if_wpi.c revision 1.17.4.4
1 /* $NetBSD: if_wpi.c,v 1.17.4.4 2007/09/02 12:50:36 jmcneill Exp $ */ 2 3 /*- 4 * Copyright (c) 2006, 2007 5 * Damien Bergamini <damien.bergamini (at) free.fr> 6 * 7 * Permission to use, copy, modify, and distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 12 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 13 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 14 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 15 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 #include <sys/cdefs.h> 21 __KERNEL_RCSID(0, "$NetBSD: if_wpi.c,v 1.17.4.4 2007/09/02 12:50:36 jmcneill Exp $"); 22 23 /* 24 * Driver for Intel PRO/Wireless 3945ABG 802.11 network adapters. 25 */ 26 27 #include "bpfilter.h" 28 29 #include <sys/param.h> 30 #include <sys/sockio.h> 31 #include <sys/sysctl.h> 32 #include <sys/mbuf.h> 33 #include <sys/kernel.h> 34 #include <sys/socket.h> 35 #include <sys/systm.h> 36 #include <sys/malloc.h> 37 #include <sys/conf.h> 38 #include <sys/kauth.h> 39 #include <sys/callout.h> 40 41 #include <machine/bus.h> 42 #include <machine/endian.h> 43 #include <machine/intr.h> 44 45 #include <dev/pci/pcireg.h> 46 #include <dev/pci/pcivar.h> 47 #include <dev/pci/pcidevs.h> 48 49 #if NBPFILTER > 0 50 #include <net/bpf.h> 51 #endif 52 #include <net/if.h> 53 #include <net/if_arp.h> 54 #include <net/if_dl.h> 55 #include <net/if_ether.h> 56 #include <net/if_media.h> 57 #include <net/if_types.h> 58 59 #include <net80211/ieee80211_var.h> 60 #include <net80211/ieee80211_amrr.h> 61 #include <net80211/ieee80211_radiotap.h> 62 63 #include <netinet/in.h> 64 #include <netinet/in_systm.h> 65 #include <netinet/in_var.h> 66 #include <netinet/ip.h> 67 68 #include <dev/firmload.h> 69 70 #include <dev/pci/if_wpireg.h> 71 #include <dev/pci/if_wpivar.h> 72 73 #ifdef WPI_DEBUG 74 #define DPRINTF(x) if (wpi_debug > 0) printf x 75 #define DPRINTFN(n, x) if (wpi_debug >= (n)) printf x 76 int wpi_debug = 1; 77 #else 78 #define DPRINTF(x) 79 #define DPRINTFN(n, x) 80 #endif 81 82 /* 83 * Supported rates for 802.11a/b/g modes (in 500Kbps unit). 84 */ 85 static const struct ieee80211_rateset wpi_rateset_11a = 86 { 8, { 12, 18, 24, 36, 48, 72, 96, 108 } }; 87 88 static const struct ieee80211_rateset wpi_rateset_11b = 89 { 4, { 2, 4, 11, 22 } }; 90 91 static const struct ieee80211_rateset wpi_rateset_11g = 92 { 12, { 2, 4, 11, 22, 12, 18, 24, 36, 48, 72, 96, 108 } }; 93 94 static int wpi_match(struct device *, struct cfdata *, void *); 95 static void wpi_attach(struct device *, struct device *, void *); 96 static int wpi_detach(struct device*, int); 97 static pnp_status_t wpi_power(device_t, pnp_request_t, void *); 98 static int wpi_dma_contig_alloc(bus_dma_tag_t, struct wpi_dma_info *, 99 void **, bus_size_t, bus_size_t, int); 100 static void wpi_dma_contig_free(struct wpi_dma_info *); 101 static int wpi_alloc_shared(struct wpi_softc *); 102 static void wpi_free_shared(struct wpi_softc *); 103 static int wpi_alloc_fwmem(struct wpi_softc *); 104 static void wpi_free_fwmem(struct wpi_softc *); 105 static struct wpi_rbuf *wpi_alloc_rbuf(struct wpi_softc *); 106 static void wpi_free_rbuf(struct mbuf *, void *, size_t, void *); 107 static int wpi_alloc_rpool(struct wpi_softc *); 108 static void wpi_free_rpool(struct wpi_softc *); 109 static int wpi_alloc_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 110 static void wpi_reset_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 111 static void wpi_free_rx_ring(struct wpi_softc *, struct wpi_rx_ring *); 112 static int wpi_alloc_tx_ring(struct wpi_softc *, struct wpi_tx_ring *, int, 113 int); 114 static void wpi_reset_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 115 static void wpi_free_tx_ring(struct wpi_softc *, struct wpi_tx_ring *); 116 static struct ieee80211_node * wpi_node_alloc(struct ieee80211_node_table *); 117 static void wpi_newassoc(struct ieee80211_node *, int); 118 static int wpi_media_change(struct ifnet *); 119 static int wpi_newstate(struct ieee80211com *, enum ieee80211_state, int); 120 static void wpi_fix_channel(struct ieee80211com *, struct mbuf *); 121 static void wpi_mem_lock(struct wpi_softc *); 122 static void wpi_mem_unlock(struct wpi_softc *); 123 static uint32_t wpi_mem_read(struct wpi_softc *, uint16_t); 124 static void wpi_mem_write(struct wpi_softc *, uint16_t, uint32_t); 125 static void wpi_mem_write_region_4(struct wpi_softc *, uint16_t, 126 const uint32_t *, int); 127 static int wpi_read_prom_data(struct wpi_softc *, uint32_t, void *, int); 128 static int wpi_load_microcode(struct wpi_softc *, const uint8_t *, int); 129 static int wpi_load_firmware(struct wpi_softc *); 130 static void wpi_calib_timeout(void *); 131 static void wpi_iter_func(void *, struct ieee80211_node *); 132 static void wpi_power_calibration(struct wpi_softc *, int); 133 static void wpi_rx_intr(struct wpi_softc *, struct wpi_rx_desc *, 134 struct wpi_rx_data *); 135 static void wpi_tx_intr(struct wpi_softc *, struct wpi_rx_desc *); 136 static void wpi_cmd_intr(struct wpi_softc *, struct wpi_rx_desc *); 137 static void wpi_notif_intr(struct wpi_softc *); 138 static int wpi_intr(void *); 139 static void wpi_read_eeprom(struct wpi_softc *); 140 static void wpi_read_eeprom_channels(struct wpi_softc *, int); 141 static void wpi_read_eeprom_group(struct wpi_softc *, int); 142 static uint8_t wpi_plcp_signal(int); 143 static int wpi_tx_data(struct wpi_softc *, struct mbuf *, 144 struct ieee80211_node *, int); 145 static void wpi_start(struct ifnet *); 146 static void wpi_watchdog(struct ifnet *); 147 static int wpi_ioctl(struct ifnet *, u_long, void *); 148 static int wpi_cmd(struct wpi_softc *, int, const void *, int, int); 149 static int wpi_wme_update(struct ieee80211com *); 150 static int wpi_mrr_setup(struct wpi_softc *); 151 static void wpi_set_led(struct wpi_softc *, uint8_t, uint8_t, uint8_t); 152 static void wpi_enable_tsf(struct wpi_softc *, struct ieee80211_node *); 153 static int wpi_set_txpower(struct wpi_softc *, 154 struct ieee80211_channel *, int); 155 static int wpi_get_power_index(struct wpi_softc *, 156 struct wpi_power_group *, struct ieee80211_channel *, int); 157 static int wpi_setup_beacon(struct wpi_softc *, struct ieee80211_node *); 158 static int wpi_auth(struct wpi_softc *); 159 static int wpi_scan(struct wpi_softc *, uint16_t); 160 static int wpi_config(struct wpi_softc *); 161 static void wpi_stop_master(struct wpi_softc *); 162 static int wpi_power_up(struct wpi_softc *); 163 static int wpi_reset(struct wpi_softc *); 164 static void wpi_hw_config(struct wpi_softc *); 165 static int wpi_init(struct ifnet *); 166 static void wpi_stop(struct ifnet *, int); 167 168 CFATTACH_DECL(wpi, sizeof (struct wpi_softc), wpi_match, wpi_attach, 169 wpi_detach, NULL); 170 171 static int 172 wpi_match(struct device *parent, struct cfdata *match __unused, void *aux) 173 { 174 struct pci_attach_args *pa = aux; 175 176 if (PCI_VENDOR(pa->pa_id) != PCI_VENDOR_INTEL) 177 return 0; 178 179 if (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_1 || 180 PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_INTEL_PRO_WL_3945ABG_2) 181 return 1; 182 183 return 0; 184 } 185 186 /* Base Address Register */ 187 #define WPI_PCI_BAR0 0x10 188 189 static void 190 wpi_attach(struct device *parent __unused, struct device *self, void *aux) 191 { 192 struct wpi_softc *sc = (struct wpi_softc *)self; 193 struct ieee80211com *ic = &sc->sc_ic; 194 struct ifnet *ifp = &sc->sc_ec.ec_if; 195 struct pci_attach_args *pa = aux; 196 const char *intrstr; 197 char devinfo[256]; 198 bus_space_tag_t memt; 199 bus_space_handle_t memh; 200 pci_intr_handle_t ih; 201 pcireg_t data; 202 int error, ac, revision; 203 204 sc->sc_pct = pa->pa_pc; 205 sc->sc_pcitag = pa->pa_tag; 206 207 callout_init(&sc->calib_to, 0); 208 209 pci_devinfo(pa->pa_id, pa->pa_class, 0, devinfo, sizeof devinfo); 210 revision = PCI_REVISION(pa->pa_class); 211 aprint_normal(": %s (rev. 0x%02x)\n", devinfo, revision); 212 213 /* clear device specific PCI configuration register 0x41 */ 214 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 215 data &= ~0x0000ff00; 216 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 217 218 /* enable bus-mastering */ 219 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG); 220 data |= PCI_COMMAND_MASTER_ENABLE; 221 pci_conf_write(sc->sc_pct, sc->sc_pcitag, PCI_COMMAND_STATUS_REG, data); 222 223 /* map the register window */ 224 error = pci_mapreg_map(pa, WPI_PCI_BAR0, PCI_MAPREG_TYPE_MEM | 225 PCI_MAPREG_MEM_TYPE_32BIT, 0, &memt, &memh, NULL, &sc->sc_sz); 226 if (error != 0) { 227 aprint_error("%s: could not map memory space\n", 228 sc->sc_dev.dv_xname); 229 return; 230 } 231 232 sc->sc_st = memt; 233 sc->sc_sh = memh; 234 sc->sc_dmat = pa->pa_dmat; 235 236 if (pci_intr_map(pa, &ih) != 0) { 237 aprint_error("%s: could not map interrupt\n", 238 sc->sc_dev.dv_xname); 239 return; 240 } 241 242 intrstr = pci_intr_string(sc->sc_pct, ih); 243 sc->sc_ih = pci_intr_establish(sc->sc_pct, ih, IPL_NET, wpi_intr, sc); 244 if (sc->sc_ih == NULL) { 245 aprint_error("%s: could not establish interrupt", 246 sc->sc_dev.dv_xname); 247 if (intrstr != NULL) 248 aprint_error(" at %s", intrstr); 249 aprint_error("\n"); 250 return; 251 } 252 aprint_normal("%s: interrupting at %s\n", sc->sc_dev.dv_xname, intrstr); 253 254 if (wpi_reset(sc) != 0) { 255 aprint_error("%s: could not reset adapter\n", 256 sc->sc_dev.dv_xname); 257 return; 258 } 259 260 /* 261 * Allocate DMA memory for firmware transfers. 262 */ 263 if ((error = wpi_alloc_fwmem(sc)) != 0) { 264 aprint_error(": could not allocate firmware memory\n"); 265 return; 266 } 267 268 /* 269 * Allocate shared page and Tx/Rx rings. 270 */ 271 if ((error = wpi_alloc_shared(sc)) != 0) { 272 aprint_error("%s: could not allocate shared area\n", 273 sc->sc_dev.dv_xname); 274 goto fail1; 275 } 276 277 if ((error = wpi_alloc_rpool(sc)) != 0) { 278 aprint_error("%s: could not allocate Rx buffers\n", 279 sc->sc_dev.dv_xname); 280 goto fail2; 281 } 282 283 for (ac = 0; ac < 4; ac++) { 284 error = wpi_alloc_tx_ring(sc, &sc->txq[ac], WPI_TX_RING_COUNT, ac); 285 if (error != 0) { 286 aprint_error("%s: could not allocate Tx ring %d\n", 287 sc->sc_dev.dv_xname, ac); 288 goto fail3; 289 } 290 } 291 292 error = wpi_alloc_tx_ring(sc, &sc->cmdq, WPI_CMD_RING_COUNT, 4); 293 if (error != 0) { 294 aprint_error("%s: could not allocate command ring\n", 295 sc->sc_dev.dv_xname); 296 goto fail3; 297 } 298 299 error = wpi_alloc_tx_ring(sc, &sc->svcq, WPI_SVC_RING_COUNT, 5); 300 if (error != 0) { 301 aprint_error("%s: could not allocate service ring\n", 302 sc->sc_dev.dv_xname); 303 goto fail4; 304 } 305 306 if (wpi_alloc_rx_ring(sc, &sc->rxq) != 0) { 307 aprint_error("%s: could not allocate Rx ring\n", 308 sc->sc_dev.dv_xname); 309 goto fail5; 310 } 311 312 ic->ic_ifp = ifp; 313 ic->ic_phytype = IEEE80211_T_OFDM; /* not only, but not used */ 314 ic->ic_opmode = IEEE80211_M_STA; /* default to BSS mode */ 315 ic->ic_state = IEEE80211_S_INIT; 316 317 /* set device capabilities */ 318 ic->ic_caps = 319 IEEE80211_C_IBSS | /* IBSS mode support */ 320 IEEE80211_C_WPA | /* 802.11i */ 321 IEEE80211_C_MONITOR | /* monitor mode supported */ 322 IEEE80211_C_TXPMGT | /* tx power management */ 323 IEEE80211_C_SHSLOT | /* short slot time supported */ 324 IEEE80211_C_SHPREAMBLE | /* short preamble supported */ 325 IEEE80211_C_WME; /* 802.11e */ 326 327 /* read supported channels and MAC address from EEPROM */ 328 wpi_read_eeprom(sc); 329 330 /* set supported .11a, .11b, .11g rates */ 331 ic->ic_sup_rates[IEEE80211_MODE_11A] = wpi_rateset_11a; 332 ic->ic_sup_rates[IEEE80211_MODE_11B] = wpi_rateset_11b; 333 ic->ic_sup_rates[IEEE80211_MODE_11G] = wpi_rateset_11g; 334 335 ic->ic_ibss_chan = &ic->ic_channels[0]; 336 337 ifp->if_softc = sc; 338 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 339 ifp->if_init = wpi_init; 340 ifp->if_stop = wpi_stop; 341 ifp->if_ioctl = wpi_ioctl; 342 ifp->if_start = wpi_start; 343 ifp->if_watchdog = wpi_watchdog; 344 IFQ_SET_READY(&ifp->if_snd); 345 memcpy(ifp->if_xname, sc->sc_dev.dv_xname, IFNAMSIZ); 346 347 if_attach(ifp); 348 ieee80211_ifattach(ic); 349 /* override default methods */ 350 ic->ic_node_alloc = wpi_node_alloc; 351 ic->ic_newassoc = wpi_newassoc; 352 ic->ic_wme.wme_update = wpi_wme_update; 353 354 /* override state transition machine */ 355 sc->sc_newstate = ic->ic_newstate; 356 ic->ic_newstate = wpi_newstate; 357 ieee80211_media_init(ic, wpi_media_change, ieee80211_media_status); 358 359 sc->amrr.amrr_min_success_threshold = 1; 360 sc->amrr.amrr_max_success_threshold = 15; 361 362 /* set power handler */ 363 if (pnp_register(self, wpi_power) != PNP_STATUS_SUCCESS) 364 aprint_error("%s: couldn't establish power handler\n", 365 device_xname(self)); 366 367 #if NBPFILTER > 0 368 bpfattach2(ifp, DLT_IEEE802_11_RADIO, 369 sizeof (struct ieee80211_frame) + IEEE80211_RADIOTAP_HDRLEN, 370 &sc->sc_drvbpf); 371 372 sc->sc_rxtap_len = sizeof sc->sc_rxtapu; 373 sc->sc_rxtap.wr_ihdr.it_len = htole16(sc->sc_rxtap_len); 374 sc->sc_rxtap.wr_ihdr.it_present = htole32(WPI_RX_RADIOTAP_PRESENT); 375 376 sc->sc_txtap_len = sizeof sc->sc_txtapu; 377 sc->sc_txtap.wt_ihdr.it_len = htole16(sc->sc_txtap_len); 378 sc->sc_txtap.wt_ihdr.it_present = htole32(WPI_TX_RADIOTAP_PRESENT); 379 #endif 380 381 ieee80211_announce(ic); 382 383 return; 384 385 fail5: wpi_free_tx_ring(sc, &sc->svcq); 386 fail4: wpi_free_tx_ring(sc, &sc->cmdq); 387 fail3: while (--ac >= 0) 388 wpi_free_tx_ring(sc, &sc->txq[ac]); 389 wpi_free_rpool(sc); 390 fail2: wpi_free_shared(sc); 391 fail1: wpi_free_fwmem(sc); 392 } 393 394 static int 395 wpi_detach(struct device* self, int flags __unused) 396 { 397 struct wpi_softc *sc = (struct wpi_softc *)self; 398 struct ifnet *ifp = sc->sc_ic.ic_ifp; 399 int ac; 400 401 wpi_stop(ifp, 1); 402 403 #if NBPFILTER > 0 404 if (ifp != NULL) 405 bpfdetach(ifp); 406 #endif 407 ieee80211_ifdetach(&sc->sc_ic); 408 if (ifp != NULL) 409 if_detach(ifp); 410 411 for (ac = 0; ac < 4; ac++) 412 wpi_free_tx_ring(sc, &sc->txq[ac]); 413 wpi_free_tx_ring(sc, &sc->cmdq); 414 wpi_free_tx_ring(sc, &sc->svcq); 415 wpi_free_rx_ring(sc, &sc->rxq); 416 wpi_free_rpool(sc); 417 wpi_free_shared(sc); 418 419 if (sc->sc_ih != NULL) { 420 pci_intr_disestablish(sc->sc_pct, sc->sc_ih); 421 sc->sc_ih = NULL; 422 } 423 424 bus_space_unmap(sc->sc_st, sc->sc_sh, sc->sc_sz); 425 426 return 0; 427 } 428 429 static pnp_status_t 430 wpi_power(device_t dv, pnp_request_t req, void *opaque) 431 { 432 struct wpi_softc *sc = (struct wpi_softc *)dv; 433 pnp_capabilities_t *pcaps; 434 pnp_state_t *pstate; 435 struct ifnet *ifp; 436 pcireg_t data; 437 int s; 438 439 switch (req) { 440 case PNP_REQUEST_GET_CAPABILITIES: 441 pcaps = opaque; 442 pcaps->state = PNP_STATE_D0 | PNP_STATE_D3; 443 break; 444 case PNP_REQUEST_GET_STATE: 445 pstate = opaque; 446 *pstate = PNP_STATE_D0; 447 break; 448 case PNP_REQUEST_SET_STATE: 449 pstate = opaque; 450 switch (*pstate) { 451 case PNP_STATE_D0: 452 /* clear device specific PCI conf reg 0x41 */ 453 data = pci_conf_read(sc->sc_pct, sc->sc_pcitag, 0x40); 454 data &= ~0x0000ff00; 455 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0x40, data); 456 457 pci_conf_write(sc->sc_pct, sc->sc_pcitag, 0xe8, 458 sc->sc_pmstate_e8); 459 460 s = splnet(); 461 ifp = sc->sc_ic.ic_ifp; 462 if (ifp->if_flags & IFF_UP) { 463 ifp->if_init(ifp); 464 if (ifp->if_flags & IFF_RUNNING) 465 ifp->if_start(ifp); 466 } 467 splx(s); 468 break; 469 case PNP_STATE_D3: 470 sc->sc_pmstate_e8 = pci_conf_read( 471 sc->sc_pct, sc->sc_pcitag, 0xe8); 472 break; 473 default: 474 return PNP_STATUS_UNSUPPORTED; 475 } 476 break; 477 default: 478 return PNP_STATUS_UNSUPPORTED; 479 } 480 481 return PNP_STATUS_SUCCESS; 482 } 483 484 static int 485 wpi_dma_contig_alloc(bus_dma_tag_t tag, struct wpi_dma_info *dma, 486 void **kvap, bus_size_t size, bus_size_t alignment, int flags) 487 { 488 int nsegs, error; 489 490 dma->tag = tag; 491 dma->size = size; 492 493 error = bus_dmamap_create(tag, size, 1, size, 0, flags, &dma->map); 494 if (error != 0) 495 goto fail; 496 497 error = bus_dmamem_alloc(tag, size, alignment, 0, &dma->seg, 1, &nsegs, 498 flags); 499 if (error != 0) 500 goto fail; 501 502 error = bus_dmamem_map(tag, &dma->seg, 1, size, &dma->vaddr, flags); 503 if (error != 0) 504 goto fail; 505 506 error = bus_dmamap_load(tag, dma->map, dma->vaddr, size, NULL, flags); 507 if (error != 0) 508 goto fail; 509 510 memset(dma->vaddr, 0, size); 511 512 dma->paddr = dma->map->dm_segs[0].ds_addr; 513 if (kvap != NULL) 514 *kvap = dma->vaddr; 515 516 return 0; 517 518 fail: wpi_dma_contig_free(dma); 519 return error; 520 } 521 522 static void 523 wpi_dma_contig_free(struct wpi_dma_info *dma) 524 { 525 if (dma->map != NULL) { 526 if (dma->vaddr != NULL) { 527 bus_dmamap_unload(dma->tag, dma->map); 528 bus_dmamem_unmap(dma->tag, dma->vaddr, dma->size); 529 bus_dmamem_free(dma->tag, &dma->seg, 1); 530 dma->vaddr = NULL; 531 } 532 bus_dmamap_destroy(dma->tag, dma->map); 533 dma->map = NULL; 534 } 535 } 536 537 /* 538 * Allocate a shared page between host and NIC. 539 */ 540 static int 541 wpi_alloc_shared(struct wpi_softc *sc) 542 { 543 int error; 544 /* must be aligned on a 4K-page boundary */ 545 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->shared_dma, 546 (void **)&sc->shared, sizeof (struct wpi_shared), 547 WPI_BUF_ALIGN,BUS_DMA_NOWAIT); 548 if (error != 0) 549 aprint_error( 550 "%s: could not allocate shared area DMA memory\n", 551 sc->sc_dev.dv_xname); 552 553 return error; 554 } 555 556 static void 557 wpi_free_shared(struct wpi_softc *sc) 558 { 559 wpi_dma_contig_free(&sc->shared_dma); 560 } 561 562 /* 563 * Allocate DMA-safe memory for firmware transfer. 564 */ 565 static int 566 wpi_alloc_fwmem(struct wpi_softc *sc) 567 { 568 int error; 569 /* allocate enough contiguous space to store text and data */ 570 error = wpi_dma_contig_alloc(sc->sc_dmat, &sc->fw_dma, NULL, 571 WPI_FW_MAIN_TEXT_MAXSZ + WPI_FW_MAIN_DATA_MAXSZ, 0, 572 BUS_DMA_NOWAIT); 573 574 if (error != 0) 575 aprint_error( 576 "%s: could not allocate firmware transfer area" 577 "DMA memory\n", sc->sc_dev.dv_xname); 578 return error; 579 } 580 581 static void 582 wpi_free_fwmem(struct wpi_softc *sc) 583 { 584 wpi_dma_contig_free(&sc->fw_dma); 585 } 586 587 588 static struct wpi_rbuf * 589 wpi_alloc_rbuf(struct wpi_softc *sc) 590 { 591 struct wpi_rbuf *rbuf; 592 593 rbuf = SLIST_FIRST(&sc->rxq.freelist); 594 if (rbuf == NULL) 595 return NULL; 596 SLIST_REMOVE_HEAD(&sc->rxq.freelist, next); 597 sc->rxq.nb_free_entries --; 598 599 return rbuf; 600 } 601 602 /* 603 * This is called automatically by the network stack when the mbuf to which our 604 * Rx buffer is attached is freed. 605 */ 606 static void 607 wpi_free_rbuf(struct mbuf* m, void *buf, size_t size, void *arg) 608 { 609 struct wpi_rbuf *rbuf = arg; 610 struct wpi_softc *sc = rbuf->sc; 611 int s; 612 613 /* put the buffer back in the free list */ 614 615 SLIST_INSERT_HEAD(&sc->rxq.freelist, rbuf, next); 616 sc->rxq.nb_free_entries ++; 617 618 if (__predict_true(m != NULL)) { 619 s = splvm(); 620 pool_cache_put(&mbpool_cache, m); 621 splx(s); 622 } 623 } 624 625 static int 626 wpi_alloc_rpool(struct wpi_softc *sc) 627 { 628 struct wpi_rx_ring *ring = &sc->rxq; 629 struct wpi_rbuf *rbuf; 630 int i, error; 631 632 /* allocate a big chunk of DMA'able memory.. */ 633 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->buf_dma, NULL, 634 WPI_RBUF_COUNT * WPI_RBUF_SIZE, WPI_BUF_ALIGN, BUS_DMA_NOWAIT); 635 if (error != 0) { 636 aprint_normal("%s: could not allocate Rx buffers DMA memory\n", 637 sc->sc_dev.dv_xname); 638 return error; 639 } 640 641 /* ..and split it into 3KB chunks */ 642 SLIST_INIT(&ring->freelist); 643 for (i = 0; i < WPI_RBUF_COUNT; i++) { 644 rbuf = &ring->rbuf[i]; 645 rbuf->sc = sc; /* backpointer for callbacks */ 646 rbuf->vaddr = (char *)ring->buf_dma.vaddr + i * WPI_RBUF_SIZE; 647 rbuf->paddr = ring->buf_dma.paddr + i * WPI_RBUF_SIZE; 648 649 SLIST_INSERT_HEAD(&ring->freelist, rbuf, next); 650 } 651 652 ring->nb_free_entries = WPI_RBUF_COUNT; 653 return 0; 654 } 655 656 static void 657 wpi_free_rpool(struct wpi_softc *sc) 658 { 659 wpi_dma_contig_free(&sc->rxq.buf_dma); 660 } 661 662 static int 663 wpi_alloc_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 664 { 665 struct wpi_rx_data *data; 666 struct wpi_rbuf *rbuf; 667 int i, error; 668 669 ring->cur = 0; 670 671 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 672 (void **)&ring->desc, 673 WPI_RX_RING_COUNT * sizeof (struct wpi_rx_desc), 674 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 675 if (error != 0) { 676 aprint_error("%s: could not allocate rx ring DMA memory\n", 677 sc->sc_dev.dv_xname); 678 goto fail; 679 } 680 681 /* 682 * Setup Rx buffers. 683 */ 684 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 685 data = &ring->data[i]; 686 687 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 688 if (data->m == NULL) { 689 aprint_error("%s: could not allocate rx mbuf\n", 690 sc->sc_dev.dv_xname); 691 error = ENOMEM; 692 goto fail; 693 } 694 if ((rbuf = wpi_alloc_rbuf(sc)) == NULL) { 695 m_freem(data->m); 696 data->m = NULL; 697 aprint_error("%s: could not allocate rx cluster\n", 698 sc->sc_dev.dv_xname); 699 error = ENOMEM; 700 goto fail; 701 } 702 /* attach Rx buffer to mbuf */ 703 MEXTADD(data->m, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 704 rbuf); 705 data->m->m_flags |= M_EXT_RW; 706 707 ring->desc[i] = htole32(rbuf->paddr); 708 } 709 710 return 0; 711 712 fail: wpi_free_rx_ring(sc, ring); 713 return error; 714 } 715 716 static void 717 wpi_reset_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 718 { 719 int ntries; 720 721 wpi_mem_lock(sc); 722 723 WPI_WRITE(sc, WPI_RX_CONFIG, 0); 724 for (ntries = 0; ntries < 100; ntries++) { 725 if (WPI_READ(sc, WPI_RX_STATUS) & WPI_RX_IDLE) 726 break; 727 DELAY(10); 728 } 729 #ifdef WPI_DEBUG 730 if (ntries == 100 && wpi_debug > 0) 731 aprint_error("%s: timeout resetting Rx ring\n", 732 sc->sc_dev.dv_xname); 733 #endif 734 wpi_mem_unlock(sc); 735 736 ring->cur = 0; 737 } 738 739 static void 740 wpi_free_rx_ring(struct wpi_softc *sc, struct wpi_rx_ring *ring) 741 { 742 int i; 743 744 wpi_dma_contig_free(&ring->desc_dma); 745 746 for (i = 0; i < WPI_RX_RING_COUNT; i++) { 747 if (ring->data[i].m != NULL) 748 m_freem(ring->data[i].m); 749 } 750 } 751 752 static int 753 wpi_alloc_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring, int count, 754 int qid) 755 { 756 struct wpi_tx_data *data; 757 int i, error; 758 759 ring->qid = qid; 760 ring->count = count; 761 ring->queued = 0; 762 ring->cur = 0; 763 764 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->desc_dma, 765 (void **)&ring->desc, count * sizeof (struct wpi_tx_desc), 766 WPI_RING_DMA_ALIGN, BUS_DMA_NOWAIT); 767 if (error != 0) { 768 aprint_error("%s: could not allocate tx ring DMA memory\n", 769 sc->sc_dev.dv_xname); 770 goto fail; 771 } 772 773 /* update shared page with ring's base address */ 774 sc->shared->txbase[qid] = htole32(ring->desc_dma.paddr); 775 776 error = wpi_dma_contig_alloc(sc->sc_dmat, &ring->cmd_dma, 777 (void **)&ring->cmd, 778 count * sizeof (struct wpi_tx_cmd), 4, BUS_DMA_NOWAIT); 779 if (error != 0) { 780 aprint_error("%s: could not allocate tx cmd DMA memory\n", 781 sc->sc_dev.dv_xname); 782 goto fail; 783 } 784 785 ring->data = malloc(count * sizeof (struct wpi_tx_data), M_DEVBUF, 786 M_NOWAIT); 787 if (ring->data == NULL) { 788 aprint_error("%s: could not allocate tx data slots\n", 789 sc->sc_dev.dv_xname); 790 goto fail; 791 } 792 793 memset(ring->data, 0, count * sizeof (struct wpi_tx_data)); 794 795 for (i = 0; i < count; i++) { 796 data = &ring->data[i]; 797 798 error = bus_dmamap_create(sc->sc_dmat, MCLBYTES, 799 WPI_MAX_SCATTER - 1, MCLBYTES, 0, BUS_DMA_NOWAIT, 800 &data->map); 801 if (error != 0) { 802 aprint_error("%s: could not create tx buf DMA map\n", 803 