset_11g; 367 368 /* IBSS channel undefined for now */ 369 ic->ic_ibss_chan = &ic->ic_channels[0]; 370 371 ifp->if_softc = sc; 372 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 373 ifp->if_init = iwn_init; 374 ifp->if_stop = iwn_stop; 375 ifp->if_ioctl = iwn_ioctl; 376 ifp->if_start = iwn_start; 377 ifp->if_watchdog = iwn_watchdog; 378 IFQ_SET_READY(&ifp->if_snd); 379 memcpy(ifp->if_xname, device_xname(self), IFNAMSIZ); 380 381 if_attach(ifp); 382 ieee80211_ifattach(ic); 383 ic->ic_node_alloc = iwn_node_alloc; 384 ic->ic_newassoc = iwn_newassoc; 385 ic->ic_wme.wme_update = iwn_wme_update; 386 387 /* override state transition machine */ 388 sc->sc_newstate = ic->ic_newstate; 389 ic->ic_newstate = iwn_newstate; 390 ieee80211_media_init(ic, iwn_media_change, ieee80211_media_status); 391 392 sc->amrr.amrr_min_success_threshold = 1; 393 sc->amrr.amrr_max_success_threshold = 15; 394 395 if (!pmf_device_register(self, NULL, iwn_resume)) 396 aprint_error_dev(self, "couldn't establish power handler\n"); 397 else 398 pmf_class_network_register(self, ifp); 399 400 iwn_radiotap_attach(sc); 401 402 ieee80211_announce(ic); 403 404 return; 405 406 /* free allocated memory if something failed during attachment */ 407 fail4: while (--i >= 0) 408 iwn_free_tx_ring(sc, &sc->txq[i]); 409 iwn_free_rpool(sc); 410 fail3: iwn_free_shared(sc); 411 fail2: iwn_free_kw(sc); 412 fail1: iwn_free_fwmem(sc); 413 } 414 415 static int 416 iwn_detach(struct device* self, int flags __unused) 417 { 418 struct iwn_softc *sc = (struct iwn_softc *)self; 419 struct ifnet *ifp = sc->sc_ic.ic_ifp; 420 int ac; 421 422 iwn_stop(ifp, 1); 423 424 #if NBPFILTER > 0 425 if (ifp != NULL) 426 bpfdetach(ifp); 427 #endif 428 ieee80211_ifdetach(&sc->sc_ic); 429 if (ifp != NULL) 430 if_detach(ifp); 431 432 for (ac = 0; ac < IWN_NTXQUEUES; ac++) 433 iwn_free_tx_ring(sc, &sc->txq[ac]); 434 iwn_free_rx_ring(sc, &sc->rxq); 435 iwn_free_rpool(sc); 436 iwn_free_shared(sc); 437 438 if (sc->sc_ih != NULL) { 439 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 440 sc->sc_ih = NULL; 441 } 442 443 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 444 445 return 0; 446 } 447 448 /* 449 * Attach the interface to 802.11 radiotap. 450 */ 451 static void 452 iwn_radiotap_attach(struct iwn_softc *sc) 453 { 454 struct ifnet *ifp = sc->sc_ic.ic_ifp; 455 456 #if NBPFILTER > 0 457 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 458 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 459 &sc->sc_drvbpf); 460 461 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 462 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 463 sc->sc_rxtap.wr_ihdr.it_present = htole32(IWN_RX_RADIOTAP_PRESENT); 464 465 sc->sc_txtap_len = sizeof sc->sc_txtapu; 466 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 467 sc->sc_txtap.wt_ihdr.it_present = htole32(IWN_TX_RADIOTAP_PRESENT); 468 #endif 469 } 470 471 472 /* 473 * Build a beacon frame that the firmware will broadcast periodically in 474 * IBSS or HostAP modes. 475 */ 476 static int 477 iwn_setup_beacon(struct iwn_softc *sc, struct ieee80211_node *ni) 478 { 479 struct ieee80211com *ic = &sc->sc_ic; 480 struct iwn_tx_ring *ring = &sc->txq[4]; 481 struct iwn_tx_desc *desc; 482 struct iwn_tx_data *data; 483 struct iwn_tx_cmd *cmd; 484 struct iwn_cmd_beacon *bcn; 485 struct ieee80211_beacon_offsets bo; 486 struct mbuf *m0; 487 bus_addr_t paddr; 488 int error; 489 490 desc = &ring->desc[ring->cur]; 491 data = &ring->data[ring->cur]; 492 493 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 494 if (m0 == NULL) { 495 aprint_error_dev(sc->sc_dev, "could not allocate beacon frame\n"); 496 return ENOMEM; 497 } 498 499 cmd = &ring->cmd[ring->cur]; 500 cmd->code = IWN_CMD_SET_BEACON; 501 cmd->flags = 0; 502 cmd->qid = ring->qid; 503 cmd->idx = ring->cur; 504 505 bcn = (struct iwn_cmd_beacon *)cmd->data; 506 memset(bcn, 0, sizeof (struct iwn_cmd_beacon)); 507 bcn->id = IWN_ID_BROADCAST; 508 bcn->ofdm_mask = 0xff; 509 bcn->cck_mask = 0x0f; 510 bcn->lifetime = htole32(IWN_LIFETIME_INFINITE); 511 bcn->len = htole16(m0->m_pkthdr.len); 512 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 513 iwn_plcp_signal(12) : iwn_plcp_signal(2); 514 bcn->flags = htole32(IWN_TX_AUTO_SEQ | IWN_TX_INSERT_TSTAMP); 515 516 /* save and trim IEEE802.11 header */ 517 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (void *)&bcn->wh); 518 m_adj(m0, sizeof (struct ieee80211_frame)); 519 520 /* assume beacon frame is contiguous */ 521 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 522 BUS_DMA_READ | BUS_DMA_NOWAIT); 523 if (error) { 524 aprint_error_dev(sc->sc_dev, "could not map beacon\n"); 525 m_freem(m0); 526 return error; 527 } 528 529 data->m = m0; 530 531 /* first scatter/gather segment is used by the beacon command */ 532 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 533 534 IWN_SET_DESC_NSEGS(desc, 2); 535 IWN_SET_DESC_SEG(desc, 0, paddr , 4 + sizeof(struct iwn_cmd_beacon)); 536 IWN_SET_DESC_SEG(desc, 1, data->map->dm_segs[0].ds_addr, 537 data->map->dm_segs[1].ds_len); 538 539 540 /* kick cmd ring */ 541 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 542 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 543 544 return 0; 545 } 546 547 static int 548 iwn_dma_contig_alloc(bus_dma_tag_t tag, struct iwn_dma_info *dma, void **kvap, 549 bus_size_t size, bus_size_t alignment, int flags) 550 { 551 int nsegs, error; 552 553 dma->tag = tag; 554 dma->size = size; 555 556 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 557 if (error != 0) 558 goto fail; 559 560 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 561 flags); 562 if (error != 0) 563 goto fail; 564 565 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 566 if (error != 0) 567 goto fail; 568 569 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, flags); 570 if (error != 0) 571 goto fail; 572 573 memset(dma->vaddr, 0, size); 574 575 dma->paddr = dma->map->dm_segs[0].ds_addr; 576 if (kvap != NULL) 577 *kvap = dma->vaddr; 578 579 return 0; 580 581 fail: iwn_dma_contig_free(dma); 582 return error; 583 } 584 585 static void 586 iwn_dma_contig_free(struct iwn_dma_info *dma) 587 { 588 if (dma->map != NULL) { 589 if (dma->vaddr != NULL) { 590 bus_dmamap_unload(dma->tag, dma->map); 591 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 592 bus_dmamem_free(dma->tag, &dma->seg, 1); 593 dma->vaddr = NULL; 594 } 595 bus_dmamap_destroy(dma->tag, dma->map); 596 dma->map = NULL; 597 } 598 } 599 600 static int 601 iwn_alloc_shared(struct iwn_softc *sc) 602 { 603 int error; 604 void *p; 605 /* must be aligned on a 1KB boundary */ 606 error = iwn_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 607 &p, sizeof (struct iwn_shared), 1024,BUS_DMA_NOWAIT); 608 sc->shared = p; 609 if (error != 0) 610 aprint_error_dev(sc->sc_dev, 611 "could not allocate shared area DMA memory\n"); 612 613 return error; 614 615 } 616 617 static void 618 iwn_free_shared(struct iwn_softc *sc) 619 { 620 iwn_dma_contig_free(&sc->shared_dma); 621 } 622 623 static int 624 iwn_alloc_kw(struct iwn_softc *sc) 625 { 626 /* must be aligned on a 16-byte boundary */ 627 return iwn_dma_contig_alloc(sc->sc_dmat, &sc->kw_dma, NULL, 628 PAGE_SIZE, PAGE_SIZE, BUS_DMA_NOWAIT); 629 } 630 631 static void 632 iwn_free_kw(struct iwn_softc *sc) 633 { 634 iwn_dma_contig_free(&sc->kw_dma); 635 } 636 637 static int 638 iwn_alloc_fwmem(struct iwn_softc *sc) 639 { 640 int error; 641 /* allocate enough contiguous space to store text and data */ 642 error = iwn_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 643 IWN_FW_MAIN_TEXT_MAXSZ + IWN_FW_MAIN_DATA_MAXSZ, 16, 644 BUS_DMA_NOWAIT); 645 646 if (error != 0){ 647 aprint_error_dev(sc->sc_dev, 648 "could not allocate firmware transfer area DMA memory\n" ); 649 650 } 651 return error; 652 } 653 654 static void 655 iwn_free_fwmem(struct iwn_softc *sc) 656 { 657 iwn_dma_contig_free(&sc->fw_dma); 658 } 659 660 static struct iwn_rbuf * 661 iwn_alloc_rbuf(struct iwn_softc *sc) 662 { 663 struct iwn_rbuf *rbuf; 664 665 mutex_enter(&sc->rxq.freelist_mtx); 666 rbuf = SLIST_FIRST(&sc->rxq.freelist); 667 if (rbuf != NULL) { 668 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 669 sc->rxq.nb_free_entries --; 670 } 671 mutex_exit(&sc->rxq.freelist_mtx); 672 673 return rbuf; 674 } 675 676 /* 677 * This is called automatically by the network stack when the mbuf to which 678 * our Rx buffer is attached is freed. 679 */ 680 static void 681 iwn_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 682 { 683 struct iwn_rbuf *rbuf = arg; 684 struct iwn_softc *sc = rbuf->sc; 685 686 /* put the buffer back in the free list */ 687 mutex_enter(&sc->rxq.freelist_mtx); 688 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 689 mutex_exit(&sc->rxq.freelist_mtx); 690 sc->rxq.nb_free_entries ++; 691 692 if (__predict_true(m != NULL)) 693 pool_cache_put(mb_cache, m); 694 } 695 696 697 static int 698 iwn_alloc_rpool(struct iwn_softc *sc) 699 { 700 struct iwn_rx_ring *ring = &sc->rxq; 701 struct iwn_rbuf *rbuf; 702 int i, error; 703 704 mutex_init(&ring->freelist_mtx, MUTEX_DEFAULT, IPL_NET); 705 706 /* allocate a big chunk of DMA'able memory.. */ 707 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 708 IWN_RBUF_COUNT * IWN_RBUF_SIZE, IWN_BUF_ALIGN, BUS_DMA_NOWAIT); 709 if (error != 0) { 710 aprint_error_dev(sc->sc_dev, 711 "could not allocate Rx buffers DMA memory\n"); 712 return error; 713 } 714 715 /* ..and split it into chunks of "rbufsz" bytes */ 716 SLIST_INIT(&ring->freelist); 717 for (i = 0; i < IWN_RBUF_COUNT; i++) { 718 rbuf = &ring->rbuf[i]; 719 720 rbuf->sc = sc; /* backpointer for callbacks */ 721 rbuf->vaddr = (char *)ring->buf_dma.vaddr + i * IWN_RBUF_SIZE; 722 rbuf->paddr = ring->buf_dma.paddr + i * IWN_RBUF_SIZE; 723 724 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 725 } 726 ring->nb_free_entries = IWN_RBUF_COUNT; 727 return 0; 728 } 729 730 static void 731 iwn_free_rpool(struct iwn_softc *sc) 732 { 733 iwn_dma_contig_free(&sc->rxq.buf_dma); 734 } 735 736 static int 737 iwn_alloc_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 738 { 739 struct iwn_rx_data *data; 740 struct iwn_rbuf *rbuf; 741 int i, error; 742 void *p; 743 744 ring->cur = 0; 745 746 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 747 &p, IWN_RX_RING_COUNT * sizeof (struct iwn_rx_desc), 748 IWN_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 749 if (error != 0) { 750 aprint_error_dev(sc->sc_dev, 751 "could not allocate rx ring DMA memory\n"); 752 goto fail; 753 } 754 ring->desc = p; 755 756 /* 757 * Setup Rx buffers. 758 */ 759 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 760 data = &ring->data[i]; 761 762 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 763 if (data->m == NULL) { 764 aprint_error_dev(sc->sc_dev, "could not allocate rx mbuf\n"); 765 error = ENOMEM; 766 goto fail; 767 } 768 if ((rbuf = iwn_alloc_rbuf(sc)) == NULL) { 769 m_freem(data->m); 770 data->m = NULL; 771 aprint_error_dev(sc->sc_dev, "could not allocate rx buffer\n"); 772 error = ENOMEM; 773 goto fail; 774 } 775 /* attach Rx buffer to mbuf */ 776 MEXTADD(data->m, rbuf->vaddr, IWN_RBUF_SIZE, 0, iwn_free_rbuf, 777 rbuf); 778 779 data->m->m_flags |= M_EXT_RW; 780 /* Rx buffers are aligned on a 256-byte boundary */ 781 ring->desc[i] = htole32(rbuf->paddr >> 8); 782 } 783 784 return 0; 785 786 fail: iwn_free_rx_ring(sc, ring); 787 return error; 788 } 789 790 static void 791 iwn_reset_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 792 { 793 int ntries; 794 795 iwn_mem_lock(sc); 796 797 IWN_WRITE(sc, IWN_RX_CONFIG, 0); 798 for (ntries = 0; ntries < 100; ntries++) { 799 if (IWN_READ(sc, IWN_RX_STATUS) & IWN_RX_IDLE) 800 break; 801 DELAY(10); 802 } 803 #ifdef IWN_DEBUG 804 if (ntries == 100 && iwn_debug > 0) 805 aprint_error_dev(sc->sc_dev, "timeout resetting Rx ring\n"); 806 #endif 807 iwn_mem_unlock(sc); 808 809 ring->cur = 0; 810 } 811 812 static void 813 iwn_free_rx_ring(struct iwn_softc *sc, struct iwn_rx_ring *ring) 814 { 815 int i; 816 817 iwn_dma_contig_free(&ring->desc_dma); 818 819 for (i = 0; i < IWN_RX_RING_COUNT; i++) { 820 if (ring->data[i].m != NULL) 821 m_freem(ring->data[i].m); 822 } 823 } 824 825 static int 826 iwn_alloc_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring, int count, 827 int qid) 828 { 829 struct iwn_tx_data *data; 830 int i, error; 831 void *p; 832 833 ring->qid = qid; 834 ring->count = count; 835 ring->queued = 0; 836 ring->cur = 0; 837 838 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 839 &p, count * sizeof (struct iwn_tx_desc), 840 IWN_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 841 if (error != 0) { 842 aprint_error_dev(sc->sc_dev, "could not allocate tx ring DMA memory\n"); 843 goto fail; 844 } 845 ring->desc = p; 846 847 error = iwn_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 848 &p, count * sizeof (struct iwn_tx_cmd), 4, BUS_DMA_NOWAIT); 849 if (error != 0) { 850 aprint_error_dev(sc->sc_dev, "could not allocate tx cmd DMA memory\n"); 851 goto fail; 852 } 853 ring->cmd = p; 854 855 ring->data = malloc(count * sizeof (struct iwn_tx_data), M_DEVBUF, M_NOWAIT); 856 857 if (ring->data == NULL) { 858 aprint_error_dev(sc->sc_dev,"could not allocate tx data slots\n"); 859 goto fail; 860 } 861 862 memset(ring->data, 0, count * sizeof (struct iwn_tx_data)); 863 864 for (i = 0; i < count; i++) { 865 data = &ring->data[i]; 866 867 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 868 IWN_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 869 &data->map); 870 if (error != 0) { 871 aprint_error_dev(sc->sc_dev, "could not create tx buf DMA map\n"); 872 goto fail; 873 } 874 } 875 876 return 0; 877 878 fail: iwn_free_tx_ring(sc, ring); 879 return error; 880 } 881 882 static void 883 iwn_reset_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 884 { 885 struct iwn_tx_data *data; 886 uint32_t tmp; 887 int i, ntries; 888 889 iwn_mem_lock(sc); 890 891 IWN_WRITE(sc, IWN_TX_CONFIG(ring->qid), 0); 892 for (ntries = 0; ntries < 100; ntries++) { 893 tmp = IWN_READ(sc, IWN_TX_STATUS); 894 if ((tmp & IWN_TX_IDLE(ring->qid)) == IWN_TX_IDLE(ring->qid)) 895 break; 896 DELAY(10); 897 } 898 #ifdef IWN_DEBUG 899 if (ntries == 100 && iwn_debug > 1) { 900 aprint_error_dev(sc->sc_dev, "timeout resetting Tx ring %d\n", ring->qid); 901 } 902 #endif 903 iwn_mem_unlock(sc); 904 905 for (i = 0; i < ring->count; i++) { 906 data = &ring->data[i]; 907 908 if (data->m != NULL) { 909 bus_dmamap_unload(sc->sc_dmat, data->map); 910 m_freem(data->m); 911 data->m = NULL; 912 } 913 } 914 915 ring->queued = 0; 916 ring->cur = 0; 917 } 918 919 static void 920 iwn_free_tx_ring(struct iwn_softc *sc, struct iwn_tx_ring *ring) 921 { 922 struct iwn_tx_data *data; 923 int i; 924 925 iwn_dma_contig_free(&ring->desc_dma); 926 iwn_dma_contig_free(&ring->cmd_dma); 927 928 if (ring->data != NULL) { 929 for (i = 0; i < ring->count; i++) { 930 data = &ring->data[i]; 931 932 if (data->m != NULL) { 933 bus_dmamap_unload(sc->sc_dmat, data->map); 934 m_freem(data->m); 935 } 936 } 937 free(ring->data, M_DEVBUF); 938 } 939 } 940 941 /*ARGUSED*/ 942 struct ieee80211_node * 943 iwn_node_alloc(struct ieee80211_node_table *nt __unused) 944 { 945 struct iwn_node *wn; 946 947 wn = malloc(sizeof (struct iwn_node), M_DEVBUF, M_NOWAIT); 948 949 if (wn != NULL) 950 memset(wn, 0, sizeof (struct iwn_node)); 951 return (struct ieee80211_node *)wn; 952 953 } 954 955 static void 956 iwn_newassoc(struct ieee80211_node *ni, int isnew) 957 { 958 struct iwn_softc *sc = ni->ni_ic->ic_ifp->if_softc; 959 int i; 960 961 ieee80211_amrr_node_init(&sc->amrr, &((struct iwn_node *)ni)->amn); 962 963 /* set rate to some reasonable initial value */ 964 for (i = ni->ni_rates.rs_nrates - 1; 965 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 966 i--); 967 ni->ni_txrate = i; 968 } 969 970 static int 971 iwn_media_change(struct ifnet *ifp) 972 { 973 int error; 974 975 error = ieee80211_media_change(ifp); 976 if (error != ENETRESET) 977 return error; 978 979 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 980 iwn_init(ifp); 981 982 return 0; 983 } 984 985 static int 986 iwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 987 { 988 struct ifnet *ifp = ic->ic_ifp; 989 struct iwn_softc *sc = ifp->if_softc; 990 int error; 991 992 callout_stop(&sc->calib_to); 993 994 DPRINTF(("iwn_newstate: nstate = %d, ic->ic_state = %d\n", nstate, 995 ic->ic_state)); 996 997 switch (nstate) { 998 999 case IEEE80211_S_SCAN: 1000 1001 if (sc->is_scanning) 1002 break; 1003 1004 sc->is_scanning = true; 1005 ieee80211_node_table_reset(&ic->ic_scan); 1006 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 1007 1008 /* make the link LED blink while we're scanning */ 1009 iwn_set_led(sc, IWN_LED_LINK, 20, 2); 1010 1011 if ((error = iwn_scan(sc, IEEE80211_CHAN_G)) != 0) { 1012 aprint_error_dev(sc->sc_dev, "could not initiate scan\n"); 1013 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 1014 return error; 1015 } 1016 ic->ic_state = nstate; 1017 return 0; 1018 1019 case IEEE80211_S_ASSOC: 1020 if (ic->ic_state != IEEE80211_S_RUN) 1021 break; 1022 /* FALLTHROUGH */ 1023 case IEEE80211_S_AUTH: 1024 /* reset state to handle reassociations correctly */ 1025 sc->config.associd = 0; 1026 sc->config.filter &= ~htole32(IWN_FILTER_BSS); 1027 /*sc->calib.state = IWN_CALIB_STATE_INIT;*/ 1028 1029 if ((error = iwn_auth(sc)) != 0) { 1030 aprint_error_dev(sc->sc_dev, "could not move to auth state\n"); 1031 return error; 1032 } 1033 break; 1034 1035 case IEEE80211_S_RUN: 1036 if ((error = iwn_run(sc)) != 0) { 1037 aprint_error_dev(sc->sc_dev, "could not move to run state\n"); 1038 return error; 1039 } 1040 break; 1041 1042 case IEEE80211_S_INIT: 1043 sc->is_scanning = false; 1044 break; 1045 } 1046 1047 return sc->sc_newstate(ic, nstate, arg); 1048 } 1049 1050 /* 1051 * Grab exclusive access to NIC memory. 1052 */ 1053 static void 1054 iwn_mem_lock(struct iwn_softc *sc) 1055 { 1056 uint32_t tmp; 1057 int ntries; 1058 1059 tmp = IWN_READ(sc, IWN_GPIO_CTL); 1060 IWN_WRITE(sc, IWN_GPIO_CTL, tmp | IWN_GPIO_MAC); 1061 1062 /* spin until we actually get the lock */ 1063 for (ntries = 0; ntries < 1000; ntries++) { 1064 if ((IWN_READ(sc, IWN_GPIO_CTL) & 1065 (IWN_GPIO_CLOCK | IWN_GPIO_SLEEP)) == IWN_GPIO_CLOCK) 1066 break; 1067 DELAY(10); 1068 } 1069 if (ntries == 1000) 1070 aprint_error_dev(sc->sc_dev, "could not lock memory\n"); 1071 } 1072 1073 /* 1074 * Release lock on NIC memory. 1075 */ 1076 static void 1077 iwn_mem_unlock(struct iwn_softc *sc) 1078 { 1079 uint32_t tmp = IWN_READ(sc, IWN_GPIO_CTL); 1080 IWN_WRITE(sc, IWN_GPIO_CTL, tmp & ~IWN_GPIO_MAC); 1081 } 1082 1083 static uint32_t 1084 iwn_mem_read(struct iwn_softc *sc, uint32_t addr) 1085 { 1086 IWN_WRITE(sc, IWN_READ_MEM_ADDR, IWN_MEM_4 | addr); 1087 return IWN_READ(sc, IWN_READ_MEM_DATA); 1088 } 1089 1090 static void 1091 iwn_mem_write(struct iwn_softc *sc, uint32_t addr, uint32_t data) 1092 { 1093 IWN_WRITE(sc, IWN_WRITE_MEM_ADDR, IWN_MEM_4 | addr); 1094 IWN_WRITE(sc, IWN_WRITE_MEM_DATA, data); 1095 } 1096 1097 static void 1098 iwn_mem_write_region_4(struct iwn_softc *sc, uint32_t addr, 1099 const uint32_t *data, int wlen) 1100 { 1101 for (; wlen > 0; wlen--, data++, addr += 4) 1102 iwn_mem_write(sc, addr, *data); 1103 } 1104 1105 static int 1106 iwn_eeprom_lock(struct iwn_softc *sc) 1107 { 1108 uint32_t tmp; 1109 int ntries; 1110 1111 tmp = IWN_READ(sc, IWN_HWCONFIG); 1112 IWN_WRITE(sc, IWN_HWCONFIG, tmp | IWN_HW_EEPROM_LOCKED); 1113 1114 /* spin until we actually get the lock */ 1115 for (ntries = 0; ntries < 100; ntries++) { 1116 if (IWN_READ(sc, IWN_HWCONFIG) & IWN_HW_EEPROM_LOCKED) 1117 return 0; 1118 DELAY(10); 1119 } 1120 return ETIMEDOUT; 1121 } 1122 1123 static void 1124 iwn_eeprom_unlock(struct iwn_softc *sc) 1125 { 1126 uint32_t tmp = IWN_READ(sc, IWN_HWCONFIG); 1127 IWN_WRITE(sc, IWN_HWCONFIG, tmp & ~IWN_HW_EEPROM_LOCKED); 1128 } 1129 1130 /* 1131 * Read `len' bytes from the EEPROM. We access the EEPROM through the MAC 1132 * instead of using the traditional bit-bang method. 1133 */ 1134 static int 1135 iwn_read_prom_data(struct iwn_softc *sc, uint32_t addr, void *data, int len) 1136 { 1137 uint8_t *out = data; 1138 uint32_t val; 1139 int ntries; 1140 1141 iwn_mem_lock(sc); 1142 for (; len > 0; len -= 2, addr++) { 1143 IWN_WRITE(sc, IWN_EEPROM_CTL, addr << 2); 1144 IWN_WRITE(sc, IWN_EEPROM_CTL, 1145 IWN_READ(sc, IWN_EEPROM_CTL) & ~IWN_EEPROM_CMD); 1146 1147 for (ntries = 0; ntries < 10; ntries++) { 1148 if ((val = IWN_READ(sc, IWN_EEPROM_CTL)) & 1149 IWN_EEPROM_READY) 1150 break; 1151 DELAY(5); 1152 } 1153 if (ntries == 10) { 1154 aprint_error_dev(sc->sc_dev, "could not read EEPROM\n"); 1155 return ETIMEDOUT; 1156 } 1157 *out++ = val >> 16; 1158 if (len > 1) 1159 *out++ = val >> 24; 1160 } 1161 iwn_mem_unlock(sc); 1162 1163 return 0; 1164 } 1165 1166 /* 1167 * The firmware boot code is small and is intended to be copied directly into 1168 * the NIC internal memory. 1169 */ 1170 static int 1171 iwn_load_microcode(struct iwn_softc *sc, const uint8_t *ucode, int size) 1172 { 1173 int ntries; 1174 1175 size /= sizeof (uint32_t); 1176 1177 iwn_mem_lock(sc); 1178 1179 /* copy microcode image into NIC memory */ 1180 iwn_mem_write_region_4(sc, IWN_MEM_UCODE_BASE, 1181 (const uint32_t *)ucode, size); 1182 1183 iwn_mem_write(sc, IWN_MEM_UCODE_SRC, 0); 1184 iwn_mem_write(sc, IWN_MEM_UCODE_DST, IWN_FW_TEXT); 1185 iwn_mem_write(sc, IWN_MEM_UCODE_SIZE, size); 1186 1187 /* run microcode */ 1188 iwn_mem_write(sc, IWN_MEM_UCODE_CTL, IWN_UC_RUN); 1189 1190 /* wait for transfer to complete */ 1191 for (ntries = 0; ntries < 1000; ntries++) { 1192 if (!(iwn_mem_read(sc, IWN_MEM_UCODE_CTL) & IWN_UC_RUN)) 1193 break; 1194 DELAY(10); 1195 } 1196 if (ntries == 1000) { 1197 iwn_mem_unlock(sc); 1198 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1199 return ETIMEDOUT; 1200 } 1201 iwn_mem_write(sc, IWN_MEM_UCODE_CTL, IWN_UC_ENABLE); 1202 1203 iwn_mem_unlock(sc); 1204 1205 return 0; 1206 } 1207 1208 static int 1209 iwn_load_firmware(struct iwn_softc *sc) 1210 { 1211 struct iwn_dma_info *dma = &sc->fw_dma; 1212 struct iwn_firmware_hdr hdr; 1213 const uint8_t *init_text, *init_data, *main_text, *main_data; 1214 const uint8_t *boot_text; 1215 uint32_t init_textsz, init_datasz, main_textsz, main_datasz; 1216 uint32_t boot_textsz; 1217 firmware_handle_t fw; 1218 u_char *dfw; 1219 size_t size; 1220 int error; 1221 1222 /* load firmware image from disk */ 1223 if ((error = firmware_open("if_iwn","iwlwifi-4965.ucode", &fw)) != 0) { 1224 aprint_error_dev(sc->sc_dev, "could not read firmware file\n"); 1225 goto fail1; 1226 } 1227 1228 size = firmware_get_size(fw); 1229 1230 /* extract firmware header information */ 1231 if (size < sizeof (struct iwn_firmware_hdr)) { 1232 aprint_error_dev(sc->sc_dev, "truncated firmware header: %zu bytes\n", size); 1233 1234 error = EINVAL; 1235 goto fail2; 1236 } 1237 1238 1239 if ((error = firmware_read(fw, 0, &hdr, 1240 sizeof (struct iwn_firmware_hdr))) != 0) { 1241 aprint_error_dev(sc->sc_dev, "can't get firmware header\n"); 1242 goto fail2; 1243 } 1244 1245 main_textsz = le32toh(hdr.main_textsz); 1246 main_datasz = le32toh(hdr.main_datasz); 1247 init_textsz = le32toh(hdr.init_textsz); 1248 init_datasz = le32toh(hdr.init_datasz); 1249 boot_textsz = le32toh(hdr.boot_textsz); 1250 1251 /* sanity-check firmware segments sizes */ 1252 if (main_textsz > IWN_FW_MAIN_TEXT_MAXSZ || 1253 main_datasz > IWN_FW_MAIN_DATA_MAXSZ || 1254 init_textsz > IWN_FW_INIT_TEXT_MAXSZ || 1255 init_datasz > IWN_FW_INIT_DATA_MAXSZ || 1256 boot_textsz > IWN_FW_BOOT_TEXT_MAXSZ || 1257 (boot_textsz & 3) != 0) { 1258 aprint_error_dev(sc->sc_dev, "invalid firmware header\n"); 1259 error = EINVAL; 1260 goto fail2; 1261 } 1262 1263 /* check that all firmware segments are present */ 1264 if (size < sizeof (struct iwn_firmware_hdr) + main_textsz + 1265 main_datasz + init_textsz + init_datasz + boot_textsz) { 1266 aprint_error_dev(sc->sc_dev, "firmware file too short: %zu bytes\n", size); 1267 error = EINVAL; 1268 goto fail2; 1269 } 1270 1271 dfw = firmware_malloc(size); 1272 if (dfw == NULL) { 1273 aprint_error_dev(sc->sc_dev, "not enough memory to stock firmware\n"); 1274 error = ENOMEM; 1275 goto fail2; 1276 } 1277 1278 if ((error = firmware_read(fw, 0, dfw, size)) != 0) { 1279 aprint_error_dev(sc->sc_dev, "can't get firmware\n"); 1280 goto fail2; 1281 } 1282 1283 /* get pointers to firmware segments */ 1284 main_text = dfw + sizeof (struct iwn_firmware_hdr); 1285 main_data = main_text + main_textsz; 1286 init_text = main_data + main_datasz; 1287 init_data = init_text + init_textsz; 1288 boot_text = init_data + init_datasz; 1289 1290 /* copy initialization images into pre-allocated DMA-safe memory */ 1291 memcpy(dma->vaddr, init_data, init_datasz); 1292 memcpy((char *)dma->vaddr + IWN_FW_INIT_DATA_MAXSZ, init_text, init_textsz); 1293 1294 /* tell adapter where to find initialization images */ 1295 iwn_mem_lock(sc); 1296 iwn_mem_write(sc, IWN_MEM_DATA_BASE, dma->paddr >> 4); 1297 iwn_mem_write(sc, IWN_MEM_DATA_SIZE, init_datasz); 1298 iwn_mem_write(sc, IWN_MEM_TEXT_BASE, 1299 (dma->paddr + IWN_FW_INIT_DATA_MAXSZ) >> 4); 1300 iwn_mem_write(sc, IWN_MEM_TEXT_SIZE, init_textsz); 1301 iwn_mem_unlock(sc); 1302 1303 /* load firmware boot code */ 1304 if ((error = iwn_load_microcode(sc, boot_text, boot_textsz)) != 0) { 1305 aprint_error_dev(sc->sc_dev, "could not load boot firmware\n"); 1306 goto fail3; 1307 } 1308 1309 /* now press "execute" ;-) */ 1310 IWN_WRITE(sc, IWN_RESET, 0); 1311 1312 /* ..and wait at most one second for adapter to initialize */ 1313 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 1314 /* this isn't what was supposed to happen.. */ 1315 aprint_error_dev(sc->sc_dev, "timeout waiting for adapter to initialize\n"); 1316 } 1317 1318 /* copy runtime images into pre-allocated DMA-safe memory */ 1319 memcpy((char *)dma->vaddr, main_data, main_datasz); 1320 memcpy((char *)dma->vaddr + IWN_FW_MAIN_DATA_MAXSZ, main_text, main_textsz); 1321 1322 /* tell adapter where to find runtime images */ 1323 iwn_mem_lock(sc); 1324 iwn_mem_write(sc, IWN_MEM_DATA_BASE, dma->paddr >> 4); 1325 iwn_mem_write(sc, IWN_MEM_DATA_SIZE, main_datasz); 1326 iwn_mem_write(sc, IWN_MEM_TEXT_BASE, 1327 (dma->paddr + IWN_FW_MAIN_DATA_MAXSZ) >> 4); 1328 iwn_mem_write(sc, IWN_MEM_TEXT_SIZE, IWN_FW_UPDATED | main_textsz); 1329 iwn_mem_unlock(sc); 1330 1331 /* wait at most one second for second alive notification */ 1332 if ((error = tsleep(sc, PCATCH, "iwninit", hz)) != 0) { 1333 /* this isn't what was supposed to happen.. */ 1334 aprint_error_dev(sc->sc_dev, "timeout waiting for adapter to initialize\n"); 1335 } 1336 1337 fail3: firmware_free(dfw,size); 1338 fail2: firmware_close(fw); 1339 fail1: return error; 1340 } 1341 1342 static void 1343 iwn_calib_timeout(void *arg) 1344 { 1345 struct iwn_softc *sc = arg; 1346 struct ieee80211com *ic = &sc->sc_ic; 1347 int s; 1348 1349 /* automatic rate control triggered every 500ms */ 1350 if (ic->ic_fixed_rate == -1) { 1351 s = splnet(); 1352 if (ic->ic_opmode == IEEE80211_M_STA) 1353 iwn_iter_func(sc, ic->ic_bss); 1354 else 1355 ieee80211_iterate_nodes(&ic->ic_sta, iwn_iter_func, sc); 1356 splx(s); 1357 } 1358 1359 /* automatic calibration every 60s */ 1360 if (++sc->calib_cnt >= 120) { 1361 DPRINTF(("sending request for statistics\n")); 1362 (void)iwn_cmd(sc, IWN_CMD_GET_STATISTICS, NULL, 0, 1); 1363 sc->calib_cnt = 0; 1364 } 1365 1366 callout_schedule(&sc->calib_to, hz/2); 1367 1368 } 1369 1370 static void 1371 iwn_iter_func(void *arg, struct ieee80211_node *ni) 1372 { 1373 struct iwn_softc *sc = arg; 1374 struct iwn_node *wn = (struct iwn_node *)ni; 1375 1376 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1377 } 1378 1379 static void 1380 iwn_ampdu_rx_start(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1381 { 1382 struct iwn_rx_stat *stat; 1383 1384 DPRINTFN(2, ("received AMPDU stats\n")); 1385 /* save Rx statistics, they will be used on IWN_AMPDU_RX_DONE */ 1386 stat = (struct iwn_rx_stat *)(desc + 1); 1387 memcpy(&sc->last_rx_stat, stat, sizeof (*stat)); 1388 sc->last_rx_valid = 1; 1389 } 1390 1391 void 1392 iwn_rx_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc, 1393 struct iwn_rx_data *data) 1394 { 1395 struct ieee80211com *ic = &sc->sc_ic; 1396 struct ifnet *ifp = ic->ic_ifp; 1397 struct iwn_rx_ring *ring = &sc->rxq; 1398 struct iwn_rbuf *rbuf; 1399 struct ieee80211_frame *wh; 1400 struct ieee80211_node *ni; 1401 struct mbuf *m, *mnew; 1402 struct iwn_rx_stat *stat; 1403 char *head; 1404 uint32_t *tail; 1405 int len, rssi; 1406 1407 if (desc->type == IWN_AMPDU_RX_DONE) { 1408 /* check for prior AMPDU_RX_START */ 1409 if (!sc->last_rx_valid) { 1410 DPRINTF(("missing AMPDU_RX_START\n")); 1411 ifp->if_ierrors++; 1412 return; 1413 } 1414 sc->last_rx_valid = 0; 1415 stat = &sc->last_rx_stat; 1416 } else 1417 stat = (struct iwn_rx_stat *)(desc + 1); 1418 1419 if (stat->cfg_phy_len > IWN_STAT_MAXLEN) { 1420 aprint_error_dev(sc->sc_dev, "invalid rx statistic header\n"); 1421 ifp->if_ierrors++; 1422 return; 1423 } 1424 1425 if (desc->type == IWN_AMPDU_RX_DONE) { 1426 struct iwn_rx_ampdu *ampdu = 1427 (struct iwn_rx_ampdu *)(desc + 1); 1428 head = (char *)(ampdu + 1); 1429 len = le16toh(ampdu->len); 1430 } else { 1431 head = (char *)(stat + 1) + stat->cfg_phy_len; 1432 len = le16toh(stat->len); 1433 } 1434 1435 DPRINTF(("rx packet len %d\n", len)); 1436 /* discard Rx frames with bad CRC early */ 1437 tail = (uint32_t *)(head + len); 1438 if ((le32toh(*tail) & IWN_RX_NOERROR) != IWN_RX_NOERROR) { 1439 DPRINTFN(2, ("rx flags error %x\n", le32toh(*tail))); 1440 ifp->if_ierrors++; 1441 return; 1442 } 1443 /* XXX for ieee80211_find_rxnode() */ 1444 if (len < sizeof (struct ieee80211_frame)) { 1445 DPRINTF(("frame too short: %d\n", len)); 1446 ic->ic_stats.is_rx_tooshort++; 1447 ifp->if_ierrors++; 1448 return; 1449 } 1450 1451 m = data->m; 1452 1453 /* finalize mbuf */ 1454 m->m_pkthdr.rcvif = ifp; 1455 m->m_data = head; 1456 m->m_pkthdr.len = m->m_len = len; 1457 1458 /* 1459 * See comment in if_wpi.c:wpi_rx_intr() about locking 1460 * nb_free_entries here. In short: it's not required. 1461 */ 1462 if (sc->rxq.nb_free_entries >= 0) { 1463 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1464 if (mnew == NULL) { 1465 ic->ic_stats.is_rx_nobuf++; 1466 ifp->if_ierrors++; 1467 return; 1468 } 1469 1470 rbuf = iwn_alloc_rbuf(sc); 1471 1472 /* attach Rx buffer to mbuf */ 1473 MEXTADD(mnew, rbuf->vaddr, IWN_RBUF_SIZE, 0, iwn_free_rbuf, 1474 rbuf); 1475 mnew->m_flags |= M_EXT_RW; 1476 1477 data->m = mnew; 1478 1479 /* update Rx descriptor */ 1480 ring->desc[ring->cur] = htole32(rbuf->paddr >> 8); 1481 } else { 1482 /* no free rbufs, copy frame */ 1483 m = m_dup(m, 0, M_COPYALL, M_DONTWAIT); 1484 if (m == NULL) { 1485 /* no free mbufs either, drop frame */ 1486 ic->ic_stats.is_rx_nobuf++; 1487 ifp->if_ierrors++; 1488 return; 1489 } 1490 } 1491 1492 rssi = iwn_get_rssi(stat); 1493 1494 if (ic->ic_state == IEEE80211_S_SCAN) 1495 iwn_fix_channel(ic, m); 1496 1497 #if NBPFILTER > 0 1498 if (sc->sc_drvbpf != NULL) { 1499 struct iwn_rx_radiotap_header *tap = &sc->sc_rxtap; 1500 1501 tap->wr_flags = 0; 1502 tap->wr_chan_freq = 1503 htole16(ic->ic_channels[stat->chan].ic_freq); 1504 tap->wr_chan_flags = 1505 htole16(ic->ic_channels[stat->chan].ic_flags); 1506 tap->wr_dbm_antsignal = (int8_t)rssi; 1507 tap->wr_dbm_antnoise = (int8_t)sc->noise; 1508 tap->wr_tsft = stat->tstamp; 1509 switch (stat->rate) { 1510 /* CCK rates */ 1511 case 10: tap->wr_rate = 2; break; 1512 case 20: tap->wr_rate = 4; break; 1513 case 55: tap->wr_rate = 11; break; 1514 case 110: tap->wr_rate = 22; break; 1515 /* OFDM rates */ 1516 case 0xd: tap->wr_rate = 12; break; 1517 case 0xf: tap->wr_rate = 18; break; 1518 case 0x5: tap->wr_rate = 24; break; 1519 case 0x7: tap->wr_rate = 36; break; 1520 case 0x9: tap->wr_rate = 48; break; 1521 case 0xb: tap->wr_rate = 72; break; 1522 case 0x1: tap->wr_rate = 96; break; 1523 case 0x3: tap->wr_rate = 108; break; 1524 /* unknown rate: should not happen */ 1525 default: tap->wr_rate = 0; 1526 } 1527 1528 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1529 } 1530 #endif 1531 1532 /* grab a reference to the source node */ 1533 wh = mtod(m, struct ieee80211_frame *); 1534 ni = ieee80211_find_rxnode(ic,(struct ieee80211_frame_min *)wh); 1535 1536 /* send the frame to the 802.11 layer */ 1537 ieee80211_input(ic, m, ni, rssi, 0); 1538 1539 /* node is no longer needed */ 1540 ieee80211_free_node(ni); 1541 } 1542 1543 1544 /* 1545 * XXX: Hack to set the current channel to the value advertised in beacons or 1546 * probe responses. Only used during AP detection. 1547 * XXX: Duplicated from if_iwi.c 1548 */ 1549 static void 1550 iwn_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1551 { 1552 struct ieee80211_frame *wh; 1553 uint8_t subtype; 1554 uint8_t *frm, *efrm; 1555 1556 wh = mtod(m, struct ieee80211_frame *); 1557 1558 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1559 return; 1560 1561 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1562 1563 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1564 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1565 return; 1566 1567 frm = (uint8_t *)(wh + 1); 1568 efrm = mtod(m, uint8_t *) + m->m_len; 1569 1570 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1571 while (frm < efrm) { 1572 if (*frm == IEEE80211_ELEMID_DSPARMS) 1573 #if IEEE80211_CHAN_MAX < 255 1574 if (frm[2] <= IEEE80211_CHAN_MAX) 1575 #endif 1576 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1577 1578 frm += frm[1] + 2; 1579 } 1580 } 1581 1582 static void 1583 iwn_rx_statistics(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1584 { 1585 struct ieee80211com *ic = &sc->sc_ic; 1586 struct iwn_calib_state *calib = &sc->calib; 1587 struct iwn_stats *stats = (struct iwn_stats *)(desc + 1); 1588 1589 /* ignore beacon statistics received during a scan */ 1590 if (ic->ic_state != IEEE80211_S_RUN) 1591 return; 1592 1593 DPRINTFN(3, ("received statistics (cmd=%d)\n", desc->type)); 1594 sc->calib_cnt = 0; /* reset timeout */ 1595 1596 /* test if temperature has changed */ 1597 if (stats->general.temp != sc->rawtemp) { 1598 int temp; 1599 1600 sc->rawtemp = stats->general.temp; 1601 temp = iwn_get_temperature(sc); 1602 DPRINTFN(2, ("temperature=%d\n", temp)); 1603 1604 /* update Tx power if need be */ 1605 iwn_power_calibration(sc, temp); 1606 } 1607 1608 if (desc->type != IWN_BEACON_STATISTICS) 1609 return; /* reply to a statistics request */ 1610 1611 sc->noise = iwn_get_noise(&stats->rx.general); 1612 DPRINTFN(3, ("noise=%d\n", sc->noise)); 1613 1614 /* test that RSSI and noise are present in stats report */ 1615 if (le32toh(stats->rx.general.flags) != 1) { 1616 DPRINTF(("received statistics without RSSI\n")); 1617 return; 1618 } 1619 1620 if (calib->state == IWN_CALIB_STATE_ASSOC) 1621 iwn_compute_differential_gain(sc, &stats->rx.general); 1622 else if (calib->state == IWN_CALIB_STATE_RUN) 1623 iwn_tune_sensitivity(sc, &stats->rx); 1624 } 1625 1626 static void 1627 iwn_tx_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1628 { 1629 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1630 struct iwn_tx_ring *ring = &sc->txq[desc->qid & 0xf]; 1631 struct iwn_tx_data *txdata = &ring->data[desc->idx]; 1632 struct iwn_tx_stat *stat = (struct iwn_tx_stat *)(desc + 1); 1633 struct iwn_node *wn = (struct iwn_node *)txdata->ni; 1634 uint32_t status; 1635 1636 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1637 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1638 stat->nkill, stat->rate, le16toh(stat->duration), 1639 le32toh(stat->status))); 1640 1641 /* 1642 * Update rate control statistics for the node. 1643 */ 1644 wn->amn.amn_txcnt++; 1645 if (stat->ntries > 0) { 1646 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1647 wn->amn.amn_retrycnt++; 1648 } 1649 1650 status = le32toh(stat->status) & 0xff; 1651 if (status != 1 && status != 2) 1652 ifp->if_oerrors++; 1653 else 1654 ifp->if_opackets++; 1655 1656 bus_dmamap_unload(sc->sc_dmat, txdata->map); 1657 m_freem(txdata->m); 1658 txdata->m = NULL; 1659 ieee80211_free_node(txdata->ni); 1660 txdata->ni = NULL; 1661 1662 ring->queued--; 1663 1664 sc->sc_tx_timer = 0; 1665 ifp->if_flags &= ~IFF_OACTIVE; 1666 iwn_start(ifp); 1667 } 1668 1669 static void 1670 iwn_cmd_intr(struct iwn_softc *sc, struct iwn_rx_desc *desc) 1671 { 1672 struct iwn_tx_ring *ring = &sc->txq[4]; 1673 struct iwn_tx_data *data; 1674 1675 if ((desc->qid & 0xf) != 4) 1676 return; /* not a command ack */ 1677 1678 data = &ring->data[desc->idx]; 1679 1680 /* if the command was mapped in a mbuf, free it */ 1681 if (data->m != NULL) { 1682 bus_dmamap_unload(sc->sc_dmat, data->map); 1683 m_freem(data->m); 1684 data->m = NULL; 1685 } 1686 1687 wakeup(&ring->cmd[desc->idx]); 1688 } 1689 1690 static void 1691 iwn_notif_intr(struct iwn_softc *sc) 1692 { 1693 struct ieee80211com *ic = &sc->sc_ic; 1694 struct ifnet *ifp = ic->ic_ifp; 1695 uint16_t hw; 1696 1697 hw = le16toh(sc->shared->closed_count); 1698 while (sc->rxq.cur != hw) { 1699 struct iwn_rx_data *data = &sc->rxq.data[sc->rxq.cur]; 1700 struct iwn_rx_desc *desc = (void *)data->m->m_ext.ext_buf; 1701 1702 DPRINTFN(4,("rx notification qid=%x idx=%d flags=%x type=%d " 1703 "len=%d\n", desc->qid, desc->idx, desc->flags, desc->type, 1704 le32toh(desc->len))); 1705 1706 if (!(desc->qid & 0x80)) /* reply to a command */ 1707 iwn_cmd_intr(sc, desc); 1708 1709 switch (desc->type) { 1710 case IWN_RX_DONE: 1711 case IWN_AMPDU_RX_DONE: 1712 iwn_rx_intr(sc, desc, data); 1713 break; 1714 1715 case IWN_AMPDU_RX_START: 1716 iwn_ampdu_rx_start(sc, desc); 1717 break; 1718 1719 case IWN_TX_DONE: 1720 /* a 802.11 frame has been transmitted */ 1721 iwn_tx_intr(sc, desc); 1722 break; 1723 1724 case IWN_RX_STATISTICS: 1725 case IWN_BEACON_STATISTICS: 1726 iwn_rx_statistics(sc, desc); 1727 break; 1728 1729 case IWN_BEACON_MISSED: 1730 { 1731 struct iwn_beacon_missed *miss = 1732 (struct iwn_beacon_missed *)(desc + 1); 1733 /* 1734 * If more than 5 consecutive beacons are missed, 1735 * reinitialize the sensitivity state machine. 1736 */ 1737 DPRINTFN(2, ("beacons missed %d/%d\n", 1738 le32toh(miss->consecutive), le32toh(miss->total))); 1739 if (ic->ic_state == IEEE80211_S_RUN && 1740 le32toh(miss->consecutive) > 5) 1741 (void)iwn_init_sensitivity(sc); 1742 break; 1743 } 1744 1745 case IWN_UC_READY: 1746 { 1747 struct iwn_ucode_info *uc = 1748 (struct iwn_ucode_info *)(desc + 1); 1749 1750 /* the microcontroller is ready */ 1751 DPRINTF(("microcode alive notification version=%d.