sc->sc_dev.dv_xname); 804 goto fail; 805 } 806 } 807 808 return 0; 809 810 fail: wpi_free_tx_ring(sc, ring); 811 return error; 812 } 813 814 static void 815 wpi_reset_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 816 { 817 struct wpi_tx_data *data; 818 int i, ntries; 819 820 wpi_mem_lock(sc); 821 822 WPI_WRITE(sc, WPI_TX_CONFIG(ring->qid), 0); 823 for (ntries = 0; ntries < 100; ntries++) { 824 if (WPI_READ(sc, WPI_TX_STATUS) & WPI_TX_IDLE(ring->qid)) 825 break; 826 DELAY(10); 827 } 828 #ifdef WPI_DEBUG 829 if (ntries == 100 && wpi_debug > 0) { 830 aprint_error("%s: timeout resetting Tx ring %d\n", 831 sc->sc_dev.dv_xname, ring->qid); 832 } 833 #endif 834 wpi_mem_unlock(sc); 835 836 for (i = 0; i < ring->count; i++) { 837 data = &ring->data[i]; 838 839 if (data->m != NULL) { 840 bus_dmamap_unload(sc->sc_dmat, data->map); 841 m_freem(data->m); 842 data->m = NULL; 843 } 844 } 845 846 ring->queued = 0; 847 ring->cur = 0; 848 } 849 850 static void 851 wpi_free_tx_ring(struct wpi_softc *sc, struct wpi_tx_ring *ring) 852 { 853 struct wpi_tx_data *data; 854 int i; 855 856 wpi_dma_contig_free(&ring->desc_dma); 857 wpi_dma_contig_free(&ring->cmd_dma); 858 859 if (ring->data != NULL) { 860 for (i = 0; i < ring->count; i++) { 861 data = &ring->data[i]; 862 863 if (data->m != NULL) { 864 bus_dmamap_unload(sc->sc_dmat, data->map); 865 m_freem(data->m); 866 } 867 } 868 free(ring->data, M_DEVBUF); 869 } 870 } 871 872 /*ARGUSED*/ 873 static struct ieee80211_node * 874 wpi_node_alloc(struct ieee80211_node_table *nt __unused) 875 { 876 struct wpi_node *wn; 877 878 wn = malloc(sizeof (struct wpi_node), M_DEVBUF, M_NOWAIT); 879 880 if (wn != NULL) 881 memset(wn, 0, sizeof (struct wpi_node)); 882 return (struct ieee80211_node *)wn; 883 } 884 885 static void 886 wpi_newassoc(struct ieee80211_node *ni, int isnew) 887 { 888 struct wpi_softc *sc = ni->ni_ic->ic_ifp->if_softc; 889 int i; 890 891 ieee80211_amrr_node_init(&sc->amrr, &((struct wpi_node *)ni)->amn); 892 893 /* set rate to some reasonable initial value */ 894 for (i = ni->ni_rates.rs_nrates - 1; 895 i > 0 && (ni->ni_rates.rs_rates[i] & IEEE80211_RATE_VAL) > 72; 896 i--); 897 ni->ni_txrate = i; 898 } 899 900 static int 901 wpi_media_change(struct ifnet *ifp) 902 { 903 int error; 904 905 error = ieee80211_media_change(ifp); 906 if (error != ENETRESET) 907 return error; 908 909 if ((ifp->if_flags & (IFF_UP | IFF_RUNNING)) == (IFF_UP | IFF_RUNNING)) 910 wpi_init(ifp); 911 912 return 0; 913 } 914 915 static int 916 wpi_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg) 917 { 918 struct ifnet *ifp = ic->ic_ifp; 919 struct wpi_softc *sc = ifp->if_softc; 920 struct ieee80211_node *ni; 921 int error; 922 923 callout_stop(&sc->calib_to); 924 925 switch (nstate) { 926 case IEEE80211_S_SCAN: 927 928 if (sc->is_scanning) 929 break; 930 931 sc->is_scanning = true; 932 ieee80211_node_table_reset(&ic->ic_scan); 933 ic->ic_flags |= IEEE80211_F_SCAN | IEEE80211_F_ASCAN; 934 935 /* make the link LED blink while we're scanning */ 936 wpi_set_led(sc, WPI_LED_LINK, 20, 2); 937 938 if ((error = wpi_scan(sc, IEEE80211_CHAN_G)) != 0) { 939 aprint_error("%s: could not initiate scan\n", 940 sc->sc_dev.dv_xname); 941 ic->ic_flags &= ~(IEEE80211_F_SCAN | IEEE80211_F_ASCAN); 942 return error; 943 } 944 945 ic->ic_state = nstate; 946 return 0; 947 948 case IEEE80211_S_ASSOC: 949 if (ic->ic_state != IEEE80211_S_RUN) 950 break; 951 /* FALLTHROUGH */ 952 case IEEE80211_S_AUTH: 953 sc->config.associd = 0; 954 sc->config.filter &= ~htole32(WPI_FILTER_BSS); 955 if ((error = wpi_auth(sc)) != 0) { 956 aprint_error("%s: could not send authentication request\n", 957 sc->sc_dev.dv_xname); 958 return error; 959 } 960 break; 961 962 case IEEE80211_S_RUN: 963 if (ic->ic_opmode == IEEE80211_M_MONITOR) { 964 /* link LED blinks while monitoring */ 965 wpi_set_led(sc, WPI_LED_LINK, 5, 5); 966 break; 967 } 968 969 ni = ic->ic_bss; 970 971 if (ic->ic_opmode != IEEE80211_M_STA) { 972 (void) wpi_auth(sc); /* XXX */ 973 wpi_setup_beacon(sc, ni); 974 } 975 976 wpi_enable_tsf(sc, ni); 977 978 /* update adapter's configuration */ 979 sc->config.associd = htole16(ni->ni_associd & ~0xc000); 980 /* short preamble/slot time are negotiated when associating */ 981 sc->config.flags &= ~htole32(WPI_CONFIG_SHPREAMBLE | 982 WPI_CONFIG_SHSLOT); 983 if (ic->ic_flags & IEEE80211_F_SHSLOT) 984 sc->config.flags |= htole32(WPI_CONFIG_SHSLOT); 985 if (ic->ic_flags & IEEE80211_F_SHPREAMBLE) 986 sc->config.flags |= htole32(WPI_CONFIG_SHPREAMBLE); 987 sc->config.filter |= htole32(WPI_FILTER_BSS); 988 if (ic->ic_opmode != IEEE80211_M_STA) 989 sc->config.filter |= htole32(WPI_FILTER_BEACON); 990 991 /* XXX put somewhere HC_QOS_SUPPORT_ASSOC + HC_IBSS_START */ 992 993 DPRINTF(("config chan %d flags %x\n", sc->config.chan, 994 sc->config.flags)); 995 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 996 sizeof (struct wpi_config), 1); 997 if (error != 0) { 998 aprint_error("%s: could not update configuration\n", 999 sc->sc_dev.dv_xname); 1000 return error; 1001 } 1002 1003 /* configuration has changed, set Tx power accordingly */ 1004 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 1005 aprint_error("%s: could not set Tx power\n", 1006 sc->sc_dev.dv_xname); 1007 return error; 1008 } 1009 1010 if (ic->ic_opmode == IEEE80211_M_STA) { 1011 /* fake a join to init the tx rate */ 1012 wpi_newassoc(ni, 1); 1013 } 1014 1015 /* start periodic calibration timer */ 1016 sc->calib_cnt = 0; 1017 callout_reset(&sc->calib_to, hz/2, wpi_calib_timeout, sc); 1018 1019 /* link LED always on while associated */ 1020 wpi_set_led(sc, WPI_LED_LINK, 0, 1); 1021 break; 1022 1023 case IEEE80211_S_INIT: 1024 sc->is_scanning = false; 1025 break; 1026 } 1027 1028 return sc->sc_newstate(ic, nstate, arg); 1029 } 1030 1031 /* 1032 * XXX: Hack to set the current channel to the value advertised in beacons or 1033 * probe responses. Only used during AP detection. 1034 * XXX: Duplicated from if_iwi.c 1035 */ 1036 static void 1037 wpi_fix_channel(struct ieee80211com *ic, struct mbuf *m) 1038 { 1039 struct ieee80211_frame *wh; 1040 uint8_t subtype; 1041 uint8_t *frm, *efrm; 1042 1043 wh = mtod(m, struct ieee80211_frame *); 1044 1045 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) != IEEE80211_FC0_TYPE_MGT) 1046 return; 1047 1048 subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; 1049 1050 if (subtype != IEEE80211_FC0_SUBTYPE_BEACON && 1051 subtype != IEEE80211_FC0_SUBTYPE_PROBE_RESP) 1052 return; 1053 1054 frm = (uint8_t *)(wh + 1); 1055 efrm = mtod(m, uint8_t *) + m->m_len; 1056 1057 frm += 12; /* skip tstamp, bintval and capinfo fields */ 1058 while (frm < efrm) { 1059 if (*frm == IEEE80211_ELEMID_DSPARMS) 1060 #if IEEE80211_CHAN_MAX < 255 1061 if (frm[2] <= IEEE80211_CHAN_MAX) 1062 #endif 1063 ic->ic_curchan = &ic->ic_channels[frm[2]]; 1064 1065 frm += frm[1] + 2; 1066 } 1067 } 1068 1069 /* 1070 * Grab exclusive access to NIC memory. 1071 */ 1072 static void 1073 wpi_mem_lock(struct wpi_softc *sc) 1074 { 1075 uint32_t tmp; 1076 int ntries; 1077 1078 tmp = WPI_READ(sc, WPI_GPIO_CTL); 1079 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_MAC); 1080 1081 /* spin until we actually get the lock */ 1082 for (ntries = 0; ntries < 1000; ntries++) { 1083 if ((WPI_READ(sc, WPI_GPIO_CTL) & 1084 (WPI_GPIO_CLOCK | WPI_GPIO_SLEEP)) == WPI_GPIO_CLOCK) 1085 break; 1086 DELAY(10); 1087 } 1088 if (ntries == 1000) 1089 aprint_error("%s: could not lock memory\n", sc->sc_dev.dv_xname); 1090 } 1091 1092 /* 1093 * Release lock on NIC memory. 1094 */ 1095 static void 1096 wpi_mem_unlock(struct wpi_softc *sc) 1097 { 1098 uint32_t tmp = WPI_READ(sc, WPI_GPIO_CTL); 1099 WPI_WRITE(sc, WPI_GPIO_CTL, tmp & ~WPI_GPIO_MAC); 1100 } 1101 1102 static uint32_t 1103 wpi_mem_read(struct wpi_softc *sc, uint16_t addr) 1104 { 1105 WPI_WRITE(sc, WPI_READ_MEM_ADDR, WPI_MEM_4 | addr); 1106 return WPI_READ(sc, WPI_READ_MEM_DATA); 1107 } 1108 1109 static void 1110 wpi_mem_write(struct wpi_softc *sc, uint16_t addr, uint32_t data) 1111 { 1112 WPI_WRITE(sc, WPI_WRITE_MEM_ADDR, WPI_MEM_4 | addr); 1113 WPI_WRITE(sc, WPI_WRITE_MEM_DATA, data); 1114 } 1115 1116 static void 1117 wpi_mem_write_region_4(struct wpi_softc *sc, uint16_t addr, 1118 const uint32_t *data, int wlen) 1119 { 1120 for (; wlen > 0; wlen--, data++, addr += 4) 1121 wpi_mem_write(sc, addr, *data); 1122 } 1123 1124 1125 /* 1126 * Read `len' bytes from the EEPROM. We access the EEPROM through the MAC 1127 * instead of using the traditional bit-bang method. 1128 */ 1129 static int 1130 wpi_read_prom_data(struct wpi_softc *sc, uint32_t addr, void *data, int len) 1131 { 1132 uint8_t *out = data; 1133 uint32_t val; 1134 int ntries; 1135 1136 wpi_mem_lock(sc); 1137 for (; len > 0; len -= 2, addr++) { 1138 WPI_WRITE(sc, WPI_EEPROM_CTL, addr << 2); 1139 1140 for (ntries = 0; ntries < 10; ntries++) { 1141 if ((val = WPI_READ(sc, WPI_EEPROM_CTL)) & 1142 WPI_EEPROM_READY) 1143 break; 1144 DELAY(5); 1145 } 1146 if (ntries == 10) { 1147 aprint_error("%s: could not read EEPROM\n", 1148 sc->sc_dev.dv_xname); 1149 return ETIMEDOUT; 1150 } 1151 *out++ = val >> 16; 1152 if (len > 1) 1153 *out++ = val >> 24; 1154 } 1155 wpi_mem_unlock(sc); 1156 1157 return 0; 1158 } 1159 1160 /* 1161 * The firmware boot code is small and is intended to be copied directly into 1162 * the NIC internal memory. 1163 */ 1164 int 1165 wpi_load_microcode(struct wpi_softc *sc, const uint8_t *ucode, int size) 1166 { 1167 int ntries; 1168 1169 size /= sizeof (uint32_t); 1170 1171 wpi_mem_lock(sc); 1172 1173 /* copy microcode image into NIC memory */ 1174 wpi_mem_write_region_4(sc, WPI_MEM_UCODE_BASE, 1175 (const uint32_t *)ucode, size); 1176 1177 wpi_mem_write(sc, WPI_MEM_UCODE_SRC, 0); 1178 wpi_mem_write(sc, WPI_MEM_UCODE_DST, WPI_FW_TEXT); 1179 wpi_mem_write(sc, WPI_MEM_UCODE_SIZE, size); 1180 1181 /* run microcode */ 1182 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_RUN); 1183 1184 /* wait for transfer to complete */ 1185 for (ntries = 0; ntries < 1000; ntries++) { 1186 if (!(wpi_mem_read(sc, WPI_MEM_UCODE_CTL) & WPI_UC_RUN)) 1187 break; 1188 DELAY(10); 1189 } 1190 if (ntries == 1000) { 1191 wpi_mem_unlock(sc); 1192 printf("%s: could not load boot firmware\n", 1193 sc->sc_dev.dv_xname); 1194 return ETIMEDOUT; 1195 } 1196 wpi_mem_write(sc, WPI_MEM_UCODE_CTL, WPI_UC_ENABLE); 1197 1198 wpi_mem_unlock(sc); 1199 1200 return 0; 1201 } 1202 1203 static int 1204 wpi_load_firmware(struct wpi_softc *sc) 1205 { 1206 struct wpi_dma_info *dma = &sc->fw_dma; 1207 struct wpi_firmware_hdr hdr; 1208 const uint8_t *init_text, *init_data, *main_text, *main_data; 1209 const uint8_t *boot_text; 1210 uint32_t init_textsz, init_datasz, main_textsz, main_datasz; 1211 uint32_t boot_textsz; 1212 firmware_handle_t fw; 1213 u_char *dfw; 1214 size_t size; 1215 int error; 1216 1217 /* load firmware image from disk */ 1218 if ((error = firmware_open("if_wpi","iwlwifi-3945.ucode", &fw) != 0)) { 1219 aprint_error("%s: could not read firmware file\n", 1220 sc->sc_dev.dv_xname); 1221 goto fail1; 1222 } 1223 1224 size = firmware_get_size(fw); 1225 1226 /* extract firmware header information */ 1227 if (size < sizeof (struct wpi_firmware_hdr)) { 1228 aprint_error("%s: truncated firmware header: %zu bytes\n", 1229 sc->sc_dev.dv_xname, size); 1230 error = EINVAL; 1231 goto fail2; 1232 } 1233 1234 if ((error = firmware_read(fw, 0, &hdr, 1235 sizeof (struct wpi_firmware_hdr))) != 0) { 1236 aprint_error("%s: can't get firmware header\n", 1237 sc->sc_dev.dv_xname); 1238 goto fail2; 1239 } 1240 1241 main_textsz = le32toh(hdr.main_textsz); 1242 main_datasz = le32toh(hdr.main_datasz); 1243 init_textsz = le32toh(hdr.init_textsz); 1244 init_datasz = le32toh(hdr.init_datasz); 1245 boot_textsz = le32toh(hdr.boot_textsz); 1246 1247 /* sanity-check firmware segments sizes */ 1248 if (main_textsz > WPI_FW_MAIN_TEXT_MAXSZ || 1249 main_datasz > WPI_FW_MAIN_DATA_MAXSZ || 1250 init_textsz > WPI_FW_INIT_TEXT_MAXSZ || 1251 init_datasz > WPI_FW_INIT_DATA_MAXSZ || 1252 boot_textsz > WPI_FW_BOOT_TEXT_MAXSZ || 1253 (boot_textsz & 3) != 0) { 1254 printf("%s: invalid firmware header\n", sc->sc_dev.dv_xname); 1255 error = EINVAL; 1256 goto fail2; 1257 } 1258 1259 /* check that all firmware segments are present */ 1260 if (size < sizeof (struct wpi_firmware_hdr) + main_textsz + 1261 main_datasz + init_textsz + init_datasz + boot_textsz) { 1262 aprint_error("%s: firmware file too short: %zu bytes\n", 1263 sc->sc_dev.dv_xname, size); 1264 error = EINVAL; 1265 goto fail2; 1266 } 1267 1268 dfw = firmware_malloc(size); 1269 if (dfw == NULL) { 1270 aprint_error("%s: not enough memory to stock firmware\n", 1271 sc->sc_dev.dv_xname); 1272 error = ENOMEM; 1273 goto fail2; 1274 } 1275 1276 if ((error = firmware_read(fw, 0, dfw, size)) != 0) { 1277 aprint_error("%s: can't get firmware\n", 1278 sc->sc_dev.dv_xname); 1279 goto fail2; 1280 } 1281 1282 /* get pointers to firmware segments */ 1283 main_text = dfw + sizeof (struct wpi_firmware_hdr); 1284 main_data = main_text + main_textsz; 1285 init_text = main_data + main_datasz; 1286 init_data = init_text + init_textsz; 1287 boot_text = init_data + init_datasz; 1288 1289 /* copy initialization images into pre-allocated DMA-safe memory */ 1290 memcpy(dma->vaddr, init_data, init_datasz); 1291 memcpy((char*)dma->vaddr + WPI_FW_INIT_DATA_MAXSZ, init_text, init_textsz); 1292 1293 /* tell adapter where to find initialization images */ 1294 wpi_mem_lock(sc); 1295 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1296 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, init_datasz); 1297 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1298 dma->paddr + WPI_FW_INIT_DATA_MAXSZ); 1299 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, init_textsz); 1300 wpi_mem_unlock(sc); 1301 1302 /* load firmware boot code */ 1303 if ((error = wpi_load_microcode(sc, boot_text, boot_textsz)) != 0) { 1304 printf("%s: could not load boot firmware\n", 1305 sc->sc_dev.dv_xname); 1306 goto fail3; 1307 } 1308 1309 /* now press "execute" ;-) */ 1310 WPI_WRITE(sc, WPI_RESET, 0); 1311 1312 /* ..and wait at most one second for adapter to initialize */ 1313 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1314 /* this isn't what was supposed to happen.. */ 1315 aprint_error("%s: timeout waiting for adapter to initialize\n", 1316 sc->sc_dev.dv_xname); 1317 } 1318 1319 /* copy runtime images into pre-allocated DMA-safe memory */ 1320 memcpy(dma->vaddr, main_data, main_datasz); 1321 memcpy((char*)dma->vaddr + WPI_FW_MAIN_DATA_MAXSZ, main_text, main_textsz); 1322 1323 /* tell adapter where to find runtime images */ 1324 wpi_mem_lock(sc); 1325 wpi_mem_write(sc, WPI_MEM_DATA_BASE, dma->paddr); 1326 wpi_mem_write(sc, WPI_MEM_DATA_SIZE, main_datasz); 1327 wpi_mem_write(sc, WPI_MEM_TEXT_BASE, 1328 dma->paddr + WPI_FW_MAIN_DATA_MAXSZ); 1329 wpi_mem_write(sc, WPI_MEM_TEXT_SIZE, WPI_FW_UPDATED | main_textsz); 1330 wpi_mem_unlock(sc); 1331 1332 /* wait at most one second for second alive notification */ 1333 if ((error = tsleep(sc, PCATCH, "wpiinit", hz)) != 0) { 1334 /* this isn't what was supposed to happen.. */ 1335 printf("%s: timeout waiting for adapter to initialize\n", 1336 sc->sc_dev.dv_xname); 1337 } 1338 1339 1340 fail3: firmware_free(dfw,size); 1341 fail2: firmware_close(fw); 1342 fail1: return error; 1343 } 1344 1345 static void 1346 wpi_calib_timeout(void *arg) 1347 { 1348 struct wpi_softc *sc = arg; 1349 struct ieee80211com *ic = &sc->sc_ic; 1350 int temp, s; 1351 1352 /* automatic rate control triggered every 500ms */ 1353 if (ic->ic_fixed_rate == -1) { 1354 s = splnet(); 1355 if (ic->ic_opmode == IEEE80211_M_STA) 1356 wpi_iter_func(sc, ic->ic_bss); 1357 else 1358 ieee80211_iterate_nodes(&ic->ic_sta, wpi_iter_func, sc); 1359 splx(s); 1360 } 1361 1362 /* update sensor data */ 1363 temp = (int)WPI_READ(sc, WPI_TEMPERATURE); 1364 1365 /* automatic power calibration every 60s */ 1366 if (++sc->calib_cnt >= 120) { 1367 wpi_power_calibration(sc, temp); 1368 sc->calib_cnt = 0; 1369 } 1370 1371 callout_reset(&sc->calib_to, hz/2, wpi_calib_timeout, sc); 1372 } 1373 1374 static void 1375 wpi_iter_func(void *arg, struct ieee80211_node *ni) 1376 { 1377 struct wpi_softc *sc = arg; 1378 struct wpi_node *wn = (struct wpi_node *)ni; 1379 1380 ieee80211_amrr_choose(&sc->amrr, ni, &wn->amn); 1381 } 1382 1383 /* 1384 * This function is called periodically (every 60 seconds) to adjust output 1385 * power to temperature changes. 1386 */ 1387 void 1388 wpi_power_calibration(struct wpi_softc *sc, int temp) 1389 { 1390 /* sanity-check read value */ 1391 if (temp < -260 || temp > 25) { 1392 /* this can't be correct, ignore */ 1393 DPRINTF(("out-of-range temperature reported: %d\n", temp)); 1394 return; 1395 } 1396 1397 DPRINTF(("temperature %d->%d\n", sc->temp, temp)); 1398 1399 /* adjust Tx power if need be */ 1400 if (abs(temp - sc->temp) <= 6) 1401 return; 1402 1403 sc->temp = temp; 1404 1405 if (wpi_set_txpower(sc, sc->sc_ic.ic_bss->ni_chan, 1) != 0) { 1406 /* just warn, too bad for the automatic calibration... */ 1407 aprint_error("%s: could not adjust Tx power\n", 1408 sc->sc_dev.dv_xname); 1409 } 1410 } 1411 1412 static void 1413 wpi_rx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc, 1414 struct wpi_rx_data *data) 1415 { 1416 struct ieee80211com *ic = &sc->sc_ic; 1417 struct ifnet *ifp = ic->ic_ifp; 1418 struct wpi_rx_ring *ring = &sc->rxq; 1419 struct wpi_rx_stat *stat; 1420 struct wpi_rx_head *head; 1421 struct wpi_rx_tail *tail; 1422 struct wpi_rbuf *rbuf; 1423 struct ieee80211_frame *wh; 1424 struct ieee80211_node *ni; 1425 struct mbuf *m, *mnew; 1426 int data_off ; 1427 1428 stat = (struct wpi_rx_stat *)(desc + 1); 1429 1430 if (stat->len > WPI_STAT_MAXLEN) { 1431 aprint_error("%s: invalid rx statistic header\n", 1432 sc->sc_dev.dv_xname); 1433 ifp->if_ierrors++; 1434 return; 1435 } 1436 1437 head = (struct wpi_rx_head *)((char *)(stat + 1) + stat->len); 1438 tail = (struct wpi_rx_tail *)((char *)(head + 1) + le16toh(head->len)); 1439 1440 DPRINTFN(4, ("rx intr: idx=%d len=%d stat len=%d rssi=%d rate=%x " 1441 "chan=%d tstamp=%" PRId64 "\n", ring->cur, le32toh(desc->len), 1442 le16toh(head->len), (int8_t)stat->rssi, head->rate, head->chan, 1443 le64toh(tail->tstamp))); 1444 1445 /* 1446 * Discard Rx frames with bad CRC early (XXX we may want to pass them 1447 * to radiotap in monitor mode). 1448 */ 1449 if ((le32toh(tail->flags) & WPI_RX_NOERROR) != WPI_RX_NOERROR) { 1450 DPRINTF(("rx tail flags error %x\n", le32toh(tail->flags))); 1451 ifp->if_ierrors++; 1452 return; 1453 } 1454 1455 /* Compute where are the useful datas */ 1456 data_off = (char*)(head + 1) - mtod(data->m, char*); 1457 1458 /* 1459 * If the number of free entry is too low 1460 * just dup the data->m socket and reuse the same rbuf entry 1461 */ 1462 if (sc->rxq.nb_free_entries <= WPI_RBUF_LOW_LIMIT) { 1463 1464 /* Prepare the mbuf for the m_dup */ 1465 data->m->m_pkthdr.len = data->m->m_len = le16toh(head->len); 1466 data->m->m_data = (char*) data->m->m_data + data_off; 1467 1468 m = m_dup(data->m,0,M_COPYALL,M_DONTWAIT); 1469 1470 /* Restore the m_data pointer for future use */ 1471 data->m->m_data = (char*) data->m->m_data - data_off; 1472 1473 if (m == NULL) { 1474 ifp->if_ierrors++; 1475 return; 1476 } 1477 } else { 1478 1479 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1480 if (mnew == NULL) { 1481 ifp->if_ierrors++; 1482 return; 1483 } 1484 1485 rbuf = wpi_alloc_rbuf(sc); 1486 KASSERT(rbuf != NULL); 1487 1488 /* attach Rx buffer to mbuf */ 1489 MEXTADD(mnew, rbuf->vaddr, WPI_RBUF_SIZE, 0, wpi_free_rbuf, 1490 rbuf); 1491 mnew->m_flags |= M_EXT_RW; 1492 1493 m = data->m; 1494 data->m = mnew; 1495 1496 /* update Rx descriptor */ 1497 ring->desc[ring->cur] = htole32(rbuf->paddr); 1498 1499 m->m_data = (char*)m->m_data + data_off; 1500 m->m_pkthdr.len = m->m_len = le16toh(head->len); 1501 } 1502 1503 /* finalize mbuf */ 1504 m->m_pkthdr.rcvif = ifp; 1505 1506 if (ic->ic_state == IEEE80211_S_SCAN) 1507 wpi_fix_channel(ic, m); 1508 1509 #if NBPFILTER > 0 1510 if (sc->sc_drvbpf != NULL) { 1511 struct wpi_rx_radiotap_header *tap = &sc->sc_rxtap; 1512 1513 tap->wr_flags = 0; 1514 tap->wr_chan_freq = 1515 htole16(ic->ic_channels[head->chan].ic_freq); 1516 tap->wr_chan_flags = 1517 htole16(ic->ic_channels[head->chan].ic_flags); 1518 tap->wr_dbm_antsignal = (int8_t)(stat->rssi - WPI_RSSI_OFFSET); 1519 tap->wr_dbm_antnoise = (int8_t)le16toh(stat->noise); 1520 tap->wr_tsft = tail->tstamp; 1521 tap->wr_antenna = (le16toh(head->flags) >> 4) & 0xf; 1522 switch (head->rate) { 1523 /* CCK rates */ 1524 case 10: tap->wr_rate = 2; break; 1525 case 20: tap->wr_rate = 4; break; 1526 case 55: tap->wr_rate = 11; break; 1527 case 110: tap->wr_rate = 22; break; 1528 /* OFDM rates */ 1529 case 0xd: tap->wr_rate = 12; break; 1530 case 0xf: tap->wr_rate = 18; break; 1531 case 0x5: tap->wr_rate = 24; break; 1532 case 0x7: tap->wr_rate = 36; break; 1533 case 0x9: tap->wr_rate = 48; break; 1534 case 0xb: tap->wr_rate = 72; break; 1535 case 0x1: tap->wr_rate = 96; break; 1536 case 0x3: tap->wr_rate = 108; break; 1537 /* unknown rate: should not happen */ 1538 default: tap->wr_rate = 0; 1539 } 1540 if (le16toh(head->flags) & 0x4) 1541 tap->wr_flags |= IEEE80211_RADIOTAP_F_SHORTPRE; 1542 1543 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_rxtap_len, m); 1544 } 1545 #endif 1546 1547 /* grab a reference to the source node */ 1548 wh = mtod(m, struct ieee80211_frame *); 1549 ni = ieee80211_find_rxnode(ic, (struct ieee80211_frame_min *)wh); 1550 1551 /* send the frame to the 802.11 layer */ 1552 ieee80211_input(ic, m, ni, stat->rssi, 0); 1553 1554 /* release node reference */ 1555 ieee80211_free_node(ni); 1556 } 1557 1558 static void 1559 wpi_tx_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1560 { 1561 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1562 struct wpi_tx_ring *ring = &sc->txq[desc->qid & 0x3]; 1563 struct wpi_tx_data *txdata = &ring->data[desc->idx]; 1564 struct wpi_tx_stat *stat = (struct wpi_tx_stat *)(desc + 1); 1565 struct wpi_node *wn = (struct wpi_node *)txdata->ni; 1566 1567 DPRINTFN(4, ("tx done: qid=%d idx=%d retries=%d nkill=%d rate=%x " 1568 "duration=%d status=%x\n", desc->qid, desc->idx, stat->ntries, 1569 stat->nkill, stat->rate, le32toh(stat->duration), 1570 le32toh(stat->status))); 1571 1572 /* 1573 * Update rate control statistics for the node. 1574 * XXX we should not count mgmt frames since they're always sent at 1575 * the lowest available bit-rate. 1576 */ 1577 wn->amn.amn_txcnt++; 1578 if (stat->ntries > 0) { 1579 DPRINTFN(3, ("tx intr ntries %d\n", stat->ntries)); 1580 wn->amn.amn_retrycnt++; 1581 } 1582 1583 if ((le32toh(stat->status) & 0xff) != 1) 1584 ifp->if_oerrors++; 1585 else 1586 ifp->if_opackets++; 1587 1588 bus_dmamap_unload(sc->sc_dmat, txdata->map); 1589 m_freem(txdata->m); 1590 txdata->m = NULL; 1591 ieee80211_free_node(txdata->ni); 1592 txdata->ni = NULL; 1593 1594 ring->queued--; 1595 1596 sc->sc_tx_timer = 0; 1597 ifp->if_flags &= ~IFF_OACTIVE; 1598 wpi_start(ifp); 1599 } 1600 1601 static void 1602 wpi_cmd_intr(struct wpi_softc *sc, struct wpi_rx_desc *desc) 1603 { 1604 struct wpi_tx_ring *ring = &sc->cmdq; 1605 struct wpi_tx_data *data; 1606 1607 if ((desc->qid & 7) != 4) 1608 return; /* not a command ack */ 1609 1610 data = &ring->data[desc->idx]; 1611 1612 /* if the command was mapped in a mbuf, free it */ 1613 if (data->m != NULL) { 1614 bus_dmamap_unload(sc->sc_dmat, data->map); 1615 m_freem(data->m); 1616 data->m = NULL; 1617 } 1618 1619 wakeup(&ring->cmd[desc->idx]); 1620 } 1621 1622 static void 1623 wpi_notif_intr(struct wpi_softc *sc) 1624 { 1625 struct ieee80211com *ic = &sc->sc_ic; 1626 struct ifnet *ifp = ic->ic_ifp; 1627 struct wpi_rx_desc *desc; 1628 struct wpi_rx_data *data; 1629 uint32_t hw; 1630 1631 hw = le32toh(sc->shared->next); 1632 while (sc->rxq.cur != hw) { 1633 data = &sc->rxq.data[sc->rxq.cur]; 1634 1635 desc = mtod(data->m, struct wpi_rx_desc *); 1636 1637 DPRINTFN(4, ("rx notification qid=%x idx=%d flags=%x type=%d " 1638 "len=%d\n", desc->qid, desc->idx, desc->flags, 1639 desc->type, le32toh(desc->len))); 1640 1641 if (!(desc->qid & 0x80)) /* reply to a command */ 1642 wpi_cmd_intr(sc, desc); 1643 1644 switch (desc->type) { 1645 case WPI_RX_DONE: 1646 /* a 802.11 frame was received */ 1647 wpi_rx_intr(sc, desc, data); 1648 break; 1649 1650 case WPI_TX_DONE: 1651 /* a 802.11 frame has been transmitted */ 1652 wpi_tx_intr(sc, desc); 1653 break; 1654 1655 case WPI_UC_READY: 1656 { 1657 struct wpi_ucode_info *uc = 1658 (struct wpi_ucode_info *)(desc + 1); 1659 1660 /* the microcontroller is ready */ 1661 DPRINTF(("microcode alive notification version %x " 1662 "alive %x\n", le32toh(uc->version), 1663 le32toh(uc->valid))); 1664 1665 if (le32toh(uc->valid) != 1) { 1666 aprint_error("%s: microcontroller " 1667 "initialization failed\n", 1668 sc->sc_dev.dv_xname); 1669 } 1670 break; 1671 } 1672 case WPI_STATE_CHANGED: 1673 { 1674 uint32_t *status = (uint32_t *)(desc + 1); 1675 1676 /* enabled/disabled notification */ 1677 DPRINTF(("state changed to %x\n", le32toh(*status))); 1678 1679 if (le32toh(*status) & 1) { 1680 /* the radio button has to be pushed */ 1681 aprint_error("%s: Radio transmitter is off\n", 1682 sc->sc_dev.dv_xname); 1683 /* turn the interface down */ 1684 ifp->if_flags &= ~IFF_UP; 1685 wpi_stop(ifp, 1); 1686 return; /* no further processing */ 1687 } 1688 break; 1689 } 1690 case WPI_START_SCAN: 1691 { 1692 struct wpi_start_scan *scan = 1693 (struct wpi_start_scan *)(desc + 1); 1694 1695 DPRINTFN(2, ("scanning channel %d status %x\n", 1696 scan->chan, le32toh(scan->status))); 1697 1698 /* fix current channel */ 1699 ic->ic_bss->ni_chan = &ic->ic_channels[scan->chan]; 1700 break; 1701 } 1702 case WPI_STOP_SCAN: 1703 { 1704 struct wpi_stop_scan *scan = 1705 (struct wpi_stop_scan *)(desc + 1); 1706 1707 DPRINTF(("scan finished nchan=%d status=%d chan=%d\n", 1708 scan->nchan, scan->status, scan->chan)); 1709 1710 if (scan->status == 1 && scan->chan <= 14) { 1711 /* 1712 * We just finished scanning 802.11g channels, 1713 * start scanning 802.11a ones. 1714 */ 1715 if (wpi_scan(sc, IEEE80211_CHAN_A) == 0) 1716 break; 1717 } 1718 sc->is_scanning = false; 1719 ieee80211_end_scan(ic); 1720 break; 1721 } 1722 } 1723 1724 sc->rxq.cur = (sc->rxq.cur + 1) % WPI_RX_RING_COUNT; 1725 } 1726 1727 /* tell the firmware what we have processed */ 1728 hw = (hw == 0) ? WPI_RX_RING_COUNT - 1 : hw - 1; 1729 WPI_WRITE(sc, WPI_RX_WIDX, hw & ~7); 1730 } 1731 1732 static int 1733 wpi_intr(void *arg) 1734 { 1735 struct wpi_softc *sc = arg; 1736 struct ifnet *ifp = sc->sc_ic.ic_ifp; 1737 uint32_t r; 1738 1739 r = WPI_READ(sc, WPI_INTR); 1740 if (r == 0 || r == 0xffffffff) 1741 return 0; /* not for us */ 1742 1743 DPRINTFN(5, ("interrupt reg %x\n", r)); 1744 1745 /* disable interrupts */ 1746 WPI_WRITE(sc, WPI_MASK, 0); 1747 /* ack interrupts */ 1748 WPI_WRITE(sc, WPI_INTR, r); 1749 1750 if (r & (WPI_SW_ERROR | WPI_HW_ERROR)) { 1751 aprint_error("%s: fatal firmware error\n", sc->sc_dev.dv_xname); 1752 sc->sc_ic.ic_ifp->if_flags &= ~IFF_UP; 1753 wpi_stop(sc->sc_ic.ic_ifp, 1); 1754 return 1; 1755 } 1756 1757 if (r & WPI_RX_INTR) 1758 wpi_notif_intr(sc); 1759 1760 if (r & WPI_ALIVE_INTR) /* firmware initialized */ 1761 wakeup(sc); 1762 1763 /* re-enable interrupts */ 1764 if (ifp->if_flags & IFF_UP) 1765 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 1766 1767 return 1; 1768 } 1769 1770 static uint8_t 1771 wpi_plcp_signal(int rate) 1772 { 1773 switch (rate) { 1774 /* CCK rates (returned values are device-dependent) */ 1775 case 2: return 10; 1776 case 4: return 20; 1777 case 11: return 55; 1778 case 22: return 110; 1779 1780 /* OFDM rates (cf IEEE Std 802.11a-1999, pp. 14 Table 80) */ 1781 /* R1-R4, (u)ral is R4-R1 */ 1782 case 12: return 0xd; 1783 case 18: return 0xf; 1784 case 24: return 0x5; 1785 case 36: return 0x7; 1786 case 48: return 0x9; 1787 case 72: return 0xb; 1788 case 96: return 0x1; 1789 case 108: return 0x3; 1790 1791 /* unsupported rates (should not get there) */ 1792 default: return 0; 1793 } 1794 } 1795 1796 /* quickly determine if a given rate is CCK or OFDM */ 1797 #define WPI_RATE_IS_OFDM(rate) ((rate) >= 12 && (rate) != 22) 1798 1799 static int 1800 wpi_tx_data(struct wpi_softc *sc, struct mbuf *m0, struct ieee80211_node *ni, 1801 int ac) 1802 { 1803 struct ieee80211com *ic = &sc->sc_ic; 1804 struct wpi_tx_ring *ring = &sc->txq[ac]; 1805 struct wpi_tx_desc *desc; 1806 struct wpi_tx_data *data; 1807 struct wpi_tx_cmd *cmd; 1808 struct wpi_cmd_data *tx; 1809 struct ieee80211_frame *wh; 1810 struct ieee80211_key *k; 1811 const struct chanAccParams *cap; 1812 struct mbuf *mnew; 1813 int i, error, rate, hdrlen, noack = 0; 1814 1815 desc = &ring->desc[ring->cur]; 1816 data = &ring->data[ring->cur]; 1817 1818 wh = mtod(m0, struct ieee80211_frame *); 1819 1820 if (IEEE80211_QOS_HAS_SEQ(wh)) { 1821 hdrlen = sizeof (struct ieee80211_qosframe); 1822 cap = &ic->ic_wme.wme_chanParams; 1823 noack = cap->cap_wmeParams[ac].wmep_noackPolicy; 1824 } else 1825 hdrlen = sizeof (struct ieee80211_frame); 1826 1827 if (wh->i_fc[1] & IEEE80211_FC1_WEP) { 1828 k = ieee80211_crypto_encap(ic, ni, m0); 1829 if (k == NULL) { 1830 m_freem(m0); 1831 return ENOBUFS; 1832 } 1833 1834 /* packet header may have moved, reset our local pointer */ 1835 wh = mtod(m0, struct ieee80211_frame *); 1836 } 1837 1838 /* pickup a rate */ 1839 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1840 IEEE80211_FC0_TYPE_MGT) { 1841 /* mgmt frames are sent at the lowest available bit-rate */ 1842 rate = ni->ni_rates.rs_rates[0]; 1843 } else { 1844 if (ic->ic_fixed_rate != -1) { 1845 rate = ic->ic_sup_rates[ic->ic_curmode]. 1846 rs_rates[ic->ic_fixed_rate]; 1847 } else 1848 rate = ni->ni_rates.rs_rates[ni->ni_txrate]; 1849 } 1850 rate &= IEEE80211_RATE_VAL; 1851 1852 1853 #if NBPFILTER > 0 1854 if (sc->sc_drvbpf != NULL) { 1855 struct wpi_tx_radiotap_header *tap = &sc->sc_txtap; 1856 1857 tap->wt_flags = 0; 1858 tap->wt_chan_freq = htole16(ni->ni_chan->ic_freq); 1859 tap->wt_chan_flags = htole16(ni->ni_chan->ic_flags); 1860 tap->wt_rate = rate; 1861 tap->wt_hwqueue = ac; 1862 if (wh->i_fc[1] & IEEE80211_FC1_WEP) 1863 tap->wt_flags |= IEEE80211_RADIOTAP_F_WEP; 1864 1865 bpf_mtap2(sc->sc_drvbpf, tap, sc->sc_txtap_len, m0); 1866 } 1867 #endif 1868 1869 cmd = &ring->cmd[ring->cur]; 1870 cmd->code = WPI_CMD_TX_DATA; 1871 cmd->flags = 0; 1872 cmd->qid = ring->qid; 1873 cmd->idx = ring->cur; 1874 1875 tx = (struct wpi_cmd_data *)cmd->data; 1876 tx->flags = 0; 1877 1878 if (!noack && !IEEE80211_IS_MULTICAST(wh->i_addr1)) { 1879 tx->flags |= htole32(WPI_TX_NEED_ACK); 1880 } else if (m0->m_pkthdr.len + IEEE80211_CRC_LEN > ic->ic_rtsthreshold) 1881 tx->flags |= htole32(WPI_TX_NEED_RTS | WPI_TX_FULL_TXOP); 1882 1883 tx->flags |= htole32(WPI_TX_AUTO_SEQ); 1884 1885 /* retrieve destination node's id */ 1886 tx->id = IEEE80211_IS_MULTICAST(wh->i_addr1) ? WPI_ID_BROADCAST : 1887 WPI_ID_BSS; 1888 1889 if ((wh->i_fc[0] & IEEE80211_FC0_TYPE_MASK) == 1890 IEEE80211_FC0_TYPE_MGT) { 1891 /* tell h/w to set timestamp in probe responses */ 1892 if ((wh->i_fc[0] & 1893 (IEEE80211_FC0_TYPE_MASK | IEEE80211_FC0_SUBTYPE_MASK)) == 1894 (IEEE80211_FC0_TYPE_MGT | IEEE80211_FC0_SUBTYPE_PROBE_RESP)) 1895 tx->flags |= htole32(WPI_TX_INSERT_TSTAMP); 1896 1897 if (((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1898 IEEE80211_FC0_SUBTYPE_ASSOC_REQ) || 1899 ((wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK) == 1900 IEEE80211_FC0_SUBTYPE_REASSOC_REQ)) 1901 tx->timeout = htole16(3); 1902 else 1903 tx->timeout = htole16(2); 1904 } else 1905 tx->timeout = htole16(0); 1906 1907 tx->rate = wpi_plcp_signal(rate); 1908 1909 /* be very persistant at sending frames out */ 1910 tx->rts_ntries = 7; 1911 tx->data_ntries = 15; 1912 1913 tx->ofdm_mask = 0xff; 1914 tx->cck_mask = 0xf; 1915 tx->lifetime = htole32(WPI_LIFETIME_INFINITE); 1916 1917 tx->len = htole16(m0->m_pkthdr.len); 1918 1919 /* save and trim IEEE802.11 header */ 1920 m_copydata(m0, 0, hdrlen, (void *)&tx->wh); 1921 m_adj(m0, hdrlen); 1922 1923 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1924 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1925 if (error != 0 && error != EFBIG) { 1926 aprint_error("%s: could not map mbuf (error %d)\n", 1927 sc->sc_dev.dv_xname, error); 1928 m_freem(m0); 1929 return error; 1930 } 1931 if (error != 0) { 1932 /* too many fragments, linearize */ 1933 MGETHDR(mnew, M_DONTWAIT, MT_DATA); 1934 if (mnew == NULL) { 1935 m_freem(m0); 1936 return ENOMEM; 1937 } 1938 1939 M_COPY_PKTHDR(mnew, m0); 1940 if (m0->m_pkthdr.len > MHLEN) { 1941 MCLGET(mnew, M_DONTWAIT); 1942 if (!(mnew->m_flags & M_EXT)) { 1943 m_freem(m0); 1944 m_freem(mnew); 1945 return ENOMEM; 1946 } 1947 } 1948 1949 m_copydata(m0, 0, m0->m_pkthdr.len, mtod(mnew, void *)); 1950 m_freem(m0); 1951 mnew->m_len = mnew->m_pkthdr.len; 1952 m0 = mnew; 1953 1954 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 1955 BUS_DMA_WRITE | BUS_DMA_NOWAIT); 1956 if (error != 0) { 1957 aprint_error("%s: could not map mbuf (error %d)\n", 1958 sc->sc_dev.dv_xname, error); 1959 m_freem(m0); 1960 return error; 1961 } 1962 } 1963 1964 data->m = m0; 1965 data->ni = ni; 1966 1967 DPRINTFN(4, ("sending data: qid=%d idx=%d len=%d nsegs=%d\n", 1968 ring->qid, ring->cur, m0->m_pkthdr.len, data->map->dm_nsegs)); 1969 1970 /* first scatter/gather segment is used by the tx data command */ 1971 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 1972 (1 + data->map->dm_nsegs) << 24); 1973 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 1974 ring->cur * sizeof (struct wpi_tx_cmd)); 1975 /*XXX The next line might be wrong. I don't use hdrlen*/ 1976 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_data)); 1977 1978 for (i = 1; i <= data->map->dm_nsegs; i++) { 1979 desc->segs[i].addr = 1980 htole32(data->map->dm_segs[i - 1].ds_addr); 1981 desc->segs[i].len = 1982 htole32(data->map->dm_segs[i - 1].ds_len); 1983 } 1984 1985 ring->queued++; 1986 1987 /* kick ring */ 1988 ring->cur = (ring->cur + 1) % WPI_TX_RING_COUNT; 1989 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 1990 1991 return 0; 1992 } 1993 1994 static void 1995 wpi_start(struct ifnet *ifp) 1996 { 1997 struct wpi_softc *sc = ifp->if_softc; 1998 struct ieee80211com *ic = &sc->sc_ic; 1999 struct ieee80211_node *ni; 2000 struct ether_header *eh; 2001 struct mbuf *m0; 2002 int ac; 2003 2004 /* 2005 * net80211 may still try to send management frames even if the 2006 * IFF_RUNNING flag is not set... 2007 */ 2008 if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING) 2009 return; 2010 2011 for (;;) { 2012 IF_POLL(&ic->ic_mgtq, m0); 2013 if (m0 != NULL) { 2014 IF_DEQUEUE(&ic->ic_mgtq, m0); 2015 2016 ni = (struct ieee80211_node *)m0->m_pkthdr.rcvif; 2017 m0->m_pkthdr.rcvif = NULL; 2018 2019 /* management frames go into ring 0 */ 2020 if (sc->txq[0].queued > sc->txq[0].count - 8) { 2021 ifp->if_oerrors++; 2022 continue; 2023 } 2024 #if NBPFILTER > 0 2025 if (ic->ic_rawbpf != NULL) 2026 bpf_mtap(ic->ic_rawbpf, m0); 2027 #endif 2028 if (wpi_tx_data(sc, m0, ni, 0) != 0) { 2029 ifp->if_oerrors++; 2030 break; 2031 } 2032 } else { 2033 if (ic->ic_state != IEEE80211_S_RUN) 2034 break; 2035 IFQ_POLL(&ifp->if_snd, m0); 2036 if (m0 == NULL) 2037 break; 2038 2039 if (m0->m_len < sizeof (*eh) && 2040 (m0 = m_pullup(m0, sizeof (*eh))) != NULL) { 2041 ifp->if_oerrors++; 2042 continue; 2043 } 2044 eh = mtod(m0, struct ether_header *); 2045 ni = ieee80211_find_txnode(ic, eh->ether_dhost); 2046 if (ni == NULL) { 2047 m_freem(m0); 2048 ifp->if_oerrors++; 2049 continue; 2050 } 2051 2052 /* classify mbuf so we can find which tx ring to use */ 2053 if (ieee80211_classify(ic, m0, ni) != 0) { 2054 m_freem(m0); 2055 ieee80211_free_node(ni); 2056 ifp->if_oerrors++; 2057 continue; 2058 } 2059 2060 /* no QoS encapsulation for EAPOL frames */ 2061 ac = (eh->ether_type != htons(ETHERTYPE_PAE)) ? 