%d " 1752 "subtype=%x alive=%x\n", uc->major, uc->minor, 1753 uc->subtype, le32toh(uc->valid))); 1754 1755 if (le32toh(uc->valid) != 1) { 1756 aprint_error_dev(sc->sc_dev, "microcontroller initialization " 1757 "failed\n"); 1758 break; 1759 } 1760 if (uc->subtype == IWN_UCODE_INIT) { 1761 /* save microcontroller's report */ 1762 memcpy(&sc->ucode_info, uc, sizeof (*uc)); 1763 } 1764 break; 1765 } 1766 case IWN_STATE_CHANGED: 1767 { 1768 uint32_t *status = (uint32_t *)(desc + 1); 1769 1770 /* enabled/disabled notification */ 1771 DPRINTF(("state changed to %x\n", le32toh(*status))); 1772 1773 if (le32toh(*status) & 1) { 1774 /* the radio button has to be pushed */ 1775 aprint_error_dev(sc->sc_dev, "Radio transmitter is off\n"); 1776 /* turn the interface down */ 1777 ifp->if_flags &= ~IFF_UP; 1778 iwn_stop(ifp, 1); 1779 return; /* no further processing */ 1780 } 1781 break; 1782 } 1783 case IWN_START_SCAN: 1784 { 1785 struct iwn_start_scan *scan = 1786 (struct iwn_start_scan *)(desc + 1); 1787 1788 DPRINTFN(2, ("scanning channel %d status %x\n", 1789 scan->chan, le32toh(scan->status))); 1790 1791 /* fix current channel */ 1792 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1793 break; 1794 } 1795 case IWN_STOP_SCAN: 1796 { 1797 struct iwn_stop_scan *scan = 1798 (struct iwn_stop_scan *)(desc + 1); 1799 1800 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1801 scan->nchan, scan->status, scan->chan)); 1802 1803 if (scan->status == 1 && scan->chan <= 14) { 1804 /* 1805 * We just finished scanning 802.11g channels, 1806 * start scanning 802.11a ones. 1807 */ 1808 if (iwn_scan(sc, IEEE80211_CHAN_A) == 0) 1809 break; 1810 } 1811 sc->is_scanning = false; 1812 ieee80211_end_scan(ic); 1813 break; 1814 } 1815 } 1816 1817 sc->rxq.cur = (sc->rxq.cur + 1) % IWN_RX_RING_COUNT; 1818 } 1819 1820 /* tell the firmware what we have processed */ 1821 hw = (hw == 0) ? IWN_RX_RING_COUNT - 1 : hw - 1; 1822 IWN_WRITE(sc, IWN_RX_WIDX, hw & ~7); 1823 } 1824 1825 static int 1826 iwn_intr(void *arg) 1827 { 1828 struct iwn_softc *sc = arg; 1829 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1830 uint32_t r1, r2; 1831 1832 /* disable interrupts */ 1833 IWN_WRITE(sc, IWN_MASK, 0); 1834 1835 r1 = IWN_READ(sc, IWN_INTR); 1836 r2 = IWN_READ(sc, IWN_INTR_STATUS); 1837 1838 if (r1 == 0 && r2 == 0) { 1839 if (ifp->if_flags & IFF_UP) 1840 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 1841 return 0; /* not for us */ 1842 } 1843 1844 if (r1 == 0xffffffff) 1845 return 0; /* hardware gone */ 1846 1847 /* ack interrupts */ 1848 IWN_WRITE(sc, IWN_INTR, r1); 1849 IWN_WRITE(sc, IWN_INTR_STATUS, r2); 1850 1851 DPRINTFN(5, ("interrupt reg1=%x reg2=%x\n", r1, r2)); 1852 1853 if (r1 & IWN_RF_TOGGLED) { 1854 uint32_t tmp = IWN_READ(sc, IWN_GPIO_CTL); 1855 aprint_error_dev(sc->sc_dev, "RF switch: radio %s\n", 1856 (tmp & IWN_GPIO_RF_ENABLED) ? "enabled" : "disabled"); 1857 } 1858 if (r1 & IWN_CT_REACHED) { 1859 aprint_error_dev(sc->sc_dev, "critical temperature reached!\n"); 1860 } 1861 if (r1 & (IWN_SW_ERROR | IWN_HW_ERROR)) { 1862 aprint_error_dev(sc->sc_dev, "fatal firmware error\n"); 1863 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1864 iwn_stop(sc->sc_ic.ic_ifp, 1); 1865 return 1; 1866 } 1867 1868 if ((r1 & (IWN_RX_INTR | IWN_SW_RX_INTR)) || 1869 (r2 & IWN_RX_STATUS_INTR)) 1870 iwn_notif_intr(sc); 1871 1872 if (r1 & IWN_ALIVE_INTR) 1873 wakeup(sc); 1874 1875 /* re-enable interrupts */ 1876 if (ifp->if_flags & IFF_UP) 1877 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 1878 1879 return 1; 1880 } 1881 1882 static uint8_t 1883 iwn_plcp_signal(int rate) 1884 { 1885 switch (rate) { 1886 /* CCK rates (returned values are device-dependent) */ 1887 case 2: return 10; 1888 case 4: return 20; 1889 case 11: return 55; 1890 case 22: return 110; 1891 1892 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1893 /* R1-R4, (u)ral is R4-R1 */ 1894 case 12: return 0xd; 1895 case 18: return 0xf; 1896 case 24: return 0x5; 1897 case 36: return 0x7; 1898 case 48: return 0x9; 1899 case 72: return 0xb; 1900 case 96: return 0x1; 1901 case 108: return 0x3; 1902 case 120: return 0x3; 1903 } 1904 /* unknown rate (should not get there) */ 1905 return 0; 1906 } 1907 1908 /* determine if a given rate is CCK or OFDM */ 1909 #define IWN_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1910 1911 static int 1912 iwn_tx_data(struct iwn_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1913 int ac) 1914 { 1915 struct ieee80211com *ic = &sc->sc_ic; 1916 struct iwn_tx_ring *ring = &sc->txq[ac]; 1917 struct iwn_tx_desc *desc; 1918 struct iwn_tx_data *data; 1919 struct iwn_tx_cmd *cmd; 1920 struct iwn_cmd_data *tx; 1921 struct ieee80211_frame *wh; 1922 struct ieee80211_key *k; 1923 const struct chanAccParams *cap; 1924 struct mbuf *mnew; 1925 bus_addr_t paddr; 1926 uint32_t flags; 1927 uint8_t type; 1928 int i, error, pad, rate, hdrlen, noack = 0; 1929 1930 DPRINTFN(5, ("iwn_tx_data entry\n")); 1931 1932 desc = &ring->desc[ring->cur]; 1933 data = &ring->data[ring->cur]; 1934 1935 wh = mtod(m0, struct ieee80211_frame *); 1936 type = wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK; 1937 1938 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1939 hdrlen = sizeof (struct ieee80211_qosframe); 1940 cap = &ic->ic_wme.wme_chanParams; 1941 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1942 } else 1943 hdrlen = sizeof (struct ieee80211_frame); 1944 1945 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1946 k = ieee80211_crypto_encap(ic, ni, m0); 1947 if (k == NULL) { 1948 m_freem(m0); 1949 return ENOBUFS; 1950 } 1951 /* packet header may have moved, reset our local pointer */ 1952 wh = mtod(m0, struct ieee80211_frame *); 1953 } 1954 1955 /* pickup a rate */ 1956 if (type == IEEE80211_FC0_TYPE_MGT) { 1957 /* mgmt frames are sent at the lowest available bit-rate */ 1958 rate = ni->ni_rates.rs_rates[0]; 1959 } else { 1960 if (ic->ic_fixed_rate != -1) { 1961 rate = ic->ic_sup_rates[ic->ic_curmode]. 1962 rs_rates[ic->ic_fixed_rate]; 1963 } else 1964 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1965 } 1966 rate &= IEEE80211_RATE_VAL; 1967 1968 #if NBPFILTER > 0 1969 if (sc->sc_drvbpf != NULL) { 1970 struct iwn_tx_radiotap_header *tap = &sc->sc_txtap; 1971 1972 tap->wt_flags = 0; 1973 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1974 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1975 tap->wt_rate = rate; 1976 tap->wt_hwqueue = ac; 1977 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1978 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1979 1980 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1981 } 1982 #endif 1983 1984 cmd = &ring->cmd[ring->cur]; 1985 cmd->code = IWN_CMD_TX_DATA; 1986 cmd->flags = 0; 1987 cmd->qid = ring->qid; 1988 cmd->idx = ring->cur; 1989 1990 tx = (struct iwn_cmd_data *)cmd->data; 1991 1992 flags = IWN_TX_AUTO_SEQ; 1993 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)){ 1994 flags |= IWN_TX_NEED_ACK; 1995 }else if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 1996 flags |= (IWN_TX_NEED_RTS | IWN_TX_FULL_TXOP); 1997 1998 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? IWN_ID_BROADCAST : IWN_ID_BSS; 1999 2000 DPRINTFN(5, ("addr1: %x:%x:%x:%x:%x:%x, id = 0x%x\n", 2001 wh->i_addr1[0], wh->i_addr1[1], wh->i_addr1[2], 2002 wh->i_addr1[3], wh->i_addr1[4], wh->i_addr1[5], tx->id)); 2003 2004 if (type == IEEE80211_FC0_TYPE_MGT) { 2005 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2006 2007 /* tell h/w to set timestamp in probe responses */ 2008 if ((subtype == IEEE80211_FC0_SUBTYPE_PROBE_RESP) || 2009 (subtype == IEEE80211_FC0_SUBTYPE_PROBE_REQ)) 2010 flags |= IWN_TX_INSERT_TSTAMP; 2011 2012 if (subtype == IEEE80211_FC0_SUBTYPE_ASSOC_REQ || 2013 subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) { 2014 flags &= ~IWN_TX_NEED_RTS; 2015 flags |= IWN_TX_NEED_CTS; 2016 tx->timeout = htole16(3); 2017 } else 2018 tx->timeout = htole16(2); 2019 } else 2020 tx->timeout = htole16(0); 2021 2022 if (hdrlen & 3) { 2023 /* first segment's length must be a multiple of 4 */ 2024 flags |= IWN_TX_NEED_PADDING; 2025 pad = 4 - (hdrlen & 3); 2026 } else 2027 pad = 0; 2028 2029 if (type == IEEE80211_FC0_TYPE_CTL) { 2030 uint8_t subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 2031 2032 /* tell h/w to set timestamp in probe responses */ 2033 if (subtype == 0x0080) /* linux says this is "back request" */ 2034 /* linux says (1 << 6) is IMM_BA_RSP_MASK */ 2035 flags |= (IWN_TX_NEED_ACK | (1 << 6)); 2036 } 2037 2038 2039 tx->flags = htole32(flags); 2040 tx->len = htole16(m0->m_pkthdr.len); 2041 tx->rate = iwn_plcp_signal(rate); 2042 tx->rts_ntries = 60; 2043 tx->data_ntries = 15; 2044 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 2045 2046 /* XXX alternate between Ant A and Ant B ? */ 2047 tx->rflags = IWN_RFLAG_ANT_B; 2048 if (tx->id == IWN_ID_BROADCAST) { 2049 tx->ridx = IWN_MAX_TX_RETRIES - 1; 2050 if (!IWN_RATE_IS_OFDM(rate)) 2051 tx->rflags |= IWN_RFLAG_CCK; 2052 } else { 2053 tx->ridx = 0; 2054 /* tell adapter to ignore rflags */ 2055 tx->flags |= htole32(IWN_TX_USE_NODE_RATE); 2056 } 2057 2058 /* copy and trim IEEE802.11 header */ 2059 memcpy((uint8_t *)(tx + 1), wh, hdrlen); 2060 m_adj(m0, hdrlen); 2061 2062 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2063 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 2064 if (error != 0 && error != EFBIG) { 2065 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 2066 m_freem(m0); 2067 return error; 2068 } 2069 if (error != 0) { 2070 /* too many fragments, linearize */ 2071 2072 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 2073 if (mnew == NULL) { 2074 m_freem(m0); 2075 return ENOMEM; 2076 } 2077 M_COPY_PKTHDR(mnew, m0); 2078 if (m0->m_pkthdr.len > MHLEN) { 2079 MCLGET(mnew, M_DONTWAIT); 2080 if (!(mnew->m_flags & M_EXT)) { 2081 m_freem(m0); 2082 m_freem(mnew); 2083 return ENOMEM; 2084 } 2085 } 2086 2087 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 2088 m_freem(m0); 2089 mnew->m_len = mnew->m_pkthdr.len; 2090 m0 = mnew; 2091 2092 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2093 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 2094 if (error != 0) { 2095 aprint_error_dev(sc->sc_dev, "could not map mbuf (error %d)\n", error); 2096 m_freem(m0); 2097 return error; 2098 } 2099 } 2100 2101 data->m = m0; 2102 data->ni = ni; 2103 2104 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 2105 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 2106 2107 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 2108 tx->loaddr = htole32(paddr + 4 + 2109 offsetof(struct iwn_cmd_data, ntries)); 2110 tx->hiaddr = 0; /* limit to 32-bit physical addresses */ 2111 2112 /* first scatter/gather segment is used by the tx data command */ 2113 IWN_SET_DESC_NSEGS(desc, 1 + data->map->dm_nsegs); 2114 IWN_SET_DESC_SEG(desc, 0, paddr, 4 + sizeof (*tx) + hdrlen + pad); 2115 for (i = 1; i <= data->map->dm_nsegs; i++) { 2116 IWN_SET_DESC_SEG(desc, i, data->map->dm_segs[i - 1].ds_addr, 2117 data->map->dm_segs[i - 1].ds_len); 2118 } 2119 sc->shared->len[ring->qid][ring->cur] = 2120 htole16(hdrlen + m0->m_pkthdr.len + 8); 2121 if (ring->cur < IWN_TX_WINDOW) { 2122 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 2123 htole16(hdrlen + m0->m_pkthdr.len + 8); 2124 } 2125 2126 ring->queued++; 2127 2128 /* kick ring */ 2129 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 2130 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 2131 2132 return 0; 2133 } 2134 2135 static void 2136 iwn_start(struct ifnet *ifp) 2137 { 2138 struct iwn_softc *sc = ifp->if_softc; 2139 struct ieee80211com *ic = &sc->sc_ic; 2140 struct ieee80211_node *ni; 2141 struct ether_header *eh; 2142 struct mbuf *m0; 2143 int ac; 2144 2145 DPRINTFN(5, ("iwn_start enter\n")); 2146 2147 /* 2148 * net80211 may still try to send management frames even if the 2149 * IFF_RUNNING flag is not set... 2150 */ 2151 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2152 return; 2153 2154 for (;;) { 2155 IF_DEQUEUE(&ic->ic_mgtq, m0); 2156 if (m0 != NULL) { 2157 /* management frames go into ring 0 */ 2158 2159 2160 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 2161 m0->m_pkthdr.rcvif = NULL; 2162 2163 /* management goes into ring 0 */ 2164 if (sc->txq[0].queued > sc->txq[0].count - 8) { 2165 ifp->if_oerrors++; 2166 continue; 2167 } 2168 2169 #if NBPFILTER > 0 2170 if (ic->ic_rawbpf != NULL) 2171 bpf_mtap(ic->ic_rawbpf, m0); 2172 #endif 2173 if (iwn_tx_data(sc, m0, ni, 0) != 0) { 2174 ifp->if_oerrors++; 2175 break; 2176 } 2177 } else { 2178 if (ic->ic_state != IEEE80211_S_RUN) 2179 break; 2180 IFQ_POLL(&ifp->if_snd, m0); 2181 if (m0 == NULL) 2182 break; 2183 2184 if (m0->m_len < sizeof (*eh) && 2185 (m0 = m_pullup(m0, sizeof (*eh))) == NULL) { 2186 ifp->if_oerrors++; 2187 continue; 2188 } 2189 eh = mtod(m0, struct ether_header *); 2190 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2191 if (ni == NULL) { 2192 m_freem(m0); 2193 ifp->if_oerrors++; 2194 continue; 2195 } 2196 /* classify mbuf so we can find which tx ring to use */ 2197 if (ieee80211_classify(ic, m0, ni) != 0) { 2198 m_freem(m0); 2199 ieee80211_free_node(ni); 2200 ifp->if_oerrors++; 2201 continue; 2202 } 2203 2204 /* no QoS encapsulation for EAPOL frames */ 2205 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 2206 M_WME_GETAC(m0) : WME_AC_BE; 2207 2208 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 2209 2210 /* there is no place left in this ring */ 2211 ifp->if_flags |= IFF_OACTIVE; 2212 break; 2213 } 2214 IFQ_DEQUEUE(&ifp->if_snd, m0); 2215 #if NBPFILTER > 0 2216 if (ifp->if_bpf != NULL) 2217 bpf_mtap(ifp->if_bpf, m0); 2218 #endif 2219 m0 = ieee80211_encap(ic, m0, ni); 2220 if (m0 == NULL) { 2221 ieee80211_free_node(ni); 2222 ifp->if_oerrors++; 2223 continue; 2224 } 2225 #if NBPFILTER > 0 2226 if (ic->ic_rawbpf != NULL) 2227 bpf_mtap(ic->ic_rawbpf, m0); 2228 #endif 2229 if (iwn_tx_data(sc, m0, ni, ac) != 0) { 2230 ieee80211_free_node(ni); 2231 ifp->if_oerrors++; 2232 break; 2233 } 2234 } 2235 2236 sc->sc_tx_timer = 5; 2237 ifp->if_timer = 1; 2238 } 2239 } 2240 2241 static void 2242 iwn_watchdog(struct ifnet *ifp) 2243 { 2244 struct iwn_softc *sc = ifp->if_softc; 2245 2246 ifp->if_timer = 0; 2247 2248 if (sc->sc_tx_timer > 0) { 2249 if (--sc->sc_tx_timer == 0) { 2250 aprint_error_dev(sc->sc_dev, "device timeout\n"); 2251 ifp->if_flags &= ~IFF_UP; 2252 iwn_stop(ifp, 1); 2253 ifp->if_oerrors++; 2254 return; 2255 } 2256 ifp->if_timer = 1; 2257 } 2258 2259 ieee80211_watchdog(&sc->sc_ic); 2260 } 2261 2262 static int 2263 iwn_ioctl(struct ifnet *ifp, u_long cmd, void * data) 2264 { 2265 2266 #define IS_RUNNING(ifp) \ 2267 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 2268 2269 struct iwn_softc *sc = ifp->if_softc; 2270 struct ieee80211com *ic = &sc->sc_ic; 2271 int s, error = 0; 2272 2273 s = splnet(); 2274 2275 switch (cmd) { 2276 case SIOCSIFFLAGS: 2277 if (ifp->if_flags & IFF_UP) { 2278 if (!