2062 M_WME_GETAC(m0) : WME_AC_BE; 2063 2064 if (sc->txq[ac].queued > sc->txq[ac].count - 8) { 2065 /* there is no place left in this ring */ 2066 ifp->if_flags |= IFF_OACTIVE; 2067 break; 2068 } 2069 IFQ_DEQUEUE(&ifp->if_snd, m0); 2070 #if NBPFILTER > 0 2071 if (ifp->if_bpf != NULL) 2072 bpf_mtap(ifp->if_bpf, m0); 2073 #endif 2074 m0 = ieee80211_encap(ic, m0, ni); 2075 if (m0 == NULL) { 2076 ieee80211_free_node(ni); 2077 ifp->if_oerrors++; 2078 continue; 2079 } 2080 #if NBPFILTER > 0 2081 if (ic->ic_rawbpf != NULL) 2082 bpf_mtap(ic->ic_rawbpf, m0); 2083 #endif 2084 if (wpi_tx_data(sc, m0, ni, ac) != 0) { 2085 ieee80211_free_node(ni); 2086 ifp->if_oerrors++; 2087 break; 2088 } 2089 } 2090 2091 sc->sc_tx_timer = 5; 2092 ifp->if_timer = 1; 2093 } 2094 } 2095 2096 static void 2097 wpi_watchdog(struct ifnet *ifp) 2098 { 2099 struct wpi_softc *sc = ifp->if_softc; 2100 2101 ifp->if_timer = 0; 2102 2103 if (sc->sc_tx_timer > 0) { 2104 if (--sc->sc_tx_timer == 0) { 2105 aprint_error("%s: device timeout\n", 2106 sc->sc_dev.dv_xname); 2107 ifp->if_oerrors++; 2108 ifp->if_flags &= ~IFF_UP; 2109 wpi_stop(ifp, 1); 2110 return; 2111 } 2112 ifp->if_timer = 1; 2113 } 2114 2115 ieee80211_watchdog(&sc->sc_ic); 2116 } 2117 2118 static int 2119 wpi_ioctl(struct ifnet *ifp, u_long cmd, void *data) 2120 { 2121 #define IS_RUNNING(ifp) \ 2122 ((ifp->if_flags & IFF_UP) && (ifp->if_flags & IFF_RUNNING)) 2123 2124 struct wpi_softc *sc = ifp->if_softc; 2125 struct ieee80211com *ic = &sc->sc_ic; 2126 struct ifreq *ifr = (struct ifreq *)data; 2127 int s, error = 0; 2128 2129 s = splnet(); 2130 2131 switch (cmd) { 2132 case SIOCSIFFLAGS: 2133 if (ifp->if_flags & IFF_UP) { 2134 if (!(ifp->if_flags & IFF_RUNNING)) 2135 wpi_init(ifp); 2136 } else { 2137 if (ifp->if_flags & IFF_RUNNING) 2138 wpi_stop(ifp, 1); 2139 } 2140 break; 2141 2142 case SIOCADDMULTI: 2143 case SIOCDELMULTI: 2144 error = (cmd == SIOCADDMULTI) ? 2145 ether_addmulti(ifr, &sc->sc_ec) : 2146 ether_delmulti(ifr, &sc->sc_ec); 2147 if (error == ENETRESET) { 2148 /* setup multicast filter, etc */ 2149 error = 0; 2150 } 2151 break; 2152 2153 default: 2154 error = ieee80211_ioctl(ic, cmd, data); 2155 } 2156 2157 if (error == ENETRESET) { 2158 if (IS_RUNNING(ifp) && 2159 (ic->ic_roaming != IEEE80211_ROAMING_MANUAL)) 2160 wpi_init(ifp); 2161 error = 0; 2162 } 2163 2164 splx(s); 2165 return error; 2166 2167 #undef IS_RUNNING 2168 } 2169 2170 /* 2171 * Extract various information from EEPROM. 2172 */ 2173 static void 2174 wpi_read_eeprom(struct wpi_softc *sc) 2175 { 2176 struct ieee80211com *ic = &sc->sc_ic; 2177 char domain[4]; 2178 int i; 2179 2180 wpi_read_prom_data(sc, WPI_EEPROM_CAPABILITIES, &sc->cap, 1); 2181 wpi_read_prom_data(sc, WPI_EEPROM_REVISION, &sc->rev, 2); 2182 wpi_read_prom_data(sc, WPI_EEPROM_TYPE, &sc->type, 1); 2183 2184 DPRINTF(("cap=%x rev=%x type=%x\n", sc->cap, le16toh(sc->rev), 2185 sc->type)); 2186 2187 /* read and print regulatory domain */ 2188 wpi_read_prom_data(sc, WPI_EEPROM_DOMAIN, domain, 4); 2189 aprint_normal(", %.4s", domain); 2190 2191 /* read and print MAC address */ 2192 wpi_read_prom_data(sc, WPI_EEPROM_MAC, ic->ic_myaddr, 6); 2193 aprint_normal(", address %s\n", ether_sprintf(ic->ic_myaddr)); 2194 2195 /* read the list of authorized channels */ 2196 for (i = 0; i < WPI_CHAN_BANDS_COUNT; i++) 2197 wpi_read_eeprom_channels(sc, i); 2198 2199 /* read the list of power groups */ 2200 for (i = 0; i < WPI_POWER_GROUPS_COUNT; i++) 2201 wpi_read_eeprom_group(sc, i); 2202 } 2203 2204 static void 2205 wpi_read_eeprom_channels(struct wpi_softc *sc, int n) 2206 { 2207 struct ieee80211com *ic = &sc->sc_ic; 2208 const struct wpi_chan_band *band = &wpi_bands[n]; 2209 struct wpi_eeprom_chan channels[WPI_MAX_CHAN_PER_BAND]; 2210 int chan, i; 2211 2212 wpi_read_prom_data(sc, band->addr, channels, 2213 band->nchan * sizeof (struct wpi_eeprom_chan)); 2214 2215 for (i = 0; i < band->nchan; i++) { 2216 if (!(channels[i].flags & WPI_EEPROM_CHAN_VALID)) 2217 continue; 2218 2219 chan = band->chan[i]; 2220 2221 if (n == 0) { /* 2GHz band */ 2222 ic->ic_channels[chan].ic_freq = 2223 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_2GHZ); 2224 ic->ic_channels[chan].ic_flags = 2225 IEEE80211_CHAN_CCK | IEEE80211_CHAN_OFDM | 2226 IEEE80211_CHAN_DYN | IEEE80211_CHAN_2GHZ; 2227 2228 } else { /* 5GHz band */ 2229 /* 2230 * Some 3945abg adapters support channels 7, 8, 11 2231 * and 12 in the 2GHz *and* 5GHz bands. 2232 * Because of limitations in our net80211(9) stack, 2233 * we can't support these channels in 5GHz band. 2234 */ 2235 if (chan <= 14) 2236 continue; 2237 2238 ic->ic_channels[chan].ic_freq = 2239 ieee80211_ieee2mhz(chan, IEEE80211_CHAN_5GHZ); 2240 ic->ic_channels[chan].ic_flags = IEEE80211_CHAN_A; 2241 } 2242 2243 /* is active scan allowed on this channel? */ 2244 if (!(channels[i].flags & WPI_EEPROM_CHAN_ACTIVE)) { 2245 ic->ic_channels[chan].ic_flags |= 2246 IEEE80211_CHAN_PASSIVE; 2247 } 2248 2249 /* save maximum allowed power for this channel */ 2250 sc->maxpwr[chan] = channels[i].maxpwr; 2251 2252 DPRINTF(("adding chan %d flags=0x%x maxpwr=%d\n", 2253 chan, channels[i].flags, sc->maxpwr[chan])); 2254 } 2255 } 2256 2257 static void 2258 wpi_read_eeprom_group(struct wpi_softc *sc, int n) 2259 { 2260 struct wpi_power_group *group = &sc->groups[n]; 2261 struct wpi_eeprom_group rgroup; 2262 int i; 2263 2264 wpi_read_prom_data(sc, WPI_EEPROM_POWER_GRP + n * 32, &rgroup, 2265 sizeof rgroup); 2266 2267 /* save power group information */ 2268 group->chan = rgroup.chan; 2269 group->maxpwr = rgroup.maxpwr; 2270 /* temperature at which the samples were taken */ 2271 group->temp = (int16_t)le16toh(rgroup.temp); 2272 2273 DPRINTF(("power group %d: chan=%d maxpwr=%d temp=%d\n", n, 2274 group->chan, group->maxpwr, group->temp)); 2275 2276 for (i = 0; i < WPI_SAMPLES_COUNT; i++) { 2277 group->samples[i].index = rgroup.samples[i].index; 2278 group->samples[i].power = rgroup.samples[i].power; 2279 2280 DPRINTF(("\tsample %d: index=%d power=%d\n", i, 2281 group->samples[i].index, group->samples[i].power)); 2282 } 2283 } 2284 2285 /* 2286 * Send a command to the firmware. 2287 */ 2288 static int 2289 wpi_cmd(struct wpi_softc *sc, int code, const void *buf, int size, int async) 2290 { 2291 struct wpi_tx_ring *ring = &sc->cmdq; 2292 struct wpi_tx_desc *desc; 2293 struct wpi_tx_cmd *cmd; 2294 2295 KASSERT(size <= sizeof cmd->data); 2296 2297 desc = &ring->desc[ring->cur]; 2298 cmd = &ring->cmd[ring->cur]; 2299 2300 cmd->code = code; 2301 cmd->flags = 0; 2302 cmd->qid = ring->qid; 2303 cmd->idx = ring->cur; 2304 memcpy(cmd->data, buf, size); 2305 2306 desc->flags = htole32(WPI_PAD32(size) << 28 | 1 << 24); 2307 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2308 ring->cur * sizeof (struct wpi_tx_cmd)); 2309 desc->segs[0].len = htole32(4 + size); 2310 2311 /* kick cmd ring */ 2312 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2313 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2314 2315 return async ? 0 : tsleep(cmd, PCATCH, "wpicmd", hz); 2316 } 2317 2318 static int 2319 wpi_wme_update(struct ieee80211com *ic) 2320 { 2321 #define WPI_EXP2(v) htole16((1 << (v)) - 1) 2322 #define WPI_USEC(v) htole16(IEEE80211_TXOP_TO_US(v)) 2323 struct wpi_softc *sc = ic->ic_ifp->if_softc; 2324 const struct wmeParams *wmep; 2325 struct wpi_wme_setup wme; 2326 int ac; 2327 2328 /* don't override default WME values if WME is not actually enabled */ 2329 if (!(ic->ic_flags & IEEE80211_F_WME)) 2330 return 0; 2331 2332 wme.flags = 0; 2333 for (ac = 0; ac < WME_NUM_AC; ac++) { 2334 wmep = &ic->ic_wme.wme_chanParams.cap_wmeParams[ac]; 2335 wme.ac[ac].aifsn = wmep->wmep_aifsn; 2336 wme.ac[ac].cwmin = WPI_EXP2(wmep->wmep_logcwmin); 2337 wme.ac[ac].cwmax = WPI_EXP2(wmep->wmep_logcwmax); 2338 wme.ac[ac].txop = WPI_USEC(wmep->wmep_txopLimit); 2339 2340 DPRINTF(("setting WME for queue %d aifsn=%d cwmin=%d cwmax=%d " 2341 "txop=%d\n", ac, wme.ac[ac].aifsn, wme.ac[ac].cwmin, 2342 wme.ac[ac].cwmax, wme.ac[ac].txop)); 2343 } 2344 2345 return wpi_cmd(sc, WPI_CMD_SET_WME, &wme, sizeof wme, 1); 2346 #undef WPI_USEC 2347 #undef WPI_EXP2 2348 } 2349 2350 /* 2351 * Configure h/w multi-rate retries. 2352 */ 2353 static int 2354 wpi_mrr_setup(struct wpi_softc *sc) 2355 { 2356 struct ieee80211com *ic = &sc->sc_ic; 2357 struct wpi_mrr_setup mrr; 2358 int i, error; 2359 2360 /* CCK rates (not used with 802.11a) */ 2361 for (i = WPI_CCK1; i <= WPI_CCK11; i++) { 2362 mrr.rates[i].flags = 0; 2363 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2364 /* fallback to the immediate lower CCK rate (if any) */ 2365 mrr.rates[i].next = (i == WPI_CCK1) ? WPI_CCK1 : i - 1; 2366 /* try one time at this rate before falling back to "next" */ 2367 mrr.rates[i].ntries = 1; 2368 } 2369 2370 /* OFDM rates (not used with 802.11b) */ 2371 for (i = WPI_OFDM6; i <= WPI_OFDM54; i++) { 2372 mrr.rates[i].flags = 0; 2373 mrr.rates[i].plcp = wpi_ridx_to_plcp[i]; 2374 /* fallback to the immediate lower rate (if any) */ 2375 /* we allow fallback from OFDM/6 to CCK/2 in 11b/g mode */ 2376 mrr.rates[i].next = (i == WPI_OFDM6) ? 2377 ((ic->ic_curmode == IEEE80211_MODE_11A) ? 2378 WPI_OFDM6 : WPI_CCK2) : 2379 i - 1; 2380 /* try one time at this rate before falling back to "next" */ 2381 mrr.rates[i].ntries = 1; 2382 } 2383 2384 /* setup MRR for control frames */ 2385 mrr.which = htole32(WPI_MRR_CTL); 2386 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2387 if (error != 0) { 2388 aprint_error("%s: could not setup MRR for control frames\n", 2389 sc->sc_dev.dv_xname); 2390 return error; 2391 } 2392 2393 /* setup MRR for data frames */ 2394 mrr.which = htole32(WPI_MRR_DATA); 2395 error = wpi_cmd(sc, WPI_CMD_MRR_SETUP, &mrr, sizeof mrr, 0); 2396 if (error != 0) { 2397 aprint_error("%s: could not setup MRR for data frames\n", 2398 sc->sc_dev.dv_xname); 2399 return error; 2400 } 2401 2402 return 0; 2403 } 2404 2405 static void 2406 wpi_set_led(struct wpi_softc *sc, uint8_t which, uint8_t off, uint8_t on) 2407 { 2408 struct wpi_cmd_led led; 2409 2410 led.which = which; 2411 led.unit = htole32(100000); /* on/off in unit of 100ms */ 2412 led.off = off; 2413 led.on = on; 2414 2415 (void)wpi_cmd(sc, WPI_CMD_SET_LED, &led, sizeof led, 1); 2416 } 2417 2418 static void 2419 wpi_enable_tsf(struct wpi_softc *sc, struct ieee80211_node *ni) 2420 { 2421 struct wpi_cmd_tsf tsf; 2422 uint64_t val, mod; 2423 2424 memset(&tsf, 0, sizeof tsf); 2425 memcpy(&tsf.tstamp, ni->ni_tstamp.data, 8); 2426 tsf.bintval = htole16(ni->ni_intval); 2427 tsf.lintval = htole16(10); 2428 2429 /* compute remaining time until next beacon */ 2430 val = (uint64_t)ni->ni_intval * 1024; /* msecs -> usecs */ 2431 mod = le64toh(tsf.tstamp) % val; 2432 tsf.binitval = htole32((uint32_t)(val - mod)); 2433 2434 DPRINTF(("TSF bintval=%u tstamp=%" PRId64 ", init=%u\n", 2435 ni->ni_intval, le64toh(tsf.tstamp), (uint32_t)(val - mod))); 2436 2437 if (wpi_cmd(sc, WPI_CMD_TSF, &tsf, sizeof tsf, 1) != 0) 2438 aprint_error("%s: could not enable TSF\n", sc->sc_dev.dv_xname); 2439 } 2440 2441 /* 2442 * Update Tx power to match what is defined for channel `c'. 2443 */ 2444 static int 2445 wpi_set_txpower(struct wpi_softc *sc, struct ieee80211_channel *c, int async) 2446 { 2447 struct ieee80211com *ic = &sc->sc_ic; 2448 struct wpi_power_group *group; 2449 struct wpi_cmd_txpower txpower; 2450 u_int chan; 2451 int i; 2452 2453 /* get channel number */ 2454 chan = ieee80211_chan2ieee(ic, c); 2455 2456 /* find the power group to which this channel belongs */ 2457 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2458 for (group = &sc->groups[1]; group < &sc->groups[4]; group++) 2459 if (chan <= group->chan) 2460 break; 2461 } else 2462 group = &sc->groups[0]; 2463 2464 memset(&txpower, 0, sizeof txpower); 2465 txpower.band = IEEE80211_IS_CHAN_5GHZ(c) ? 