(ifp->if_flags & IFF_RUNNING)) 2279 iwn_init(ifp); 2280 } else { 2281 if (ifp->if_flags & IFF_RUNNING) 2282 iwn_stop(ifp, 1); 2283 } 2284 break; 2285 2286 case SIOCADDMULTI: 2287 case SIOCDELMULTI: 2288 /* XXX no h/w multicast filter? --dyoung */ 2289 if ((error = ether_ioctl(ifp, cmd, data)) == ENETRESET) { 2290 /* setup multicast filter, etc */ 2291 error = 0; 2292 } 2293 break; 2294 2295 default: 2296 error = ieee80211_ioctl(ic, cmd, data); 2297 } 2298 2299 if (error == ENETRESET) { 2300 if (IS_RUNNING(ifp) && 2301 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2302 iwn_init(ifp); 2303 error = 0; 2304 } 2305 2306 splx(s); 2307 return error; 2308 2309 #undef IS_RUNNING 2310 } 2311 2312 static void 2313 iwn_read_eeprom(struct iwn_softc *sc) 2314 { 2315 struct ieee80211com *ic = &sc->sc_ic; 2316 char domain[4]; 2317 uint16_t val; 2318 int i, error; 2319 2320 if ((error = iwn_eeprom_lock(sc)) != 0) { 2321 aprint_error_dev(sc->sc_dev, "could not lock EEPROM (error=%d)\n", error); 2322 return; 2323 } 2324 /* read and print regulatory domain */ 2325 iwn_read_prom_data(sc, IWN_EEPROM_DOMAIN, domain, 4); 2326 aprint_error_dev(sc->sc_dev, "%.4s", domain); 2327 2328 /* read and print MAC address */ 2329 iwn_read_prom_data(sc, IWN_EEPROM_MAC, ic->ic_myaddr, 6); 2330 aprint_error(", address %s\n", ether_sprintf(ic->ic_myaddr)); 2331 2332 /* read the list of authorized channels */ 2333 for (i = 0; i < IWN_CHAN_BANDS_COUNT; i++) 2334 iwn_read_eeprom_channels(sc, i); 2335 2336 /* read maximum allowed Tx power for 2GHz and 5GHz bands */ 2337 iwn_read_prom_data(sc, IWN_EEPROM_MAXPOW, &val, 2); 2338 sc->maxpwr2GHz = val & 0xff; 2339 sc->maxpwr5GHz = val >> 8; 2340 /* check that EEPROM values are correct */ 2341 if (sc->maxpwr5GHz < 20 || sc->maxpwr5GHz > 50) 2342 sc->maxpwr5GHz = 38; 2343 if (sc->maxpwr2GHz < 20 || sc->maxpwr2GHz > 50) 2344 sc->maxpwr2GHz = 38; 2345 DPRINTF(("maxpwr 2GHz=%d 5GHz=%d\n", sc->maxpwr2GHz, sc->maxpwr5GHz)); 2346 2347 /* read voltage at which samples were taken */ 2348 iwn_read_prom_data(sc, IWN_EEPROM_VOLTAGE, &val, 2); 2349 sc->eeprom_voltage = (int16_t)le16toh(val); 2350 DPRINTF(("voltage=%d (in 0.3V)\n", sc->eeprom_voltage)); 2351 2352 /* read power groups */ 2353 iwn_read_prom_data(sc, IWN_EEPROM_BANDS, sc->bands, sizeof sc->bands); 2354 #ifdef IWN_DEBUG 2355 if (iwn_debug > 0) { 2356 for (i = 0; i < IWN_NBANDS; i++) 2357 iwn_print_power_group(sc, i); 2358 } 2359 #endif 2360 iwn_eeprom_unlock(sc); 2361 } 2362 2363 static void 2364 iwn_read_eeprom_channels(struct iwn_softc *sc, int n) 2365 { 2366 struct ieee80211com *ic = &sc->sc_ic; 2367 const struct iwn_chan_band *band = &iwn_bands[n]; 2368 struct iwn_eeprom_chan channels[IWN_MAX_CHAN_PER_BAND]; 2369 int chan, i; 2370 2371 iwn_read_prom_data(sc, band->addr, channels, 2372 band->nchan * sizeof (struct iwn_eeprom_chan)); 2373 2374 for (i = 0; i < band->nchan; i++) { 2375 if (!(channels[i].flags & IWN_EEPROM_CHAN_VALID)) 2376 continue; 2377 2378 chan = band->chan[i]; 2379 2380 if (n == 0) { /* 2GHz band */ 2381 ic->ic_channels[chan].ic_freq = 2382 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 2383 ic->ic_channels[chan].ic_flags = 2384 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 2385 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 2386 2387 } else { /* 5GHz band */ 2388 /* 2389 * Some adapters support channels 7, 8, 11 and 12 2390 * both in the 2GHz *and* 5GHz bands. 2391 * Because of limitations in our net80211(9) stack, 2392 * we can't support these channels in 5GHz band. 2393 */ 2394 if (chan <= 14) 2395 continue; 2396 2397 ic->ic_channels[chan].ic_freq = 2398 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 2399 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 2400 } 2401 2402 /* is active scan allowed on this channel? */ 2403 if (!(channels[i].flags & IWN_EEPROM_CHAN_ACTIVE)) { 2404 ic->ic_channels[chan].ic_flags |= 2405 IEEE80211_CHAN_PASSIVE; 2406 } 2407 2408 /* save maximum allowed power for this channel */ 2409 sc->maxpwr[chan] = channels[i].maxpwr; 2410 2411 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 2412 chan, channels[i].flags, sc->maxpwr[chan])); 2413 } 2414 } 2415 2416 #ifdef IWN_DEBUG 2417 static void 2418 iwn_print_power_group(struct iwn_softc *sc, int i) 2419 { 2420 struct iwn_eeprom_band *band = &sc->bands[i]; 2421 struct iwn_eeprom_chan_samples *chans = band->chans; 2422 int j, c; 2423 2424 DPRINTF(("===band %d===\n", i)); 2425 DPRINTF(("chan lo=%d, chan hi=%d\n", band->lo, band->hi)); 2426 DPRINTF(("chan1 num=%d\n", chans[0].num)); 2427 for (c = 0; c < IWN_NTXCHAINS; c++) { 2428 for (j = 0; j < IWN_NSAMPLES; j++) { 2429 DPRINTF(("chain %d, sample %d: temp=%d gain=%d " 2430 "power=%d pa_det=%d\n", c, j, 2431 chans[0].samples[c][j].temp, 2432 chans[0].samples[c][j].gain, 2433 chans[0].samples[c][j].power, 2434 chans[0].samples[c][j].pa_det)); 2435 } 2436 } 2437 DPRINTF(("chan2 num=%d\n", chans[1].num)); 2438 for (c = 0; c < IWN_NTXCHAINS; c++) { 2439 for (j = 0; j < IWN_NSAMPLES; j++) { 2440 DPRINTF(("chain %d, sample %d: temp=%d gain=%d " 2441 "power=%d pa_det=%d\n", c, j, 2442 chans[1].samples[c][j].temp, 2443 chans[1].samples[c][j].gain, 2444 chans[1].samples[c][j].power, 2445 chans[1].samples[c][j].pa_det)); 2446 } 2447 } 2448 } 2449 #endif 2450 2451 /* 2452 * Send a command to the firmware. 2453 */ 2454 static int 2455 iwn_cmd(struct iwn_softc *sc, int code, const void *buf, int size, int async) 2456 { 2457 struct iwn_tx_ring *ring = &sc->txq[4]; 2458 struct iwn_tx_desc *desc; 2459 struct iwn_tx_cmd *cmd; 2460 bus_addr_t paddr; 2461 2462 KASSERT(size <= sizeof cmd->data); 2463 2464 desc = &ring->desc[ring->cur]; 2465 cmd = &ring->cmd[ring->cur]; 2466 2467 cmd->code = code; 2468 cmd->flags = 0; 2469 cmd->qid = ring->qid; 2470 cmd->idx = ring->cur; 2471 memcpy(cmd->data, buf, size); 2472 2473 paddr = ring->cmd_dma.paddr + ring->cur * sizeof (struct iwn_tx_cmd); 2474 2475 IWN_SET_DESC_NSEGS(desc, 1); 2476 IWN_SET_DESC_SEG(desc, 0, paddr, 4 + size); 2477 sc->shared->len[ring->qid][ring->cur] = htole16(8); 2478 if (ring->cur < IWN_TX_WINDOW) { 2479 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 2480 htole16(8); 2481 } 2482 2483 /* kick cmd ring */ 2484 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 2485 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 2486 2487 return async ? 0 : tsleep(cmd, PCATCH, "iwncmd", hz); 2488 } 2489 2490 /* 2491 * Configure hardware multi-rate retries for one node. 2492 */ 2493 static int 2494 iwn_setup_node_mrr(struct iwn_softc *sc, uint8_t id, int async) 2495 { 2496 struct ieee80211com *ic = &sc->sc_ic; 2497 struct iwn_cmd_mrr mrr; 2498 int i, ridx; 2499 2500 memset(&mrr, 0, sizeof mrr); 2501 mrr.id = id; 2502 mrr.ssmask = 2; 2503 mrr.dsmask = 3; 2504 mrr.ampdu_disable = 3; 2505 mrr.ampdu_limit = htole16(4000); 2506 2507 if (id == IWN_ID_BSS) 2508 ridx = IWN_OFDM54; 2509 else if (ic->ic_curmode == IEEE80211_MODE_11A) 2510 ridx = IWN_OFDM6; 2511 else 2512 ridx = IWN_CCK1; 2513 for (i = 0; i < IWN_MAX_TX_RETRIES; i++) { 2514 mrr.table[i].rate = iwn_ridx_to_plcp[ridx]; 2515 mrr.table[i].rflags = IWN_RFLAG_ANT_B; 2516 if (ridx <= IWN_CCK11) 2517 mrr.table[i].rflags |= IWN_RFLAG_CCK; 2518 ridx = iwn_prev_ridx[ridx]; 2519 } 2520 return iwn_cmd(sc, IWN_CMD_NODE_MRR_SETUP, &mrr, sizeof mrr, async); 2521 } 2522 2523 static int 2524 iwn_wme_update(struct ieee80211com *ic) 2525 { 2526 #define IWN_EXP2(v) htole16((1 << (v)) - 1) 2527 #define IWN_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2528 struct iwn_softc *sc = ic->ic_ifp->if_softc; 2529 const struct wmeParams *wmep; 2530 struct iwn_wme_setup wme; 2531 int ac; 2532 2533 /* don't override default WME values if WME is not actually enabled */ 2534 if (!(ic->ic_flags & IEEE80211_F_WME)) 2535 return 0; 2536 2537 wme.flags = 0; 2538 for (ac = 0; ac < WME_NUM_AC; ac++) { 2539 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2540 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2541 wme.ac[ac].cwmin = IWN_EXP2(wmep->wmep_logcwmin); 2542 wme.ac[ac].cwmax = IWN_EXP2(wmep->wmep_logcwmax); 2543 wme.ac[ac].txop = IWN_USEC(wmep->wmep_txopLimit); 2544 2545 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2546 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2547 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2548 } 2549 2550 return iwn_cmd(sc, IWN_CMD_SET_WME, &wme, sizeof wme, 1); 2551 #undef IWN_USEC 2552 #undef IWN_EXP2 2553 } 2554 2555 2556 2557 static void 2558 iwn_set_led(struct iwn_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2559 { 2560 struct iwn_cmd_led led; 2561 2562 led.which = which; 2563 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2564 led.off = off; 2565 led.on = on; 2566 2567 (void)iwn_cmd(sc, IWN_CMD_SET_LED, &led, sizeof led, 1); 2568 } 2569 2570 /* 2571 * Set the critical temperature at which the firmware will automatically stop 2572 * the radio transmitter. 2573 */ 2574 static int 2575 iwn_set_critical_temp(struct iwn_softc *sc) 2576 { 2577 struct iwn_ucode_info *uc = &sc->ucode_info; 2578 struct iwn_critical_temp crit; 2579 uint32_t r1, r2, r3, temp; 2580 2581 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_CTEMP_STOP_RF); 2582 2583 r1 = le32toh(uc->temp[0].chan20MHz); 2584 r2 = le32toh(uc->temp[1].chan20MHz); 2585 r3 = le32toh(uc->temp[2].chan20MHz); 2586 /* inverse function of iwn_get_temperature() */ 2587 2588 temp = r2 + ((IWN_CTOK(110) * (r3 - r1)) / 259); 2589 2590 memset(&crit, 0, sizeof crit); 2591 crit.tempR = htole32(temp); 2592 DPRINTF(("setting critical temperature to %u\n", temp)); 2593 return iwn_cmd(sc, IWN_CMD_SET_CRITICAL_TEMP, &crit, sizeof crit, 0); 2594 } 2595 2596 static void 2597 iwn_enable_tsf(struct iwn_softc *sc, struct ieee80211_node *ni) 2598 { 2599 struct iwn_cmd_tsf tsf; 2600 uint64_t val, mod; 2601 2602 memset(&tsf, 0, sizeof tsf); 2603 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8); 2604 tsf.bintval = htole16(ni->ni_intval); 2605 tsf.lintval = htole16(10); 2606 2607 /* compute remaining time until next beacon */ 2608 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 2609 mod = le64toh(tsf.tstamp) % val; 2610 tsf.binitval = htole32((uint32_t)(val - mod)); 2611 2612 DPRINTF(("TSF bintval=%u tstamp=%" PRIu64 ", init=%" PRIu64 "\n", 2613 ni->ni_intval, le64toh(tsf.tstamp), val - mod)); 2614 2615 if (iwn_cmd(sc, IWN_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2616 aprint_error_dev(sc->sc_dev, "could not enable TSF\n"); 2617 } 2618 2619 static void 2620 iwn_power_calibration(struct iwn_softc *sc, int temp) 2621 { 2622 struct ieee80211com *ic = &sc->sc_ic; 2623 2624 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 2625 2626 /* adjust Tx power if need be (delta >= 3C) */ 2627 if (abs(temp - sc->temp) < 3) 2628 return; 2629 2630 sc->temp = temp; 2631 2632 DPRINTF(("setting Tx power for channel %d\n", 2633 ieee80211_chan2ieee(ic, ic->ic_bss->ni_chan))); 2634 if (iwn_set_txpower(sc, ic->ic_bss->ni_chan, 1) != 0) { 2635 /* just warn, too bad for the automatic calibration... */ 2636 aprint_error_dev(sc->sc_dev, "could not adjust Tx power\n"); 2637 } 2638 } 2639 2640 /* 2641 * Set Tx power for a given channel (each rate has its own power settings). 2642 * This function takes into account the regulatory information from EEPROM, 2643 * the current temperature and the current voltage. 2644 */ 2645 static int 2646 iwn_set_txpower(struct iwn_softc *sc, struct ieee80211_channel *ch, int async) 2647 { 2648 /* fixed-point arithmetic division using a n-bit fractional part */ 2649 #define fdivround(a, b, n) \ 2650 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 2651 /* linear interpolation */ 2652 #define interpolate(x, x1, y1, x2, y2, n) \ 2653 ((y1) + fdivround(((int)(x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 2654 2655 static const int tdiv[IWN_NATTEN_GROUPS] = { 9, 8, 8, 8, 6 }; 2656 struct ieee80211com *ic = &sc->sc_ic; 2657 struct iwn_ucode_info *uc = &sc->ucode_info; 2658 struct iwn_cmd_txpower cmd; 2659 struct iwn_eeprom_chan_samples *chans; 2660 const uint8_t *rf_gain, *dsp_gain; 2661 int32_t vdiff, tdiff; 2662 int i, c, grp, maxpwr; 2663 u_int chan; 2664 2665 /* get channel number */ 2666 chan = ieee80211_chan2ieee(ic, ch); 2667 2668 memset(&cmd, 0, sizeof cmd); 2669 cmd.band = IEEE80211_IS_CHAN_5GHZ(ch) ? 0 : 1; 2670 cmd.chan = chan; 2671 2672 if (IEEE80211_IS_CHAN_5GHZ(ch)) { 2673 maxpwr = sc->maxpwr5GHz; 2674 rf_gain = iwn_rf_gain_5ghz; 2675 dsp_gain = iwn_dsp_gain_5ghz; 2676 } else { 2677 maxpwr = sc->maxpwr2GHz; 2678 rf_gain = iwn_rf_gain_2ghz; 2679 dsp_gain = iwn_dsp_gain_2ghz; 2680 } 2681 2682 /* compute voltage compensation */ 2683 vdiff = ((int32_t)le32toh(uc->volt) - sc->eeprom_voltage) / 7; 2684 if (vdiff > 0) 2685 vdiff *= 2; 2686 if (abs(vdiff) > 2) 2687 vdiff = 0; 2688 DPRINTF(("voltage compensation=%d (UCODE=%d, EEPROM=%d)\n", 2689 vdiff, le32toh(uc->volt), sc->eeprom_voltage)); 2690 2691 /* get channel's attenuation group */ 2692 if (chan <= 20) /* 1-20 */ 2693 grp = 4; 2694 else if (chan <= 43) /* 34-43 */ 2695 grp = 0; 2696 else if (chan <= 70) /* 44-70 */ 2697 grp = 1; 2698 else if (chan <= 124) /* 71-124 */ 2699 grp = 2; 2700 else /* 125-200 */ 2701 grp = 3; 2702 DPRINTF(("chan %d, attenuation group=%d\n", chan, grp)); 2703 2704 /* get channel's sub-band */ 2705 for (i = 0; i < IWN_NBANDS; i++) 2706 if (sc->bands[i].lo != 0 && 2707 sc->bands[i].lo <= chan && chan <= sc->bands[i].hi) 2708 break; 2709 chans = sc->bands[i].chans; 2710 DPRINTF(("chan %d sub-band=%d\n", chan, i)); 2711 2712 for (c = 0; c < IWN_NTXCHAINS; c++) { 2713 uint8_t power, gain, temp; 2714 int maxchpwr, pwr, ridx, idx; 2715 2716 power = interpolate(chan, 2717 chans[0].num, chans[0].samples[c][1].power, 2718 chans[1].num, chans[1].samples[c][1].power, 1); 2719 gain = interpolate(chan, 2720 chans[0].num, chans[0].samples[c][1].gain, 2721 chans[1].num, chans[1].samples[c][1].gain, 1); 2722 temp = interpolate(chan, 2723 chans[0].num, chans[0].samples[c][1].temp, 2724 chans[1].num, chans[1].samples[c][1].temp, 1); 2725 DPRINTF(("Tx chain %d: power=%d gain=%d temp=%d\n", 2726 c, power, gain, temp)); 2727 2728 /* compute temperature compensation */ 2729 tdiff = ((sc->temp - temp) * 2) / tdiv[grp]; 2730 DPRINTF(("temperature compensation=%d (current=%d, " 2731 "EEPROM=%d)\n", tdiff, sc->temp, temp)); 2732 2733 for (ridx = 0; ridx <= IWN_RIDX_MAX; ridx++) { 2734 maxchpwr = sc->maxpwr[chan] * 2; 2735 if ((ridx / 8) & 1) { 2736 /* MIMO: decrease Tx power (-3dB) */ 2737 maxchpwr -= 6; 2738 } 2739 2740 pwr = maxpwr - 10; 2741 2742 /* decrease power for highest OFDM rates */ 2743 if ((ridx % 8) == 5) /* 48Mbit/s */ 2744 pwr -= 5; 2745 else if ((ridx % 8) == 6) /* 54Mbit/s */ 2746 pwr -= 7; 2747 else if ((ridx % 8) == 7) /* 60Mbit/s */ 2748 pwr -= 10; 2749 2750 if (pwr > maxchpwr) 2751 pwr = maxchpwr; 2752 2753 idx = gain - (pwr - power) - tdiff - vdiff; 2754 if ((ridx / 8) & 1) /* MIMO */ 2755 idx += (int32_t)le32toh(uc->atten[grp][c]); 2756 2757 if (cmd.band == 0) 2758 idx += 9; /* 5GHz */ 2759 if (ridx == IWN_RIDX_MAX) 2760 idx += 5; /* CCK */ 2761 2762 /* make sure idx stays in a valid range */ 2763 if (idx < 0) 2764 idx = 0; 2765 else if (idx > IWN_MAX_PWR_INDEX) 2766 idx = IWN_MAX_PWR_INDEX; 2767 2768 DPRINTF(("Tx chain %d, rate idx %d: power=%d\n", 2769 c, ridx, idx)); 2770 cmd.power[ridx].rf_gain[c] = rf_gain[idx]; 2771 cmd.power[ridx].dsp_gain[c] = dsp_gain[idx]; 2772 } 2773 } 2774 2775 DPRINTF(("setting tx power for chan %d\n", chan)); 2776 return iwn_cmd(sc, IWN_CMD_TXPOWER, &cmd, sizeof cmd, async); 2777 2778 #undef interpolate 2779 #undef fdivround 2780 } 2781 2782 /* 2783 * Get the best (maximum) RSSI among Rx antennas (in dBm). 2784 */ 2785 static int 2786 iwn_get_rssi(const struct iwn_rx_stat *stat) 2787 { 2788 uint8_t mask, agc; 2789 int rssi; 2790 2791 mask = (le16toh(stat->antenna) >> 4) & 0x7; 2792 agc = (le16toh(stat->agc) >> 7) & 0x7f; 2793 2794 rssi = 0; 2795 if (mask & (1 << 0)) /* Ant A */ 2796 rssi = max(rssi, stat->rssi[0]); 2797 if (mask & (1 << 1)) /* Ant B */ 2798 rssi = max(rssi, stat->rssi[2]); 2799 if (mask & (1 << 2)) /* Ant C */ 2800 rssi = max(rssi, stat->rssi[4]); 2801 2802 return rssi - agc - IWN_RSSI_TO_DBM; 2803 } 2804 2805 /* 2806 * Get the average noise among Rx antennas (in dBm). 2807 */ 2808 static int 2809 iwn_get_noise(const struct iwn_rx_general_stats *stats) 2810 { 2811 int i, total, nbant, noise; 2812 2813 total = nbant = 0; 2814 for (i = 0; i < 3; i++) { 2815 if ((noise = le32toh(stats->noise[i]) & 0xff) == 0) 2816 continue; 2817 total += noise; 2818 nbant++; 2819 } 2820 /* there should be at least one antenna but check anyway */ 2821 return (nbant == 0) ? -127 : (total / nbant) - 107; 2822 } 2823 2824 /* 2825 * Read temperature (in degC) from the on-board thermal sensor. 2826 */ 2827 static int 2828 iwn_get_temperature(struct iwn_softc *sc) 2829 { 2830 struct iwn_ucode_info *uc = &sc->ucode_info; 2831 int32_t r1, r2, r3, r4, temp; 2832 2833 r1 = le32toh(uc->temp[0].chan20MHz); 2834 r2 = le32toh(uc->temp[1].chan20MHz); 2835 r3 = le32toh(uc->temp[2].chan20MHz); 2836 r4 = le32toh(sc->rawtemp); 2837 2838 if (r1 == r3) /* prevents division by 0 (should not happen) */ 2839 return 0; 2840 2841 /* sign-extend 23-bit R4 value to 32-bit */ 2842 r4 = (r4 << 8) >> 8; 2843 /* compute temperature */ 2844 temp = (259 * (r4 - r2)) / (r3 - r1); 2845 temp = (temp * 97) / 100 + 8; 2846 2847 DPRINTF(("temperature %dK/%dC\n", temp, IWN_KTOC(temp))); 2848 return IWN_KTOC(temp); 2849 } 2850 2851 /* 2852 * Initialize sensitivity calibration state machine. 2853 */ 2854 static int 2855 iwn_init_sensitivity(struct iwn_softc *sc) 2856 { 2857 struct iwn_calib_state *calib = &sc->calib; 2858 struct iwn_phy_calib_cmd cmd; 2859 int error; 2860 2861 /* reset calibration state */ 2862 memset(calib, 0, sizeof (*calib)); 2863 calib->state = IWN_CALIB_STATE_INIT; 2864 calib->cck_state = IWN_CCK_STATE_HIFA; 2865 /* initial values taken from the reference driver */ 2866 calib->corr_ofdm_x1 = 105; 2867 calib->corr_ofdm_mrc_x1 = 220; 2868 calib->corr_ofdm_x4 = 90; 2869 calib->corr_ofdm_mrc_x4 = 170; 2870 calib->corr_cck_x4 = 125; 2871 calib->corr_cck_mrc_x4 = 200; 2872 calib->energy_cck = 100; 2873 2874 /* write initial sensitivity values */ 2875 if ((error = iwn_send_sensitivity(sc)) != 0) 2876 return error; 2877 2878 memset(&cmd, 0, sizeof cmd); 2879 cmd.code = IWN_SET_DIFF_GAIN; 2880 /* differential gains initially set to 0 for all 3 antennas */ 2881 DPRINTF(("setting differential gains\n")); 2882 return iwn_cmd(sc, IWN_PHY_CALIB, &cmd, sizeof cmd, 1); 2883 } 2884 2885 /* 2886 * Collect noise and RSSI statistics for the first 20 beacons received 2887 * after association and use them to determine connected antennas and 2888 * set differential gains. 2889 */ 2890 static void 2891 iwn_compute_differential_gain(struct iwn_softc *sc, 2892 const struct iwn_rx_general_stats *stats) 2893 { 2894 struct iwn_calib_state *calib = &sc->calib; 2895 struct iwn_phy_calib_cmd cmd; 2896 int i, val; 2897 2898 /* accumulate RSSI and noise for all 3 antennas */ 2899 for (i = 0; i < 3; i++) { 2900 calib->rssi[i] += le32toh(stats->rssi[i]) & 0xff; 2901 calib->noise[i] += le32toh(stats->noise[i]) & 0xff; 2902 } 2903 2904 /* we update differential gain only once after 20 beacons */ 2905 if (++calib->nbeacons < 20) 2906 return; 2907 2908 /* determine antenna with highest average RSSI */ 2909 val = max(calib->rssi[0], calib->rssi[1]); 2910 val = max(calib->rssi[2], val); 2911 2912 /* determine which antennas are connected */ 2913 sc->antmsk = 0; 2914 for (i = 0; i < 3; i++) 2915 if (val - calib->rssi[i] <= 15 * 20) 2916 sc->antmsk |= 1 << i; 2917 /* if neither Ant A and Ant B are connected.. */ 2918 if ((sc->antmsk & (1 << 0 | 1 << 1)) == 0) 2919 sc->antmsk |= 1 << 1; /* ..mark Ant B as connected! */ 2920 2921 /* get minimal noise among connected antennas */ 2922 val = INT_MAX; /* ok, there's at least one */ 2923 for (i = 0; i < 3; i++) 2924 if (sc->antmsk & (1 << i)) 2925 val = min(calib->noise[i], val); 2926 2927 memset(&cmd, 0, sizeof cmd); 2928 cmd.code = IWN_SET_DIFF_GAIN; 2929 /* set differential gains for connected antennas */ 2930 for (i = 0; i < 3; i++) { 2931 if (sc->antmsk & (1 << i)) { 2932 cmd.gain[i] = (calib->noise[i] - val) / 30; 2933 /* limit differential gain to 3 */ 2934 cmd.gain[i] = min(cmd.gain[i], 3); 2935 cmd.gain[i] |= IWN_GAIN_SET; 2936 } 2937 } 2938 DPRINTF(("setting differential gains Ant A/B/C: %x/%x/%x (%x)\n", 2939 cmd.gain[0], cmd.gain[1], cmd.gain[2], sc->antmsk)); 2940 if (iwn_cmd(sc, IWN_PHY_CALIB, &cmd, sizeof cmd, 1) == 0) 2941 calib->state = IWN_CALIB_STATE_RUN; 2942 } 2943 2944 /* 2945 * Tune RF Rx sensitivity based on the number of false alarms detected 2946 * during the last beacon period. 2947 */ 2948 static void 2949 iwn_tune_sensitivity(struct iwn_softc *sc, const struct iwn_rx_stats *stats) 2950 { 2951 #define inc_clip(val, inc, max) \ 2952 if ((val) < (max)) { \ 2953 if ((val) < (max) - (inc)) \ 2954 (val) += (inc); \ 2955 else \ 2956 (val) = (max); \ 2957 needs_update = 1; \ 2958 } 2959 #define dec_clip(val, dec, min) \ 2960 if ((val) > (min)) { \ 2961 if ((val) > (min) + (dec)) \ 2962 (val) -= (dec); \ 2963 else \ 2964 (val) = (min); \ 2965 needs_update = 1; \ 2966 } 2967 2968 struct iwn_calib_state *calib = &sc->calib; 2969 uint32_t val, rxena, fa; 2970 uint32_t energy[3], energy_min; 2971 uint8_t noise[3], noise_ref; 2972 int i, needs_update = 0; 2973 2974 /* check that we've been enabled long enough */ 2975 if ((rxena = le32toh(stats->general.load)) == 0) 2976 return; 2977 2978 /* compute number of false alarms since last call for OFDM */ 2979 fa = le32toh(stats->ofdm.bad_plcp) - calib->bad_plcp_ofdm; 2980 fa += le32toh(stats->ofdm.fa) - calib->fa_ofdm; 2981 fa *= 200 * 1024; /* 200TU */ 2982 2983 /* save counters values for next call */ 2984 calib->bad_plcp_ofdm = le32toh(stats->ofdm.bad_plcp); 2985 calib->fa_ofdm = le32toh(stats->ofdm.fa); 2986 2987 if (fa > 50 * rxena) { 2988 /* high false alarm count, decrease sensitivity */ 2989 DPRINTFN(2, ("OFDM high false alarm count: %u\n", fa)); 2990 inc_clip(calib->corr_ofdm_x1, 1, 140); 2991 inc_clip(calib->corr_ofdm_mrc_x1, 1, 270); 2992 inc_clip(calib->corr_ofdm_x4, 1, 120); 2993 inc_clip(calib->corr_ofdm_mrc_x4, 1, 210); 2994 2995 } else if (fa < 5 * rxena) { 2996 /* low false alarm count, increase sensitivity */ 2997 DPRINTFN(2, ("OFDM low false alarm count: %u\n", fa)); 2998 dec_clip(calib->corr_ofdm_x1, 1, 105); 2999 dec_clip(calib->corr_ofdm_mrc_x1, 1, 220); 3000 dec_clip(calib->corr_ofdm_x4, 1, 85); 3001 dec_clip(calib->corr_ofdm_mrc_x4, 1, 170); 3002 } 3003 3004 /* compute maximum noise among 3 antennas */ 3005 for (i = 0; i < 3; i++) 3006 noise[i] = (le32toh(stats->general.noise[i]) >> 8) & 0xff; 3007 val = max(noise[0], noise[1]); 3008 val = max(noise[2], val); 3009 /* insert it into our samples table */ 3010 calib->noise_samples[calib->cur_noise_sample] = val; 3011 calib->cur_noise_sample = (calib->cur_noise_sample + 1) % 20; 3012 3013 /* compute maximum noise among last 20 samples */ 3014 noise_ref = calib->noise_samples[0]; 3015 for (i = 1; i < 20; i++) 3016 noise_ref = max(noise_ref, calib->noise_samples[i]); 3017 3018 /* compute maximum energy among 3 antennas */ 3019 for (i = 0; i < 3; i++) 3020 energy[i] = le32toh(stats->general.energy[i]); 3021 val = min(energy[0], energy[1]); 3022 val = min(energy[2], val); 3023 /* insert it into our samples table */ 3024 calib->energy_samples[calib->cur_energy_sample] = val; 3025 calib->cur_energy_sample = (calib->cur_energy_sample + 1) % 10; 3026 3027 /* compute minimum energy among last 10 samples */ 3028 energy_min = calib->energy_samples[0]; 3029 for (i = 1; i < 10; i++) 3030 energy_min = max(energy_min, calib->energy_samples[i]); 3031 energy_min += 6; 3032 3033 /* compute number of false alarms since last call for CCK */ 3034 fa = le32toh(stats->cck.bad_plcp) - calib->bad_plcp_cck; 3035 fa += le32toh(stats->cck.fa) - calib->fa_cck; 3036 fa *= 200 * 1024; /* 200TU */ 3037 3038 /* save counters values for next call */ 3039 calib->bad_plcp_cck = le32toh(stats->cck.bad_plcp); 3040 calib->fa_cck = le32toh(stats->cck.fa); 3041 3042 if (fa > 50 * rxena) { 3043 /* high false alarm count, decrease sensitivity */ 3044 DPRINTFN(2, ("CCK high false alarm count: %u\n", fa)); 3045 calib->cck_state = IWN_CCK_STATE_HIFA; 3046 calib->low_fa = 0; 3047 3048 if (calib->corr_cck_x4 > 160) { 3049 calib->noise_ref = noise_ref; 3050 if (calib->energy_cck > 2) 3051 dec_clip(calib->energy_cck, 2, energy_min); 3052 } 3053 if (calib->corr_cck_x4 < 160) { 3054 calib->corr_cck_x4 = 161; 3055 needs_update = 1; 3056 } else 3057 inc_clip(calib->corr_cck_x4, 3, 200); 3058 3059 inc_clip(calib->corr_cck_mrc_x4, 3, 400); 3060 3061 } else if (fa < 5 * rxena) { 3062 /* low false alarm count, increase sensitivity */ 3063 