0 : 1; 2466 txpower.chan = htole16(chan); 2467 2468 /* set Tx power for all OFDM and CCK rates */ 2469 for (i = 0; i <= 11 ; i++) { 2470 /* retrieve Tx power for this channel/rate combination */ 2471 int idx = wpi_get_power_index(sc, group, c, 2472 wpi_ridx_to_rate[i]); 2473 2474 txpower.rates[i].plcp = wpi_ridx_to_plcp[i]; 2475 2476 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2477 txpower.rates[i].rf_gain = wpi_rf_gain_5ghz[idx]; 2478 txpower.rates[i].dsp_gain = wpi_dsp_gain_5ghz[idx]; 2479 } else { 2480 txpower.rates[i].rf_gain = wpi_rf_gain_2ghz[idx]; 2481 txpower.rates[i].dsp_gain = wpi_dsp_gain_2ghz[idx]; 2482 } 2483 DPRINTF(("chan %d/rate %d: power index %d\n", chan, 2484 wpi_ridx_to_rate[i], idx)); 2485 } 2486 2487 return wpi_cmd(sc, WPI_CMD_TXPOWER, &txpower, sizeof txpower, async); 2488 } 2489 2490 /* 2491 * Determine Tx power index for a given channel/rate combination. 2492 * This takes into account the regulatory information from EEPROM and the 2493 * current temperature. 2494 */ 2495 static int 2496 wpi_get_power_index(struct wpi_softc *sc, struct wpi_power_group *group, 2497 struct ieee80211_channel *c, int rate) 2498 { 2499 /* fixed-point arithmetic division using a n-bit fractional part */ 2500 #define fdivround(a, b, n) \ 2501 ((((1 << n) * (a)) / (b) + (1 << n) / 2) / (1 << n)) 2502 2503 /* linear interpolation */ 2504 #define interpolate(x, x1, y1, x2, y2, n) \ 2505 ((y1) + fdivround(((x) - (x1)) * ((y2) - (y1)), (x2) - (x1), n)) 2506 2507 struct ieee80211com *ic = &sc->sc_ic; 2508 struct wpi_power_sample *sample; 2509 int pwr, idx; 2510 u_int chan; 2511 2512 /* get channel number */ 2513 chan = ieee80211_chan2ieee(ic, c); 2514 2515 /* default power is group's maximum power - 3dB */ 2516 pwr = group->maxpwr / 2; 2517 2518 /* decrease power for highest OFDM rates to reduce distortion */ 2519 switch (rate) { 2520 case 72: /* 36Mb/s */ 2521 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 0 : 5; 2522 break; 2523 case 96: /* 48Mb/s */ 2524 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 7 : 10; 2525 break; 2526 case 108: /* 54Mb/s */ 2527 pwr -= IEEE80211_IS_CHAN_2GHZ(c) ? 9 : 12; 2528 break; 2529 } 2530 2531 /* never exceed channel's maximum allowed Tx power */ 2532 pwr = min(pwr, sc->maxpwr[chan]); 2533 2534 /* retrieve power index into gain tables from samples */ 2535 for (sample = group->samples; sample < &group->samples[3]; sample++) 2536 if (pwr > sample[1].power) 2537 break; 2538 /* fixed-point linear interpolation using a 19-bit fractional part */ 2539 idx = interpolate(pwr, sample[0].power, sample[0].index, 2540 sample[1].power, sample[1].index, 19); 2541 2542 /* 2543 * Adjust power index based on current temperature: 2544 * - if cooler than factory-calibrated: decrease output power 2545 * - if warmer than factory-calibrated: increase output power 2546 */ 2547 idx -= (sc->temp - group->temp) * 11 / 100; 2548 2549 /* decrease power for CCK rates (-5dB) */ 2550 if (!WPI_RATE_IS_OFDM(rate)) 2551 idx += 10; 2552 2553 /* keep power index in a valid range */ 2554 if (idx < 0) 2555 return 0; 2556 if (idx > WPI_MAX_PWR_INDEX) 2557 return WPI_MAX_PWR_INDEX; 2558 return idx; 2559 2560 #undef interpolate 2561 #undef fdivround 2562 } 2563 2564 /* 2565 * Build a beacon frame that the firmware will broadcast periodically in 2566 * IBSS or HostAP modes. 2567 */ 2568 static int 2569 wpi_setup_beacon(struct wpi_softc *sc, struct ieee80211_node *ni) 2570 { 2571 struct ieee80211com *ic = &sc->sc_ic; 2572 struct wpi_tx_ring *ring = &sc->cmdq; 2573 struct wpi_tx_desc *desc; 2574 struct wpi_tx_data *data; 2575 struct wpi_tx_cmd *cmd; 2576 struct wpi_cmd_beacon *bcn; 2577 struct ieee80211_beacon_offsets bo; 2578 struct mbuf *m0; 2579 int error; 2580 2581 desc = &ring->desc[ring->cur]; 2582 data = &ring->data[ring->cur]; 2583 2584 m0 = ieee80211_beacon_alloc(ic, ni, &bo); 2585 if (m0 == NULL) { 2586 aprint_error("%s: could not allocate beacon frame\n", 2587 sc->sc_dev.dv_xname); 2588 return ENOMEM; 2589 } 2590 2591 cmd = &ring->cmd[ring->cur]; 2592 cmd->code = WPI_CMD_SET_BEACON; 2593 cmd->flags = 0; 2594 cmd->qid = ring->qid; 2595 cmd->idx = ring->cur; 2596 2597 bcn = (struct wpi_cmd_beacon *)cmd->data; 2598 memset(bcn, 0, sizeof (struct wpi_cmd_beacon)); 2599 bcn->id = WPI_ID_BROADCAST; 2600 bcn->ofdm_mask = 0xff; 2601 bcn->cck_mask = 0x0f; 2602 bcn->lifetime = htole32(WPI_LIFETIME_INFINITE); 2603 bcn->len = htole16(m0->m_pkthdr.len); 2604 bcn->rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2605 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2606 bcn->flags = htole32(WPI_TX_AUTO_SEQ | WPI_TX_INSERT_TSTAMP); 2607 2608 /* save and trim IEEE802.11 header */ 2609 m_copydata(m0, 0, sizeof (struct ieee80211_frame), (void *)&bcn->wh); 2610 m_adj(m0, sizeof (struct ieee80211_frame)); 2611 2612 /* assume beacon frame is contiguous */ 2613 error = bus_dmamap_load_mbuf(sc->sc_dmat, data->map, m0, 2614 BUS_DMA_READ | BUS_DMA_NOWAIT); 2615 if (error) { 2616 aprint_error("%s: could not map beacon\n", sc->sc_dev.dv_xname); 2617 m_freem(m0); 2618 return error; 2619 } 2620 2621 data->m = m0; 2622 2623 /* first scatter/gather segment is used by the beacon command */ 2624 desc->flags = htole32(WPI_PAD32(m0->m_pkthdr.len) << 28 | 2 << 24); 2625 desc->segs[0].addr = htole32(ring->cmd_dma.paddr + 2626 ring->cur * sizeof (struct wpi_tx_cmd)); 2627 desc->segs[0].len = htole32(4 + sizeof (struct wpi_cmd_beacon)); 2628 desc->segs[1].addr = htole32(data->map->dm_segs[0].ds_addr); 2629 desc->segs[1].len = htole32(data->map->dm_segs[0].ds_len); 2630 2631 /* kick cmd ring */ 2632 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2633 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2634 2635 return 0; 2636 } 2637 2638 static int 2639 wpi_auth(struct wpi_softc *sc) 2640 { 2641 struct ieee80211com *ic = &sc->sc_ic; 2642 struct ieee80211_node *ni = ic->ic_bss; 2643 struct wpi_node_info node; 2644 int error; 2645 2646 /* update adapter's configuration */ 2647 IEEE80211_ADDR_COPY(sc->config.bssid, ni->ni_bssid); 2648 sc->config.chan = ieee80211_chan2ieee(ic, ni->ni_chan); 2649 sc->config.flags = htole32(WPI_CONFIG_TSF); 2650 if (IEEE80211_IS_CHAN_2GHZ(ni->ni_chan)) { 2651 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2652 WPI_CONFIG_24GHZ); 2653 } 2654 switch (ic->ic_curmode) { 2655 case IEEE80211_MODE_11A: 2656 sc->config.cck_mask = 0; 2657 sc->config.ofdm_mask = 0x15; 2658 break; 2659 case IEEE80211_MODE_11B: 2660 sc->config.cck_mask = 0x03; 2661 sc->config.ofdm_mask = 0; 2662 break; 2663 default: /* assume 802.11b/g */ 2664 sc->config.cck_mask = 0x0f; 2665 sc->config.ofdm_mask = 0x15; 2666 } 2667 2668 DPRINTF(("config chan %d flags %x cck %x ofdm %x\n", sc->config.chan, 2669 sc->config.flags, sc->config.cck_mask, sc->config.ofdm_mask)); 2670 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2671 sizeof (struct wpi_config), 1); 2672 if (error != 0) { 2673 aprint_error("%s: could not configure\n", sc->sc_dev.dv_xname); 2674 return error; 2675 } 2676 2677 /* configuration has changed, set Tx power accordingly */ 2678 if ((error = wpi_set_txpower(sc, ni->ni_chan, 1)) != 0) { 2679 aprint_error("%s: could not set Tx power\n", sc->sc_dev.dv_xname); 2680 return error; 2681 } 2682 2683 /* add default node */ 2684 memset(&node, 0, sizeof node); 2685 IEEE80211_ADDR_COPY(node.bssid, ni->ni_bssid); 2686 node.id = WPI_ID_BSS; 2687 node.rate = (ic->ic_curmode == IEEE80211_MODE_11A) ? 2688 wpi_plcp_signal(12) : wpi_plcp_signal(2); 2689 node.action = htole32(WPI_ACTION_SET_RATE); 2690 node.antenna = WPI_ANTENNA_BOTH; 2691 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 1); 2692 if (error != 0) { 2693 aprint_error("%s: could not add BSS node\n", sc->sc_dev.dv_xname); 2694 return error; 2695 } 2696 2697 return 0; 2698 } 2699 2700 /* 2701 * Send a scan request to the firmware. Since this command is huge, we map it 2702 * into a mbuf instead of using the pre-allocated set of commands. 2703 */ 2704 static int 2705 wpi_scan(struct wpi_softc *sc, uint16_t flags) 2706 { 2707 struct ieee80211com *ic = &sc->sc_ic; 2708 struct wpi_tx_ring *ring = &sc->cmdq; 2709 struct wpi_tx_desc *desc; 2710 struct wpi_tx_data *data; 2711 struct wpi_tx_cmd *cmd; 2712 struct wpi_scan_hdr *hdr; 2713 struct wpi_scan_chan *chan; 2714 struct ieee80211_frame *wh; 2715 struct ieee80211_rateset *rs; 2716 struct ieee80211_channel *c; 2717 enum ieee80211_phymode mode; 2718 uint8_t *frm; 2719 int nrates, pktlen, error; 2720 2721 desc = &ring->desc[ring->cur]; 2722 data = &ring->data[ring->cur]; 2723 2724 MGETHDR(data->m, M_DONTWAIT, MT_DATA); 2725 if (data->m == NULL) { 2726 aprint_error("%s: could not allocate mbuf for scan command\n", 2727 sc->sc_dev.dv_xname); 2728 return ENOMEM; 2729 } 2730 2731 MCLGET(data->m, M_DONTWAIT); 2732 if (!(data->m->m_flags & M_EXT)) { 2733 m_freem(data->m); 2734 data->m = NULL; 2735 aprint_error("%s: could not allocate mbuf for scan command\n", 2736 sc->sc_dev.dv_xname); 2737 return ENOMEM; 2738 } 2739 2740 cmd = mtod(data->m, struct wpi_tx_cmd *); 2741 cmd->code = WPI_CMD_SCAN; 2742 cmd->flags = 0; 2743 cmd->qid = ring->qid; 2744 cmd->idx = ring->cur; 2745 2746 hdr = (struct wpi_scan_hdr *)cmd->data; 2747 memset(hdr, 0, sizeof (struct wpi_scan_hdr)); 2748 hdr->txflags = htole32(WPI_TX_AUTO_SEQ); 2749 hdr->id = WPI_ID_BROADCAST; 2750 hdr->lifetime = htole32(WPI_LIFETIME_INFINITE); 2751 2752 /* 2753 * Move to the next channel if no packets are received within 5 msecs 2754 * after sending the probe request (this helps to reduce the duration 2755 * of active scans). 2756 */ 2757 hdr->quiet = htole16(5); /* timeout in milliseconds */ 2758 hdr->plcp_threshold = htole16(1); /* min # of packets */ 2759 2760 if (flags & IEEE80211_CHAN_A) { 2761 hdr->crc_threshold = htole16(1); 2762 /* send probe requests at 6Mbps */ 2763 hdr->rate = wpi_plcp_signal(12); 2764 } else { 2765 hdr->flags = htole32(WPI_CONFIG_24GHZ | WPI_CONFIG_AUTO); 2766 /* send probe requests at 1Mbps */ 2767 hdr->rate = wpi_plcp_signal(2); 2768 } 2769 2770 /* for directed scans, firmware inserts the essid IE itself */ 2771 hdr->essid[0].id = IEEE80211_ELEMID_SSID; 2772 hdr->essid[0].len = ic->ic_des_esslen; 2773 memcpy(hdr->essid[0].data, ic->ic_des_essid, ic->ic_des_esslen); 2774 2775 /* 2776 * Build a probe request frame. Most of the following code is a 2777 * copy & paste of what is done in net80211. 2778 */ 2779 wh = (struct ieee80211_frame *)(hdr + 1); 2780 wh->i_fc[0] = IEEE80211_FC0_VERSION_0 | IEEE80211_FC0_TYPE_MGT | 2781 IEEE80211_FC0_SUBTYPE_PROBE_REQ; 2782 wh->i_fc[1] = IEEE80211_FC1_DIR_NODS; 2783 IEEE80211_ADDR_COPY(wh->i_addr1, etherbroadcastaddr); 2784 IEEE80211_ADDR_COPY(wh->i_addr2, ic->ic_myaddr); 2785 IEEE80211_ADDR_COPY(wh->i_addr3, etherbroadcastaddr); 2786 *(u_int16_t *)&wh->i_dur[0] = 0; /* filled by h/w */ 2787 *(u_int16_t *)&wh->i_seq[0] = 0; /* filled by h/w */ 2788 2789 frm = (uint8_t *)(wh + 1); 2790 2791 /* add empty essid IE (firmware generates it for directed scans) */ 2792 *frm++ = IEEE80211_ELEMID_SSID; 2793 *frm++ = 0; 2794 2795 mode = ieee80211_chan2mode(ic, ic->ic_ibss_chan); 2796 rs = &ic->ic_sup_rates[mode]; 2797 2798 /* add supported rates IE */ 2799 *frm++ = IEEE80211_ELEMID_RATES; 2800 nrates = rs->rs_nrates; 2801 if (nrates > IEEE80211_RATE_SIZE) 2802 nrates = IEEE80211_RATE_SIZE; 2803 *frm++ = nrates; 2804 memcpy(frm, rs->rs_rates, nrates); 2805 frm += nrates; 2806 2807 /* add supported xrates IE */ 2808 if (rs->rs_nrates > IEEE80211_RATE_SIZE) { 2809 nrates = rs->rs_nrates - IEEE80211_RATE_SIZE; 2810 *frm++ = IEEE80211_ELEMID_XRATES; 2811 *frm++ = nrates; 2812 memcpy(frm, rs->rs_rates + IEEE80211_RATE_SIZE, nrates); 2813 frm += nrates; 2814 } 2815 2816 /* setup length of probe request */ 2817 hdr->paylen = htole16(frm - (uint8_t *)wh); 2818 2819 chan = (struct wpi_scan_chan *)frm; 2820 for (c = &ic->ic_channels[1]; 2821 c <= &ic->ic_channels[IEEE80211_CHAN_MAX]; c++) { 2822 if ((c->ic_flags & flags) != flags) 2823 continue; 2824 2825 chan->chan = ieee80211_chan2ieee(ic, c); 2826 chan->flags = 0; 2827 if (!