DPRINTFN(2, ("CCK low false alarm count: %u\n", fa)); 3064 calib->cck_state = IWN_CCK_STATE_LOFA; 3065 calib->low_fa++; 3066 3067 if (calib->cck_state != 0 && 3068 ((calib->noise_ref - noise_ref) > 2 || 3069 calib->low_fa > 100)) { 3070 inc_clip(calib->energy_cck, 2, 97); 3071 dec_clip(calib->corr_cck_x4, 3, 125); 3072 dec_clip(calib->corr_cck_mrc_x4, 3, 200); 3073 } 3074 } else { 3075 /* not worth to increase or decrease sensitivity */ 3076 DPRINTFN(2, ("CCK normal false alarm count: %u\n", fa)); 3077 calib->low_fa = 0; 3078 calib->noise_ref = noise_ref; 3079 3080 if (calib->cck_state == IWN_CCK_STATE_HIFA) { 3081 /* previous interval had many false alarms */ 3082 dec_clip(calib->energy_cck, 8, energy_min); 3083 } 3084 calib->cck_state = IWN_CCK_STATE_INIT; 3085 } 3086 3087 if (needs_update) 3088 (void)iwn_send_sensitivity(sc); 3089 #undef dec_clip 3090 #undef inc_clip 3091 } 3092 3093 static int 3094 iwn_send_sensitivity(struct iwn_softc *sc) 3095 { 3096 struct iwn_calib_state *calib = &sc->calib; 3097 struct iwn_sensitivity_cmd cmd; 3098 3099 memset(&cmd, 0, sizeof cmd); 3100 cmd.which = IWN_SENSITIVITY_WORKTBL; 3101 /* OFDM modulation */ 3102 cmd.corr_ofdm_x1 = le16toh(calib->corr_ofdm_x1); 3103 cmd.corr_ofdm_mrc_x1 = le16toh(calib->corr_ofdm_mrc_x1); 3104 cmd.corr_ofdm_x4 = le16toh(calib->corr_ofdm_x4); 3105 cmd.corr_ofdm_mrc_x4 = le16toh(calib->corr_ofdm_mrc_x4); 3106 cmd.energy_ofdm = le16toh(100); 3107 cmd.energy_ofdm_th = le16toh(62); 3108 /* CCK modulation */ 3109 cmd.corr_cck_x4 = le16toh(calib->corr_cck_x4); 3110 cmd.corr_cck_mrc_x4 = le16toh(calib->corr_cck_mrc_x4); 3111 cmd.energy_cck = le16toh(calib->energy_cck); 3112 /* Barker modulation: use default values */ 3113 cmd.corr_barker = le16toh(190); 3114 cmd.corr_barker_mrc = le16toh(390); 3115 3116 DPRINTFN(2, ("setting sensitivity\n")); 3117 return iwn_cmd(sc, IWN_SENSITIVITY, &cmd, sizeof cmd, 1); 3118 } 3119 3120 static int 3121 iwn_add_node(struct iwn_softc *sc, struct ieee80211_node *ni, bool broadcast, 3122 bool async) 3123 { 3124 struct iwn_node_info node; 3125 int error; 3126 3127 error = 0; 3128 3129 memset(&node, 0, sizeof node); 3130 if (broadcast == true) { 3131 IEEE80211_ADDR_COPY(node.macaddr, etherbroadcastaddr); 3132 node.id = IWN_ID_BROADCAST; 3133 DPRINTF(("adding broadcast node\n")); 3134 } else { 3135 IEEE80211_ADDR_COPY(node.macaddr, ni->ni_macaddr); 3136 node.id = IWN_ID_BSS; 3137 node.htflags = htole32(3 << IWN_AMDPU_SIZE_FACTOR_SHIFT | 3138 5 << IWN_AMDPU_DENSITY_SHIFT); 3139 DPRINTF(("adding BSS node\n")); 3140 } 3141 3142 error = iwn_cmd(sc, IWN_CMD_ADD_NODE, &node, sizeof node, async); 3143 if (error != 0) { 3144 aprint_error_dev(sc->sc_dev, "could not add %s node\n", 3145 (broadcast == 1)? "broadcast" : "BSS"); 3146 return error; 3147 } 3148 DPRINTF(("setting MRR for node %d\n", node.id)); 3149 if ((error = iwn_setup_node_mrr(sc, node.id, async)) != 0) { 3150 aprint_error_dev(sc->sc_dev, 3151 "could not setup MRR for %s node\n", 3152 (broadcast == 1)? "broadcast" : "BSS"); 3153 return error; 3154 } 3155 3156 return error; 3157 } 3158 3159 static int 3160 iwn_auth(struct iwn_softc *sc) 3161 { 3162 struct ieee80211com *ic = &sc->sc_ic; 3163 struct ieee80211_node *ni = ic->ic_bss; 3164 int error; 3165 3166 /* update adapter's configuration */ 3167 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 3168 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 3169 sc->config.flags = htole32(IWN_CONFIG_TSF); 3170 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 3171 sc->config.flags |= htole32(IWN_CONFIG_AUTO | 3172 IWN_CONFIG_24GHZ); 3173 } 3174 switch (ic->ic_curmode) { 3175 case IEEE80211_MODE_11A: 3176 sc->config.cck_mask = 0; 3177 sc->config.ofdm_mask = 0x15; 3178 break; 3179 case IEEE80211_MODE_11B: 3180 sc->config.cck_mask = 0x03; 3181 sc->config.ofdm_mask = 0; 3182 break; 3183 default: /* assume 802.11b/g */ 3184 sc->config.cck_mask = 0xf; 3185 sc->config.ofdm_mask = 0x15; 3186 } 3187 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 3188 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 3189 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3190 sizeof (struct iwn_config), 1); 3191 if (error != 0) { 3192 aprint_error_dev(sc->sc_dev, "could not configure\n"); 3193 return error; 3194 } 3195 3196 /* configuration has changed, set Tx power accordingly */ 3197 if ((error = iwn_set_txpower(sc, ni->ni_chan, 1)) != 0) { 3198 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3199 return error; 3200 } 3201 3202 /* 3203 * Reconfiguring clears the adapter's nodes table so we must 3204 * add the broadcast node again. 3205 */ 3206 if ((error = iwn_add_node(sc, ni, true, true)) != 0) 3207 return error; 3208 3209 /* add BSS node */ 3210 if ((error = iwn_add_node(sc, ni, false, true)) != 0) 3211 return error; 3212 3213 if (ic->ic_opmode == IEEE80211_M_STA) { 3214 /* fake a join to init the tx rate */ 3215 iwn_newassoc(ni, 1); 3216 } 3217 3218 if ((error = iwn_init_sensitivity(sc)) != 0) { 3219 aprint_error_dev(sc->sc_dev, "could not set sensitivity\n"); 3220 return error; 3221 } 3222 3223 3224 return 0; 3225 } 3226 3227 /* 3228 * Configure the adapter for associated state. 3229 */ 3230 static int 3231 iwn_run(struct iwn_softc *sc) 3232 { 3233 struct ieee80211com *ic = &sc->sc_ic; 3234 struct ieee80211_node *ni = ic->ic_bss; 3235 int error; 3236 3237 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 3238 /* link LED blinks while monitoring */ 3239 iwn_set_led(sc, IWN_LED_LINK, 5, 5); 3240 return 0; 3241 } 3242 3243 iwn_enable_tsf(sc, ni); 3244 3245 /* update adapter's configuration */ 3246 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 3247 /* short preamble/slot time are negotiated when associating */ 3248 sc->config.flags &= ~htole32(IWN_CONFIG_SHPREAMBLE | 3249 IWN_CONFIG_SHSLOT); 3250 if (ic->ic_flags & IEEE80211_F_SHSLOT) 3251 sc->config.flags |= htole32(IWN_CONFIG_SHSLOT); 3252 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 3253 sc->config.flags |= htole32(IWN_CONFIG_SHPREAMBLE); 3254 sc->config.filter |= htole32(IWN_FILTER_BSS); 3255 3256 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 3257 sc->config.flags)); 3258 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3259 sizeof (struct iwn_config), 1); 3260 if (error != 0) { 3261 aprint_error_dev(sc->sc_dev, 3262 "could not update configuration\n"); 3263 return error; 3264 } 3265 3266 /* configuration has changed, set Tx power accordingly */ 3267 if ((error = iwn_set_txpower(sc, ni->ni_chan, 1)) != 0) { 3268 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3269 return error; 3270 } 3271 3272 /* add BSS node */ 3273 iwn_add_node(sc, ni, false, true); 3274 3275 if (ic->ic_opmode == IEEE80211_M_STA) { 3276 /* fake a join to init the tx rate */ 3277 iwn_newassoc(ni, 1); 3278 } 3279 3280 if ((error = iwn_init_sensitivity(sc)) != 0) { 3281 aprint_error_dev(sc->sc_dev, "could not set sensitivity\n"); 3282 return error; 3283 } 3284 3285 /* start periodic calibration timer */ 3286 sc->calib.state = IWN_CALIB_STATE_ASSOC; 3287 sc->calib_cnt = 0; 3288 callout_schedule(&sc->calib_to, hz / 2); 3289 3290 if (0 == 1) { /* XXX don't do the beacon - we get a firmware error 3291 XXX when we try. Something is wrong with the 3292 XXX setup of the frame. Just don't ever call 3293 XXX the function but reference it to keep gcc happy 3294 */ 3295 /* now we are associated set up the beacon frame */ 3296 if ((error = iwn_setup_beacon(sc, ni))) { 3297 aprint_error_dev(sc->sc_dev, 3298 "could not setup beacon frame\n"); 3299 return error; 3300 } 3301 } 3302 3303 3304 /* link LED always on while associated */ 3305 iwn_set_led(sc, IWN_LED_LINK, 0, 1); 3306 3307 return 0; 3308 } 3309 3310 /* 3311 * Send a scan request to the firmware. Since this command is huge, we map it 3312 * into a mbuf instead of using the pre-allocated set of commands. 3313 */ 3314 static int 3315 iwn_scan(struct iwn_softc *sc, uint16_t flags) 3316 { 3317 struct ieee80211com *ic = &sc->sc_ic; 3318 struct iwn_tx_ring *ring = &sc->txq[4]; 3319 struct iwn_tx_desc *desc; 3320 struct iwn_tx_data *data; 3321 struct iwn_tx_cmd *cmd; 3322 struct iwn_cmd_data *tx; 3323 struct iwn_scan_hdr *hdr; 3324 struct iwn_scan_essid *essid; 3325 struct iwn_scan_chan *chan; 3326 struct ieee80211_frame *wh; 3327 struct ieee80211_rateset *rs; 3328 struct ieee80211_channel *c; 3329 enum ieee80211_phymode mode; 3330 uint8_t *frm; 3331 int pktlen, error, nrates; 3332 3333 desc = &ring->desc[ring->cur]; 3334 data = &ring->data[ring->cur]; 3335 3336 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 3337 if (data->m == NULL) { 3338 aprint_error_dev(sc->sc_dev, "could not allocate mbuf for scan command\n"); 3339 return ENOMEM; 3340 } 3341 MCLGET(data->m, M_DONTWAIT); 3342 if (!(data->m->m_flags & M_EXT)) { 3343 m_freem(data->m); 3344 data->m = NULL; 3345 aprint_error_dev(sc->sc_dev, "could not allocate mbuf for scan command\n"); 3346 return ENOMEM; 3347 } 3348 3349 cmd = mtod(data->m, struct iwn_tx_cmd *); 3350 cmd->code = IWN_CMD_SCAN; 3351 cmd->flags = 0; 3352 cmd->qid = ring->qid; 3353 cmd->idx = ring->cur; 3354 3355 hdr = (struct iwn_scan_hdr *)cmd->data; 3356 memset(hdr, 0, sizeof (struct iwn_scan_hdr)); 3357 /* 3358 * Move to the next channel if no packets are received within 5 msecs 3359 * after sending the probe request (this helps to reduce the duration 3360 * of active scans). 3361 */ 3362 hdr->quiet = htole16(5); /* timeout in milliseconds */ 3363 hdr->plcp_threshold = htole16(1); /* min # of packets */ 3364 3365 /* select Ant B and Ant C for scanning */ 3366 hdr->rxchain = htole16(0x3e1 | 7 << IWN_RXCHAIN_ANTMSK_SHIFT); 3367 3368 tx = (struct iwn_cmd_data *)(hdr + 1); 3369 memset(tx, 0, sizeof (struct iwn_cmd_data)); 3370 tx->flags = htole32(IWN_TX_AUTO_SEQ | 0x200); // XXX 3371 tx->id = IWN_ID_BROADCAST; 3372 tx->lifetime = htole32(IWN_LIFETIME_INFINITE); 3373 tx->rflags = IWN_RFLAG_ANT_B; 3374 3375 if (flags & IEEE80211_CHAN_A) { 3376 hdr->crc_threshold = htole16(1); 3377 /* send probe requests at 6Mbps */ 3378 tx->rate = iwn_ridx_to_plcp[IWN_OFDM6]; 3379 } else { 3380 hdr->flags = htole32(IWN_CONFIG_24GHZ | IWN_CONFIG_AUTO); 3381 /* send probe requests at 1Mbps */ 3382 tx->rate = iwn_ridx_to_plcp[IWN_CCK1]; 3383 tx->rflags |= IWN_RFLAG_CCK; 3384 } 3385 3386 essid = (struct iwn_scan_essid *)(tx + 1); 3387 memset(essid, 0, 4 * sizeof (struct iwn_scan_essid)); 3388 essid[0].id = IEEE80211_ELEMID_SSID; 3389 essid[0].len = ic->ic_des_esslen; 3390 memcpy(essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 3391 3392 /* 3393 * Build a probe request frame. Most of the following code is a 3394 * copy & paste of what is done in net80211. 3395 */ 3396 wh = (struct ieee80211_frame *)&essid[4]; 3397 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 3398 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 3399 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 3400 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 3401 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 3402 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 3403 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 3404 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 3405 3406 frm = (uint8_t *)(wh + 1); 3407 3408 /* add empty SSID IE (firmware generates it for directed scans) */ 3409 *frm++ = IEEE80211_ELEMID_SSID; 3410 *frm++ = 0; 3411 3412 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 3413 rs = &ic->ic_sup_rates[mode]; 3414 3415 /* add supported rates IE */ 3416 3417 *frm++ = IEEE80211_ELEMID_RATES; 3418 nrates = rs->rs_nrates; 3419 if (nrates > IEEE80211_RATE_SIZE) 3420 nrates = IEEE80211_RATE_SIZE; 3421 *frm++ = nrates; 3422 memcpy(frm, rs->rs_rates, nrates); 3423 frm += nrates; 3424 3425 /* add supported xrates IE */ 3426 3427 if (rs->rs_nrates > IEEE80211_RATE_SIZE) { 3428 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 3429 *frm++ = IEEE80211_ELEMID_XRATES; 3430 *frm++ = nrates; 3431 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 3432 frm += nrates; 3433 } 3434 3435 /* setup length of probe request */ 3436 tx->len = htole16(frm - (uint8_t *)wh); 3437 3438 chan = (struct iwn_scan_chan *)frm; 3439 for (c = &ic->ic_channels[1]; 3440 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 3441 if ((c->ic_flags & flags) != flags) 3442 continue; 3443 3444 chan->chan = ieee80211_chan2ieee(ic, c); 3445 chan->flags = 0; 3446 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 3447 chan->flags |= IWN_CHAN_ACTIVE; 3448 if (ic->ic_des_esslen != 0) 3449 chan->flags |= IWN_CHAN_DIRECT; 3450 } 3451 chan->dsp_gain = 0x6e; 3452 if (IEEE80211_IS_CHAN_5GHZ(c)) { 3453 chan->rf_gain = 0x3b; 3454 chan->active = htole16(10); 3455 chan->passive = htole16(110); 3456 } else { 3457 chan->rf_gain = 0x28; 3458 chan->active = htole16(20); 3459 chan->passive = htole16(120); 3460 } 3461 hdr->nchan++; 3462 chan++; 3463 3464 frm += sizeof (struct iwn_scan_chan); 3465 } 3466 3467 hdr->len = htole16(frm - (uint8_t *)hdr); 3468 pktlen = frm - (uint8_t *)cmd; 3469 3470 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, NULL, 3471 BUS_DMA_NOWAIT); 3472 if (error) { 3473 aprint_error_dev(sc->sc_dev, "could not map scan command\n"); 3474 m_freem(data->m); 3475 data->m = NULL; 3476 return error; 3477 } 3478 3479 IWN_SET_DESC_NSEGS(desc, 1); 3480 IWN_SET_DESC_SEG(desc, 0, data->map->dm_segs[0].ds_addr, 3481 data->map->dm_segs[0].ds_len); 3482 sc->shared->len[ring->qid][ring->cur] = htole16(8); 3483 if (ring->cur < IWN_TX_WINDOW) { 3484 sc->shared->len[ring->qid][ring->cur + IWN_TX_RING_COUNT] = 3485 htole16(8); 3486 } 3487 3488 /* kick cmd ring */ 3489 ring->cur = (ring->cur + 1) % IWN_TX_RING_COUNT; 3490 IWN_WRITE(sc, IWN_TX_WIDX, ring->qid << 8 | ring->cur); 3491 3492 return 0; /* will be notified async. of failure/success */ 3493 } 3494 3495 static int 3496 iwn_config(struct iwn_softc *sc) 3497 { 3498 struct ieee80211com *ic = &sc->sc_ic; 3499 struct ifnet *ifp = ic->ic_ifp; 3500 struct iwn_power power; 3501 struct iwn_bluetooth bluetooth; 3502 int error; 3503 3504 /* set power mode */ 3505 memset(&power, 0, sizeof power); 3506 power.flags = htole16(IWN_POWER_CAM | 0x8); 3507 DPRINTF(("setting power mode\n")); 3508 error = iwn_cmd(sc, IWN_CMD_SET_POWER_MODE, &power, sizeof power, 0); 3509 if (error != 0) { 3510 aprint_error_dev(sc->sc_dev, "could not set power mode\n"); 3511 return error; 3512 } 3513 3514 /* configure bluetooth coexistence */ 3515 memset(&bluetooth, 0, sizeof bluetooth); 3516 bluetooth.flags = 3; 3517 bluetooth.lead = 0xaa; 3518 bluetooth.kill = 1; 3519 DPRINTF(("configuring bluetooth coexistence\n")); 3520 error = iwn_cmd(sc, IWN_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 3521 0); 3522 if (error != 0) { 3523 aprint_error_dev(sc->sc_dev, "could not configure bluetooth coexistence\n"); 3524 return error; 3525 } 3526 3527 /* configure adapter */ 3528 memset(&sc->config, 0, sizeof (struct iwn_config)); 3529 IEEE80211_ADDR_COPY(ic->ic_myaddr, CLLADDR(ifp->if_sadl)); 3530 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 3531 IEEE80211_ADDR_COPY(sc->config.wlap, ic->ic_myaddr); 3532 /* set default channel */ 3533 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 3534 sc->config.flags = htole32(IWN_CONFIG_TSF); 3535 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 3536 sc->config.flags |= htole32(IWN_CONFIG_AUTO | 3537 IWN_CONFIG_24GHZ); 3538 } 3539 sc->config.filter = 0; 3540 switch (ic->ic_opmode) { 3541 case IEEE80211_M_STA: 3542 sc->config.mode = IWN_MODE_STA; 3543 sc->config.filter |= htole32(IWN_FILTER_MULTICAST); 3544 break; 3545 case IEEE80211_M_IBSS: 3546 case IEEE80211_M_AHDEMO: 3547 sc->config.mode = IWN_MODE_IBSS; 3548 break; 3549 case IEEE80211_M_HOSTAP: 3550 sc->config.mode = IWN_MODE_HOSTAP; 3551 break; 3552 case IEEE80211_M_MONITOR: 3553 sc->config.mode = IWN_MODE_MONITOR; 3554 sc->config.filter |= htole32(IWN_FILTER_MULTICAST | 3555 IWN_FILTER_CTL | IWN_FILTER_PROMISC); 3556 break; 3557 } 3558 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 3559 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 3560 sc->config.ht_single_mask = 0xff; 3561 sc->config.ht_dual_mask = 0xff; 3562 sc->config.rxchain = htole16(0x2800 | 7 << IWN_RXCHAIN_ANTMSK_SHIFT); 3563 DPRINTF(("setting configuration\n")); 3564 error = iwn_cmd(sc, IWN_CMD_CONFIGURE, &sc->config, 3565 sizeof (struct iwn_config), 0); 3566 if (error != 0) { 3567 aprint_error_dev(sc->sc_dev, "configure command failed\n"); 3568 return error; 3569 } 3570 3571 /* configuration has changed, set Tx power accordingly */ 3572 if ((error = iwn_set_txpower(sc, ic->ic_ibss_chan, 0)) != 0) { 3573 aprint_error_dev(sc->sc_dev, "could not set Tx power\n"); 3574 return error; 3575 } 3576 3577 /* add broadcast node */ 3578 if ((error = iwn_add_node(sc, NULL, true, false)) != 0) 3579 return error; 3580 3581 if ((error = iwn_set_critical_temp(sc)) != 0) { 3582 aprint_error_dev(sc->sc_dev, "could not set critical temperature\n"); 3583 return error; 3584 } 3585 3586 return 0; 3587 } 3588 3589 /* 3590 * Do post-alive initialization of the NIC (after firmware upload). 3591 */ 3592 static void 3593 iwn_post_alive(struct iwn_softc *sc) 3594 { 3595 uint32_t base; 3596 uint16_t offset; 3597 int qid; 3598 3599 iwn_mem_lock(sc); 3600 3601 /* clear SRAM */ 3602 base = iwn_mem_read(sc, IWN_SRAM_BASE); 3603 for (offset = 0x380; offset < 0x520; offset += 4) { 3604 IWN_WRITE(sc, IWN_MEM_WADDR, base + offset); 3605 IWN_WRITE(sc, IWN_MEM_WDATA, 0); 3606 } 3607 3608 /* shared area is aligned on a 1K boundary */ 3609 iwn_mem_write(sc, IWN_SRAM_BASE, sc->shared_dma.paddr >> 10); 3610 iwn_mem_write(sc, IWN_SELECT_QCHAIN, 0); 3611 3612 for (qid = 0; qid < IWN_NTXQUEUES; qid++) { 3613 iwn_mem_write(sc, IWN_QUEUE_RIDX(qid), 0); 3614 IWN_WRITE(sc, IWN_TX_WIDX, qid << 8 | 0); 3615 3616 /* set sched. window size */ 3617 IWN_WRITE(sc, IWN_MEM_WADDR, base + IWN_QUEUE_OFFSET(qid)); 3618 IWN_WRITE(sc, IWN_MEM_WDATA, 64); 3619 /* set sched. frame limit */ 3620 IWN_WRITE(sc, IWN_MEM_WADDR, base + IWN_QUEUE_OFFSET(qid) + 4); 3621 IWN_WRITE(sc, IWN_MEM_WDATA, 64 << 16); 3622 } 3623 3624 /* enable interrupts for all 16 queues */ 3625 iwn_mem_write(sc, IWN_QUEUE_INTR_MASK, 0xffff); 3626 3627 /* identify active Tx rings (0-7) */ 3628 iwn_mem_write(sc, IWN_TX_ACTIVE, 0xff); 3629 3630 /* mark Tx rings (4 EDCA + cmd + 2 HCCA) as active */ 3631 for (qid = 0; qid < 7; qid++) { 3632 iwn_mem_write(sc, IWN_TXQ_STATUS(qid), 3633 IWN_TXQ_STATUS_ACTIVE | qid << 1); 3634 } 3635 3636 iwn_mem_unlock(sc); 3637 } 3638 3639 static void 3640 iwn_stop_master(struct iwn_softc *sc) 3641 { 3642 uint32_t tmp; 3643 int ntries; 3644 3645 tmp = IWN_READ(sc, IWN_RESET); 3646 IWN_WRITE(sc, IWN_RESET, tmp | IWN_STOP_MASTER); 3647 3648 tmp = IWN_READ(sc, IWN_GPIO_CTL); 3649 if ((tmp & IWN_GPIO_PWR_STATUS) == IWN_GPIO_PWR_SLEEP) 3650 return; /* already asleep */ 3651 3652 for (ntries = 0; ntries < 100; ntries++) { 3653 if (IWN_READ(sc, IWN_RESET) & IWN_MASTER_DISABLED) 3654 break; 3655 DELAY(10); 3656 } 3657 if (ntries == 100) { 3658 aprint_error_dev(sc->sc_dev, "timeout waiting for master\n"); 3659 } 3660 } 3661 3662 static int 3663 iwn_reset(struct iwn_softc *sc) 3664 { 3665 uint32_t tmp; 3666 int ntries; 3667 3668 /* clear any pending interrupts */ 3669 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3670 3671 tmp = IWN_READ(sc, IWN_CHICKEN); 3672 IWN_WRITE(sc, IWN_CHICKEN, tmp | IWN_CHICKEN_DISLOS); 3673 3674 tmp = IWN_READ(sc, IWN_GPIO_CTL); 3675 IWN_WRITE(sc, IWN_GPIO_CTL, tmp | IWN_GPIO_INIT); 3676 3677 /* wait for clock stabilization */ 3678 for (ntries = 0; ntries < 1000; ntries++) { 3679 if (IWN_READ(sc, IWN_GPIO_CTL) & IWN_GPIO_CLOCK) 3680 break; 3681 DELAY(10); 3682 } 3683 if (ntries == 1000) { 3684 aprint_error_dev(sc->sc_dev, "timeout waiting for clock stabilization\n"); 3685 return ETIMEDOUT; 3686 } 3687 return 0; 3688 } 3689 3690 static void 3691 iwn_hw_config(struct iwn_softc *sc) 3692 { 3693 uint32_t tmp, hw; 3694 3695 /* enable interrupts mitigation */ 3696 IWN_WRITE(sc, IWN_INTR_MIT, 512 / 32); 3697 3698 /* voodoo from the reference driver */ 3699 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 3700 tmp = PCI_REVISION(tmp); 3701 if ((tmp & 0x80) && (tmp & 0x7f) < 8) { 3702 /* enable "no snoop" field */ 3703 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0xe8); 3704 tmp &= ~IWN_DIS_NOSNOOP; 3705 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0xe8, tmp); 3706 } 3707 3708 /* disable L1 entry to work around a hardware bug */ 3709 tmp = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0xf0); 3710 tmp &= ~IWN_ENA_L1; 3711 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0xf0, tmp); 3712 3713 hw = IWN_READ(sc, IWN_HWCONFIG); 3714 IWN_WRITE(sc, IWN_HWCONFIG, hw | 0x310); 3715 3716 iwn_mem_lock(sc); 3717 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3718 iwn_mem_write(sc, IWN_MEM_POWER, tmp | IWN_POWER_RESET); 3719 DELAY(5); 3720 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3721 iwn_mem_write(sc, IWN_MEM_POWER, tmp & ~IWN_POWER_RESET); 3722 iwn_mem_unlock(sc); 3723 } 3724 3725 static int 3726 iwn_init(struct ifnet *ifp) 3727 { 3728 struct iwn_softc *sc = ifp->if_softc; 3729 struct ieee80211com *ic = &sc->sc_ic; 3730 uint32_t tmp; 3731 int error, qid; 3732 3733 iwn_stop(ifp, 1); 3734 if ((error = iwn_reset(sc)) != 0) { 3735 aprint_error_dev(sc->sc_dev, "could not reset adapter\n"); 3736 goto fail1; 3737 } 3738 3739 iwn_mem_lock(sc); 3740 iwn_mem_read(sc, IWN_CLOCK_CTL); 3741 iwn_mem_write(sc, IWN_CLOCK_CTL, 0xa00); 3742 iwn_mem_read(sc, IWN_CLOCK_CTL); 3743 iwn_mem_unlock(sc); 3744 3745 DELAY(20); 3746 3747 iwn_mem_lock(sc); 3748 tmp = iwn_mem_read(sc, IWN_MEM_PCIDEV); 3749 iwn_mem_write(sc, IWN_MEM_PCIDEV, tmp | 0x800); 3750 iwn_mem_unlock(sc); 3751 3752 iwn_mem_lock(sc); 3753 tmp = iwn_mem_read(sc, IWN_MEM_POWER); 3754 iwn_mem_write(sc, IWN_MEM_POWER, tmp & ~0x03000000); 3755 iwn_mem_unlock(sc); 3756 3757 iwn_hw_config(sc); 3758 3759 /* init Rx ring */ 3760 iwn_mem_lock(sc); 3761 IWN_WRITE(sc, IWN_RX_CONFIG, 0); 3762 IWN_WRITE(sc, IWN_RX_WIDX, 0); 3763 /* Rx ring is aligned on a 256-byte boundary */ 3764 IWN_WRITE(sc, IWN_RX_BASE, sc->rxq.desc_dma.paddr >> 8); 3765 /* shared area is aligned on a 16-byte boundary */ 3766 IWN_WRITE(sc, IWN_RW_WIDX_PTR, (sc->shared_dma.paddr + 3767 offsetof(struct iwn_shared, closed_count)) >> 4); 3768 IWN_WRITE(sc, IWN_RX_CONFIG, 0x80601000); 3769 iwn_mem_unlock(sc); 3770 3771 IWN_WRITE(sc, IWN_RX_WIDX, (IWN_RX_RING_COUNT - 1) & ~7); 3772 3773 iwn_mem_lock(sc); 3774 iwn_mem_write(sc, IWN_TX_ACTIVE, 0); 3775 3776 /* set physical address of "keep warm" page */ 3777 IWN_WRITE(sc, IWN_KW_BASE, sc->kw_dma.paddr >> 4); 3778 3779 /* init Tx rings */ 3780 for (qid = 0; qid < IWN_NTXQUEUES; qid++) { 3781 struct iwn_tx_ring *txq = &sc->txq[qid]; 3782 IWN_WRITE(sc, IWN_TX_BASE(qid), txq->desc_dma.paddr >> 8); 3783 IWN_WRITE(sc, IWN_TX_CONFIG(qid), 0x80000008); 3784 } 3785 iwn_mem_unlock(sc); 3786 3787 /* clear "radio off" and "disable command" bits (reversed logic) */ 3788 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3789 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_DISABLE_CMD); 3790 3791 /* clear any pending interrupts */ 3792 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3793 /* enable interrupts */ 3794 IWN_WRITE(sc, IWN_MASK, IWN_INTR_MASK); 3795 3796 /* not sure why/if this is necessary... */ 3797 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3798 IWN_WRITE(sc, IWN_UCODE_CLR, IWN_RADIO_OFF); 3799 3800 /* check that the radio is not disabled by RF switch */ 3801 if (!(IWN_READ(sc, IWN_GPIO_CTL) & IWN_GPIO_RF_ENABLED)) { 3802 aprint_error_dev(sc->sc_dev, "radio is disabled by hardware switch\n"); 3803 error = EBUSY; /* XXX ;-) */ 3804 goto fail1; 3805 } 3806 3807 if ((error = iwn_load_firmware(sc)) != 0) { 3808 aprint_error_dev(sc->sc_dev, "could not load firmware\n"); 3809 goto fail1; 3810 } 3811 3812 /* firmware has notified us that it is alive.. */ 3813 iwn_post_alive(sc); /* ..do post alive initialization */ 3814 3815 sc->rawtemp = sc->ucode_info.temp[3].chan20MHz; 3816 sc->temp = iwn_get_temperature(sc); 3817 DPRINTF(("temperature=%d\n", sc->temp)); 3818 3819 if ((error = iwn_config(sc)) != 0) { 3820 aprint_error_dev(sc->sc_dev, "could not configure device\n"); 3821 goto fail1; 3822 } 3823 3824 DPRINTF(("iwn_config end\n")); 3825 3826 ifp->if_flags &= ~IFF_OACTIVE; 3827 ifp->if_flags |= IFF_RUNNING; 3828 3829 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3830 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3831 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3832 } 3833 else 3834 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3835 3836 DPRINTF(("iwn_init ok\n")); 3837 return 0; 3838 3839 fail1: 3840 DPRINTF(("iwn_init error\n")); 3841 iwn_stop(ifp, 1); 3842 return error; 3843 } 3844 3845 static void 3846 iwn_stop(struct ifnet *ifp, int disable) 3847 { 3848 struct iwn_softc *sc = ifp->if_softc; 3849 struct ieee80211com *ic = &sc->sc_ic; 3850 uint32_t tmp; 3851 int i; 3852 3853 ifp->if_timer = sc->sc_tx_timer = 0; 3854 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3855 3856 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3857 3858 IWN_WRITE(sc, IWN_RESET, IWN_NEVO_RESET); 3859 3860 /* disable interrupts */ 3861 IWN_WRITE(sc, IWN_MASK, 0); 3862 IWN_WRITE(sc, IWN_INTR, 0xffffffff); 3863 IWN_WRITE(sc, IWN_INTR_STATUS, 0xffffffff); 3864 3865 /* make sure we no longer hold the memory lock */ 3866 iwn_mem_unlock(sc); 3867 3868 /* reset all Tx rings */ 3869 for (i = 0; i < IWN_NTXQUEUES; i++) 3870 iwn_reset_tx_ring(sc, &sc->txq[i]); 3871 3872 /* reset Rx ring */ 3873 iwn_reset_rx_ring(sc, &sc->rxq); 3874 3875 iwn_mem_lock(sc); 3876 iwn_mem_write(sc, IWN_MEM_CLOCK2, 0x200); 3877 iwn_mem_unlock(sc); 3878 3879 DELAY(5); 3880 3881 iwn_stop_master(sc); 3882 tmp = IWN_READ(sc, IWN_RESET); 3883 IWN_WRITE(sc, IWN_RESET, tmp | IWN_SW_RESET); 3884 } 3885 3886 static bool 3887 iwn_resume(device_t dv PMF_FN_ARGS) 3888 { 3889 struct iwn_softc *sc = device_private(dv); 3890 3891 (void)iwn_reset(sc); 3892 3893 return true; 3894 } 3895
Indexes created Sat Sep 27 22:09:54 GMT 2025