(c->ic_flags & IEEE80211_CHAN_PASSIVE)) { 2828 chan->flags |= WPI_CHAN_ACTIVE; 2829 if (ic->ic_des_esslen != 0) 2830 chan->flags |= WPI_CHAN_DIRECT; 2831 } 2832 chan->dsp_gain = 0x6e; 2833 if (IEEE80211_IS_CHAN_5GHZ(c)) { 2834 chan->rf_gain = 0x3b; 2835 chan->active = htole16(10); 2836 chan->passive = htole16(110); 2837 } else { 2838 chan->rf_gain = 0x28; 2839 chan->active = htole16(20); 2840 chan->passive = htole16(120); 2841 } 2842 hdr->nchan++; 2843 chan++; 2844 2845 frm += sizeof (struct wpi_scan_chan); 2846 } 2847 hdr->len = htole16(frm - (uint8_t *)hdr); 2848 pktlen = frm - (uint8_t *)cmd; 2849 2850 error = bus_dmamap_load(sc->sc_dmat, data->map, cmd, pktlen, 2851 NULL, BUS_DMA_NOWAIT); 2852 if (error) { 2853 aprint_error("%s: could not map scan command\n", 2854 sc->sc_dev.dv_xname); 2855 m_freem(data->m); 2856 data->m = NULL; 2857 return error; 2858 } 2859 2860 desc->flags = htole32(WPI_PAD32(pktlen) << 28 | 1 << 24); 2861 desc->segs[0].addr = htole32(data->map->dm_segs[0].ds_addr); 2862 desc->segs[0].len = htole32(data->map->dm_segs[0].ds_len); 2863 2864 /* kick cmd ring */ 2865 ring->cur = (ring->cur + 1) % WPI_CMD_RING_COUNT; 2866 WPI_WRITE(sc, WPI_TX_WIDX, ring->qid << 8 | ring->cur); 2867 2868 return 0; /* will be notified async. of failure/success */ 2869 } 2870 2871 static int 2872 wpi_config(struct wpi_softc *sc) 2873 { 2874 struct ieee80211com *ic = &sc->sc_ic; 2875 struct ifnet *ifp = ic->ic_ifp; 2876 struct wpi_power power; 2877 struct wpi_bluetooth bluetooth; 2878 struct wpi_node_info node; 2879 int error; 2880 2881 memset(&power, 0, sizeof power); 2882 power.flags = htole32(WPI_POWER_CAM | 0x8); 2883 error = wpi_cmd(sc, WPI_CMD_SET_POWER_MODE, &power, sizeof power, 0); 2884 if (error != 0) { 2885 aprint_error("%s: could not set power mode\n", 2886 sc->sc_dev.dv_xname); 2887 return error; 2888 } 2889 2890 /* configure bluetooth coexistence */ 2891 memset(&bluetooth, 0, sizeof bluetooth); 2892 bluetooth.flags = 3; 2893 bluetooth.lead = 0xaa; 2894 bluetooth.kill = 1; 2895 error = wpi_cmd(sc, WPI_CMD_BLUETOOTH, &bluetooth, sizeof bluetooth, 2896 0); 2897 if (error != 0) { 2898 aprint_error( 2899 "%s: could not configure bluetooth coexistence\n", 2900 sc->sc_dev.dv_xname); 2901 return error; 2902 } 2903 2904 /* configure adapter */ 2905 memset(&sc->config, 0, sizeof (struct wpi_config)); 2906 IEEE80211_ADDR_COPY(ic->ic_myaddr, LLADDR(ifp->if_sadl)); 2907 IEEE80211_ADDR_COPY(sc->config.myaddr, ic->ic_myaddr); 2908 /*set default channel*/ 2909 sc->config.chan = ieee80211_chan2ieee(ic, ic->ic_ibss_chan); 2910 sc->config.flags = htole32(WPI_CONFIG_TSF); 2911 if (IEEE80211_IS_CHAN_2GHZ(ic->ic_ibss_chan)) { 2912 sc->config.flags |= htole32(WPI_CONFIG_AUTO | 2913 WPI_CONFIG_24GHZ); 2914 } 2915 sc->config.filter = 0; 2916 switch (ic->ic_opmode) { 2917 case IEEE80211_M_STA: 2918 sc->config.mode = WPI_MODE_STA; 2919 sc->config.filter |= htole32(WPI_FILTER_MULTICAST); 2920 break; 2921 case IEEE80211_M_IBSS: 2922 case IEEE80211_M_AHDEMO: 2923 sc->config.mode = WPI_MODE_IBSS; 2924 break; 2925 case IEEE80211_M_HOSTAP: 2926 sc->config.mode = WPI_MODE_HOSTAP; 2927 break; 2928 case IEEE80211_M_MONITOR: 2929 sc->config.mode = WPI_MODE_MONITOR; 2930 sc->config.filter |= htole32(WPI_FILTER_MULTICAST | 2931 WPI_FILTER_CTL | WPI_FILTER_PROMISC); 2932 break; 2933 } 2934 sc->config.cck_mask = 0x0f; /* not yet negotiated */ 2935 sc->config.ofdm_mask = 0xff; /* not yet negotiated */ 2936 error = wpi_cmd(sc, WPI_CMD_CONFIGURE, &sc->config, 2937 sizeof (struct wpi_config), 0); 2938 if (error != 0) { 2939 aprint_error("%s: configure command failed\n", 2940 sc->sc_dev.dv_xname); 2941 return error; 2942 } 2943 2944 /* configuration has changed, set Tx power accordingly */ 2945 if ((error = wpi_set_txpower(sc, ic->ic_ibss_chan, 0)) != 0) { 2946 aprint_error("%s: could not set Tx power\n", sc->sc_dev.dv_xname); 2947 return error; 2948 } 2949 2950 /* add broadcast node */ 2951 memset(&node, 0, sizeof node); 2952 IEEE80211_ADDR_COPY(node.bssid, etherbroadcastaddr); 2953 node.id = WPI_ID_BROADCAST; 2954 node.rate = wpi_plcp_signal(2); 2955 node.action = htole32(WPI_ACTION_SET_RATE); 2956 node.antenna = WPI_ANTENNA_BOTH; 2957 error = wpi_cmd(sc, WPI_CMD_ADD_NODE, &node, sizeof node, 0); 2958 if (error != 0) { 2959 aprint_error("%s: could not add broadcast node\n", 2960 sc->sc_dev.dv_xname); 2961 return error; 2962 } 2963 2964 if ((error = wpi_mrr_setup(sc)) != 0) { 2965 aprint_error("%s: could not setup MRR\n", sc->sc_dev.dv_xname); 2966 return error; 2967 } 2968 2969 return 0; 2970 } 2971 2972 static void 2973 wpi_stop_master(struct wpi_softc *sc) 2974 { 2975 uint32_t tmp; 2976 int ntries; 2977 2978 tmp = WPI_READ(sc, WPI_RESET); 2979 WPI_WRITE(sc, WPI_RESET, tmp | WPI_STOP_MASTER); 2980 2981 tmp = WPI_READ(sc, WPI_GPIO_CTL); 2982 if ((tmp & WPI_GPIO_PWR_STATUS) == WPI_GPIO_PWR_SLEEP) 2983 return; /* already asleep */ 2984 2985 for (ntries = 0; ntries < 100; ntries++) { 2986 if (WPI_READ(sc, WPI_RESET) & WPI_MASTER_DISABLED) 2987 break; 2988 DELAY(10); 2989 } 2990 if (ntries == 100) { 2991 aprint_error("%s: timeout waiting for master\n", 2992 sc->sc_dev.dv_xname); 2993 } 2994 } 2995 2996 static int 2997 wpi_power_up(struct wpi_softc *sc) 2998 { 2999 uint32_t tmp; 3000 int ntries; 3001 3002 wpi_mem_lock(sc); 3003 tmp = wpi_mem_read(sc, WPI_MEM_POWER); 3004 wpi_mem_write(sc, WPI_MEM_POWER, tmp & ~0x03000000); 3005 wpi_mem_unlock(sc); 3006 3007 for (ntries = 0; ntries < 5000; ntries++) { 3008 if (WPI_READ(sc, WPI_GPIO_STATUS) & WPI_POWERED) 3009 break; 3010 DELAY(10); 3011 } 3012 if (ntries == 5000) { 3013 aprint_error("%s: timeout waiting for NIC to power up\n", 3014 sc->sc_dev.dv_xname); 3015 return ETIMEDOUT; 3016 } 3017 return 0; 3018 } 3019 3020 static int 3021 wpi_reset(struct wpi_softc *sc) 3022 { 3023 uint32_t tmp; 3024 int ntries; 3025 3026 /* clear any pending interrupts */ 3027 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3028 3029 tmp = WPI_READ(sc, WPI_PLL_CTL); 3030 WPI_WRITE(sc, WPI_PLL_CTL, tmp | WPI_PLL_INIT); 3031 3032 tmp = WPI_READ(sc, WPI_CHICKEN); 3033 WPI_WRITE(sc, WPI_CHICKEN, tmp | WPI_CHICKEN_RXNOLOS); 3034 3035 tmp = WPI_READ(sc, WPI_GPIO_CTL); 3036 WPI_WRITE(sc, WPI_GPIO_CTL, tmp | WPI_GPIO_INIT); 3037 3038 /* wait for clock stabilization */ 3039 for (ntries = 0; ntries < 1000; ntries++) { 3040 if (WPI_READ(sc, WPI_GPIO_CTL) & WPI_GPIO_CLOCK) 3041 break; 3042 DELAY(10); 3043 } 3044 if (ntries == 1000) { 3045 aprint_error("%s: timeout waiting for clock stabilization\n", 3046 sc->sc_dev.dv_xname); 3047 return ETIMEDOUT; 3048 } 3049 3050 /* initialize EEPROM */ 3051 tmp = WPI_READ(sc, WPI_EEPROM_STATUS); 3052 if ((tmp & WPI_EEPROM_VERSION) == 0) { 3053 aprint_error("%s: EEPROM not found\n", sc->sc_dev.dv_xname); 3054 return EIO; 3055 } 3056 WPI_WRITE(sc, WPI_EEPROM_STATUS, tmp & ~WPI_EEPROM_LOCKED); 3057 3058 return 0; 3059 } 3060 3061 static void 3062 wpi_hw_config(struct wpi_softc *sc) 3063 { 3064 uint32_t rev, hw; 3065 3066 /* voodoo from the reference driver */ 3067 hw = WPI_READ(sc, WPI_HWCONFIG); 3068 3069 rev = pci_conf_read(sc->sc_pct, sc->sc_pcitag, PCI_CLASS_REG); 3070 rev = PCI_REVISION(rev); 3071 if ((rev & 0xc0) == 0x40) 3072 hw |= WPI_HW_ALM_MB; 3073 else if (!(rev & 0x80)) 3074 hw |= WPI_HW_ALM_MM; 3075 3076 if (sc->cap == 0x80) 3077 hw |= WPI_HW_SKU_MRC; 3078 3079 hw &= ~WPI_HW_REV_D; 3080 if ((le16toh(sc->rev) & 0xf0) == 0xd0) 3081 hw |= WPI_HW_REV_D; 3082 3083 if (sc->type > 1) 3084 hw |= WPI_HW_TYPE_B; 3085 3086 DPRINTF(("setting h/w config %x\n", hw)); 3087 WPI_WRITE(sc, WPI_HWCONFIG, hw); 3088 } 3089 3090 static int 3091 wpi_init(struct ifnet *ifp) 3092 { 3093 struct wpi_softc *sc = ifp->if_softc; 3094 struct ieee80211com *ic = &sc->sc_ic; 3095 uint32_t tmp; 3096 int qid, ntries, error; 3097 3098 wpi_stop(ifp,1); 3099 (void)wpi_reset(sc); 3100 3101 wpi_mem_lock(sc); 3102 wpi_mem_write(sc, WPI_MEM_CLOCK1, 0xa00); 3103 DELAY(20); 3104 tmp = wpi_mem_read(sc, WPI_MEM_PCIDEV); 3105 wpi_mem_write(sc, WPI_MEM_PCIDEV, tmp | 0x800); 3106 wpi_mem_unlock(sc); 3107 3108 (void)wpi_power_up(sc); 3109 wpi_hw_config(sc); 3110 3111 /* init Rx ring */ 3112 wpi_mem_lock(sc); 3113 WPI_WRITE(sc, WPI_RX_BASE, sc->rxq.desc_dma.paddr); 3114 WPI_WRITE(sc, WPI_RX_RIDX_PTR, sc->shared_dma.paddr + 3115 offsetof(struct wpi_shared, next)); 3116 WPI_WRITE(sc, WPI_RX_WIDX, (WPI_RX_RING_COUNT - 1) & ~7); 3117 WPI_WRITE(sc, WPI_RX_CONFIG, 0xa9601010); 3118 wpi_mem_unlock(sc); 3119 3120 /* init Tx rings */ 3121 wpi_mem_lock(sc); 3122 wpi_mem_write(sc, WPI_MEM_MODE, 2); /* bypass mode */ 3123 wpi_mem_write(sc, WPI_MEM_RA, 1); /* enable RA0 */ 3124 wpi_mem_write(sc, WPI_MEM_TXCFG, 0x3f); /* enable all 6 Tx rings */ 3125 wpi_mem_write(sc, WPI_MEM_BYPASS1, 0x10000); 3126 wpi_mem_write(sc, WPI_MEM_BYPASS2, 0x30002); 3127 wpi_mem_write(sc, WPI_MEM_MAGIC4, 4); 3128 wpi_mem_write(sc, WPI_MEM_MAGIC5, 5); 3129 3130 WPI_WRITE(sc, WPI_TX_BASE_PTR, sc->shared_dma.paddr); 3131 WPI_WRITE(sc, WPI_MSG_CONFIG, 0xffff05a5); 3132 3133 for (qid = 0; qid < 6; qid++) { 3134 WPI_WRITE(sc, WPI_TX_CTL(qid), 0); 3135 WPI_WRITE(sc, WPI_TX_BASE(qid), 0); 3136 WPI_WRITE(sc, WPI_TX_CONFIG(qid), 0x80200008); 3137 } 3138 wpi_mem_unlock(sc); 3139 3140 /* clear "radio off" and "disable command" bits (reversed logic) */ 3141 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3142 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_DISABLE_CMD); 3143 3144 /* clear any pending interrupts */ 3145 WPI_WRITE(sc, WPI_INTR, 0xffffffff); 3146 /* enable interrupts */ 3147 WPI_WRITE(sc, WPI_MASK, WPI_INTR_MASK); 3148 3149 /* not sure why/if this is necessary... */ 3150 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3151 WPI_WRITE(sc, WPI_UCODE_CLR, WPI_RADIO_OFF); 3152 3153 if ((error = wpi_load_firmware(sc)) != 0) { 3154 aprint_error("%s: could not load firmware\n", sc->sc_dev.dv_xname); 3155 goto fail1; 3156 } 3157 3158 /* wait for thermal sensors to calibrate */ 3159 for (ntries = 0; ntries < 1000; ntries++) { 3160 if ((sc->temp = (int)WPI_READ(sc, WPI_TEMPERATURE)) != 0) 3161 break; 3162 DELAY(10); 3163 } 3164 if (ntries == 1000) { 3165 aprint_error("%s: timeout waiting for thermal sensors calibration\n", 3166 sc->sc_dev.dv_xname); 3167 error = ETIMEDOUT; 3168 goto fail1; 3169 } 3170 3171 DPRINTF(("temperature %d\n", sc->temp)); 3172 3173 if ((error = wpi_config(sc)) != 0) { 3174 aprint_error("%s: could not configure device\n", 3175 sc->sc_dev.dv_xname); 3176 goto fail1; 3177 } 3178 3179 ifp->if_flags &= ~IFF_OACTIVE; 3180 ifp->if_flags |= IFF_RUNNING; 3181 3182 if (ic->ic_opmode != IEEE80211_M_MONITOR) { 3183 if (ic->ic_roaming != IEEE80211_ROAMING_MANUAL) 3184 ieee80211_new_state(ic, IEEE80211_S_SCAN, -1); 3185 } 3186 else 3187 ieee80211_new_state(ic, IEEE80211_S_RUN, -1); 3188 3189 return 0; 3190 3191 fail1: wpi_stop(ifp, 1); 3192 return error; 3193 } 3194 3195 3196 static void 3197 wpi_stop(struct ifnet *ifp, int disable) 3198 { 3199 struct wpi_softc *sc = ifp->if_softc; 3200 struct ieee80211com *ic = &sc->sc_ic; 3201 uint32_t tmp; 3202 int ac; 3203 3204 ifp->if_timer = sc->sc_tx_timer = 0; 3205 ifp->if_flags &= ~(IFF_RUNNING | IFF_OACTIVE); 3206 3207 ieee80211_new_state(ic, IEEE80211_S_INIT, -1); 3208 3209 /* disable interrupts */ 3210 WPI_WRITE(sc, WPI_MASK, 0); 3211 WPI_WRITE(sc, WPI_INTR, WPI_INTR_MASK); 3212 WPI_WRITE(sc, WPI_INTR_STATUS, 0xff); 3213 WPI_WRITE(sc, WPI_INTR_STATUS, 0x00070000); 3214 3215 wpi_mem_lock(sc); 3216 wpi_mem_write(sc, WPI_MEM_MODE, 0); 3217 wpi_mem_unlock(sc); 3218 3219 /* reset all Tx rings */ 3220 for (ac = 0; ac < 4; ac++) 3221 wpi_reset_tx_ring(sc, &sc->txq[ac]); 3222 wpi_reset_tx_ring(sc, &sc->cmdq); 3223 wpi_reset_tx_ring(sc, &sc->svcq); 3224 3225 /* reset Rx ring */ 3226 wpi_reset_rx_ring(sc, &sc->rxq); 3227 3228 wpi_mem_lock(sc); 3229 wpi_mem_write(sc, WPI_MEM_CLOCK2, 0x200); 3230 wpi_mem_unlock(sc); 3231 3232 DELAY(5); 3233 3234 wpi_stop_master(sc); 3235 3236 tmp = WPI_READ(sc, WPI_RESET); 3237 WPI_WRITE(sc, WPI_RESET, tmp | WPI_SW_RESET); 3238 } 3239
Indexes created Thu Oct 02 01:09:59 GMT 2025